[Emerging-Sigs] Emerging Threats Weekly Signature Changes

emerging@emergingthreats.net emerging at emergingthreats.net
Sat Jan 3 18:00:08 EST 2009


[***] Results from Oinkmaster started Sat Jan  3 18:00:08 2009 [***]

[+++]          Added rules:          [+++]

 2008941 - ET MALWARE Suspicious User-Agent (HELLO) (emerging-malware.rules)
 2008942 - ET POLICY Dlink Soho Router Config Page Access Attempt (emerging-policy.rules)
 2008943 - ET TROJAN Lop_com or variant Checkin (9kgen_up) (emerging-virus.rules)
 2008944 - ET TROJAN TDSServ or Tidserv variant Checkin (emerging-virus.rules)
 2008945 - ET TROJAN dlink router access attempt (emerging-virus.rules)
 2008946 - ET TROJAN UpackbyDwing in HTTP Download Possibly Hostile (emerging-virus.rules)
 2008947 - ET TROJAN UpackbyDwing in HTTP (2) Possibly Hostile (emerging-virus.rules)
 2008948 - ET CURRENT_EVENTS TROJAN PWS-OnlineGames or variant Checkin (emerging.rules)
 2008949 - ET TROJAN Win32.Small.yml or Related HTTP Checkin (emerging-virus.rules)
 2008950 - ET TROJAN Trojan.Win32.Small.yml client registration (emerging-virus.rules)
 2008951 - ET TROJAN Trojan.Win32.Small.yml client command (emerging-virus.rules)
 2008952 - ET TROJAN Win32.Small.yml or Related HTTP Command (emerging-virus.rules)
 2008953 - ET POLICY Possible MS CMD Shell opened on local system (emerging-attack_response.rules)
 2008954 - ET TROJAN Mac User-Agent Typo - Likely Hostile/Trojan Infection (emerging-virus.rules)
 2008955 - ET TROJAN Mac User-Agent Typo INBOUND - Likely Hostile (emerging-virus.rules)
 2008956 - ET MALWARE Suspicious User-Agent (IE/1.0) (emerging-malware.rules)
 2008958 - ET TROJAN Waledac Beacon Traffic Detected (emerging-virus.rules)
 2008960 - ET CURRENT_EVENTS Unknown Roundcube Vulnerability Scan (emerging.rules)
 2008961 - ET WEB_SPECIFIC PHPmyGallery lang parameter Local File Inclusion (emerging-web_sql_injection.rules)
 2008963 - ET WEB_ACTIVEX EasyMail Objects emmailstore.dll ActiveX Control Remote Buffer Overflow (emerging-web.rules)
 2008964 - ET WEB_SPECIFIC lcxBBportal Alpha portal_block.php phpbb_root_path parameter Remote File Inclusion (emerging-web_sql_injection.rules)
 2008965 - ET WEB_SPECIFIC lcxBBportal Alpha acp_lcxbbportal.php phpbb_root_path parameter Remote File Inclusion (emerging-web_sql_injection.rules)
 2008966 - ET WEB_SPECIFIC ccTiddly index.php cct_base parameter Remote File Inclusion (emerging-web_sql_injection.rules)
 2008967 - ET WEB_SPECIFIC ccTiddly proxy.php cct_base parameter Remote File Inclusion (emerging-web_sql_injection.rules)
 2008968 - ET WEB_SPECIFIC ccTiddly header.php cct_base parameter Remote File Inclusion (emerging-web_sql_injection.rules)
 2008969 - ET WEB_SPECIFIC ccTiddly include.php cct_base parameter Remote File Inclusion (emerging-web_sql_injection.rules)
 2008970 - ET WEB_SPECIFIC ccTiddly workspace.php cct_base parameter Remote File Inclusion (emerging-web_sql_injection.rules)
 2008982 - ET WEB_SPECIFIC PHPmyGallery confdir parameter Remote File Inclusion (emerging-web_sql_injection.rules)
 2406170 - ET RBN Known Russian Business Network Monitored Domains (171) (emerging-rbn.rules)
 2406171 - ET RBN Known Russian Business Network Monitored Domains (172) (emerging-rbn.rules)
 2406172 - ET RBN Known Russian Business Network Monitored Domains (173) (emerging-rbn.rules)
 2406173 - ET RBN Known Russian Business Network Monitored Domains (174) (emerging-rbn.rules)
 2406174 - ET RBN Known Russian Business Network Monitored Domains (175) (emerging-rbn.rules)
 2406175 - ET RBN Known Russian Business Network Monitored Domains (176) (emerging-rbn.rules)
 2406176 - ET RBN Known Russian Business Network Monitored Domains (177) (emerging-rbn.rules)
 2406177 - ET RBN Known Russian Business Network Monitored Domains (178) (emerging-rbn.rules)
 2406178 - ET RBN Known Russian Business Network Monitored Domains (179) (emerging-rbn.rules)
 2406179 - ET RBN Known Russian Business Network Monitored Domains (180) (emerging-rbn.rules)
 2406180 - ET RBN Known Russian Business Network Monitored Domains (181) (emerging-rbn.rules)
 2406181 - ET RBN Known Russian Business Network Monitored Domains (182) (emerging-rbn.rules)
 2406182 - ET RBN Known Russian Business Network Monitored Domains (183) (emerging-rbn.rules)
 2406183 - ET RBN Known Russian Business Network Monitored Domains (184) (emerging-rbn.rules)
 2406184 - ET RBN Known Russian Business Network Monitored Domains (185) (emerging-rbn.rules)
 2406185 - ET RBN Known Russian Business Network Monitored Domains (186) (emerging-rbn.rules)
 2406186 - ET RBN Known Russian Business Network Monitored Domains (187) (emerging-rbn.rules)
 2406187 - ET RBN Known Russian Business Network Monitored Domains (188) (emerging-rbn.rules)
 2406188 - ET RBN Known Russian Business Network Monitored Domains (189) (emerging-rbn.rules)
 2406189 - ET RBN Known Russian Business Network Monitored Domains (190) (emerging-rbn.rules)
 2406190 - ET RBN Known Russian Business Network Monitored Domains (191) (emerging-rbn.rules)
 2406191 - ET RBN Known Russian Business Network Monitored Domains (192) (emerging-rbn.rules)
 2406192 - ET RBN Known Russian Business Network Monitored Domains (193) (emerging-rbn.rules)
 2406193 - ET RBN Known Russian Business Network Monitored Domains (194) (emerging-rbn.rules)
 2406194 - ET RBN Known Russian Business Network Monitored Domains (195) (emerging-rbn.rules)
 2406195 - ET RBN Known Russian Business Network Monitored Domains (196) (emerging-rbn.rules)
 2406196 - ET RBN Known Russian Business Network Monitored Domains (197) (emerging-rbn.rules)
 2406197 - ET RBN Known Russian Business Network Monitored Domains (198) (emerging-rbn.rules)
 2406198 - ET RBN Known Russian Business Network Monitored Domains (199) (emerging-rbn.rules)
 2407170 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (171) (emerging-rbn-BLOCK.rules)
 2407171 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (172) (emerging-rbn-BLOCK.rules)
 2407172 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (173) (emerging-rbn-BLOCK.rules)
 2407173 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (174) (emerging-rbn-BLOCK.rules)
 2407174 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (175) (emerging-rbn-BLOCK.rules)
 2407175 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (176) (emerging-rbn-BLOCK.rules)
 2407176 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (177) (emerging-rbn-BLOCK.rules)
 2407177 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (178) (emerging-rbn-BLOCK.rules)
 2407178 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (179) (emerging-rbn-BLOCK.rules)
 2407179 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (180) (emerging-rbn-BLOCK.rules)
 2407180 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (181) (emerging-rbn-BLOCK.rules)
 2407181 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (182) (emerging-rbn-BLOCK.rules)
 2407182 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (183) (emerging-rbn-BLOCK.rules)
 2407183 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (184) (emerging-rbn-BLOCK.rules)
 2407184 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (185) (emerging-rbn-BLOCK.rules)
 2407185 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (186) (emerging-rbn-BLOCK.rules)
 2407186 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (187) (emerging-rbn-BLOCK.rules)
 2407187 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (188) (emerging-rbn-BLOCK.rules)
 2407188 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (189) (emerging-rbn-BLOCK.rules)
 2407189 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (190) (emerging-rbn-BLOCK.rules)
 2407190 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (191) (emerging-rbn-BLOCK.rules)
 2407191 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (192) (emerging-rbn-BLOCK.rules)
 2407192 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (193) (emerging-rbn-BLOCK.rules)
 2407193 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (194) (emerging-rbn-BLOCK.rules)
 2407194 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (195) (emerging-rbn-BLOCK.rules)
 2407195 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (196) (emerging-rbn-BLOCK.rules)
 2407196 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (197) (emerging-rbn-BLOCK.rules)
 2407197 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (198) (emerging-rbn-BLOCK.rules)
 2407198 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (199) (emerging-rbn-BLOCK.rules)


[///]     Modified active rules:     [///]

