[Snort-sigs] Bleedingsnort.com Daily Update

bleeding at ...2727... bleeding at ...2727...
Sat Jun 24 21:00:13 EDT 2006


[***] Results from Oinkmaster started Sat Jun 24 21:00:12 2006 [***]

[+++]          Added rules:          [+++]

 2002984 - BLEEDING-EDGE MALWARE SpySherriff Spyware Activity (bleeding-malware.rules)
 2002985 - BLEEDING-EDGE MALWARE SpySherriff Spyware Activity (bleeding-malware.rules)
 2002986 - BLEEDING-EDGE POLICY ICQ Install Direct download - Not normal mode of install (bleeding-policy.rules)
 2002987 - BLEEDING-EDGE MALWARE Jupitersatellites.biz Spyware Download (bleeding-malware.rules)
 2002988 - BLEEDING-EDGE MALWARE Possible Spambot Checking in to Spam (bleeding-malware.rules)
 2002989 - BLEEDING-EDGE MALWARE Possible Spambot getting new exe url (bleeding-malware.rules)
 2002990 - BLEEDING-EDGE MALWARE Possible Spambot Pulling IP List to Spam (bleeding-malware.rules)
 2002991 - BLEEDING-EDGE MALWARE Possible Spambot getting new exe (bleeding-malware.rules)


[///]     Modified active rules:     [///]

 2002023 - BLEEDING-EDGE TROJAN IRC USER command (bleeding-virus.rules)
 2002024 - BLEEDING-EDGE TROJAN IRC NICK command (bleeding-virus.rules)
 2002025 - BLEEDING-EDGE TROJAN IRC JOIN command (bleeding-virus.rules)
 2002026 - BLEEDING-EDGE TROJAN IRC PRIVMSG command (bleeding-virus.rules)
 2400000 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound (bleeding-drop.rules)
 2400001 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound (bleeding-drop.rules)
 2400002 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound (bleeding-drop.rules)
 2400003 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound (bleeding-drop.rules)
 2400004 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound (bleeding-drop.rules)
 2401000 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401001 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401002 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401003 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401004 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2402000 - BLEEDING-EDGE DROP Dshield Block Listed Source (bleeding-dshield.rules)
 2403000 - BLEEDING-EDGE DROP Dshield Block Listed Source - BLOCKING (bleeding-dshield-BLOCK.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-sid-msg.map (8):
        2002984 || BLEEDING-EDGE MALWARE SpySherriff Spyware Activity
        2002985 || BLEEDING-EDGE MALWARE SpySherriff Spyware Activity
        2002986 || BLEEDING-EDGE POLICY ICQ Install Direct download - Not normal mode of install
        2002987 || BLEEDING-EDGE MALWARE Jupitersatellites.biz Spyware Download
        2002988 || BLEEDING-EDGE MALWARE Possible Spambot Checking in to Spam
        2002989 || BLEEDING-EDGE MALWARE Possible Spambot getting new exe url
        2002990 || BLEEDING-EDGE MALWARE Possible Spambot Pulling IP List to Spam
        2002991 || BLEEDING-EDGE MALWARE Possible Spambot getting new exe





More information about the Snort-sigs mailing list