[Emerging-Sigs] Emerging Threats Weekly Signature Changes
emerging@emergingthreats.net
emerging at emergingthreats.net
Sat Feb 2 19:00:09 EST 2008
[***] Results from Oinkmaster started Sat Feb 2 19:00:08 2008 [***]
[+++] Added rules: [+++]
2007799 - ET P2P Azureus P2P Client User-Agent (bleeding-p2p.rules)
2007800 - ET P2P LimeWire P2P Traffic (bleeding-p2p.rules)
2007801 - ET P2P Gnutella TCP Traffic (bleeding-p2p.rules)
2007802 - ET SCAN Grim's Ping ftp scanning tool (bleeding-scan.rules)
2007803 - ET TROJAN Win32.Inject.ql Checkin Post (bleeding-virus.rules)
2007804 - ET MALWARE PCDoc.co.kr Fake AV User-Agent (mypcdoctor) (bleeding-malware.rules)
2007805 - ET TROJAN Blink.com related Backdoor Checkin (bleeding-virus.rules)
2007806 - ET TROJAN Blink.com related Upgrade Command Given (bleeding-virus.rules)
2007807 - ET TROJAN Rcash.co.kr Bootup Checkin via HTTP (bleeding-virus.rules)
2007808 - ET TROJAN Cashpoint.com Related checkin User-Agent (inetinst) (bleeding-virus.rules)
2007809 - ET MALWARE Doctorvaccine.co.kr Related Spyware User Agent (ers) (bleeding-malware.rules)
2007810 - ET TROJAN Cashpoint.com Related checkin User-Agent (okcpmgr) (bleeding-virus.rules)
2404017 - ET DROP Known Bot C&C Server Traffic (group 18) (bleeding-botcc.rules)
2405017 - ET DROP Known Bot C&C Traffic (group 18) - BLOCKING SOURCE (bleeding-botcc-BLOCK.rules)
[///] Modified active rules: [///]
2000015 - ET P2P Phatbot Control Connection (bleeding-p2p.rules)
2000024 - ET MALWARE rcprograms (bleeding-malware.rules)
2000025 - ET MALWARE Gator Cookie (bleeding-malware.rules)
2000026 - ET MALWARE Gator Agent Traffic (bleeding-malware.rules)
2000035 - ET Hotmail Inbox Access (bleeding-policy.rules)
2000036 - ET Hotmail Message Access (bleeding-policy.rules)
2000037 - ET Hotmail Compose Message Access (bleeding-policy.rules)
2000038 - ET Hotmail Compose Message Submit (bleeding-policy.rules)
2000039 - ET Hotmail Compose Message Submit Data (bleeding-policy.rules)
2000040 - ET WORM Sasser FTP Traffic (bleeding-virus.rules)
2000047 - ET WORM Sasser Transfer _up.exe (bleeding-virus.rules)
2000306 - ET MALWARE Virtumonde Spyware siae3123.exe GET (bleeding-malware.rules)
2000307 - ET MALWARE Virtumonde Spyware siae3123.exe GET (8081) (bleeding-malware.rules)
2000308 - ET MALWARE Virtumonde Spyware Information Post (bleeding-malware.rules)
2000309 - ET POLICY GotoMyPC Polling Client (bleeding-policy.rules)
2000327 - ET MALWARE Spyware 2020 (bleeding-malware.rules)
2000328 - ET POLICY Outbound Multiple Non-SMTP Server Emails (bleeding-policy.rules)
2000332 - ET P2P ed2k request part (bleeding-p2p.rules)
2000333 - ET P2P ed2k file request answer (bleeding-p2p.rules)
2000334 - ET P2P BitTorrent peer sync (bleeding-p2p.rules)
2000335 - ET P2P Overnet (Edonkey) Server Announce (bleeding-p2p.rules)
2000336 - ET MALWARE Yesadvertising Banking Spyware RETRIEVE (bleeding-malware.rules)
2000337 - ET MALWARE Yesadvertising Banking Spyware INFORMATION SUBMIT (bleeding-malware.rules)
2000338 - ET P2P iroffer IRC Bot help message (bleeding-p2p.rules)
2000339 - ET P2P iroffer IRC Bot offered files advertisement (bleeding-p2p.rules)
2000340 - ET P2P Kaaza Media desktop p2pnetworking.exe Activity (bleeding-p2p.rules)
2000343 - ET WORM Possible Evaman Worm Outbound (bleeding-virus.rules)
2000355 - ET POLICY IRC authorization message (bleeding-policy.rules)
2000356 - ET POLICY IRC connection (bleeding-policy.rules)
2000357 - ET P2P BitTorrent Traffic (bleeding-p2p.rules)
2000366 - ET MALWARE Binet (download complete) (bleeding-malware.rules)
2000367 - ET MALWARE Binet (set_pix) (bleeding-malware.rules)
2000369 - ET P2P BitTorrent Announce (bleeding-p2p.rules)
2000371 - ET MALWARE Binet (randreco.exe) (bleeding-malware.rules)
2000419 - ET PE EXE or DLL Windows file download (bleeding-policy.rules)
2000427 - ET PE EXE Install Windows file download (bleeding-policy.rules)
2000494 - ET WORM Possible Atak.mm Worm Outbound (bleeding-virus.rules)
2000514 - ET MALWARE IE homepage hijacking (bleeding-malware.rules)
2000519 - ET MALWARE shell browser vulnerability W9x/XP (bleeding-malware.rules)
2000520 - ET MALWARE shell browser vulnerability NT/2K (bleeding-malware.rules)
2000536 - ET SCAN NMAP -sO (bleeding-scan.rules)
2000537 - ET SCAN NMAP -sS (bleeding-scan.rules)
2000538 - ET SCAN NMAP -sA (1) (bleeding-scan.rules)
2000540 - ET SCAN NMAP -sA (2) (bleeding-scan.rules)
2000543 - ET SCAN NMAP -f -sF (bleeding-scan.rules)
2000544 - ET SCAN NMAP -f -sN (bleeding-scan.rules)
2000545 - ET SCAN NMAP -f -sS (bleeding-scan.rules)
2000546 - ET SCAN NMAP -f -sX (bleeding-scan.rules)
2000559 - ET THCIISLame IIS SSL Exploit Attempt (bleeding-web.rules)
2000562 - ET VIRUS OUTBOUND Suspicious Email Attachment (bleeding-virus.rules)
2000569 - ET POLICY KitCo Kcast Ticker (agtray) (bleeding-policy.rules)
2000570 - ET POLICY KitCo Kcast Ticker (autray) (bleeding-policy.rules)
2000571 - ET POLICY AOL Webmail Message Send (bleeding-policy.rules)
2000572 - ET POLICY AOL Webmail Login (bleeding-policy.rules)
2000574 - ET MALWARE Bargain Buddy (bleeding-malware.rules)
2000575 - ET ICMP PING IPTools (bleeding-scan.rules)
2000577 - ET MALWARE Popuptraffic.com Bot Reporting (bleeding-malware.rules)
2000580 - ET MALWARE Shop At Home Select.com Install Attempt (bleeding-malware.rules)
2000581 - ET MALWARE Shop At Home Select.com Install Download (bleeding-malware.rules)
2000582 - ET MALWARE F1Organizer Reporting (bleeding-malware.rules)
2000583 - ET MALWARE Mindset Interactive Install (1) (bleeding-malware.rules)
2000584 - ET MALWARE Mindset Interactive Install (2) (bleeding-malware.rules)
2000585 - ET MALWARE F1Organizer Install Attempt (bleeding-malware.rules)
2000586 - ET MALWARE Ezula Related Calling Home (bleeding-malware.rules)
2000587 - ET MALWARE SpywareLabs VirtualBouncer Seeking Instructions (bleeding-malware.rules)
2000588 - ET MALWARE TopMoxie Reporting Data to External Host (bleeding-malware.rules)
2000589 - ET MALWARE TopMoxie Retrieving Data (downloads) (bleeding-malware.rules)
2000590 - ET MALWARE TopMoxie Retrieving Data (common) (bleeding-malware.rules)
2000593 - ET MALWARE Binet Ad Retrieval (bleeding-malware.rules)
2000594 - ET MALWARE Mindset Interactive Ad Retrieval (bleeding-malware.rules)
2000595 - ET MALWARE Gator Checkin (bleeding-malware.rules)
2000596 - ET MALWARE Gator/Claria Data Submission (bleeding-malware.rules)
2000597 - ET MALWARE Gator New Code Download (bleeding-malware.rules)
2000598 - ET MALWARE Altnet PeerPoints Manager Data Submission (bleeding-malware.rules)
2000599 - ET MALWARE Fun Web Products Install (bleeding-malware.rules)
2000600 - ET MALWARE Malware MyWebSearch Toolbar Receiving Configuration (bleeding-malware.rules)
2000601 - ET MALWARE Salongas Infection (bleeding-malware.rules)
2000900 - ET MALWARE JoltID Agent Probing or Announcing UDP (bleeding-malware.rules)
2000902 - ET MALWARE MarketScore.com Spyware Configuration Access (bleeding-malware.rules)
2000903 - ET MALWARE Avres Agent Receiving Instructions (bleeding-malware.rules)
2000905 - ET MALWARE FlashPoint Agent Retrieving New Code (bleeding-malware.rules)
2000906 - ET MALWARE Altnet PeerPoints Manager Start (bleeding-malware.rules)
2000907 - ET MALWARE Altnet PeerPoints Manager Settings Download (bleeding-malware.rules)
2000908 - ET MALWARE WhenUClick.com App and Search Bar Install (1) (bleeding-malware.rules)
2000909 - ET MALWARE WhenUClick.com App and Search Bar Install (2) (bleeding-malware.rules)
2000910 - ET MALWARE WhenUClick.com Clock Sync App Checkin (bleeding-malware.rules)
2000911 - ET MALWARE WhenUClick.com Weather App Checkin (bleeding-malware.rules)
2000912 - ET MALWARE WhenUClick.com Clock Sync App Checkin (1) (bleeding-malware.rules)
2000913 - ET MALWARE WhenUClick.com Clock Sync App Checkin (2) (bleeding-malware.rules)
2000914 - ET MALWARE WhenUClick.com Weather App Checkin (1) (bleeding-malware.rules)
2000915 - ET MALWARE WhenUClick.com Weather App Checkin (2) (bleeding-malware.rules)
2000916 - ET MALWARE WhenUClick.com WhenUSave App Checkin (bleeding-malware.rules)
2000917 - ET MALWARE WhenUClick.com WhenUSave Data Retrieval (offersdata) (bleeding-malware.rules)
2000918 - ET MALWARE WhenUClick.com Desktop Bar Install (bleeding-malware.rules)
2000919 - ET MALWARE WhenUClick.com WhenUSave Data Retrieval (Searchdb) (bleeding-malware.rules)
2000920 - ET MALWARE Hotbar Install (1) (bleeding-malware.rules)
2000921 - ET MALWARE Hotbar Install (2) (bleeding-malware.rules)
2000922 - ET MALWARE Hotbar Install (3) (bleeding-malware.rules)
2000923 - ET MALWARE Hotbar Agent Reporting Information (bleeding-malware.rules)
2000924 - ET MALWARE Hotbar Agent Upgrading (bleeding-malware.rules)
2000925 - ET MALWARE Hotbar Agent Partner Checkin (bleeding-malware.rules)
2000927 - ET MALWARE ISearchTech.com XXXPornToolbar Reporting (bleeding-malware.rules)
2000928 - ET MALWARE ISearchTech.com XXXPornToolbar Activity (1) (bleeding-malware.rules)
2000929 - ET MALWARE Hotbar Agent Activity (bleeding-malware.rules)
2000930 - ET MALWARE 180solutions Update Engine (bleeding-malware.rules)
2000931 - ET MALWARE Comet Systems Spyware Traffic (bleeding-malware.rules)
2000932 - ET MALWARE Keenvalue Update Engine (bleeding-malware.rules)
2000934 - ET MALWARE 2020search Update Engine (bleeding-malware.rules)
2000936 - ET MALWARE FlashTrack Agent Retrieving New App Code (bleeding-malware.rules)
2001013 - ET MALWARE Fun Web Products SmileyCentral (bleeding-malware.rules)
2001015 - ET MALWARE JoltID Agent Keep-Alive (bleeding-malware.rules)
2001016 - ET MALWARE SideStep Bar Install (bleeding-malware.rules)
2001017 - ET MALWARE SideStep Bar Reporting Data (bleeding-malware.rules)
2001018 - ET MALWARE SideStep Bar Activity (bleeding-malware.rules)
2001019 - ET MALWARE SideStep Bar Autoupdate (bleeding-malware.rules)
2001020 - ET MALWARE SideStep Bar Update Reporting (bleeding-malware.rules)
2001021 - ET WEB Suspicious Encrypted Webpage Content (bleeding-web.rules)
2001031 - ET MALWARE Casino on Net Reporting Data (bleeding-malware.rules)
2001032 - ET MALWARE Casino on Net Ping Hit (bleeding-malware.rules)
2001033 - ET MALWARE Casino on Net Data Download (bleeding-malware.rules)
2001034 - ET MALWARE Fun Web Products Agent Traffic (bleeding-malware.rules)
2001035 - ET P2P Morpheus Install (bleeding-p2p.rules)
2001036 - ET P2P Morpheus Install ini Download (bleeding-p2p.rules)
2001037 - ET P2P Morpheus Update Request (bleeding-p2p.rules)
2001038 - ET MALWARE Ebates Install (bleeding-malware.rules)
2001040 - ET MALWARE My Search Bar Install (bleeding-malware.rules)
2001041 - ET MALWARE Casino on Net Install (bleeding-malware.rules)
2001043 - ET MALWARE Fun Web Products MyWay Agent Traffic (bleeding-malware.rules)
2001044 - ET Yahoo Briefcase Upload (bleeding-policy.rules)
2001046 - ET WORM UPX compressed file download - possible worm (bleeding-virus.rules)
2001047 - ET WORM UPX encrypted file download - possible worm (bleeding-virus.rules)
2001050 - ET MALWARE CometSystems Spyware (bleeding-malware.rules)
2001055 - ET MISC HP Web JetAdmin ExecuteFile admin access (bleeding-policy.rules)
2001056 - ET WORM W32/Sasser.worm.b (bleeding-virus.rules)
2001057 - ET WORM W32/Sasser.worm.a (bleeding-virus.rules)
2001059 - ET P2P Ares traffic (bleeding-p2p.rules)
2001066 - ET IE Ilookup Trojan (bleeding-virus.rules)
2001075 - ET WEB-MISC cross site scripting attempt IMG onerror or onload (bleeding-web.rules)
2001077 - ET WEB-MISC cross site scripting attempt STYLE + JAVASCRIPT (bleeding-web.rules)
2001078 - ET WEB-MISC cross site scripting attempt STYLE + JSCRIPT (bleeding-web.rules)
2001079 - ET WEB-MISC cross site scripting attempt STYLE + VBSCRIPT 1 (bleeding-web.rules)
2001080 - ET WEB-MISC cross site scripting attempt STYLE + VBSCRIPT 2 (bleeding-web.rules)
2001081 - ET WEB-MISC cross site scripting attempt STYLE + ECMACRIPT (bleeding-web.rules)
2001082 - ET WEB-MISC cross site scripting attempt STYLE + EXPRESSION 1 (bleeding-web.rules)
2001083 - ET WEB-MISC cross site scripting attempt STYLE + EXPRESSION 2 (bleeding-web.rules)
2001084 - ET WEB-MISC cross site scripting attempt using XML (bleeding-web.rules)
2001085 - ET WEB-MISC cross site scripting attempt executing hidden Javascript 1 (bleeding-web.rules)
2001086 - ET WEB-MISC cross site scripting attempt executing hidden Javascript 2 (bleeding-web.rules)
2001087 - ET WEB-MISC cross site scripting attempt to execute Javascript code (bleeding-web.rules)
2001088 - ET WEB-MISC cross site scripting attempt to execute VBScript code (bleeding-web.rules)
2001089 - ET WEB-MISC cross site scripting attempt to access SHELL\: (bleeding-web.rules)
2001090 - ET WEB-MISC cross site scripting stealth attempt to execute Javascript code (bleeding-web.rules)
2001091 - ET WEB-MISC cross site scripting stealth attempt to execute VBScript code (bleeding-web.rules)
2001092 - ET WEB-MISC cross site scripting stealth attempt to access SHELL\: (bleeding-web.rules)
2001185 - ET P2P Soulseek traffic (1) (bleeding-p2p.rules)
2001186 - ET P2P Soulseek traffic (2) (bleeding-p2p.rules)
2001187 - ET P2P Soulseek Filesearch Results (bleeding-p2p.rules)
2001188 - ET P2P Soulseek (bleeding-p2p.rules)
2001197 - ET PHPNuke SQL injection attempt (bleeding-web_sql_injection.rules)
2001198 - ET MALWARE Twaintec Download Attempt (bleeding-malware.rules)
2001199 - ET MALWARE Twaintec Ad Retrieval (bleeding-malware.rules)
2001202 - ET PHPNuke general SQL injection attempt (bleeding-web_sql_injection.rules)
2001216 - ET MALWARE Twaintec Reporting Data (bleeding-malware.rules)
2001218 - ET PHPNuke general XSS attempt (bleeding-web_sql_injection.rules)
2001219 - ET SCAN Potential SSH Scan (bleeding-scan.rules)
2001221 - ET MALWARE F1Organizer Config Download (bleeding-malware.rules)
2001222 - ET MALWARE Default-homepage-network.com Access (bleeding-malware.rules)
2001223 - ET MALWARE Regnow.com Access (bleeding-malware.rules)
2001224 - ET MALWARE Regnow.com Gamehouse.com Access (bleeding-malware.rules)
2001225 - ET MALWARE Statblaster Receiving New configuration (update) (bleeding-malware.rules)
2001228 - ET MALWARE Advertising.com Data Post (villains) (bleeding-malware.rules)
2001230 - ET MALWARE Advertising.com Data Post (cakedeal) (bleeding-malware.rules)
2001233 - ET WORM Possible CIA Trojan download/upload attempt (bleeding-virus.rules)
2001235 - ET MALWARE Weatherbug (bleeding-malware.rules)
2001238 - ET WEB Possible Xedus Webserver Directory Traversal Attempt (bleeding-web.rules)
2001239 - ET Cisco Device in Config Mode (bleeding-policy.rules)
2001240 - ET Cisco Device New Config Built (bleeding-policy.rules)
2001241 - ET CHAT MSN file transfer request (bleeding-policy.rules)
2001242 - ET CHAT MSN file transfer accept (bleeding-policy.rules)
2001243 - ET CHAT MSN file transfer reject (bleeding-policy.rules)
2001253 - ET CHAT Yahoo IM successful logon (bleeding-policy.rules)
2001254 - ET CHAT Yahoo IM voicechat (bleeding-policy.rules)
2001256 - ET CHAT Yahoo IM conference invitation (bleeding-policy.rules)
2001257 - ET CHAT Yahoo IM conference logon success (bleeding-policy.rules)
2001258 - ET CHAT Yahoo IM conference message (bleeding-policy.rules)
2001259 - ET CHAT Yahoo IM file transfer request (bleeding-policy.rules)
2001261 - ET CHAT Yahoo IM successful chat join (bleeding-policy.rules)
2001262 - ET CHAT Yahoo IM conference offer invitation (bleeding-policy.rules)
2001263 - ET CHAT Yahoo IM conference request (bleeding-policy.rules)
2001266 - ET MALWARE Browseraid.com Agent Reporting Data (bleeding-malware.rules)
2001269 - ET WORM Beagle User Agent Detected (bleeding-virus.rules)
2001293 - ET MALWARE Featured-Results.com Agent Reporting Data (bleeding-malware.rules)
2001294 - ET POLICY Dameware Remote Control Service Install (bleeding-policy.rules)
2001295 - ET MALWARE Browseraid.com Agent (bleeding-malware.rules)
2001296 - ET P2P eDonkey File Status (bleeding-p2p.rules)
2001297 - ET P2P eDonkey File Status Request (bleeding-p2p.rules)