 2007962 - ET TROJAN Vipdataend C&C Traffic - Checkin (emerging-virus.rules)
 2007963 - ET TROJAN Vipdataend C&C Traffic - Status OK (emerging-virus.rules)
 2007964 - ET TROJAN Vipdataend C&C Traffic - Server Status OK (emerging-virus.rules)
 2007970 - ET TROJAN Vipdataend C&C Traffic - Checkin (XY) (emerging-virus.rules)
 2008223 - ET TROJAN Vipdataend C&C Traffic - Checkin (FYWL) (emerging-virus.rules)
 2008224 - ET TROJAN Vipdataend C&C Traffic - Checkin (XYLL) (emerging-virus.rules)
 2008254 - ET TROJAN Vipdataend/Ceckno C&C Traffic - Checkin (emerging-virus.rules)
 2008334 - ET TROJAN Beizhu/Womble/Vipdataend Checking in with Controller (emerging-virus.rules)
 2008335 - ET TROJAN Beizhu/Womble/Vipdataend Controller Keepalive (emerging-virus.rules)
 2008802 - ET CURRENT_EVENTS Possible Downadup/Conficker-A Worm Activity (emerging.rules)
 2008803 - ET CURRENT_EVENTS Possible Downadup/Conficker-A Infection Checking Geographical Location (emerging.rules)
 2008804 - ET CURRENT_EVENTS Downadup/Conficker-A Worm Download Attempt From Dates 25/11-01/12 2008 (emerging.rules)
 2008870 - ET WEB_ACTIVEX Chilkat Socket ACTIVEX Remote Arbitrary File Creation (emerging-web.rules)
 2008880 - ET WEB_SPECIFIC PunBB Functions_navlinks.php pun_user[language] Parameter Local File Inclusion (emerging-web_sql_injection.rules)
 2008881 - ET WEB_SPECIFIC PunBB profile_send.php pun_user[language] Parameter Local File Inclusion (emerging-web_sql_injection.rules)
 2008882 - ET WEB_SPECIFIC PunBB viewtopic_PM-link.php pun_user[language] Parameter Local File Inclusion (emerging-web_sql_injection.rules)
 2008914 - ET MALWARE Suspicious User-Agent (xr - Worm.Win32.VB.cj related) (emerging-malware.rules)
 2400000 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400001 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400002 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400003 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400004 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400005 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400006 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400007 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2401000 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401001 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401002 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401003 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401004 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401005 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401006 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401007 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2402000 - ET DROP Dshield Block Listed Source (emerging-dshield.rules)
 2403000 - ET DROP Dshield Block Listed Source - BLOCKING (emerging-dshield-BLOCK.rules)
 2404000 - ET DROP Known Bot C&C Server Traffic (group 1)  (emerging-botcc.rules)
 2404001 - ET DROP Known Bot C&C Server Traffic (group 2)  (emerging-botcc.rules)
 2404002 - ET DROP Known Bot C&C Server Traffic (group 3)  (emerging-botcc.rules)
 2404003 - ET DROP Known Bot C&C Server Traffic (group 4)  (emerging-botcc.rules)
 2404004 - ET DROP Known Bot C&C Server Traffic (group 5)  (emerging-botcc.rules)
 2404005 - ET DROP Known Bot C&C Server Traffic (group 6)  (emerging-botcc.rules)
 2405000 - ET DROP Known Bot C&C Traffic (group 1) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules)
 2405001 - ET DROP Known Bot C&C Traffic (group 2) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules)
 2405002 - ET DROP Known Bot C&C Traffic (group 3) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules)
 2405003 - ET DROP Known Bot C&C Traffic (group 4) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules)
 2405004 - ET DROP Known Bot C&C Traffic (group 5) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules)
 2405005 - ET DROP Known Bot C&C Traffic (group 6) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules)
 2406000 - ET RBN Known Russian Business Network Monitored Domains (1) (emerging-rbn.rules)
 2406001 - ET RBN Known Russian Business Network Monitored Domains (2) (emerging-rbn.rules)
 2406002 - ET RBN Known Russian Business Network Monitored Domains (3) (emerging-rbn.rules)
 2406003 - ET RBN Known Russian Business Network Monitored Domains (4) (emerging-rbn.rules)
 2406004 - ET RBN Known Russian Business Network Monitored Domains (5) (emerging-rbn.rules)
 2406005 - ET RBN Known Russian Business Network Monitored Domains (6) (emerging-rbn.rules)
 2406006 - ET RBN Known Russian Business Network Monitored Domains (7) (emerging-rbn.rules)
 2406007 - ET RBN Known Russian Business Network Monitored Domains (8) (emerging-rbn.rules)
 2406008 - ET RBN Known Russian Business Network Monitored Domains (9) (emerging-rbn.rules)
 2406009 - ET RBN Known Russian Business Network Monitored Domains (10) (emerging-rbn.rules)
 2406010 - ET RBN Known Russian Business Network Monitored Domains (11) (emerging-rbn.rules)
 2406011 - ET RBN Known Russian Business Network Monitored Domains (12) (emerging-rbn.rules)
 2406012 - ET RBN Known Russian Business Network Monitored Domains (13) (emerging-rbn.rules)
 2406013 - ET RBN Known Russian Business Network Monitored Domains (14) (emerging-rbn.rules)
 2406014 - ET RBN Known Russian Business Network Monitored Domains (15) (emerging-rbn.rules)
 2406015 - ET RBN Known Russian Business Network Monitored Domains (16) (emerging-rbn.rules)
 2406016 - ET RBN Known Russian Business Network Monitored Domains (17) (emerging-rbn.rules)
 2406017 - ET RBN Known Russian Business Network Monitored Domains (18) (emerging-rbn.rules)
 2406018 - ET RBN Known Russian Business Network Monitored Domains (19) (emerging-rbn.rules)
 2406019 - ET RBN Known Russian Business Network Monitored Domains (20) (emerging-rbn.rules)
 2406020 - ET RBN Known Russian Business Network Monitored Domains (21) (emerging-rbn.rules)
 2406021 - ET RBN Known Russian Business Network Monitored Domains (22) (emerging-rbn.rules)
 2406022 - ET RBN Known Russian Business Network Monitored Domains (23) (emerging-rbn.rules)
 2406023 - ET RBN Known Russian Business Network Monitored Domains (24) (emerging-rbn.rules)
 2406024 - ET RBN Known Russian Business Network Monitored Domains (25) (emerging-rbn.rules)
 2406025 - ET RBN Known Russian Business Network Monitored Domains (26) (emerging-rbn.rules)
 2406026 - ET RBN Known Russian Business Network Monitored Domains (27) (emerging-rbn.rules)
 2406027 - ET RBN Known Russian Business Network Monitored Domains (28) (emerging-rbn.rules)
 2406028 - ET RBN Known Russian Business Network Monitored Domains (29) (emerging-rbn.rules)
 2406029 - ET RBN Known Russian Business Network Monitored Domains (30) (emerging-rbn.rules)
 2406030 - ET RBN Known Russian Business Network Monitored Domains (31) (emerging-rbn.rules)
 2406031 - ET RBN Known Russian Business Network Monitored Domains (32) (emerging-rbn.rules)
 2406032 - ET RBN Known Russian Business Network Monitored Domains (33) (emerging-rbn.rules)
 2406033 - ET RBN Known Russian Business Network Monitored Domains (34) (emerging-rbn.rules)
 2406034 - ET RBN Known Russian Business Network Monitored Domains (35) (emerging-rbn.rules)
 2406035 - ET RBN Known Russian Business Network Monitored Domains (36) (emerging-rbn.rules)
 2406036 - ET RBN Known Russian Business Network Monitored Domains (37) (emerging-rbn.rules)
 2406037 - ET RBN Known Russian Business Network Monitored Domains (38) (emerging-rbn.rules)
 2406038 - ET RBN Known Russian Business Network Monitored Domains (39) (emerging-rbn.rules)
 2406039 - ET RBN Known Russian Business Network Monitored Domains (40) (emerging-rbn.rules)
 2406040 - ET RBN Known Russian Business Network Monitored Domains (41) (emerging-rbn.rules)
 2406041 - ET RBN Known Russian Business Network Monitored Domains (42) (emerging-rbn.rules)
 2406042 - ET RBN Known Russian Business Network Monitored Domains (43) (emerging-rbn.rules)
 2406043 - ET RBN Known Russian Business Network Monitored Domains (44) (emerging-rbn.rules)
 2406044 - ET RBN Known Russian Business Network Monitored Domains (45) (emerging-rbn.rules)
 2406045 - ET RBN Known Russian Business Network Monitored Domains (46) (emerging-rbn.rules)
 2406046 - ET RBN Known Russian Business Network Monitored Domains (47) (emerging-rbn.rules)
 2406047 - ET RBN Known Russian Business Network Monitored Domains (48) (emerging-rbn.rules)
 2406048 - ET RBN Known Russian Business Network Monitored Domains (49) (emerging-rbn.rules)
 2406049 - ET RBN Known Russian Business Network Monitored Domains (50) (emerging-rbn.rules)
 2406050 - ET RBN Known Russian Business Network Monitored Domains (51) (emerging-rbn.rules)
 2406051 - ET RBN Known Russian Business Network Monitored Domains (52) (emerging-rbn.rules)
 2406052 - ET RBN Known Russian Business Network Monitored Domains (53) (emerging-rbn.rules)
 2406053 - ET RBN Known Russian Business Network Monitored Domains (54) (emerging-rbn.rules)
 2406054 - ET RBN Known Russian Business Network Monitored Domains (55) (emerging-rbn.rules)
 2406055 - ET RBN Known Russian Business Network Monitored Domains (56) (emerging-rbn.rules)
 2406056 - ET RBN Known Russian Business Network Monitored Domains (57) (emerging-rbn.rules)
 2406057 - ET RBN Known Russian Business Network Monitored Domains (58) (emerging-rbn.rules)
 2406058 - ET RBN Known Russian Business Network Monitored Domains (59) (emerging-rbn.rules)
 2406059 - ET RBN Known Russian Business Network Monitored Domains (60) (emerging-rbn.rules)
 2406060 - ET RBN Known Russian Business Network Monitored Domains (61) (emerging-rbn.rules)
 2406061 - ET RBN Known Russian Business Network Monitored Domains (62) (emerging-rbn.rules)
 2406062 - ET RBN Known Russian Business Network Monitored Domains (63) (emerging-rbn.rules)
 2406063 - ET RBN Known Russian Business Network Monitored Domains (64) (emerging-rbn.rules)
 2406064 - ET RBN Known Russian Business Network Monitored Domains (65) (emerging-rbn.rules)
 2406065 - ET RBN Known Russian Business Network Monitored Domains (66) (emerging-rbn.rules)
 2406066 - ET RBN Known Russian Business Network Monitored Domains (67) (emerging-rbn.rules)
 2406067 - ET RBN Known Russian Business Network Monitored Domains (68) (emerging-rbn.rules)
 2406068 - ET RBN Known Russian Business Network Monitored Domains (69) (emerging-rbn.rules)
 2406069 - ET RBN Known Russian Business Network Monitored Domains (70) (emerging-rbn.rules)
 2406070 - ET RBN Known Russian Business Network Monitored Domains (71) (emerging-rbn.rules)
 2406071 - ET RBN Known Russian Business Network Monitored Domains (72) (emerging-rbn.rules)
 2406072 - ET RBN Known Russian Business Network Monitored Domains (73) (emerging-rbn.rules)
 2406073 - ET RBN Known Russian Business Network Monitored Domains (74) (emerging-rbn.rules)
 2406074 - ET RBN Known Russian Business Network Monitored Domains (75) (emerging-rbn.rules)
 2406075 - ET RBN Known Russian Business Network Monitored Domains (76) (emerging-rbn.rules)
 2406076 - ET RBN Known Russian Business Network Monitored Domains (77) (emerging-rbn.rules)
 2406077 - ET RBN Known Russian Business Network Monitored Domains (78) (emerging-rbn.rules)
 2406078 - ET RBN Known Russian Business Network Monitored Domains (79) (emerging-rbn.rules)
 2406079 - ET RBN Known Russian Business Network Monitored Domains (80) (emerging-rbn.rules)
 2406080 - ET RBN Known Russian Business Network Monitored Domains (81) (emerging-rbn.rules)
 2406081 - ET RBN Known Russian Business Network Monitored Domains (82) (emerging-rbn.rules)
 2406082 - ET RBN Known Russian Business Network Monitored Domains (83) (emerging-rbn.rules)
 2406083 - ET RBN Known Russian Business Network Monitored Domains (84) (emerging-rbn.rules)
 2406084 - ET RBN Known Russian Business Network Monitored Domains (85) (emerging-rbn.rules)
 2406085 - ET RBN Known Russian Business Network Monitored Domains (86) (emerging-rbn.rules)
