[Snort-sigs] Bleedingsnort.com Daily Update

bleeding at ...2727... bleeding at ...2727...
Tue Jan 24 17:01:02 EST 2006


[***] Results from Oinkmaster started Tue Jan 24 20:00:11 2006 [***]

[+++]          Added rules:          [+++]

 2002783 - BLEEDING-EDGE EXPLOIT Java runtime.exec() call (bleeding-exploit.rules)
 2002784 - BLEEDING-EDGE EXPLOIT Java private function call sun.misc.unsafe (bleeding-exploit.rules)
 2002785 - BLEEDING-EDGE EXPLOIT Java field reflector call java.lang.reflect.field (bleeding-exploit.rules)
 2002786 - BLEEDING-EDGE EXPLOIT Javascript unsafe applet call (bleeding-exploit.rules)
 2002787 - BLEEDING-EDGE EXPLOIT Javascript Securitymanager class applet call (bleeding-exploit.rules)
 2002788 - BLEEDING-EDGE VIRUS webstats.web.rcn.net count.cgi request without referrer (possible BlackWorm/Nyxem infection) (bleeding-virus.rules)
 2002789 - BLEEDING-EDGE VIRUS Agentless HTTP request to www.microsoft.com (possible BlackWorm/Nyxem infection) (bleeding-virus.rules)
 2002790 - BLEEDING-EDGE TROJAN Haxdoor Reporting User Activity (bleeding-virus.rules)
 2002791 - WEB MISC Computer Associates Negative Content-Length Buffer Overflow (bleeding-exploit.rules)


[+++]         Enabled rules:         [+++]

 2002746 - BLEEDING-EDGE POLICY HTTP-Response - gzip encoding and Server header missing (bleeding-policy.rules)


[+++]  Enabled and modified rules:   [+++]

 2002744 - BLEEDING-EDGE POLICY HTTP-Response - Missing Server header (bleeding-policy.rules)
 2002745 - BLEEDING-EDGE POLICY HTTP-Response - gzip encoding (bleeding-policy.rules)


[///]     Modified active rules:     [///]

