[Snort-sigs] Emerging Threats Weekly Signature Changes

emerging at ...3335... emerging at ...3335...
Sat Feb 23 19:00:09 EST 2008


[***] Results from Oinkmaster started Sat Feb 23 19:00:09 2008 [***]

[+++]          Added rules:          [+++]

  207873 - ET WEB WinIPDS Directory Traversal Vulnerabilities POST (bleeding-web.rules)
 2007855 - ET MALWARE OneStepSearch Host Activity (bleeding-malware.rules)
 2007856 - ET MALWARE System-defender.com Fake AV Install Checkin (bleeding-malware.rules)
 2007858 - ET TROJAN Delf Keylog FTP Upload (bleeding-virus.rules)
 2007859 - ET MALWARE Suspicious User Agent - Possible Trojan Downloader (microsoft) (bleeding-malware.rules)
 2007860 - ET MALWARE Suspicious User Agent - Possible Trojan Downloader (Internet Explorer 6.0) (bleeding-malware.rules)
 2007861 - ET MALWARE Softcashier.com Spyware Install Checkin (bleeding-malware.rules)
 2007862 - ET TROJAN LDPinch Checkin (3) (bleeding-virus.rules)
 2007863 - ET TROJAN Banload HTTP Checkin (bleeding-virus.rules)
 2007864 - ET TROJAN Banload HTTP Checkin Detected (bleeding-virus.rules)
 2007865 - ET MALWARE Winreanimator.com Fake AV Install Attempt (bleeding-malware.rules)
 2007866 - ET TROJAN Gadu-Gadu.pl Related Trojan Reporting via HTTP (bleeding-virus.rules)
 2007867 - ET TROJAN Delf HTTP Post Checkin (1) (bleeding-virus.rules)
 2007868 - ET MALWARE Suspicious User Agent - Possible Trojan Downloader (Firefox) (bleeding-malware.rules)
 2007869 - ET MALWARE Vombanetwork Spyware User Agent (VombaProductsInstaller) (bleeding-malware.rules)
 2007870 - ET MALWARE Vombanetworks.com Spyware Installer Checkin (bleeding-malware.rules)
 2007871 - ET WEB Philips VOIP841 Web Server Directory Traversal (bleeding-web.rules)
 2007872 - ET WEB WinIPDS Directory Traversal Vulnerabilities GET (bleeding-web.rules)
 2007874 - ET EXPLOIT Now SMS/MMS Gateway HTTP BOF Vulnerability (bleeding-exploit.rules)
 2007875 - ET EXPLOIT Now SMS/MMS Gateway SMPP BOF Vulnerability (bleeding-exploit.rules)
 2007876 - ET EXPLOIT ExtremeZ-IP File and Print Server Multiple Vulnerabilities - udp (bleeding-exploit.rules)
 2007877 - ET EXPLOIT ExtremeZ-IP File and Print Server Multiple Vulnerabilities - tcp (bleeding-exploit.rules)
 2007878 - ET WEB Apple QuickTime <= 7.4.1 QTPlugin.ocx Multiple Remote Stack Overflow (bleeding-web.rules)
 2007879 - ET EXPLOIT Cyan Soft Products Format String Vulnerability (bleeding-exploit.rules)


[///]     Modified active rules:     [///]