 2406086 - ET RBN Known Russian Business Network Monitored Domains (87) (emerging-rbn.rules)
 2406087 - ET RBN Known Russian Business Network Monitored Domains (88) (emerging-rbn.rules)
 2406088 - ET RBN Known Russian Business Network Monitored Domains (89) (emerging-rbn.rules)
 2406089 - ET RBN Known Russian Business Network Monitored Domains (90) (emerging-rbn.rules)
 2406090 - ET RBN Known Russian Business Network Monitored Domains (91) (emerging-rbn.rules)
 2406091 - ET RBN Known Russian Business Network Monitored Domains (92) (emerging-rbn.rules)
 2406092 - ET RBN Known Russian Business Network Monitored Domains (93) (emerging-rbn.rules)
 2406093 - ET RBN Known Russian Business Network Monitored Domains (94) (emerging-rbn.rules)
 2406094 - ET RBN Known Russian Business Network Monitored Domains (95) (emerging-rbn.rules)
 2406095 - ET RBN Known Russian Business Network Monitored Domains (96) (emerging-rbn.rules)
 2406096 - ET RBN Known Russian Business Network Monitored Domains (97) (emerging-rbn.rules)
 2406097 - ET RBN Known Russian Business Network Monitored Domains (98) (emerging-rbn.rules)
 2406098 - ET RBN Known Russian Business Network Monitored Domains (99) (emerging-rbn.rules)
 2406099 - ET RBN Known Russian Business Network Monitored Domains (100) (emerging-rbn.rules)
 2406100 - ET RBN Known Russian Business Network Monitored Domains (101) (emerging-rbn.rules)
 2406101 - ET RBN Known Russian Business Network Monitored Domains (102) (emerging-rbn.rules)
 2406102 - ET RBN Known Russian Business Network Monitored Domains (103) (emerging-rbn.rules)
 2406103 - ET RBN Known Russian Business Network Monitored Domains (104) (emerging-rbn.rules)
 2406104 - ET RBN Known Russian Business Network Monitored Domains (105) (emerging-rbn.rules)
 2406105 - ET RBN Known Russian Business Network Monitored Domains (106) (emerging-rbn.rules)
 2406106 - ET RBN Known Russian Business Network Monitored Domains (107) (emerging-rbn.rules)
 2406107 - ET RBN Known Russian Business Network Monitored Domains (108) (emerging-rbn.rules)
 2406108 - ET RBN Known Russian Business Network Monitored Domains (109) (emerging-rbn.rules)
 2406109 - ET RBN Known Russian Business Network Monitored Domains (110) (emerging-rbn.rules)
 2406110 - ET RBN Known Russian Business Network Monitored Domains (111) (emerging-rbn.rules)
 2406111 - ET RBN Known Russian Business Network Monitored Domains (112) (emerging-rbn.rules)
 2406112 - ET RBN Known Russian Business Network Monitored Domains (113) (emerging-rbn.rules)
 2406113 - ET RBN Known Russian Business Network Monitored Domains (114) (emerging-rbn.rules)
 2406114 - ET RBN Known Russian Business Network Monitored Domains (115) (emerging-rbn.rules)
 2406115 - ET RBN Known Russian Business Network Monitored Domains (116) (emerging-rbn.rules)
 2406116 - ET RBN Known Russian Business Network Monitored Domains (117) (emerging-rbn.rules)
 2406117 - ET RBN Known Russian Business Network Monitored Domains (118) (emerging-rbn.rules)
 2406118 - ET RBN Known Russian Business Network Monitored Domains (119) (emerging-rbn.rules)
 2406119 - ET RBN Known Russian Business Network Monitored Domains (120) (emerging-rbn.rules)
 2406120 - ET RBN Known Russian Business Network Monitored Domains (121) (emerging-rbn.rules)
 2406121 - ET RBN Known Russian Business Network Monitored Domains (122) (emerging-rbn.rules)
 2406122 - ET RBN Known Russian Business Network Monitored Domains (123) (emerging-rbn.rules)
 2406123 - ET RBN Known Russian Business Network Monitored Domains (124) (emerging-rbn.rules)
 2406124 - ET RBN Known Russian Business Network Monitored Domains (125) (emerging-rbn.rules)
 2406125 - ET RBN Known Russian Business Network Monitored Domains (126) (emerging-rbn.rules)
 2406126 - ET RBN Known Russian Business Network Monitored Domains (127) (emerging-rbn.rules)
 2406127 - ET RBN Known Russian Business Network Monitored Domains (128) (emerging-rbn.rules)
 2406128 - ET RBN Known Russian Business Network Monitored Domains (129) (emerging-rbn.rules)
 2406129 - ET RBN Known Russian Business Network Monitored Domains (130) (emerging-rbn.rules)
 2406130 - ET RBN Known Russian Business Network Monitored Domains (131) (emerging-rbn.rules)
 2406131 - ET RBN Known Russian Business Network Monitored Domains (132) (emerging-rbn.rules)
 2406132 - ET RBN Known Russian Business Network Monitored Domains (133) (emerging-rbn.rules)
 2406133 - ET RBN Known Russian Business Network Monitored Domains (134) (emerging-rbn.rules)
 2406134 - ET RBN Known Russian Business Network Monitored Domains (135) (emerging-rbn.rules)
 2406135 - ET RBN Known Russian Business Network Monitored Domains (136) (emerging-rbn.rules)
 2406136 - ET RBN Known Russian Business Network Monitored Domains (137) (emerging-rbn.rules)
 2406137 - ET RBN Known Russian Business Network Monitored Domains (138) (emerging-rbn.rules)
 2406138 - ET RBN Known Russian Business Network Monitored Domains (139) (emerging-rbn.rules)
 2406139 - ET RBN Known Russian Business Network Monitored Domains (140) (emerging-rbn.rules)
 2406140 - ET RBN Known Russian Business Network Monitored Domains (141) (emerging-rbn.rules)
 2406141 - ET RBN Known Russian Business Network Monitored Domains (142) (emerging-rbn.rules)
 2406142 - ET RBN Known Russian Business Network Monitored Domains (143) (emerging-rbn.rules)
 2406143 - ET RBN Known Russian Business Network Monitored Domains (144) (emerging-rbn.rules)
 2406144 - ET RBN Known Russian Business Network Monitored Domains (145) (emerging-rbn.rules)
 2406145 - ET RBN Known Russian Business Network Monitored Domains (146) (emerging-rbn.rules)
 2406146 - ET RBN Known Russian Business Network Monitored Domains (147) (emerging-rbn.rules)
 2406147 - ET RBN Known Russian Business Network Monitored Domains (148) (emerging-rbn.rules)
 2406148 - ET RBN Known Russian Business Network Monitored Domains (149) (emerging-rbn.rules)
 2406149 - ET RBN Known Russian Business Network Monitored Domains (150) (emerging-rbn.rules)
 2406150 - ET RBN Known Russian Business Network Monitored Domains (151) (emerging-rbn.rules)
 2406151 - ET RBN Known Russian Business Network Monitored Domains (152) (emerging-rbn.rules)
 2406152 - ET RBN Known Russian Business Network Monitored Domains (153) (emerging-rbn.rules)
 2406153 - ET RBN Known Russian Business Network Monitored Domains (154) (emerging-rbn.rules)
 2406154 - ET RBN Known Russian Business Network Monitored Domains (155) (emerging-rbn.rules)
 2406155 - ET RBN Known Russian Business Network Monitored Domains (156) (emerging-rbn.rules)
 2406156 - ET RBN Known Russian Business Network Monitored Domains (157) (emerging-rbn.rules)
 2406157 - ET RBN Known Russian Business Network Monitored Domains (158) (emerging-rbn.rules)
 2406158 - ET RBN Known Russian Business Network Monitored Domains (159) (emerging-rbn.rules)
 2406159 - ET RBN Known Russian Business Network Monitored Domains (160) (emerging-rbn.rules)
 2406160 - ET RBN Known Russian Business Network Monitored Domains (161) (emerging-rbn.rules)
 2406161 - ET RBN Known Russian Business Network Monitored Domains (162) (emerging-rbn.rules)
 2406162 - ET RBN Known Russian Business Network Monitored Domains (163) (emerging-rbn.rules)
 2406163 - ET RBN Known Russian Business Network Monitored Domains (164) (emerging-rbn.rules)
 2406164 - ET RBN Known Russian Business Network Monitored Domains (165) (emerging-rbn.rules)
 2406165 - ET RBN Known Russian Business Network Monitored Domains (166) (emerging-rbn.rules)
 2406166 - ET RBN Known Russian Business Network Monitored Domains (167) (emerging-rbn.rules)
 2406167 - ET RBN Known Russian Business Network Monitored Domains (168) (emerging-rbn.rules)
 2406168 - ET RBN Known Russian Business Network Monitored Domains (169) (emerging-rbn.rules)
 2406169 - ET RBN Known Russian Business Network Monitored Domains (170) (emerging-rbn.rules)
 2407000 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (1) (emerging-rbn-BLOCK.rules)
 2407001 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (2) (emerging-rbn-BLOCK.rules)
 2407002 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (3) (emerging-rbn-BLOCK.rules)
 2407003 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (4) (emerging-rbn-BLOCK.rules)
 2407004 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (5) (emerging-rbn-BLOCK.rules)
 2407005 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (6) (emerging-rbn-BLOCK.rules)
 2407006 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (7) (emerging-rbn-BLOCK.rules)
 2407007 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (8) (emerging-rbn-BLOCK.rules)
 2407008 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (9) (emerging-rbn-BLOCK.rules)
 2407009 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (10) (emerging-rbn-BLOCK.rules)
 2407010 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (11) (emerging-rbn-BLOCK.rules)
 2407011 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (12) (emerging-rbn-BLOCK.rules)
 2407012 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (13) (emerging-rbn-BLOCK.rules)
 2407013 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (14) (emerging-rbn-BLOCK.rules)
 2407014 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (15) (emerging-rbn-BLOCK.rules)
 2407015 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (16) (emerging-rbn-BLOCK.rules)
 2407016 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (17) (emerging-rbn-BLOCK.rules)
 2407017 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (18) (emerging-rbn-BLOCK.rules)
 2407018 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (19) (emerging-rbn-BLOCK.rules)
 2407019 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (20) (emerging-rbn-BLOCK.rules)
 2407020 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (21) (emerging-rbn-BLOCK.rules)
 2407021 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (22) (emerging-rbn-BLOCK.rules)
 2407022 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (23) (emerging-rbn-BLOCK.rules)
 2407023 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (24) (emerging-rbn-BLOCK.rules)
 2407024 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (25) (emerging-rbn-BLOCK.rules)
 2407025 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (26) (emerging-rbn-BLOCK.rules)
 2407026 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (27) (emerging-rbn-BLOCK.rules)
 2407027 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (28) (emerging-rbn-BLOCK.rules)
 2407028 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (29) (emerging-rbn-BLOCK.rules)
 2407029 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (30) (emerging-rbn-BLOCK.rules)
 2407030 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (31) (emerging-rbn-BLOCK.rules)
 2407031 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (32) (emerging-rbn-BLOCK.rules)
 2407032 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (33) (emerging-rbn-BLOCK.rules)
 2407033 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (34) (emerging-rbn-BLOCK.rules)
 2407034 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (35) (emerging-rbn-BLOCK.rules)
 2407035 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (36) (emerging-rbn-BLOCK.rules)
 2407036 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (37) (emerging-rbn-BLOCK.rules)
 2407037 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (38) (emerging-rbn-BLOCK.rules)
 2407038 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (39) (emerging-rbn-BLOCK.rules)
 2407039 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (40) (emerging-rbn-BLOCK.rules)
 2407040 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (41) (emerging-rbn-BLOCK.rules)
 2407041 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (42) (emerging-rbn-BLOCK.rules)
 2407042 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (43) (emerging-rbn-BLOCK.rules)
 2407043 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (44) (emerging-rbn-BLOCK.rules)
