[Snort-sigs] Bleeding Edge Threats Daily Signature Changes

bleeding at ...3254... bleeding at ...3254...
Wed Oct 10 20:00:22 EDT 2007


[***] Results from Oinkmaster started Thu Oct 11 00:00:21 2007 [***]

[---]         Disabled rules:        [---]

 2006913 - BLEEDING-EDGE CURRENT EVENTS DNS-Rebinding Attack 192.168.x.x/16 (local IP from remote DNS Server) (bleeding.rules)
 2006914 - BLEEDING-EDGE CURRENT EVENTS DNS-Rebinding Attack 10.x.x.x /8 (local IP from remote DNS Server) (bleeding.rules)
 2006915 - BLEEDING-EDGE CURRENT EVENTS DNS-Rebinding Attack 172.16.x.x/12 (local IP from remote DNS Server) (bleeding.rules)
 2006916 - BLEEDING-EDGE CURRENT EVENTS DNS-Rebinding Attack 127.0.01 address (local IP from remote DNS Server) (bleeding.rules)
 2006917 - BLEEDING-EDGE CURRENT EVENTS DNS-Rebinding Attack 192.168.x.x/16 (local IP from remote DNS Server) (bleeding.rules)
 2006918 - BLEEDING-EDGE CURRENT EVENTS DNS-Rebinding Attack 10.x.x.x /8 (local IP from remote DNS Server) (bleeding.rules)
 2006919 - BLEEDING-EDGE CURRENT EVENTS DNS-Rebinding Attack 172.16.x.x/12 (local IP from remote DNS Server) (bleeding.rules)
 2006920 - BLEEDING-EDGE CURRENT EVENTS DNS-Rebinding Attack 127.0.0.1 address (local IP from remote DNS Server) (bleeding.rules)


[---]         Removed rules:         [---]