 2002769 - BLEEDING-EDGE MALWARE Corpsespyware.net Distribution - studiolacase (bleeding-malware.rules)
 2002781 - BLEEDING-EDGE TROJAN w32agent.dsi Posting Info (bleeding-virus.rules)
 2002782 - BLEEDING-EDGE TROJAN w32agent.dsi Domain Update (bleeding-virus.rules)
 2400000 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 128.13.0.0/16 (bleeding-drop.rules)
 2400001 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 132.232.0.0/16 (bleeding-drop.rules)
 2400002 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 134.33.0.0/16 (bleeding-drop.rules)
 2400003 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 138.105.0.0/16 (bleeding-drop.rules)
 2400004 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 138.252.0.0/16 (bleeding-drop.rules)
 2400005 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 143.49.0.0/16 (bleeding-drop.rules)
 2400006 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 146.100.0.0/16 (bleeding-drop.rules)
 2400007 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 147.111.0.0/16 (bleeding-drop.rules)
 2400008 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 148.3.0.0/16 (bleeding-drop.rules)
 2400009 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 152.147.0.0/16 (bleeding-drop.rules)
 2400010 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 159.2.0.0/16 (bleeding-drop.rules)
 2400011 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 160.116.0.0/16 (bleeding-drop.rules)
 2400012 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 163.125.0.0/16 (bleeding-drop.rules)
 2400013 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 167.175.0.0/16 (bleeding-drop.rules)
 2400014 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 167.97.0.0/16 (bleeding-drop.rules)
 2400015 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 170.67.0.0/16 (bleeding-drop.rules)
 2400016 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 192.160.44.0/24 (bleeding-drop.rules)
 2400017 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 192.67.16.0/24 (bleeding-drop.rules)
 2400018 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 193.110.136.0/24 (bleeding-drop.rules)
 2400019 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 193.238.120.0/22 (bleeding-drop.rules)
 2400020 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 195.206.120.0/22 (bleeding-drop.rules)
 2400021 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 195.214.236.0/22 (bleeding-drop.rules)
 2400022 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 196.4.167.0/24 (bleeding-drop.rules)
 2400023 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 198.151.152.0/22 (bleeding-drop.rules)
 2400024 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 198.186.16.0/20 (bleeding-drop.rules)
 2400025 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 198.204.0.0/21 (bleeding-drop.rules)
 2400026 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 199.120.163.0/24 (bleeding-drop.rules)
 2400027 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 199.166.200.0/22 (bleeding-drop.rules)
 2400028 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 199.201.151.0/24 (bleeding-drop.rules)
 2400029 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 199.201.152.0/24 (bleeding-drop.rules)
 2400030 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 199.245.138.0/24 (bleeding-drop.rules)
 2400031 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 199.248.213.0/24 (bleeding-drop.rules)
 2400032 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 199.60.102.0/24 (bleeding-drop.rules)
 2400033 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 200.108.160.0/20 (bleeding-drop.rules)
 2400034 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 200.108.176.0/20 (bleeding-drop.rules)
 2400035 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 200.124.64.0/19 (bleeding-drop.rules)
 2400036 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 202.14.69.0/24 (bleeding-drop.rules)
 2400037 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 203.19.101.0/24 (bleeding-drop.rules)
 2400038 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 203.29.222.0/24 (bleeding-drop.rules)
 2400039 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 203.31.88.0/23 (bleeding-drop.rules)
 2400040 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 203.33.120.0/24 (bleeding-drop.rules)
 2400041 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 203.34.192.0/23 (bleeding-drop.rules)
 2400042 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 203.34.204.0/24 (bleeding-drop.rules)
 2400043 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 203.34.205.0/24 (bleeding-drop.rules)
 2400044 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 203.34.70.0/24 (bleeding-drop.rules)
 2400045 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 203.34.71.0/24 (bleeding-drop.rules)
 2400046 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 203.4.141.0/24 (bleeding-drop.rules)
 2400047 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 203.4.142.0/24 (bleeding-drop.rules)
 2400048 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 203.55.153.0/24 (bleeding-drop.rules)
 2400049 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 204.11.72.0/21 (bleeding-drop.rules)
 2400050 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 204.13.16.0/21 (bleeding-drop.rules)
 2400051 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 204.14.0.0/21 (bleeding-drop.rules)
 2400052 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 204.14.24.0/21 (bleeding-drop.rules)
 2400053 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 204.52.255.0/24 (bleeding-drop.rules)
 2400054 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 204.62.213.0/24 (bleeding-drop.rules)
 2400055 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 204.89.156.0/23 (bleeding-drop.rules)
 2400056 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 204.89.224.0/24 (bleeding-drop.rules)
 2400057 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 204.9.240.0/21 (bleeding-drop.rules)
 2400058 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 205.159.34.0/24 (bleeding-drop.rules)
 2400059 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 205.172.188.0/22 (bleeding-drop.rules)
 2400060 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 205.210.137.0/24 (bleeding-drop.rules)
 2400061 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 205.235.64.0/20 (bleeding-drop.rules)
 2400062 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 205.236.189.0/24 (bleeding-drop.rules)
 2400063 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 206.197.134.0/24 (bleeding-drop.rules)
 2400064 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 206.197.175.0/24 (bleeding-drop.rules)
 2400065 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 206.197.176.0/24 (bleeding-drop.rules)
 2400066 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 206.197.177.0/24 (bleeding-drop.rules)
 2400067 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 206.197.28.0/24 (bleeding-drop.rules)
 2400068 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 206.197.29.0/24 (bleeding-drop.rules)
 2400069 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 206.197.99.0/24 (bleeding-drop.rules)
 2400070 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 206.81.80.0/20 (bleeding-drop.rules)
 2400071 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 207.115.112.0/20 (bleeding-drop.rules)
 2400072 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 207.182.128.0/19 (bleeding-drop.rules)
 2400073 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 207.191.160.0/20 (bleeding-drop.rules)
 2400074 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 209.165.224.0/20 (bleeding-drop.rules)
 2400075 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 209.190.8.0/21 (bleeding-drop.rules)
 2400076 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 209.197.192.0/19 (bleeding-drop.rules)
 2400077 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 213.135.80.0/23 (bleeding-drop.rules)
 2400078 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 216.108.224.0/20 (bleeding-drop.rules)
 2400079 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 216.130.192.0/19 (bleeding-drop.rules)
 2400080 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 216.211.144.0/20 (bleeding-drop.rules)
 2400081 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 216.7.128.0/20 (bleeding-drop.rules)
 2400082 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 217.69.112.0/20 (bleeding-drop.rules)
 2400083 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 65.182.128.0/20 (bleeding-drop.rules)
 2400084 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 65.255.32.0/20 (bleeding-drop.rules)
 2400085 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 66.102.32.0/20 (bleeding-drop.rules)
 2400086 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 66.181.160.0/19 (bleeding-drop.rules)
 2400087 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 66.235.128.0/20 (bleeding-drop.rules)
 2400088 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 66.55.160.0/19 (bleeding-drop.rules)
 2400089 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 66.63.160.0/19 (bleeding-drop.rules)
 2400090 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 66.64.96.0/20 (bleeding-drop.rules)
 2400091 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 67.43.48.0/20 (bleeding-drop.rules)
 2400092 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 69.10.0.0/20 (bleeding-drop.rules)
 2400093 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 69.36.192.0/20 (bleeding-drop.rules)
 2400094 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 69.42.96.0/19 (bleeding-drop.rules)
