[Snort-sigs] Bleedingsnort.com Daily Update

bleeding at ...2727... bleeding at ...2727...
Wed Jul 27 18:02:20 EDT 2005


[***] Results from Oinkmaster started Wed Jul 27 20:00:04 2005 [***]

[///]     Modified active rules:     [///]

 2000327 - BLEEDING-EDGE MALWARE Spyware 2020 (bleeding-malware.rules)
 2000598 - BLEEDING-EDGE MALWARE Altnet PeerPoints Manager Data Submission (bleeding-malware.rules)
 2000906 - BLEEDING-EDGE MALWARE Altnet PeerPoints Manager Start (bleeding-malware.rules)
 2000907 - BLEEDING-EDGE MALWARE Altnet PeerPoints Manager Settings Download (bleeding-malware.rules)
 2001226 - BLEEDING-EDGE MALWARE Unknown Advertising.com Agent (bleeding-malware.rules)
 2001228 - BLEEDING-EDGE MALWARE Unknown Advertising.com Data Post (bleeding-malware.rules)
 2001230 - BLEEDING-EDGE MALWARE Unknown Advertising.com Data Post (bleeding-malware.rules)
 2001441 - BLEEDING-EDGE MALWARE Abox Install Report (bleeding-malware.rules)
 2001447 - BLEEDING-EDGE MALWARE 2nd-thought (W32.Daqa.C) Download (bleeding-malware.rules)
 2001453 - BLEEDING-EDGE Malware Couponage Download (bleeding-malware.rules)
 2001454 - BLEEDING-EDGE Malware Couponage Configure (bleeding-malware.rules)
 2001455 - BLEEDING-EDGE Malware Couponage Reporting (bleeding-malware.rules)
 2001494 - BLEEDING-EDGE Malware Clickspring.net Spyware Reporting Successful Install (bleeding-malware.rules)
 2001500 - BLEEDING-EDGE Malware Clickspring.net Spyware Reporting (bleeding-malware.rules)
 2001501 - BLEEDING-EDGE MALWARE Clickspring.net Spyware Reporting (bleeding-malware.rules)
 2001521 - BLEEDING-EDGE MALWARE Spywaremover Activity (bleeding-malware.rules)
 2001655 - BLEEDING-EDGE Malware Comet Systems Spyware Traffic (bleeding-malware.rules)
 2002009 - BLEEDING-EDGE Malware ESyndicate Spyware Install (bleeding-malware.rules)
 2002010 - BLEEDING-EDGE Malware ESyndicate Spyware Install (bleeding-malware.rules)


[///]    Modified inactive rules:    [///]

