[Snort-sigs] Emerging Threats Daily Signature Changes

emerging at ...3335... emerging at ...3335...
Mon Jan 7 17:00:07 EST 2008


[***] Results from Oinkmaster started Mon Jan  7 17:00:07 2008 [***]

[///]     Modified active rules:     [///]

 2007729 - BLEEDING-EDGE CURRENT_EVENTS Likely Zlob Binary Requested (VideoAccessCodecInstall.exe) (bleeding.rules)
 2406004 - BLEEDING-EDGE RBN Known Russian Business Network Monitored Domains (1) (bleeding-rbn.rules)
 2406005 - BLEEDING-EDGE RBN Known Russian Business Network Monitored Domains (2) (bleeding-rbn.rules)
 2406006 - BLEEDING-EDGE RBN Known Russian Business Network Monitored Domains (3) (bleeding-rbn.rules)
 2406007 - BLEEDING-EDGE RBN Known Russian Business Network Monitored Domains (4) (bleeding-rbn.rules)
 2407004 - BLEEDING-EDGE RBN Known Russian Business Network Monitored Domains - BLOCKING (1) (bleeding-rbn-BLOCK.rules)
 2407005 - BLEEDING-EDGE RBN Known Russian Business Network Monitored Domains - BLOCKING (2) (bleeding-rbn-BLOCK.rules)
 2407006 - BLEEDING-EDGE RBN Known Russian Business Network Monitored Domains - BLOCKING (3) (bleeding-rbn-BLOCK.rules)
 2407007 - BLEEDING-EDGE RBN Known Russian Business Network Monitored Domains - BLOCKING (4) (bleeding-rbn-BLOCK.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-rbn-BLOCK.rules (3):
        #Panamanian/Central America
        #  VERSION 22
        #  Updated 2008-01-04 08:27:11

     -> Added to bleeding-rbn.rules (3):
        #Panamanian/Central America
        #  VERSION 22
        #  Updated 2008-01-04 08:27:11

     -> Added to bleeding-sid-msg.map (1):
        2007729 || BLEEDING-EDGE CURRENT_EVENTS Likely Zlob Binary Requested (VideoAccessCodecInstall.exe)

[---]     Removed non-rule lines:    [---]

     -> Removed from bleeding-attack_response.rules (1):
        # $Id: bleeding-attack_response.rules $

     -> Removed from bleeding-dos.rules (1):
        # $Id: bleeding-dos.rules $

     -> Removed from bleeding-exploit.rules (1):
        # $Id: bleeding-exploit.rules $

     -> Removed from bleeding-game.rules (1):
        # $Id: bleeding-game.rules $

     -> Removed from bleeding-inappropriate.rules (1):
        # $Id: bleeding-inappropriate.rules $

     -> Removed from bleeding-malware.rules (1):
        # $Id: bleeding-malware.rules $

     -> Removed from bleeding-p2p.rules (1):
        # $Id: bleeding-p2p.rules $

     -> Removed from bleeding-policy.rules (1):
        # $Id: bleeding-policy.rules $

     -> Removed from bleeding-rbn-BLOCK.rules (2):
        #  VERSION 21
        #  Updated 2007-12-29 22:48:42

     -> Removed from bleeding-rbn.rules (2):
        #  VERSION 21
        #  Updated 2007-12-29 22:48:42

     -> Removed from bleeding-scan.rules (1):
        # $Id: bleeding-scan.rules $

     -> Removed from bleeding-sid-msg.map (9):
        2007729 || BLEEDING-EDGE CURRENT_EVENTS Likely Storm Binary Requested (VideoAccessCodecInstall.exe)
        2400001 || BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound || url,www.spamhaus.org/drop/drop.lasso
        2400002 || BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound || url,www.spamhaus.org/drop/drop.lasso
        2400003 || BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound || url,www.spamhaus.org/drop/drop.lasso
        2400004 || BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound || url,www.spamhaus.org/drop/drop.lasso
        2401001 || BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE || url,www.spamhaus.org/drop/drop.lasso
        2401002 || BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE || url,www.spamhaus.org/drop/drop.lasso
        2401003 || BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE || url,www.spamhaus.org/drop/drop.lasso
        2401004 || BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE || url,www.spamhaus.org/drop/drop.lasso

     -> Removed from bleeding-virus.rules (1):
        # $Id: bleeding-virus.rules $

     -> Removed from bleeding-voip.rules (1):
        # $Id: bleeding-voip.rules $

     -> Removed from bleeding-web.rules (1):
        # $Id: bleeding-web.rules $

     -> Removed from bleeding-web_sql_injection.rules (1):
        # $Id: bleeding-web_sql_injection.rules $

     -> Removed from bleeding.rules (1):
        # $Id: bleeding.rules $





More information about the Snort-sigs mailing list