From signatures at stillsecure.com Mon Jun 1 07:38:56 2009 From: signatures at stillsecure.com (signatures) Date: Mon, 1 Jun 2009 05:38:56 -0600 Subject: [Emerging-Sigs] StillSecure: 10 New Signatures - Jun-01-2009 Message-ID: <5C9E8CCEEB81ED498AC0C3B0054704F3054C2930@webmail.latis.com> Hi Matt, Please find 10 New Signatures below: 1. WEB-PHP PHPizabi dac.php sendChatData Parameter Local File Inclusion alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-PHP PHPizabi dac.php sendChatData Parameter Local File Inclusion"; flow:to_server,established; content:"GET "; depth:4; uricontent:"/chat/dac.php?"; nocase; uricontent:"sendChatData="; nocase; content:"../"; classtype:web-application-attack; reference:url,milw0rm.com/exploits/8268; reference:bugtraq,34213; sid:2009105; rev:1;) 2. WEB-PHP Joomla Onguma Time Sheet Component onguma.class.php mosConfig_absolute_path Parameter Remote File Inclusion alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-PHP Joomla Onguma Time Sheet Component onguma.class.php mosConfig_absolute_path Parameter Remote File Inclusion"; flow:to_server,established; content:"GET "; depth:4; uricontent:"/com_ongumatimesheet20/lib/onguma.class.php?"; nocase; uricontent:"mosConfig_absolute_path="; nocase; pcre:"/mosConfig_absolute_path=\s*(https?|ftps?|php)\:\//Ui"; classtype:web-application-attack; reference:bugtraq,32095; reference:cve,CVE-2008-6347; reference:url,milw0rm.com/exploits/6976; sid:2009093; rev:1;) 3. WEB-PHP YouTube Blog cuerpo.php base_archivo Remote File Inclusion alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-PHP YouTube Blog cuerpo.php base_archivo Remote File Inclusion"; flow:to_server,established; content:"GET "; depth:4; uricontent:"/cuenta/cuerpo.php?"; nocase; uricontent:"base_archivo="; nocase; pcre:"/base_archivo=\s*(https?|ftps?|php)\:\//Ui"; classtype:web-application-attack; reference:url,milw0rm.com/exploits/6117; reference:bugtraq,30345; reference:url,secunia.com/advisories/31161; sid:2009089; rev:1;) 4. WEB-PHP YouTube Blog cuerpo.php base_archivo Local File Inclusion alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-PHP YouTube Blog cuerpo.php base_archivo Local File Inclusion"; flow:to_server,established; content:"GET "; depth:4; uricontent:"/cuenta/cuerpo.php?"; nocase; uricontent:"base_archivo="; nocase; content:"../"; classtype:web-application-attack; reference:url,milw0rm.com/exploits/6117; reference:bugtraq,30345; reference:url,secunia.com/advisories/31161; sid:2009090; rev:1;) 5. WEB-PHP GDL gdl.php node Parameter SQL Injection alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-PHP GDL gdl.php node Parameter SQL Injection"; flow:to_server,established; content:"GET "; depth:4; uricontent:"/gdl.php?"; nocase; uricontent:"mod=browse"; nocase; uricontent:"node="; nocase; uricontent:"UNION"; nocase; uricontent:"SELECT"; nocase; pcre:"/UNION.+SELECT/Ui"; classtype:web-application-attack; reference:bugtraq,34144; reference:url,milw0rm.com/exploits/8228; sid:2009232; rev:1;) 6. WEB-ATTACKS Autodesk IDrop Indicator ActiveX Control Memory Corruption alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"WEB-ATTACKS Autodesk IDrop Indicator ActiveX Control Memory Corruption"; flow:to_client,established; content:"clsid"; nocase; content:"21E0CB95-1198-4945-A3D2-4BF804295F78"; nocase; distance:0; pcre:"/(Src|Background|PackageXml)/i"; classtype:web-application-attack; reference:url,secunia.com/advisories/34563/; reference:url,archives.neohapsis.com/archives/fulldisclosure/2009-04/0020.html; reference:url,vupen.com/english/advisories/2009/0942; reference:url,milw0rm.com/exploits/8560; sid:7505; rev:1;) 7. WEB-PHP OTManager ADM_Pagina.php Tipo Remote File Inclusion alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-PHP OTManager ADM_Pagina.php Tipo Remote File Inclusion"; flow:to_server,established; content:"GET "; depth:4; uricontent:"/ADM_Pagina.php?"; nocase; uricontent:"Tipo="; nocase; pcre:"/Tipo=\s*(https?|ftps?|php)\:\//Ui"; classtype:web-application-attack; reference:cve,CVE-2008-5063; reference:url,vupen.com/english/advisories/2008/3093; reference:url,secunia.com/advisories/32645; sid:2009086; rev:1;) 8. WEB-PHP OTManager ADM_Pagina.php Tipo Local File Inclusion alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-PHP OTManager ADM_Pagina.php Tipo Local File Inclusion"; flow:to_server,established; content:"GET "; depth:4; uricontent:"/ADM_Pagina.php?"; nocase; uricontent:"Tipo="; content:"../"; classtype:web-application-attack; reference:cve,CVE-2008-5063; reference:url,vupen.com/english/advisories/2008/3093; reference:url,secunia.com/advisories/32645; sid:2009087; rev:1;) 9. WEB-PHP phpProfiles body_comm.inc.php content parameter remote file inclusion alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-PHP phpProfiles body_comm.inc.php content parameter remote file inclusion"; flow:to_server,established; content:"GET "; depth:4; uricontent:"/body_comm.inc.php?"; nocase; uricontent:"content="; nocase; pcre:"/content=\s*(https?|ftps?|php)\:\//Ui"; classtype:web-application-attack; reference:bugtraq,27952; reference:url,milw0rm.com/exploits/5175; sid:2009256; rev:1;) 10. WEB-PHP HoMaP plugin_admin.php _settings Parameter Remote File Inclusion alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-PHP HoMaP plugin_admin.php _settings Parameter Remote File Inclusion"; flow:to_server,established; content:"GET "; depth:4; uricontent:"/plugin_admin.php?"; nocase; uricontent:"_settings[pluginpath]="; nocase; pcre:"/_settings\[pluginpath\]=\s*(https?|ftps?|php)\:\//Ui"; classtype:web-application-attack; reference:url,milw0rm.com/exploits/5902; reference:bugtraq,29877; sid:2009111; rev:1;) Looking forward for your comments, if any... Thanks & Regards, StillSecure -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.emergingthreats.net/pipermail/emerging-sigs/attachments/20090601/43e8d578/attachment-0001.html From jules at visionintel.com Mon Jun 1 11:45:49 2009 From: jules at visionintel.com (Jules Pagna Disso) Date: Mon, 1 Jun 2009 16:45:49 +0100 Subject: [Emerging-Sigs] dns Message-ID: <69544300906010845w7e4911fdy1b1d7d30eb301486@mail.gmail.com> hi, Is there a reliable source of dns that one can use to filter? especially Chinese/Korean DNS ? thanks, Jules -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.emergingthreats.net/pipermail/emerging-sigs/attachments/20090601/1354f8e8/attachment.html From emerging at emergingthreats.net Mon Jun 1 16:00:11 2009 From: emerging at emergingthreats.net (emerging@emergingthreats.net) Date: Mon, 1 Jun 2009 16:00:11 -0400 (EDT) Subject: [Emerging-Sigs] Emerging Threats Daily Signature Changes Message-ID: <20090601200011.CD10E4504B@goliath.jonkmans.com> [***] Results from Oinkmaster started Mon Jun 1 16:00:11 2009 [***] [*] Rules modifications: [*] None. [---] Removed non-rule lines: [---] -> Removed from emerging-sid-msg.map (2): 2404024 || ET DROP Known Bot C&C Server Traffic (group 25) || url,www.shadowserver.org 2405024 || ET DROP Known Bot C&C Traffic (group 25) - BLOCKING SOURCE || url,www.shadowserver.org -> Removed from emerging-sid-msg.map.txt (2): 2404024 || ET DROP Known Bot C&C Server Traffic (group 25) || url,www.shadowserver.org 2405024 || ET DROP Known Bot C&C Traffic (group 25) - BLOCKING SOURCE || url,www.shadowserver.org From jules at visionintel.com Tue Jun 2 13:40:38 2009 From: jules at visionintel.com (Jules Pagna Disso) Date: Tue, 2 Jun 2009 18:40:38 +0100 Subject: [Emerging-Sigs] WEB-MISC SSLv2 openssl get shared ciphers overflow attempt Message-ID: <69544300906021040i5274c540sb130fca9518c4c9@mail.gmail.com> hi guys, during a life chat session using the LivePerson software I got this: 145 x ET WEB PHP Remote File Inclusion (monster list http) 10 x Eventscan 2 x Eventstorm 474 x WEB-MISC SSLv2 openssl get shared ciphers overflow attempt WEB-MISC SSLv2 openssl get shared ciphers overflow attempt (vendor-specific:1:8428, vendor-specific:url, cve:2007-5135, cve:2006-3738, bugtraqid:20249) I think this is a way too high number of false positive. should we not review that? thanks, Jules -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.emergingthreats.net/pipermail/emerging-sigs/attachments/20090602/2b935304/attachment.html From emerging at emergingthreats.net Tue Jun 2 16:00:11 2009 From: emerging at emergingthreats.net (emerging@emergingthreats.net) Date: Tue, 2 Jun 2009 16:00:11 -0400 (EDT) Subject: [Emerging-Sigs] Emerging Threats Daily Signature Changes Message-ID: <20090602200011.DF59F4504A@goliath.jonkmans.com> [***] Results from Oinkmaster started Tue Jun 2 16:00:11 2009 [***] [*] Rules modifications: [*] None. [+++] Added non-rule lines: [+++] -> Added to emerging-sid-msg.map (34): 2404024 || ET DROP Known Bot C&C Server Traffic (group 25) || url,www.shadowserver.org 2405024 || ET DROP Known Bot C&C Traffic (group 25) - BLOCKING SOURCE || url,www.shadowserver.org 2500262 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (132) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500263 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (132) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500264 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (133) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500265 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (133) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500266 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (134) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500267 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (134) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500268 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (135) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500269 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (135) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500270 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (136) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500271 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (136) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500272 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (137) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500273 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (137) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500274 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (138) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500275 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (138) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500276 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (139) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500277 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (139) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510262 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (132) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510263 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (132) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510264 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (133) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510265 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (133) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510266 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (134) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510267 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (134) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510268 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (135) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510269 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (135) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510270 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (136) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510271 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (136) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510272 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (137) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510273 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (137) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510274 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (138) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510275 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (138) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510276 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (139) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510277 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (139) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts -> Added to emerging-sid-msg.map.txt (34): 2404024 || ET DROP Known Bot C&C Server Traffic (group 25) || url,www.shadowserver.org 2405024 || ET DROP Known Bot C&C Traffic (group 25) - BLOCKING SOURCE || url,www.shadowserver.org 2500262 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (132) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500263 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (132) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500264 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (133) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500265 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (133) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500266 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (134) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500267 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (134) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500268 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (135) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500269 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (135) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500270 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (136) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500271 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (136) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500272 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (137) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500273 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (137) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500274 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (138) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500275 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (138) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500276 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (139) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500277 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (139) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510262 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (132) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510263 