[Snort-sigs] Bleeding Edge Threats Daily Signature Changes

bleeding at ...3254... bleeding at ...3254...
Thu Nov 8 15:00:13 EST 2007


[***] Results from Oinkmaster started Thu Nov  8 20:00:13 2007 [***]

[+++]          Added rules:          [+++]

 2007670 - BLEEDING-EDGE POLICY Likely Binary in HTTP by Type Flowbit (bleeding-policy.rules)
 2007671 - BLEEDING-EDGE POLICY Binary Download Smaller than 1 MB -- Likely Hostile (bleeding-policy.rules)


[+++]  Enabled and modified rules:   [+++]

 2000419 - BLEEDING-EDGE PE EXE or DLL Windows file download (bleeding-policy.rules)
 2000427 - BLEEDING-EDGE PE EXE Install Windows file download (bleeding-policy.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-policy.rules (6):
        #Idea by Martin Holste, sigs by Matt Jonkman
        # The idea here is that most legitimate exe downloads are more than 1meg, most malicious are far less than 1 meg.
        # This is evadable of course, and doesn't work with non-compliant web servers, but this will catch many...
        #First we qualify this as a packet containing the header return info from the get request and is likely binary content
        #next we check that the content-length is less than 7 digits, thus under 1,000,000 bytes.
        # note: I re-check for the leading HTTP/1 to make sure we're still in the header packet, not in the rest of the binary stream

     -> Added to bleeding-sid-msg.map (122):
        2007670 || BLEEDING-EDGE POLICY Likely Binary in HTTP by Type Flowbit
        2007671 || BLEEDING-EDGE POLICY Binary Download Smaller than 1 MB -- Likely Hostile
        2500329 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (330) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500330 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (331) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500331 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (332) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500332 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (333) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500333 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (334) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500334 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (335) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500335 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (336) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500336 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (337) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500337 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (338) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500338 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (339) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500339 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (340) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500340 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (341) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500341 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (342) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500342 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (343) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500343 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (344) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500344 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (345) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500345 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (346) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500346 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (347) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500347 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (348) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500348 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (349) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500349 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (350) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500350 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (351) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500351 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (352) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500352 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (353) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500353 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (354) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500354 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (355) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500355 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (356) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500356 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (357) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500357 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (358) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500358 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (359) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500359 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (360) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500360 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (361) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500361 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (362) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500362 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (363) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500363 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (364) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500364 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (365) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500365 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (366) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500366 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (367) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500367 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (368) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500368 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (369) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500369 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (370) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500370 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (371) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500371 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (372) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500372 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (373) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500373 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (374) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500374 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (375) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500375 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (376) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500376 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (377) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500377 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (378) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500378 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (379) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500379 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (380) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500380 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (381) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500381 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (382) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500382 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (383) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500383 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (384) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500384 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (385) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500385 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (386) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500386 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (387) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500387 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (388) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500388 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (389) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510329 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (330) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510330 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (331) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510331 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (332) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510332 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (333) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510333 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (334) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510334 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (335) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510335 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (336) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510336 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (337) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510337 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (338) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510338 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (339) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510339 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (340) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510340 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (341) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510341 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (342) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510342 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (343) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510343 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (344) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510344 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (345) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510345 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (346) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510346 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (347) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510347 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (348) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510348 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (349) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510349 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (350) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510350 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (351) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510351 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (352) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510352 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (353) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510353 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (354) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510354 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (355) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510355 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (356) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510356 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (357) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510357 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (358) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510358 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (359) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510359 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (360) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510360 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (361) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510361 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (362) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510362 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (363) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510363 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (364) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510364 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (365) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510365 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (366) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510366 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (367) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510367 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (368) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510368 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (369) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510369 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (370) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510370 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (371) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510371 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (372) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510372 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (373) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510373 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (374) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510374 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (375) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510375 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (376) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510376 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (377) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510377 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (378) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510378 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (379) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510379 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (380) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510380 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (381) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510381 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (382) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510382 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (383) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510383 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (384) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510384 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (385) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510385 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (386) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510386 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (387) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510387 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (388) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510388 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (389) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts





More information about the Snort-sigs mailing list