[Snort-sigs] Bleedingsnort.com Daily Update

bleeding at ...2727... bleeding at ...2727...
Wed Aug 9 21:00:09 EDT 2006


[***] Results from Oinkmaster started Wed Aug  9 21:00:09 2006 [***]

[+++]          Added rules:          [+++]

 2003074 - BLEEDING-EDGE MALWARE Content-loader.com Spyware Install (bleeding-malware.rules)
 2003075 - BLEEDING-EDGE MALWARE Content-loader.com Spyware Install 2 (bleeding-malware.rules)
 2003076 - BLEEDING-EDGE MALWARE Content-loader.com (ownusa.info) Spyware Install (bleeding-malware.rules)
 2003077 - BLEEDING-EDGE EXPLOIT COM Object MS06-042 (group 1) (bleeding-exploit.rules)
 2003078 - BLEEDING-EDGE EXPLOIT COM Object MS06-042 (group 2) (bleeding-exploit.rules)
 2003079 - BLEEDING-EDGE EXPLOIT COM Object MS06-042 (group 3) (bleeding-exploit.rules)
 2003080 - BLEEDING-EDGE EXPLOIT COM Object MS06-042 (group 4) (bleeding-exploit.rules)


[///]     Modified active rules:     [///]

 2000930 - BLEEDING-EDGE MALWARE 180solutions Update Engine (bleeding-malware.rules)
 2001730 - BLEEDING-EDGE MALWARE A-d-w-a-r-e.com Activity (popup) (bleeding-malware.rules)
 2400000 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound (bleeding-drop.rules)
 2400001 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound (bleeding-drop.rules)
 2400002 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound (bleeding-drop.rules)
 2400003 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound (bleeding-drop.rules)
 2400004 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound (bleeding-drop.rules)
 2401000 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401001 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401002 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401003 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401004 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (bleeding-drop-BLOCK.rules)


[---]         Disabled rules:        [---]

 2000904 - BLEEDING-EDGE MALWARE Amex.Ipsrime.com Unknown Malware Download (bleeding-malware.rules)
 2002353 - BLEEDING-EDGE Malware AdultfriendFinder.com Spyware Iframe Download (bleeding-malware.rules)


[---]         Removed rules:         [---]

 2001528 - BLEEDING-EDGE MALWARE ak-networks.com Access, Likely Spyware (bleeding-malware.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-exploit.rules (1):
        #by shirkdog and Blake hartstein

     -> Added to bleeding-malware.rules (3):
        #Disabling, obsoleting. To be delleted in a month or so
        #Has been removed
        #To be deleted shortly

     -> Added to bleeding-sid-msg.map (7):
        2003074 || BLEEDING-EDGE MALWARE Content-loader.com Spyware Install
        2003075 || BLEEDING-EDGE MALWARE Content-loader.com Spyware Install 2
        2003076 || BLEEDING-EDGE MALWARE Content-loader.com (ownusa.info) Spyware Install
        2003077 || BLEEDING-EDGE EXPLOIT COM Object MS06-042 (group 1) || url,www.microsoft.com/technet/security/Bulletin/MS06-042.mspx || cve,2006-2127
        2003078 || BLEEDING-EDGE EXPLOIT COM Object MS06-042 (group 2) || url,www.microsoft.com/technet/security/Bulletin/MS06-042.mspx || cve,2006-2127
        2003079 || BLEEDING-EDGE EXPLOIT COM Object MS06-042 (group 3) || url,www.microsoft.com/technet/security/Bulletin/MS06-042.mspx || cve,2006-2127
        2003080 || BLEEDING-EDGE EXPLOIT COM Object MS06-042 (group 4) || url,www.microsoft.com/technet/security/Bulletin/MS06-042.mspx || cve,2006-2127

     -> Added to bleeding-virus.rules (1):
        # By Joe Stewart,  Based on valuable work by Tom Fisher

[---]     Removed non-rule lines:    [---]

     -> Removed from bleeding-sid-msg.map (1):
        2001528 || BLEEDING-EDGE MALWARE ak-networks.com Access, Likely Spyware

     -> Removed from bleeding-virus.rules (1):
        #by Joe Stewart





More information about the Snort-sigs mailing list