[Snort-sigs] Bleeding Edge Threats Daily Signature Changes

bleeding at ...3254... bleeding at ...3254...
Mon Oct 22 16:00:20 EDT 2007


[***] Results from Oinkmaster started Mon Oct 22 20:00:19 2007 [***]

[///]     Modified active rules:     [///]

 2003098 - BLEEDING-EDGE WEB PHP Remote File Inclusion (monster list ftp) (bleeding-web.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-sid-msg.map (96):
        2404015 || BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 16)  || url,www.shadowserver.org
        2405015 || BLEEDING-EDGE DROP Known Bot C&C Traffic (group 16) - BLOCKING SOURCE || url,www.shadowserver.org
        2501013 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (1014) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501014 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (1015) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501015 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (1016) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501016 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (1017) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501017 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (1018) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501018 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (1019) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501019 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (1020) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501020 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (1021) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501021 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (1022) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501022 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (1023) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501023 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (1024) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501024 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (1025) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501025 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (1026) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501026 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (1027) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501027 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (1028) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501028 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (1029) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501029 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (1030) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501030 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (1031) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501031 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (1032) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501032 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (1033) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501033 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (1034) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501034 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (1035) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501035 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (1036) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501036 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (1037) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501037 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (1038) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501038 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (1039) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501039 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (1040) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501040 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (1041) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501041 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (1042) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501042 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (1043) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501043 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (1044) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501044 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (1045) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501045 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (1046) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501046 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (1047) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501047 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (1048) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501048 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (1049) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501049 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (1050) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501050 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (1051) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501051 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (1052) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501052 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (1053) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501053 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (1054) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501054 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (1055) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501055 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (1056) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501056 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (1057) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501057 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (1058) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501058 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (1059) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501059 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic (1060) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511013 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (1014) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511014 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (1015) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511015 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (1016) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511016 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (1017) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511017 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (1018) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511018 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (1019) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511019 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (1020) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511020 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (1021) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511021 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (1022) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511022 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (1023) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511023 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (1024) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511024 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (1025) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511025 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (1026) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511026 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (1027) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511027 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (1028) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511028 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (1029) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511029 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (1030) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511030 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (1031) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511031 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (1032) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511032 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (1033) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511033 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (1034) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511034 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (1035) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511035 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (1036) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511036 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (1037) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511037 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (1038) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511038 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (1039) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511039 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (1040) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511040 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (1041) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511041 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (1042) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511042 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (1043) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511043 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (1044) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511044 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (1045) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511045 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (1046) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511046 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (1047) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511047 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (1048) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511048 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (1049) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511049 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (1050) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511050 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (1051) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511051 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (1052) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511052 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (1053) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511053 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (1054) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511054 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (1055) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511055 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (1056) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511056 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (1057) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511057 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (1058) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511058 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (1059) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511059 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (1060) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts





More information about the Snort-sigs mailing list