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (132) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510264 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (133) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510265 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (133) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510266 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (134) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510267 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (134) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510268 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (135) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510269 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (135) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510270 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (136) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510271 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (136) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510272 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (137) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510273 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (137) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510274 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (138) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510275 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (138) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510276 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (139) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510277 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (139) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts From jaime.blasco at alienvault.com Wed Jun 3 06:16:39 2009 From: jaime.blasco at alienvault.com (Jaime Blasco) Date: Wed, 3 Jun 2009 12:16:39 +0200 Subject: [Emerging-Sigs] Messenger activity Message-ID: <53834cf20906030316o70ecce59s1ff0223329f9d1f1@mail.gmail.com> Hi All, I've been analyzing some MSN Messenger HTTP Traffic that doesn?t match with any Messenger related rule. POST http://207.46.106.23/gateway/gateway.dll?Action=poll&SessionID=1442883192.808069541 HTTP/1.1[2 non-ASCII characters] Accept: */*[2 non-ASCII characters] Accept-Language: en-us[2 non-ASCII characters] Accept-Encoding: gzip, deflate[2 non-ASCII characters] User-Agent: MSMSGS[2 non-ASCII characters] Host: 207.46.106.23[2 non-ASCII characters] Proxy-Connection: Keep-Alive[2 non-ASCII characters] Connection: Keep-Alive[2 non-ASCII characters] Pragma: no-cache[2 non-ASCII characters] Content-Type: application/x-msn-messenger[2 non-ASCII characters] Content-Length: 0[3 non-ASCII characters] These packets match with ET WEB Proxy POST Request but I think will be useful a rule to detect MSN related activity using Content-type or User-agent fields. alert tcp $HOME_NET any <> $EXTERNAL_NET any (msg:"ET CHAT MSN activity"; flow: established; content:"Content-Type|3A|"; nocase; distance: 0; content:"application/x-msn-messenger"; nocase; classtype: policy-violation; reference:url,www.hypothetic.org/docs/msn/general/http_examples.php; sid:; rev:;) alert tcp $HOME_NET any -> $EXTERNAL_NET any (msg:"ET CHAT MSN activity"; flow: established,to_server; content: "User-Agent\: MSMSGS"; nocase; classtype: policy-violation; reference:url, www.hypothetic.org/docs/msn/general/http_examples.php; sid:; rev:;) Regards -- _______________________________ Jaime Blasco www.ossim.com www.alienvault.com Email: jaime.blasco at alienvault.com -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.emergingthreats.net/pipermail/emerging-sigs/attachments/20090603/0b0e84f6/attachment-0001.html From jonkman at jonkmans.com Wed Jun 3 13:29:32 2009 From: jonkman at jonkmans.com (Matt Jonkman) Date: Wed, 03 Jun 2009 13:29:32 -0400 Subject: [Emerging-Sigs] Messenger activity In-Reply-To: <53834cf20906030316o70ecce59s1ff0223329f9d1f1@mail.gmail.com> References: <53834cf20906030316o70ecce59s1ff0223329f9d1f1@mail.gmail.com> Message-ID: <4A26B2FC.3050002@jonkmans.com> Posted, thanks Jaime. I moved the distance behind the second content match in the first sig, it modifies the prior match. Otherwise great sigs, thanks! Matt Jaime Blasco wrote: > Hi All, > > I've been analyzing some MSN Messenger HTTP Traffic that doesn?t match > with any Messenger related rule. > > POST http://207.46.106.23/gateway/gateway.dll?Action=poll&SessionID=1442883192.808069541 HTTP/1.1 > [2 non-ASCII characters] > Accept: */* > [2 non-ASCII characters] > Accept-Language: en-us > [2 non-ASCII characters] > Accept-Encoding: gzip, deflate > [2 non-ASCII characters] > > User-Agent: MSMSGS > [2 non-ASCII characters] > Host: 207.46.106.23 > [2 non-ASCII characters] > Proxy-Connection: Keep-Alive > [2 non-ASCII characters] > > Connection: Keep-Alive > [2 non-ASCII characters] > Pragma: no-cache > [2 non-ASCII characters] > Content-Type: application/x-msn-messenger > [2 non-ASCII characters] > > Content-Length: 0 > [3 non-ASCII characters] > > > These packets match with ET WEB Proxy POST Request but I think will be > useful a rule to detect MSN related activity using Content-type or > User-agent fields. > > alert tcp $HOME_NET any <> $EXTERNAL_NET any (msg:"ET CHAT MSN > activity"; flow: established; content:"Content-Type|3A|"; nocase; > distance: 0; content:"application/x-msn-messenger"; nocase; classtype: > policy-violation; > reference:url,www.hypothetic.org/docs/msn/general/http_examples.php > ; sid:; rev:;) > > alert tcp $HOME_NET any -> $EXTERNAL_NET any (msg:"ET CHAT MSN > activity"; flow: established,to_server; content: "User-Agent\: MSMSGS"; > nocase; classtype: policy-violation; > reference:url,www.hypothetic.org/docs/msn/general/http_examples.php > ; sid:; rev:;) > > Regards > > -- > _______________________________ > > Jaime Blasco > > www.ossim.com > www.alienvault.com > Email: jaime.blasco at alienvault.com > > > ------------------------------------------------------------------------ > > _______________________________________________ > Emerging-sigs mailing list > Emerging-sigs at emergingthreats.net > http://lists.emergingthreats.net/mailman/listinfo/emerging-sigs -- -------------------------------------------- Matthew Jonkman Emerging Threats Phone 765-429-0398 Fax 312-264-0205 http://www.emergingthreats.net -------------------------------------------- PGP: http://www.jonkmans.com/mattjonkman.asc From emerging at emergingthreats.net Wed Jun 3 16:00:09 2009 From: emerging at emergingthreats.net (emerging@emergingthreats.net) Date: Wed, 3 Jun 2009 16:00:09 -0400 (EDT) Subject: [Emerging-Sigs] Emerging Threats Daily Signature Changes Message-ID: <20090603200009.C79B94504A@goliath.jonkmans.com> [***] Results from Oinkmaster started Wed Jun 3 16:00:09 2009 [***] [+++] Added rules: [+++] 2009375 - ET POLICY General MSN Chat Activity (emerging-policy.rules) 2009376 - ET POLICY MSN User-Agent Activity (emerging-policy.rules) [+++] Added non-rule lines: [+++] -> Added to emerging-policy.rules (1): #bu Jaime Blasco -> Added to emerging-sid-msg.map (2): 2009375 || ET POLICY General MSN Chat Activity || url,www.hypothetic.org/docs/msn/general/http_examples.php 2009376 || ET POLICY MSN User-Agent Activity || url,www.hypothetic.org/docs/msn/general/http_examples.php -> Added to emerging-sid-msg.map.txt (2): 2009375 || ET POLICY General MSN Chat Activity || url,www.hypothetic.org/docs/msn/general/http_examples.php 2009376 || ET POLICY MSN User-Agent Activity || url,www.hypothetic.org/docs/msn/general/http_examples.php [---] Removed non-rule lines: [---] -> Removed from emerging-sid-msg.map (10): 2404024 || ET DROP Known Bot C&C Server Traffic (group 25) || url,www.shadowserver.org 2405024 || ET DROP Known Bot C&C Traffic (group 25) - BLOCKING SOURCE || url,www.shadowserver.org 2500274 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (138) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500275 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (138) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500276 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (139) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500277 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (139) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510274 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (138) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510275 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (138) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510276 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (139) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510277 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (139) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts -> Removed from emerging-sid-msg.map.txt (10): 2404024 || ET DROP Known Bot C&C Server Traffic (group 25) || url,www.shadowserver.org 2405024 || ET DROP Known Bot C&C Traffic (group 25) - BLOCKING SOURCE || url,www.shadowserver.org 2500274 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (138) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500275 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (138) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500276 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (139) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500277 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (139) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510274 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (138) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510275 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (138) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510276 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (139) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510277 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (139) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts From jaime.blasco at alienvault.com Thu Jun 4 11:11:59 2009 From: jaime.blasco at alienvault.com (Jaime Blasco) Date: Thu, 4 Jun 2009 17:11:59 +0200 Subject: [Emerging-Sigs] PPTP Message-ID: <53834cf20906040811h668cb664tbbcd7c1601a7bf30@mail.gmail.com> Hi all, I was looking for some rules to detect PPTP not authorized responses. On snort we only have a rule to detect Start Control Requests sid:2126 As described on the rfc: http://tools.ietf.org/html/rfc2637 this rule might work to detect attempts to connect to pptp denied by the server. alert tcp $EXTERNAL_NET any -> $HOME_NET 1723 (msg:"ET POLICY PPTP Requester is not authorized to establish a command channel"; flow:to_server,established,no_stream; content:"|00 01|"; depth:2; offset:2; content:"|00 02|"; depth:2; offset:8; content:"|04|; depth:1; offset:12; classtype:attempted-admin; reference:url,tools.ietf.org/html/rfc2637; sid:; rev:1;) -- _______________________________ Jaime Blasco www.ossim.com www.alienvault.com Email: jaime.blasco at alienvault.com -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.emergingthreats.net/pipermail/emerging-sigs/attachments/20090604/29573716/attachment.html From jaime.blasco at alienvault.com Thu Jun 4 11:18:10 2009 From: jaime.blasco at alienvault.com (Jaime Blasco) Date: Thu, 4 Jun 2009 17:18:10 +0200 Subject: [Emerging-Sigs] PPTP In-Reply-To: <53834cf20906040811h668cb664tbbcd7c1601a7bf30@mail.gmail.com> References: <53834cf20906040811h668cb664tbbcd7c1601a7bf30@mail.gmail.com> Message-ID: <53834cf20906040818h1311b1ffof3a998172687682a@mail.gmail.com> Sorry there is an error on the rule I've posted. The src port must be 1723 not the dst port: alert tcp $EXTERNAL_NET 1723 -> $HOME_NET any (msg:"ET POLICY PPTP Requester is not authorized to establish a command channel"; flow:to_server,established,no_stream; content:"|00 01|"; depth:2; offset:2; content:"|00 02|"; depth:2; offset:8; content:"|04|; depth:1; offset:12; classtype:attempted-admin; reference:url,tools.ietf.org/html/rfc2637; sid:; rev:1;) 2009/6/4 Jaime Blasco > Hi all, > > I was looking for some rules to detect PPTP not authorized responses. > > On snort we only have a rule to detect Start Control Requests sid:2126 > > As described on the rfc: http://tools.ietf.org/html/rfc2637 this rule > might work to detect attempts to connect to pptp denied by the server. > > alert tcp $EXTERNAL_NET any -> $HOME_NET 1723 (msg:"ET POLICY PPTP > Requester is not authorized to establish a command channel"; > flow:to_server,established,no_stream; content:"|00 01|"; depth:2; offset:2; > content:"|00 02|"; depth:2; offset:8; content:"|04|; depth:1; offset:12; > classtype:attempted-admin; reference:url,tools.ietf.org/html/rfc2637; > sid:; rev:1;) > > > -- > _______________________________ > > Jaime Blasco > > www.ossim.com > www.alienvault.com > Email: jaime.blasco at alienvault.com > > -- _______________________________ Jaime Blasco www.ossim.com www.alienvault.com Email: jaime.blasco at alienvault.com -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.emergingthreats.net/pipermail/emerging-sigs/attachments/20090604/d042e8ff/attachment.html From pepperjack at afferentsecurity.com Thu Jun 4 11:58:41 2009 From: pepperjack at afferentsecurity.com (Jack Pepper) Date: Thu, 04 Jun 2009 10:58:41 -0500 Subject: [Emerging-Sigs] PPTP In-Reply-To: <53834cf20906040818h1311b1ffof3a998172687682a@mail.gmail.com> References: <53834cf20906040811h668cb664tbbcd7c1601a7bf30@mail.gmail.com> <53834cf20906040818h1311b1ffof3a998172687682a@mail.gmail.com> Message-ID: <20090604105841.4hteezu7lwkwgo8c@mail.afferentsecurity.com> and SRC should be HOME_NET, DST=EXTERNAL_NET, right? jp Quoting Jaime Blasco : > Sorry there is an error on the rule I've posted. The src port must be 1723 > not the dst port: > > alert tcp $EXTERNAL_NET 1723 -> $HOME_NET any (msg:"ET POLICY PPTP Requester > is not authorized to establish a command channel"; > flow:to_server,established,no_stream; content:"|00 01|"; depth:2; offset:2; > content:"|00 02|"; depth:2; offset:8; content:"|04|; depth:1; offset:12; > classtype:attempted-admin; reference:url,tools.ietf.org/html/rfc2637; sid:; > rev:1;) > > > > 2009/6/4 Jaime Blasco > >> Hi all, >> >> I was looking for some rules to detect PPTP not authorized responses. >> >> On snort we only have a rule to detect Start Control Requests sid:2126 >> >> As described on the rfc: http://tools.ietf.org/html/rfc2637 this rule >> might work to detect attempts to connect to pptp denied by the server. >> >> alert tcp $EXTERNAL_NET any -> $HOME_NET 1723 (msg:"ET POLICY PPTP >> Requester is not authorized to establish a command channel"; >> flow:to_server,established,no_stream; content:"|00 01|"; depth:2; offset:2; >> content:"|00 02|"; depth:2; offset:8; content:"|04|; depth:1; offset:12; >> classtype:attempted-admin; reference:url,tools.ietf.org/html/rfc2637; >> sid:; rev:1;) >> >> >> -- >> _______________________________ >> >> Jaime Blasco >> >> www.ossim.com >> www.alienvault.com >> Email: jaime.blasco at alienvault.com >> >> > > > -- > _______________________________ > > Jaime Blasco > > www.ossim.com > www.alienvault.com > Email: jaime.blasco at alienvault.com > -- Framework? I don't need no stinking framework! ---------------------------------------------------------------- @fferent Security Labs: Isolate/Insulate/Innovate http://www.afferentsecurity.com From jaime.blasco at alienvault.com Thu Jun 4 12:02:45 2009 From: jaime.blasco at alienvault.com (Jaime Blasco) Date: Thu, 4 Jun 2009 18:02:45 +0200 Subject: [Emerging-Sigs] PPTP In-Reply-To: <20090604105841.4hteezu7lwkwgo8c@mail.afferentsecurity.com> References: <53834cf20906040811h668cb664tbbcd7c1601a7bf30@mail.gmail.com> <53834cf20906040818h1311b1ffof3a998172687682a@mail.gmail.com> <20090604105841.4hteezu7lwkwgo8c@mail.afferentsecurity.com> Message-ID: <53834cf20906040902u6474e18dg5951b579ee74a97c@mail.gmail.com> Yeah, Thanks Regards 2009/6/4 Jack Pepper > and SRC should be HOME_NET, DST=EXTERNAL_NET, right? > > jp > > Quoting Jaime Blasco : > > > Sorry there is an error on the rule I've posted. The src port must be > 1723 > > not the dst port: > > > > alert tcp $EXTERNAL_NET 1723 -> $HOME_NET any (msg:"ET POLICY PPTP > Requester > > is not authorized to establish a command channel"; > > flow:to_server,established,no_stream; content:"|00 01|"; depth:2; > offset:2; > > content:"|00 02|"; depth:2; offset:8; content:"|04|; depth:1; offset:12; > > classtype:attempted-admin; reference:url,tools.ietf.org/html/rfc2637; > sid:; > > rev:1;) > > > > > > > > 2009/6/4 Jaime Blasco > > > >> Hi all, > >> > >> I was looking for some rules to detect PPTP not authorized responses. > >> > >> On snort we only have a rule to detect Start Control Requests sid:2126 > >> > >> As described on the rfc: http://tools.ietf.org/html/rfc2637 this rule > >> might work to detect attempts to connect to pptp denied by the server. > >> > >> alert tcp $EXTERNAL_NET any -> $HOME_NET 1723 (msg:"ET POLICY PPTP > >> Requester is not authorized to establish a command channel"; > >> flow:to_server,established,no_stream; content:"|00 01|"; depth:2; > offset:2; > >> content:"|00 02|"; depth:2; offset:8; content:"|04|; depth:1; offset:12; > >> classtype:attempted-admin; reference:url,tools.ietf.org/html/rfc2637; > >> sid:; rev:1;) > >> > >> > >> -- > >> _______________________________ > >> > >> Jaime Blasco > >> > >> www.ossim.com > >> www.alienvault.com > >> Email: jaime.blasco at alienvault.com > >> > >> > > > > > > -- > > _______________________________ > > > > Jaime Blasco > > > > www.ossim.com > > www.alienvault.com > > Email: jaime.blasco at alienvault.com > > > > -- > > Framework? I don't need no stinking framework! > > ---------------------------------------------------------------- > @fferent Security Labs: Isolate/Insulate/Innovate > http://www.afferentsecurity.com > > _______________________________________________ > Emerging-sigs mailing list > Emerging-sigs at emergingthreats.net > http://lists.emergingthreats.net/mailman/listinfo/emerging-sigs > -- _______________________________ Jaime Blasco www.ossim.com www.alienvault.com Email: jaime.blasco at alienvault.com -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.emergingthreats.net/pipermail/emerging-sigs/attachments/20090604/996d672e/attachment.html From phatbuckett at gmail.com Thu Jun 4 15:23:39 2009 From: phatbuckett at gmail.com (Darren Spruell) Date: Thu, 4 Jun 2009 12:23:39 -0700 Subject: [Emerging-Sigs] BManager communication In-Reply-To: <4A142EDA.9050505@jonkmans.com> References: <839aec700905130903j772857fcwdcf65406f5c881ef@mail.gmail.com> <839aec700905191828n24bf7b28i15c275caeacc2f30@mail.gmail.com> <4A142EDA.9050505@jonkmans.com> Message-ID: <839aec700906041223n4abf5681q94f4e8a26db5f9ba@mail.gmail.com> I also put together this signature to detect the response payload coming back from the controller with a package of binaries for the victim: alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET TROJAN Bredolab Downloader Response Binaries from Controller"; flow:established,from_server; content:"|0d 0a|Entity-Info|3a|"; nocase; content:"|0d 0a|Magic-Number|3a|"; nocase; pcre:"/\x0d\x0aEntity-Info\x3a\s+\d+\x3a\d+/"; pcre:"/\x0d\x0aMagic-Number\x3a\s+\d+\|\d+/"; classtype:trojan-activity; reference:url,www.microsoft.com/security/portal/Entry.aspx?Name=TrojanDownloader\:Win32/Bredolab.B; sid:XXXXXXX; rev:1; ) As the content checks themselves are pretty unique the pcres might be overkill. I also don't know if this might FP on nonevents like reading about the trojan response on a web page (headers are anchored to CRLFs, could maybe consider a flowbit check if set on the original outbound request or something.) DS On Wed, May 20, 2009 at 9:24 AM, Matt Jonkman wrote: > Posting now, thanks Darren! Great research. > > Matt > > Darren Spruell wrote: >> On Wed, May 13, 2009 at 9:03 AM, Darren Spruell wrote: >>> Looks to be a downloader communicating with backend management kit, >>> characteristic URLs: >>> >>> hXXp://websitecheck.cn/nr/controller.php?action=bot&entity_list=&uid=&first=1&guid=5421361321&rnd=874493 >>> ? hXXp://turokgame.cn/bm/controller.php?action=bot&entity_list=&uid=1&first=1&guid=3858361321&rnd=923635 >>> ?hXXp://78.109.29.112/new/controller.php?action=bot&entity_list=&uid=1&first=1&guid=3970894049&rnd=981633 >>> >>> Related (later stage) >>> >>> ?hXXp://78.109.29.112/new/controller.php?action=report&guid=0&rnd=981633&uid=1&entity=1239013921:unique_start;1239013932:unique_start;1239013964:unique_start;1239022982:unique_start;1239024633:unique_start;1239875139:unique_start >>> >>> http://www.threatexpert.com/report.aspx?md5=ffe09f9b2470575727ea72bcb3ebce0a >>> >>> Microsoft calls it Bredolab, others some variant of Downloader. >> >> The Bredolab naming seems to be taking it; BManager is apparently only >> the backend controller. MMPC reports Bredolab as responsible for >> dropping a number of other prevalent threats on victim hosts: >> >> "Bredolab is notorious for installing prevalent spam bots such as >> Rustock, Cutwail, Srizbi, Tedroo and Rlsloup." >> >> http://blogs.technet.com/mmpc/archive/2009/04/14/wheres-waledac.aspx >> >> Updated rules: >> >> alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET TROJAN >> Bredolab Downloader Communicating With Controller (1)"; >> flow:established,to_server; uricontent:"action="; nocase; >> uricontent:"&entity_list="; nocase; uricontent:"&uid="; nocase; >> uricontent:"&first="; uricontent:"&guid="; nocase; uricontent:"&rnd="; >> nocase; classtype:trojan-activity; >> reference:url,www.microsoft.com/security/portal/Entry.aspx?Name=TrojanDownloader:Win32/Bredolab.B; >> sid:XXXXXXX; rev:2;) >> >> alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET TROJAN >> Bredolab Downloader Communicating With Controller (2)"; >> flow:established,to_server; uricontent:"action="; nocase; >> uricontent:"&guid="; nocase; uricontent:"&rnd="; nocase; >> uricontent:"&uid="; nocase; uricontent:"&entity="; nocase; >> classtype:trojan-activity; >> reference:url,www.microsoft.com/security/portal/Entry.aspx?Name=TrojanDownloader:Win32/Bredolab.B; >> sid:XXXXXXX; rev:2;) >> > > -- > -------------------------------------------- > Matthew Jonkman > Emerging Threats > Phone 765-429-0398 > Fax 312-264-0205 > http://www.emergingthreats.net > -------------------------------------------- > > PGP: http://www.jonkmans.com/mattjonkman.asc > > > -- Darren Spruell phatbuckett at gmail.com From emerging at emergingthreats.net Thu Jun 4 16:00:11 2009 From: emerging at emergingthreats.net (emerging@emergingthreats.net) Date: Thu, 4 Jun 2009 16:00:11 -0400 (EDT) Subject: [Emerging-Sigs] Emerging Threats Daily Signature Changes Message-ID: <20090604200011.721454504A@goliath.jonkmans.com> [***] Results from Oinkmaster started Thu Jun 4 16:00:11 2009 [***] [///] Modified active rules: [///] 2406000 - ET RBN Known Russian Business Network IP TCP (1) (emerging-rbn.rules) 2406001 - ET RBN Known Russian Business Network IP UDP (1) (emerging-rbn.rules) 2406002 - ET RBN Known Russian Business Network IP TCP (2) (emerging-rbn.rules) 2406003 - ET RBN Known Russian Business Network IP UDP (2) (emerging-rbn.rules) 2406004 - ET RBN Known Russian Business Network IP TCP (3) (emerging-rbn.rules) 2406005 - ET RBN Known Russian Business Network IP UDP (3) (emerging-rbn.rules) 2406006 - ET RBN Known Russian Business Network IP TCP (4) (emerging-rbn.rules) 2406007 - ET RBN Known Russian Business Network IP UDP (4) (emerging-rbn.rules) 2406008 - ET RBN Known Russian Business Network IP TCP (5) (emerging-rbn.rules) 2406009 - ET RBN Known Russian Business Network IP UDP (5) (emerging-rbn.rules) 2406010 - ET RBN Known Russian Business Network IP TCP (6) (emerging-rbn.rules) 2406011 - ET RBN Known Russian Business Network IP UDP (6) (emerging-rbn.rules) 2406012 - ET RBN Known Russian Business Network IP TCP (7) (emerging-rbn.rules) 2406013 - ET RBN Known Russian Business Network IP UDP (7) (emerging-rbn.rules) 2406014 - ET RBN Known Russian Business Network IP TCP (8) (emerging-rbn.rules) 2406015 - ET RBN Known Russian Business Network IP UDP (8) (emerging-rbn.rules) 2406016 - ET RBN Known Russian Business Network IP TCP (9) (emerging-rbn.rules) 2406017 - ET RBN Known Russian Business Network IP UDP (9) (emerging-rbn.rules) 2406018 - ET RBN Known Russian Business Network IP TCP (10) (emerging-rbn.rules) 2406019 - ET RBN Known Russian Business Network IP UDP (10) (emerging-rbn.rules) 2406020 - ET RBN Known Russian Business Network IP TCP (11) (emerging-rbn.rules) 2406021 - ET RBN Known Russian Business Network IP UDP (11) (emerging-rbn.rules) 2406022 - ET RBN Known Russian Business Network IP TCP (12) (emerging-rbn.rules) 2406023 - ET RBN Known Russian Business Network IP UDP (12) (emerging-rbn.rules) 2406024 - ET RBN Known Russian Business Network IP TCP (13) (emerging-rbn.rules) 2406025 - ET RBN Known Russian Business Network IP UDP (13) (emerging-rbn.rules) 2406026 - ET RBN Known Russian Business Network IP TCP (14) (emerging-rbn.rules) 2406027 - ET RBN Known Russian Business Network IP UDP (14) (emerging-rbn.rules) 2406028 - ET RBN Known Russian Business Network IP TCP (15) (emerging-rbn.rules) 2406029 - ET RBN Known Russian Business Network IP UDP (15) (emerging-rbn.rules) 2406030 - ET RBN Known Russian Business Network IP TCP (16) (emerging-rbn.rules) 2406031 - ET RBN Known Russian Business Network IP UDP (16) (emerging-rbn.rules) 2406032 - ET RBN Known Russian Business Network IP TCP (17) (emerging-rbn.rules) 2406033 - ET RBN Known Russian Business Network IP UDP (17) (emerging-rbn.rules) 2406034 - ET RBN Known Russian Business Network IP TCP (18) (emerging-rbn.rules) 2406035 - ET RBN Known Russian Business Network IP UDP (18) (emerging-rbn.rules) 2406036 - ET RBN Known Russian Business Network IP TCP (19) (emerging-rbn.rules) 2406037 - ET RBN Known Russian Business Network IP UDP (19) (emerging-rbn.rules) 2406038 - ET RBN Known Russian Business Network IP TCP (20) (emerging-rbn.rules) 2406039 - ET RBN Known Russian Business Network IP UDP (20) (emerging-rbn.rules) 2406040 - ET RBN Known Russian Business Network IP TCP (21) (emerging-rbn.rules) 2406041 - ET RBN Known Russian Business Network IP UDP (21) (emerging-rbn.rules) 2406042 - ET RBN Known Russian Business Network IP TCP (22) (emerging-rbn.rules) 2406043 - ET RBN Known Russian Business Network IP UDP (22) (emerging-rbn.rules) 2406044 - ET RBN Known Russian Business Network IP TCP (23) (emerging-rbn.rules) 2406045 - ET RBN Known Russian Business Network IP UDP (23) (emerging-rbn.rules) 2406046 - ET RBN Known Russian Business Network IP TCP (24) (emerging-rbn.rules) 2406047 - ET RBN Known Russian Business Network IP UDP (24) (emerging-rbn.rules) 2406048 - ET RBN Known Russian Business Network IP TCP (25) (emerging-rbn.rules) 2406049 - ET RBN Known Russian Business Network IP UDP (25) (emerging-rbn.rules) 2406050 - ET RBN Known Russian Business Network IP TCP (26) (emerging-rbn.rules) 2406051 - ET RBN Known Russian Business Network IP UDP (26) (emerging-rbn.rules) 2406052 - ET RBN Known Russian Business Network IP TCP (27) (emerging-rbn.rules) 2406053 - ET RBN Known Russian Business Network IP UDP (27) (emerging-rbn.rules) 2406054 - ET RBN Known Russian Business Network IP TCP (28) (emerging-rbn.rules) 2406055 - ET RBN Known Russian Business Network IP UDP (28) (emerging-rbn.rules) 2406056 - ET RBN Known Russian Business Network IP TCP (29) (emerging-rbn.rules) 2406057 - ET RBN Known Russian Business Network IP UDP (29) (emerging-rbn.rules) 2406058 - ET RBN Known Russian Business Network IP TCP (30) (emerging-rbn.rules) 2406059 - ET RBN Known Russian Business Network IP UDP (30) (emerging-rbn.rules) 2406060 - ET RBN Known Russian Business Network IP TCP (31) (emerging-rbn.rules) 2406061 - ET RBN Known Russian Business Network IP UDP (31) (emerging-rbn.rules) 2406062 - ET RBN Known Russian Business Network IP TCP (32) (emerging-rbn.rules) 2406063 - ET RBN Known Russian Business Network IP UDP (32) (emerging-rbn.rules) 2406064 - ET RBN Known Russian Business Network IP TCP (33) (emerging-rbn.rules) 2406065 - ET RBN Known Russian Business Network IP UDP (33) (emerging-rbn.rules) 2406066 - ET RBN Known Russian Business Network IP TCP (34) (emerging-rbn.rules) 2406067 - ET RBN Known Russian Business Network IP UDP (34) (emerging-rbn.rules) 2406068 - ET RBN Known Russian Business Network IP TCP (35) (emerging-rbn.rules) 2406069 - ET RBN Known Russian Business Network IP UDP (35) (emerging-rbn.rules) 2406070 - ET RBN Known Russian Business Network IP TCP (36) (emerging-rbn.rules) 2406071 - ET RBN Known Russian Business Network IP UDP (36) (emerging-rbn.rules) 2406072 - ET RBN Known Russian Business Network IP TCP (37) (emerging-rbn.rules) 2406073 - ET RBN Known Russian Business Network IP UDP (37) (emerging-rbn.rules) 2406074 - ET RBN Known Russian Business Network IP TCP (38) (emerging-rbn.rules) 2406075 - ET RBN Known Russian Business Network IP UDP (38) (emerging-rbn.rules) 2406076 - ET RBN Known Russian Business Network IP TCP (39) (emerging-rbn.rules) 2406077 - ET RBN Known Russian Business Network IP UDP (39) (emerging-rbn.rules) 2406078 - ET RBN Known Russian Business Network IP TCP (40) (emerging-rbn.rules) 2406079 - ET RBN Known Russian Business Network IP UDP (40) (emerging-rbn.rules) 2406080 - ET RBN Known Russian Business Network IP TCP (41) (emerging-rbn.rules) 2406081 - ET RBN Known Russian Business Network IP UDP (41) (emerging-rbn.rules) 2406082 - ET RBN Known Russian Business Network IP TCP (42) (emerging-rbn.rules) 2406083 - ET RBN Known Russian Business Network IP UDP (42) (emerging-rbn.rules) 2406084 - ET RBN Known Russian Business Network IP TCP (43) (emerging-rbn.rules) 2406085 - ET RBN Known Russian Business Network IP UDP (43) (emerging-rbn.rules) 2406086 - ET RBN