 2002157 - ET POLICY Skype User-Agent detected (bleeding-policy.rules)
 2003070 - ET WORM Korgo.U Reporting (bleeding-virus.rules)
 2003330 - ET POLICY Possible Spambot -- Host DNS MX Query High Count (bleeding-policy.rules)
 2400000 - ET DROP Spamhaus DROP Listed Traffic Inbound (bleeding-drop.rules)
 2400001 - ET DROP Spamhaus DROP Listed Traffic Inbound (bleeding-drop.rules)
 2400002 - ET DROP Spamhaus DROP Listed Traffic Inbound (bleeding-drop.rules)
 2400003 - ET DROP Spamhaus DROP Listed Traffic Inbound (bleeding-drop.rules)
 2400004 - ET DROP Spamhaus DROP Listed Traffic Inbound (bleeding-drop.rules)
 2401000 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401001 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401002 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401003 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401004 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2402000 - ET DROP Dshield Block Listed Source (bleeding-dshield.rules)
 2403000 - ET DROP Dshield Block Listed Source - BLOCKING (bleeding-dshield-BLOCK.rules)
 2404000 - ET DROP Known Bot C&C Server Traffic (group 1)  (bleeding-botcc.rules)
 2404001 - ET DROP Known Bot C&C Server Traffic (group 2)  (bleeding-botcc.rules)
 2404002 - ET DROP Known Bot C&C Server Traffic (group 3)  (bleeding-botcc.rules)
 2404003 - ET DROP Known Bot C&C Server Traffic (group 4)  (bleeding-botcc.rules)
 2404004 - ET DROP Known Bot C&C Server Traffic (group 5)  (bleeding-botcc.rules)
 2404005 - ET DROP Known Bot C&C Server Traffic (group 6)  (bleeding-botcc.rules)
 2404006 - ET DROP Known Bot C&C Server Traffic (group 7)  (bleeding-botcc.rules)
 2404007 - ET DROP Known Bot C&C Server Traffic (group 8)  (bleeding-botcc.rules)
 2404008 - ET DROP Known Bot C&C Server Traffic (group 9)  (bleeding-botcc.rules)
 2404009 - ET DROP Known Bot C&C Server Traffic (group 10)  (bleeding-botcc.rules)
 2404010 - ET DROP Known Bot C&C Server Traffic (group 11)  (bleeding-botcc.rules)
 2404011 - ET DROP Known Bot C&C Server Traffic (group 12)  (bleeding-botcc.rules)
 2404012 - ET DROP Known Bot C&C Server Traffic (group 13)  (bleeding-botcc.rules)
 2404013 - ET DROP Known Bot C&C Server Traffic (group 14)  (bleeding-botcc.rules)
 2404014 - ET DROP Known Bot C&C Server Traffic (group 15)  (bleeding-botcc.rules)
 2404015 - ET DROP Known Bot C&C Server Traffic (group 16)  (bleeding-botcc.rules)
 2404016 - ET DROP Known Bot C&C Server Traffic (group 17)  (bleeding-botcc.rules)
 2404017 - ET DROP Known Bot C&C Server Traffic (group 18)  (bleeding-botcc.rules)
 2405000 - ET DROP Known Bot C&C Traffic (group 1) - BLOCKING SOURCE (bleeding-botcc-BLOCK.rules)
 2405001 - ET DROP Known Bot C&C Traffic (group 2) - BLOCKING SOURCE (bleeding-botcc-BLOCK.rules)
 2405002 - ET DROP Known Bot C&C Traffic (group 3) - BLOCKING SOURCE (bleeding-botcc-BLOCK.rules)
 2405003 - ET DROP Known Bot C&C Traffic (group 4) - BLOCKING SOURCE (bleeding-botcc-BLOCK.rules)
 2405004 - ET DROP Known Bot C&C Traffic (group 5) - BLOCKING SOURCE (bleeding-botcc-BLOCK.rules)
 2405005 - ET DROP Known Bot C&C Traffic (group 6) - BLOCKING SOURCE (bleeding-botcc-BLOCK.rules)
 2405006 - ET DROP Known Bot C&C Traffic (group 7) - BLOCKING SOURCE (bleeding-botcc-BLOCK.rules)
 2405007 - ET DROP Known Bot C&C Traffic (group 8) - BLOCKING SOURCE (bleeding-botcc-BLOCK.rules)
 2405008 - ET DROP Known Bot C&C Traffic (group 9) - BLOCKING SOURCE (bleeding-botcc-BLOCK.rules)
 2405009 - ET DROP Known Bot C&C Traffic (group 10) - BLOCKING SOURCE (bleeding-botcc-BLOCK.rules)
 2405010 - ET DROP Known Bot C&C Traffic (group 11) - BLOCKING SOURCE (bleeding-botcc-BLOCK.rules)
 2405011 - ET DROP Known Bot C&C Traffic (group 12) - BLOCKING SOURCE (bleeding-botcc-BLOCK.rules)
 2405012 - ET DROP Known Bot C&C Traffic (group 13) - BLOCKING SOURCE (bleeding-botcc-BLOCK.rules)
 2405013 - ET DROP Known Bot C&C Traffic (group 14) - BLOCKING SOURCE (bleeding-botcc-BLOCK.rules)
 2405014 - ET DROP Known Bot C&C Traffic (group 15) - BLOCKING SOURCE (bleeding-botcc-BLOCK.rules)
 2405015 - ET DROP Known Bot C&C Traffic (group 16) - BLOCKING SOURCE (bleeding-botcc-BLOCK.rules)
 2405016 - ET DROP Known Bot C&C Traffic (group 17) - BLOCKING SOURCE (bleeding-botcc-BLOCK.rules)
 2405017 - ET DROP Known Bot C&C Traffic (group 18) - BLOCKING SOURCE (bleeding-botcc-BLOCK.rules)
 2406005 - ET RBN Known Russian Business Network Monitored Domains (1) (bleeding-rbn.rules)
 2406006 - ET RBN Known Russian Business Network Monitored Domains (2) (bleeding-rbn.rules)
 2406007 - ET RBN Known Russian Business Network Monitored Domains (3) (bleeding-rbn.rules)
 2406008 - ET RBN Known Russian Business Network Monitored Domains (4) (bleeding-rbn.rules)
 2406009 - ET RBN Known Russian Business Network Monitored Domains (5) (bleeding-rbn.rules)
 2406010 - ET RBN Known Russian Business Network Monitored Domains (6) (bleeding-rbn.rules)
 2406011 - ET RBN Known Russian Business Network Monitored Domains (7) (bleeding-rbn.rules)
 2406012 - ET RBN Known Russian Business Network Monitored Domains (8) (bleeding-rbn.rules)
