List Info

Thread: Bleeding Edge Threats Daily Signature Changes
Bleeding Edge Threats Daily Signature Changes
country flaguser name
United States		 2007-11-10 14:00:13 
[***] Results from Oinkmaster started Sat Nov 10 20:00:13
2007 [***]

[+++]          Added rules:          [+++]

 2007672 - BLEEDING-EDGE TROJAN B0tN3t IRCbotnet
(bleeding-virus.rules)
 2007673 - BLEEDING-EDGE CURRENT_EVENTS E-Jihad 3.0 DNS
Activity TCP (1) (bleeding.rules)
 2007674 - BLEEDING-EDGE CURRENT_EVENTS E-Jihad 3.0 DNS
Activity TCP (2) (bleeding.rules)
 2007675 - BLEEDING-EDGE CURRENT_EVENTS E-Jihad 3.0 DNS
Activity TCP (3) (bleeding.rules)
 2007676 - BLEEDING-EDGE CURRENT_EVENTS E-Jihad 3.0 DNS
Activity TCP (4) (bleeding.rules)
 2007677 - BLEEDING-EDGE CURRENT_EVENTS E-Jihad 3.0 DNS
Activity TCP (5) (bleeding.rules)
 2007678 - BLEEDING-EDGE CURRENT_EVENTS E-Jihad 3.0 DNS
Activity UDP (1) (bleeding.rules)
 2007679 - BLEEDING-EDGE CURRENT_EVENTS E-Jihad 3.0 DNS
Activity UDP (2) (bleeding.rules)
 2007680 - BLEEDING-EDGE CURRENT_EVENTS E-Jihad 3.0 DNS
Activity UDP (3) (bleeding.rules)
 2007681 - BLEEDING-EDGE CURRENT_EVENTS E-Jihad 3.0 DNS
Activity UDP (4) (bleeding.rules)
 2007682 - BLEEDING-EDGE CURRENT_EVENTS E-Jihad 3.0 DNS
Activity UDP (5) (bleeding.rules)
 2007683 - BLEEDING-EDGE CURRENT_EVENTS E-Jihad 3.0 HTTP
Activity 1 (bleeding.rules)
 2007684 - BLEEDING-EDGE CURRENT_EVENTS E-Jihad 3.0 HTTP
Activity 2 (bleeding.rules)
 2007685 - BLEEDING-EDGE CURRENT_EVENTS E-Jihad 3.0 HTTP
Activity 3 (bleeding.rules)
 2007686 - BLEEDING-EDGE CURRENT_EVENTS E-Jihad 3.0 DDoS
HTTP Activity OUTBOUND (bleeding.rules)
 2007687 - BLEEDING-EDGE CURRENT_EVENTS E-Jihad 3.0 DDoS
HTTP Activity INBOUND (bleeding.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-sid-msg.map (132):
        2007672 || BLEEDING-EDGE TROJAN B0tN3t IRCbotnet ||
url,en.wikipedia.org/wiki/Botnet
        2007673 || BLEEDING-EDGE CURRENT_EVENTS E-Jihad 3.0
DNS Activity TCP (1) ||
url,doc.bleedingthreats.net/bin/view/Main/EJihadHackTool
        2007674 || BLEEDING-EDGE CURRENT_EVENTS E-Jihad 3.0
DNS Activity TCP (2) ||
url,doc.bleedingthreats.net/bin/view/Main/EJihadHackTool
        2007675 || BLEEDING-EDGE CURRENT_EVENTS E-Jihad 3.0
DNS Activity TCP (3) ||
url,doc.bleedingthreats.net/bin/view/Main/EJihadHackTool
        2007676 || BLEEDING-EDGE CURRENT_EVENTS E-Jihad 3.0
DNS Activity TCP (4) ||
url,doc.bleedingthreats.net/bin/view/Main/EJihadHackTool
        2007677 || BLEEDING-EDGE CURRENT_EVENTS E-Jihad 3.0
DNS Activity TCP (5) ||
url,doc.bleedingthreats.net/bin/view/Main/EJihadHackTool
        2007678 || BLEEDING-EDGE CURRENT_EVENTS E-Jihad 3.0
DNS Activity UDP (1) ||
url,doc.bleedingthreats.net/bin/view/Main/EJihadHackTool
        2007679 || BLEEDING-EDGE CURRENT_EVENTS E-Jihad 3.0
DNS Activity UDP (2) ||
url,doc.bleedingthreats.net/bin/view/Main/EJihadHackTool
        2007680 || BLEEDING-EDGE CURRENT_EVENTS E-Jihad 3.0
DNS Activity UDP (3) ||
url,doc.bleedingthreats.net/bin/view/Main/EJihadHackTool
        2007681 || BLEEDING-EDGE CURRENT_EVENTS E-Jihad 3.0
DNS Activity UDP (4) ||
url,doc.bleedingthreats.net/bin/view/Main/EJihadHackTool
        2007682 || BLEEDING-EDGE CURRENT_EVENTS E-Jihad 3.0
DNS Activity UDP (5) ||
url,doc.bleedingthreats.net/bin/view/Main/EJihadHackTool
        2007683 || BLEEDING-EDGE CURRENT_EVENTS E-Jihad 3.0
HTTP Activity 1 ||
url,doc.bleedingthreats.net/bin/view/Main/EJihadHackTool
        2007684 || BLEEDING-EDGE CURRENT_EVENTS E-Jihad 3.0
HTTP Activity 2 ||
url,doc.bleedingthreats.net/bin/view/Main/EJihadHackTool
        2007685 || BLEEDING-EDGE CURRENT_EVENTS E-Jihad 3.0
HTTP Activity 3 ||
url,doc.bleedingthreats.net/bin/view/Main/EJihadHackTool
        2007686 || BLEEDING-EDGE CURRENT_EVENTS E-Jihad 3.0
DDoS HTTP Activity OUTBOUND ||
url,doc.bleedingthreats.net/bin/view/Main/EJihadHackTool
        2007687 || BLEEDING-EDGE CURRENT_EVENTS E-Jihad 3.0
DDoS HTTP Activity INBOUND ||
url,doc.bleedingthreats.net/bin/view/Main/EJihadHackTool
        2500469 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (470) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500470 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (471) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500471 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (472) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500472 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (473) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500473 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (474) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500474 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (475) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500475 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (476) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500476 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (477) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500477 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (478) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500478 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (479) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500479 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (480) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500480 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (481) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500481 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (482) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500482 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (483) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500483 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (484) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500484 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (485) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500485 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (486) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500486 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (487) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500487 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (488) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500488 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (489) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500489 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (490) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500490 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (491) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500491 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (492) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500492 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (493) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500493 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (494) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500494 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (495) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500495 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (496) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500496 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (497) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500497 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (498) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500498 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (499) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500499 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (500) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500500 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (501) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500501 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (502) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500502 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (503) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500503 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (504) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500504 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (505) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500505 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (506) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500506 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (507) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500507 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (508) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500508 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (509) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500509 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (510) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500510 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (511) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500511 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (512) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500512 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (513) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500513 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (514) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500514 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (515) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500515 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (516) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500516 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (517) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500517 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (518) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500518 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (519) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500519 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (520) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500520 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (521) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500521 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (522) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500522 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (523) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500523 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (524) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500524 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (525) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500525 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (526) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500526 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (527) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510469 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (470) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510470 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (471) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510471 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (472) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510472 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (473) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510473 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (474) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510474 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (475) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510475 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (476) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510476 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (477) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510477 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (478) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510478 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (479) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510479 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (480) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510480 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (481) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510481 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (482) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510482 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (483) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510483 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (484) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510484 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (485) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510485 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (486) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510486 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (487) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510487 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (488) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510488 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (489) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510489 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (490) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510490 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (491) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510491 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (492) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510492 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (493) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510493 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (494) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510494 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (495) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510495 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (496) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510496 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (497) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510497 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (498) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510498 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (499) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510499 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (500) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510500 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (501) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510501 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (502) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510502 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (503) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510503 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (504) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510504 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (505) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510505 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (506) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510506 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (507) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510507 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (508) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510508 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (509) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510509 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (510) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510510 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (511) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510511 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (512) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510512 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (513) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510513 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (514) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510514 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (515) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510515 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (516) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510516 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (517) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510517 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (518) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510518 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (519) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510519 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (520) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510520 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (521) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510521 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (522) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510522 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (523) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510523 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (524) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510524 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (525) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510525 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (526) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510526 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (527) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts

     -> Added to bleeding-virus.rules (7):
        # [8:03am dominic] telnet 59.124.158.12 65500
        # Trying 59.124.158.12...
        # Connected to 59-124-158-12.HINET-IP.hinet.net
(59.124.158.12).
        # Escape character is '^]'.
        # :irc.Indonesia.B0tN3t.org NOTICE AUTH ** Looking
up your hostname...
        # :irc.Indonesia.B0tN3t.org NOTICE AUTH ** Found
your hostname
        # Reg Quinton <reggersist.uwaterloo.ca>;
9-Nov-2007

     -> Added to bleeding.rules (6):
        #By Don Jackson of SecureWorks
        # Crafted for the lowest common denominator; should
work in most 1.x and later engines, PCRE used for C&C
traffic.
        # Mostly for spotting it's use on your network. 
Only one DDoS rule. Be careful of the number/rate of alerts;
these do not use thresholding.
        # DNS left in hex to avoid advertising the domains
to the bad guys via google
        #these first few are for specific domains, to be
removed in the not too distant future
        #these are more permanent, C&C related

_______________________________________________
Bleeding-sigs mailing list
Bleeding-sigsbleedingthreats.net
http://lists.bleedingthreats.net/cgi-bin/
mailman/listinfo/bleeding-sigs
[1]

about | contact  Other archives ( Real Estate discussion Medical topics )