Known Russian Business Network IP TCP (44) (emerging-rbn.rules) 2406087 - ET RBN Known Russian Business Network IP UDP (44) (emerging-rbn.rules) 2406088 - ET RBN Known Russian Business Network IP TCP (45) (emerging-rbn.rules) 2406089 - ET RBN Known Russian Business Network IP UDP (45) (emerging-rbn.rules) 2406090 - ET RBN Known Russian Business Network IP TCP (46) (emerging-rbn.rules) 2406091 - ET RBN Known Russian Business Network IP UDP (46) (emerging-rbn.rules) 2406092 - ET RBN Known Russian Business Network IP TCP (47) (emerging-rbn.rules) 2406093 - ET RBN Known Russian Business Network IP UDP (47) (emerging-rbn.rules) 2406094 - ET RBN Known Russian Business Network IP TCP (48) (emerging-rbn.rules) 2406095 - ET RBN Known Russian Business Network IP UDP (48) (emerging-rbn.rules) 2406096 - ET RBN Known Russian Business Network IP TCP (49) (emerging-rbn.rules) 2406097 - ET RBN Known Russian Business Network IP UDP (49) (emerging-rbn.rules) 2406098 - ET RBN Known Russian Business Network IP TCP (50) (emerging-rbn.rules) 2406099 - ET RBN Known Russian Business Network IP UDP (50) (emerging-rbn.rules) 2406100 - ET RBN Known Russian Business Network IP TCP (51) (emerging-rbn.rules) 2406101 - ET RBN Known Russian Business Network IP UDP (51) (emerging-rbn.rules) 2406102 - ET RBN Known Russian Business Network IP TCP (52) (emerging-rbn.rules) 2406103 - ET RBN Known Russian Business Network IP UDP (52) (emerging-rbn.rules) 2406104 - ET RBN Known Russian Business Network IP TCP (53) (emerging-rbn.rules) 2406105 - ET RBN Known Russian Business Network IP UDP (53) (emerging-rbn.rules) 2406106 - ET RBN Known Russian Business Network IP TCP (54) (emerging-rbn.rules) 2406107 - ET RBN Known Russian Business Network IP UDP (54) (emerging-rbn.rules) 2406108 - ET RBN Known Russian Business Network IP TCP (55) (emerging-rbn.rules) 2406109 - ET RBN Known Russian Business Network IP UDP (55) (emerging-rbn.rules) 2406110 - ET RBN Known Russian Business Network IP TCP (56) (emerging-rbn.rules) 2406111 - ET RBN Known Russian Business Network IP UDP (56) (emerging-rbn.rules) 2406112 - ET RBN Known Russian Business Network IP TCP (57) (emerging-rbn.rules) 2406113 - ET RBN Known Russian Business Network IP UDP (57) (emerging-rbn.rules) 2406114 - ET RBN Known Russian Business Network IP TCP (58) (emerging-rbn.rules) 2406115 - ET RBN Known Russian Business Network IP UDP (58) (emerging-rbn.rules) 2406116 - ET RBN Known Russian Business Network IP TCP (59) (emerging-rbn.rules) 2406117 - ET RBN Known Russian Business Network IP UDP (59) (emerging-rbn.rules) 2406118 - ET RBN Known Russian Business Network IP TCP (60) (emerging-rbn.rules) 2406119 - ET RBN Known Russian Business Network IP UDP (60) (emerging-rbn.rules) 2406120 - ET RBN Known Russian Business Network IP TCP (61) (emerging-rbn.rules) 2406121 - ET RBN Known Russian Business Network IP UDP (61) (emerging-rbn.rules) 2406122 - ET RBN Known Russian Business Network IP TCP (62) (emerging-rbn.rules) 2406123 - ET RBN Known Russian Business Network IP UDP (62) (emerging-rbn.rules) 2406124 - ET RBN Known Russian Business Network IP TCP (63) (emerging-rbn.rules) 2406125 - ET RBN Known Russian Business Network IP UDP (63) (emerging-rbn.rules) 2406126 - ET RBN Known Russian Business Network IP TCP (64) (emerging-rbn.rules) 2406127 - ET RBN Known Russian Business Network IP UDP (64) (emerging-rbn.rules) 2406128 - ET RBN Known Russian Business Network IP TCP (65) (emerging-rbn.rules) 2406129 - ET RBN Known Russian Business Network IP UDP (65) (emerging-rbn.rules) 2406130 - ET RBN Known Russian Business Network IP TCP (66) (emerging-rbn.rules) 2406131 - ET RBN Known Russian Business Network IP UDP (66) (emerging-rbn.rules) 2406132 - ET RBN Known Russian Business Network IP TCP (67) (emerging-rbn.rules) 2406133 - ET RBN Known Russian Business Network IP UDP (67) (emerging-rbn.rules) 2406134 - ET RBN Known Russian Business Network IP TCP (68) (emerging-rbn.rules) 2406135 - ET RBN Known Russian Business Network IP UDP (68) (emerging-rbn.rules) 2406136 - ET RBN Known Russian Business Network IP TCP (69) (emerging-rbn.rules) 2406137 - ET RBN Known Russian Business Network IP UDP (69) (emerging-rbn.rules) 2406138 - ET RBN Known Russian Business Network IP TCP (70) (emerging-rbn.rules) 2406139 - ET RBN Known Russian Business Network IP UDP (70) (emerging-rbn.rules) 2406140 - ET RBN Known Russian Business Network IP TCP (71) (emerging-rbn.rules) 2406141 - ET RBN Known Russian Business Network IP UDP (71) (emerging-rbn.rules) 2406142 - ET RBN Known Russian Business Network IP TCP (72) (emerging-rbn.rules) 2406143 - ET RBN Known Russian Business Network IP UDP (72) (emerging-rbn.rules) 2406144 - ET RBN Known Russian Business Network IP TCP (73) (emerging-rbn.rules) 2406145 - ET RBN Known Russian Business Network IP UDP (73) (emerging-rbn.rules) 2406146 - ET RBN Known Russian Business Network IP TCP (74) (emerging-rbn.rules) 2406147 - ET RBN Known Russian Business Network IP UDP (74) (emerging-rbn.rules) 2406148 - ET RBN Known Russian Business Network IP TCP (75) (emerging-rbn.rules) 2406149 - ET RBN Known Russian Business Network IP UDP (75) (emerging-rbn.rules) 2406150 - ET RBN Known Russian Business Network IP TCP (76) (emerging-rbn.rules) 2406151 - ET RBN Known Russian Business Network IP UDP (76) (emerging-rbn.rules) 2406152 - ET RBN Known Russian Business Network IP TCP (77) (emerging-rbn.rules) 2406153 - ET RBN Known Russian Business Network IP UDP (77) (emerging-rbn.rules) 2406154 - ET RBN Known Russian Business Network IP TCP (78) (emerging-rbn.rules) 2406155 - ET RBN Known Russian Business Network IP UDP (78) (emerging-rbn.rules) 2406156 - ET RBN Known Russian Business Network IP TCP (79) (emerging-rbn.rules) 2406157 - ET RBN Known Russian Business Network IP UDP (79) (emerging-rbn.rules) 2406158 - ET RBN Known Russian Business Network IP TCP (80) (emerging-rbn.rules) 2406159 - ET RBN Known Russian Business Network IP UDP (80) (emerging-rbn.rules) 2406160 - ET RBN Known Russian Business Network IP TCP (81) (emerging-rbn.rules) 2406161 - ET RBN Known Russian Business Network IP UDP (81) (emerging-rbn.rules) 2406162 - ET RBN Known Russian Business Network IP TCP (82) (emerging-rbn.rules) 2406163 - ET RBN Known Russian Business Network IP UDP (82) (emerging-rbn.rules) 2406164 - ET RBN Known Russian Business Network IP TCP (83) (emerging-rbn.rules) 2406165 - ET RBN Known Russian Business Network IP UDP (83) (emerging-rbn.rules) 2406166 - ET RBN Known Russian Business Network IP TCP (84) (emerging-rbn.rules) 2406167 - ET RBN Known Russian Business Network IP UDP (84) (emerging-rbn.rules) 2406168 - ET RBN Known Russian Business Network IP TCP (85) (emerging-rbn.rules) 2406169 - ET RBN Known Russian Business Network IP UDP (85) (emerging-rbn.rules) 2406170 - ET RBN Known Russian Business Network IP TCP (86) (emerging-rbn.rules) 2406171 - ET RBN Known Russian Business Network IP UDP (86) (emerging-rbn.rules) 2406172 - ET RBN Known Russian Business Network IP TCP (87) (emerging-rbn.rules) 2406173 - ET RBN Known Russian Business Network IP UDP (87) (emerging-rbn.rules) 2406174 - ET RBN Known Russian Business Network IP TCP (88) (emerging-rbn.rules) 2406175 - ET RBN Known Russian Business Network IP UDP (88) (emerging-rbn.rules) 2406176 - ET RBN Known Russian Business Network IP TCP (89) (emerging-rbn.rules) 2406177 - ET RBN Known Russian Business Network IP UDP (89) (emerging-rbn.rules) 2406178 - ET RBN Known Russian Business Network IP TCP (90) (emerging-rbn.rules) 2406179 - ET RBN Known Russian Business Network IP UDP (90) (emerging-rbn.rules) 2406180 - ET RBN Known Russian Business Network IP TCP (91) (emerging-rbn.rules) 2406181 - ET RBN Known Russian Business Network IP UDP (91) (emerging-rbn.rules) 2406182 - ET RBN Known Russian Business Network IP TCP (92) (emerging-rbn.rules) 2406183 - ET RBN Known Russian Business Network IP UDP (92) (emerging-rbn.rules) 2406184 - ET RBN Known Russian Business Network IP TCP (93) (emerging-rbn.rules) 2406185 - ET RBN Known Russian Business Network IP UDP (93) (emerging-rbn.rules) 2406186 - ET RBN Known Russian Business Network IP TCP (94) (emerging-rbn.rules) 2406187 - ET RBN Known Russian Business Network IP UDP (94) (emerging-rbn.rules) 2406188 - ET RBN Known Russian Business Network IP TCP (95) (emerging-rbn.rules) 2406189 - ET RBN Known Russian Business Network IP UDP (95) (emerging-rbn.rules) 2406190 - ET RBN Known Russian Business Network IP TCP (96) (emerging-rbn.rules) 2406191 - ET RBN Known Russian Business Network IP UDP (96) (emerging-rbn.rules) 2406192 - ET RBN Known Russian Business Network IP TCP (97) (emerging-rbn.rules) 2406193 - ET RBN Known Russian Business Network IP UDP (97) (emerging-rbn.rules) 2406194 - ET RBN Known Russian Business Network IP TCP (98) (emerging-rbn.rules) 2406195 - ET RBN Known Russian Business Network IP UDP (98) (emerging-rbn.rules) 2406196 - ET RBN Known Russian Business Network IP TCP (99) (emerging-rbn.rules) 2406197 - ET RBN Known Russian Business Network IP UDP (99) (emerging-rbn.rules) 2406198 - ET RBN Known Russian Business Network IP TCP (100) (emerging-rbn.rules) 2406199 - ET RBN Known Russian Business Network IP UDP (100) (emerging-rbn.rules) 2406200 - ET RBN Known Russian Business Network IP TCP (101) (emerging-rbn.rules) 2406201 - ET RBN Known Russian Business Network IP UDP (101) (emerging-rbn.rules) 2406202 - ET RBN Known Russian Business Network IP TCP (102) (emerging-rbn.rules) 2406203 - ET RBN Known Russian Business Network IP UDP (102) (emerging-rbn.rules) 2406204 - ET RBN Known Russian Business Network IP TCP (103) (emerging-rbn.rules) 2406205 - ET RBN Known Russian Business Network IP UDP (103) (emerging-rbn.rules) 2406206 - ET RBN Known Russian Business Network IP TCP (104) (emerging-rbn.rules) 2406207 - ET RBN Known Russian Business Network IP UDP (104) (emerging-rbn.rules) 2406208 - ET RBN Known Russian Business Network IP TCP (105) (emerging-rbn.rules) 2406209 - ET RBN Known Russian Business Network IP UDP (105) (emerging-rbn.rules) 2406210 - ET RBN Known Russian Business Network IP TCP (106) (emerging-rbn.rules) 2406211 - ET RBN Known Russian Business Network IP UDP (106) (emerging-rbn.rules) 2406212 - ET RBN Known Russian Business Network IP TCP (107) (emerging-rbn.rules) 2406213 - ET RBN Known Russian Business Network IP UDP (107) (emerging-rbn.rules) 2406214 - ET RBN Known Russian Business Network IP TCP (108) (emerging-rbn.rules) 2406215 - ET RBN Known Russian Business Network IP UDP (108) (emerging-rbn.rules) 2406216 - ET RBN Known Russian Business Network IP TCP (109) (emerging-rbn.rules) 2406217 - ET RBN Known Russian Business Network IP UDP (109) (emerging-rbn.rules) 2406218 - ET RBN Known Russian Business Network IP TCP (110) (emerging-rbn.rules) 2406219 - ET RBN Known Russian Business Network IP UDP (110) (emerging-rbn.rules) 2406220 - ET RBN Known Russian Business Network IP TCP (111) (emerging-rbn.rules) 2406221 - ET RBN Known Russian Business Network IP UDP (111) (emerging-rbn.rules) 2406222 - ET RBN Known Russian Business Network IP TCP (112) (emerging-rbn.rules) 2406223 - ET RBN Known Russian Business Network IP UDP (112) (emerging-rbn.rules) 2406224 - ET RBN Known Russian Business Network IP TCP (113) (emerging-rbn.rules) 2406225 - ET RBN Known Russian Business Network IP UDP (113) (emerging-rbn.rules) 2406226 - ET RBN Known Russian Business Network IP TCP (114) (emerging-rbn.rules) 2406227 - ET RBN Known Russian Business Network IP UDP (114) (emerging-rbn.rules) 2406228 - ET RBN Known Russian Business Network IP TCP (115) (emerging-rbn.rules) 2406229 - ET RBN Known Russian Business Network IP UDP (115) (emerging-rbn.rules) 2406230 - ET RBN Known Russian Business Network IP TCP (116) (emerging-rbn.rules) 2406231 - ET RBN Known Russian Business Network IP UDP (116) (emerging-rbn.rules) 2406232 - ET RBN Known Russian Business Network IP TCP (117) (emerging-rbn.rules) 2406233 - ET RBN Known Russian Business Network IP UDP (117) (emerging-rbn.rules) 2406234 - ET RBN Known Russian Business Network IP TCP (118) (emerging-rbn.rules) 2406235 - ET RBN Known Russian Business Network IP UDP (118) (emerging-rbn.rules) 2406236 - ET RBN Known Russian Business Network IP TCP (119) (emerging-rbn.rules) 2406237 - ET RBN Known Russian Business Network IP UDP (119) (emerging-rbn.rules) 2406238 - ET RBN Known Russian Business Network IP TCP (120) (emerging-rbn.rules) 2406239 - ET RBN Known Russian Business Network IP UDP (120) (emerging-rbn.rules) 2406240 - ET RBN Known Russian Business Network IP TCP (121) (emerging-rbn.rules) 2406241 - ET RBN Known Russian Business Network IP UDP (121) (emerging-rbn.rules) 2406242 - ET RBN Known Russian Business Network IP TCP (122) (emerging-rbn.rules) 2406243 - ET RBN Known Russian Business Network IP UDP (122) (emerging-rbn.rules) 2406244 - ET RBN Known Russian Business Network IP TCP (123) (emerging-rbn.rules) 2406245 - ET RBN Known Russian Business Network IP UDP (123) (emerging-rbn.rules) 2406246 - ET RBN Known Russian Business Network IP TCP (124) (emerging-rbn.rules) 2406247 - ET RBN Known Russian Business Network IP UDP (124) (emerging-rbn.rules) 2406248 - ET RBN Known Russian Business Network IP TCP (125) (emerging-rbn.rules) 2406249 - ET RBN Known Russian Business Network IP UDP (125) (emerging-rbn.rules) 2406250 - ET RBN Known Russian Business Network IP TCP (126) (emerging-rbn.rules) 2406251 - ET RBN Known Russian Business Network IP UDP (126) (emerging-rbn.rules) 2406252 - ET RBN Known Russian Business Network IP TCP (127) (emerging-rbn.rules) 2406253 - ET RBN Known Russian Business Network IP UDP (127) (emerging-rbn.rules) 2406254 - ET RBN Known Russian Business Network IP TCP (128) (emerging-rbn.rules) 2406255 - ET RBN Known Russian Business Network IP UDP (128) (emerging-rbn.rules) 2406256 - ET RBN Known Russian Business Network IP TCP (129) (emerging-rbn.rules) 2406257 - ET RBN Known Russian Business Network IP UDP (129) (emerging-rbn.rules) 2406258 - ET RBN Known Russian Business Network IP TCP (130) (emerging-rbn.rules) 2406259 - ET RBN Known Russian Business Network IP UDP (130) (emerging-rbn.rules) 2406260 - ET RBN Known Russian Business Network IP TCP (131) (emerging-rbn.rules) 2406261 - ET RBN Known Russian Business Network IP UDP (131) (emerging-rbn.rules) 2406262 - ET RBN Known Russian Business Network IP TCP (132) (emerging-rbn.rules) 2406263 - ET RBN Known Russian Business Network IP UDP (132) (emerging-rbn.rules) 2406264 - ET RBN Known Russian Business Network IP TCP (133) (emerging-rbn.rules) 2406265 - ET RBN Known Russian Business Network IP UDP (133) (emerging-rbn.rules) 2406266 - ET RBN Known Russian Business Network IP TCP (134) (emerging-rbn.rules) 2406267 - ET RBN Known Russian Business Network IP UDP (134) (emerging-rbn.rules) 2406268 - ET RBN Known Russian Business Network IP TCP (135) (emerging-rbn.rules) 2406269 - ET RBN Known Russian