 2003521 - BLEEDING-EDGE TROJAN TROJ_ANICMOO.AX Downloading wincf.exe (bleeding.rules)
 2003522 - BLEEDING-EDGE TROJAN PossibleExploit-W32/Ani.C Traffic (bleeding.rules)
 2003523 - BLEEDING-EDGE TROJAN Possible Exploit-W32/Ani.C Traffic (bleeding.rules)
 2007619 - BLEEDING-EDGE CURRENT_EVENTS Traffic to Phishing Master Server -- Please report hits to phishevent at ...3254... (bleeding.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-sid-msg.map (220):
        2500614 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (615) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500615 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (616) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500616 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (617) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500617 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (618) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500618 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (619) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500619 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (620) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500620 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (621) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500621 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (622) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500622 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (623) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500623 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (624) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500624 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (625) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500625 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (626) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500626 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (627) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500627 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (628) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500628 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (629) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500629 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (630) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500630 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (631) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500631 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (632) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500632 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (633) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500633 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (634) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500634 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (635) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500635 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (636) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500636 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (637) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500637 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (638) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500638 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (639) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500639 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (640) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500640 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (641) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500641 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (642) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500642 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (643) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500643 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (644) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500644 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (645) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500645 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (646) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500646 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (647) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500647 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (648) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500648 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (649) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500649 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (650) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500650 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (651) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500651 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (652) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500652 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (653) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500653 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (654) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500654 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (655) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500655 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (656) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500656 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (657) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500657 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (658) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500658 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (659) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500659 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (660) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500660 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (661) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500661 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (662) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500662 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (663) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500663 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (664) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500664 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (665) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500665 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (666) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500666 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (667) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500667 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (668) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500668 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (669) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500669 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (670) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500670 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (671) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500671 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (672) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500672 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (673) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500673 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (674) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500674 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (675) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500675 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (676) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500676 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (677) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500677 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (678) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500678 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (679) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500679 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (680) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500680 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (681) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500681 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (682) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500682 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (683) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500683 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (684) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500684 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (685) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500685 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (686) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500686 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (687) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500687 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (688) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500688 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (689) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500689 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (690) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500690 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (691) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500691 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (692) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500692 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (693) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500693 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (694) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500694 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (695) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500695 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (696) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500696 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (697) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500697 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (698) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500698 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (699) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500699 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (700) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500700 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (701) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500701 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (702) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500702 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (703) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500703 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (704) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500704 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (705) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500705 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (706) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500706 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (707) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500707 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (708) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500708 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (709) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500709 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (710) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500710 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (711) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500711 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (712) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500712 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (713) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500713 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (714) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500714 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (715) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500715 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (716) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500716 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (717) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500717 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (718) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500718 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (719) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500719 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (720) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500720 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (721) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500721 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (722) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500722 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (723) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500723 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (724) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510614 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (615) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510615 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (616) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510616 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (617) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510617 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (618) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510618 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (619) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510619 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (620) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510620 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (621) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510621 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (622) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510622 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (623) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510623 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (624) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510624 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (625) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510625 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (626) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510626 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (627) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510627 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (628) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510628 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (629) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510629 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (630) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510630 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (631) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510631 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (632) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510632 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (633) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510633 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (634) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510634 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (635) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510635 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (636) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510636 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (637) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510637 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (638) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510638 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (639) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510639 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (640) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510640 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (641) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510641 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (642) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510642 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (643) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510643 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (644) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510644 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (645) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510645 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (646) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510646 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (647) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510647 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (648) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510648 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (649) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510649 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (650) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510650 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (651) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510651 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (652) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510652 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (653) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510653 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (654) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510654 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (655) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510655 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (656) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510656 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (657) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510657 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (658) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510658 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (659) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510659 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (660) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510660 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (661) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510661 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (662) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510662 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (663) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510663 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (664) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510664 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (665) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510665 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (666) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510666 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (667) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510667 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (668) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510668 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (669) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510669 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (670) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510670 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (671) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510671 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (672) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510672 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (673) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510673 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (674) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510674 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (675) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510675 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (676) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510676 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (677) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510677 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (678) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510678 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (679) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510679 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (680) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510680 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (681) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510681 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (682) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510682 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (683) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510683 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (684) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510684 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (685) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510685 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (686) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510686 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (687) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510687 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (688) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510688 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (689) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510689 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (690) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510690 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (691) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510691 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (692) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510692 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (693) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510693 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (694) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510694 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (695) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510695 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (696) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510696 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (697) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510697 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (698) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510698 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (699) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510699 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (700) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510700 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (701) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510701 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (702) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510702 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (703) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510703 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (704) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510704 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (705) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510705 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (706) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510706 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (707) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510707 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (708) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510708 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (709) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510709 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (710) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510710 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (711) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510711 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (712) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510712 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (713) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510713 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (714) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510714 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (715) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510715 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (716) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510716 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (717) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510717 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (718) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510718 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (719) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510719 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (720) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510720 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (721) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510721 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (722) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510722 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (723) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510723 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (724) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts

     -> Added to bleeding.rules (1):
        #disabling, scheduled for deletion

[---]     Removed non-rule lines:    [---]

     -> Removed from bleeding-sid-msg.map (4):
        2003521 || BLEEDING-EDGE TROJAN TROJ_ANICMOO.AX Downloading wincf.exe || url,uk.trendmicro-europe.com/enterprise/vinfo/encyclopedia.php?LYstr=VMAINDATA&vNav=3&VName=TROJ_ANICMOO.AX
        2003522 || BLEEDING-EDGE TROJAN PossibleExploit-W32/Ani.C Traffic || url,www.f-secure.com/v-descs/trojan-downloader_w32_small_ekv.shtml
        2003523 || BLEEDING-EDGE TROJAN Possible Exploit-W32/Ani.C Traffic || url,www.f-secure.com/v-descs/trojan-downloader_w32_small_ekv.shtml
        2007619 || BLEEDING-EDGE CURRENT_EVENTS Traffic to Phishing Master Server -- Please report hits to phishevent at ...3254... || url,doc.bleedingthreats.net/2007619

     -> Removed from bleeding.rules (2):
        #by dajackman
        #temporary to help out an investigation via markmonitor





More information about the Snort-sigs mailing list