 2400095 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 69.67.64.0/20 (bleeding-drop.rules)
 2400096 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 69.8.176.0/20 (bleeding-drop.rules)
 2400097 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 72.11.128.0/19 (bleeding-drop.rules)
 2400098 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 72.21.128.0/20 (bleeding-drop.rules)
 2400099 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 72.21.64.0/20 (bleeding-drop.rules)
 2400100 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 72.26.192.0/19 (bleeding-drop.rules)
 2400101 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 72.34.160.0/20 (bleeding-drop.rules)
 2400102 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 80.71.64.0/19 (bleeding-drop.rules)
 2400103 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 80.93.176.0/20 (bleeding-drop.rules)
 2400104 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 83.223.224.0/19 (bleeding-drop.rules)
 2400105 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 83.223.240.0/22 (bleeding-drop.rules)
 2400106 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 85.249.16.0/20 (bleeding-drop.rules)
 2400107 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 86.111.128.0/20 (bleeding-drop.rules)
 2401000 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 128.13.0.0/16 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401001 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 132.232.0.0/16 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401002 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 134.33.0.0/16 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401003 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 138.105.0.0/16 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401004 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 138.252.0.0/16 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401005 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 143.49.0.0/16 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401006 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 146.100.0.0/16 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401007 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 147.111.0.0/16 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401008 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 148.3.0.0/16 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401009 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 152.147.0.0/16 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401010 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 159.2.0.0/16 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401011 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 160.116.0.0/16 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401012 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 163.125.0.0/16 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401013 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 167.175.0.0/16 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401014 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 167.97.0.0/16 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401015 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 170.67.0.0/16 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401016 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 192.160.44.0/24 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401017 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 192.67.16.0/24 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401018 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 193.110.136.0/24 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401019 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 193.238.120.0/22 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401020 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 195.206.120.0/22 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401021 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 195.214.236.0/22 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401022 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 196.4.167.0/24 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401023 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 198.151.152.0/22 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401024 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 198.186.16.0/20 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401025 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 198.204.0.0/21 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401026 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 199.120.163.0/24 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401027 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 199.166.200.0/22 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401028 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 199.201.151.0/24 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401029 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 199.201.152.0/24 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401030 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 199.245.138.0/24 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401031 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 199.248.213.0/24 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401032 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 199.60.102.0/24 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401033 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 200.108.160.0/20 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401034 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 200.108.176.0/20 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401035 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 200.124.64.0/19 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401036 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 202.14.69.0/24 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401037 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 203.19.101.0/24 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401038 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 203.29.222.0/24 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401039 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 203.31.88.0/23 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401040 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 203.33.120.0/24 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401041 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 203.34.192.0/23 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401042 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 203.34.204.0/24 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401043 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 203.34.205.0/24 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401044 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 203.34.70.0/24 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401045 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 203.34.71.0/24 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401046 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 203.4.141.0/24 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401047 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 203.4.142.0/24 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401048 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 203.55.153.0/24 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401049 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 204.11.72.0/21 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401050 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 204.13.16.0/21 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401051 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 204.14.0.0/21 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401052 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 204.14.24.0/21 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401053 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 204.52.255.0/24 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401054 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 204.62.213.0/24 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401055 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 204.89.156.0/23 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401056 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 204.89.224.0/24 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401057 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 204.9.240.0/21 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401058 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 205.159.34.0/24 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401059 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 205.172.188.0/22 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401060 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 205.210.137.0/24 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401061 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 205.235.64.0/20 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401062 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 205.236.189.0/24 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401063 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 206.197.134.0/24 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401064 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 206.197.175.0/24 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401065 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 206.197.176.0/24 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401066 