 2407044 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (45) (emerging-rbn-BLOCK.rules)
 2407045 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (46) (emerging-rbn-BLOCK.rules)
 2407046 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (47) (emerging-rbn-BLOCK.rules)
 2407047 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (48) (emerging-rbn-BLOCK.rules)
 2407048 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (49) (emerging-rbn-BLOCK.rules)
 2407049 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (50) (emerging-rbn-BLOCK.rules)
 2407050 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (51) (emerging-rbn-BLOCK.rules)
 2407051 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (52) (emerging-rbn-BLOCK.rules)
 2407052 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (53) (emerging-rbn-BLOCK.rules)
 2407053 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (54) (emerging-rbn-BLOCK.rules)
 2407054 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (55) (emerging-rbn-BLOCK.rules)
 2407055 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (56) (emerging-rbn-BLOCK.rules)
 2407056 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (57) (emerging-rbn-BLOCK.rules)
 2407057 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (58) (emerging-rbn-BLOCK.rules)
 2407058 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (59) (emerging-rbn-BLOCK.rules)
 2407059 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (60) (emerging-rbn-BLOCK.rules)
 2407060 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (61) (emerging-rbn-BLOCK.rules)
 2407061 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (62) (emerging-rbn-BLOCK.rules)
 2407062 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (63) (emerging-rbn-BLOCK.rules)
 2407063 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (64) (emerging-rbn-BLOCK.rules)
 2407064 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (65) (emerging-rbn-BLOCK.rules)
 2407065 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (66) (emerging-rbn-BLOCK.rules)
 2407066 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (67) (emerging-rbn-BLOCK.rules)
 2407067 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (68) (emerging-rbn-BLOCK.rules)
 2407068 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (69) (emerging-rbn-BLOCK.rules)
 2407069 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (70) (emerging-rbn-BLOCK.rules)
 2407070 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (71) (emerging-rbn-BLOCK.rules)
 2407071 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (72) (emerging-rbn-BLOCK.rules)
 2407072 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (73) (emerging-rbn-BLOCK.rules)
 2407073 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (74) (emerging-rbn-BLOCK.rules)
 2407074 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (75) (emerging-rbn-BLOCK.rules)
 2407075 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (76) (emerging-rbn-BLOCK.rules)
 2407076 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (77) (emerging-rbn-BLOCK.rules)
 2407077 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (78) (emerging-rbn-BLOCK.rules)
 2407078 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (79) (emerging-rbn-BLOCK.rules)
 2407079 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (80) (emerging-rbn-BLOCK.rules)
 2407080 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (81) (emerging-rbn-BLOCK.rules)
 2407081 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (82) (emerging-rbn-BLOCK.rules)
 2407082 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (83) (emerging-rbn-BLOCK.rules)
 2407083 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (84) (emerging-rbn-BLOCK.rules)
 2407084 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (85) (emerging-rbn-BLOCK.rules)
 2407085 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (86) (emerging-rbn-BLOCK.rules)
 2407086 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (87) (emerging-rbn-BLOCK.rules)
 2407087 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (88) (emerging-rbn-BLOCK.rules)
 2407088 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (89) (emerging-rbn-BLOCK.rules)
 2407089 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (90) (emerging-rbn-BLOCK.rules)
 2407090 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (91) (emerging-rbn-BLOCK.rules)
 2407091 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (92) (emerging-rbn-BLOCK.rules)
 2407092 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (93) (emerging-rbn-BLOCK.rules)
 2407093 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (94) (emerging-rbn-BLOCK.rules)
 2407094 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (95) (emerging-rbn-BLOCK.rules)
 2407095 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (96) (emerging-rbn-BLOCK.rules)
 2407096 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (97) (emerging-rbn-BLOCK.rules)
 2407097 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (98) (emerging-rbn-BLOCK.rules)
 2407098 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (99) (emerging-rbn-BLOCK.rules)
 2407099 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (100) (emerging-rbn-BLOCK.rules)
 2407100 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (101) (emerging-rbn-BLOCK.rules)
 2407101 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (102) (emerging-rbn-BLOCK.rules)
 2407102 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (103) (emerging-rbn-BLOCK.rules)
 2407103 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (104) (emerging-rbn-BLOCK.rules)
 2407104 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (105) (emerging-rbn-BLOCK.rules)
 2407105 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (106) (emerging-rbn-BLOCK.rules)
 2407106 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (107) (emerging-rbn-BLOCK.rules)
 2407107 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (108) (emerging-rbn-BLOCK.rules)
 2407108 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (109) (emerging-rbn-BLOCK.rules)
 2407109 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (110) (emerging-rbn-BLOCK.rules)
 2407110 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (111) (emerging-rbn-BLOCK.rules)
 2407111 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (112) (emerging-rbn-BLOCK.rules)
 2407112 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (113) (emerging-rbn-BLOCK.rules)
 2407113 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (114) (emerging-rbn-BLOCK.rules)
 2407114 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (115) (emerging-rbn-BLOCK.rules)
 2407115 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (116) (emerging-rbn-BLOCK.rules)
 2407116 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (117) (emerging-rbn-BLOCK.rules)
 2407117 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (118) (emerging-rbn-BLOCK.rules)
 2407118 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (119) (emerging-rbn-BLOCK.rules)
 2407119 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (120) (emerging-rbn-BLOCK.rules)
 2407120 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (121) (emerging-rbn-BLOCK.rules)
 2407121 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (122) (emerging-rbn-BLOCK.rules)
 2407122 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (123) (emerging-rbn-BLOCK.rules)
 2407123 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (124) (emerging-rbn-BLOCK.rules)
 2407124 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (125) (emerging-rbn-BLOCK.rules)
 2407125 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (126) (emerging-rbn-BLOCK.rules)
 2407126 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (127) (emerging-rbn-BLOCK.rules)
 2407127 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (128) (emerging-rbn-BLOCK.rules)
 2407128 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (129) (emerging-rbn-BLOCK.rules)
 2407129 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (130) (emerging-rbn-BLOCK.rules)
 2407130 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (131) (emerging-rbn-BLOCK.rules)
 2407131 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (132) (emerging-rbn-BLOCK.rules)
 2407132 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (133) (emerging-rbn-BLOCK.rules)
 2407133 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (134) (emerging-rbn-BLOCK.rules)
 2407134 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (135) (emerging-rbn-BLOCK.rules)
 2407135 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (136) (emerging-rbn-BLOCK.rules)
 2407136 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (137) (emerging-rbn-BLOCK.rules)
 2407137 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (138) (emerging-rbn-BLOCK.rules)
 2407138 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (139) (emerging-rbn-BLOCK.rules)
 2407139 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (140) (emerging-rbn-BLOCK.rules)
 2407140 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (141) (emerging-rbn-BLOCK.rules)
 2407141 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (142) (emerging-rbn-BLOCK.rules)
 2407142 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (143) (emerging-rbn-BLOCK.rules)
 2407143 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (144) (emerging-rbn-BLOCK.rules)
 2407144 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (145) (emerging-rbn-BLOCK.rules)
 2407145 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (146) (emerging-rbn-BLOCK.rules)
 2407146 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (147) (emerging-rbn-BLOCK.rules)
 2407147 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (148) (emerging-rbn-BLOCK.rules)
 2407148 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (149) (emerging-rbn-BLOCK.rules)
 2407149 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (150) (emerging-rbn-BLOCK.rules)
 2407150 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (151) (emerging-rbn-BLOCK.rules)
 2407151 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (152) (emerging-rbn-BLOCK.rules)
 2407152 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (153) (emerging-rbn-BLOCK.rules)
 2407153 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (154) (emerging-rbn-BLOCK.rules)
 2407154 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (155) (emerging-rbn-BLOCK.rules)
 2407155 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (156) (emerging-rbn-BLOCK.rules)
 2407156 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (157) (emerging-rbn-BLOCK.rules)
 2407157 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (158) (emerging-rbn-BLOCK.rules)
 2407158 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (159) (emerging-rbn-BLOCK.rules)
 2407159 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (160) (emerging-rbn-BLOCK.rules)
 2407160 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (161) (emerging-rbn-BLOCK.rules)
 2407161 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (162) (emerging-rbn-BLOCK.rules)
 2407162 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (163) (emerging-rbn-BLOCK.rules)
 2407163 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (164) (emerging-rbn-BLOCK.rules)
 2407164 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (165) (emerging-rbn-BLOCK.rules)
 2407165 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (166) (emerging-rbn-BLOCK.rules)
 2407166 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (167) (emerging-rbn-BLOCK.rules)
 2407167 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (168) (emerging-rbn-BLOCK.rules)
 2407168 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (169) (emerging-rbn-BLOCK.rules)
 2407169 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING (170) (emerging-rbn-BLOCK.rules)


