[Snort-sigs] Bleeding Edge Threats Daily Update

bleeding at ...3254... bleeding at ...3254...
Mon Oct 23 21:00:08 EDT 2006


[***] Results from Oinkmaster started Mon Oct 23 21:00:08 2006 [***]

[+++]          Added rules:          [+++]

 2410005 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 6)  (bleeding-botcc.rules)
 2410006 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 7)  (bleeding-botcc.rules)
 2410007 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 8)  (bleeding-botcc.rules)
 2410008 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 9)  (bleeding-botcc.rules)
 2410009 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 10)  (bleeding-botcc.rules)
 2410010 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 11)  (bleeding-botcc.rules)
 2410011 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 12)  (bleeding-botcc.rules)
 2410012 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 13)  (bleeding-botcc.rules)
 2410013 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 14)  (bleeding-botcc.rules)
 2410014 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 15)  (bleeding-botcc.rules)
 2410015 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 16)  (bleeding-botcc.rules)
 2410016 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 17)  (bleeding-botcc.rules)
 2410017 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 18)  (bleeding-botcc.rules)
 2410018 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 19)  (bleeding-botcc.rules)
 2410019 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 20)  (bleeding-botcc.rules)
 2411005 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 6) - BLOCKING SOURCE (bleeding-botcc-BLOCK.rules)
 2411006 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 7) - BLOCKING SOURCE (bleeding-botcc-BLOCK.rules)
 2411007 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 8) - BLOCKING SOURCE (bleeding-botcc-BLOCK.rules)
 2411008 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 9) - BLOCKING SOURCE (bleeding-botcc-BLOCK.rules)
 2411009 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 10) - BLOCKING SOURCE (bleeding-botcc-BLOCK.rules)
 2411010 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 11) - BLOCKING SOURCE (bleeding-botcc-BLOCK.rules)
 2411011 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 12) - BLOCKING SOURCE (bleeding-botcc-BLOCK.rules)
 2411012 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 13) - BLOCKING SOURCE (bleeding-botcc-BLOCK.rules)
 2411013 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 14) - BLOCKING SOURCE (bleeding-botcc-BLOCK.rules)
 2411014 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 15) - BLOCKING SOURCE (bleeding-botcc-BLOCK.rules)
 2411015 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 16) - BLOCKING SOURCE (bleeding-botcc-BLOCK.rules)
 2411016 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 17) - BLOCKING SOURCE (bleeding-botcc-BLOCK.rules)
 2411017 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 18) - BLOCKING SOURCE (bleeding-botcc-BLOCK.rules)
 2411018 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 19) - BLOCKING SOURCE (bleeding-botcc-BLOCK.rules)
 2411019 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 20) - BLOCKING SOURCE (bleeding-botcc-BLOCK.rules)


[///]     Modified active rules:     [///]