Business Network IP UDP (135) (emerging-rbn.rules) 2406270 - ET RBN Known Russian Business Network IP TCP (136) (emerging-rbn.rules) 2406271 - ET RBN Known Russian Business Network IP UDP (136) (emerging-rbn.rules) 2406272 - ET RBN Known Russian Business Network IP TCP (137) (emerging-rbn.rules) 2406273 - ET RBN Known Russian Business Network IP UDP (137) (emerging-rbn.rules) 2406274 - ET RBN Known Russian Business Network IP TCP (138) (emerging-rbn.rules) 2406275 - ET RBN Known Russian Business Network IP UDP (138) (emerging-rbn.rules) 2406276 - ET RBN Known Russian Business Network IP TCP (139) (emerging-rbn.rules) 2406277 - ET RBN Known Russian Business Network IP UDP (139) (emerging-rbn.rules) 2406278 - ET RBN Known Russian Business Network IP TCP (140) (emerging-rbn.rules) 2406279 - ET RBN Known Russian Business Network IP UDP (140) (emerging-rbn.rules) 2406280 - ET RBN Known Russian Business Network IP TCP (141) (emerging-rbn.rules) 2406281 - ET RBN Known Russian Business Network IP UDP (141) (emerging-rbn.rules) 2406282 - ET RBN Known Russian Business Network IP TCP (142) (emerging-rbn.rules) 2406283 - ET RBN Known Russian Business Network IP UDP (142) (emerging-rbn.rules) 2406284 - ET RBN Known Russian Business Network IP TCP (143) (emerging-rbn.rules) 2406285 - ET RBN Known Russian Business Network IP UDP (143) (emerging-rbn.rules) 2406286 - ET RBN Known Russian Business Network IP TCP (144) (emerging-rbn.rules) 2406287 - ET RBN Known Russian Business Network IP UDP (144) (emerging-rbn.rules) 2406288 - ET RBN Known Russian Business Network IP TCP (145) (emerging-rbn.rules) 2406289 - ET RBN Known Russian Business Network IP UDP (145) (emerging-rbn.rules) 2406290 - ET RBN Known Russian Business Network IP TCP (146) (emerging-rbn.rules) 2406291 - ET RBN Known Russian Business Network IP UDP (146) (emerging-rbn.rules) 2406292 - ET RBN Known Russian Business Network IP TCP (147) (emerging-rbn.rules) 2406293 - ET RBN Known Russian Business Network IP UDP (147) (emerging-rbn.rules) 2406294 - ET RBN Known Russian Business Network IP TCP (148) (emerging-rbn.rules) 2406295 - ET RBN Known Russian Business Network IP UDP (148) (emerging-rbn.rules) 2406296 - ET RBN Known Russian Business Network IP TCP (149) (emerging-rbn.rules) 2406297 - ET RBN Known Russian Business Network IP UDP (149) (emerging-rbn.rules) 2406298 - ET RBN Known Russian Business Network IP TCP (150) (emerging-rbn.rules) 2406299 - ET RBN Known Russian Business Network IP UDP (150) (emerging-rbn.rules) 2406300 - ET RBN Known Russian Business Network IP TCP (151) (emerging-rbn.rules) 2406301 - ET RBN Known Russian Business Network IP UDP (151) (emerging-rbn.rules) 2406302 - ET RBN Known Russian Business Network IP TCP (152) (emerging-rbn.rules) 2406303 - ET RBN Known Russian Business Network IP UDP (152) (emerging-rbn.rules) 2406304 - ET RBN Known Russian Business Network IP TCP (153) (emerging-rbn.rules) 2406305 - ET RBN Known Russian Business Network IP UDP (153) (emerging-rbn.rules) 2406306 - ET RBN Known Russian Business Network IP TCP (154) (emerging-rbn.rules) 2406307 - ET RBN Known Russian Business Network IP UDP (154) (emerging-rbn.rules) 2406308 - ET RBN Known Russian Business Network IP TCP (155) (emerging-rbn.rules) 2406309 - ET RBN Known Russian Business Network IP UDP (155) (emerging-rbn.rules) 2406310 - ET RBN Known Russian Business Network IP TCP (156) (emerging-rbn.rules) 2406311 - ET RBN Known Russian Business Network IP UDP (156) (emerging-rbn.rules) 2406312 - ET RBN Known Russian Business Network IP TCP (157) (emerging-rbn.rules) 2406313 - ET RBN Known Russian Business Network IP UDP (157) (emerging-rbn.rules) 2406314 - ET RBN Known Russian Business Network IP TCP (158) (emerging-rbn.rules) 2406315 - ET RBN Known Russian Business Network IP UDP (158) (emerging-rbn.rules) 2406316 - ET RBN Known Russian Business Network IP TCP (159) (emerging-rbn.rules) 2406317 - ET RBN Known Russian Business Network IP UDP (159) (emerging-rbn.rules) 2406318 - ET RBN Known Russian Business Network IP TCP (160) (emerging-rbn.rules) 2406319 - ET RBN Known Russian Business Network IP UDP (160) (emerging-rbn.rules) 2406320 - ET RBN Known Russian Business Network IP TCP (161) (emerging-rbn.rules) 2406321 - ET RBN Known Russian Business Network IP UDP (161) (emerging-rbn.rules) 2406322 - ET RBN Known Russian Business Network IP TCP (162) (emerging-rbn.rules) 2406323 - ET RBN Known Russian Business Network IP UDP (162) (emerging-rbn.rules) 2406324 - ET RBN Known Russian Business Network IP TCP (163) (emerging-rbn.rules) 2406325 - ET RBN Known Russian Business Network IP UDP (163) (emerging-rbn.rules) 2406326 - ET RBN Known Russian Business Network IP TCP (164) (emerging-rbn.rules) 2406327 - ET RBN Known Russian Business Network IP UDP (164) (emerging-rbn.rules) 2406328 - ET RBN Known Russian Business Network IP TCP (165) (emerging-rbn.rules) 2406329 - ET RBN Known Russian Business Network IP UDP (165) (emerging-rbn.rules) 2406330 - ET RBN Known Russian Business Network IP TCP (166) (emerging-rbn.rules) 2406331 - ET RBN Known Russian Business Network IP UDP (166) (emerging-rbn.rules) 2406332 - ET RBN Known Russian Business Network IP TCP (167) (emerging-rbn.rules) 2406333 - ET RBN Known Russian Business Network IP UDP (167) (emerging-rbn.rules) 2406334 - ET RBN Known Russian Business Network IP TCP (168) (emerging-rbn.rules) 2406335 - ET RBN Known Russian Business Network IP UDP (168) (emerging-rbn.rules) 2406336 - ET RBN Known Russian Business Network IP TCP (169) (emerging-rbn.rules) 2406337 - ET RBN Known Russian Business Network IP UDP (169) (emerging-rbn.rules) 2406338 - ET RBN Known Russian Business Network IP TCP (170) (emerging-rbn.rules) 2406339 - ET RBN Known Russian Business Network IP UDP (170) (emerging-rbn.rules) 2406340 - ET RBN Known Russian Business Network IP TCP (171) (emerging-rbn.rules) 2406341 - ET RBN Known Russian Business Network IP UDP (171) (emerging-rbn.rules) 2406342 - ET RBN Known Russian Business Network IP TCP (172) (emerging-rbn.rules) 2406343 - ET RBN Known Russian Business Network IP UDP (172) (emerging-rbn.rules) 2406344 - ET RBN Known Russian Business Network IP TCP (173) (emerging-rbn.rules) 2406345 - ET RBN Known Russian Business Network IP UDP (173) (emerging-rbn.rules) 2406346 - ET RBN Known Russian Business Network IP TCP (174) (emerging-rbn.rules) 2406347 - ET RBN Known Russian Business Network IP UDP (174) (emerging-rbn.rules) 2406348 - ET RBN Known Russian Business Network IP TCP (175) (emerging-rbn.rules) 2406349 - ET RBN Known Russian Business Network IP UDP (175) (emerging-rbn.rules) 2406350 - ET RBN Known Russian Business Network IP TCP (176) (emerging-rbn.rules) 2406351 - ET RBN Known Russian Business Network IP UDP (176) (emerging-rbn.rules) 2406352 - ET RBN Known Russian Business Network IP TCP (177) (emerging-rbn.rules) 2406353 - ET RBN Known Russian Business Network IP UDP (177) (emerging-rbn.rules) 2406354 - ET RBN Known Russian Business Network IP TCP (178) (emerging-rbn.rules) 2406355 - ET RBN Known Russian Business Network IP UDP (178) (emerging-rbn.rules) 2406356 - ET RBN Known Russian Business Network IP TCP (179) (emerging-rbn.rules) 2406357 - ET RBN Known Russian Business Network IP UDP (179) (emerging-rbn.rules) 2406358 - ET RBN Known Russian Business Network IP TCP (180) (emerging-rbn.rules) 2406359 - ET RBN Known Russian Business Network IP UDP (180) (emerging-rbn.rules) 2406360 - ET RBN Known Russian Business Network IP TCP (181) (emerging-rbn.rules) 2406361 - ET RBN Known Russian Business Network IP UDP (181) (emerging-rbn.rules) 2406362 - ET RBN Known Russian Business Network IP TCP (182) (emerging-rbn.rules) 2406363 - ET RBN Known Russian Business Network IP UDP (182) (emerging-rbn.rules) 2406364 - ET RBN Known Russian Business Network IP TCP (183) (emerging-rbn.rules) 2406365 - ET RBN Known Russian Business Network IP UDP (183) (emerging-rbn.rules) 2406366 - ET RBN Known Russian Business Network IP TCP (184) (emerging-rbn.rules) 2406367 - ET RBN Known Russian Business Network IP UDP (184) (emerging-rbn.rules) 2406368 - ET RBN Known Russian Business Network IP TCP (185) (emerging-rbn.rules) 2406369 - ET RBN Known Russian Business Network IP UDP (185) (emerging-rbn.rules) 2406370 - ET RBN Known Russian Business Network IP TCP (186) (emerging-rbn.rules) 2406371 - ET RBN Known Russian Business Network IP UDP (186) (emerging-rbn.rules) 2406372 - ET RBN Known Russian Business Network IP TCP (187) (emerging-rbn.rules) 2406373 - ET RBN Known Russian Business Network IP UDP (187) (emerging-rbn.rules) 2406374 - ET RBN Known Russian Business Network IP TCP (188) (emerging-rbn.rules) 2406375 - ET RBN Known Russian Business Network IP UDP (188) (emerging-rbn.rules) 2406376 - ET RBN Known Russian Business Network IP TCP (189) (emerging-rbn.rules) 2406377 - ET RBN Known Russian Business Network IP UDP (189) (emerging-rbn.rules) 2406378 - ET RBN Known Russian Business Network IP TCP (190) (emerging-rbn.rules) 2406379 - ET RBN Known Russian Business Network IP UDP (190) (emerging-rbn.rules) 2406380 - ET RBN Known Russian Business Network IP TCP (191) (emerging-rbn.rules) 2406381 - ET RBN Known Russian Business Network IP UDP (191) (emerging-rbn.rules) 2406382 - ET RBN Known Russian Business Network IP TCP (192) (emerging-rbn.rules) 2406383 - ET RBN Known Russian Business Network IP UDP (192) (emerging-rbn.rules) 2406384 - ET RBN Known Russian Business Network IP TCP (193) (emerging-rbn.rules) 2406385 - ET RBN Known Russian Business Network IP UDP (193) (emerging-rbn.rules) 2406386 - ET RBN Known Russian Business Network IP TCP (194) (emerging-rbn.rules) 2406387 - ET RBN Known Russian Business Network IP UDP (194) (emerging-rbn.rules) 2406388 - ET RBN Known Russian Business Network IP TCP (195) (emerging-rbn.rules) 2406389 - ET RBN Known Russian Business Network IP UDP (195) (emerging-rbn.rules) 2406390 - ET RBN Known Russian Business Network IP TCP (196) (emerging-rbn.rules) 2406391 - ET RBN Known Russian Business Network IP UDP (196) (emerging-rbn.rules) 2406392 - ET RBN Known Russian Business Network IP TCP (197) (emerging-rbn.rules) 2406393 - ET RBN Known Russian Business Network IP UDP (197) (emerging-rbn.rules) 2406394 - ET RBN Known Russian Business Network IP TCP (198) (emerging-rbn.rules) 2406395 - ET RBN Known Russian Business Network IP UDP (198) (emerging-rbn.rules) 2406396 - ET RBN Known Russian Business Network IP TCP (199) (emerging-rbn.rules) 2406397 - ET RBN Known Russian Business Network IP UDP (199) (emerging-rbn.rules) 2406398 - ET RBN Known Russian Business Network IP TCP (200) (emerging-rbn.rules) 2406399 - ET RBN Known Russian Business Network IP UDP (200) (emerging-rbn.rules) 2406400 - ET RBN Known Russian Business Network IP TCP (201) (emerging-rbn.rules) 2406401 - ET RBN Known Russian Business Network IP UDP (201) (emerging-rbn.rules) 2406402 - ET RBN Known Russian Business Network IP TCP (202) (emerging-rbn.rules) 2406403 - ET RBN Known Russian Business Network IP UDP (202) (emerging-rbn.rules) 2406404 - ET RBN Known Russian Business Network IP TCP (203) (emerging-rbn.rules) 2406405 - ET RBN Known Russian Business Network IP UDP (203) (emerging-rbn.rules) 2406406 - ET RBN Known Russian Business Network IP TCP (204) (emerging-rbn.rules) 2406407 - ET RBN Known Russian Business Network IP UDP (204) (emerging-rbn.rules) 2406408 - ET RBN Known Russian Business Network IP TCP (205) (emerging-rbn.rules) 2406409 - ET RBN Known Russian Business Network IP UDP (205) (emerging-rbn.rules) 2406410 - ET RBN Known Russian Business Network IP TCP (206) (emerging-rbn.rules) 2406411 - ET RBN Known Russian Business Network IP UDP (206) (emerging-rbn.rules) 2406412 - ET RBN Known Russian Business Network IP TCP (207) (emerging-rbn.rules) 2406413 - ET RBN Known Russian Business Network IP UDP (207) (emerging-rbn.rules) 2406414 - ET RBN Known Russian Business Network IP TCP (208) (emerging-rbn.rules) 2406415 - ET RBN Known Russian Business Network IP UDP (208) (emerging-rbn.rules) 2406416 - ET RBN Known Russian Business Network IP TCP (209) (emerging-rbn.rules) 2406417 - ET RBN Known Russian Business Network IP UDP (209) (emerging-rbn.rules) 2406418 - ET RBN Known Russian Business Network IP TCP (210) (emerging-rbn.rules) 2406419 - ET RBN Known Russian Business Network IP UDP (210) (emerging-rbn.rules) 2406420 - ET RBN Known Russian Business Network IP TCP (211) (emerging-rbn.rules) 2406421 - ET RBN Known Russian Business Network IP UDP (211) (emerging-rbn.rules) 2406422 - ET RBN Known Russian Business Network IP TCP (212) (emerging-rbn.rules) 2406423 - ET RBN Known Russian Business Network IP UDP (212) (emerging-rbn.rules) 2406424 - ET RBN Known Russian Business Network IP TCP (213) (emerging-rbn.rules) 2406425 - ET RBN Known Russian Business Network IP UDP (213) (emerging-rbn.rules) 2406426 - ET RBN Known Russian Business Network IP TCP (214) (emerging-rbn.rules) 2406427 - ET RBN Known Russian Business Network IP UDP (214) (emerging-rbn.rules) 2406428 - ET RBN Known Russian Business Network IP TCP (215) (emerging-rbn.rules) 2406429 - ET RBN Known Russian Business Network IP UDP (215) (emerging-rbn.rules) 2406430 - ET RBN Known Russian Business Network IP TCP (216) (emerging-rbn.rules) 2406431 - ET RBN Known Russian Business Network IP UDP (216) (emerging-rbn.rules) 2406432 - ET RBN Known Russian Business Network IP TCP (217) (emerging-rbn.rules) 2406433 - ET RBN Known Russian Business Network IP UDP (217) (emerging-rbn.rules) 2406434 - ET RBN Known Russian Business Network IP TCP (218) (emerging-rbn.rules) 2406435 - ET RBN Known Russian Business Network IP UDP (218) (emerging-rbn.rules) 2406436 - ET RBN Known Russian Business Network IP TCP (219) (emerging-rbn.rules) 2406437 - ET RBN Known Russian Business Network IP UDP (219) (emerging-rbn.rules) 2406438 - ET RBN Known Russian Business Network IP TCP (220) (emerging-rbn.rules) 2406439 - ET RBN Known Russian Business Network IP UDP (220) (emerging-rbn.rules) 2406440 - ET RBN Known Russian Business Network IP TCP (221) (emerging-rbn.rules) 2406441 - ET RBN Known Russian Business Network IP UDP (221) (emerging-rbn.rules) 2406442 - ET RBN Known Russian Business Network IP TCP (222) (emerging-rbn.rules) 2406443 - ET RBN Known Russian Business Network IP UDP (222) (emerging-rbn.rules) 2406444 - ET RBN Known Russian Business Network IP TCP (223) (emerging-rbn.rules) 2406445 - ET RBN Known Russian Business Network IP UDP (223) (emerging-rbn.rules) 2406446 - ET RBN Known Russian Business Network IP TCP (224) (emerging-rbn.rules) 2406447 - ET RBN Known Russian Business Network IP UDP (224) (emerging-rbn.rules) 2406448 - ET RBN Known Russian Business Network IP TCP (225) (emerging-rbn.rules) 2406449 - ET RBN Known Russian Business Network IP UDP (225) (emerging-rbn.rules) 2406450 - ET RBN Known Russian Business Network IP TCP (226) (emerging-rbn.rules) 2406451 - ET