 2001527 - BLEEDING-EDGE MALWARE Casalemedia Access, Likely Spyware (bleeding-malware.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-sid-msg.map (20):
        2000327 || BLEEDING-EDGE MALWARE Spyware 2020 || url,securityresponse.symantec.com/avcenter/venc/data/spyware.2020search.html
        2000598 || BLEEDING-EDGE MALWARE Altnet PeerPoints Manager Data Submission || url,securityresponse.symantec.com/avcenter/venc/data/adware.topsearch.html
        2000906 || BLEEDING-EDGE MALWARE Altnet PeerPoints Manager Start || url,securityresponse.symantec.com/avcenter/venc/data/adware.topsearch.html
        2000907 || BLEEDING-EDGE MALWARE Altnet PeerPoints Manager Settings Download || url,securityresponse.symantec.com/avcenter/venc/data/adware.topsearch.html
        2001226 || BLEEDING-EDGE MALWARE Unknown Advertising.com Agent || url,securityresponse.symantec.com/avcenter/venc/data/adware.fastseek.html
        2001228 || BLEEDING-EDGE MALWARE Unknown Advertising.com Data Post || url,securityresponse.symantec.com/avcenter/venc/data/adware.fastseek.html
        2001230 || BLEEDING-EDGE MALWARE Unknown Advertising.com Data Post || url,securityresponse.symantec.com/avcenter/venc/data/adware.fastseek.html
        2001441 || BLEEDING-EDGE MALWARE Abox Install Report || url,securityresponse.symantex.com/avcenter/venc/data/adware.adultbox.html
        2001447 || BLEEDING-EDGE MALWARE 2nd-thought (W32.Daqa.C) Download || url,securityresponse.symantec.com/avcenter/venc/data/adware.secondthought.html
        2001453 || BLEEDING-EDGE Malware Couponage Download || url,www3.ca.com/securityadvisor/pest/pest.aspx?id=453090725
        2001454 || BLEEDING-EDGE Malware Couponage Configure || url,www3.ca.com/securityadvisor/pest/pest.aspx?id=453090725
        2001455 || BLEEDING-EDGE Malware Couponage Reporting || url,www3.ca.com/securityadvisor/pest/pest.aspx?id=453090725
        2001494 || BLEEDING-EDGE Malware Clickspring.net Spyware Reporting Successful Install || url,www3.ca.com/securityadvisor/pest/pest.aspx?id=453082745
        2001500 || BLEEDING-EDGE Malware Clickspring.net Spyware Reporting || url,www3.ca.com/securityadvisor/pest/pest.aspx?id=453082745
        2001501 || BLEEDING-EDGE MALWARE Clickspring.net Spyware Reporting || url,sarc.com/avcenter/venc/data/adware.bargainbuddy.html
        2001521 || BLEEDING-EDGE MALWARE Spywaremover Activity || www3.ca.com/securityadvisor/pest/pest.aspx?id=453087903
        2001527 || BLEEDING-EDGE MALWARE Casalemedia Access, Likely Spyware || url,www3.ca.com/securityadvisor/pest/pest.aspx?id=453082755
        2001655 || BLEEDING-EDGE Malware Comet Systems Spyware Traffic || url,www3.ca.com/securityadvisor/pest/pest.aspx?id=453083029
        2002009 || BLEEDING-EDGE Malware ESyndicate Spyware Install || url,www3.ca.com/securityadvisor/pest/pest.aspx?id=453094058
        2002010 || BLEEDING-EDGE Malware ESyndicate Spyware Install || url,www3.ca.com/securityadvisor/pest/pest.aspx?id=453094058

[---]     Removed non-rule lines:    [---]

     -> Removed from bleeding-sid-msg.map (20):
        2000327 || BLEEDING-EDGE MALWARE Spyware 2020
        2000598 || BLEEDING-EDGE MALWARE Altnet PeerPoints Manager Data Submission
        2000906 || BLEEDING-EDGE MALWARE Altnet PeerPoints Manager Start
        2000907 || BLEEDING-EDGE MALWARE Altnet PeerPoints Manager Settings Download
        2001226 || BLEEDING-EDGE MALWARE Unknown Advertising.com Agent
        2001228 || BLEEDING-EDGE MALWARE Unknown Advertising.com Data Post
        2001230 || BLEEDING-EDGE MALWARE Unknown Advertising.com Data Post
        2001441 || BLEEDING-EDGE MALWARE Abox Install Report
        2001447 || BLEEDING-EDGE MALWARE 2nd-thought (W32.Daqa.C) Download
        2001453 || BLEEDING-EDGE Malware Couponage Download
        2001454 || BLEEDING-EDGE Malware Couponage Configure
        2001455 || BLEEDING-EDGE Malware Couponage Reporting
        2001494 || BLEEDING-EDGE Malware Clickspring.net Spyware Reporting Successful Install
        2001500 || BLEEDING-EDGE Malware Clickspring.net Spyware Reporting
        2001501 || BLEEDING-EDGE MALWARE Clickspring.net Spyware Reporting
        2001521 || BLEEDING-EDGE MALWARE Spywaremover Activity
        2001527 || BLEEDING-EDGE MALWARE Casalemedia Access, Likely Spyware
        2001655 || BLEEDING-EDGE Malware Comet Systems Spyware Traffic
        2002009 || BLEEDING-EDGE Malware ESyndicate Spyware Install
        2002010 || BLEEDING-EDGE Malware ESyndicate Spyware Install





More information about the Snort-sigs mailing list