[Snort-sigs] Bleeding Edge Threats Daily Signature Changes

bleeding at ...3254... bleeding at ...3254...
Wed Nov 7 15:00:13 EST 2007


[***] Results from Oinkmaster started Wed Nov  7 20:00:12 2007 [***]

[+++]          Added rules:          [+++]

 2007668 - BLEEDING-EDGE TROJAN Blackenergy Bot Checkin to C&C (bleeding-virus.rules)
 2007669 - BLEEDING-EDGE TROJAN Nulprot Checkin Response (bleeding-virus.rules)


[///]     Modified active rules:     [///]

 2003463 - BLEEDING-EDGE MALWARE Suspicious User-Agent (Toolbar) Possibly Malware/Spyware (bleeding-malware.rules)
 2406000 - BLEEDING-EDGE RBN Known Russian Business Network Traffic - Hosting Nets (bleeding-rbn.rules)
 2406001 - BLEEDING-EDGE RBN Known Russian Business Network Traffic - Individual Hosts (bleeding-rbn.rules)
 2406002 - BLEEDING-EDGE RBN Known Russian Business Network Traffic - Chinese Nets (bleeding-rbn.rules)
 2407000 - BLEEDING-EDGE RBN Known Russian Business Network Traffic - Hosting Nets (bleeding-rbn-BLOCK.rules)
 2407001 - BLEEDING-EDGE RBN Known Russian Business Network Traffic - Individual Hosts (bleeding-rbn-BLOCK.rules)
 2407002 - BLEEDING-EDGE RBN Known Russian Business Network Traffic - Chinese Nets (bleeding-rbn-BLOCK.rules)


[---]         Removed rules:         [---]

 2406003 - BLEEDING-EDGE RBN Known Russian Business Network Host Traffic (4) (bleeding-rbn.rules)
 2406004 - BLEEDING-EDGE RBN Known Russian Business Network Host Traffic (5) (bleeding-rbn.rules)
 2407003 - BLEEDING-EDGE RBN Known Russian Business Network Host Traffic - BLOCKING (4) (bleeding-rbn-BLOCK.rules)
 2407004 - BLEEDING-EDGE RBN Known Russian Business Network Host Traffic - BLOCKING (5) (bleeding-rbn-BLOCK.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-rbn-BLOCK.rules (4):
        #  VERSION 6
        #general hosts
        #individual general hosts
        #chinese

     -> Added to bleeding-rbn.rules (4):
        #  VERSION 6
        #general hosts
        #individual general hosts
        #chinese