2001298 - ET P2P eDonkey Server Status Request (bleeding-p2p.rules)
2001299 - ET P2P eDonkey Server Status (bleeding-p2p.rules)
2001304 - ET MALWARE Browseraid.com Agent Updating (bleeding-malware.rules)
2001306 - ET MALWARE Gator/Clarian Agent (bleeding-malware.rules)
2001307 - ET MALWARE Wild Tangent Agent Installation (bleeding-malware.rules)
2001308 - ET MALWARE Internet Optomizer Reporting Data (bleeding-malware.rules)
2001309 - ET MALWARE Wild Tangent Agent Checking In (bleeding-malware.rules)
2001310 - ET MALWARE Wild Tangent Agent Traffic (bleeding-malware.rules)
2001311 - ET MALWARE Rdxrp.com Traffic (bleeding-malware.rules)
2001312 - ET MALWARE Rdxrp.com Traffic (Generic) (bleeding-malware.rules)
2001313 - ET MALWARE Traffic Syndicate Add/Remove (bleeding-malware.rules)
2001314 - ET MALWARE Wild Tangent Agent (bleeding-malware.rules)
2001315 - ET MALWARE Traffic Syndicate Agent Updating (1) (bleeding-malware.rules)
2001316 - ET MALWARE Traffic Syndicate Agent Updating (2) (bleeding-malware.rules)
2001317 - ET MALWARE Webhancer Data Upload (bleeding-malware.rules)
2001318 - ET MALWARE Adwave Agent Access (bleeding-malware.rules)
2001320 - ET MALWARE Speedera Agent (bleeding-malware.rules)
2001321 - ET MALWARE Speedera Agent (Specific) (bleeding-malware.rules)
2001322 - ET MALWARE Wild Tangent New Install (bleeding-malware.rules)
2001325 - ET MALWARE Websearch.com Spyware (bleeding-malware.rules)
2001329 - ET POLICY RDP connection request (bleeding-policy.rules)
2001330 - ET POLICY RDP connection confirm (bleeding-policy.rules)
2001331 - ET POLICY RDP disconnect request (bleeding-policy.rules)
2001334 - ET MALWARE Ezula (bleeding-malware.rules)
2001335 - ET MALWARE Ezula Installer Download (bleeding-malware.rules)
2001337 - ET WORM Korgo.P offering executable (bleeding-virus.rules)
2001338 - ET WORM Korgo.P binary upload (bleeding-virus.rules)
2001339 - ET MALWARE BInet Information Upload (bleeding-malware.rules)
2001340 - ET MALWARE LocalNRD Spyware Checkin (bleeding-malware.rules)
2001341 - ET MALWARE OfferOptimizer.com Spyware (bleeding-malware.rules)
2001342 - ET WEB-IIS ASP.net Auth Bypass / Canonicalization (bleeding-web.rules)
2001343 - ET WEB-IIS ASP.net Auth Bypass / Canonicalization % 5 C (bleeding-web.rules)
2001344 - ET WEB-PHP EasyDynamicPages exploit (bleeding-web.rules)
2001345 - ET MALWARE Bonziportal Traffic (bleeding-malware.rules)
2001359 - ET MALWARE MarketScore.com Spyware Access (bleeding-malware.rules)
2001365 - ET WEB-MISC Alternate Data Stream source view attempt (bleeding-web.rules)
2001395 - ET MALWARE ISearchTech.com XXXPornToolbar Activity (2) (bleeding-malware.rules)
2001396 - ET MALWARE Internet Optimizer Spyware Install (bleeding-malware.rules)
2001397 - ET MALWARE 180solutions Spyware (tracked event reported) (bleeding-malware.rules)
2001399 - ET MALWARE 180solutions Spyware (action url reported) (bleeding-malware.rules)
2001400 - ET MALWARE 180solutions Spyware Reporting (bleeding-malware.rules)
2001406 - ET POLICY Possible hidden zip extension .cpl (bleeding-policy.rules)
2001407 - ET POLICY Possible hidden zip extension .pif (bleeding-policy.rules)
2001408 - ET POLICY Possible hidden zip extension .scr (bleeding-policy.rules)
2001409 - ET MALWARE Mastermind Related Reporting (bleeding-malware.rules)
2001410 - ET MALWARE Mastermind Related Reporting 8081 (bleeding-malware.rules)
2001411 - ET MALWARE Mastermind Related Downloading mm20.ocx (bleeding-malware.rules)
2001413 - ET MALWARE Medis-Motor Related Downloading ast_4_mm.exe (bleeding-malware.rules)
2001414 - ET MALWARE Media-Motor Related Downloading MediaMotor25.exe (bleeding-malware.rules)
2001415 - ET MALWARE E2give Related Downloading IeBHOs.dll (bleeding-malware.rules)
2001416 - ET MALWARE E2give Related Reporting Install (bleeding-malware.rules)
2001417 - ET MALWARE E2give Related Receiving Config (bleeding-malware.rules)
2001418 - ET MALWARE E2give Related Downloading Code (bleeding-malware.rules)
2001419 - ET MALWARE Avres.net Downloading cpr_mm2.exe (bleeding-malware.rules)
2001420 - ET MALWARE Avres.net Downloading ab1.exe (bleeding-malware.rules)
2001421 - ET MALWARE Avres.net Downloading tvm_bundle.exe (bleeding-malware.rules)
2001422 - ET MALWARE Avres.net Reporting Data (bleeding-malware.rules)
2001423 - ET MALWARE E2give Related Reporting (bleeding-malware.rules)
2001424 - ET POLICY Gmail Inbox Access (bleeding-policy.rules)
2001425 - ET POLICY Gmail File Send (bleeding-policy.rules)
2001426 - ET POLICY Gmail Message Send (bleeding-policy.rules)
2001427 - ET CHAT Yahoo IM Unavailable Status (bleeding-policy.rules)
2001430 - ET WORM Bofra Victim Accessing Reactor Page (bleeding-virus.rules)
2001440 - ET MALWARE Abox Download (bleeding-malware.rules)
2001441 - ET MALWARE Abox Install Report (bleeding-malware.rules)
2001442 - ET MALWARE Statblaster.MemoryWatcher Download (bleeding-malware.rules)
2001443 - ET MALWARE WhenUClick.com Desktop Bar App Checkin (bleeding-malware.rules)
2001444 - ET MALWARE Overpro Spyware Bundle Install (bleeding-malware.rules)
2001445 - ET MALWARE PeopleOnPage Install (bleeding-malware.rules)
2001446 - ET MALWARE PeopleOnPage Ping (bleeding-malware.rules)
2001447 - ET MALWARE 2nd-thought (W32.Daqa.C) Download (bleeding-malware.rules)
2001448 - ET MALWARE MediaTickets Download (bleeding-malware.rules)
2001450 - ET MALWARE Wintools Download/Configure (bleeding-malware.rules)
2001451 - ET MALWARE Bundleware Spyware Download (bleeding-malware.rules)
2001452 - ET MALWARE Bundleware Spyware CHM Download (bleeding-malware.rules)
2001453 - ET MALWARE Couponage Download (bleeding-malware.rules)
2001454 - ET MALWARE Couponage Configure (bleeding-malware.rules)
2001455 - ET MALWARE Couponage Reporting (bleeding-malware.rules)
2001456 - ET MALWARE ContextPanel Reporting (bleeding-malware.rules)
2001458 - ET MALWARE Bundleware Spyware cab Download (bleeding-malware.rules)
2001459 - ET MALWARE Overpro Spyware Games (bleeding-malware.rules)
2001460 - ET MALWARE Sexmaniack Install Tracking (bleeding-malware.rules)
2001461 - ET MALWARE Xpire.info Multiple Spyware Installs (1) (bleeding-malware.rules)
2001462 - ET MALWARE Xpire.info Multiple Spyware Installs Occuring (bleeding-malware.rules)
2001463 - ET MALWARE Xpire.info Multiple Spyware Installs (2) (bleeding-malware.rules)
2001464 - ET MALWARE Xpire.info Multiple Spyware Installs (3) (bleeding-malware.rules)
2001466 - ET MALWARE Xpire.info Multiple Spyware Installs (4) (bleeding-malware.rules)
2001467 - ET MALWARE Xpire.info Multiple Spyware Installs (5) (bleeding-malware.rules)
2001468 - ET MALWARE Xpire.info Multiple Spyware Installs CHM Exploit (bleeding-malware.rules)
2001469 - ET MALWARE Xpire.info Multiple Spyware Installs (6) (bleeding-malware.rules)
2001470 - ET MALWARE Xpire.info Multiple Spyware Installs (7) (bleeding-malware.rules)
2001471 - ET MALWARE Xpire.info Spyware Exploit (bleeding-malware.rules)
2001472 - ET MALWARE Xpire.info Spyware Install Reporting (bleeding-malware.rules)
2001473 - ET MALWARE Searchmeup Spyware Install (toolbar) (bleeding-malware.rules)
2001474 - ET MALWARE Searchmeup Spyware Install (prog) (bleeding-malware.rules)
2001475 - ET MALWARE Searchmeup Spyware Receiving Commands (bleeding-malware.rules)
2001479 - ET MALWARE Coolsearch Spyware Install (bleeding-malware.rules)
2001480 - ET MALWARE Searchmeup Spyware Install (systime) (bleeding-malware.rules)
2001481 - ET MALWARE MediaTickets Spyware Install (bleeding-malware.rules)
2001482 - ET MALWARE thebestsoft4u.com Spyware Install (1) (bleeding-malware.rules)
2001483 - ET MALWARE Searchmeup Spyware Install (mstask) (bleeding-malware.rules)
2001484 - ET MALWARE Searchmeup Spyware Install (d.exe) (bleeding-malware.rules)
2001485 - ET MALWARE thebestsoft4u.com Spyware Install (2) (bleeding-malware.rules)
2001486 - ET MALWARE thebestsoft4u.com Spyware Install (3) (bleeding-malware.rules)
2001487 - ET MALWARE Tibsystems Spyware Activity (bleeding-malware.rules)
2001488 - ET MALWARE Tibsystems Spyware Download (bleeding-malware.rules)
2001489 - ET MALWARE Spygalaxy.ws Activity (bleeding-malware.rules)
2001490 - ET MALWARE ICQ-Update.biz Reporting Install (bleeding-malware.rules)
2001491 - ET MALWARE Xpire.info Install Code Download (bleeding-malware.rules)
2001492 - ET MALWARE ISearchTech.com XXXPornToolbar Activity (MyApp) (bleeding-malware.rules)
2001493 - ET MALWARE ISearchTech.com XXXPornToolbar Activity (IST) (bleeding-malware.rules)
2001494 - ET MALWARE Clickspring.net Spyware Reporting Successful Install (bleeding-malware.rules)
2001495 - ET MALWARE Outerinfo.com Spyware Install (bleeding-malware.rules)
2001496 - ET MALWARE Outerinfo.com Spyware Advertising Campaign Download (bleeding-malware.rules)
2001497 - ET MALWARE Outerinfo.com Spyware Activity (bleeding-malware.rules)
2001498 - ET MALWARE Internet Optimizer Activity (bleeding-malware.rules)
2001499 - ET MALWARE Look2me Spyware Activity (1) (bleeding-malware.rules)
2001500 - ET MALWARE Clickspring.net Spyware Reporting (bleeding-malware.rules)
2001501 - ET MALWARE Clickspring.net Spyware Reporting (bleeding-malware.rules)
2001502 - ET MALWARE Look2me Spyware Activity (2) (bleeding-malware.rules)
2001503 - ET MALWARE Medialoads.com Spyware Config (bleeding-malware.rules)
2001504 - ET MALWARE Medialoads.com Spyware Activity (bleeding-malware.rules)
2001505 - ET MALWARE Smartpops.com Spyware Install rh.exe (bleeding-malware.rules)
2001507 - ET MALWARE Medialoads.com Spyware Identifying Country of Origin (bleeding-malware.rules)
2001508 - ET MALWARE Medialoads.com Spyware Reporting (download.cgi) (bleeding-malware.rules)
2001509 - ET MALWARE Medialoads.com Spyware Reporting (register.cgi) (bleeding-malware.rules)
2001510 - ET MALWARE SurfAssistant.com Spyware Install (bleeding-malware.rules)
2001512 - ET MALWARE pool.Westpop.com Spyware Install (bleeding-malware.rules)
2001513 - ET MALWARE Smartpops.com Spyware Update (bleeding-malware.rules)
2001514 - ET MALWARE SurfAssistant.com Spyware Reporting (bleeding-malware.rules)
2001516 - ET MALWARE Smartpops.com Spyware Install (bleeding-malware.rules)
2001517 - ET MALWARE Websearch.com Outbound Dialer Retrieval (bleeding-malware.rules)
2001520 - ET MALWARE Spywaremover Activity (bleeding-malware.rules)
2001521 - ET MALWARE Spywaremover Activity (bleeding-malware.rules)
2001522 - ET MALWARE SpywareLabs Application Install (bleeding-malware.rules)
2001523 - ET MALWARE Statblaster Receiving New configuration (allfiles) (bleeding-malware.rules)
2001524 - ET MALWARE Statblaster Code Download (bleeding-malware.rules)
2001525 - ET MALWARE Virtumonde Spyware Code Download mmdom.exe (bleeding-malware.rules)
2001526 - ET MALWARE Virtumonde Spyware Code Download bkinst.exe (bleeding-malware.rules)
2001529 - ET MALWARE Casalemedia Access, Likely Spyware (bleeding-malware.rules)
2001530 - ET MALWARE ak-networks.com Spyware Code Download (bleeding-malware.rules)
2001531 - ET MALWARE C4tdownload.com Access, Likely Spyware (bleeding-malware.rules)
2001532 - ET MALWARE Searchmiracle.com Access, Likely Spyware (bleeding-malware.rules)
2001533 - ET MALWARE Searchmiracle.com Spyware Installer silent.exe Download (bleeding-malware.rules)
2001534 - ET MALWARE Searchmiracle.com Spyware Install (silent_install) (bleeding-malware.rules)
2001535 - ET MALWARE Searchmiracle.com Spyware Install (protector.exe) (bleeding-malware.rules)
2001536 - ET MALWARE Spyspotter.com Install (bleeding-malware.rules)
2001537 - ET MALWARE Spyspotter.com Access (bleeding-malware.rules)
2001538 - ET MALWARE Oenji.com Install (bleeding-malware.rules)
2001539 - ET MALWARE Spyspotter.com Access, Likely Spyware (bleeding-malware.rules)
2001540 - ET MALWARE Searchmiracle.com Spyware Install (v3cab) (bleeding-malware.rules)
2001541 - ET MALWARE Xpire.info Install Report (bleeding-malware.rules)
2001546 - ET WEB-MISC LINK Method (bleeding-web.rules)
2001547 - ET VIRUS Sobig.E-F Trojan Site Download Request (bleeding-virus.rules)
2001548 - ET WORM Sasser FTP exploit attempt (bleeding-virus.rules)
2001553 - ET SCAN Possible SSL Brute Force attack or Site Crawl (bleeding-scan.rules)
2001562 - ET MALWARE MarketScore.com Spyware User Configuration and Setup Access (bleeding-malware.rules)
2001563 - ET MALWARE MarketScore.com Spyware SSL Access (bleeding-malware.rules)
2001564 - ET MALWARE MarketScore.com Spyware Proxied Traffic (bleeding-malware.rules)
2001569 - ET SCAN Behavioral Unusual Port 445 traffic, Potential Scan or Infection (bleeding-scan.rules)
2001570 - ET MALWARE Spyware Stormer Reporting Data (bleeding-malware.rules)
2001571 - ET MALWARE Spyware Stormer/Error Guard Activity (bleeding-malware.rules)
2001576 - ET MALWARE BInet Information Install Report (bleeding-malware.rules)
2001579 - ET SCAN Behavioral Unusual Port 139 traffic, Potential Scan or Infection (bleeding-scan.rules)
2001580 - ET SCAN Behavioral Unusual Port 137 traffic, Potential Scan or Infection (bleeding-scan.rules)
2001581 - ET SCAN Behavioral Unusual Port 135 traffic, Potential Scan or Infection (bleeding-scan.rules)
2001582 - ET SCAN Behavioral Unusual Port 1434 traffic, Potential Scan or Infection (bleeding-scan.rules)
2001583 - ET SCAN Behavioral Unusual Port 1433 traffic, Potential Scan or Infection (bleeding-scan.rules)
2001586 - ET MALWARE MarketScore.com Spyware Proxied Traffic (mitmproxy agent) (bleeding-malware.rules)
2001587 - ET MALWARE MarketScore.com Spyware Upgrading (bleeding-malware.rules)
2001588 - ET MALWARE MarketScore.com Spyware Activity (1) (bleeding-malware.rules)
2001589 - ET MALWARE MarketScore.com Spyware Activity (2) (bleeding-malware.rules)
2001595 - ET Policy Skype VOIP Checking Version (Startup) (bleeding-policy.rules)
2001596 - ET Policy Skype VOIP Reporting Install (bleeding-policy.rules)
2001597 - ET POLICY Netop Remote Control Usage (bleeding-policy.rules)
2001609 - ET F5 BIG-IP 3DNS TCP Probe 1 (bleeding-scan.rules)
2001610 - ET F5 BIG-IP 3DNS TCP Probe 2 (bleeding-scan.rules)
2001611 - ET F5 BIG-IP 3DNS TCP Probe 3 (bleeding-scan.rules)
2001621 - ET Exploit Suspected PHP Injection Attack (bleeding-web_sql_injection.rules)
2001639 - ET MALWARE Wild Tangent Agent Activity (bleeding-malware.rules)
2001640 - ET MALWARE Altnet PeerPoints Manager Traffic (bleeding-malware.rules)
2001641 - ET MALWARE Microgaming.com Spyware Installation (dlhelper) (bleeding-malware.rules)
2001643 - ET MALWARE Microgaming.com Spyware Installation (2) (bleeding-malware.rules)
2001644 - ET MALWARE Microgaming.com Spyware Reporting Installation (bleeding-malware.rules)
2001645 - ET MALWARE Microgaming.com Spyware Casino App Install (bleeding-malware.rules)
2001646 - ET MALWARE Toprebates.com Install (1) (bleeding-malware.rules)
2001647 - ET MALWARE Toprebates.com Install (2) (bleeding-malware.rules)
2001648 - ET MALWARE Toprebates.com User Confirming Membership (bleeding-malware.rules)
2001650 - ET MALWARE Search Scout Related Spyware (content) (bleeding-malware.rules)
2001652 - ET MALWARE JoltID Agent New Code Download (bleeding-malware.rules)
2001653 - ET MALWARE Search Scout Related Spyware (results) (bleeding-malware.rules)
2001654 - ET MALWARE JoltID Agent Requesting File (bleeding-malware.rules)
2001655 - ET MALWARE Comet Systems Spyware Traffic (context.xml) (bleeding-malware.rules)
2001656 - ET MALWARE GlobalPhon.com Dialer (bleeding-malware.rules)
2001657 - ET MALWARE GlobalPhon.com Dialer Download (bleeding-malware.rules)
2001658 - ET MALWARE Comet Systems Spyware Reporting (bleeding-malware.rules)
2001659 - ET MALWARE GlobalPhon.com Dialer (no_pop) (bleeding-malware.rules)
2001660 - ET MALWARE GlobalPhon.com Dialer (add_ocx) (bleeding-malware.rules)
2001662 - ET MALWARE Malware MyWebSearch Toolbar Traffic (Agent) (bleeding-malware.rules)
2001663 - ET MALWARE Malware MyWebSearch Toolbar Traffic (host) (bleeding-malware.rules)
2001664 - ET P2P Gnutella Connect (bleeding-p2p.rules)
2001666 - ET MALWARE Metarewards Spyware Activity (bleeding-malware.rules)