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 206.197.177.0/24 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401067 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 206.197.28.0/24 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401068 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 206.197.29.0/24 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401069 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 206.197.99.0/24 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401070 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 206.81.80.0/20 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401071 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 207.115.112.0/20 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401072 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 207.182.128.0/19 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401073 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 207.191.160.0/20 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401074 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 209.165.224.0/20 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401075 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 209.190.8.0/21 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401076 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 209.197.192.0/19 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401077 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 213.135.80.0/23 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401078 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 216.108.224.0/20 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401079 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 216.130.192.0/19 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401080 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 216.211.144.0/20 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401081 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 216.7.128.0/20 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401082 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 217.69.112.0/20 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401083 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 65.182.128.0/20 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401084 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 65.255.32.0/20 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401085 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 66.102.32.0/20 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401086 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 66.181.160.0/19 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401087 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 66.235.128.0/20 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401088 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 66.55.160.0/19 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401089 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 66.63.160.0/19 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401090 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 66.64.96.0/20 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401091 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 67.43.48.0/20 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401092 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 69.10.0.0/20 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401093 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 69.36.192.0/20 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401094 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 69.42.96.0/19 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401095 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 69.67.64.0/20 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401096 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 69.8.176.0/20 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401097 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 72.11.128.0/19 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401098 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 72.21.128.0/20 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401099 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 72.21.64.0/20 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401100 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 72.26.192.0/19 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401101 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 72.34.160.0/20 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401102 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 80.71.64.0/19 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401103 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 80.93.176.0/20 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401104 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 83.223.224.0/19 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401105 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 83.223.240.0/22 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401106 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 85.249.16.0/20 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401107 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 86.111.128.0/20 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2402000 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 58.239.136.0/24 (bleeding-dshield.rules)
 2402001 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 193.175.197.0/24 (bleeding-dshield.rules)
 2402002 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 70.114.135.0/24 (bleeding-dshield.rules)
 2402003 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 38.117.158.0/24 (bleeding-dshield.rules)
 2402004 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 221.202.84.0/24 (bleeding-dshield.rules)
 2402005 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 219.146.96.0/24 (bleeding-dshield.rules)
 2402006 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 212.100.49.0/24 (bleeding-dshield.rules)
 2402007 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 219.146.78.0/24 (bleeding-dshield.rules)
 2402008 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 212.152.195.0/24 (bleeding-dshield.rules)
 2402009 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 61.128.161.0/24 (bleeding-dshield.rules)
 2402010 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 220.163.11.0/24 (bleeding-dshield.rules)
 2402011 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 61.128.195.0/24 (bleeding-dshield.rules)
 2402012 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 218.25.253.0/24 (bleeding-dshield.rules)
 2402013 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 212.112.227.0/24 (bleeding-dshield.rules)
 2402014 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 202.99.159.0/24 (bleeding-dshield.rules)
 2402015 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 61.128.162.0/24 (bleeding-dshield.rules)
 2402016 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 222.81.34.0/24 (bleeding-dshield.rules)
 2402017 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 61.182.66.0/24 (bleeding-dshield.rules)
 2402018 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 70.85.189.0/24 (bleeding-dshield.rules)
 2402019 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 64.60.97.0/24 (bleeding-dshield.rules)
 2403000 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 58.239.136.0/24 BLOCKING (bleeding-dshield-BLOCK.rules)
 2403001 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 193.175.197.0/24 BLOCKING (bleeding-dshield-BLOCK.rules)
 2403002 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 70.114.135.0/24 BLOCKING (bleeding-dshield-BLOCK.rules)
 2403003 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 38.117.158.0/24 BLOCKING (bleeding-dshield-BLOCK.rules)
 2403004 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 221.202.84.0/24 BLOCKING (bleeding-dshield-BLOCK.rules)
 2403005 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 219.146.96.0/24 BLOCKING (bleeding-dshield-BLOCK.rules)
 2403006 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 212.100.49.0/24 BLOCKING (bleeding-dshield-BLOCK.rules)
 2403007 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 219.146.78.0/24 BLOCKING (bleeding-dshield-BLOCK.rules)
 2403008 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 212.152.195.0/24 BLOCKING (bleeding-dshield-BLOCK.rules)
 2403009 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 61.128.161.0/24 BLOCKING (bleeding-dshield-BLOCK.rules)
 2403010 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 220.163.11.0/24 BLOCKING (bleeding-dshield-BLOCK.rules)
 2403011 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 61.128.195.0/24 BLOCKING (bleeding-dshield-BLOCK.rules)
 2403012 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 218.25.253.0/24 BLOCKING (bleeding-dshield-BLOCK.rules)
 2403013 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 212.112.227.0/24 BLOCKING (bleeding-dshield-BLOCK.rules)
 2403014 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 202.99.159.0/24 BLOCKING (bleeding-dshield-BLOCK.rules)
 2403015 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 61.128.162.0/24 BLOCKING (bleeding-dshield-BLOCK.rules)
 2403016 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 222.81.34.0/24 BLOCKING (bleeding-dshield-BLOCK.rules)
 2403017 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 61.182.66.0/24 BLOCKING (bleeding-dshield-BLOCK.rules)
 2403018 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 70.85.189.0/24 BLOCKING (bleeding-dshield-BLOCK.rules)
 2403019 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 64.60.97.0/24 BLOCKING (bleeding-dshield-BLOCK.rules)


