Bleeding Edge Threats Daily Signature Changes: msg#00127 security.ids.snort.bleedingsnort

[***] Results from Oinkmaster started Thu Jan 18 20:00:06 2007 [***]

[+++] Added rules: [+++]

2003928 - BLEEDING-EDGE MALWARE KMIP.net Spyware (bleeding-malware.rules)
2003929 - BLEEDING-EDGE TROJAN psyBNC IRC Server Connection
(bleeding-virus.rules)

[///] Modified active rules: [///]

2003102 - BLEEDING-EDGE EXPLOIT Microsoft Multimedia Controls - ActiveX
controls spline function call CSLID (bleeding-exploit.rules)
2003292 - BLEEDING-EDGE WORM Allaple ICMP Sweep Ping Outbound
(bleeding-virus.rules)
2003293 - BLEEDING-EDGE WORM Allaple ICMP Sweep Reply Inbound
(bleeding-virus.rules)
2003294 - BLEEDING-EDGE WORM Allaple ICMP Sweep Ping Inbound
(bleeding-virus.rules)
2003295 - BLEEDING-EDGE WORM Allaple ICMP Sweep Reply Outbound
(bleeding-virus.rules)
2400000 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound
(bleeding-drop.rules)
2400001 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound
(bleeding-drop.rules)
2400002 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound
(bleeding-drop.rules)
2400003 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound
(bleeding-drop.rules)
2400004 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound
(bleeding-drop.rules)
2401000 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING
SOURCE (bleeding-drop-BLOCK.rules)
2401001 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING
SOURCE (bleeding-drop-BLOCK.rules)
2401002 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING
SOURCE (bleeding-drop-BLOCK.rules)
2401003 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING
SOURCE (bleeding-drop-BLOCK.rules)
2401004 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING
SOURCE (bleeding-drop-BLOCK.rules)
2402000 - BLEEDING-EDGE DROP Dshield Block Listed Source
(bleeding-dshield.rules)
2403000 - BLEEDING-EDGE DROP Dshield Block Listed Source - BLOCKING
(bleeding-dshield-BLOCK.rules)
2404000 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 1)
(bleeding-botcc.rules)
2404001 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 2)
(bleeding-botcc.rules)
2404002 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 3)
(bleeding-botcc.rules)
2404003 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 4)
(bleeding-botcc.rules)
2404004 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 5)
(bleeding-botcc.rules)
2404005 - BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 6)
(bleeding-botcc.rules)
2405000 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 1) - BLOCKING SOURCE
(bleeding-botcc-BLOCK.rules)
2405001 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 2) - BLOCKING SOURCE
(bleeding-botcc-BLOCK.rules)
2405002 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 3) - BLOCKING SOURCE
(bleeding-botcc-BLOCK.rules)
2405003 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 4) - BLOCKING SOURCE
(bleeding-botcc-BLOCK.rules)
2405004 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 5) - BLOCKING SOURCE
(bleeding-botcc-BLOCK.rules)
2405005 - BLEEDING-EDGE DROP Known Bot C&C Traffic (group 6) - BLOCKING SOURCE
(bleeding-botcc-BLOCK.rules)

[+++] Added non-rule lines: [+++]

-> Added to bleeding-drop-BLOCK.rules (1):
# VERSION 59

-> Added to bleeding-drop.rules (1):
# VERSION 59

-> Added to bleeding-malware.rules (1):
#from spyware listeningpost data, by matt Jonkman

-> Added to bleeding-sid-msg.map (3):
2003102 || BLEEDING-EDGE EXPLOIT Microsoft Multimedia Controls -
ActiveX controls spline function call CSLID || cve,2006-4446 ||
url,www.osvdb.org/displayvuln.php?osvdb_id=28841
2003928 || BLEEDING-EDGE MALWARE KMIP.net Spyware || url,www.kmip.net
2003929 || BLEEDING-EDGE TROJAN psyBNC IRC Server Connection

-> Added to bleeding-virus.rules (1):
#Another start, psyBNC servers don't always use a join, info from Reg
Quinton

[---] Removed non-rule lines: [---]

-> Removed from bleeding-drop-BLOCK.rules (1):
# VERSION 57

-> Removed from bleeding-drop.rules (1):
# VERSION 57

-> Removed from bleeding-sid-msg.map (1):
2003102 || BLEEDING-EDGE EXPLOIT Microsoft Multimedia Controls -
ActiveX control's spline function call CSLID || cve,2006-4446 ||
url,www.osvdb.org/displayvuln.php?osvdb_id=28841

Previous by Date:	Re: Warning -- floods of Allaple worm alerts.... sid:200329(2-5), Andre' - SemperSecurus
Next by Date:	FTP Login sig, Matt Jonkman
Previous by Thread:	Bleeding Edge Threats Daily Signature Changes, bleeding-WwB1pFISwSkm7effSn6vN9HuzzzSOjJt
Next by Thread:	Bleeding Edge Threats Daily Signature Changes, bleeding-WwB1pFISwSkm7effSn6vN9HuzzzSOjJt
Indexes:	[Date] [Thread] [Top] [All Lists]

Bleeding Edge Threats Daily Signature Changes: msg#00127

security.ids.snort.bleedingsnort

Free Magazines