2001669 - ET WEB Proxy GET Request (bleeding-web.rules)
2001670 - ET WEB Proxy HEAD Request (bleeding-web.rules)
2001674 - ET WEB Proxy POST Request (bleeding-web.rules)
2001675 - ET WEB Proxy CONNECT Request (bleeding-web.rules)
2001677 - ET MALWARE Webhancer Data Post (bleeding-malware.rules)
2001678 - ET MALWARE Webhancer Agent Activity (bleeding-malware.rules)
2001679 - ET MALWARE JoltID Agent P2P via Proxy Server (bleeding-malware.rules)
2001682 - ET Policy MSN IM Poll via HTTP (bleeding-policy.rules)
2001684 - ET MALWARE Windows executable sent when remote host claims to send image, Win32 (bleeding-malware.rules)
2001685 - ET MALWARE Possible Windows executable sent when remote host claims to send an image (bleeding-malware.rules)
2001689 - ET WORM Potential MySQL bot scanning for SQL server (bleeding-virus.rules)
2001696 - ET MALWARE Search Relevancy Spyware (bleeding-malware.rules)
2001697 - ET MALWARE ISearchTech.com XXXPornToolbar Data Submission (bleeding-malware.rules)
2001698 - ET MALWARE YourSiteBar Data Submision (bleeding-malware.rules)
2001699 - ET MALWARE YourSiteBar Activity (bleeding-malware.rules)
2001700 - ET MALWARE Windupdates.com Spyware Install (bleeding-malware.rules)
2001701 - ET MALWARE Windupdates.com Spyware Loggin Data (bleeding-malware.rules)
2001702 - ET MALWARE Shop at Home Select Spyware Activity (Bundle) (bleeding-malware.rules)
2001703 - ET MALWARE Context Plus Spyware Activity (1) (bleeding-malware.rules)
2001704 - ET MALWARE Context Plus Spyware Install (bleeding-malware.rules)
2001705 - ET MALWARE Flingstone Spyware Install (sportsinteraction) (bleeding-malware.rules)
2001706 - ET MALWARE Context Plus Spyware Activity (2) (bleeding-malware.rules)
2001707 - ET MALWARE Shop at Home Select Spyware Activity (SAH) (bleeding-malware.rules)
2001708 - ET MALWARE Shop at Home Select Spyware Heartbeat (bleeding-malware.rules)
2001709 - ET MALWARE Shop at Home Select Spyware Config Download (agentprefs) (bleeding-malware.rules)
2001710 - ET MALWARE Flingstone Spyware Install (cxtpls) (bleeding-malware.rules)
2001711 - ET MALWARE Likely Spambot Web-based Control Traffic (bleeding-malware.rules)
2001712 - ET POLICY MyWebEx Server Traffic (bleeding-policy.rules)
2001713 - ET POLICY MyWebEx Installation (bleeding-policy.rules)
2001714 - ET POLICY MyWebEx Incoming Connection (bleeding-policy.rules)
2001715 - ET WORM Bropia.F Worm Propagation (bleeding-virus.rules)
2001726 - ET VIRUS Trojan-Spy.Win32.Bancos Download (bleeding-virus.rules)
2001729 - ET MALWARE Tibsystems Spyware Install (1) (bleeding-malware.rules)
2001730 - ET MALWARE A-d-w-a-r-e.com Activity (popup) (bleeding-malware.rules)
2001731 - ET MALWARE SurfSidekick Activity (bleeding-malware.rules)
2001732 - ET MALWARE Top Converting Agent Activity (bleeding-malware.rules)
2001733 - ET MALWARE CrazyWinnings.com Activity (bleeding-malware.rules)
2001734 - ET MALWARE Tibsystems Spyware Install (2) (bleeding-malware.rules)
2001735 - ET MALWARE A-d-w-a-r-e.com Activity (cmd) (bleeding-malware.rules)
2001736 - ET MALWARE UCMore Spyware Activity (bleeding-malware.rules)
2001737 - ET MALWARE ak-networks.com Spyware Code Install (bleeding-malware.rules)
2001738 - ET WEB PHP vBulletin Remote Command Execution Attempt (bleeding-web.rules)
2001743 - ET TROJAN HackerDefender Root Kit Remote Connection Attempt Detected (bleeding-virus.rules)
2001744 - ET MALWARE Searchmiracle.com Spyware Install (install) (bleeding-malware.rules)
2001746 - ET MALWARE Enhance My Search Spyware Activity (bleeding-malware.rules)
2001747 - ET MALWARE My-Stats.com Spyware Checkin (bleeding-malware.rules)
2001748 - ET MALWARE Pynix.dll BHO Activity (bleeding-malware.rules)
2001756 - ET P2P Ares File Upload (bleeding-p2p.rules)
2001761 - ET MALWARE ABX Toolbar ActiveX Install (bleeding-malware.rules)
2001762 - ET WEB_SPECIFIC phpbb Session Cookie (bleeding-web_sql_injection.rules)
2001763 - ET VIRUS - W32.Opaserv Worm Infection (bleeding-virus.rules)
2001764 - ET VIRUS Bugbear at MM virus via SMTP (bleeding-virus.rules)
2001765 - ET VIRUS BugBear at MM virus in Network share (bleeding-virus.rules)
2001766 - ET VIRUS BugBear at MM Worm Copied to Startup Folder (bleeding-virus.rules)
2001767 - ET WEB ORACLE OLEDB asp error (bleeding-web.rules)
2001768 - ET WEB MS SQL Server OLEDB asp error (bleeding-web.rules)
2001781 - ET WEB ORACLE rwcgi60 information leak attempt (bleeding-web.rules)
2001783 - ET MALWARE Media Pass ActiveX Install (bleeding-malware.rules)
2001793 - ET MALWARE Incredisearch.com Spyware Ping (bleeding-malware.rules)
2001794 - ET MALWARE Incredisearch.com Spyware Activity (bleeding-malware.rules)
2001796 - ET P2P Kazaa over UDP (bleeding-p2p.rules)
2001801 - ET POLICY ICQ Status Invisible (bleeding-policy.rules)
2001802 - ET POLICY ICQ Status Change (1) (bleeding-policy.rules)
2001803 - ET POLICY ICQ Status Change (2) (bleeding-policy.rules)
2001804 - ET POLICY ICQ Login (bleeding-policy.rules)
2001805 - ET POLICY ICQ Message (bleeding-policy.rules)
2001808 - ET P2P LimeWire P2P Traffic (bleeding-p2p.rules)
2001809 - ET P2P Limewire P2P UDP Traffic (bleeding-p2p.rules)
2001810 - ET EXPLOIT WEB PHP remote file include exploit attempt (bleeding-web_sql_injection.rules)
2001811 - ET WEB Encoded javascriptdocument.write - usually hostile (bleeding-web.rules)
2001812 - ET KazaaClient P2P Traffic (bleeding-p2p.rules)
2001841 - ET P2P UDP traffic - Likely Limewire (bleeding-p2p.rules)
2001850 - ET MALWARE Likely Trojan/Spyware Installer Requested (1) (bleeding-malware.rules)
2001852 - ET MALWARE 404Search Spyware User Agent (bleeding-malware.rules)
2001853 - ET MALWARE Easy Search Bar Spyware User Agent (bleeding-malware.rules)
2001854 - ET MALWARE EZULA Spyware User Agent (bleeding-malware.rules)
2001855 - ET MALWARE Fun Web Products Spyware User Agent (1) (bleeding-malware.rules)
2001858 - ET MALWARE Hotbar Spyware User Agent (bleeding-malware.rules)
2001859 - ET MALWARE Cool Web Search Spyware User Agent (bleeding-malware.rules)
2001860 - ET MALWARE Kontiki Spyware User Agent (bleeding-malware.rules)
2001861 - ET MALWARE Micro-Gaming Spyware User Agent (bleeding-malware.rules)
2001862 - ET MALWARE Surf Assistant Spyware User Agent (bleeding-malware.rules)
2001863 - ET MALWARE Fun Web Products Spyware User Agent (2) (bleeding-malware.rules)
2001864 - ET MALWARE Fun Web Products Spyware User Agent (3) (bleeding-malware.rules)
2001865 - ET MALWARE MyWebSearch Spyware User Agent (bleeding-malware.rules)
2001867 - ET MALWARE Search Engine 2000 Spyware User Agent (bleeding-malware.rules)
2001868 - ET MALWARE SureSeeker Spyware User Agent (bleeding-malware.rules)
2001869 - ET MALWARE Sidesearch Spyware User Agent (bleeding-malware.rules)
2001870 - ET MALWARE Surfplayer Spyware User Agent (bleeding-malware.rules)
2001871 - ET MALWARE Target Saver Spyware User Agent (bleeding-malware.rules)
2001872 - ET MALWARE Visicom Spyware User Agent (bleeding-malware.rules)
2001879 - ET VIRUS Sober-style Ehlo - noalert (bleeding-virus.rules)
2001880 - ET VIRUS Sober-style Ehlo followed by SMTP AUTH - noalert (bleeding-virus.rules)
2001884 - ET MALWARE DesktopTraffic Toolbar Spyware (bleeding-malware.rules)
2001885 - ET MALWARE Begin2Search.com Spyware (bleeding-malware.rules)
2001886 - ET MALWARE ToolbarPartner Spyware Install (bleeding-malware.rules)
2001887 - ET MALWARE ToolbarPartner Spyware Activity (1) (bleeding-malware.rules)
2001888 - ET MALWARE ToolbarPartner Spyware Activity (2) (bleeding-malware.rules)
2001889 - ET MALWARE ToolbarPartner Spyware Jeemp Trojan Download (bleeding-malware.rules)
2001890 - ET MALWARE ToolbarPartner Spyware Agent Download (1) (bleeding-malware.rules)
2001891 - ET MALWARE ToolbarPartner User Agent Activity (bleeding-malware.rules)
2001892 - ET MALWARE ToolbarPartner Spyware Agent Download (2) (bleeding-malware.rules)
2001893 - ET MALWARE ToolbarPartner Spyware Agent Reporting Install (bleeding-malware.rules)
2001894 - ET MALWARE ToolbarPartner Spyware Agent Partner Install (bleeding-malware.rules)
2001895 - ET MALWARE ToolbarPartner Spyware Spambot Retrieving Target Emails (bleeding-malware.rules)
2001897 - ET MALWARE pool.Westpop.com Spyware Updates (bleeding-malware.rules)
2001899 - ET BOTNET HTTP Botnet reg (bleeding-virus.rules)
2001900 - ET BOTNET BwB Botnet Checkin (bleeding-virus.rules)
2001901 - ET TROJAN Possible Bobax trojan infection (bleeding-virus.rules)
2001904 - ET SCAN Behavioral Unusually fast Telnet Connections, Potential Scan or Brute Force (bleeding-scan.rules)
2001906 - ET SCAN MYSQL 4.0 brute force root login attempt (bleeding-scan.rules)
2001910 - ET WORM AIM Bot Outbound Control Channel Open and Login (bleeding-virus.rules)
2001919 - ET VIRUS Greeting card gif.exe email incoming SMTP (bleeding-virus.rules)
2001920 - ET VIRUS Greeting card gif.exe email incoming POP3/IMAP (bleeding-virus.rules)
2001921 - ET VIRUS Greeting card gif.exe email incoming HTTP (bleeding-virus.rules)
2001928 - ET WEB_SPECIFIC XSS Possible Arbitrary Scripting Code Attack in phpBB (private message) (bleeding-web_sql_injection.rules)
2001929 - ET WEB_SPECIFIC XSS Possible Arbitrary Scripting Code Attack in phpBB (signature) (bleeding-web_sql_injection.rules)
2001933 - ET VIRUS PWS Banker Trojan Sending Report of Infection (bleeding-virus.rules)
2001945 - ET WEB WebAPP Apage.CGI Remote Command Execution Attempt (bleeding-web.rules)
2001947 - ET MALWARE Zenotecnico Adware (bleeding-malware.rules)
2001949 - ET WEB_SPECIFIC Athena Web Registration Remote Command Execution Attempt (bleeding-web_sql_injection.rules)
2001950 - ET POLICY RAR File Outbound (bleeding-policy.rules)
2001959 - ET VIRUS Hotword Trojan in Transit (bleeding-virus.rules)
2001960 - ET VIRUS Hotword Trojan inbound via http (bleeding-virus.rules)
2001961 - ET VIRUS Hotword Trojan - Possible File Upload CHJO (bleeding-virus.rules)
2001962 - ET VIRUS Hotword Trojan - Possible File Upload CFXP (bleeding-virus.rules)
2001963 - ET VIRUS Hotword Trojan - Possible FTP File Request pspv.exe (bleeding-virus.rules)
2001964 - ET VIRUS Hotword Trojan - Possible FTP File Request .tea (bleeding-virus.rules)
2001965 - ET VIRUS Hotword Trojan - Possible FTP File Status Upload ___ (bleeding-virus.rules)
2001966 - ET VIRUS Hotword Trojan - Possible FTP File Status Check ___ (bleeding-virus.rules)
2001972 - ET SCAN Behavioral Unusually fast Terminal Server Traffic, Potential Scan or Infection (bleeding-scan.rules)
2001979 - ET POLICY SSH Server Banner Detected on Unusual Port (bleeding-policy.rules)
2001980 - ET POLICY SSH Client Banner Detected on Unusual Port (bleeding-policy.rules)
2001981 - ET POLICY SSHv2 Server KEX Detected on Unusual Port (bleeding-policy.rules)
2001982 - ET POLICY SSHv2 Client KEX Detected on Unusual Port (bleeding-policy.rules)
2001983 - ET POLICY SSHv2 Client New Keys Detected on Unusual Port (bleeding-policy.rules)
2001984 - ET POLICY SSH session in progress on Unusual Port (bleeding-policy.rules)
2001985 - ET VIRUS HTTP RBOT Challenge/Response Authentication (bleeding-virus.rules)
2001989 - ET POLICY Prospero Chat Session in Progress (bleeding-policy.rules)
2001992 - ET MALWARE SurfSidekick Download (bleeding-malware.rules)
2001993 - ET MALWARE SurfSidekick Dictionary Download (bleeding-malware.rules)
2001994 - ET MALWARE SurfSidekick Activity (ipixel) (bleeding-malware.rules)
2001995 - ET MALWARE UCMore Spyware Reporting (bleeding-malware.rules)
2001996 - ET MALWARE UCMore Spyware Activity User Agent String (bleeding-malware.rules)
2001997 - ET MALWARE TargetNetworks.net Spyware Reporting (req) (bleeding-malware.rules)
2001998 - ET MALWARE UCMore Spyware Downloading Ads (bleeding-malware.rules)
2001999 - ET MALWARE BTGrab.com Spyware Downloading Ads (bleeding-malware.rules)
2002000 - ET MALWARE Shopnav Spyware Install (bleeding-malware.rules)
2002001 - ET MALWARE 180solutions Spyware Keywords Download (bleeding-malware.rules)
2002002 - ET MALWARE Better Internet Spyware User Agent Activity (thnall) (bleeding-malware.rules)
2002003 - ET MALWARE 180solutions Spyware Install (bleeding-malware.rules)
2002004 - ET MALWARE Topconverting Spyware Install (bleeding-malware.rules)
2002005 - ET MALWARE Better Internet Spyware User Agent Activity (poller) (bleeding-malware.rules)
2002007 - ET MALWARE Wildmedia Spyware User Agent Activity (bleeding-malware.rules)
2002008 - ET MALWARE Wild Tangent Install (bleeding-malware.rules)
2002009 - ET MALWARE ESyndicate Spyware Install (esyndicateinst.exe) (bleeding-malware.rules)
2002010 - ET MALWARE ESyndicate Spyware Install (sepinst.exe) (bleeding-malware.rules)
2002011 - ET MALWARE PeopleonPage Spyware User Agent Activity (bleeding-malware.rules)
2002012 - ET MALWARE GrandstreetInteractive.com Install (bleeding-malware.rules)
2002013 - ET MALWARE GrandstreetInteractive.com Update (bleeding-malware.rules)
2002014 - ET MALWARE Grandstreet Interactive Spyware User Agent Activity (2) (bleeding-malware.rules)
2002015 - ET MALWARE Internet Fuel.com Install (bleeding-malware.rules)
2002016 - ET MALWARE jmnad1.com Spyware Install (2) (bleeding-malware.rules)
2002017 - ET MALWARE Overpro Spyware Install Report (bleeding-malware.rules)
2002019 - ET MALWARE jmnad1.com Spyware Install (1) (bleeding-malware.rules)
2002020 - ET MALWARE Overpro Spyware User Agent Activity (merong) (bleeding-malware.rules)
2002021 - ET MALWARE Grandstreet Interactive Spyware User Agent Activity (1) (bleeding-malware.rules)
2002022 - ET POLICY GotoMyPC poll.gotomypc.com Server Response to Polling Client OK (bleeding-policy.rules)
2002023 - ET TROJAN IRC USER command (bleeding-virus.rules)
2002024 - ET TROJAN IRC NICK command (bleeding-virus.rules)
2002025 - ET TROJAN IRC JOIN command (bleeding-virus.rules)
2002026 - ET TROJAN IRC PRIVMSG command (bleeding-virus.rules)
2002027 - ET TROJAN IRC PING command (bleeding-virus.rules)
2002028 - ET TROJAN IRC PONG response (bleeding-virus.rules)
2002029 - ET TROJAN BOT - channel topic scan/exploit command (bleeding-virus.rules)
2002030 - ET TROJAN BOT - potential scan/exploit command (bleeding-virus.rules)
2002031 - ET TROJAN BOT - potential update/download (bleeding-virus.rules)
2002032 - ET TROJAN BOT - potential DDoS command (1) (bleeding-virus.rules)
2002033 - ET TROJAN BOT - potential response (bleeding-virus.rules)
2002035 - ET MALWARE Better Internet Spyware User Agent Activity (thin) (bleeding-malware.rules)
2002036 - ET MALWARE Weird on the Web /180 Solutions Checkin (bleeding-malware.rules)
2002037 - ET MALWARE Shop at Home Select Spyware Install (bleeding-malware.rules)
2002038 - ET MALWARE Shopathomeselect.com Spyware User Agent Activity (bleeding-malware.rules)
2002039 - ET MALWARE Better Internet Spyware User Agent Activity (aurareco) (bleeding-malware.rules)
2002040 - ET MALWARE Topconverting Spyware Reporting (bleeding-malware.rules)
2002041 - ET MALWARE Weird on the Web /180 Solutions Update (bleeding-malware.rules)
2002043 - ET MALWARE Shop at Home Select Spyware Config Download (bleeding-malware.rules)
2002044 - ET MALWARE OutBlaze.com Spyware Activity (bleeding-malware.rules)
2002046 - ET MALWARE TargetNetworks.net Spyware Reporting (tn) (bleeding-malware.rules)
2002047 - ET MALWARE surfaccuracy Spyware User Agent (bleeding-malware.rules)
2002048 - ET MALWARE 180solutions Spyware Defs Download (bleeding-malware.rules)
2002066 - ET WEB_SPECIFIC CSV-DB CSV_DB.CGI Remote Command Execution Attempt (bleeding-web_sql_injection.rules)
2002067 - ET WEB_SPECIFIC Community Link Pro Login.CGI Remote Command Execution Attempt (bleeding-web_sql_injection.rules)
2002069 - ET WEB_SPECIFIC Blog Spam Insert Attempt (bleeding-web_sql_injection.rules)
2002070 - ET WEB_SPECIFIC phpBB Remote Code Execution Attempt (bleeding-web_sql_injection.rules)
2002071 - ET MALWARE XupiterToolbar Spyware User Agent Activity (bleeding-malware.rules)
2002073 - ET MALWARE General Spyware User Agent Activity (bleeding-malware.rules)
