[Snort-sigs] Bleedingsnort.com Daily Update

bleeding at ...2727... bleeding at ...2727...
Tue Aug 8 21:00:09 EDT 2006


[***] Results from Oinkmaster started Tue Aug  8 21:00:09 2006 [***]

[+++]          Added rules:          [+++]

 2003072 - BLEEDING-EDGE EXPLOIT Linksys WRT54g Authentication Bypass Attempt (bleeding-exploit.rules)
 2003073 - BLEEDING-EDGE TROJAN ICMP Banking Trojan sending encrypted stolen data (bleeding-virus.rules)


[///]     Modified active rules:     [///]

 2400000 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound (bleeding-drop.rules)
 2400001 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound (bleeding-drop.rules)
 2400002 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound (bleeding-drop.rules)
 2400003 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound (bleeding-drop.rules)
 2400004 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound (bleeding-drop.rules)
 2401000 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401001 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401002 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401003 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401004 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (bleeding-drop-BLOCK.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-sid-msg.map (2):
        2003072 || BLEEDING-EDGE EXPLOIT Linksys WRT54g Authentication Bypass Attempt || url,secunia.com/advisories/21372/
        2003073 || BLEEDING-EDGE TROJAN ICMP Banking Trojan sending encrypted stolen data || url,www.websensesecuritylabs.com/alerts/alert.php?AlertID=570

     -> Added to bleeding-virus.rules (1):
        #by Joe Stewart





More information about the Snort-sigs mailing list