 2406013 - ET RBN Known Russian Business Network Monitored Domains (9) (bleeding-rbn.rules)
 2406014 - ET RBN Known Russian Business Network Monitored Domains (10) (bleeding-rbn.rules)
 2406015 - ET RBN Known Russian Business Network Monitored Domains (11) (bleeding-rbn.rules)
 2406016 - ET RBN Known Russian Business Network Monitored Domains (12) (bleeding-rbn.rules)
 2406017 - ET RBN Known Russian Business Network Monitored Domains (13) (bleeding-rbn.rules)
 2406018 - ET RBN Known Russian Business Network Monitored Domains (14) (bleeding-rbn.rules)
 2406019 - ET RBN Known Russian Business Network Monitored Domains (15) (bleeding-rbn.rules)
 2406020 - ET RBN Known Russian Business Network Monitored Domains (16) (bleeding-rbn.rules)
 2406021 - ET RBN Known Russian Business Network Monitored Domains (17) (bleeding-rbn.rules)
 2406022 - ET RBN Known Russian Business Network Monitored Domains (18) (bleeding-rbn.rules)
 2406023 - ET RBN Known Russian Business Network Monitored Domains (19) (bleeding-rbn.rules)
 2406024 - ET RBN Known Russian Business Network Monitored Domains (20) (bleeding-rbn.rules)
 2406025 - ET RBN Known Russian Business Network Monitored Domains (21) (bleeding-rbn.rules)
 2406026 - ET RBN Known Russian Business Network Monitored Domains (22) (bleeding-rbn.rules)
 2406027 - ET RBN Known Russian Business Network Monitored Domains (23) (bleeding-rbn.rules)
 2406028 - ET RBN Known Russian Business Network Monitored Domains (24) (bleeding-rbn.rules)
 2406029 - ET RBN Known Russian Business Network Monitored Domains (25) (bleeding-rbn.rules)
 2406030 - ET RBN Known Russian Business Network Monitored Domains (26) (bleeding-rbn.rules)
 2406031 - ET RBN Known Russian Business Network Monitored Domains (27) (bleeding-rbn.rules)
 2406032 - ET RBN Known Russian Business Network Monitored Domains (28) (bleeding-rbn.rules)
 2406033 - ET RBN Known Russian Business Network Monitored Domains (29) (bleeding-rbn.rules)
 2406034 - ET RBN Known Russian Business Network Monitored Domains (30) (bleeding-rbn.rules)
 2407005 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (1) (bleeding-rbn-BLOCK.rules)
 2407006 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (2) (bleeding-rbn-BLOCK.rules)
 2407007 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (3) (bleeding-rbn-BLOCK.rules)
 2407008 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (4) (bleeding-rbn-BLOCK.rules)
 2407009 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (5) (bleeding-rbn-BLOCK.rules)
 2407010 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (6) (bleeding-rbn-BLOCK.rules)
 2407011 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (7) (bleeding-rbn-BLOCK.rules)
 2407012 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (8) (bleeding-rbn-BLOCK.rules)
 2407013 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (9) (bleeding-rbn-BLOCK.rules)
 2407014 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (10) (bleeding-rbn-BLOCK.rules)
 2407015 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (11) (bleeding-rbn-BLOCK.rules)
 2407016 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (12) (bleeding-rbn-BLOCK.rules)
 2407017 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (13) (bleeding-rbn-BLOCK.rules)
 2407018 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (14) (bleeding-rbn-BLOCK.rules)
 2407019 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (15) (bleeding-rbn-BLOCK.rules)
 2407020 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (16) (bleeding-rbn-BLOCK.rules)
 2407021 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (17) (bleeding-rbn-BLOCK.rules)
 2407022 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (18) (bleeding-rbn-BLOCK.rules)
 2407023 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (19) (bleeding-rbn-BLOCK.rules)
 2407024 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (20) (bleeding-rbn-BLOCK.rules)
 2407025 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (21) (bleeding-rbn-BLOCK.rules)
 2407026 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (22) (bleeding-rbn-BLOCK.rules)
 2407027 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (23) (bleeding-rbn-BLOCK.rules)
 2407028 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (24) (bleeding-rbn-BLOCK.rules)
 2407029 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (25) (bleeding-rbn-BLOCK.rules)
 2407030 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (26) (bleeding-rbn-BLOCK.rules)
 2407031 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (27) (bleeding-rbn-BLOCK.rules)
 2407032 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (28) (bleeding-rbn-BLOCK.rules)
 2407033 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (29) (bleeding-rbn-BLOCK.rules)
 2407034 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (30) (bleeding-rbn-BLOCK.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-drop-BLOCK.rules (2):
        #  VERSION 1066
        #  Generated 2008-02-22 01:03:00 EDT