2002074 - ET MALWARE Win32.Stubby Spyware User Agent Activity (bleeding-malware.rules)
2002076 - ET MALWARE New.net Spyware User Agent Activity (bleeding-malware.rules)
2002078 - ET MALWARE SideStep Spyware User Agent Activity (bleeding-malware.rules)
2002079 - ET MALWARE MyWaySearch Products Spyware User Agent (bleeding-malware.rules)
2002080 - ET MALWARE MySearch Products Spyware User Agent (bleeding-malware.rules)
2002082 - ET POLICY Unusual User Agent (Client) (bleeding-policy.rules)
2002083 - ET MALWARE Pacimedia Spyware 1 (bleeding-malware.rules)
2002087 - ET POLICY Inbound Frequent Emails - Possible Spambot Inbound (bleeding-policy.rules)
2002088 - ET MALWARE C4tdownload.com Spyware Activity (bleeding-malware.rules)
2002089 - ET MALWARE CWS qck.cc Spyware Installer (in.php) (bleeding-malware.rules)
2002090 - ET MALWARE IEHelp.net Spyware Installer (bleeding-malware.rules)
2002091 - ET MALWARE Searchmiracle.com Spyware Install - silent.exe (bleeding-malware.rules)
2002092 - ET MALWARE yupsearch.com Spyware Install - protector.exe (bleeding-malware.rules)
2002093 - ET MALWARE Likely Trojan/Spyware Installer Requested (2) (bleeding-malware.rules)
2002094 - ET MALWARE MSUpdater.net Spyware Checkin (bleeding-malware.rules)
2002095 - ET MALWARE CWS qck.cc Spyware Installer (web.php) (bleeding-malware.rules)
2002096 - ET MALWARE IEHelp.net Spyware checkin (bleeding-malware.rules)
2002097 - ET MALWARE IEHelp.net Spyware User Agent Activity (bleeding-malware.rules)
2002098 - ET MALWARE yupsearch.com Spyware Install - sideb.exe (bleeding-malware.rules)
2002099 - ET MALWARE 180solutions Spyware config Download (bleeding-malware.rules)
2002100 - ET WEB WPS wps_shop.cgi Remote Command Execution Attempt (bleeding-web.rules)
2002129 - ET WEB Cacti Input Validation Attack (bleeding-web.rules)
2002130 - ET WEB Oracle Reports XSS Attempt (bleeding-web.rules)
2002131 - ET WEB Oracle Reports XML Information Disclosure (bleeding-web.rules)
2002132 - ET WEB Oracle Reports DESFORMAT Information Disclosure (bleeding-web.rules)
2002133 - ET WEB Oracle Reports OS Command Injection Attempt (bleeding-web.rules)
2002153 - ET MALWARE EXE as User Agent - Potential Malware (bleeding-malware.rules)
2002157 - ET POLICY Skype User-Agent detected (bleeding-policy.rules)
2002160 - ET MALWARE CoolWebSearch Spyware (Feat) (bleeding-malware.rules)
2002161 - ET MALWARE CoolWebSearch Spyware (feat2) (bleeding-malware.rules)
2002163 - ET MALWARE Ezula Update Engine (bleeding-malware.rules)
2002164 - ET MALWARE Hotbar Spyware (bleeding-malware.rules)
2002165 - ET MALWARE IESearch Spyware (bleeding-malware.rules)
2002166 - ET MALWARE Alexa Search Toolbar (bleeding-malware.rules)
2002167 - ET MALWARE Possible Spyware - Wise User Agent (bleeding-malware.rules)
2002168 - ET MALWARE Svcmm Parasite (bleeding-malware.rules)
2002169 - ET MALWARE iWon Spyware (bleeding-malware.rules)
2002175 - ET TROJAN Srv.SSA-KeyLogger Checkin Traffic (bleeding-virus.rules)
2002192 - ET POLICY MSN status change (bleeding-policy.rules)
2002194 - ET MALWARE Pacimedia Spyware 2 (bleeding-malware.rules)
2002195 - ET MALWARE Casalemedia Spyware Reporting URL Visited1 (bleeding-malware.rules)
2002196 - ET MALWARE Casalemedia Spyware Reporting URL Visited2 (bleeding-malware.rules)
2002296 - ET MALWARE Searchfeed.com Spyware 1 (bleeding-malware.rules)
2002297 - ET MALWARE Searchfeed.com Spyware 2 (bleeding-malware.rules)
2002298 - ET MALWARE Searchfeed.com Spyware 3 (bleeding-malware.rules)
2002299 - ET MALWARE Searchfeed.com Spyware 4 (bleeding-malware.rules)
2002300 - ET MALWARE Searchfeed.com Spyware 5 (bleeding-malware.rules)
2002301 - ET MALWARE Searchfeed.com Spyware 6 (bleeding-malware.rules)
2002302 - ET MALWARE Searchfeed.com Spyware 7 (bleeding-malware.rules)
2002303 - ET MALWARE Searchfeed.com Spyware 8 (bleeding-malware.rules)
2002305 - ET MALWARE Fun Web Products Smileychooser Spyware (bleeding-malware.rules)
2002306 - ET MALWARE Fun Web Products Cursorchooser Spyware (bleeding-malware.rules)
2002307 - ET MALWARE Fun Web Products Stampchooser Spyware (bleeding-malware.rules)
2002309 - ET MALWARE Metarewards Disclaimer Access (bleeding-malware.rules)
2002312 - ET POLICY MSN Game Loading (bleeding-policy.rules)
2002313 - ET WEB Cacti graph_image.php Remote Command Execution Attempt (bleeding-web.rules)
2002314 - ET WEB PHPOutsourcing Zorum prod.php Remote Command Execution Attempt (bleeding-web.rules)
2002317 - ET MALWARE EZSearch Spyware Reporting Search Strings (bleeding-malware.rules)
2002318 - ET MALWARE EZSearch Spyware Reporting Search Category (bleeding-malware.rules)
2002319 - ET MALWARE EZSearch Spyware Reporting 2 (bleeding-malware.rules)
2002320 - ET MALWARE Transponder Spyware Activity (bleeding-malware.rules)
2002322 - ET WORM Possible MSN Worm Exploit php (bleeding-virus.rules)
2002323 - ET WORM Possible MSN Worm Exploit exe (bleeding-virus.rules)
2002324 - ET WORM Possible MSN Worm Exploit pif (bleeding-virus.rules)
2002325 - ET WORM W32.kelvir.HI (bleeding-virus.rules)
2002327 - ET POLICY Google Talk (Jabber) Client Login (bleeding-policy.rules)
2002330 - ET POLICY Google Talk TLS Client Traffic (bleeding-policy.rules)
2002331 - ET WEB Piranha default passwd attempt (bleeding-web.rules)
2002332 - ET POLICY Google IM traffic Windows client user sign-on (bleeding-policy.rules)
2002333 - ET POLICY Google IM traffic friend invited (bleeding-policy.rules)
2002334 - ET POLICY Google IM traffic Jabber client sign-on (bleeding-policy.rules)
2002335 - ET POLICY Google IM traffic Windows client user sign-off (bleeding-policy.rules)
2002348 - ET MALWARE VPP Technologies Spyware (bleeding-malware.rules)
2002349 - ET MALWARE Alexa Spyware Reporting URL (bleeding-malware.rules)
2002350 - ET MALWARE VPP Technologies Spyware Reporting URL (bleeding-malware.rules)
2002351 - ET MALWARE Comet Systems Spyware Update Download (bleeding-malware.rules)
2002352 - ET MALWARE Comet Systems Spyware Context Report (bleeding-malware.rules)
2002354 - ET MALWARE 180solutions Spyware versionconfig POST (bleeding-malware.rules)
2002361 - ET WEB Netquery Remote Command Execution Attempt (bleeding-web.rules)
2002362 - ET WEB Barracuda Spam Firewall img.pl Remote Command Execution Attempt (bleeding-web.rules)
2002363 - ET TROJAN BOT - potential reptile commands (bleeding-virus.rules)
2002365 - ET WEB HP OpenView Network Node Manager Remote Command Execution Attempt (bleeding-web.rules)
2002371 - ET WEB_SPECIFIC Miva Merchant Cross Site Scripting Attack (bleeding-web_sql_injection.rules)
2002376 - ET IBM Lotus Domino BaseTarget XSS attempt (bleeding-web.rules)
2002377 - ET IBM Lotus Domino Src XSS attempt (bleeding-web.rules)
2002383 - ET SCAN Potential FTP Brute-Force attempt (bleeding-scan.rules)
2002384 - ET TROJAN BOT - potential misc bot commands (bleeding-virus.rules)
2002385 - ET TROJAN BOT - channel topic reptile commands (bleeding-virus.rules)
2002386 - ET TROJAN BOT - channel topic misc bot commands (bleeding-virus.rules)
2002387 - ET TROJAN Mitglieder Proxy Bot Checking In (bleeding-virus.rules)
2002388 - ET WEB vBulletin misc.php Template Name Arbitrary Code Execution (bleeding-web.rules)
2002394 - ET MALWARE Adwave/MarketScore User Agent (bleeding-malware.rules)
2002395 - ET MALWARE Miva User Agent (bleeding-malware.rules)
2002396 - ET MALWARE Miva User Agent 2 (bleeding-malware.rules)
2002397 - ET MALWARE Precision Targeting User Agent (bleeding-malware.rules)
2002398 - ET MALWARE DelFin Project User Agent (bleeding-malware.rules)
2002399 - ET MALWARE DelFin Project User Agent 2 (bleeding-malware.rules)
2002400 - ET MALWARE Suspicious User Agent (Microsoft Internet Explorer) (bleeding-malware.rules)
2002401 - ET MALWARE Web Search User Agent 2 (bleeding-malware.rules)
2002402 - ET MALWARE Web Search User Agent 3 (bleeding-malware.rules)
2002403 - ET MALWARE Context Plus User Agent 2 (bleeding-malware.rules)
2002404 - ET MALWARE Movies etc User Agent (bleeding-malware.rules)
2002405 - ET MALWARE Internet Optimizer User Agent 2 (bleeding-malware.rules)
2002407 - ET POLICY WebshotsNetClient (bleeding-policy.rules)
2002408 - ET WEB phpMyAdmin Suspicious Activity (bleeding-web.rules)
2002409 - ET WEB phpMyAdmin Local File Inclusion (2.6.4-pl1) (bleeding-web.rules)
2002494 - ET WEB Versatile Bulletin Board SQL Injection Attack (bleeding-web.rules)
2002659 - ET CHAT Yahoo IM Client Install (bleeding-policy.rules)
2002660 - ET WEB RSA Web Auth Exploit Attempt - Long URL (bleeding-web.rules)
2002662 - ET WEB TWiki INCLUDE remote command execution attempt (bleeding-web.rules)
2002663 - ET WEB_SPECIFIC e107 resetcore.php SQL Injection attempt (bleeding-web_sql_injection.rules)
2002664 - ET SCAN Nessus User Agent (bleeding-scan.rules)
2002667 - ET WEB sumthin scan (bleeding-web.rules)
2002668 - ET WEB_SPECIFIC CutePHP CuteNews directory traversal vulnerability - show_news (bleeding-web_sql_injection.rules)
2002671 - ET WEB_SPECIFIC Galerie ShowGallery.php SQL Injection attempt (bleeding-web_sql_injection.rules)
2002673 - ET P2P MS Foldershare Login Detected (bleeding-p2p.rules)
2002674 - ET MALWARE Sony DRM Reporting 2 (bleeding-malware.rules)
2002675 - ET MALWARE Sony DRM Reporting 1 (bleeding-malware.rules)
2002676 - ET POLICY nstx DNS Tunnel Outbound (bleeding-policy.rules)
2002677 - ET SCAN Nikto Web App Scan in Progress (bleeding-scan.rules)
2002678 - ET WEB_SPECIFIC Cyphor show.php SQL injection attempt (bleeding-web_sql_injection.rules)
2002679 - ET MALWARE Sony DRM Related - CodeSupport ActiveX Attempt (bleeding-malware.rules)
2002680 - ET MALWARE Sony DRM - Uninstaller CLSID (bleeding-malware.rules)
2002681 - ET WEB_SPECIFIC Mambo Exploit (bleeding-web_sql_injection.rules)
2002685 - ET WEB Barracuda Spam Firewall img.pl Remote Directory Traversal Attempt (bleeding-web.rules)
2002695 - ET VIRUS Generic Downloader Outbound HTTP connection - Downloading Code (bleeding-virus.rules)
2002707 - ET MALWARE iframebiz - adv***.php (bleeding-malware.rules)
2002708 - ET MALWARE iframebiz - sploit.anr (bleeding-malware.rules)
2002709 - ET MALWARE iframebiz - loaderadv***.jar (bleeding-malware.rules)
2002710 - ET MALWARE iframebiz - loadadv***.exe (bleeding-malware.rules)
2002711 - ET WEB includer.cgi Remote Command Execution Attempt (bleeding-web.rules)
2002721 - ET WEB Cisco IOS HTTP set enable password attack (bleeding-web.rules)
2002722 - ET POLICY MP3 File Transfer Outbound (bleeding-policy.rules)
2002728 - ET TROJAN Ransky or variant backdoor communication ping (bleeding-virus.rules)
2002729 - ET POLICY Outbound Hamachi VPN Connection Attempt (bleeding-policy.rules)
2002730 - ET PHPGedView Remote Script Code Execution attempt (bleeding-web.rules)
2002731 - ET WEB-PHP Generic phpbb arbitrary command attempt (bleeding-web_sql_injection.rules)
2002735 - ET MALWARE Zenotecnico Adware 2 (bleeding-malware.rules)
2002736 - ET MALWARE Trafficsector.com Spyware Install (bleeding-malware.rules)
2002737 - ET MALWARE Zenotecnico Spyware Install Report (bleeding-malware.rules)
2002738 - ET MALWARE SurfSidekick Activity (rinfo) (bleeding-malware.rules)
2002739 - ET MALWARE iDownloadAgent Spyware User Agent (bleeding-malware.rules)
2002740 - ET MALWARE adservs.com Spyware (bleeding-malware.rules)
2002749 - ET POLICY Reserved IP Space Traffic - Bogon Nets 1 (bleeding-policy.rules)
2002750 - ET POLICY Reserved IP Space Traffic - Bogon Nets 2 (bleeding-policy.rules)
2002751 - ET POLICY Reserved IP Space Traffic - Bogon Nets 3 (bleeding-policy.rules)
2002760 - ET P2P GnucDNA UDP Ultrapeer Traffic (bleeding-p2p.rules)
2002761 - ET P2P Gnutella TCP Ultrapeer Traffic (bleeding-p2p.rules)
2002762 - ET TROJAN Torpig Reporting User Activity (x25) (bleeding-virus.rules)
2002763 - ET TROJAN Dumador Reporting User Activity (bleeding-virus.rules)
2002765 - ET MALWARE Corpsespyware.net BlackListed Malicious Domain - google.vc (bleeding-malware.rules)
2002766 - ET MALWARE Corpsespyware.net BlackList - pcpeek (bleeding-malware.rules)
2002767 - ET MALWARE Corpsespyware.net Distribution - bos.biz (bleeding-malware.rules)
2002768 - ET MALWARE Corpsespyware.net Distribution - fesexy (bleeding-malware.rules)
2002769 - ET MALWARE Corpsespyware.net Distribution - studiolacase (bleeding-malware.rules)
2002770 - ET MALWARE Corpsespyware.net - msits.exe access (bleeding-malware.rules)
2002771 - ET MALWARE Corpsespyware.net - msys.exe access (bleeding-malware.rules)
2002772 - ET MALWARE Corpsespyware.net - PG 02 Outbound (bleeding-malware.rules)
2002773 - ET MALWARE Corpsespyware.net - PG 02 Inbound (bleeding-malware.rules)
2002774 - ET MALWARE Corpsespyware.net Blind Data Upload (bleeding-malware.rules)
2002775 - ET TROJAN Goldun Reporting User Activity (bleeding-virus.rules)
2002776 - ET TROJAN SickleBot Reporting User Activity (bleeding-virus.rules)
2002777 - ET WEB Light Weight Calendar 'date' Arbitrary Remote Code Execution (bleeding-web.rules)
2002780 - ET TROJAN Goldun Reporting User Activity 2 (bleeding-virus.rules)
2002781 - ET TROJAN w32agent.dsi Posting Info (bleeding-virus.rules)
2002782 - ET TROJAN w32agent.dsi Domain Update (bleeding-virus.rules)
2002790 - ET TROJAN Haxdoor Reporting User Activity (bleeding-virus.rules)
2002792 - ET TROJAN Win32.Agent Reporting User Activity (bleeding-virus.rules)
2002796 - ET POLICY X-Box Live Connecting (bleeding-policy.rules)
2002800 - ET WEB_SPECIFIC PHP PHPNuke Remote File Inclusion Attempt (bleeding-web_sql_injection.rules)
2002801 - ET WEB_SPECIFIC Google Desktop User-Agent Detected (bleeding-web_sql_injection.rules)
2002804 - ET MALWARE Spyaxe Spyware DB Update (bleeding-malware.rules)
2002805 - ET MALWARE Spyaxe Spyware DB Version Check (bleeding-malware.rules)
2002806 - ET MALWARE Spyaxe Spyware Checkin (bleeding-malware.rules)
2002807 - ET MALWARE Spyaxe Spyware User Agent (bleeding-malware.rules)
2002808 - ET MALWARE Spyaxe Spyware User Agent 2 (bleeding-malware.rules)
2002812 - ET TROJAN PWS-LDPinch Reporting User Activity (bleeding-virus.rules)
2002814 - ET P2P Direct Connect Traffic (client-server) (bleeding-p2p.rules)
2002815 - ET WEB_SPECIFIC Plume CMS prepend.php Remote File Inclusion attempt (bleeding-web_sql_injection.rules)
2002816 - ET MALWARE DelFin Project Spyware (payload) (bleeding-malware.rules)
2002817 - ET MALWARE DelFin Project Spyware (setup) (bleeding-malware.rules)
2002818 - ET MALWARE Malware MyWebSearch Toolbar Traffic (general download) (bleeding-malware.rules)
2002819 - ET MALWARE Malware MyWebSearch Toolbar Traffic (bin download) (bleeding-malware.rules)
2002820 - ET MALWARE Hotbar Agent Subscription POST (bleeding-malware.rules)
2002821 - ET MALWARE SideStep Bar Reporting Data (sbstart) (bleeding-malware.rules)
2002823 - ET POLICY POSSIBLE Web Crawl using Wget (bleeding-policy.rules)
2002825 - ET POLICY POSSIBLE Web Crawl using Curl (bleeding-policy.rules)
2002827 - ET POLICY POSSIBLE Crawl using Fetch (bleeding-policy.rules)
2002836 - ET MALWARE Malware MyWebSearch Toolbar Traffic (bar config download) (bleeding-malware.rules)
2002837 - ET WEB PmWiki Globals Variables Overwrite Attempt (bleeding-web.rules)
2002838 - ET Google Search Appliance browsing the Internet (bleeding-web_sql_injection.rules)
2002839 - ET MALWARE My Search Spyware Config Download (bleeding-malware.rules)
2002840 - ET MALWARE Freeze.com Spyware/Adware (Install) (bleeding-malware.rules)
2002841 - ET MALWARE Freeze.com Spyware/Adware (Install Registration) (bleeding-malware.rules)
2002842 - ET SCAN MYSQL 4.1 brute force root login attempt (bleeding-scan.rules)
2002844 - ET WEB WebDAV search overflow (bleeding-web.rules)
2002846 - ET WEB Minishare GET Overflow (bleeding-web.rules)
2002847 - ET WEB WebAdmin User Overflow (bleeding-web.rules)
2002849 - ET WEB-MISC Google Appliance External Proxy Stylesheet (bleeding-web_sql_injection.rules)
2002854 - ET TROJAN Orderjack Reporting User Activity (bleeding-virus.rules)
2002856 - ET MALWARE Suspicious POST to ROBOTS.TXT (bleeding-malware.rules)
2002857 - ET TROJAN Win32.VB.aie Reporting User Activity (bleeding-virus.rules)