[---]         Removed rules:         [---]

 2008801 - ET CURRENT_EVENTS Conficker-A Worm Download Attempt From Dates 25/11-01/12 2008 (emerging.rules)
 2404006 - ET DROP Known Bot C&C Server Traffic (group 7)  (emerging-botcc.rules)
 2404007 - ET DROP Known Bot C&C Server Traffic (group 8)  (emerging-botcc.rules)
 2404008 - ET DROP Known Bot C&C Server Traffic (group 9)  (emerging-botcc.rules)
 2404009 - ET DROP Known Bot C&C Server Traffic (group 10)  (emerging-botcc.rules)
 2404010 - ET DROP Known Bot C&C Server Traffic (group 11)  (emerging-botcc.rules)
 2404011 - ET DROP Known Bot C&C Server Traffic (group 12)  (emerging-botcc.rules)
 2404012 - ET DROP Known Bot C&C Server Traffic (group 13)  (emerging-botcc.rules)
 2404013 - ET DROP Known Bot C&C Server Traffic (group 14)  (emerging-botcc.rules)
 2404014 - ET DROP Known Bot C&C Server Traffic (group 15)  (emerging-botcc.rules)
 2404015 - ET DROP Known Bot C&C Server Traffic (group 16)  (emerging-botcc.rules)
 2404016 - ET DROP Known Bot C&C Server Traffic (group 17)  (emerging-botcc.rules)
 2404017 - ET DROP Known Bot C&C Server Traffic (group 18)  (emerging-botcc.rules)
 2404018 - ET DROP Known Bot C&C Server Traffic (group 19)  (emerging-botcc.rules)
 2404019 - ET DROP Known Bot C&C Server Traffic (group 20)  (emerging-botcc.rules)
 2405006 - ET DROP Known Bot C&C Traffic (group 7) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules)
 2405007 - ET DROP Known Bot C&C Traffic (group 8) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules)
 2405008 - ET DROP Known Bot C&C Traffic (group 9) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules)
 2405009 - ET DROP Known Bot C&C Traffic (group 10) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules)
 2405010 - ET DROP Known Bot C&C Traffic (group 11) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules)
 2405011 - ET DROP Known Bot C&C Traffic (group 12) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules)
 2405012 - ET DROP Known Bot C&C Traffic (group 13) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules)
 2405013 - ET DROP Known Bot C&C Traffic (group 14) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules)
 2405014 - ET DROP Known Bot C&C Traffic (group 15) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules)
 2405015 - ET DROP Known Bot C&C Traffic (group 16) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules)
 2405016 - ET DROP Known Bot C&C Traffic (group 17) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules)
 2405017 - ET DROP Known Bot C&C Traffic (group 18) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules)
 2405018 - ET DROP Known Bot C&C Traffic (group 19) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules)
 2405019 - ET DROP Known Bot C&C Traffic (group 20) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to emerging-attack_response.rules (1):
        #for a windows cmd shell opened on a local box

