[Emerging-Sigs] empty botcc group breaks snort

[Matt Jonkman]

Fixed up. Sorry about that.

Sleddens, J.P.G. wrote:
> Hi!,
> 
> Tonight with the update an empty botcc group sneaked into the ET rules (bleeding-botcc.rules & bleeding-botcc-BLOCK.rules), it's the last one in the ruleset:
> 
> alert ip $HOME_NET any -> [] any (msg:"ET DROP Known Bot C&C Server Traffic (group 18) "; reference:url,www.shadowserver.org; threshold: type limit, track by_src, seconds 3600, count 1; classtype:trojan-activity; sid:2404017; rev:1072;)
> 
> Jeffry Sleddens
> Rotterdam University
> 
> 
> _______________________________________________
> Emerging-sigs mailing list
> Emerging-sigs at emergingthreats.net
> http://lists.emergingthreats.net/mailman/listinfo/emerging-sigs

-- 
--------------------------------------------
Matthew Jonkman
Emerging Threats
Phone 765-429-0398
Fax 312-264-0205
http://www.emergingthreats.net
--------------------------------------------

PGP: http://www.jonkmans.com/mattjonkman.asc