2002858 - ET MALWARE Fun Web Products StationaryChooser Spyware (bleeding-malware.rules)
2002859 - ET TROJAN PassSickle Reporting User Activity (bleeding-virus.rules)
2002863 - ET WEB osCommerce vulnerable web application extras update.php exists (bleeding-web.rules)
2002864 - ET WEB osCommerce extras/update.php disclosure (bleeding-web.rules)
2002865 - ET WEB MISC Novell GroupWise Messenger Accept Language Buffer Overflow (bleeding-web.rules)
2002866 - ET POLICY Winpcap Installation in Progress (bleeding-policy.rules)
2002867 - ET WEB Horde 3.0.9-3.1.0 Help Viewer Remote PHP Exploit (bleeding-web.rules)
2002868 - ET WEB Horde Web Mail Help Access (bleeding-web.rules)
2002869 - ET WEB WebAttacker kit (exploit1 ie0601) (bleeding-web.rules)
2002870 - ET WEB WebAttacker kit (exploit ie0604) (bleeding-web.rules)
2002871 - ET WEB WebAttacker kit (bug ie0604) (bleeding-web.rules)
2002872 - ET POLICY Myspace Login Attempt (bleeding-policy.rules)
2002874 - ET MALWARE Metafisher/Goldun z User Agent (bleeding-malware.rules)
2002876 - ET MALWARE Small-EM/Divo/PassSickle User Agent (bleeding-malware.rules)
2002877 - ET MALWARE BankSnif/Nethelper User Agent (bleeding-malware.rules)
2002878 - ET POLICY iTunes User Agent (bleeding-policy.rules)
2002879 - ET WEB_SPECIFIC PHP phpMyAgenda rootagenda Remote File Include Attempt (bleeding-web_sql_injection.rules)
2002889 - ET WEB JuniperSetup Control Buffer Overflow (bleeding-web.rules)
2002892 - ET VIRUS Mytob.X [clam] SMTP Inbound (bleeding-virus.rules)
2002893 - ET VIRUS Mytob.X [clam] SMTP Outbound (bleeding-virus.rules)
2002894 - ET VIRUS W32.Nugache SMTP Inbound (bleeding-virus.rules)
2002895 - ET VIRUS W32.Nugache SMTP Outbound (bleeding-virus.rules)
2002897 - ET WEB Horde README access probe (bleeding-web.rules)
2002898 - ET WEB_SPECIFIC PHP Web Calendar Remote File Inclusion Attempt (bleeding-web_sql_injection.rules)
2002899 - ET WEB_SPECIFIC PHP VWar Remote File Inclusion get_header.php (bleeding-web_sql_injection.rules)
2002900 - ET WEB CGI AWstats Migrate Command Attempt (bleeding-web.rules)
2002901 - ET WEB_SPECIFIC PHP Aardvark Topsites PHP CONFIG[PATH] Remote File Include Attempt (bleeding-web_sql_injection.rules)
2002902 - ET WEB_SPECIFIC PHP VWar Remote File Inclusion functions_install.php (bleeding-web_sql_injection.rules)
2002910 - ET SCAN Potential VNC Scan 5800-5820 (bleeding-scan.rules)
2002911 - ET SCAN Potential VNC Scan 5900-5920 (bleeding-scan.rules)
2002929 - ET TROJAN Haxdoor Reporting User Activity 2 (bleeding-virus.rules)
2002931 - ET MALWARE CWS Trafcool.biz Related Installer (bleeding-malware.rules)
2002932 - ET MALWARE CWS Related Installer (bleeding-malware.rules)
2002933 - ET MALWARE CWS Spy-Sheriff.com Infeced Buy Page Request (bleeding-malware.rules)
2002935 - ET POLICY libwww-perl User Agent (bleeding-policy.rules)
2002937 - ET WEB WebAttacker kit (ie0606) (bleeding-web.rules)
2002938 - ET TROJAN elitekeylogger v1.0 reporting - Inbound (bleeding-virus.rules)
2002940 - ET TROJAN XP keylogger v2.1 mail report - Inbound (bleeding-virus.rules)
2002941 - ET TROJAN elitekeylogger v1.0 reporting - Outbound (bleeding-virus.rules)
2002942 - ET TROJAN XP keylogger v2.1 mail report - Outbound (bleeding-virus.rules)
2002943 - ET POLICY python.urllib User Agent Web Crawl (bleeding-policy.rules)
2002945 - ET POLICY Java Url Lib User Agent Web Crawl (bleeding-policy.rules)
2002947 - ET WEB MISC PunkBuster Server webkey Buffer Overflow (bleeding-web.rules)
2002950 - ET POLICY TOR 1.0 Server Key Retrival (bleeding-policy.rules)
2002951 - ET POLICY TOR 1.0 Status Update (bleeding-policy.rules)
2002952 - ET POLICY TOR 1.0 Inbound Circuit Traffic (bleeding-policy.rules)
2002953 - ET POLICY TOR 1.0 Outbound Circuit Traffic (bleeding-policy.rules)
2002954 - ET MALWARE Bravesentry.com Fake Antispyware Download (bleeding-malware.rules)
2002955 - ET MALWARE Bestcount.net Spyware Checkin (bleeding-malware.rules)
2002956 - ET MALWARE Bestcount.net Spyware Downloading vxgame (bleeding-malware.rules)
2002957 - ET MALWARE Bestcount.net Spyware Initial Infection Download (bleeding-malware.rules)
2002959 - ET MALWARE Blueskyltd.biz Spyware Checkin (bleeding-malware.rules)
2002960 - ET MALWARE Blueskyltd.biz Spyware Download (bleeding-malware.rules)
2002961 - ET MALWARE Blueskyltd.biz Spyware Checkin 2 (bleeding-malware.rules)
2002962 - ET MALWARE nov.ru Spyware Code Download (bleeding-malware.rules)
2002963 - ET MALWARE Generic Spambot-Spyware Access (bleeding-malware.rules)
2002964 - ET MALWARE Generic Spyware Update Download (bleeding-malware.rules)
2002965 - ET MALWARE Generic Spambot Spam Download (bleeding-malware.rules)
2002966 - ET MALWARE Elitemediagroup.net Spyware Config Download (bleeding-malware.rules)
2002967 - ET MALWARE Dollarrevenue.com Spyware Code Download (bleeding-malware.rules)
2002968 - ET MALWARE Matcash.com Spyware Code Download (bleeding-malware.rules)
2002970 - ET MALWARE VB WinHTTP User Agent - Possible Malware (bleeding-malware.rules)
2002972 - ET WEB PHP ZeroBoard .htaccess upload (bleeding-web.rules)
2002973 - ET Behavioral Unusual Port 3127 traffic, Potential Scan or Backdoor (bleeding-scan.rules)
2002974 - ET TROJAN Backdoor.Hupigon Possible Control Connection Being Established (bleeding-virus.rules)
2002975 - ET TROJAN Backdoor.Hupigon INFECTION - Reporting Host Type (bleeding-virus.rules)
2002976 - ET TROJAN Banker.Delf Infection - Sending Initial Email to Owner (bleeding-virus.rules)
2002977 - ET TROJAN Banload Downloader Infection - Sending initial email to owner (bleeding-virus.rules)
2002978 - ET TROJAN Banker.Delf Infection variant 2 - Sending Initial Email to Owner (bleeding-virus.rules)
2002979 - ET POLICY SC-KeyLog Keylogger Installed - Sending Initial Email Report (bleeding-policy.rules)
2002980 - ET TROJAN Banker.Delf Infection variant 3 - Sending Initial Email to Owner (bleeding-virus.rules)
2002981 - ET TROJAN Banker.Delf Infection variant 4 - Sending Initial Email to Owner (bleeding-virus.rules)
2002982 - ET TROJAN GENERAL Possible Trojan Sending Initial Email to Owner - INFECTADO (bleeding-virus.rules)
2002983 - ET TROJAN GENERAL Possible Trojan Sending Initial Email to Owner - SUCCESSO (bleeding-virus.rules)
2002984 - ET MALWARE SpySherriff Spyware Activity (bleeding-malware.rules)
2002986 - ET POLICY ICQ Install Direct download - Not normal mode of install (bleeding-policy.rules)
2002987 - ET MALWARE Jupitersatellites.biz Spyware Download (bleeding-malware.rules)
2002988 - ET MALWARE Possible Spambot Checking in to Spam (bleeding-malware.rules)
2002989 - ET MALWARE Possible Spambot getting new exe url (bleeding-malware.rules)
2002990 - ET MALWARE Possible Spambot Pulling IP List to Spam (bleeding-malware.rules)
2002991 - ET MALWARE Possible Spambot getting new exe (bleeding-malware.rules)
2002992 - ET SCAN Rapid POP3 Connections - Possible Brute Force Attack (bleeding-scan.rules)
2002993 - ET SCAN Rapid POP3S Connections - Possible Brute Force Attack (bleeding-scan.rules)
2002994 - ET SCAN Rapid IMAP Connections - Possible Brute Force Attack (bleeding-scan.rules)
2002995 - ET SCAN Rapid IMAPS Connections - Possible Brute Force Attack (bleeding-scan.rules)
2002996 - ET WEB-PHP GeekLog Remote File Include Vulnerability (bleeding-web_sql_injection.rules)
2002997 - ET WEB PHP Remote File Inclusion (monster list http) (bleeding-web.rules)
2002999 - ET MALWARE /jk/exp.wmf Exploit Code Load Attempt (bleeding-malware.rules)
2003000 - ET MALWARE PopupSh.ocx Access Attempt (bleeding-malware.rules)
2003002 - ET POLICY TLS/SSL Client Hello on Unusual Port TLS (bleeding-policy.rules)
2003003 - ET POLICY TLS/SSL Client Hello on Unusual Port SSLv3 (bleeding-policy.rules)
2003004 - ET POLICY TLS/SSL Client Hello on Unusual Port Case 2 (bleeding-policy.rules)
2003005 - ET POLICY TLS/SSL Client Hello on Unusual Port SSLv3 (bleeding-policy.rules)
2003006 - ET POLICY TLS/SSL Client Key Exchange on Unusual Port (bleeding-policy.rules)
2003007 - ET POLICY TLS/SSL Client Key Exchange on Unusual Port SSLv3 (bleeding-policy.rules)
2003008 - ET POLICY TLS/SSL Client Cipher Set on Unusual Port (bleeding-policy.rules)
2003009 - ET POLICY TLS/SSL Client Cipher Set on Unusual Port SSLv3 (bleeding-policy.rules)
2003010 - ET POLICY TLS/SSL Server Hello on Unusual Port (bleeding-policy.rules)
2003011 - ET POLICY TLS/SSL Server Hello on Unusual Port SSLv3 (bleeding-policy.rules)
2003012 - ET POLICY TLS/SSL Server Certificate Exchange on Unusual Port (bleeding-policy.rules)
2003013 - ET POLICY TLS/SSL Server Certificate Exchange on Unusual Port SSLv3 (bleeding-policy.rules)
2003014 - ET POLICY TLS/SSL Server Key Exchange on Unusual Port (bleeding-policy.rules)
2003015 - ET POLICY TLS/SSL Server Key Exchange on Unusual Port SSLv3 (bleeding-policy.rules)
2003016 - ET POLICY TLS/SSL Server Hello Done on Unusual Port (bleeding-policy.rules)
2003017 - ET POLICY TLS/SSL Server Hello Done on Unusual Port SSLv3 (bleeding-policy.rules)
2003018 - ET POLICY TLS/SSL Server Cipher Set on Unusual Port (bleeding-policy.rules)
2003019 - ET POLICY TLS/SSL Server Cipher Set on Unusual Port SSLv3 (bleeding-policy.rules)
2003020 - ET POLICY TLS/SSL Encrypted Application Data on Unusual Port (bleeding-policy.rules)
2003021 - ET POLICY TLS/SSL Encrypted Application Data on Unusual Port SSLv3 (bleeding-policy.rules)
2003022 - ET POLICY Skype Bootstrap Node (udp) (bleeding-policy.rules)
2003025 - ET MALWARE Unknown Web Bot Controller Accessed (bleeding-malware.rules)
2003026 - ET POLICY Known SSL traffic on port 443 being excluded from SSL Alerts (bleeding-policy.rules)
2003027 - ET POLICY Known SSL traffic on port 8000 being excluded from SSL Alerts (bleeding-policy.rules)
2003028 - ET POLICY Known SSL traffic on port 8080 being excluded from SSL Alerts (bleeding-policy.rules)
2003029 - ET POLICY Known SSL traffic on port 8200 being excluded from SSL Alerts (bleeding-policy.rules)
2003030 - ET POLICY Known SSL traffic on port 8443 being excluded from SSL Alerts (bleeding-policy.rules)
2003031 - ET POLICY Known SSL traffic on port 5222 (Jabber) being excluded from SSL Alerts (bleeding-policy.rules)
2003032 - ET POLICY Known SSL traffic on port 5223 (Jabber) being excluded from SSL Alerts (bleeding-policy.rules)
2003033 - ET POLICY Known SSL traffic on port 2967 (Symantec) being excluded from SSL Alerts (bleeding-policy.rules)
2003034 - ET MALWARE Trojan.Downloader.Time2Pay.AQ (bleeding-malware.rules)
2003035 - ET POLICY Known SSL traffic on port 3128 (proxy) being excluded from SSL Alerts (bleeding-policy.rules)
2003036 - ET POLICY Known SSL traffic on port 8080 (proxy) being excluded from SSL Alerts (bleeding-policy.rules)
2003037 - ET POLICY Known SSL traffic on port 8292 (Bloomberg) being excluded from SSL Alerts (bleeding-policy.rules)
2003038 - ET POLICY Known SSL traffic on port 8294 (Bloomberg) being excluded from SSL Alerts (bleeding-policy.rules)
2003040 - ET POLICY PCMesh Anonymous Proxy client connect (bleeding-policy.rules)
2003041 - ET VIRUS Win32.SMTP-Mailer SMTP Outbound (bleeding-virus.rules)
2003045 - ET POLICY Real.com Game Arcade Install (User agent) (bleeding-policy.rules)
2003046 - ET POLICY Real.com Game Arcade Install (bleeding-policy.rules)
2003047 - ET POLICY Proxy Judge Discovery/Evasion (prxjdg.cgi) (bleeding-policy.rules)
2003048 - ET POLICY Proxy Judge Discovery/Evasion (proxyjudge.cgi) (bleeding-policy.rules)
2003055 - ET MALWARE Suspicious 220 Banner on Local Port (bleeding-malware.rules)
2003056 - ET WEB-MISC EiQNetworks Security Analyzer Buffer Overflow (bleeding-web_sql_injection.rules)
2003057 - ET MALWARE 180solutions Spyware Actionlibs Download (bleeding-malware.rules)
2003058 - ET MALWARE 180solutions (Zango) Spyware Installer Download (bleeding-malware.rules)
2003059 - ET MALWARE 180solutions (Zango) Spyware TB Installer Download (bleeding-malware.rules)
2003060 - ET MALWARE 180solutions (Zango) Spyware Local Stats Post (bleeding-malware.rules)
2003061 - ET MALWARE 180solutions (Zango) Spyware Event Activity Post (bleeding-malware.rules)
2003062 - ET MALWARE 180 Solutions (Zango Installer) User Agent (bleeding-malware.rules)
2003063 - ET WEB WebAttacker RootLauncher (bleeding-web.rules)
2003066 - ET TROJAN Torpig Reporting User Activity (wur8) (bleeding-virus.rules)
2003068 - ET SCAN Potential SSH Scan OUTBOUND (bleeding-scan.rules)
2003070 - ET WORM Korgo.U Reporting (bleeding-virus.rules)
2003073 - ET TROJAN ICMP Banking Trojan sending encrypted stolen data (bleeding-virus.rules)
2003074 - ET MALWARE Content-loader.com Spyware Install (bleeding-malware.rules)
2003075 - ET MALWARE Content-loader.com Spyware Install 2 (bleeding-malware.rules)
2003076 - ET MALWARE Content-loader.com (ownusa.info) Spyware Install (bleeding-malware.rules)
2003083 - ET TROJAN Dialer (bleeding-virus.rules)
2003084 - ET MALWARE TROJAN_VB Microjoin (bleeding-malware.rules)
2003085 - ET WEB TWiki Configure Script TYPEOF Remote Command Execution Attempt (bleeding-web.rules)
2003086 - ET WEB Barracuda Spam Firewall preview_email.cgi Remote Command Execution (bleeding-web.rules)
2003087 - ET WEB Barracuda Spam Firewall preview_email.cgi Remote Directory Traversal Attempt (bleeding-web.rules)
2003088 - ET VIRUS Sality Trojan User-Agent (KUKU v3.09 exp) (bleeding-virus.rules)
2003093 - ET POLICY iMesh 6 User Agent (bleeding-policy.rules)
2003094 - ET TROJAN VMM Detecting Torpig/Anserin/Sinowal Trojan (bleeding-virus.rules)
2003095 - ET TROJAN (UPX) VMM Detecting Torpig/Anserin/Sinowal Trojan (bleeding-virus.rules)
2003096 - ET POLICY Possible Image Spam Inbound (simple rule) (bleeding-policy.rules)
2003097 - ET POLICY Possible Image Spam Inbound (complex rule) (bleeding-policy.rules)
2003098 - ET WEB PHP Remote File Inclusion (monster list ftp) (bleeding-web.rules)
2003099 - ET WEB-MISC Poison Null Byte (bleeding-web.rules)
2003100 - ET POLICY Porn-Sports-Gambling site designed to bypass restrictions (bleeding-policy.rules)
2003107 - ET TROJAN Possible Goldun Dropsite 1 (bleeding-virus.rules)
2003108 - ET TROJAN Possible Goldun Dropsite 2 (bleeding-virus.rules)
2003115 - ET TROJAN - Trojan.Proxy.PPAgent.t (updatea) (bleeding-virus.rules)
2003116 - ET TROJAN - Trojan.Proxy.PPAgent.t (updateb) (bleeding-virus.rules)
2003120 - ET POLICY Possible Image Spam Inbound (3) (bleeding-policy.rules)
2003121 - ET POLICY docs.google.com Activity (bleeding-policy.rules)
2003122 - ET POLICY Possible docs.google.com Activity (bleeding-policy.rules)
2003132 - ET TROJAN BOT - potential DDoS command (2) (bleeding-virus.rules)
2003138 - ET TROJAN SpamThru trojan peer exchange (bleeding-virus.rules)
2003139 - ET TROJAN SpamThru trojan SMTP test successful (bleeding-virus.rules)
2003140 - ET TROJAN SpamThru trojan update request (bleeding-virus.rules)
2003141 - ET TROJAN SpamThru trojan AV DLL request (bleeding-virus.rules)
2003142 - ET TROJAN SpamThru trojan spam template request (bleeding-virus.rules)
2003143 - ET TROJAN SpamThru trojan spam run report (bleeding-virus.rules)
2003144 - ET TROJAN SpamThru trojan AV scan report (bleeding-virus.rules)
2003151 - ET MALWARE Fun Web Products SmileyCentral IEsp2 Install (bleeding-malware.rules)
2003152 - ET WEB_SPECIFIC CutePHP CuteNews directory traversal vulnerability - show_archives (bleeding-web_sql_injection.rules)
2003153 - ET MALWARE Bestcount.net Spyware Exploit Download (bleeding-malware.rules)
2003154 - ET MALWARE Bestcount.net Spyware Data Upload (bleeding-malware.rules)
2003155 - ET POLICY Microsoft TEREDO IPv6 tunneling (bleeding-policy.rules)
2003156 - ET WEB Crewbox Proxy Scan (bleeding-web.rules)
2003157 - ET TROJAN Agobot-SDBot Commands (bleeding-virus.rules)
2003167 - ET WEB tikiwiki featured link XSS attempt (bleeding-web.rules)
2003168 - ET POLICY Winamp Streaming User Agent (bleeding-policy.rules)
2003170 - ET MALWARE Zango Spyware Activity (bleeding-malware.rules)
2003171 - ET SCAN IBM NSA User Agent (bleeding-scan.rules)