     -> Added to emerging-drop-BLOCK.rules (2):
        #  VERSION 1408
        #  Generated 2009-01-03 00:03:02 EDT

     -> Added to emerging-drop.rules (2):
        #  VERSION 1408
        #  Generated 2009-01-03 00:03:02 EDT

     -> Added to emerging-policy.rules (2):
        #for access to a local dlink router's config page. Some trojans try to access this
        #re 20069714fc077fe197d3fc27fa905025

     -> Added to emerging-rbn-BLOCK.rules (2):
        #  VERSION 96
        #  Updated 2008-12-29 11:46:50

     -> Added to emerging-rbn.rules (2):
        #  VERSION 96
        #  Updated 2008-12-29 11:46:50

     -> Added to emerging-sid-msg.map (146):
        2008802 || ET CURRENT_EVENTS Possible Downadup/Conficker-A Worm Activity || url,www.f-secure.com/v-descs/worm_w32_downadup_a.shtml || url,www.microsoft.com/security/portal/Entry.aspx?Name=Worm%3aWin32%2fConficker.A
        2008803 || ET CURRENT_EVENTS Possible Downadup/Conficker-A Infection Checking Geographical Location || url,www.f-secure.com/v-descs/worm_w32_downadup_a.shtml || url,www.microsoft.com/security/portal/Entry.aspx?Name=Worm%3aWin32%2fConficker.A
        2008804 || ET CURRENT_EVENTS Downadup/Conficker-A Worm Download Attempt From Dates 25/11-01/12 2008 || url,www.f-secure.com/v-descs/worm_w32_downadup_a.shtml || url,www.microsoft.com/security/portal/Entry.aspx?Name=Worm%3aWin32%2fConficker.A
        2008914 || ET MALWARE Suspicious User-Agent (xr - Worm.Win32.VB.cj related)
        2008941 || ET MALWARE Suspicious User-Agent (HELLO)
        2008942 || ET POLICY Dlink Soho Router Config Page Access Attempt
        2008943 || ET TROJAN Lop_com or variant Checkin (9kgen_up) || url,www.threatexpert.com/reports.aspx?find=9kgen_up.int
        2008944 || ET TROJAN TDSServ or Tidserv variant Checkin || url,www.threatexpert.com/reports.aspx?find=%2Fcrcmds%2Fmain
        2008945 || ET TROJAN dlink router access attempt
        2008946 || ET TROJAN UpackbyDwing in HTTP Download Possibly Hostile || url,www.packetninjas.net
        2008947 || ET TROJAN UpackbyDwing in HTTP (2) Possibly Hostile || url,www.packetninjas.net
        2008948 || ET CURRENT_EVENTS TROJAN PWS-OnlineGames or variant Checkin || url,www.threatexpert.com/reports.aspx?find=help.rar
        2008949 || ET TROJAN Win32.Small.yml or Related HTTP Checkin
        2008950 || ET TROJAN Trojan.Win32.Small.yml client registration
        2008951 || ET TROJAN Trojan.Win32.Small.yml client command
        2008952 || ET TROJAN Win32.Small.yml or Related HTTP Command
        2008953 || ET POLICY Possible MS CMD Shell opened on local system
        2008954 || ET TROJAN Mac User-Agent Typo - Likely Hostile/Trojan Infection
        2008955 || ET TROJAN Mac User-Agent Typo INBOUND - Likely Hostile
        2008956 || ET MALWARE Suspicious User-Agent (IE/1.0)
        2008958 || ET TROJAN Waledac Beacon Traffic Detected || url,www.shadowserver.org/wiki/pmwiki.php?n=Calendar.20081231
        2008960 || ET CURRENT_EVENTS Unknown Roundcube Vulnerability Scan || url,isc.sans.org/diary.html?storyid=5599
        2008961 || ET WEB_SPECIFIC PHPmyGallery lang parameter Local File Inclusion || bugtraq,32705 || url,milw0rm.com/exploits/7392
        2008963 || ET WEB_ACTIVEX EasyMail Objects emmailstore.dll ActiveX Control Remote Buffer Overflow || url,milw0rm.com/exploits/7402 || bugtraq,32722
        2008964 || ET WEB_SPECIFIC lcxBBportal Alpha portal_block.php phpbb_root_path parameter Remote File Inclusion || bugtraq,32647 || url,milw0rm.com/exploits/7341
        2008965 || ET WEB_SPECIFIC lcxBBportal Alpha acp_lcxbbportal.php phpbb_root_path parameter Remote File Inclusion || bugtraq,32647 || url,milw0rm.com/exploits/7341
        2008966 || ET WEB_SPECIFIC ccTiddly index.php cct_base parameter Remote File Inclusion || url,secunia.com/Advisories/32995/ || url,www.milw0rm.com/exploits/7336
        2008967 || ET WEB_SPECIFIC ccTiddly proxy.php cct_base parameter Remote File Inclusion || url,secunia.com/Advisories/32995/ || url,www.milw0rm.com/exploits/7336
        2008968 || ET WEB_SPECIFIC ccTiddly header.php cct_base parameter Remote File Inclusion || url,secunia.com/Advisories/32995/ || url,www.milw0rm.com/exploits/7336
        2008969 || ET WEB_SPECIFIC ccTiddly include.php cct_base parameter Remote File Inclusion || url,secunia.com/Advisories/32995/ || url,www.milw0rm.com/exploits/7336
        2008970 || ET WEB_SPECIFIC ccTiddly workspace.php cct_base parameter Remote File Inclusion || url,secunia.com/Advisories/32995/ || url,www.milw0rm.com/exploits/7336
        2008982 || ET WEB_SPECIFIC PHPmyGallery confdir parameter Remote File Inclusion || bugtraq,32705 || url,milw0rm.com/exploits/7392
        2406170 || ET RBN Known Russian Business Network Monitored Domains (171) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406171 || ET RBN Known Russian Business Network Monitored Domains (172) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406172 || ET RBN Known Russian Business Network Monitored Domains (173) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406173 || ET RBN Known Russian Business Network Monitored Domains (174) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406174 || ET RBN Known Russian Business Network Monitored Domains (175) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406175 || ET RBN Known Russian Business Network Monitored Domains (176) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406176 || ET RBN Known Russian Business Network Monitored Domains (177) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406177 || ET RBN Known Russian Business Network Monitored Domains (178) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406178 || ET RBN Known Russian Business Network Monitored Domains (179) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406179 || ET RBN Known Russian Business Network Monitored Domains (180) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406180 || ET RBN Known Russian Business Network Monitored Domains (181) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406181 || ET RBN Known Russian Business Network Monitored Domains (182) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406182 || ET RBN Known Russian Business Network Monitored Domains (183) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406183 || ET RBN Known Russian Business Network Monitored Domains (184) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406184 || ET RBN Known Russian Business Network Monitored Domains (185) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406185 || ET RBN Known Russian Business Network Monitored Domains (186) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406186 || ET RBN Known Russian Business Network Monitored Domains (187) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406187 || ET RBN Known Russian Business Network Monitored Domains (188) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406188 || ET RBN Known Russian Business Network Monitored Domains (189) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406189 || ET RBN Known Russian Business Network Monitored Domains (190) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406190 || ET RBN Known Russian Business Network Monitored Domains (191) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406191 || ET RBN Known Russian Business Network Monitored Domains (192) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406192 || ET RBN Known Russian Business Network Monitored Domains (193) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406193 || ET RBN Known Russian Business Network Monitored Domains (194) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406194 || ET RBN Known Russian Business Network Monitored Domains (195) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406195 || ET RBN Known Russian Business Network Monitored Domains (196) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406196 || ET RBN Known Russian Business Network Monitored Domains (197) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406197 || ET RBN Known Russian Business Network Monitored Domains (198) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406198 || ET RBN Known Russian Business Network Monitored Domains (199) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407170 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (171) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407171 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (172) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407172 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (173) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407173 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (174) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407174 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (175) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407175 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (176) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407176 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (177) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407177 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (178) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407178 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (179) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407179 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (180) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407180 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (181) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407181 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (182) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407182 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (183) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407183 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (184) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407184 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (185) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407185 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (186) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407186 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (187) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407187 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (188) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407188 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (189) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407189 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (190) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407190 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (191) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407191 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (192) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407192 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (193) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407193 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (194) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407194 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (195) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407195 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (196) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407196 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (197) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407197 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (198) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407198 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (199) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2500037 || ET COMPROMISED Known Compromised or Hostile Host Traffic (38) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500038 || ET COMPROMISED Known Compromised or Hostile Host Traffic (39) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500039 || ET COMPROMISED Known Compromised or Hostile Host Traffic (40) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500040 || ET COMPROMISED Known Compromised or Hostile Host Traffic (41) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500041 || ET COMPROMISED Known Compromised or Hostile Host Traffic (42) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500042 || ET COMPROMISED Known Compromised or Hostile Host Traffic (43) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500043 || ET COMPROMISED Known Compromised or Hostile Host Traffic (44) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500044 || ET COMPROMISED Known Compromised or Hostile Host Traffic (45) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500045 || ET COMPROMISED Known Compromised or Hostile Host Traffic (46) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500046 || ET COMPROMISED Known Compromised or Hostile Host Traffic (47) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500047 || ET COMPROMISED Known Compromised or Hostile Host Traffic (48) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500048 || ET COMPROMISED Known Compromised or Hostile Host Traffic (49) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500049 || ET COMPROMISED Known Compromised or Hostile Host Traffic (50) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500050 || ET COMPROMISED Known Compromised or Hostile Host Traffic (51) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500051 || ET COMPROMISED Known Compromised or Hostile Host Traffic (52) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500052 || ET COMPROMISED Known Compromised or Hostile Host Traffic (53) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500053 || ET COMPROMISED Known Compromised or Hostile Host Traffic (54) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500054 || ET COMPROMISED Known Compromised or Hostile Host Traffic (55) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500055 || ET COMPROMISED Known Compromised or Hostile Host Traffic (56) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500056 || ET COMPROMISED Known Compromised or Hostile Host Traffic (57) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500057 || ET COMPROMISED Known Compromised or Hostile Host Traffic (58) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500058 || ET COMPROMISED Known Compromised or Hostile Host Traffic (59) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500059 || ET COMPROMISED Known Compromised or Hostile Host Traffic (60) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500060 || ET COMPROMISED Known Compromised or Hostile Host Traffic (61) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500061 || ET COMPROMISED Known Compromised or Hostile Host Traffic (62) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500062 || ET COMPROMISED Known Compromised or Hostile Host Traffic (63) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500063 || ET COMPROMISED Known Compromised or Hostile Host Traffic (64) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500064 || ET COMPROMISED Known Compromised or Hostile Host Traffic (65) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510037 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (38) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510038 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (39) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510039 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (40) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510040 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (41) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510041 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (42) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510042 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (43) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510043 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (44) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510044 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (45) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510045 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (46) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510046 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (47) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510047 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (48) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510048 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (49) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510049 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (50) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510050 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (51) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510051 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (52) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510052 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (53) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510053 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (54) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510054 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (55) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510055 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (56) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510056 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (57) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510057 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (58) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510058 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (59) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510059 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (60) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510060 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (61) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510061 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (62) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510062 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (63) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510063 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (64) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510064 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (65) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts

     -> Added to emerging-sid-msg.map.txt (146):
        2008802 || ET CURRENT_EVENTS Possible Downadup/Conficker-A Worm Activity || url,www.f-secure.com/v-descs/worm_w32_downadup_a.shtml || url,www.microsoft.com/security/portal/Entry.aspx?Name=Worm%3aWin32%2fConficker.A
        2008803 || ET CURRENT_EVENTS Possible Downadup/Conficker-A Infection Checking Geographical Location || url,www.f-secure.com/v-descs/worm_w32_downadup_a.shtml || url,www.microsoft.com/security/portal/Entry.aspx?Name=Worm%3aWin32%2fConficker.A
        2008804 || ET CURRENT_EVENTS Downadup/Conficker-A Worm Download Attempt From Dates 25/11-01/12 2008 || url,www.f-secure.com/v-descs/worm_w32_downadup_a.shtml || url,www.microsoft.com/security/portal/Entry.aspx?Name=Worm%3aWin32%2fConficker.A
        2008914 || ET MALWARE Suspicious User-Agent (xr - Worm.Win32.VB.cj related)
        2008941 || ET MALWARE Suspicious User-Agent (HELLO)
        2008942 || ET POLICY Dlink Soho Router Config Page Access Attempt
        2008943 || ET TROJAN Lop_com or variant Checkin (9kgen_up) || url,www.threatexpert.com/reports.aspx?find=9kgen_up.int
        2008944 || ET TROJAN TDSServ or Tidserv variant Checkin || url,www.threatexpert.com/reports.aspx?find=%2Fcrcmds%2Fmain
        2008945 || ET TROJAN dlink router access attempt
        2008946 || ET TROJAN UpackbyDwing in HTTP Download Possibly Hostile || url,www.packetninjas.net
        2008947 || ET TROJAN UpackbyDwing in HTTP (2) Possibly Hostile || url,www.packetninjas.net
        2008948 || ET CURRENT_EVENTS TROJAN PWS-OnlineGames or variant Checkin || url,www.threatexpert.com/reports.aspx?find=help.rar
        2008949 || ET TROJAN Win32.Small.yml or Related HTTP Checkin
        2008950 || ET TROJAN Trojan.Win32.Small.yml client registration
        2008951 || ET TROJAN Trojan.Win32.Small.yml client command
        2008952 || ET TROJAN Win32.Small.yml or Related HTTP Command
        2008953 || ET POLICY Possible MS CMD Shell opened on local system
        2008954 || ET TROJAN Mac User-Agent Typo - Likely Hostile/Trojan Infection
        2008955 || ET TROJAN Mac User-Agent Typo INBOUND - Likely Hostile
        2008956 || ET MALWARE Suspicious User-Agent (IE/1.0)
        2008958 || ET TROJAN Waledac Beacon Traffic Detected || url,www.shadowserver.org/wiki/pmwiki.php?n=Calendar.20081231
        2008960 || ET CURRENT_EVENTS Unknown Roundcube Vulnerability Scan || url,isc.sans.org/diary.html?storyid=5599
        2008961 || ET WEB_SPECIFIC PHPmyGallery lang parameter Local File Inclusion || bugtraq,32705 || url,milw0rm.com/exploits/7392
        2008963 || ET WEB_ACTIVEX EasyMail Objects emmailstore.dll ActiveX Control Remote Buffer Overflow || url,milw0rm.com/exploits/7402 || bugtraq,32722
        2008964 || ET WEB_SPECIFIC lcxBBportal Alpha portal_block.php phpbb_root_path parameter Remote File Inclusion || bugtraq,32647 || url,milw0rm.com/exploits/7341
        2008965 || ET WEB_SPECIFIC lcxBBportal Alpha acp_lcxbbportal.php phpbb_root_path parameter Remote File Inclusion || bugtraq,32647 || url,milw0rm.com/exploits/7341
        2008966 || ET WEB_SPECIFIC ccTiddly index.php cct_base parameter Remote File Inclusion || url,secunia.com/Advisories/32995/ || url,www.milw0rm.com/exploits/7336
        2008967 || ET WEB_SPECIFIC ccTiddly proxy.php cct_base parameter Remote File Inclusion || url,secunia.com/Advisories/32995/ || url,www.milw0rm.com/exploits/7336
        2008968 || ET WEB_SPECIFIC ccTiddly header.php cct_base parameter Remote File Inclusion || url,secunia.com/Advisories/32995/ || url,www.milw0rm.com/exploits/7336
        2008969 || ET WEB_SPECIFIC ccTiddly include.php cct_base parameter Remote File Inclusion || url,secunia.com/Advisories/32995/ || url,www.milw0rm.com/exploits/7336
        2008970 || ET WEB_SPECIFIC ccTiddly workspace.php cct_base parameter Remote File Inclusion || url,secunia.com/Advisories/32995/ || url,www.milw0rm.com/exploits/7336
        2008982 || ET WEB_SPECIFIC PHPmyGallery confdir parameter Remote File Inclusion || bugtraq,32705 || url,milw0rm.com/exploits/7392
        2406170 || ET RBN Known Russian Business Network Monitored Domains (171) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406171 || ET RBN Known Russian Business Network Monitored Domains (172) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406172 || ET RBN Known Russian Business Network Monitored Domains (173) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406173 || ET RBN Known Russian Business Network Monitored Domains (174) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406174 || ET RBN Known Russian Business Network Monitored Domains (175) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406175 || ET RBN Known Russian Business Network Monitored Domains (176) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406176 || ET RBN Known Russian Business Network Monitored Domains (177) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406177 || ET RBN Known Russian Business Network Monitored Domains (178) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406178 || ET RBN Known Russian Business Network Monitored Domains (179) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406179 || ET RBN Known Russian Business Network Monitored Domains (180) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406180 || ET RBN Known Russian Business Network Monitored Domains (181) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406181 || ET RBN Known Russian Business Network Monitored Domains (182) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406182 || ET RBN Known Russian Business Network Monitored Domains (183) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406183 || ET RBN Known Russian Business Network Monitored Domains (184) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406184 || ET RBN Known Russian Business Network Monitored Domains (185) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406185 || ET RBN Known Russian Business Network Monitored Domains (186) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406186 || ET RBN Known Russian Business Network Monitored Domains (187) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406187 || ET RBN Known Russian Business Network Monitored Domains (188) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406188 || ET RBN Known Russian Business Network Monitored Domains (189) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406189 || ET RBN Known Russian Business Network Monitored Domains (190) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406190 || ET RBN Known Russian Business Network Monitored Domains (191) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406191 || ET RBN Known Russian Business Network Monitored Domains (192) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406192 || ET RBN Known Russian Business Network Monitored Domains (193) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406193 || ET RBN Known Russian Business Network Monitored Domains (194) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406194 || ET RBN Known Russian Business Network Monitored Domains (195) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406195 || ET RBN Known Russian Business Network Monitored Domains (196) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406196 || ET RBN Known Russian Business Network Monitored Domains (197) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406197 || ET RBN Known Russian Business Network Monitored Domains (198) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406198 || ET RBN Known Russian Business Network Monitored Domains (199) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407170 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (171) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407171 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (172) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407172 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (173) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407173 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (174) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407174 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (175) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407175 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (176) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407176 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (177) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407177 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (178) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407178 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (179) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407179 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (180) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407180 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (181) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407181 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (182) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407182 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (183) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407183 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (184) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407184 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (185) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407185 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (186) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407186 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (187) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407187 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (188) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407188 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (189) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407189 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (190) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407190 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (191) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407191 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (192) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407192 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (193) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407193 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (194) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407194 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (195) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407195 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (196) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407196 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (197) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407197 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (198) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407198 || ET RBN Known Russian Business Network Monitored Domains - BLOCKING (199) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork
        2500037 || ET COMPROMISED Known Compromised or Hostile Host Traffic (38) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500038 || ET COMPROMISED Known Compromised or Hostile Host Traffic (39) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500039 || ET COMPROMISED Known Compromised or Hostile Host Traffic (40) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500040 || ET COMPROMISED Known Compromised or Hostile Host Traffic (41) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500041 || ET COMPROMISED Known Compromised or Hostile Host Traffic (42) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500042 || ET COMPROMISED Known Compromised or Hostile Host Traffic (43) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500043 || ET COMPROMISED Known Compromised or Hostile Host Traffic (44) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500044 || ET COMPROMISED Known Compromised or Hostile Host Traffic (45) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500045 || ET COMPROMISED Known Compromised or Hostile Host Traffic (46) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500046 || ET COMPROMISED Known Compromised or Hostile Host Traffic (47) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500047 || ET COMPROMISED Known Compromised or Hostile Host Traffic (48) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500048 || ET COMPROMISED Known Compromised or Hostile Host Traffic (49) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500049 || ET COMPROMISED Known Compromised or Hostile Host Traffic (50) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500050 || ET COMPROMISED Known Compromised or Hostile Host Traffic (51) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500051 || ET COMPROMISED Known Compromised or Hostile Host Traffic (52) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500052 || ET COMPROMISED Known Compromised or Hostile Host Traffic (53) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500053 || ET COMPROMISED Known Compromised or Hostile Host Traffic (54) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500054 || ET COMPROMISED Known Compromised or Hostile Host Traffic (55) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500055 || ET COMPROMISED Known Compromised or Hostile Host Traffic (56) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500056 || ET COMPROMISED Known Compromised or Hostile Host Traffic (57) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500057 || ET COMPROMISED Known Compromised or Hostile Host Traffic (58) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500058 || ET COMPROMISED Known Compromised or Hostile Host Traffic (59) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500059 || ET COMPROMISED Known Compromised or Hostile Host Traffic (60) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500060 || ET COMPROMISED Known Compromised or Hostile Host Traffic (61) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500061 || ET COMPROMISED Known Compromised or Hostile Host Traffic (62) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500062 || ET COMPROMISED Known Compromised or Hostile Host Traffic (63) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500063 || ET COMPROMISED Known Compromised or Hostile Host Traffic (64) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500064 || ET COMPROMISED Known Compromised or Hostile Host Traffic (65) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510037 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (38) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510038 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (39) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510039 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (40) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510040 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (41) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510041 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (42) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510042 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (43) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510043 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (44) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510044 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (45) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510045 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (46) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510046 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (47) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510047 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (48) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510048 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (49) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510049 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (50) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510050 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (51) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510051 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (52) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510052 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (53) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510053 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (54) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510054 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (55) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510055 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (56) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510056 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (57) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510057 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (58) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510058 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (59) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510059 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (60) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510060 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (61) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510061 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (62) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510062 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (63) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510063 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (64) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510064 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (65) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts

     -> Added to emerging-virus.rules (8):
        #by Dan Clemens of packetninjas.net
        #this is similar to 2008942, but this trojan doesn't add a host header
        #by Rob Grabowsky
        #by Rob Grabowsky
        #by shadowserver, steven
        #by victor Julien
        # Ikarus: Trojan.Win32.Small.yml,
        #re f01fd7ecfce8af65832a3a57d2789fa6

     -> Added to emerging.rules (3):
        #by kevin ross
        #putting this in current events to see how badly it falses.
        # Looking for a simple thing, but the pws's use this pretty reliably, and hopefully it's not too common in the real world

[---]     Removed non-rule lines:    [---]

     -> Removed from emerging-drop-BLOCK.rules (2):
        #  VERSION 1401
        #  Generated 2008-12-27 00:03:02 EDT