 2002171 - BLEEDING-EDGE EXPLOIT COM Object Instantiation Memory Corruption Vulnerability (group 1) (bleeding-exploit.rules)
 2002172 - BLEEDING-EDGE EXPLOIT COM Object Instantiation Memory Corruption Vulnerability (group 2) (bleeding-exploit.rules)
 2002173 - BLEEDING-EDGE EXPLOIT COM Object Instantiation Memory Corruption Vulnerability (group 3) (bleeding-exploit.rules)
 2002174 - BLEEDING-EDGE EXPLOIT CLSID Pattern Matched (bleeding-exploit.rules)
 2002491 - BLEEDING-EDGE EXPLOIT COM Object MS05-052 (group 1) (bleeding-exploit.rules)
 2002492 - BLEEDING-EDGE EXPLOIT COM Object MS05-052 (group 2) (bleeding-exploit.rules)
 2002493 - BLEEDING-EDGE EXPLOIT COM Object MS05-052 (group 3) (bleeding-exploit.rules)
 2402000 - BLEEDING-EDGE DROP Dshield Block Listed Source (bleeding-dshield.rules)
 2403000 - BLEEDING-EDGE DROP Dshield Block Listed Source - BLOCKING (bleeding-dshield-BLOCK.rules)
 2410000 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 1)  (bleeding-botcc.rules)
 2410001 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 2)  (bleeding-botcc.rules)
 2410002 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 3)  (bleeding-botcc.rules)
 2410003 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 4)  (bleeding-botcc.rules)
 2410004 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 5)  (bleeding-botcc.rules)
 2411000 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 1) - BLOCKING SOURCE (bleeding-botcc-BLOCK.rules)
 2411001 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 2) - BLOCKING SOURCE (bleeding-botcc-BLOCK.rules)
 2411002 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 3) - BLOCKING SOURCE (bleeding-botcc-BLOCK.rules)
 2411003 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 4) - BLOCKING SOURCE (bleeding-botcc-BLOCK.rules)
 2411004 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 5) - BLOCKING SOURCE (bleeding-botcc-BLOCK.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-sid-msg.map (30):
        2410005 || BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 6)  || url,www.shadowserver.org
        2410006 || BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 7)  || url,www.shadowserver.org
        2410007 || BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 8)  || url,www.shadowserver.org
        2410008 || BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 9)  || url,www.shadowserver.org
        2410009 || BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 10)  || url,www.shadowserver.org
        2410010 || BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 11)  || url,www.shadowserver.org
        2410011 || BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 12)  || url,www.shadowserver.org
        2410012 || BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 13)  || url,www.shadowserver.org
        2410013 || BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 14)  || url,www.shadowserver.org
        2410014 || BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 15)  || url,www.shadowserver.org
        2410015 || BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 16)  || url,www.shadowserver.org
        2410016 || BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 17)  || url,www.shadowserver.org
        2410017 || BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 18)  || url,www.shadowserver.org
        2410018 || BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 19)  || url,www.shadowserver.org
        2410019 || BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 20)  || url,www.shadowserver.org
        2411005 || BLEEDING-EDGE DROP Known Bot C&C Traffic (group 6) - BLOCKING SOURCE || url,www.shadowserver.org
        2411006 || BLEEDING-EDGE DROP Known Bot C&C Traffic (group 7) - BLOCKING SOURCE || url,www.shadowserver.org
        2411007 || BLEEDING-EDGE DROP Known Bot C&C Traffic (group 8) - BLOCKING SOURCE || url,www.shadowserver.org
        2411008 || BLEEDING-EDGE DROP Known Bot C&C Traffic (group 9) - BLOCKING SOURCE || url,www.shadowserver.org
        2411009 || BLEEDING-EDGE DROP Known Bot C&C Traffic (group 10) - BLOCKING SOURCE || url,www.shadowserver.org
        2411010 || BLEEDING-EDGE DROP Known Bot C&C Traffic (group 11) - BLOCKING SOURCE || url,www.shadowserver.org
        2411011 || BLEEDING-EDGE DROP Known Bot C&C Traffic (group 12) - BLOCKING SOURCE || url,www.shadowserver.org
        2411012 || BLEEDING-EDGE DROP Known Bot C&C Traffic (group 13) - BLOCKING SOURCE || url,www.shadowserver.org
        2411013 || BLEEDING-EDGE DROP Known Bot C&C Traffic (group 14) - BLOCKING SOURCE || url,www.shadowserver.org
        2411014 || BLEEDING-EDGE DROP Known Bot C&C Traffic (group 15) - BLOCKING SOURCE || url,www.shadowserver.org
        2411015 || BLEEDING-EDGE DROP Known Bot C&C Traffic (group 16) - BLOCKING SOURCE || url,www.shadowserver.org
        2411016 || BLEEDING-EDGE DROP Known Bot C&C Traffic (group 17) - BLOCKING SOURCE || url,www.shadowserver.org
        2411017 || BLEEDING-EDGE DROP Known Bot C&C Traffic (group 18) - BLOCKING SOURCE || url,www.shadowserver.org
        2411018 || BLEEDING-EDGE DROP Known Bot C&C Traffic (group 19) - BLOCKING SOURCE || url,www.shadowserver.org
        2411019 || BLEEDING-EDGE DROP Known Bot C&C Traffic (group 20) - BLOCKING SOURCE || url,www.shadowserver.org





More information about the Snort-sigs mailing list