2003172 - ET P2P Manolito Search Query (bleeding-p2p.rules)
2003175 - ET TROJAN Warezov/Stration Challenge (bleeding-virus.rules)
2003176 - ET TROJAN Warezov/Stration Challenge Response (bleeding-virus.rules)
2003179 - ET POLICY exe download without User Agent (bleeding-policy.rules)
2003180 - ET TROJAN Possible Warezov/Stration Data Post to Controller (bleeding-virus.rules)
2003182 - ET TROJAN Prg Trojan v0.1-v0.3 Data Upload (bleeding-virus.rules)
2003183 - ET TROJAN Prg Trojan Server Reply (bleeding-virus.rules)
2003184 - ET TROJAN Prg Trojan v0.1 Binary In Transit (bleeding-virus.rules)
2003185 - ET TROJAN Prg Trojan v0.2 Binary In Transit (bleeding-virus.rules)
2003186 - ET TROJAN Prg Trojan v0.3 Binary In Transit (bleeding-virus.rules)
2003187 - ET TROJAN Win32.Lager Trojan Initial Checkin (bleeding-virus.rules)
2003188 - ET TROJAN Win32.Lager Trojan Reporting (bleeding-virus.rules)
2003189 - ET TROJAN Win32.Lager Trojan Reporting (gcu) (bleeding-virus.rules)
2003190 - ET TROJAN Win32.Lager Trojan Reporting Spam (bleeding-virus.rules)
2003192 - ET VOIP INVITE Message Flood (bleeding-voip.rules)
2003193 - ET VOIP REGISTER Message Flood (bleeding-voip.rules)
2003194 - ET VOIP Multiple Unauthorized SIP Responses (bleeding-voip.rules)
2003195 - ET POLICY Unusual number of DNS No Such Name Responses (bleeding-policy.rules)
2003200 - ET MALWARE Suspicious User Agent (MSIE XPSP2) (bleeding-malware.rules)
2003201 - ET MALWARE Thespyguard.com Spyware Install (bleeding-malware.rules)
2003202 - ET MALWARE Thespyguard.com Spyware Update Check (bleeding-malware.rules)
2003203 - ET MALWARE Hitvirus Fake AV Install (bleeding-malware.rules)
2003204 - ET MALWARE Thespyguard.com Spyware Updating (bleeding-malware.rules)
2003205 - ET MALWARE Suspicious User Agent (Informer from RBC) (bleeding-malware.rules)
2003208 - ET TROJAN pBot (PHP bot) Commands (bleeding-virus.rules)
2003209 - ET MALWARE Best-targeted-traffic.com Spyware Checkin (bleeding-malware.rules)
2003210 - ET MALWARE Best-targeted-traffic.com Spyware Install (bleeding-malware.rules)
2003211 - ET MALWARE Best-targeted-traffic.com Spyware Ping (bleeding-malware.rules)
2003214 - ET POLICY Pingdom.com Monitoring detected (bleeding-policy.rules)
2003215 - ET POLICY Pingdom.com Monitoring Node Active (bleeding-policy.rules)
2003216 - ET MALWARE Conduit Connect Toolbar (Many report to be benign) (bleeding-malware.rules)
2003217 - ET MALWARE 180solutions (Zango) Spyware Installer Config 2 (bleeding-malware.rules)
2003218 - ET MALWARE Conduit Connect Toolbar Message Download(Many report to be benign) (bleeding-malware.rules)
2003219 - ET MALWARE Alexa Spyware Reporting (bleeding-malware.rules)
2003221 - ET MALWARE MySearchNow.com Spyware (bleeding-malware.rules)
2003222 - ET MALWARE Malware MyWebSearch Toolbar Receiving Config 2 (bleeding-malware.rules)
2003223 - ET MALWARE Zango-Hotbar User Agent (bleeding-malware.rules)
2003224 - ET MALWARE Megaupload Spyware User Agent (bleeding-malware.rules)
2003238 - ET TROJAN W32.Downloader-388 (Trojan-Downloader.Win32.Tibs.jy) Reporting to C&C (bleeding-virus.rules)
2003239 - ET TROJAN W32.Downloader-388 (Trojan-Downloader.Win32.Tibs.jy) Reporting to C&C (2) (bleeding-virus.rules)
2003240 - ET MALWARE New.net Spyware updating (bleeding-malware.rules)
2003241 - ET MALWARE New.net Spyware Checkin (bleeding-malware.rules)
2003242 - ET MALWARE Websearch.com Cab Download (bleeding-malware.rules)
2003243 - ET MALWARE Suspicious User Agent (Download Agent) Possibly Related to TrinityAcquisitions.com (bleeding-malware.rules)
2003244 - ET TROJAN HackerDefender.HE Root Kit Control Connection (bleeding-virus.rules)
2003245 - ET TROJAN HackerDefender.HE Root Kit Control Connection Reply (bleeding-virus.rules)
2003251 - ET MALWARE SpySheriff Intial Phone Home (bleeding-malware.rules)
2003253 - ET MALWARE MarketScore Spyware Uploading Data (bleeding-malware.rules)
2003254 - ET MALWARE SOCKSv5 Port 25 Inbound Request (Windows Source) (bleeding-malware.rules)
2003255 - ET MALWARE SOCKSv5 Port 25 Inbound Request (Linux Source) (bleeding-malware.rules)
2003256 - ET MALWARE SOCKSv4 Port 25 Inbound Request (Windows Source) (bleeding-malware.rules)
2003257 - ET MALWARE SOCKSv5 Port 25 Inbound Request (Linux Source) (bleeding-malware.rules)
2003258 - ET MALWARE SOCKSv5 DNS Inbound Request (Windows Source) (bleeding-malware.rules)
2003259 - ET MALWARE SOCKSv5 DNS Inbound Request (Linux Source) (bleeding-malware.rules)
2003260 - ET MALWARE SOCKSv5 HTTP Proxy Inbound Request (Windows Source) (bleeding-malware.rules)
2003261 - ET MALWARE SOCKSv5 HTTP Proxy Inbound Request (Linux Source) (bleeding-malware.rules)
2003262 - ET MALWARE SOCKSv4 HTTP Proxy Inbound Request (Windows Source) (bleeding-malware.rules)
2003263 - ET MALWARE SOCKSv4 HTTP Proxy Inbound Request (Linux Source) (bleeding-malware.rules)
2003264 - ET MALWARE HTTP Connect Request Inbound (Windows Source) (bleeding-malware.rules)
2003265 - ET MALWARE HTTP Connect Request Inbound (Linux Source) (bleeding-malware.rules)
2003266 - ET MALWARE SOCKSv5 Port 443 Inbound Request (Windows Source) (bleeding-malware.rules)
2003267 - ET MALWARE SOCKSv5 Port 443 Inbound Request (Linux Source) (bleeding-malware.rules)
2003268 - ET MALWARE SOCKSv4 Port 443 Inbound Request (Windows Source) (bleeding-malware.rules)
2003269 - ET MALWARE SOCKSv4 Port 443 Inbound Request (Linux Source) (bleeding-malware.rules)
2003270 - ET MALWARE SOCKSv5 Port 5190 Inbound Request (Windows Source) (bleeding-malware.rules)
2003271 - ET MALWARE SOCKSv5 Port 5190 Inbound Request (Linux Source) (bleeding-malware.rules)
2003272 - ET MALWARE SOCKSv4 Port 5190 Inbound Request (Windows Source) (bleeding-malware.rules)
2003273 - ET MALWARE SOCKSv5 Port 5190 Inbound Request (Linux Source) (bleeding-malware.rules)
2003274 - ET MALWARE SOCKSv5 Port 1863 Inbound Request (Windows Source) (bleeding-malware.rules)
2003275 - ET MALWARE SOCKSv5 Port 1863 Inbound Request (Linux Source) (bleeding-malware.rules)
2003276 - ET MALWARE SOCKSv4 Port 1863 Inbound Request (Windows Source) (bleeding-malware.rules)
2003277 - ET MALWARE SOCKSv4 Port 1863 Inbound Request (Linux Source) (bleeding-malware.rules)
2003278 - ET MALWARE SOCKSv5 Port 5050 Inbound Request (Windows Source) (bleeding-malware.rules)
2003279 - ET MALWARE SOCKSv5 Port 5050 Inbound Request (Linux Source) (bleeding-malware.rules)
2003280 - ET MALWARE SOCKSv4 Port 5050 Inbound Request (Windows Source) (bleeding-malware.rules)
2003281 - ET MALWARE SOCKSv4 Port 5050 Inbound Request (Linux Source) (bleeding-malware.rules)
2003282 - ET MALWARE SOCKSv4 Inbound Connect Request (Windows Source) (bleeding-malware.rules)
2003283 - ET MALWARE SOCKSv4 Inbound Connect Request (Linux Source) (bleeding-malware.rules)
2003284 - ET MALWARE SOCKSv5 IPv6 Inbound Connect Request (Windows Source) (bleeding-malware.rules)
2003285 - ET MALWARE SOCKSv5 IPv6 Inbound Connect Request (Linux Source) (bleeding-malware.rules)
2003286 - ET MALWARE SOCKSv5 UDP Proxy Inbound Connect Request (Windows Source) (bleeding-malware.rules)
2003287 - ET MALWARE SOCKSv5 UDP Proxy Inbound Connect Request (Linux Source) (bleeding-malware.rules)
2003292 - ET WORM Allaple ICMP Sweep Ping Outbound (bleeding-virus.rules)
2003293 - ET WORM Allaple ICMP Sweep Reply Inbound (bleeding-virus.rules)
2003294 - ET WORM Allaple ICMP Sweep Ping Inbound (bleeding-virus.rules)
2003295 - ET WORM Allaple ICMP Sweep Reply Outbound (bleeding-virus.rules)
2003296 - ET TROJAN Possible Web-based DDoS-command being issued (bleeding-virus.rules)
2003297 - ET MALWARE Travel Update Spyware (bleeding-malware.rules)
2003298 - ET MALWARE KMIP.net Spyware (bleeding-malware.rules)
2003302 - ET TROJAN psyBNC IRC Server Connection (bleeding-virus.rules)
2003303 - ET POLICY FTP Login Attempt (non-anonymous) (bleeding-policy.rules)
2003304 - ET MALWARE Effectivebrands.com Spyware Checkin (bleeding-malware.rules)
2003305 - ET MALWARE Zango-Hotbar User Agent (zbu-hb-) (bleeding-malware.rules)
2003306 - ET MALWARE 180solutions Spyware (tracked event 2 reporting) (bleeding-malware.rules)
2003307 - ET MALWARE Comet Systems Spyware Cursor DL (bleeding-malware.rules)
2003308 - ET P2P Edonkey IP Request (bleeding-p2p.rules)
2003309 - ET P2P Edonkey IP Reply (bleeding-p2p.rules)
2003310 - ET P2P Edonkey Publicize File (bleeding-p2p.rules)
2003311 - ET P2P Edonkey Publicize File ACK (bleeding-p2p.rules)
2003312 - ET P2P Edonkey Connect Request (bleeding-p2p.rules)
2003313 - ET P2P Edonkey Connect Reply and Server List (bleeding-p2p.rules)
2003314 - ET P2P Edonkey Search Request (by file hash) (bleeding-p2p.rules)
2003315 - ET P2P Edonkey Search Reply (bleeding-p2p.rules)
2003316 - ET P2P Edonkey IP Query End (bleeding-p2p.rules)
2003317 - ET P2P Edonkey Search Request (any type file) (bleeding-p2p.rules)
2003318 - ET P2P Edonkey Get Sources Request (by hash) (bleeding-p2p.rules)
2003319 - ET P2P Edonkey Search Request (search by name) (bleeding-p2p.rules)
2003320 - ET P2P Edonkey Search Results (bleeding-p2p.rules)
2003321 - ET P2P Edonkey Server Message (bleeding-p2p.rules)
2003322 - ET P2P Edonkey Server List (bleeding-p2p.rules)
2003323 - ET P2P Edonkey Client to Server Hello (bleeding-p2p.rules)
2003324 - ET P2P Edonkey Server Status (bleeding-p2p.rules)
2003326 - ET WEB-CLIENT Apple Quicktime RTSP Overflow (1) (bleeding-web.rules)
2003327 - ET WEB-CLIENT Apple Quicktime RTSP Overflow (2) (bleeding-web.rules)
2003330 - ET POLICY Possible Spambot -- Host DNS MX Query High Count (bleeding-policy.rules)
2003331 - ET WEB_SPECIFIC PHP Generic membreManager.php remote file include (bleeding-web_sql_injection.rules)
2003333 - ET WEB_SPECIFIC PHP Gnopaster Common.php remote file include (bleeding-web_sql_injection.rules)
2003334 - ET WEB Cacti cmd.php Remote Arbitrary SQL Command Execution Attempt (bleeding-web.rules)
2003335 - ET MALWARE 2search.org User Agent (2search) (bleeding-malware.rules)
2003336 - ET MALWARE AntiVermins.com Fake Antispyware Package User Agent (bleeding-malware.rules)
2003337 - ET MALWARE Suspicious User Agent (Autoupdate) (bleeding-malware.rules)
2003340 - ET MALWARE Baidu.com Spyware Bar Reporting (bleeding-malware.rules)
2003341 - ET MALWARE Baidu.com Spyware Bar Pulling Content (bleeding-malware.rules)
2003342 - ET MALWARE www.baidu.com Spyware User Agent (bar-get) (bleeding-malware.rules)
2003343 - ET MALWARE CNSMin Spyware User Agent (CnsMin Agent) (bleeding-malware.rules)
2003344 - ET MALWARE Trinityacquisitions.com and Maximumexperience.com Spyware Activity (bleeding-malware.rules)
2003345 - ET MALWARE Download UBAgent User Agent - lop.com and other spyware (bleeding-malware.rules)
2003346 - ET MALWARE Errorsafe.com Fake antispyware User Agent (ErrorSafe Updater) (bleeding-malware.rules)
2003347 - ET MALWARE Gamehouse.com User Agent (GAMEHOUSE.NET.URL) (bleeding-malware.rules)
2003348 - ET MALWARE Gamehouse.com Activity (bleeding-malware.rules)
2003350 - ET MALWARE MyGlobalSearch Spyware bar updating (bleeding-malware.rules)
2003351 - ET MALWARE MyGlobalSearch Spyware bar update (bleeding-malware.rules)
2003352 - ET MALWARE MyGlobalSearch Spyware bar update 2 (bleeding-malware.rules)
2003353 - ET MALWARE Winferno Registry Fix Spyware Download (bleeding-malware.rules)
2003354 - ET MALWARE Yourscreen.com Spyware Download (bleeding-malware.rules)
2003355 - ET MALWARE Yourscreen.com Spyware User Agent (FreezeInet) (bleeding-malware.rules)
2003356 - ET MALWARE Freeze.com Spyware Download (bleeding-malware.rules)
2003357 - ET MALWARE Zenotecnico.com Spyware User Agent (WinXP Pro Service Pack 2) (bleeding-malware.rules)
2003358 - ET MALWARE Catchonlife.com Spyware (bleeding-malware.rules)
2003359 - ET MALWARE Seznam.cz Spyware User Agent (Seznam.cz XML-RPC) (bleeding-malware.rules)
2003360 - ET MALWARE Effectivebrands.com Spyware Checkin 2 (bleeding-malware.rules)
2003362 - ET MALWARE Freeze.com Spyware/Adware (Pulling Ads) (bleeding-malware.rules)
2003363 - ET MALWARE Spamblockerutility.com-Hotbar User Agent (sbu-hb-) (bleeding-malware.rules)
2003364 - ET MALWARE Hotbar Agent Adopt/Zango (bleeding-malware.rules)
2003365 - ET MALWARE Hotbar Zango Toolbar Spyware User Agent (ZangoToolbar ) (bleeding-malware.rules)
2003366 - ET MALWARE qsrch.com/Casalemedia Spyware Reporting URL Visited3 (bleeding-malware.rules)
2003367 - ET MALWARE www.baidu.com Spyware User Agent (sobar-post) (bleeding-malware.rules)
2003368 - ET MALWARE Web-nexus.net Spyware User Agent (z_v5.2.7) (bleeding-malware.rules)
2003371 - ET WEB_SPECIFIC PHP Portail Includes.php remote file include (bleeding-web_sql_injection.rules)
2003372 - ET WEB_SPECIFIC PHPEventMan remote file include (bleeding-web_sql_injection.rules)
2003375 - ET MALWARE Spy-Not.com Spyware Pulling Fake Sigs (bleeding-malware.rules)
2003376 - ET MALWARE Instafinder.com spyware (bleeding-malware.rules)
2003377 - ET MALWARE Spy-Not.com Spyware Updating (bleeding-malware.rules)
2003380 - ET TROJAN Suspicious User-Agent - Possible Trojan Downloader (ver18/ver19, etc) (bleeding-virus.rules)
2003383 - ET MALWARE Hotbar Tools Spyware User Agent (hbtools) (bleeding-malware.rules)
2003384 - ET MALWARE SpamBlockerUtility Fake Anti-Spyware User Agent (SpamBlockerUtility x.x.x) (bleeding-malware.rules)
2003385 - ET MALWARE sgrunt Dialer User Agent (sgrunt) (bleeding-malware.rules)
2003386 - ET MALWARE snprtz Dialer User Agent (snprtz) (bleeding-malware.rules)
2003387 - ET MALWARE dialno Dialer User Agent (dialno) (bleeding-malware.rules)
2003388 - ET MALWARE Hotbar Keywords Download (bleeding-malware.rules)
2003389 - ET MALWARE WhenUClick.com Application Version Check (bleeding-malware.rules)
2003390 - ET MALWARE SurfAccuracy.com Spyware Updating (bleeding-malware.rules)
2003391 - ET MALWARE SurfAccuracy.com Spyware Pulling Ads (bleeding-malware.rules)
2003392 - ET TROJAN Warezov/Stration Communicating with Controller (bleeding-virus.rules)
2003394 - ET MALWARE User Agent Containing http\:// - Suspicious - Likely Spyware/Trojan (bleeding-malware.rules)
2003396 - ET MALWARE Mysearch.com/Morpheus Bar Spyware User-Agent (bleeding-malware.rules)
2003397 - ET MALWARE Zango Seekmo Bar Spyware User-Agent (Seekmo Toolbar) (bleeding-malware.rules)
2003398 - ET MALWARE Morpheus Spyware Install User-Agent (SmartInstaller) (bleeding-malware.rules)
2003399 - ET MALWARE Spyhealer Fake Anti-Spyware Install User-Agent (SpyHealer) (bleeding-malware.rules)
2003404 - ET MALWARE WhenUClick.com WhenUSave Data Retrieval (DataChunksGZ) (bleeding-malware.rules)
2003405 - ET MALWARE Freeze.com Spyware User-Agent (YourScreen123) (bleeding-malware.rules)
2003406 - ET MALWARE Mysearch.com Spyware User-Agent (iMeshBar) (bleeding-malware.rules)
2003407 - ET MALWARE searchenginebar.com Spyware User-Agent (RX Bar) (bleeding-malware.rules)
2003408 - ET TROJAN Downloader-1355 Checking In (bleeding-virus.rules)
2003409 - ET POLICY Majestic-12 Spider Bot User-Agent (MJ12bot) (bleeding-policy.rules)
2003410 - ET POLICY FTP Login Successful (non-anonymous) (bleeding-policy.rules)
2003414 - ET MALWARE Epilot.com Spyware Reporting (bleeding-malware.rules)
2003416 - ET MALWARE Epilot.com Spyware Reporting Clicks (bleeding-malware.rules)
2003417 - ET MALWARE CNSMIN (3721.com) Spyware Activity (bleeding-malware.rules)
2003418 - ET MALWARE CNSMIN (3721.com) Spyware Activity 2 (bleeding-malware.rules)
2003419 - ET MALWARE CNSMIN (3721.com) Spyware Activity 3 (bleeding-malware.rules)
2003420 - ET MALWARE Weatherbug Activity (bleeding-malware.rules)
2003421 - ET MALWARE Weatherbug Design60 Upload Activity (bleeding-malware.rules)
2003422 - ET MALWARE Weatherbug Command Activity (bleeding-malware.rules)
2003423 - ET MALWARE Weatherbug Design60 Upload Activity (bleeding-malware.rules)
2003424 - ET VIRUS Sality Trojan Web Update (bleeding-virus.rules)
2003425 - ET MALWARE clickspring.com Spyware Install User-Agent (CS Fingerprint Module) (bleeding-malware.rules)
2003426 - ET MALWARE Outerinfo.com Spyware Checkin (bleeding-malware.rules)