RBN Known Russian Business Network IP UDP (226) (emerging-rbn.rules) 2406452 - ET RBN Known Russian Business Network IP TCP (227) (emerging-rbn.rules) 2406453 - ET RBN Known Russian Business Network IP UDP (227) (emerging-rbn.rules) 2406454 - ET RBN Known Russian Business Network IP TCP (228) (emerging-rbn.rules) 2406455 - ET RBN Known Russian Business Network IP UDP (228) (emerging-rbn.rules) 2406456 - ET RBN Known Russian Business Network IP TCP (229) (emerging-rbn.rules) 2406457 - ET RBN Known Russian Business Network IP UDP (229) (emerging-rbn.rules) 2406458 - ET RBN Known Russian Business Network IP TCP (230) (emerging-rbn.rules) 2406459 - ET RBN Known Russian Business Network IP UDP (230) (emerging-rbn.rules) 2406460 - ET RBN Known Russian Business Network IP TCP (231) (emerging-rbn.rules) 2406461 - ET RBN Known Russian Business Network IP UDP (231) (emerging-rbn.rules) 2406462 - ET RBN Known Russian Business Network IP TCP (232) (emerging-rbn.rules) 2406463 - ET RBN Known Russian Business Network IP UDP (232) (emerging-rbn.rules) 2406464 - ET RBN Known Russian Business Network IP TCP (233) (emerging-rbn.rules) 2406465 - ET RBN Known Russian Business Network IP UDP (233) (emerging-rbn.rules) 2406466 - ET RBN Known Russian Business Network IP TCP (234) (emerging-rbn.rules) 2406467 - ET RBN Known Russian Business Network IP UDP (234) (emerging-rbn.rules) 2406468 - ET RBN Known Russian Business Network IP TCP (235) (emerging-rbn.rules) 2406469 - ET RBN Known Russian Business Network IP UDP (235) (emerging-rbn.rules) 2406470 - ET RBN Known Russian Business Network IP TCP (236) (emerging-rbn.rules) 2406471 - ET RBN Known Russian Business Network IP UDP (236) (emerging-rbn.rules) 2406472 - ET RBN Known Russian Business Network IP TCP (237) (emerging-rbn.rules) 2406473 - ET RBN Known Russian Business Network IP UDP (237) (emerging-rbn.rules) 2406474 - ET RBN Known Russian Business Network IP TCP (238) (emerging-rbn.rules) 2406475 - ET RBN Known Russian Business Network IP UDP (238) (emerging-rbn.rules) 2406476 - ET RBN Known Russian Business Network IP TCP (239) (emerging-rbn.rules) 2406477 - ET RBN Known Russian Business Network IP UDP (239) (emerging-rbn.rules) 2406478 - ET RBN Known Russian Business Network IP TCP (240) (emerging-rbn.rules) 2406479 - ET RBN Known Russian Business Network IP UDP (240) (emerging-rbn.rules) 2406480 - ET RBN Known Russian Business Network IP TCP (241) (emerging-rbn.rules) 2406481 - ET RBN Known Russian Business Network IP UDP (241) (emerging-rbn.rules) 2406482 - ET RBN Known Russian Business Network IP TCP (242) (emerging-rbn.rules) 2406483 - ET RBN Known Russian Business Network IP UDP (242) (emerging-rbn.rules) 2406484 - ET RBN Known Russian Business Network IP TCP (243) (emerging-rbn.rules) 2406485 - ET RBN Known Russian Business Network IP UDP (243) (emerging-rbn.rules) 2406486 - ET RBN Known Russian Business Network IP TCP (244) (emerging-rbn.rules) 2406487 - ET RBN Known Russian Business Network IP UDP (244) (emerging-rbn.rules) 2406488 - ET RBN Known Russian Business Network IP TCP (245) (emerging-rbn.rules) 2406489 - ET RBN Known Russian Business Network IP UDP (245) (emerging-rbn.rules) 2406490 - ET RBN Known Russian Business Network IP TCP (246) (emerging-rbn.rules) 2406491 - ET RBN Known Russian Business Network IP UDP (246) (emerging-rbn.rules) 2406492 - ET RBN Known Russian Business Network IP TCP (247) (emerging-rbn.rules) 2406493 - ET RBN Known Russian Business Network IP UDP (247) (emerging-rbn.rules) 2406494 - ET RBN Known Russian Business Network IP TCP (248) (emerging-rbn.rules) 2406495 - ET RBN Known Russian Business Network IP UDP (248) (emerging-rbn.rules) 2406496 - ET RBN Known Russian Business Network IP TCP (249) (emerging-rbn.rules) 2406497 - ET RBN Known Russian Business Network IP UDP (249) (emerging-rbn.rules) 2406498 - ET RBN Known Russian Business Network IP TCP (250) (emerging-rbn.rules) 2406499 - ET RBN Known Russian Business Network IP UDP (250) (emerging-rbn.rules) 2406500 - ET RBN Known Russian Business Network IP TCP (251) (emerging-rbn.rules) 2406501 - ET RBN Known Russian Business Network IP UDP (251) (emerging-rbn.rules) 2406502 - ET RBN Known Russian Business Network IP TCP (252) (emerging-rbn.rules) 2406503 - ET RBN Known Russian Business Network IP UDP (252) (emerging-rbn.rules) 2406504 - ET RBN Known Russian Business Network IP TCP (253) (emerging-rbn.rules) 2406505 - ET RBN Known Russian Business Network IP UDP (253) (emerging-rbn.rules) 2406506 - ET RBN Known Russian Business Network IP TCP (254) (emerging-rbn.rules) 2406507 - ET RBN Known Russian Business Network IP UDP (254) (emerging-rbn.rules) 2406508 - ET RBN Known Russian Business Network IP TCP (255) (emerging-rbn.rules) 2406509 - ET RBN Known Russian Business Network IP UDP (255) (emerging-rbn.rules) 2406510 - ET RBN Known Russian Business Network IP TCP (256) (emerging-rbn.rules) 2406511 - ET RBN Known Russian Business Network IP UDP (256) (emerging-rbn.rules) 2406512 - ET RBN Known Russian Business Network IP TCP (257) (emerging-rbn.rules) 2406513 - ET RBN Known Russian Business Network IP UDP (257) (emerging-rbn.rules) 2406514 - ET RBN Known Russian Business Network IP TCP (258) (emerging-rbn.rules) 2406515 - ET RBN Known Russian Business Network IP UDP (258) (emerging-rbn.rules) 2406516 - ET RBN Known Russian Business Network IP TCP (259) (emerging-rbn.rules) 2406517 - ET RBN Known Russian Business Network IP UDP (259) (emerging-rbn.rules) 2406518 - ET RBN Known Russian Business Network IP TCP (260) (emerging-rbn.rules) 2406519 - ET RBN Known Russian Business Network IP UDP (260) (emerging-rbn.rules) 2406520 - ET RBN Known Russian Business Network IP TCP (261) (emerging-rbn.rules) 2406521 - ET RBN Known Russian Business Network IP UDP (261) (emerging-rbn.rules) 2406522 - ET RBN Known Russian Business Network IP TCP (262) (emerging-rbn.rules) 2406523 - ET RBN Known Russian Business Network IP UDP (262) (emerging-rbn.rules) 2406524 - ET RBN Known Russian Business Network IP TCP (263) (emerging-rbn.rules) 2406525 - ET RBN Known Russian Business Network IP UDP (263) (emerging-rbn.rules) 2406526 - ET RBN Known Russian Business Network IP TCP (264) (emerging-rbn.rules) 2406527 - ET RBN Known Russian Business Network IP UDP (264) (emerging-rbn.rules) 2406528 - ET RBN Known Russian Business Network IP TCP (265) (emerging-rbn.rules) 2406529 - ET RBN Known Russian Business Network IP UDP (265) (emerging-rbn.rules) 2406530 - ET RBN Known Russian Business Network IP TCP (266) (emerging-rbn.rules) 2406531 - ET RBN Known Russian Business Network IP UDP (266) (emerging-rbn.rules) 2406532 - ET RBN Known Russian Business Network IP TCP (267) (emerging-rbn.rules) 2406533 - ET RBN Known Russian Business Network IP UDP (267) (emerging-rbn.rules) 2406534 - ET RBN Known Russian Business Network IP TCP (268) (emerging-rbn.rules) 2406535 - ET RBN Known Russian Business Network IP UDP (268) (emerging-rbn.rules) 2406536 - ET RBN Known Russian Business Network IP TCP (269) (emerging-rbn.rules) 2406537 - ET RBN Known Russian Business Network IP UDP (269) (emerging-rbn.rules) 2406538 - ET RBN Known Russian Business Network IP TCP (270) (emerging-rbn.rules) 2406539 - ET RBN Known Russian Business Network IP UDP (270) (emerging-rbn.rules) 2406540 - ET RBN Known Russian Business Network IP TCP (271) (emerging-rbn.rules) 2406541 - ET RBN Known Russian Business Network IP UDP (271) (emerging-rbn.rules) 2406542 - ET RBN Known Russian Business Network IP TCP (272) (emerging-rbn.rules) 2406543 - ET RBN Known Russian Business Network IP UDP (272) (emerging-rbn.rules) 2406544 - ET RBN Known Russian Business Network IP TCP (273) (emerging-rbn.rules) 2406545 - ET RBN Known Russian Business Network IP UDP (273) (emerging-rbn.rules) 2406546 - ET RBN Known Russian Business Network IP TCP (274) (emerging-rbn.rules) 2406547 - ET RBN Known Russian Business Network IP UDP (274) (emerging-rbn.rules) 2406548 - ET RBN Known Russian Business Network IP TCP (275) (emerging-rbn.rules) 2406549 - ET RBN Known Russian Business Network IP UDP (275) (emerging-rbn.rules) 2406550 - ET RBN Known Russian Business Network IP TCP (276) (emerging-rbn.rules) 2406551 - ET RBN Known Russian Business Network IP UDP (276) (emerging-rbn.rules) 2406552 - ET RBN Known Russian Business Network IP TCP (277) (emerging-rbn.rules) 2406553 - ET RBN Known Russian Business Network IP UDP (277) (emerging-rbn.rules) 2406554 - ET RBN Known Russian Business Network IP TCP (278) (emerging-rbn.rules) 2406555 - ET RBN Known Russian Business Network IP UDP (278) (emerging-rbn.rules) 2406556 - ET RBN Known Russian Business Network IP TCP (279) (emerging-rbn.rules) 2406557 - ET RBN Known Russian Business Network IP UDP (279) (emerging-rbn.rules) 2406558 - ET RBN Known Russian Business Network IP TCP (280) (emerging-rbn.rules) 2406559 - ET RBN Known Russian Business Network IP UDP (280) (emerging-rbn.rules) 2406560 - ET RBN Known Russian Business Network IP TCP (281) (emerging-rbn.rules) 2406561 - ET RBN Known Russian Business Network IP UDP (281) (emerging-rbn.rules) 2406562 - ET RBN Known Russian Business Network IP TCP (282) (emerging-rbn.rules) 2406563 - ET RBN Known Russian Business Network IP UDP (282) (emerging-rbn.rules) 2406564 - ET RBN Known Russian Business Network IP TCP (283) (emerging-rbn.rules) 2406565 - ET RBN Known Russian Business Network IP UDP (283) (emerging-rbn.rules) 2406566 - ET RBN Known Russian Business Network IP TCP (284) (emerging-rbn.rules) 2406567 - ET RBN Known Russian Business Network IP UDP (284) (emerging-rbn.rules) 2406568 - ET RBN Known Russian Business Network IP TCP (285) (emerging-rbn.rules) 2406569 - ET RBN Known Russian Business Network IP UDP (285) (emerging-rbn.rules) 2406570 - ET RBN Known Russian Business Network IP TCP (286) (emerging-rbn.rules) 2406571 - ET RBN Known Russian Business Network IP UDP (286) (emerging-rbn.rules) 2406572 - ET RBN Known Russian Business Network IP TCP (287) (emerging-rbn.rules) 2406573 - ET RBN Known Russian Business Network IP UDP (287) (emerging-rbn.rules) 2406574 - ET RBN Known Russian Business Network IP TCP (288) (emerging-rbn.rules) 2406575 - ET RBN Known Russian Business Network IP UDP (288) (emerging-rbn.rules) 2406576 - ET RBN Known Russian Business Network IP TCP (289) (emerging-rbn.rules) 2406577 - ET RBN Known Russian Business Network IP UDP (289) (emerging-rbn.rules) 2406578 - ET RBN Known Russian Business Network IP TCP (290) (emerging-rbn.rules) 2406579 - ET RBN Known Russian Business Network IP UDP (290) (emerging-rbn.rules) 2406580 - ET RBN Known Russian Business Network IP TCP (291) (emerging-rbn.rules) 2406581 - ET RBN Known Russian Business Network IP UDP (291) (emerging-rbn.rules) 2406582 - ET RBN Known Russian Business Network IP TCP (292) (emerging-rbn.rules) 2406583 - ET RBN Known Russian Business Network IP UDP (292) (emerging-rbn.rules) 2406584 - ET RBN Known Russian Business Network IP TCP (293) (emerging-rbn.rules) 2406585 - ET RBN Known Russian Business Network IP UDP (293) (emerging-rbn.rules) 2406586 - ET RBN Known Russian Business Network IP TCP (294) (emerging-rbn.rules) 2406587 - ET RBN Known Russian Business Network IP UDP (294) (emerging-rbn.rules) 2406588 - ET RBN Known Russian Business Network IP TCP (295) (emerging-rbn.rules) 2406589 - ET RBN Known Russian Business Network IP UDP (295) (emerging-rbn.rules) 2406590 - ET RBN Known Russian Business Network IP TCP (296) (emerging-rbn.rules) 2406591 - ET RBN Known Russian Business Network IP UDP (296) (emerging-rbn.rules) 2406592 - ET RBN Known Russian Business Network IP TCP (297) (emerging-rbn.rules) 2406593 - ET RBN Known Russian Business Network IP UDP (297) (emerging-rbn.rules) 2406594 - ET RBN Known Russian Business Network IP TCP (298) (emerging-rbn.rules) 2406595 - ET RBN Known Russian Business Network IP UDP (298) (emerging-rbn.rules) 2406596 - ET RBN Known Russian Business Network IP TCP (299) (emerging-rbn.rules) 2406597 - ET RBN Known Russian Business Network IP UDP (299) (emerging-rbn.rules) 2406598 - ET RBN Known Russian Business Network IP TCP (300) (emerging-rbn.rules) 2406599 - ET RBN Known Russian Business Network IP UDP (300) (emerging-rbn.rules) 2406600 - ET RBN Known Russian Business Network IP TCP (301) (emerging-rbn.rules) 2406601 - ET RBN Known Russian Business Network IP UDP (301) (emerging-rbn.rules) 2406602 - ET RBN Known Russian Business Network IP TCP (302) (emerging-rbn.rules) 2406603 - ET RBN Known Russian Business Network IP UDP (302) (emerging-rbn.rules) 2406604 - ET RBN Known Russian Business Network IP TCP (303) (emerging-rbn.rules) 2406605 - ET RBN Known Russian Business Network IP UDP (303) (emerging-rbn.rules) 2406606 - ET RBN Known Russian Business Network IP TCP (304) (emerging-rbn.rules) 2406607 - ET RBN Known Russian Business Network IP UDP (304) (emerging-rbn.rules) 2406608 - ET RBN Known Russian Business Network IP TCP (305) (emerging-rbn.rules) 2406609 - ET RBN Known Russian Business Network IP UDP (305) (emerging-rbn.rules) 2406610 - ET RBN Known Russian Business Network IP TCP (306) (emerging-rbn.rules) 2406611 - ET RBN Known Russian Business Network IP UDP (306) (emerging-rbn.rules) 2406612 - ET RBN Known Russian Business Network IP TCP (307) (emerging-rbn.rules) 2406613 - ET RBN Known Russian Business Network IP UDP (307) (emerging-rbn.rules) 2406614 - ET RBN Known Russian Business Network IP TCP (308) (emerging-rbn.rules) 2406615 - ET RBN Known Russian Business Network IP UDP (308) (emerging-rbn.rules) 2406616 - ET RBN Known Russian Business Network IP TCP (309) (emerging-rbn.rules) 2406617 - ET RBN Known Russian Business Network IP UDP (309) (emerging-rbn.rules) 2406618 - ET RBN Known Russian Business Network IP TCP (310) (emerging-rbn.rules) 2406619 - ET RBN Known Russian Business Network IP UDP (310) (emerging-rbn.rules) 2407000 - ET RBN Known Russian Business Network IP TCP - BLOCKING (1) (emerging-rbn-BLOCK.rules) 2407001 - ET RBN Known Russian Business Network IP UDP - BLOCKING (1) (emerging-rbn-BLOCK.rules) 2407002 - ET RBN Known Russian Business Network IP TCP - BLOCKING (2) (emerging-rbn-BLOCK.rules) 2407003 - ET RBN Known Russian Business Network IP UDP - BLOCKING (2) (emerging-rbn-BLOCK.rules) 2407004 - ET RBN Known Russian Business Network IP TCP - BLOCKING (3) (emerging-rbn-BLOCK.rules) 2407005 - ET RBN Known Russian Business Network IP UDP - BLOCKING (3) (emerging-rbn-BLOCK.rules) 2407006 - ET RBN Known Russian Business Network IP TCP - BLOCKING (4) (emerging-rbn-BLOCK.rules) 2407007 - ET RBN Known Russian Business Network IP UDP - BLOCKING (4) (emerging-rbn-BLOCK.rules) 2407008 - ET RBN Known Russian Business Network IP TCP - BLOCKING (5) (emerging-rbn-BLOCK.rules) 2407009 - ET RBN Known Russian Business Network IP UDP - BLOCKING (5) (emerging-rbn-BLOCK.rules) 2407010 - ET RBN Known Russian Business Network IP TCP - BLOCKING (6) (emerging-rbn-BLOCK.rules) 