     -> Added to bleeding-drop.rules (2):
        #  VERSION 1066
        #  Generated 2008-02-22 01:03:00 EDT

     -> Added to bleeding-exploit.rules (3):
        #by Akash Mahajan
        #by Akash Mahajan
        #by Akash Mahajan

     -> Added to bleeding-malware.rules (2):
        #by Will Metcalf
        #fake av, sig by matt jonkman

     -> Added to bleeding-rbn-BLOCK.rules (2):
        #  VERSION 36
        #  Updated 2008-02-21 10:21:51

     -> Added to bleeding-rbn.rules (2):
        #  VERSION 36
        #  Updated 2008-02-21 10:21:51

     -> Added to bleeding-sid-msg.map (24):
        207873 || ET WEB WinIPDS Directory Traversal Vulnerabilities POST || bugtraq,27757 || url,aluigi.altervista.org/adv/winipds-adv.txt
        2007855 || ET MALWARE OneStepSearch Host Activity
        2007856 || ET MALWARE System-defender.com Fake AV Install Checkin || url,www.system-defender.com
        2007858 || ET TROJAN Delf Keylog FTP Upload
        2007859 || ET MALWARE Suspicious User Agent - Possible Trojan Downloader (microsoft)
        2007860 || ET MALWARE Suspicious User Agent - Possible Trojan Downloader (Internet Explorer 6.0)
        2007861 || ET MALWARE Softcashier.com Spyware Install Checkin
        2007862 || ET TROJAN LDPinch Checkin (3)
        2007863 || ET TROJAN Banload HTTP Checkin
        2007864 || ET TROJAN Banload HTTP Checkin Detected
        2007865 || ET MALWARE Winreanimator.com Fake AV Install Attempt || url,www.winreanimator.com
        2007866 || ET TROJAN Gadu-Gadu.pl Related Trojan Reporting via HTTP
        2007867 || ET TROJAN Delf HTTP Post Checkin (1)
        2007868 || ET MALWARE Suspicious User Agent - Possible Trojan Downloader (Firefox)
        2007869 || ET MALWARE Vombanetwork Spyware User Agent (VombaProductsInstaller)
        2007870 || ET MALWARE Vombanetworks.com Spyware Installer Checkin
        2007871 || ET WEB Philips VOIP841 Web Server Directory Traversal || bugtraq,27790 || url,www.milw0rm.com/exploits/5113
        2007872 || ET WEB WinIPDS Directory Traversal Vulnerabilities GET || bugtraq,27757 || url,aluigi.altervista.org/adv/winipds-adv.txt
        2007874 || ET EXPLOIT Now SMS/MMS Gateway HTTP BOF Vulnerability || url,aluigi.altervista.org/adv/nowsmsz-adv.txt || bugtraq,27896
        2007875 || ET EXPLOIT Now SMS/MMS Gateway SMPP BOF Vulnerability || url,aluigi.altervista.org/adv/nowsmsz-adv.txt || bugtraq,27896
        2007876 || ET EXPLOIT ExtremeZ-IP File and Print Server Multiple Vulnerabilities - udp || cve,CVE-2008-0767 || url,aluigi.altervista.org/adv/ezipirla-adv.txt || bugtraq,27718
        2007877 || ET EXPLOIT ExtremeZ-IP File and Print Server Multiple Vulnerabilities - tcp || cve,CVE-2008-0759 || url,aluigi.altervista.org/adv/ezipirla-adv.txt || bugtraq,27718
        2007878 || ET WEB Apple QuickTime <= 7.4.1 QTPlugin.ocx Multiple Remote Stack Overflow || url,www.milw0rm.com/exploits/5110 || cve,CVE-2008-0778 || bugtraq,27769
        2007879 || ET EXPLOIT Cyan Soft Products Format String Vulnerability || url,aluigi.altervista.org/adv/cyanuro-adv.txt || bugtraq,27728 || cve,CVE-2008-0755