     -> Added to bleeding-sid-msg.map (120):
        2007668 || BLEEDING-EDGE TROJAN Blackenergy Bot Checkin to C&C || url,asert.arbornetworks.com/2007/10/blackenergy-ddos-bot-analysis-available
        2007669 || BLEEDING-EDGE TROJAN Nulprot Checkin Response || url,doc.bleedingthreats.net/2007669
        2406000 || BLEEDING-EDGE RBN Known Russian Business Network Traffic - Hosting Nets || url,doc.bleedingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406001 || BLEEDING-EDGE RBN Known Russian Business Network Traffic - Individual Hosts || url,doc.bleedingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406002 || BLEEDING-EDGE RBN Known Russian Business Network Traffic - Chinese Nets || url,doc.bleedingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407000 || BLEEDING-EDGE RBN Known Russian Business Network Traffic - Hosting Nets || url,doc.bleedingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407001 || BLEEDING-EDGE RBN Known Russian Business Network Traffic - Individual Hosts || url,doc.bleedingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407002 || BLEEDING-EDGE RBN Known Russian Business Network Traffic - Chinese Nets || url,doc.bleedingthreats.net/bin/view/Main/RussianBusinessNetwork
        2500273 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (274) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500274 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (275) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500275 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (276) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500276 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (277) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500277 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (278) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500278 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (279) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500279 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (280) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500280 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (281) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500281 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (282) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500282 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (283) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500283 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (284) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500284 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (285) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500285 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (286) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500286 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (287) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500287 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (288) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500288 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (289) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500289 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (290) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500290 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (291) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500291 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (292) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500292 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (293) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500293 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (294) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500294 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (295) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500295 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (296) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500296 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (297) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500297 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (298) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500298 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (299) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500299 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (300) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500300 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (301) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500301 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (302) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500302 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (303) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500303 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (304) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500304 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (305) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500305 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (306) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500306 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (307) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500307 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (308) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500308 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (309) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500309 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (310) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500310 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (311) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500311 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (312) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500312 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (313) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500313 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (314) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500314 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (315) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500315 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (316) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500316 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (317) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500317 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (318) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500318 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (319) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500319 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (320) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500320 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (321) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500321 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (322) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500322 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (323) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500323 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (324) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500324 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (325) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500325 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (326) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500326 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (327) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500327 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (328) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500328 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (329) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510273 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (274) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510274 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (275) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510275 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (276) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510276 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (277) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510277 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (278) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510278 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (279) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510279 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (280) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510280 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (281) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510281 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (282) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510282 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (283) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510283 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (284) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510284 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (285) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510285 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (286) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510286 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (287) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510287 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (288) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510288 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (289) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510289 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (290) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510290 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (291) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510291 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (292) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510292 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (293) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510293 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (294) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510294 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (295) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510295 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (296) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510296 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (297) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510297 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (298) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510298 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (299) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510299 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (300) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510300 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (301) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510301 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (302) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510302 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (303) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510303 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (304) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510304 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (305) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510305 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (306) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510306 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (307) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510307 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (308) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510308 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (309) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510309 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (310) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510310 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (311) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510311 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (312) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510312 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (313) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510313 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (314) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510314 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (315) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510315 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (316) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510316 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (317) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510317 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (318) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510318 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (319) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510319 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (320) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510320 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (321) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510321 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (322) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510322 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (323) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510323 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (324) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510324 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (325) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510325 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (326) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510326 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (327) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510327 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (328) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510328 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (329) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts

     -> Added to bleeding-virus.rules (2):
        #analysis by Jose Nazario at arbor networks. Sig by matt jonkman
        #by Matt Jonkman, from sandnet

[---]     Removed non-rule lines:    [---]

     -> Removed from bleeding-rbn-BLOCK.rules (2):
        #  VERSION 3
        #  Generated 2007-10-30 20:30:31 EDT

     -> Removed from bleeding-rbn.rules (2):
        #  VERSION 3
        #  Generated 2007-10-30 20:30:31 EDT

     -> Removed from bleeding-sid-msg.map (10):
        2406000 || BLEEDING-EDGE RBN Known Russian Business Network Host Traffic (1) || url,doc.bleedingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406001 || BLEEDING-EDGE RBN Known Russian Business Network Host Traffic (2) || url,doc.bleedingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406002 || BLEEDING-EDGE RBN Known Russian Business Network Host Traffic (3) || url,doc.bleedingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406003 || BLEEDING-EDGE RBN Known Russian Business Network Host Traffic (4) || url,doc.bleedingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406004 || BLEEDING-EDGE RBN Known Russian Business Network Host Traffic (5) || url,doc.bleedingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407000 || BLEEDING-EDGE RBN Known Russian Business Network Host Traffic - BLOCKING (1) || url,doc.bleedingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407001 || BLEEDING-EDGE RBN Known Russian Business Network Host Traffic - BLOCKING (2) || url,doc.bleedingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407002 || BLEEDING-EDGE RBN Known Russian Business Network Host Traffic - BLOCKING (3) || url,doc.bleedingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407003 || BLEEDING-EDGE RBN Known Russian Business Network Host Traffic - BLOCKING (4) || url,doc.bleedingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407004 || BLEEDING-EDGE RBN Known Russian Business Network Host Traffic - BLOCKING (5) || url,doc.bleedingthreats.net/bin/view/Main/RussianBusinessNetwork





More information about the Snort-sigs mailing list