[///]    Modified inactive rules:    [///]

 2002748 - BLEEDING-EDGE POLICY HTTP-Response - Missing Content-Type header (bleeding-policy.rules)


[---]         Removed rules:         [---]

 2400108 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 86.111.128.0/20 (bleeding-drop.rules)
 2401108 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 86.111.128.0/20 BLOCKING SOURCE (bleeding-drop-BLOCK.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-exploit.rules (1):
        #by Matt Richard

     -> Added to bleeding-sid-msg.map (9):
        2002783 || BLEEDING-EDGE EXPLOIT Java runtime.exec() call || url,www.mullingsecurity.com
        2002784 || BLEEDING-EDGE EXPLOIT Java private function call sun.misc.unsafe || url,www.mullingsecurity.com
        2002785 || BLEEDING-EDGE EXPLOIT Java field reflector call java.lang.reflect.field || url,www.mullingsecurity.com
        2002786 || BLEEDING-EDGE EXPLOIT Javascript unsafe applet call || url,www.mullingsecurity.com
        2002787 || BLEEDING-EDGE EXPLOIT Javascript Securitymanager class applet call || url,www.mullingsecurity.com
        2002788 || BLEEDING-EDGE VIRUS webstats.web.rcn.net count.cgi request without referrer (possible BlackWorm/Nyxem infection)
        2002789 || BLEEDING-EDGE VIRUS Agentless HTTP request to www.microsoft.com (possible BlackWorm/Nyxem infection)
        2002790 || BLEEDING-EDGE TROJAN Haxdoor Reporting User Activity
        2002791 || WEB MISC Computer Associates Negative Content-Length Buffer Overflow || cve,2005-3653 || bugtraq,16354

     -> Added to bleeding-virus.rules (2):
        #     Trojan HaxDoor
        #Submitted by Tom Fischer, 2006-01-24

[---]     Removed non-rule lines:    [---]

     -> Removed from bleeding-policy.rules (2):
        # We start this section with a rule that alerts when the 'Server:' response
        # header is missing (it is optional, but usually set).





More information about the Snort-sigs mailing list