[Snort-sigs] Emerging Threats Daily Signature Changes

emerging at ...3335... emerging at ...3335...
Sun Feb 10 17:00:09 EST 2008


[***] Results from Oinkmaster started Sun Feb 10 17:00:09 2008 [***]

[+++]          Added rules:          [+++]

 2007831 - ET TROJAN Downloader General Bot Checking In via HTTP Post (bot_id push) (bleeding-virus.rules)
 2007832 - ET TROJAN Theoreon.com Related Trojan Checkin (bleeding-virus.rules)


[///]     Modified active rules:     [///]

 2007695 - ET POLICY Windows 98 User-Agent Detected - Possible Malware or Non-Updated System (bleeding-policy.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-sid-msg.map (4):
        2007831 || ET TROJAN Downloader General Bot Checking In via HTTP Post (bot_id push)
        2007832 || ET TROJAN Theoreon.com Related Trojan Checkin
        2404017 || ET DROP Known Bot C&C Server Traffic (group 18)  || url,www.shadowserver.org
        2405017 || ET DROP Known Bot C&C Traffic (group 18) - BLOCKING SOURCE || url,www.shadowserver.org

     -> Added to bleeding-sid-msg.map.txt (4):
        2007831 || ET TROJAN Downloader General Bot Checking In via HTTP Post (bot_id push)
        2007832 || ET TROJAN Theoreon.com Related Trojan Checkin
        2404017 || ET DROP Known Bot C&C Server Traffic (group 18)  || url,www.shadowserver.org
        2405017 || ET DROP Known Bot C&C Traffic (group 18) - BLOCKING SOURCE || url,www.shadowserver.org





More information about the Snort-sigs mailing list