2003427 - ET WORM Bagle Worm User-Agent (DEBUT.TMP) (bleeding-virus.rules)
2003428 - ET MALWARE Surfaccuracy.com Spyware Install User-Agent (SF Installer) (bleeding-malware.rules)
2003429 - ET MALWARE xxxtoolbar.com Spyware Install User-Agent (bleeding-malware.rules)
2003431 - ET TROJAN Unnamed Generic.Malware http get (bleeding-virus.rules)
2003432 - ET TROJAN Nukebot related infection - Unique HTTP get request (bleeding-virus.rules)
2003433 - ET TROJAN Nukebot Checkin (bleeding-virus.rules)
2003435 - ET TROJAN Stormy Variant HTTP Request (bleeding-virus.rules)
2003436 - ET TROJAN Warezov/Stration Communicating with Controller 2 (bleeding-virus.rules)
2003437 - ET P2P Ares over UDP (bleeding-p2p.rules)
2003438 - ET MALWARE Abcsearch.com Spyware Reporting (bleeding-malware.rules)
2003439 - ET MALWARE Dropspam.com Spyware Install User-Agent (DSInstall) (bleeding-malware.rules)
2003440 - ET MALWARE Dropspam.com Spyware Reporting (bleeding-malware.rules)
2003441 - ET MALWARE Webbuying.net Spyware Install User-Agent (wbi_v0.90) (bleeding-malware.rules)
2003442 - ET MALWARE Webbuying.net Spyware Installing (bleeding-malware.rules)
2003444 - ET MALWARE Deskwizz.com Spyware Install Code Download (bleeding-malware.rules)
2003445 - ET MALWARE Deskwizz.com Spyware Install INI Download (bleeding-malware.rules)
2003446 - ET MALWARE Adware Command Client Checkin (bleeding-malware.rules)
2003449 - ET MALWARE Webbuying.net Spyware Install User-Agent 2 (wb v1.6.4) (bleeding-malware.rules)
2003450 - ET MALWARE Specificclick.net Spyware Activity (bleeding-malware.rules)
2003451 - ET MALWARE K8l.info Spyware Activity (bleeding-malware.rules)
2003452 - ET MALWARE LoopAd/Secure-browser.com Spyware User-Agent (rw.exe) (bleeding-malware.rules)
2003453 - ET POLICY Netvacy.com Anonymizing Proxy Access (bleeding-policy.rules)
2003454 - ET POLICY Yahoo 360 Social Site Access (bleeding-policy.rules)
2003455 - ET POLICY Hi5.com Social Site Access (bleeding-policy.rules)
2003456 - ET POLICY Gazzag.com Social Site Access (bleeding-policy.rules)
2003457 - ET POLICY Metacafe.com Social Site Access (bleeding-policy.rules)
2003458 - ET POLICY Orkut.com Social Site Access (bleeding-policy.rules)
2003462 - ET MALWARE CoolDeskAlert Spyware Activity (bleeding-malware.rules)
2003463 - ET MALWARE Suspicious User-Agent (Toolbar) Possibly Malware/Spyware (bleeding-malware.rules)
2003466 - ET WEB PHP Attack Tool Morfeus F Scanner (bleeding-web.rules)
2003467 - ET MALWARE Oemji.com Spyware Settings Update (bleeding-malware.rules)
2003468 - ET MALWARE Oemji Spyware User-Agent (Oemji) (bleeding-malware.rules)
2003469 - ET POLICY AOL Toolbar User-Agent (AOLToolbar) (bleeding-policy.rules)
2003470 - ET MALWARE Winsoftware.com Spyware User-Agent (Updater) (bleeding-malware.rules)
2003471 - ET MALWARE Winsoftware.com Spyware Activity (bleeding-malware.rules)
2003472 - ET MALWARE DelFin Project Spyware (setup-alt) (bleeding-malware.rules)
2003473 - ET MALWARE DelFin Project Spyware (payload-alt) (bleeding-malware.rules)
2003474 - ET VOIP Asterisk Register with no URI or Version DOS Attempt (bleeding-voip.rules)
2003475 - ET ABC Torrent User-Agent (ABC/ABC-3.1.0) (bleeding-p2p.rules)
2003476 - ET MALWARE Virusblast.com Fake AV/Anti-Spyware User-Agent (ad-protect) (bleeding-malware.rules)
2003477 - ET MALWARE Terminexor.com Spyware User-Agent (DInstaller2) (bleeding-malware.rules)
2003478 - ET MALWARE Errornuker.com Fake Anti-Spyware User-Agent (ERRORNUKER) (bleeding-malware.rules)
2003479 - ET POLICY Radmin Remote Control Session Setup Initiate (bleeding-policy.rules)
2003480 - ET POLICY Radmin Remote Control Session Setup Response (bleeding-policy.rules)
2003481 - ET POLICY Radmin Remote Control Session Authentication Initiate (bleeding-policy.rules)
2003482 - ET POLICY Radmin Remote Control Session Authentication Response (bleeding-policy.rules)
2003484 - ET WORM Allaple Unique HTTP Request - Possibly part of DDOS (bleeding-virus.rules)
2003486 - ET MALWARE Drivecleaner.com Spyware User-Agent (DriveCleaner Updater) (bleeding-malware.rules)
2003487 - ET MALWARE url404.com Spyware User-Agent (Httper) (bleeding-malware.rules)
2003489 - ET MALWARE malwarewipeupdate.com Spyware User-Agent (MalwareWipe) (bleeding-malware.rules)
2003490 - ET MALWARE Mirar Spyware User-Agent (Mirar_KeywordContent) (bleeding-malware.rules)
2003491 - ET MALWARE Suspicious Misspelled Mozilla User-Agent (Mozila/4.0...) (bleeding-malware.rules)
2003492 - ET MALWARE Suspicious Mozilla User-Agent - Likely Fake (Mozilla/4.0) (bleeding-malware.rules)
2003493 - ET MALWARE AskSearch Spyware User-Agent (AskSearchAssistant) (bleeding-malware.rules)
2003494 - ET MALWARE AskSearch Toolbar Spyware User-Agent (AskTBar) (bleeding-malware.rules)
2003495 - ET MALWARE HSN.com Toolbar Spyware User-Agent (HSN) (bleeding-malware.rules)
2003496 - ET MALWARE AskSearch Toolbar Spyware User-Agent (AskBar) (bleeding-malware.rules)
2003497 - ET MALWARE 180Solutions Related Spyware User-Agent (msbb) (bleeding-malware.rules)
2003498 - ET MALWARE Gamehouse.com Related Spyware User-Agent (Sprout Game) (bleeding-malware.rules)
2003499 - ET MALWARE SpyDawn.com Fake Anti-Spyware User-Agent (SpyDawn) (bleeding-malware.rules)
2003500 - ET MALWARE Adwave.com Related Spyware User-Agent (STBHOGet) (bleeding-malware.rules)
2003501 - ET MALWARE Bestoffersnetwork.com Related Spyware User-Agent (TBONAS) (bleeding-malware.rules)
2003502 - ET MALWARE Sysupdates.com Related Spyware User-Agent (TM_SEARCH3) (bleeding-malware.rules)
2003503 - ET MALWARE AAValue.com Related Spyware User-Agent (Toolbar) (bleeding-malware.rules)
2003504 - ET MALWARE E2give Spyware Reporting (check url) (bleeding-malware.rules)
2003505 - ET MALWARE Toplist.cz Related Spyware User-Agent (BWL Toplist) (bleeding-malware.rules)
2003506 - ET MALWARE Alawar Toolbar Spyware User-Agent (Alawar Toolbar) (bleeding-malware.rules)
2003508 - ET WEB_SPECIFIC Wordpress wp-login.php redirect_to credentials stealing attempt (bleeding-web_sql_injection.rules)
2003509 - ET TROJAN Gozi Certificate Information Leakage (bleeding-virus.rules)
2003510 - ET TROJAN Gozi Registration (bleeding-virus.rules)
2003511 - ET TROJAN Gozi Form Data Information Leakage (bleeding-virus.rules)
2003513 - ET MALWARE Suspicious Mozilla User-Agent typo (MOzilla/4.0) (bleeding-malware.rules)
2003515 - ET TROJAN Snatch Reporting User Activity (bleeding-virus.rules)
2003516 - ET WEB_SPECIFIC Xoops Articles modules print.php SQL injection attempt (bleeding-web_sql_injection.rules)
2003517 - ET WEB_SPECIFIC iPhotoAlbum header.php remote file include (bleeding-web_sql_injection.rules)
2003520 - ET EXPLOIT webCalendar Remote File include (bleeding-web.rules)
2003525 - ET MALWARE Supergames.aavalue.com Spyware (bleeding-malware.rules)
2003526 - ET MALWARE KMIP.net Spyware 2 (bleeding-malware.rules)
2003527 - ET MALWARE WinSoftware.com Spyware User-Agent (WinSoftware) (bleeding-malware.rules)
2003528 - ET MALWARE WinSoftware.com Spyware User-Agent (NetInstaller) (bleeding-malware.rules)
2003529 - ET MALWARE Msgplus.net Spyware/Adware User-Agent (MsgPlus3) (bleeding-malware.rules)
2003530 - ET MALWARE Suspicious Mozilla User-Agent Separator - likely Fake (Mozilla/4.0+(compatible +MSIE+) (bleeding-malware.rules)
2003531 - ET MALWARE Antivermins.com Spyware/Adware User-Agent (AntiVermeans) (bleeding-malware.rules)
2003532 - ET MALWARE CommonName.com Spyware/Adware User-Agent (CommonName Agent) (bleeding-malware.rules)
2003533 - ET MALWARE Sytes.net Related Spyware Reporting (bleeding-malware.rules)
2003534 - ET MALWARE Weatherbug Vista Gadget Activity (bleeding-malware.rules)
2003537 - ET TROJAN Trojan.Duntek establishing remote connection (bleeding-virus.rules)
2003538 - ET TROJAN Klom.A Connecting to Controller (bleeding-virus.rules)
2003541 - ET MALWARE Bravesentry.com Fake Antispyware Updating (bleeding-malware.rules)
2003542 - ET MALWARE Bravesentry.com/Protectwin.com Fake Antispyware Reporting (bleeding-malware.rules)
2003543 - ET MALWARE Winfixmaster.com Fake Anti-Spyware Install (bleeding-malware.rules)
2003544 - ET MALWARE Winfixmaster.com Fake Anti-Spyware User-Agent (WinFixMaster) (bleeding-malware.rules)
2003545 - ET MALWARE Winfixmaster.com Fake Anti-Spyware User-Agent 2 (WinFix Master) (bleeding-malware.rules)
2003546 - ET MALWARE Suspicious User-Agent (downloader) - Used by Winfixmaster.com Fake Anti-Spyware and Others (bleeding-malware.rules)
2003547 - ET MALWARE Privacyprotector.com Fake Anti-Spyware Install (bleeding-malware.rules)
2003548 - ET MALWARE Privacyprotector.com Fake Anti-Spyware Checkin (bleeding-malware.rules)
2003549 - ET TROJAN Bandook v1.2 Initial Connection and Report (bleeding-virus.rules)
2003550 - ET TROJAN Bandook v1.2 Get Processes (bleeding-virus.rules)
2003551 - ET TROJAN Bandook v1.2 Kill Process Command (bleeding-virus.rules)
2003552 - ET TROJAN Bandook v1.2 Reporting Socks Proxy Active (bleeding-virus.rules)
2003553 - ET TROJAN Bandook v1.2 Reporting Socks Proxy Off (bleeding-virus.rules)
2003554 - ET TROJAN Bandook v1.2 Client Ping Reply (bleeding-virus.rules)
2003555 - ET TROJAN Bandook v1.35 Initial Connection and Report (bleeding-virus.rules)
2003556 - ET TROJAN Bandook v1.35 Keepalive Send (bleeding-virus.rules)
2003557 - ET TROJAN Bandook v1.35 Keepalive Reply (bleeding-virus.rules)
2003558 - ET TROJAN Bandook v1.35 Create Registry Key Command Send (bleeding-virus.rules)
2003559 - ET TROJAN Bandook v1.35 Create Directory Command Send (bleeding-virus.rules)
2003560 - ET TROJAN Bandook v1.35 Window List Command Send (bleeding-virus.rules)
2003561 - ET TROJAN Bandook v1.35 Window List Reply (bleeding-virus.rules)
2003562 - ET TROJAN Bandook v1.35 Get Processes Command Send (bleeding-virus.rules)
2003563 - ET TROJAN Bandook v1.35 Start Socks5 Proxy Command Send (bleeding-virus.rules)
2003564 - ET TROJAN Bandook v1.35 Socks5 Proxy Start Command Reply (bleeding-virus.rules)
2003565 - ET TROJAN Bandook v1.35 Get Processes Command Reply (bleeding-virus.rules)
2003566 - ET MALWARE Suspicious User-Agent (DIALER) (bleeding-malware.rules)
2003567 - ET MALWARE Winsoftware.com Fake AV User-Agent (DNS Extractor) (bleeding-malware.rules)
2003568 - ET MALWARE Evidencenuker.com Fake AV Updating (bleeding-malware.rules)
2003569 - ET MALWARE Evidencenuker.com Fake AV/Anti-Spyware User-Agent (EVNUKER) (bleeding-malware.rules)
2003570 - ET MALWARE CoolWebSearch Spyware User-Agent (iefeatsl) (bleeding-malware.rules)
2003575 - ET MALWARE Gator/Clarian Spyware Posting Data (bleeding-malware.rules)
2003576 - ET MALWARE Security-updater.com Spyware Posting Data (bleeding-malware.rules)
2003577 - ET MALWARE Mirarsearch.com Spyware Posting Data (bleeding-malware.rules)
2003578 - ET MALWARE Baidu.com Spyware Bar Pulling Data (bleeding-malware.rules)
2003579 - ET MALWARE Findwhat.com Spyware (clickthrough) (bleeding-malware.rules)
2003580 - ET MALWARE Findwhat.com Spyware (sendtracker) (bleeding-malware.rules)
2003581 - ET MALWARE Findwhat.com Spyware (sendmedia) (bleeding-malware.rules)
2003582 - ET MALWARE MalwareWiped.com Spyware User-Agent (MalwareWiped) (bleeding-malware.rules)
2003583 - ET MALWARE Suspicious User-Agent (update) (bleeding-malware.rules)
2003585 - ET MALWARE Suspicious User-Agent (Windows Updates Manager) (bleeding-malware.rules)
2003586 - ET MALWARE Suspicious User-Agent (WinXP Pro Service Pack 2) (bleeding-malware.rules)
2003588 - ET VIRUS Worm.Pyks HTTP C&C Traffic (User-Agent skw00001) (bleeding-virus.rules)
2003589 - ET VIRUS Worm.Pyks HTTP C&C Post Traffic (User-Agent h9tslbw0) (bleeding-virus.rules)
2003590 - ET TROJAN Downloader-5265/Torpig/Anserin/Sinowal Unique UA (MSID [...) (bleeding-virus.rules)
2003598 - ET TROJAN Diazom Trojan User-Agent in Use (cv_v2.0.1) (bleeding-virus.rules)
2003599 - ET POLICY Groove.net Virtual Office Suite Install/Startup Report (bleeding-policy.rules)
2003600 - ET POLICY Groove.net Virtual Office Suite Install Report (bleeding-policy.rules)
2003601 - ET POLICY Groove.net Virtual Office In Use (bleeding-policy.rules)
2003602 - ET POLICY Groove.net Virtual Office Local Service Discovery Broadcast (bleeding-policy.rules)
2003603 - ET TROJAN W32.Virut.A joining an IRC Channel (bleeding-virus.rules)
2003604 - ET MALWARE Baidu.com Agent User-Agent (Desktop Web System) (bleeding-malware.rules)
2003605 - ET MALWARE Baidu.com Spyware Bar Activity (bleeding-malware.rules)
2003606 - ET MALWARE Alexa Spyware Reporting URL Visited (bleeding-malware.rules)
2003607 - ET MALWARE Cnzz.com/Baidu Related Spyware Stat Reporting (bleeding-malware.rules)
2003608 - ET MALWARE Baidu.com Related Agent User-Agent (iexp) (bleeding-malware.rules)
2003610 - ET MALWARE Zango Spyware (tbrequest data post) (bleeding-malware.rules)
2003611 - ET MALWARE Malwarealarm.com Fake AV/AntiSpyware Updating (bleeding-malware.rules)
2003612 - ET MALWARE Malwarealarm.com Fake AV/AntiSpyware Download (bleeding-malware.rules)
2003613 - ET MALWARE EELoader User-Agent - Unknown (multiple) Malware Packages (bleeding-malware.rules)
2003614 - ET VIRUS WinUpack Modified PE Header Inbound (bleeding-virus.rules)
2003615 - ET VIRUS WinUpack Modified PE Header Outbound (bleeding-virus.rules)
2003616 - ET WEB DataCha0s Web Scanner/Robot (bleeding-web.rules)
2003617 - ET MALWARE Malware MyWebSearch Toolbar Posting Activity Report (bleeding-malware.rules)
2003619 - ET MALWARE Alexa Spyware Redirecting User (bleeding-malware.rules)
2003620 - ET MALWARE 51yes.com Spyware Reporting User Activity (bleeding-malware.rules)
2003621 - ET MALWARE Malware MyWay Spyware Posting Activity Report - Dell Related (bleeding-malware.rules)
2003622 - ET MALWARE Suspicious User-Agent (bot) (bleeding-malware.rules)
2003623 - ET POLICY Centralops.net Domain Dossier Utility Probe (bleeding-policy.rules)
2003624 - ET MALWARE Trafficadvance.net Spyware User-Agent (Internet 1.0) (bleeding-malware.rules)
2003625 - ET MALWARE dns-look-up.com Spyware User-Agent (KRSystem) (bleeding-malware.rules)
2003626 - ET MALWARE Suspicious Double User-Agent (User-Agent\: User-Agent\: ) (bleeding-malware.rules)
2003627 - ET MALWARE Internet-optimizer.com Related Spyware User-Agent (SexTrackerWSI) (bleeding-malware.rules)
2003630 - ET MALWARE Baidu.com Spyware Sobar Bar Activity (bleeding-malware.rules)
2003631 - ET POLICY Centralops.net Probe (bleeding-policy.rules)
2003632 - ET VIRUS Zlob User Agent - updating (internetsecurity) (bleeding-virus.rules)
2003634 - ET WEB_SPECIFIC Suspicious User-Agent - get-minimal - Possible Vuln Scan (bleeding-web_sql_injection.rules)
2003635 - ET TROJAN Generic Password Stealer User Agent Detected (bleeding-virus.rules)
2003636 - ET VIRUS Sality Virus User Agent Detected (KUKU v3.09) (bleeding-virus.rules)
2003637 - ET TROJAN Inject.BV Trojan User Agent Detected (faserx) (bleeding-virus.rules)
2003638 - ET VIRUS AV-Killer.Win32 User Agent Detected (p4r4z1t3v3.one14.J) (bleeding-virus.rules)
2003639 - ET MALWARE Adload.Generic Spyware User-Agent (ProxyDown) (bleeding-malware.rules)
2003640 - ET MALWARE Adload.Generic Spyware User-Agent (91castInstallKernel) (bleeding-malware.rules)
2003641 - ET TROJAN Downloader.Small User Agent Detected (NetScafe) (bleeding-virus.rules)
2003642 - ET TROJAN Downloader.Affill User Agent Detected (lol) (bleeding-virus.rules)
2003643 - ET TROJAN Win32.Small.mi User-Agent Detected (MyAgent) (bleeding-virus.rules)
2003644 - ET MALWARE Generic.Malware.dld User-Agent (Sickloader) (bleeding-malware.rules)
2003645 - ET TROJAN Generic.Malware.SFL User-Agent (Rescue/9.11) (bleeding-virus.rules)
2003647 - ET TROJAN Backdoor.Irc.MFV User Agent Detected (IRC-U) (bleeding-virus.rules)
2003648 - ET TROJAN Clicker.BC User Agent Detected (linkrunner) (bleeding-virus.rules)
2003649 - ET TROJAN Hupinon User Agent Detected (SykO) (bleeding-virus.rules)
2003650 - ET TROJAN Dialer-715 Install Checkin (bleeding-virus.rules)
2003651 - ET VIRUS Sality Virus User Agent Detected (SPM_ID=) (bleeding-virus.rules)
