[Snort-sigs] Bleeding Edge Threats Daily Signature Changes

bleeding at ...3254... bleeding at ...3254...
Sun Nov 11 15:00:14 EST 2007


[***] Results from Oinkmaster started Sun Nov 11 20:00:13 2007 [***]

[+++]          Added rules:          [+++]

 2007688 - BLEEDING-EDGE TROJAN Prg Trojan HTTP POST (bleeding-virus.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-sid-msg.map (95):
        2007688 || BLEEDING-EDGE TROJAN Prg Trojan HTTP POST
        2500527 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (528) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500528 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (529) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500529 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (530) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500530 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (531) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500531 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (532) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500532 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (533) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500533 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (534) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500534 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (535) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500535 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (536) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500536 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (537) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500537 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (538) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500538 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (539) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500539 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (540) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500540 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (541) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500541 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (542) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500542 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (543) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500543 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (544) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500544 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (545) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500545 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (546) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500546 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (547) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500547 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (548) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500548 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (549) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500549 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (550) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500550 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (551) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500551 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (552) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500552 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (553) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500553 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (554) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500554 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (555) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500555 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (556) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500556 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (557) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500557 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (558) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500558 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (559) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500559 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (560) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500560 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (561) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500561 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (562) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500562 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (563) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500563 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (564) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500564 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (565) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500565 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (566) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500566 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (567) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500567 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (568) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500568 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (569) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500569 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (570) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500570 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (571) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500571 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (572) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500572 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (573) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500573 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (574) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510527 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (528) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510528 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (529) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510529 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (530) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510530 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (531) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510531 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (532) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510532 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (533) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510533 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (534) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510534 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (535) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510535 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (536) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510536 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (537) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510537 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (538) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510538 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (539) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510539 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (540) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510540 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (541) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510541 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (542) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510542 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (543) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510543 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (544) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510544 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (545) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510545 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (546) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510546 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (547) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510547 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (548) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510548 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (549) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510549 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (550) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510550 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (551) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510551 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (552) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510552 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (553) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510553 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (554) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510554 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (555) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510555 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (556) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510556 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (557) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510557 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (558) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510558 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (559) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510559 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (560) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510560 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (561) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510561 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (562) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510562 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (563) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510563 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (564) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510564 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (565) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510565 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (566) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510566 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (567) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510567 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (568) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510568 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (569) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510569 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (570) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510570 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (571) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510571 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (572) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510572 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (573) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510573 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (574) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts

     -> Added to bleeding-virus.rules (1):
        #by Jeremy Conway





More information about the Snort-sigs mailing list