List Info

Thread: Bleeding Edge Threats Daily Signature Changes
Bleeding Edge Threats Daily Signature Changes
country flaguser name
United States		 2007-10-30 15:00:12 
[***] Results from Oinkmaster started Tue Oct 30 20:00:12
2007 [***]

[+++]          Added rules:          [+++]

 2007648 - BLEEDING-EDGE MALWARE Suspicious Spyware User
Agent (XXX) (bleeding-malware.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-sid-msg.map (71):
        2007648 || BLEEDING-EDGE MALWARE Suspicious Spyware
User Agent (XXX)
        2406000 || BLEEDING-EDGE RBN Known Russian Business
Network Host Traffic (1) ||
url,doc.bleedingthreats.net/bin/view/Main/RussianBusinessNet
work
        2406001 || BLEEDING-EDGE RBN Known Russian Business
Network Host Traffic (2) ||
url,doc.bleedingthreats.net/bin/view/Main/RussianBusinessNet
work
        2406002 || BLEEDING-EDGE RBN Known Russian Business
Network Host Traffic (3) ||
url,doc.bleedingthreats.net/bin/view/Main/RussianBusinessNet
work
        2406003 || BLEEDING-EDGE RBN Known Russian Business
Network Host Traffic (4) ||
url,doc.bleedingthreats.net/bin/view/Main/RussianBusinessNet
work
        2406004 || BLEEDING-EDGE RBN Known Russian Business
Network Host Traffic (5) ||
url,doc.bleedingthreats.net/bin/view/Main/RussianBusinessNet
work
        2406005 || BLEEDING-EDGE RBN Known Russian Business
Network Host Traffic (6) ||
url,doc.bleedingthreats.net/bin/view/Main/RussianBusinessNet
work
        2406006 || BLEEDING-EDGE RBN Known Russian Business
Network Host Traffic (7) ||
url,doc.bleedingthreats.net/bin/view/Main/RussianBusinessNet
work
        2406007 || BLEEDING-EDGE RBN Known Russian Business
Network Host Traffic (8) ||
url,doc.bleedingthreats.net/bin/view/Main/RussianBusinessNet
work
        2407000 || BLEEDING-EDGE RBN Known Russian Business
Network Host Traffic - BLOCKING (1) ||
url,doc.bleedingthreats.net/bin/view/Main/RussianBusinessNet
work
        2407001 || BLEEDING-EDGE RBN Known Russian Business
Network Host Traffic - BLOCKING (2) ||
url,doc.bleedingthreats.net/bin/view/Main/RussianBusinessNet
work
        2407002 || BLEEDING-EDGE RBN Known Russian Business
Network Host Traffic - BLOCKING (3) ||
url,doc.bleedingthreats.net/bin/view/Main/RussianBusinessNet
work
        2407003 || BLEEDING-EDGE RBN Known Russian Business
Network Host Traffic - BLOCKING (4) ||
url,doc.bleedingthreats.net/bin/view/Main/RussianBusinessNet
work
        2407004 || BLEEDING-EDGE RBN Known Russian Business
Network Host Traffic - BLOCKING (5) ||
url,doc.bleedingthreats.net/bin/view/Main/RussianBusinessNet
work
        2407005 || BLEEDING-EDGE RBN Known Russian Business
Network Host Traffic - BLOCKING (6) ||
url,doc.bleedingthreats.net/bin/view/Main/RussianBusinessNet
work
        2407006 || BLEEDING-EDGE RBN Known Russian Business
Network Host Traffic - BLOCKING (7) ||
url,doc.bleedingthreats.net/bin/view/Main/RussianBusinessNet
work
        2407007 || BLEEDING-EDGE RBN Known Russian Business
Network Host Traffic - BLOCKING (8) ||
url,doc.bleedingthreats.net/bin/view/Main/RussianBusinessNet
work
        2500238 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (239) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500239 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (240) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500240 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (241) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500241 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (242) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500242 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (243) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500243 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (244) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500244 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (245) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500245 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (246) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500246 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (247) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500247 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (248) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500248 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (249) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500249 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (250) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500250 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (251) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500251 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (252) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500252 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (253) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500253 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (254) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500254 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (255) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500255 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (256) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500256 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (257) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500257 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (258) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500258 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (259) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500259 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (260) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500260 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (261) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500261 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (262) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500262 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (263) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500263 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (264) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500264 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (265) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510238 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (239) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510239 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (240) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510240 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (241) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510241 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (242) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510242 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (243) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510243 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (244) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510244 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (245) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510245 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (246) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510246 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (247) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510247 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (248) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510248 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (249) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510249 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (250) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510250 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (251) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510251 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (252) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510252 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (253) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510253 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (254) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510254 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (255) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510255 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (256) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510256 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (257) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510257 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (258) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510258 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (259) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510259 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (260) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510260 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (261) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510261 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (262) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510262 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (263) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510263 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (264) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510264 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (265) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts

[+] Added files (consider updating your snort.conf to
include them if needed): [+]

    -> bleeding-rbn-BLOCK.rules
    -> bleeding-rbn.rules

_______________________________________________
Bleeding-sigs mailing list
Bleeding-sigsbleedingthreats.net
http://lists.bleedingthreats.net/cgi-bin/
mailman/listinfo/bleeding-sigs
[1]

about | contact  Other archives ( Real Estate discussion Medical topics )