2003652 - ET MALWARE CoolStreaming Toolbar (Conduit related) User-Agent (Coolstreaming Tool-Bar) (bleeding-malware.rules)
2003653 - ET POLICY Boitho.com Distributed Crawler in use - User-Agent (boitho.com-dc) (bleeding-policy.rules)
2003654 - ET MALWARE Effectivebrands.com Spyware User-Agent (GTBank) (bleeding-malware.rules)
2003655 - ET MALWARE Trafficadvance.net Spyware User-Agent (Internet 1.0) (bleeding-malware.rules)
2003656 - ET MALWARE debelizombi.com (Rizo) related Spyware User-Agent (mc_v1.2.6) (bleeding-malware.rules)
2003657 - ET MALWARE Ibankis.org related Spyware User-Agent (MSIE 5.3 (xpsp2-xxx)) (bleeding-malware.rules)
2003658 - ET MALWARE qq.com related Spyware User-Agent (QQGame) (bleeding-malware.rules)
2003659 - ET MALWARE Unusual Referer String (human) (bleeding-malware.rules)
2003660 - ET WEB_SPECIFIC Persism CMS Remote Inclusion Attempt - Headerfile.php System (bleeding-web_sql_injection.rules)
2003661 - ET WEB_SPECIFIC Persism CMS Remote Inclusion Attempt -- latest_files.php System (bleeding-web_sql_injection.rules)
2003662 - ET WEB_SPECIFIC Persism CMS Remote Inclusion Attempt -- latest_posts.php System (bleeding-web_sql_injection.rules)
2003663 - ET WEB_SPECIFIC Persism CMS Remote Inclusion Attempt -- groups_headerfile.php System (bleeding-web_sql_injection.rules)
2003664 - ET WEB_SPECIFIC Persism CMS Remote Inclusion Attempt -- filters_headerfile.php System (bleeding-web_sql_injection.rules)
2003665 - ET WEB_SPECIFIC Persism CMS Remote Inclusion Attempt -- links.php System (bleeding-web_sql_injection.rules)
2003666 - ET WEB_SPECIFIC Persism CMS Remote Inclusion Attempt -- menu_headerfile.php System (bleeding-web_sql_injection.rules)
2003667 - ET WEB_SPECIFIC Persism CMS Remote Inclusion Attempt -- latest_news.php System (bleeding-web_sql_injection.rules)
2003668 - ET WEB_SPECIFIC Persism CMS Remote Inclusion Attempt -- settings_headerfile.php System (bleeding-web_sql_injection.rules)
2003669 - ET WEB_SPECIFIC TopTree Remote Inclusion Attempt -- tpl_message.php right_file (bleeding-web_sql_injection.rules)
2003670 - ET WEB_SPECIFIC Workbench Survival Guide Remote Inclusion Attempt -- headerfile.php path (bleeding-web_sql_injection.rules)
2003671 - ET WEB_SPECIFIC Versado CMS Remote Inclusion Attempt -- ajax_listado.php urlModulo (bleeding-web_sql_injection.rules)
2003672 - ET WEB_SPECIFIC PMECMS Remote Inclusion Attempt -- mod_image_index.php config[pathMod] (bleeding-web_sql_injection.rules)
2003673 - ET WEB_SPECIFIC PMECMS Remote Inclusion Attempt -- mod_liens_index.php config[pathMod] (bleeding-web_sql_injection.rules)
2003674 - ET WEB_SPECIFIC PMECMS Remote Inclusion Attempt -- mod_liste_index.php config[pathMod] (bleeding-web_sql_injection.rules)
2003675 - ET WEB_SPECIFIC PMECMS Remote Inclusion Attempt -- mod_special_index.php config[pathMod] (bleeding-web_sql_injection.rules)
2003676 - ET WEB_SPECIFIC PMECMS Remote Inclusion Attempt -- mod_texte_index.php config[pathMod] (bleeding-web_sql_injection.rules)
2003677 - ET WEB_SPECIFIC Berylium2 Remote Inclusion Attempt -- berylium-classes.php beryliumroot (bleeding-web_sql_injection.rules)
2003678 - ET WEB_SPECIFIC Tropicalm Remote Inclusion Attempt -- dosearch.php RESPATH (bleeding-web_sql_injection.rules)
2003679 - ET WEB_SPECIFIC DynamicPAD Remote Inclusion Attempt -- dp_logs.php HomeDir (bleeding-web_sql_injection.rules)
2003680 - ET WEB_SPECIFIC DynamicPAD Remote Inclusion Attempt -- index.php HomeDir (bleeding-web_sql_injection.rules)
2003681 - ET WEB_SPECIFIC Persism CMS Remote Inclusion Attempt -- users_headerfile.php System (bleeding-web_sql_injection.rules)
2003682 - ET WEB_SPECIFIC E-Gads Remote Inclusion Attempt -- common.php locale (bleeding-web_sql_injection.rules)
2003683 - ET WEB_SPECIFIC PHP Turbulence Remote Inclusion Attempt -- turbulence.php GLOBALS[tcore] (bleeding-web_sql_injection.rules)
2003684 - ET WEB_SPECIFIC MXBB Remote Inclusion Attempt -- faq.php module_root_path (bleeding-web_sql_injection.rules)
2003685 - ET WEB_SPECIFIC Wordpress Remote Inclusion Attempt -- wptable-button.php wpPATH (bleeding-web_sql_injection.rules)
2003686 - ET WEB_SPECIFIC Wordpress Remote Inclusion Attempt -- wordtube-button.php wpPATH (bleeding-web_sql_injection.rules)
2003687 - ET WEB_SPECIFIC TurnKeyWebTools Remote Inclusion Attempt -- payflow_pro.php abs_path (bleeding-web_sql_injection.rules)
2003688 - ET WEB_SPECIFIC TurnKeyWebTools Remote Inclusion Attempt -- global.php abs_path (bleeding-web_sql_injection.rules)
2003689 - ET WEB_SPECIFIC TurnKeyWebTools Remote Inclusion Attempt -- libsecure.php abs_path (bleeding-web_sql_injection.rules)
2003690 - ET WEB_SPECIFIC Firefly Remote Inclusion Attempt -- config.php DOCUMENT_ROOT (bleeding-web_sql_injection.rules)
2003691 - ET WEB_SPECIFIC Pixaria Gallery Remote Inclusion Attempt -- psg.smarty.lib.php cfg[sys][base_path] (bleeding-web_sql_injection.rules)
2003692 - ET WEB_SPECIFIC VM Watermark Remote Inclusion Attempt -- watermark.php GALLERY_BASEDIR (bleeding-web_sql_injection.rules)
2003693 - ET WEB_SPECIFIC PHPtree Remote Inclusion Attempt -- cms2.php s_dir (bleeding-web_sql_injection.rules)
2003694 - ET WEB_SPECIFIC NoAH Remote Inclusion Attempt -- mfa_theme.php tpls (bleeding-web_sql_injection.rules)
2003696 - ET WEB_SPECIFIC Wikivi5 Remote Inclusion Attempt -- show.php sous_rep (bleeding-web_sql_injection.rules)
2003698 - ET WEB_SPECIFIC pfa CMS Remote Inclusion index.php abs_path (bleeding-web_sql_injection.rules)
2003699 - ET WEB_SPECIFIC pfa CMS Remote Inclusion checkout.php abs_path (bleeding-web_sql_injection.rules)
2003700 - ET WEB_SPECIFIC pfa CMS Remote Inclusion libsecure.php abs_path (bleeding-web_sql_injection.rules)
2003701 - ET WEB_SPECIFIC pfa CMS Remote Inclusion index.php repinc (bleeding-web_sql_injection.rules)
2003702 - ET WEB_SPECIFIC Pixaria Gallery Remote Inclusion class.Smarty.php cfg[sys][base_path] (bleeding-web_sql_injection.rules)
2003703 - ET WEB_SPECIFIC phpMyPortal Remote Inclusion Attempt -- articles.inc.php GLOBALS[CHEMINMODULES] (bleeding-web_sql_injection.rules)
2003704 - ET WEB_SPECIFIC AForum Remote Inclusion func.php CommonAbsDir (bleeding-web_sql_injection.rules)
2003705 - ET WEB TellTarget CMS Remote Inclusion site_conf.php ordnertiefe (bleeding-web.rules)
2003706 - ET WEB TellTarget CMS Remote Inclusion class.csv.php tt_docroot (bleeding-web.rules)
2003707 - ET WEB TellTarget CMS Remote Inclusion produkte_nach_serie.php tt_docroot (bleeding-web.rules)
2003708 - ET WEB TellTarget CMS Remote Inclusion ref_kd_rubrik.php tt_docroot (bleeding-web.rules)
2003709 - ET WEB TellTarget CMS Remote Inclusion hg_referenz_jobgalerie.php tt_docroot (bleeding-web.rules)
2003710 - ET WEB TellTarget CMS Remote Inclusion surfer_anmeldung_NWL.php tt_docroot (bleeding-web.rules)
2003711 - ET WEB TellTarget CMS Remote Inclusion produkte_nach_serie_alle.php tt_docroot (bleeding-web.rules)
2003712 - ET WEB TellTarget CMS Remote Inclusion surfer_aendern.php tt_docroot (bleeding-web.rules)
2003713 - ET WEB TellTarget CMS Remote Inclusion referenz.php tt_docroot (bleeding-web.rules)
2003714 - ET WEB TellTarget CMS Remote Inclusion lay.php tt_docroot (bleeding-web.rules)
2003715 - ET WEB TellTarget CMS Remote Inclusion ref_kd_rubrik.php tt_docroot (bleeding-web.rules)
2003716 - ET WEB_SPECIFIC LaVague Remote Inclusion Attempt -- printbar.php views_path (bleeding-web_sql_injection.rules)
2003717 - ET WEB_SPECIFIC miplex2 Remote Inclusion SmartyFU.class.php system (bleeding-web_sql_injection.rules)
2003718 - ET WEB_SPECIFIC gnuedu Remote Inclusion Attempt -- lom.php ETCDIR (bleeding-web_sql_injection.rules)
2003719 - ET WEB_SPECIFIC gnuedu Remote Inclusion Attempt -- lom_update.php ETCDIR (bleeding-web_sql_injection.rules)
2003720 - ET WEB_SPECIFIC gnuedu Remote Inclusion Attempt -- check-lom.php ETCDIR (bleeding-web_sql_injection.rules)
2003721 - ET WEB_SPECIFIC gnuedu Remote Inclusion Attempt -- weigh_keywords.php ETCDIR (bleeding-web_sql_injection.rules)
2003722 - ET WEB_SPECIFIC gnuedu Remote Inclusion Attempt -- logout.php ETCDIR (bleeding-web_sql_injection.rules)
2003723 - ET WEB_SPECIFIC gnuedu Remote Inclusion Attempt -- help.php ETCDIR (bleeding-web_sql_injection.rules)
2003724 - ET WEB_SPECIFIC gnuedu Remote Inclusion Attempt -- index.php ETCDIR (bleeding-web_sql_injection.rules)
2003725 - ET WEB_SPECIFIC gnuedu Remote Inclusion Attempt -- login.php ETCDIR (bleeding-web_sql_injection.rules)
2003726 - ET WEB_SPECIFIC CGX Remote Inclusion Attempt -- mtdialogo.php pathCGX (bleeding-web_sql_injection.rules)
2003727 - ET WEB_SPECIFIC CGX Remote Inclusion Attempt -- ltdialogo.php pathCGX (bleeding-web_sql_injection.rules)
2003728 - ET WEB_SPECIFIC CGX Remote Inclusion Attempt -- logingecon.php pathCGX (bleeding-web_sql_injection.rules)
2003729 - ET WEB_SPECIFIC CGX Remote Inclusion Attempt -- login.php pathCGX (bleeding-web_sql_injection.rules)
2003730 - ET WEB_SPECIFIC PHPHtmlLib Remote Inclusion Attempt -- widget8.php phphtmllib (bleeding-web_sql_injection.rules)
2003731 - ET WEB_SPECIFIC PHPLojaFacil Remote Inclusion Attempt -- ftp.php path_local (bleeding-web_sql_injection.rules)
2003732 - ET WEB_SPECIFIC PHPLojaFacil Remote Inclusion Attempt -- db.php path_local (bleeding-web_sql_injection.rules)
2003733 - ET WEB_SPECIFIC PHPLojaFacil Remote Inclusion Attempt -- libs_ftp.php path_local (bleeding-web_sql_injection.rules)
2003735 - ET WEB_SPECIFIC PHPSecurityAdmin Remote Inclusion Attempt -- logout.php PSA_PATH (bleeding-web_sql_injection.rules)
2003736 - ET WEB_SPECIFIC AForum Remote Inclusion Attempt -- errormsg.php header (bleeding-web_sql_injection.rules)
2003737 - ET WEB_SPECIFIC CJG Explorer Remote Inclusion Attempt -- pcltrace.lib.php g_pcltar_lib_dir (bleeding-web_sql_injection.rules)
2003738 - ET WEB_SPECIFIC Beacon Remote Inclusion Attempt -- splash.lang.php languagePath (bleeding-web_sql_injection.rules)
2003739 - ET WEB_SPECIFIC Yaap Remote Inclusion Attempt -- common.php root_path (bleeding-web_sql_injection.rules)
2003740 - ET WEB_SPECIFIC PHPFirstPost Remote Inclusion Attempt block.php Include (bleeding-web_sql_injection.rules)
2003741 - ET WEB_SPECIFIC Open Translation Engine Remote Inclusion Attempt -- header.php ote_home (bleeding-web_sql_injection.rules)
2003742 - ET WEB_SPECIFIC PHPChess Remote Inclusion Attempt -- language.php config (bleeding-web_sql_injection.rules)
2003743 - ET WEB_SPECIFIC PHPChess Remote Inclusion Attempt -- layout_admin_cfg.php Root_Path (bleeding-web_sql_injection.rules)
2003744 - ET WEB_SPECIFIC PHPChess Remote Inclusion Attempt -- layout_cfg.php Root_Path (bleeding-web_sql_injection.rules)
2003745 - ET WEB_SPECIFIC PHPChess Remote Inclusion Attempt -- layout_t_top.php Root_Path (bleeding-web_sql_injection.rules)
2003746 - ET WEB_SPECIFIC Simple PHP Script Gallery Remote Inclusion index.php gallery (bleeding-web_sql_injection.rules)
2003747 - ET WEB_SPECIFIC gnuedu Remote Inclusion Attempt -- lom.php ETCDIR (bleeding-web_sql_injection.rules)
2003748 - ET MALWARE Detnat.AZ related User-Agent (RookIE) (bleeding-malware.rules)
2003749 - ET MALWARE QQHelper related Spyware User-Agent (H) (bleeding-malware.rules)
2003752 - ET WEB_SPECIFIC CreaScripts CreaDirectory SQL Injection Attempt -- error.asp id SELECT (bleeding-web_sql_injection.rules)
2003753 - ET WEB_SPECIFIC CreaScripts CreaDirectory SQL Injection Attempt -- error.asp id UNION SELECT (bleeding-web_sql_injection.rules)
2003754 - ET WEB_SPECIFIC CreaScripts CreaDirectory SQL Injection Attempt -- error.asp id INSERT (bleeding-web_sql_injection.rules)
2003755 - ET WEB_SPECIFIC CreaScripts CreaDirectory SQL Injection Attempt -- error.asp id DELETE (bleeding-web_sql_injection.rules)
2003756 - ET WEB_SPECIFIC CreaScripts CreaDirectory SQL Injection Attempt -- error.asp id ASCII (bleeding-web_sql_injection.rules)
2003757 - ET WEB_SPECIFIC CreaScripts CreaDirectory SQL Injection Attempt -- error.asp id UPDATE (bleeding-web_sql_injection.rules)
2003758 - ET WEB_SPECIFIC John Mordo Jobs SQL Injection Attempt -- index.php cid SELECT (bleeding-web_sql_injection.rules)
2003759 - ET WEB_SPECIFIC John Mordo Jobs SQL Injection Attempt -- index.php cid UNION SELECT (bleeding-web_sql_injection.rules)
2003760 - ET WEB_SPECIFIC John Mordo Jobs SQL Injection Attempt -- index.php cid INSERT (bleeding-web_sql_injection.rules)
2003761 - ET WEB_SPECIFIC John Mordo Jobs SQL Injection Attempt -- index.php cid DELETE (bleeding-web_sql_injection.rules)
2003762 - ET WEB_SPECIFIC John Mordo Jobs SQL Injection Attempt -- index.php cid ASCII (bleeding-web_sql_injection.rules)
2003763 - ET WEB_SPECIFIC John Mordo Jobs SQL Injection Attempt -- index.php cid UPDATE (bleeding-web_sql_injection.rules)
2003764 - ET WEB_SPECIFIC WF-Links (wflinks) SQL Injection Attempt -- viewcat.php cid SELECT (bleeding-web_sql_injection.rules)
2003765 - ET WEB_SPECIFIC WF-Links (wflinks) SQL Injection Attempt -- viewcat.php cid UNION SELECT (bleeding-web_sql_injection.rules)
2003766 - ET WEB_SPECIFIC WF-Links (wflinks) SQL Injection Attempt -- viewcat.php cid INSERT (bleeding-web_sql_injection.rules)
2003767 - ET WEB_SPECIFIC WF-Links (wflinks) SQL Injection Attempt -- viewcat.php cid DELETE (bleeding-web_sql_injection.rules)
2003768 - ET WEB_SPECIFIC WF-Links (wflinks) SQL Injection Attempt -- viewcat.php cid ASCII (bleeding-web_sql_injection.rules)
2003769 - ET WEB_SPECIFIC WF-Links (wflinks) SQL Injection Attempt -- viewcat.php cid UPDATE (bleeding-web_sql_injection.rules)
2003770 - ET WEB_SPECIFIC E-Annu SQL Injection Attempt -- home.php a SELECT (bleeding-web_sql_injection.rules)
2003771 - ET WEB_SPECIFIC E-Annu SQL Injection Attempt -- home.php a UNION SELECT (bleeding-web_sql_injection.rules)
2003772 - ET WEB_SPECIFIC E-Annu SQL Injection Attempt -- home.php a INSERT (bleeding-web_sql_injection.rules)
2003773 - ET WEB_SPECIFIC E-Annu SQL Injection Attempt -- home.php a DELETE (bleeding-web_sql_injection.rules)
2003774 - ET WEB_SPECIFIC E-Annu SQL Injection Attempt -- home.php a ASCII (bleeding-web_sql_injection.rules)
2003775 - ET WEB_SPECIFIC E-Annu SQL Injection Attempt -- home.php a UPDATE (bleeding-web_sql_injection.rules)
2003776 - ET WEB_SPECIFIC Burak Yilmaz Blog SQL Injection Attempt -- bry.asp id SELECT (bleeding-web_sql_injection.rules)
2003777 - ET WEB_SPECIFIC Burak Yilmaz Blog SQL Injection Attempt -- bry.asp id UNION SELECT (bleeding-web_sql_injection.rules)
2003778 - ET WEB_SPECIFIC Burak Yilmaz Blog SQL Injection Attempt -- bry.asp id INSERT (bleeding-web_sql_injection.rules)
2003779 - ET WEB_SPECIFIC Burak Yilmaz Blog SQL Injection Attempt -- bry.asp id DELETE (bleeding-web_sql_injection.rules)
2003780 - ET WEB_SPECIFIC Burak Yilmaz Blog SQL Injection Attempt -- bry.asp id ASCII (bleeding-web_sql_injection.rules)
2003781 - ET WEB_SPECIFIC Burak Yilmaz Blog SQL Injection Attempt -- bry.asp id UPDATE (bleeding-web_sql_injection.rules)
2003782 - ET WEB_SPECIFIC pnFlashGames SQL Injection Attempt -- index.php cid SELECT (bleeding-web_sql_injection.rules)
2003783 - ET WEB_SPECIFIC pnFlashGames SQL Injection Attempt -- index.php cid UNION SELECT (bleeding-web_sql_injection.rules)
2003784 - ET WEB_SPECIFIC pnFlashGames SQL Injection Attempt -- index.php cid INSERT (bleeding-web_sql_injection.rules)
2003785 - ET WEB_SPECIFIC pnFlashGames SQL Injection Attempt -- index.php cid DELETE (bleeding-web_sql_injection.rules)
2003786 - ET WEB_SPECIFIC pnFlashGames SQL Injection Attempt -- index.php cid ASCII (bleeding-web_sql_injection.rules)
2003787 - ET WEB_SPECIFIC pnFlashGames SQL Injection Attempt -- index.php cid UPDATE (bleeding-web_sql_injection.rules)
2003788 - ET WEB_SPECIFIC FileRun SQL Injection Attempt -- index.php fid SELECT (bleeding-web_sql_injection.rules)
2003789 - ET WEB_SPECIFIC FileRun SQL Injection Attempt -- index.php fid UNION SELECT (bleeding-web_sql_injection.rules)
2003790 - ET WEB_SPECIFIC FileRun SQL Injection Attempt -- index.php fid INSERT (bleeding-web_sql_injection.rules)
2003791 - ET WEB_SPECIFIC FileRun SQL Inject