[Snort-sigs] Bleedingsnort.com Daily Update

bleeding at ...2727... bleeding at ...2727...
Mon Jun 27 18:02:30 EDT 2005


[***] Results from Oinkmaster started Mon Jun 27 20:00:06 2005 [***]

[+++]          Added rules:          [+++]

 2002051 - BLEEDING-EDGE VIRUS Bagle.BQ - outbound (bleeding-virus.rules)
 2002052 - BLEEDING-EDGE VIRUS Bagle.BQ - incoming (bleeding-virus.rules)
 2002053 - BLEEDING-EDGE VIRUS Mytob.HF - outbound (bleeding-virus.rules)
 2002054 - BLEEDING-EDGE VIRUS Mytob.HF - incoming (bleeding-virus.rules)


[///]     Modified active rules:     [///]

 2001578 - BLEEDING-EDGE VIRUS Sober.I - outbound (bleeding-virus.rules)
 2001750 - BLEEDING-EDGE VIRUS Sober.K Worm - outgoing (bleeding-virus.rules)
 2001986 - BLEEDING-EDGE VIRUS Mytob.DI - outbound (bleeding-virus.rules)
 2002049 - BLEEDING-EDGE VIRUS Mytob.GC - outbound (bleeding-virus.rules)


[///]    Modified inactive rules:    [///]

 2001577 - BLEEDING-EDGE VIRUS Sober.I - incoming (bleeding-virus.rules)
 2001749 - BLEEDING-EDGE VIRUS Sober.K Worm - incoming (bleeding-virus.rules)
 2001903 - BLEEDING-EDGE WORM Sober.O Attachment Inbound (bleeding-virus.rules)
 2001914 - BLEEDING-EDGE VIRUS Possible Sober.P Inbound (bleeding-virus.rules)
 2001987 - BLEEDING-EDGE VIRUS Mytob.DI - incoming (bleeding-virus.rules)
 2002050 - BLEEDING-EDGE VIRUS Mytob.GC - incoming (bleeding-virus.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-sid-msg.map (8):
        2001986 || BLEEDING-EDGE VIRUS Mytob.DI - outbound || url,secunia.com/virus_information/18407/
        2001987 || BLEEDING-EDGE VIRUS Mytob.DI - incoming || url,secunia.com/virus_information/18407/
        2002049 || BLEEDING-EDGE VIRUS Mytob.GC - outbound || url,www.norman.com/Virus/Virus_descriptions/23458/en?show=default
        2002050 || BLEEDING-EDGE VIRUS Mytob.GC - incoming || url,www.norman.com/Virus/Virus_descriptions/23458/en?show=default
        2002051 || BLEEDING-EDGE VIRUS Bagle.BQ - outbound || url,secunia.com/virus_information/19194/
        2002052 || BLEEDING-EDGE VIRUS Bagle.BQ - incoming || url,secunia.com/virus_information/19194/
        2002053 || BLEEDING-EDGE VIRUS Mytob.HF - outbound || url,www.norman.com/Virus/Virus_descriptions/23458/en?show=default
        2002054 || BLEEDING-EDGE VIRUS Mytob.HF - incoming || url,www.norman.com/Virus/Virus_descriptions/23458/en?show=default

     -> Added to bleeding-virus.rules (3):
        #Submitted by Mark Scott, 6/26/2005, for Bagle.BQ
        #Mytob.HF
        #Submitted by Mark Scott, 6/26/2005, for Mytob.HF

[---]     Removed non-rule lines:    [---]

     -> Removed from bleeding-sid-msg.map (4):
        2001986 || Mytob.DI - outbound || url,secunia.com/virus_information/18407/
        2001987 || Mytob.DI - incoming || url,secunia.com/virus_information/18407/
        2002049 || Mytob.GC - outbound || url,www.norman.com/Virus/Virus_descriptions/23458/en?show=default
        2002050 || Mytob.GC - incoming || url,www.norman.com/Virus/Virus_descriptions/23458/en?show=default





More information about the Snort-sigs mailing list