     -> Added to bleeding-sid-msg.map.txt (24):
        207873 || ET WEB WinIPDS Directory Traversal Vulnerabilities POST || bugtraq,27757 || url,aluigi.altervista.org/adv/winipds-adv.txt
        2007855 || ET MALWARE OneStepSearch Host Activity
        2007856 || ET MALWARE System-defender.com Fake AV Install Checkin || url,www.system-defender.com
        2007858 || ET TROJAN Delf Keylog FTP Upload
        2007859 || ET MALWARE Suspicious User Agent - Possible Trojan Downloader (microsoft)
        2007860 || ET MALWARE Suspicious User Agent - Possible Trojan Downloader (Internet Explorer 6.0)
        2007861 || ET MALWARE Softcashier.com Spyware Install Checkin
        2007862 || ET TROJAN LDPinch Checkin (3)
        2007863 || ET TROJAN Banload HTTP Checkin
        2007864 || ET TROJAN Banload HTTP Checkin Detected
        2007865 || ET MALWARE Winreanimator.com Fake AV Install Attempt || url,www.winreanimator.com
        2007866 || ET TROJAN Gadu-Gadu.pl Related Trojan Reporting via HTTP
        2007867 || ET TROJAN Delf HTTP Post Checkin (1)
        2007868 || ET MALWARE Suspicious User Agent - Possible Trojan Downloader (Firefox)
        2007869 || ET MALWARE Vombanetwork Spyware User Agent (VombaProductsInstaller)
        2007870 || ET MALWARE Vombanetworks.com Spyware Installer Checkin
        2007871 || ET WEB Philips VOIP841 Web Server Directory Traversal || bugtraq,27790 || url,www.milw0rm.com/exploits/5113
        2007872 || ET WEB WinIPDS Directory Traversal Vulnerabilities GET || bugtraq,27757 || url,aluigi.altervista.org/adv/winipds-adv.txt
        2007874 || ET EXPLOIT Now SMS/MMS Gateway HTTP BOF Vulnerability || url,aluigi.altervista.org/adv/nowsmsz-adv.txt || bugtraq,27896
        2007875 || ET EXPLOIT Now SMS/MMS Gateway SMPP BOF Vulnerability || url,aluigi.altervista.org/adv/nowsmsz-adv.txt || bugtraq,27896
        2007876 || ET EXPLOIT ExtremeZ-IP File and Print Server Multiple Vulnerabilities - udp || cve,CVE-2008-0767 || url,aluigi.altervista.org/adv/ezipirla-adv.txt || bugtraq,27718
        2007877 || ET EXPLOIT ExtremeZ-IP File and Print Server Multiple Vulnerabilities - tcp || cve,CVE-2008-0759 || url,aluigi.altervista.org/adv/ezipirla-adv.txt || bugtraq,27718
        2007878 || ET WEB Apple QuickTime <= 7.4.1 QTPlugin.ocx Multiple Remote Stack Overflow || url,www.milw0rm.com/exploits/5110 || cve,CVE-2008-0778 || bugtraq,27769
        2007879 || ET EXPLOIT Cyan Soft Products Format String Vulnerability || url,aluigi.altervista.org/adv/cyanuro-adv.txt || bugtraq,27728 || cve,CVE-2008-0755

     -> Added to bleeding-virus.rules (2):
        #delf keylog upload, kinda flimsy but works
        #spyware/trojan/backdoors all reported here. sig by matt jonkman

     -> Added to bleeding-web.rules (3):
        #by Akash Mahajan
        #by Akash Mahajan
        #by Akash Mahajan

[---]     Removed non-rule lines:    [---]

     -> Removed from bleeding-drop-BLOCK.rules (2):
        #  VERSION 1060
        #  Generated 2008-02-16 01:03:00 EDT

     -> Removed from bleeding-drop.rules (2):
        #  VERSION 1060
        #  Generated 2008-02-16 01:03:00 EDT

     -> Removed from bleeding-rbn-BLOCK.rules (2):
        #  VERSION 35
        #  Updated 2008-02-08 16:03:09

     -> Removed from bleeding-rbn.rules (2):
        #  VERSION 35
        #  Updated 2008-02-08 16:03:09





More information about the Snort-sigs mailing list