     -> Removed from emerging-drop.rules (2):
        #  VERSION 1401
        #  Generated 2008-12-27 00:03:02 EDT

     -> Removed from emerging-rbn-BLOCK.rules (2):
        #  VERSION 95
        #  Updated 2008-12-24 16:58:38

     -> Removed from emerging-rbn.rules (2):
        #  VERSION 95
        #  Updated 2008-12-24 16:58:38

     -> Removed from emerging-sid-msg.map (33):
        2008801 || ET CURRENT_EVENTS Conficker-A Worm Download Attempt From Dates 25/11-01/12 2008 || url,www.microsoft.com/security/portal/Entry.aspx?Name=Worm%3aWin32%2fConficker.A
        2008802 || ET CURRENT_EVENTS Possible Downaup/Conficker-A Worm Activity || url,www.f-secure.com/v-descs/worm_w32_downadup_a.shtml || url,www.microsoft.com/security/portal/Entry.aspx?Name=Worm%3aWin32%2fConficker.A
        2008803 || ET CURRENT_EVENTS Possible Downaup/Conficker-A Infection Checking Geographical Location || url,www.f-secure.com/v-descs/worm_w32_downadup_a.shtml || url,www.microsoft.com/security/portal/Entry.aspx?Name=Worm%3aWin32%2fConficker.A
        2008804 || ET CURRENT_EVENTS Downaup/Conficker-A Worm Download Attempt From Dates 25/11-01/12 2008 || url,www.f-secure.com/v-descs/worm_w32_downadup_a.shtml || url,www.microsoft.com/security/portal/Entry.aspx?Name=Worm%3aWin32%2fConficker.A
        2008914 || ET MALWARE Suspicious User-Agent (Worm.Win32.VB.cj related)
        2404006 || ET DROP Known Bot C&C Server Traffic (group 7)  || url,www.shadowserver.org
        2404007 || ET DROP Known Bot C&C Server Traffic (group 8)  || url,www.shadowserver.org
        2404008 || ET DROP Known Bot C&C Server Traffic (group 9)  || url,www.shadowserver.org
        2404009 || ET DROP Known Bot C&C Server Traffic (group 10)  || url,www.shadowserver.org
        2404010 || ET DROP Known Bot C&C Server Traffic (group 11)  || url,www.shadowserver.org
        2404011 || ET DROP Known Bot C&C Server Traffic (group 12)  || url,www.shadowserver.org
        2404012 || ET DROP Known Bot C&C Server Traffic (group 13)  || url,www.shadowserver.org
        2404013 || ET DROP Known Bot C&C Server Traffic (group 14)  || url,www.shadowserver.org
        2404014 || ET DROP Known Bot C&C Server Traffic (group 15)  || url,www.shadowserver.org
        2404015 || ET DROP Known Bot C&C Server Traffic (group 16)  || url,www.shadowserver.org
        2404016 || ET DROP Known Bot C&C Server Traffic (group 17)  || url,www.shadowserver.org
        2404017 || ET DROP Known Bot C&C Server Traffic (group 18)  || url,www.shadowserver.org
        2404018 || ET DROP Known Bot C&C Server Traffic (group 19)  || url,www.shadowserver.org
        2404019 || ET DROP Known Bot C&C Server Traffic (group 20)  || url,www.shadowserver.org
        2405006 || ET DROP Known Bot C&C Traffic (group 7) - BLOCKING SOURCE || url,www.shadowserver.org
        2405007 || ET DROP Known Bot C&C Traffic (group 8) - BLOCKING SOURCE || url,www.shadowserver.org
        2405008 || ET DROP Known Bot C&C Traffic (group 9) - BLOCKING SOURCE || url,www.shadowserver.org
        2405009 || ET DROP Known Bot C&C Traffic (group 10) - BLOCKING SOURCE || url,www.shadowserver.org
        2405010 || ET DROP Known Bot C&C Traffic (group 11) - BLOCKING SOURCE || url,www.shadowserver.org
        2405011 || ET DROP Known Bot C&C Traffic (group 12) - BLOCKING SOURCE || url,www.shadowserver.org
        2405012 || ET DROP Known Bot C&C Traffic (group 13) - BLOCKING SOURCE || url,www.shadowserver.org
        2405013 || ET DROP Known Bot C&C Traffic (group 14) - BLOCKING SOURCE || url,www.shadowserver.org
        2405014 || ET DROP Known Bot C&C Traffic (group 15) - BLOCKING SOURCE || url,www.shadowserver.org
        2405015 || ET DROP Known Bot C&C Traffic (group 16) - BLOCKING SOURCE || url,www.shadowserver.org
        2405016 || ET DROP Known Bot C&C Traffic (group 17) - BLOCKING SOURCE || url,www.shadowserver.org
        2405017 || ET DROP Known Bot C&C Traffic (group 18) - BLOCKING SOURCE || url,www.shadowserver.org
        2405018 || ET DROP Known Bot C&C Traffic (group 19) - BLOCKING SOURCE || url,www.shadowserver.org
        2405019 || ET DROP Known Bot C&C Traffic (group 20) - BLOCKING SOURCE || url,www.shadowserver.org

     -> Removed from emerging-sid-msg.map.txt (33):
        2008801 || ET CURRENT_EVENTS Conficker-A Worm Download Attempt From Dates 25/11-01/12 2008 || url,www.microsoft.com/security/portal/Entry.aspx?Name=Worm%3aWin32%2fConficker.A
        2008802 || ET CURRENT_EVENTS Possible Downaup/Conficker-A Worm Activity || url,www.f-secure.com/v-descs/worm_w32_downadup_a.shtml || url,www.microsoft.com/security/portal/Entry.aspx?Name=Worm%3aWin32%2fConficker.A
        2008803 || ET CURRENT_EVENTS Possible Downaup/Conficker-A Infection Checking Geographical Location || url,www.f-secure.com/v-descs/worm_w32_downadup_a.shtml || url,www.microsoft.com/security/portal/Entry.aspx?Name=Worm%3aWin32%2fConficker.A
        2008804 || ET CURRENT_EVENTS Downaup/Conficker-A Worm Download Attempt From Dates 25/11-01/12 2008 || url,www.f-secure.com/v-descs/worm_w32_downadup_a.shtml || url,www.microsoft.com/security/portal/Entry.aspx?Name=Worm%3aWin32%2fConficker.A
        2008914 || ET MALWARE Suspicious User-Agent (Worm.Win32.VB.cj related)
        2404006 || ET DROP Known Bot C&C Server Traffic (group 7)  || url,www.shadowserver.org
        2404007 || ET DROP Known Bot C&C Server Traffic (group 8)  || url,www.shadowserver.org
        2404008 || ET DROP Known Bot C&C Server Traffic (group 9)  || url,www.shadowserver.org
        2404009 || ET DROP Known Bot C&C Server Traffic (group 10)  || url,www.shadowserver.org
        2404010 || ET DROP Known Bot C&C Server Traffic (group 11)  || url,www.shadowserver.org
        2404011 || ET DROP Known Bot C&C Server Traffic (group 12)  || url,www.shadowserver.org
        2404012 || ET DROP Known Bot C&C Server Traffic (group 13)  || url,www.shadowserver.org
        2404013 || ET DROP Known Bot C&C Server Traffic (group 14)  || url,www.shadowserver.org
        2404014 || ET DROP Known Bot C&C Server Traffic (group 15)  || url,www.shadowserver.org
        2404015 || ET DROP Known Bot C&C Server Traffic (group 16)  || url,www.shadowserver.org
        2404016 || ET DROP Known Bot C&C Server Traffic (group 17)  || url,www.shadowserver.org
        2404017 || ET DROP Known Bot C&C Server Traffic (group 18)  || url,www.shadowserver.org
        2404018 || ET DROP Known Bot C&C Server Traffic (group 19)  || url,www.shadowserver.org
        2404019 || ET DROP Known Bot C&C Server Traffic (group 20)  || url,www.shadowserver.org
        2405006 || ET DROP Known Bot C&C Traffic (group 7) - BLOCKING SOURCE || url,www.shadowserver.org
        2405007 || ET DROP Known Bot C&C Traffic (group 8) - BLOCKING SOURCE || url,www.shadowserver.org
        2405008 || ET DROP Known Bot C&C Traffic (group 9) - BLOCKING SOURCE || url,www.shadowserver.org
        2405009 || ET DROP Known Bot C&C Traffic (group 10) - BLOCKING SOURCE || url,www.shadowserver.org
        2405010 || ET DROP Known Bot C&C Traffic (group 11) - BLOCKING SOURCE || url,www.shadowserver.org
        2405011 || ET DROP Known Bot C&C Traffic (group 12) - BLOCKING SOURCE || url,www.shadowserver.org
        2405012 || ET DROP Known Bot C&C Traffic (group 13) - BLOCKING SOURCE || url,www.shadowserver.org
        2405013 || ET DROP Known Bot C&C Traffic (group 14) - BLOCKING SOURCE || url,www.shadowserver.org
        2405014 || ET DROP Known Bot C&C Traffic (group 15) - BLOCKING SOURCE || url,www.shadowserver.org
        2405015 || ET DROP Known Bot C&C Traffic (group 16) - BLOCKING SOURCE || url,www.shadowserver.org
        2405016 || ET DROP Known Bot C&C Traffic (group 17) - BLOCKING SOURCE || url,www.shadowserver.org
        2405017 || ET DROP Known Bot C&C Traffic (group 18) - BLOCKING SOURCE || url,www.shadowserver.org
        2405018 || ET DROP Known Bot C&C Traffic (group 19) - BLOCKING SOURCE || url,www.shadowserver.org
        2405019 || ET DROP Known Bot C&C Traffic (group 20) - BLOCKING SOURCE || url,www.shadowserver.org



More information about the Emerging-sigs mailing list