2407011 - ET RBN Known Russian Business Network IP UDP - BLOCKING (6) (emerging-rbn-BLOCK.rules) 2407012 - ET RBN Known Russian Business Network IP TCP - BLOCKING (7) (emerging-rbn-BLOCK.rules) 2407013 - ET RBN Known Russian Business Network IP UDP - BLOCKING (7) (emerging-rbn-BLOCK.rules) 2407014 - ET RBN Known Russian Business Network IP TCP - BLOCKING (8) (emerging-rbn-BLOCK.rules) 2407015 - ET RBN Known Russian Business Network IP UDP - BLOCKING (8) (emerging-rbn-BLOCK.rules) 2407016 - ET RBN Known Russian Business Network IP TCP - BLOCKING (9) (emerging-rbn-BLOCK.rules) 2407017 - ET RBN Known Russian Business Network IP UDP - BLOCKING (9) (emerging-rbn-BLOCK.rules) 2407018 - ET RBN Known Russian Business Network IP TCP - BLOCKING (10) (emerging-rbn-BLOCK.rules) 2407019 - ET RBN Known Russian Business Network IP UDP - BLOCKING (10) (emerging-rbn-BLOCK.rules) 2407020 - ET RBN Known Russian Business Network IP TCP - BLOCKING (11) (emerging-rbn-BLOCK.rules) 2407021 - ET RBN Known Russian Business Network IP UDP - BLOCKING (11) (emerging-rbn-BLOCK.rules) 2407022 - ET RBN Known Russian Business Network IP TCP - BLOCKING (12) (emerging-rbn-BLOCK.rules) 2407023 - ET RBN Known Russian Business Network IP UDP - BLOCKING (12) (emerging-rbn-BLOCK.rules) 2407024 - ET RBN Known Russian Business Network IP TCP - BLOCKING (13) (emerging-rbn-BLOCK.rules) 2407025 - ET RBN Known Russian Business Network IP UDP - BLOCKING (13) (emerging-rbn-BLOCK.rules) 2407026 - ET RBN Known Russian Business Network IP TCP - BLOCKING (14) (emerging-rbn-BLOCK.rules) 2407027 - ET RBN Known Russian Business Network IP UDP - BLOCKING (14) (emerging-rbn-BLOCK.rules) 2407028 - ET RBN Known Russian Business Network IP TCP - BLOCKING (15) (emerging-rbn-BLOCK.rules) 2407029 - ET RBN Known Russian Business Network IP UDP - BLOCKING (15) (emerging-rbn-BLOCK.rules) 2407030 - ET RBN Known Russian Business Network IP TCP - BLOCKING (16) (emerging-rbn-BLOCK.rules) 2407031 - ET RBN Known Russian Business Network IP UDP - BLOCKING (16) (emerging-rbn-BLOCK.rules) 2407032 - ET RBN Known Russian Business Network IP TCP - BLOCKING (17) (emerging-rbn-BLOCK.rules) 2407033 - ET RBN Known Russian Business Network IP UDP - BLOCKING (17) (emerging-rbn-BLOCK.rules) 2407034 - ET RBN Known Russian Business Network IP TCP - BLOCKING (18) (emerging-rbn-BLOCK.rules) 2407035 - ET RBN Known Russian Business Network IP UDP - BLOCKING (18) (emerging-rbn-BLOCK.rules) 2407036 - ET RBN Known Russian Business Network IP TCP - BLOCKING (19) (emerging-rbn-BLOCK.rules) 2407037 - ET RBN Known Russian Business Network IP UDP - BLOCKING (19) (emerging-rbn-BLOCK.rules) 2407038 - ET RBN Known Russian Business Network IP TCP - BLOCKING (20) (emerging-rbn-BLOCK.rules) 2407039 - ET RBN Known Russian Business Network IP UDP - BLOCKING (20) (emerging-rbn-BLOCK.rules) 2407040 - ET RBN Known Russian Business Network IP TCP - BLOCKING (21) (emerging-rbn-BLOCK.rules) 2407041 - ET RBN Known Russian Business Network IP UDP - BLOCKING (21) (emerging-rbn-BLOCK.rules) 2407042 - ET RBN Known Russian Business Network IP TCP - BLOCKING (22) (emerging-rbn-BLOCK.rules) 2407043 - ET RBN Known Russian Business Network IP UDP - BLOCKING (22) (emerging-rbn-BLOCK.rules) 2407044 - ET RBN Known Russian Business Network IP TCP - BLOCKING (23) (emerging-rbn-BLOCK.rules) 2407045 - ET RBN Known Russian Business Network IP UDP - BLOCKING (23) (emerging-rbn-BLOCK.rules) 2407046 - ET RBN Known Russian Business Network IP TCP - BLOCKING (24) (emerging-rbn-BLOCK.rules) 2407047 - ET RBN Known Russian Business Network IP UDP - BLOCKING (24) (emerging-rbn-BLOCK.rules) 2407048 - ET RBN Known Russian Business Network IP TCP - BLOCKING (25) (emerging-rbn-BLOCK.rules) 2407049 - ET RBN Known Russian Business Network IP UDP - BLOCKING (25) (emerging-rbn-BLOCK.rules) 2407050 - ET RBN Known Russian Business Network IP TCP - BLOCKING (26) (emerging-rbn-BLOCK.rules) 2407051 - ET RBN Known Russian Business Network IP UDP - BLOCKING (26) (emerging-rbn-BLOCK.rules) 2407052 - ET RBN Known Russian Business Network IP TCP - BLOCKING (27) (emerging-rbn-BLOCK.rules) 2407053 - ET RBN Known Russian Business Network IP UDP - BLOCKING (27) (emerging-rbn-BLOCK.rules) 2407054 - ET RBN Known Russian Business Network IP TCP - BLOCKING (28) (emerging-rbn-BLOCK.rules) 2407055 - ET RBN Known Russian Business Network IP UDP - BLOCKING (28) (emerging-rbn-BLOCK.rules) 2407056 - ET RBN Known Russian Business Network IP TCP - BLOCKING (29) (emerging-rbn-BLOCK.rules) 2407057 - ET RBN Known Russian Business Network IP UDP - BLOCKING (29) (emerging-rbn-BLOCK.rules) 2407058 - ET RBN Known Russian Business Network IP TCP - BLOCKING (30) (emerging-rbn-BLOCK.rules) 2407059 - ET RBN Known Russian Business Network IP UDP - BLOCKING (30) (emerging-rbn-BLOCK.rules) 2407060 - ET RBN Known Russian Business Network IP TCP - BLOCKING (31) (emerging-rbn-BLOCK.rules) 2407061 - ET RBN Known Russian Business Network IP UDP - BLOCKING (31) (emerging-rbn-BLOCK.rules) 2407062 - ET RBN Known Russian Business Network IP TCP - BLOCKING (32) (emerging-rbn-BLOCK.rules) 2407063 - ET RBN Known Russian Business Network IP UDP - BLOCKING (32) (emerging-rbn-BLOCK.rules) 2407064 - ET RBN Known Russian Business Network IP TCP - BLOCKING (33) (emerging-rbn-BLOCK.rules) 2407065 - ET RBN Known Russian Business Network IP UDP - BLOCKING (33) (emerging-rbn-BLOCK.rules) 2407066 - ET RBN Known Russian Business Network IP TCP - BLOCKING (34) (emerging-rbn-BLOCK.rules) 2407067 - ET RBN Known Russian Business Network IP UDP - BLOCKING (34) (emerging-rbn-BLOCK.rules) 2407068 - ET RBN Known Russian Business Network IP TCP - BLOCKING (35) (emerging-rbn-BLOCK.rules) 2407069 - ET RBN Known Russian Business Network IP UDP - BLOCKING (35) (emerging-rbn-BLOCK.rules) 2407070 - ET RBN Known Russian Business Network IP TCP - BLOCKING (36) (emerging-rbn-BLOCK.rules) 2407071 - ET RBN Known Russian Business Network IP UDP - BLOCKING (36) (emerging-rbn-BLOCK.rules) 2407072 - ET RBN Known Russian Business Network IP TCP - BLOCKING (37) (emerging-rbn-BLOCK.rules) 2407073 - ET RBN Known Russian Business Network IP UDP - BLOCKING (37) (emerging-rbn-BLOCK.rules) 2407074 - ET RBN Known Russian Business Network IP TCP - BLOCKING (38) (emerging-rbn-BLOCK.rules) 2407075 - ET RBN Known Russian Business Network IP UDP - BLOCKING (38) (emerging-rbn-BLOCK.rules) 2407076 - ET RBN Known Russian Business Network IP TCP - BLOCKING (39) (emerging-rbn-BLOCK.rules) 2407077 - ET RBN Known Russian Business Network IP UDP - BLOCKING (39) (emerging-rbn-BLOCK.rules) 2407078 - ET RBN Known Russian Business Network IP TCP - BLOCKING (40) (emerging-rbn-BLOCK.rules) 2407079 - ET RBN Known Russian Business Network IP UDP - BLOCKING (40) (emerging-rbn-BLOCK.rules) 2407080 - ET RBN Known Russian Business Network IP TCP - BLOCKING (41) (emerging-rbn-BLOCK.rules) 2407081 - ET RBN Known Russian Business Network IP UDP - BLOCKING (41) (emerging-rbn-BLOCK.rules) 2407082 - ET RBN Known Russian Business Network IP TCP - BLOCKING (42) (emerging-rbn-BLOCK.rules) 2407083 - ET RBN Known Russian Business Network IP UDP - BLOCKING (42) (emerging-rbn-BLOCK.rules) 2407084 - ET RBN Known Russian Business Network IP TCP - BLOCKING (43) (emerging-rbn-BLOCK.rules) 2407085 - ET RBN Known Russian Business Network IP UDP - BLOCKING (43) (emerging-rbn-BLOCK.rules) 2407086 - ET RBN Known Russian Business Network IP TCP - BLOCKING (44) (emerging-rbn-BLOCK.rules) 2407087 - ET RBN Known Russian Business Network IP UDP - BLOCKING (44) (emerging-rbn-BLOCK.rules) 2407088 - ET RBN Known Russian Business Network IP TCP - BLOCKING (45) (emerging-rbn-BLOCK.rules) 2407089 - ET RBN Known Russian Business Network IP UDP - BLOCKING (45) (emerging-rbn-BLOCK.rules) 2407090 - ET RBN Known Russian Business Network IP TCP - BLOCKING (46) (emerging-rbn-BLOCK.rules) 2407091 - ET RBN Known Russian Business Network IP UDP - BLOCKING (46) (emerging-rbn-BLOCK.rules) 2407092 - ET RBN Known Russian Business Network IP TCP - BLOCKING (47) (emerging-rbn-BLOCK.rules) 2407093 - ET RBN Known Russian Business Network IP UDP - BLOCKING (47) (emerging-rbn-BLOCK.rules) 2407094 - ET RBN Known Russian Business Network IP TCP - BLOCKING (48) (emerging-rbn-BLOCK.rules) 2407095 - ET RBN Known Russian Business Network IP UDP - BLOCKING (48) (emerging-rbn-BLOCK.rules) 2407096 - ET RBN Known Russian Business Network IP TCP - BLOCKING (49) (emerging-rbn-BLOCK.rules) 2407097 - ET RBN Known Russian Business Network IP UDP - BLOCKING (49) (emerging-rbn-BLOCK.rules) 2407098 - ET RBN Known Russian Business Network IP TCP - BLOCKING (50) (emerging-rbn-BLOCK.rules) 2407099 - ET RBN Known Russian Business Network IP UDP - BLOCKING (50) (emerging-rbn-BLOCK.rules) 2407100 - ET RBN Known Russian Business Network IP TCP - BLOCKING (51) (emerging-rbn-BLOCK.rules) 2407101 - ET RBN Known Russian Business Network IP UDP - BLOCKING (51) (emerging-rbn-BLOCK.rules) 2407102 - ET RBN Known Russian Business Network IP TCP - BLOCKING (52) (emerging-rbn-BLOCK.rules) 2407103 - ET RBN Known Russian Business Network IP UDP - BLOCKING (52) (emerging-rbn-BLOCK.rules) 2407104 - ET RBN Known Russian Business Network IP TCP - BLOCKING (53) (emerging-rbn-BLOCK.rules) 2407105 - ET RBN Known Russian Business Network IP UDP - BLOCKING (53) (emerging-rbn-BLOCK.rules) 2407106 - ET RBN Known Russian Business Network IP TCP - BLOCKING (54) (emerging-rbn-BLOCK.rules) 2407107 - ET RBN Known Russian Business Network IP UDP - BLOCKING (54) (emerging-rbn-BLOCK.rules) 2407108 - ET RBN Known Russian Business Network IP TCP - BLOCKING (55) (emerging-rbn-BLOCK.rules) 2407109 - ET RBN Known Russian Business Network IP UDP - BLOCKING (55) (emerging-rbn-BLOCK.rules) 2407110 - ET RBN Known Russian Business Network IP TCP - BLOCKING (56) (emerging-rbn-BLOCK.rules) 2407111 - ET RBN Known Russian Business Network IP UDP - BLOCKING (56) (emerging-rbn-BLOCK.rules) 2407112 - ET RBN Known Russian Business Network IP TCP - BLOCKING (57) (emerging-rbn-BLOCK.rules) 2407113 - ET RBN Known Russian Business Network IP UDP - BLOCKING (57) (emerging-rbn-BLOCK.rules) 2407114 - ET RBN Known Russian Business Network IP TCP - BLOCKING (58) (emerging-rbn-BLOCK.rules) 2407115 - ET RBN Known Russian Business Network IP UDP - BLOCKING (58) (emerging-rbn-BLOCK.rules) 2407116 - ET RBN Known Russian Business Network IP TCP - BLOCKING (59) (emerging-rbn-BLOCK.rules) 2407117 - ET RBN Known Russian Business Network IP UDP - BLOCKING (59) (emerging-rbn-BLOCK.rules) 2407118 - ET RBN Known Russian Business Network IP TCP - BLOCKING (60) (emerging-rbn-BLOCK.rules) 2407119 - ET RBN Known Russian Business Network IP UDP - BLOCKING (60) (emerging-rbn-BLOCK.rules) 2407120 - ET RBN Known Russian Business Network IP TCP - BLOCKING (61) (emerging-rbn-BLOCK.rules) 2407121 - ET RBN Known Russian Business Network IP UDP - BLOCKING (61) (emerging-rbn-BLOCK.rules) 2407122 - ET RBN Known Russian Business Network IP TCP - BLOCKING (62) (emerging-rbn-BLOCK.rules) 2407123 - ET RBN Known Russian Business Network IP UDP - BLOCKING (62) (emerging-rbn-BLOCK.rules) 2407124 - ET RBN Known Russian Business Network IP TCP - BLOCKING (63) (emerging-rbn-BLOCK.rules) 2407125 - ET RBN Known Russian Business Network IP UDP - BLOCKING (63) (emerging-rbn-BLOCK.rules) 2407126 - ET RBN Known Russian Business Network IP TCP - BLOCKING (64) (emerging-rbn-BLOCK.rules) 2407127 - ET RBN Known Russian Business Network IP UDP - BLOCKING (64) (emerging-rbn-BLOCK.rules) 2407128 - ET RBN Known Russian Business Network IP TCP - BLOCKING (65) (emerging-rbn-BLOCK.rules) 2407129 - ET RBN Known Russian Business Network IP UDP - BLOCKING (65) (emerging-rbn-BLOCK.rules) 2407130 - ET RBN Known Russian Business Network IP TCP - BLOCKING (66) (emerging-rbn-BLOCK.rules) 2407131 - ET RBN Known Russian Business Network IP UDP - BLOCKING (66) (emerging-rbn-BLOCK.rules) 2407132 - ET RBN Known Russian Business Network IP TCP - BLOCKING (67) (emerging-rbn-BLOCK.rules) 2407133 - ET RBN Known Russian Business Network IP UDP - BLOCKING (67) (emerging-rbn-BLOCK.rules) 2407134 - ET RBN Known Russian Business Network IP TCP - BLOCKING (68) (emerging-rbn-BLOCK.rules) 2407135 - ET RBN Known Russian Business Network IP UDP - BLOCKING (68) (emerging-rbn-BLOCK.rules) 2407136 - ET RBN Known Russian Business Network IP TCP - BLOCKING (69) (emerging-rbn-BLOCK.rules) 2407137 - ET RBN Known Russian Business Network IP UDP - BLOCKING (69) (emerging-rbn-BLOCK.rules) 2407138 - ET RBN Known Russian Business Network IP TCP - BLOCKING (70) (emerging-rbn-BLOCK.rules) 2407139 - ET RBN Known Russian Business Network IP UDP - BLOCKING (70) (emerging-rbn-BLOCK.rules) 2407140 - ET RBN Known Russian Business Network IP TCP - BLOCKING (71) (emerging-rbn-BLOCK.rules) 2407141 - ET RBN Known Russian Business Network IP UDP - BLOCKING (71) (emerging-rbn-BLOCK.rules) 2407142 - ET RBN Known Russian Business Network IP TCP - BLOCKING (72) (emerging-rbn-BLOCK.rules) 2407143 - ET RBN Known Russian Business Network IP UDP - BLOCKING (72) (emerging-rbn-BLOCK.rules) 2407144 - ET RBN Known Russian Business Network IP TCP - BLOCKING (73) (emerging-rbn-BLOCK.rules) 2407145 - ET RBN Known Russian Business Network IP UDP - BLOCKING (73) (emerging-rbn-BLOCK.rules) 2407146 - ET RBN Known Russian Business Network IP TCP - BLOCKING (74) (emerging-rbn-BLOCK.rules) 2407147 - ET RBN Known Russian Business Network IP UDP - BLOCKING (74) (emerging-rbn-BLOCK.rules) 2407148 - ET RBN Known Russian Business Network IP TCP - BLOCKING (75) (emerging-rbn-BLOCK.rules) 2407149 - ET RBN Known Russian Business Network IP UDP - BLOCKING (75) (emerging-rbn-BLOCK.rules) 2407150 - ET RBN Known Russian Business Network IP TCP - BLOCKING (76) (emerging-rbn-BLOCK.rules) 2407151 - ET RBN Known Russian Business Network IP UDP - BLOCKING (76) (emerging-rbn-BLOCK.rules) 2407152 - ET RBN Known Russian Business Network IP TCP - BLOCKING (77) (emerging-rbn-BLOCK.rules) 2407153 - ET RBN Known Russian Business Network IP UDP - BLOCKING (77) (emerging-rbn-BLOCK.rules) 2407154 - ET RBN Known Russian Business Network IP TCP - BLOCKING (78) (emerging-rbn-BLOCK.rules) 2407155 - ET RBN Known Russian Business Network IP UDP - BLOCKING (78) (emerging-rbn-BLOCK.rules) 2407156 - ET RBN Known Russian Business Network IP TCP - BLOCKING (79) (emerging-rbn-BLOCK.rules) 2407157 - ET RBN Known Russian Business Network IP UDP - BLOCKING (79) (emerging-rbn-BLOCK.rules) 2407158 - ET RBN Known Russian Business Network IP TCP - BLOCKING (80) (emerging-rbn-BLOCK.rules) 2407159 - ET RBN Known Russian Business Network IP UDP - BLOCKING (80) (emerging-rbn-BLOCK.rules) 2407160 - ET RBN Known Russian Business Network IP TCP - BLOCKING (81) (emerging-rbn-BLOCK.rules) 2407161 - ET RBN Known Russian Business Network IP UDP - BLOCKING (81) (emerging-rbn-BLOCK.rules) 2407162 - ET RBN Known Russian Business Network IP TCP - BLOCKING (82) (emerging-rbn-BLOCK.rules) 2407163 - ET RBN Known Russian Business Network IP UDP - BLOCKING (82) (emerging-rbn-BLOCK.rules) 2407164 - ET RBN Known Russian Business Network IP TCP - BLOCKING (83) (emerging-rbn-BLOCK.rules) 2407165 - ET RBN Known Russian Business Network IP UDP - BLOCKING (83) (emerging-rbn-BLOCK.rules) 2407166 - ET RBN Known Russian Business Network IP TCP - BLOCKING (84) (emerging-rbn-BLOCK.rules) 2407167 - ET RBN Known Russian Business Network IP UDP - BLOCKING (84) (emerging-rbn-BLOCK.rules) 2407168 - ET RBN Known Russian Business Network IP TCP - BLOCKING (85) (emerging-rbn-BLOCK.rules) 2407169 - ET RBN Known Russian Business Network IP UDP - BLOCKING (85) (emerging-rbn-BLOCK.rules) 2407170 - ET RBN Known Russian Business Network IP TCP - BLOCKING (86) (emerging-rbn-BLOCK.rules) 2407171 - ET RBN Known Russian Business Network IP UDP - BLOCKING (86) (emerging-rbn-BLOCK.rules) 2407172 - ET RBN Known Russian Business Network IP TCP - BLOCKING (87) (emerging-rbn-BLOCK.rules) 2407173 - ET RBN Known Russian Business Network IP UDP - BLOCKING (87) (emerging-rbn-BLOCK.rules) 2407174 - ET RBN Known Russian Business Network IP TCP - BLOCKING (88) (emerging-rbn-BLOCK.rules) 2407175 - ET RBN Known Russian Business Network IP UDP - BLOCKING (88) (emerging-rbn-BLOCK.rules) 2407176 - ET RBN Known Russian Business Network IP TCP - BLOCKING (89) (emerging-rbn-BLOCK.rules) 2407177 - ET RBN Known Russian Business Network IP UDP - BLOCKING (89) (emerging-rbn-BLOCK.rules) 2407178 - ET RBN Known Russian Business Network IP TCP - BLOCKING (90) (emerging-rbn-BLOCK.rules) 2407179 - ET RBN Known Russian Business Network IP UDP - BLOCKING (90) (emerging-rbn-BLOCK.rules) 2407180 - ET RBN Known Russian Business Network IP TCP - BLOCKING (91) (emerging-rbn-BLOCK.rules) 2407181 - ET RBN Known Russian Business Network IP UDP - BLOCKING (91) (emerging-rbn-BLOCK.rules) 2407182 - ET RBN Known Russian Business Network IP TCP - BLOCKING (92) (emerging-rbn-BLOCK.rules) 2407183 - ET RBN Known Russian Business Network IP UDP - BLOCKING (92) (emerging-rbn-BLOCK.rules) 2407184 - ET RBN Known Russian Business Network IP TCP - BLOCKING (93) (emerging-rbn-BLOCK.rules) 2407185 - ET RBN Known Russian Business Network IP UDP - BLOCKING (93) (emerging-rbn-BLOCK.rules) 2407186 - ET RBN Known Russian Business Network IP TCP - BLOCKING (94) (emerging-rbn-BLOCK.rules) 2407187 - ET RBN Known Russian Business Network IP UDP - BLOCKING (94) (emerging-rbn-BLOCK.rules) 2407188 - ET RBN Known Russian Business Network IP TCP - BLOCKING (95) (emerging-rbn-BLOCK.rules) 2407189 - ET RBN Known Russian Business Network IP UDP - BLOCKING (95) (emerging-rbn-BLOCK.rules) 2407190 - ET RBN Known Russian Business Network IP TCP - BLOCKING (96) (emerging-rbn-BLOCK.rules) 2407191 - ET RBN Known Russian Business Network IP UDP - BLOCKING (96) (emerging-rbn-BLOCK.rules) 2407192 - ET RBN Known Russian Business Network IP TCP - BLOCKING (97) (emerging-rbn-BLOCK.rules) 2407193 - ET RBN Known Russian Business Network IP UDP - BLOCKING (97) (emerging-rbn-BLOCK.rules) 2407194 - ET RBN Known Russian Business Network IP TCP - BLOCKING (98) (emerging-rbn-BLOCK.rules) 2407195 - ET RBN Known Russian Business Network IP UDP - BLOCKING (98) (emerging-rbn-BLOCK.rules) 2407196 - ET RBN Known Russian Business Network IP TCP - BLOCKING (99) (emerging-rbn-BLOCK.rules) 2407197 - ET RBN Known Russian Business Network IP UDP - BLOCKING (99) (emerging-rbn-BLOCK.rules) 2407198 - ET RBN Known Russian Business Network IP TCP - BLOCKING (100) (emerging-rbn-BLOCK.rules) 2407199 - ET RBN Known Russian Business Network IP UDP - BLOCKING (100) (emerging-rbn-BLOCK.rules) 2407200 - ET RBN Known Russian Business Network IP TCP - BLOCKING (101) (emerging-rbn-BLOCK.rules) 2407201 - ET RBN Known Russian Business Network IP UDP - BLOCKING (101) (emerging-rbn-BLOCK.rules) 2407202 - ET RBN Known Russian Business Network IP TCP - BLOCKING (102) (emerging-rbn-BLOCK.rules) 2407203 - ET RBN Known Russian Business Network IP UDP - BLOCKING (102) (emerging-rbn-BLOCK.rules) 2407204 - ET RBN Known Russian Business Network IP TCP - BLOCKING (103) (emerging-rbn-BLOCK.rules) 2407205 - ET RBN Known Russian Business Network IP UDP - BLOCKING (103) (emerging-rbn-BLOCK.rules) 2407206 - ET RBN Known Russian Business Network IP TCP - BLOCKING (104) (emerging-rbn-BLOCK.rules) 2407207 - ET RBN Known Russian Business Network IP UDP - BLOCKING (104) (emerging-rbn-BLOCK.rules) 2407208 - ET RBN Known Russian Business Network IP TCP - BLOCKING (105) (emerging-rbn-BLOCK.rules) 2407209 - ET RBN Known Russian Business Network IP UDP - BLOCKING (105) (emerging-rbn-BLOCK.rules) 2407210 - ET RBN Known Russian Business Network IP TCP - BLOCKING (106) (emerging-rbn-BLOCK.rules) 2407211 - ET RBN Known Russian Business Network IP UDP - BLOCKING (106) (emerging-rbn-BLOCK.rules) 2407212 - ET RBN Known Russian Business Network IP TCP - BLOCKING (107) (emerging-rbn-BLOCK.rules) 2407213 - ET RBN Known Russian Business Network IP UDP - BLOCKING (107) (emerging-rbn-BLOCK.rules) 2407214 - ET RBN Known Russian Business Network IP TCP - BLOCKING (108) (emerging-rbn-BLOCK.rules) 2407215 - ET RBN Known Russian Business Network IP UDP - BLOCKING (108) (emerging-rbn-BLOCK.rules) 2407216 - ET RBN Known Russian Business Network IP TCP - BLOCKING (109) (emerging-rbn-BLOCK.rules) 2407217 - ET RBN Known Russian Business Network IP UDP - BLOCKING (109) (emerging-rbn-BLOCK.rules) 2407218 - ET RBN Known Russian Business Network IP TCP - BLOCKING (110) (emerging-rbn-BLOCK.rules) 2407219 - ET RBN Known Russian Business Network IP UDP - BLOCKING (110) (emerging-rbn-BLOCK.rules) 2407220 - ET RBN Known Russian Business Network IP TCP - BLOCKING (111) (emerging-rbn-BLOCK.rules) 2407221 - ET RBN Known Russian Business Network IP UDP - BLOCKING (111) (emerging-rbn-BLOCK.rules) 2407222 - ET RBN Known Russian Business Network IP TCP - BLOCKING (112) (emerging-rbn-BLOCK.rules) 2407223 - ET RBN Known Russian Business Network IP UDP - BLOCKING (112) (emerging-rbn-BLOCK.rules) 2407224 - ET RBN Known Russian Business Network IP TCP - BLOCKING (113) (emerging-rbn-BLOCK.rules) 2407225 - ET RBN Known Russian Business Network IP UDP - BLOCKING (113) (emerging-rbn-BLOCK.rules) 2407226 - ET RBN Known Russian Business Network IP TCP - BLOCKING (114) (emerging-rbn-BLOCK.rules) 2407227 - ET RBN Known Russian Business Network IP UDP - BLOCKING (114) (emerging-rbn-BLOCK.rules) 2407228 - ET RBN Known Russian Business Network IP TCP - BLOCKING (115) (emerging-rbn-BLOCK.rules) 2407229 - ET RBN Known Russian Business Network IP UDP - BLOCKING (115) (emerging-rbn-BLOCK.rules) 2407230 - ET RBN Known Russian Business Network IP TCP - BLOCKING (116) (emerging-rbn-BLOCK.rules) 2407231 - ET RBN Known Russian Business Network IP UDP - BLOCKING (116) (emerging-rbn-BLOCK.rules) 2407232 - ET RBN Known Russian Business Network IP TCP - BLOCKING (117) (emerging-rbn-BLOCK.rules) 2407233 - ET RBN Known Russian Business Network IP UDP - BLOCKING (117) (emerging-rbn-BLOCK.rules) 2407234 - ET RBN Known Russian Business Network IP TCP - BLOCKING (118) (emerging-rbn-BLOCK.rules) 2407235 - ET RBN Known Russian Business Network IP UDP - BLOCKING (118) (emerging-rbn-BLOCK.rules) 2407236 - ET RBN Known Russian Business Network IP TCP - BLOCKING (119) (emerging-rbn-BLOCK.rules) 2407237 - ET RBN Known Russian Business Network IP UDP - BLOCKING (119) (emerging-rbn-BLOCK.rules) 2407238 - ET RBN Known Russian Business Network IP TCP - BLOCKING (120) (emerging-rbn-BLOCK.rules) 2407239 - ET RBN Known Russian Business Network IP UDP - BLOCKING (120) (emerging-rbn-BLOCK.rules) 2407240 - ET RBN Known Russian Business Network IP TCP - BLOCKING (121) (emerging-rbn-BLOCK.rules) 2407241 - ET RBN Known Russian Business Network IP UDP - BLOCKING (121) (emerging-rbn-BLOCK.rules) 2407242 - ET RBN Known Russian Business Network IP TCP - BLOCKING (122) (emerging-rbn-BLOCK.rules) 2407243 - ET RBN Known Russian Business Network IP UDP - BLOCKING (122) (emerging-rbn-BLOCK.rules) 2407244 - ET RBN Known Russian Business Network IP TCP - BLOCKING (123) (emerging-rbn-BLOCK.rules) 2407245 - ET RBN Known Russian Business Network IP UDP - BLOCKING (123) (emerging-rbn-BLOCK.rules) 2407246 - ET RBN Known Russian Business Network IP TCP - BLOCKING (124) (emerging-rbn-BLOCK.rules) 2407247 - ET RBN Known Russian Business Network IP UDP - BLOCKING (124) (emerging-rbn-BLOCK.rules) 2407248 - ET RBN Known Russian Business Network IP TCP - BLOCKING (125) (emerging-rbn-BLOCK.rules) 2407249 - ET RBN Known Russian Business Network IP UDP - BLOCKING (125) (emerging-rbn-BLOCK.rules) 2407250 - ET RBN Known Russian Business Network IP TCP - BLOCKING (126) (emerging-rbn-BLOCK.rules) 2407251 - ET RBN Known Russian Business Network IP UDP - BLOCKING (126) (emerging-rbn-BLOCK.rules) 2407252 - ET RBN Known Russian Business Network IP TCP - BLOCKING (127) (emerging-rbn-BLOCK.rules) 2407253 - ET RBN Known Russian Business Network IP UDP - BLOCKING (127) (emerging-rbn-BLOCK.rules) 2407254 - ET RBN Known Russian Business Network IP TCP - BLOCKING (128) (emerging-rbn-BLOCK.rules) 2407255 - ET RBN Known Russian Business Network IP UDP - BLOCKING (128) (emerging-rbn-BLOCK.rules) 2407256 - ET RBN Known Russian Business Network IP TCP - BLOCKING (129) (emerging-rbn-BLOCK.rules) 2407257 - ET RBN Known Russian Business Network IP UDP - BLOCKING (129) (emerging-rbn-BLOCK.rules) 2407258 - ET RBN Known Russian Business Network IP TCP - BLOCKING (130) (emerging-rbn-BLOCK.rules) 2407259 - ET RBN Known Russian Business Network IP UDP - BLOCKING (130) (emerging-rbn-BLOCK.rules) 2407260 - ET RBN Known Russian Business Network IP TCP - BLOCKING (131) (emerging-rbn-BLOCK.rules) 2407261 - ET RBN Known Russian Business Network IP UDP - BLOCKING (131) (emerging-rbn-BLOCK.rules) 2407262 - ET RBN Known Russian Business Network IP TCP - BLOCKING (132) (emerging-rbn-BLOCK.rules) 2407263 - ET RBN Known Russian Business Network IP UDP - BLOCKING (132) (emerging-rbn-BLOCK.rules) 2407264 - ET RBN Known Russian Business Network IP TCP - BLOCKING (133) (emerging-rbn-BLOCK.rules) 2407265 - ET RBN Known Russian Business Network IP UDP - BLOCKING (133) (emerging-rbn-BLOCK.rules) 2407266 - ET RBN Known Russian Business Network IP TCP - BLOCKING (134) (emerging-rbn-BLOCK.rules) 2407267 - ET RBN Known Russian Business Network IP UDP - BLOCKING (134) (emerging-rbn-BLOCK.rules) 2407268 - ET RBN Known Russian Business Network IP TCP - BLOCKING (135) (emerging-rbn-BLOCK.rules) 2407269 - ET RBN Known Russian Business Network IP UDP - BLOCKING (135) (emerging-rbn-BLOCK.rules) 2407270 - ET RBN Known Russian Business Network IP TCP - BLOCKING (136) (emerging-rbn-BLOCK.rules) 2407271 - ET RBN Known Russian Business Network IP UDP - BLOCKING (136) (emerging-rbn-BLOCK.rules) 2407272 - ET RBN Known Russian Business Network IP TCP - BLOCKING (137) (emerging-rbn-BLOCK.rules) 2407273 - ET RBN Known Russian Business Network IP UDP - BLOCKING (137) (emerging-rbn-BLOCK.rules) 2407274 - ET RBN Known Russian Business Network IP TCP - BLOCKING (138) (emerging-rbn-BLOCK.rules) 2407275 - ET RBN Known Russian Business Network IP UDP - BLOCKING (138) (emerging-rbn-BLOCK.rules) 2407276 - ET RBN Known Russian Business Network IP TCP - BLOCKING (139) (emerging-rbn-BLOCK.rules) 2407277 - ET RBN Known Russian Business Network IP UDP - BLOCKING (139) (emerging-rbn-BLOCK.rules) 2407278 - ET RBN Known Russian Business Network IP TCP - BLOCKING (140) (emerging-rbn-BLOCK.rules) 2407279 - ET RBN Known Russian Business Network IP UDP - BLOCKING (140) (emerging-rbn-BLOCK.rules) 2407280 - ET RBN Known Russian Business Network IP TCP - BLOCKING (141) (emerging-rbn-BLOCK.rules) 2407281 - ET RBN Known Russian Business Network IP UDP - BLOCKING (141) (emerging-rbn-BLOCK.rules) 2407282 - ET RBN Known Russian Business Network IP TCP - BLOCKING (142) (emerging-rbn-BLOCK.rules) 2407283 - ET RBN Known Russian Business Network IP UDP - BLOCKING (142) (emerging-rbn-BLOCK.rules) 2407284 - ET RBN Known Russian Business Network IP TCP - BLOCKING (143) (emerging-rbn-BLOCK.rules) 2407285 - ET RBN Known Russian Business Network IP UDP - BLOCKING (143) (emerging-rbn-BLOCK.rules) 2407286 - ET RBN Known Russian Business Network IP TCP - BLOCKING (144) (emerging-rbn-BLOCK.rules) 2407287 - ET RBN Known Russian Business Network IP UDP - BLOCKING (144) (emerging-rbn-BLOCK.rules) 2407288 - ET RBN Known Russian Business Network IP TCP - BLOCKING (145) (emerging-rbn-BLOCK.rules) 2407289 - ET RBN Known Russian Business Network IP UDP - BLOCKING (145) (emerging-rbn-BLOCK.rules) 2407290 - ET RBN Known Russian Business Network IP TCP - BLOCKING (146) (emerging-rbn-BLOCK.rules) 2407291 - ET RBN Known Russian Business Network IP UDP - BLOCKING (146) (emerging-rbn-BLOCK.rules) 2407292 - ET RBN Known Russian Business Network IP TCP - BLOCKING (147) (emerging-rbn-BLOCK.rules) 2407293 - ET RBN Known Russian Business Network IP UDP - BLOCKING (147) (emerging-rbn-BLOCK.rules) 2407294 - ET RBN Known Russian Business Network IP TCP - BLOCKING (148) (emerging-rbn-BLOCK.rules) 2407295 - ET RBN Known Russian Business Network IP UDP - BLOCKING (148) (emerging-rbn-BLOCK.rules) 2407296 - ET RBN Known Russian Business Network IP TCP - BLOCKING (149) (emerging-rbn-BLOCK.rules) 2407297 - ET RBN Known Russian Business Network IP UDP - BLOCKING (149) (emerging-rbn-BLOCK.rules) 2407298 - ET RBN Known Russian Business Network IP TCP - BLOCKING (150) (emerging-rbn-BLOCK.rules) 2407299 - ET RBN Known Russian Business Network IP UDP - BLOCKING (150) (emerging-rbn-BLOCK.rules) 2407300 - ET RBN Known Russian Business Network IP TCP - BLOCKING (151) (emerging-rbn-BLOCK.rules) 2407301 - ET RBN Known Russian Business Network IP UDP - BLOCKING (151) (emerging-rbn-BLOCK.rules) 2407302 - ET RBN Known Russian Business Network IP TCP - BLOCKING (152) (emerging-rbn-BLOCK.rules) 2407303 - ET RBN Known Russian Business Network IP UDP - BLOCKING (152) (emerging-rbn-BLOCK.rules) 2407304 - ET RBN Known Russian Business Network IP TCP - BLOCKING (153) (emerging-rbn-BLOCK.rules) 2407305 - ET RBN Known Russian Business Network IP UDP - BLOCKING (153) (emerging-rbn-BLOCK.rules) 2407306 - ET RBN Known Russian Business Network IP TCP - BLOCKING (154) (emerging-rbn-BLOCK.rules) 2407307 - ET RBN Known Russian Business Network IP UDP - BLOCKING (154) (emerging-rbn-BLOCK.rules) 2407308 - ET RBN Known Russian Business Network IP TCP - BLOCKING (155) (emerging-rbn-BLOCK.rules) 2407309 - ET RBN Known Russian Business Network IP UDP - BLOCKING (155) (emerging-rbn-BLOCK.rules) 2407310 - ET RBN Known Russian Business Network IP TCP - BLOCKING (156) (emerging-rbn-BLOCK.rules) 2407311 - ET RBN Known Russian Business Network IP UDP - BLOCKING (156) (emerging-rbn-BLOCK.rules) 2407312 - ET RBN Known Russian Business Network IP TCP - BLOCKING (157) (emerging-rbn-BLOCK.rules) 2407313 - ET RBN Known Russian Business Network IP UDP - BLOCKING (157) (emerging-rbn-BLOCK.rules) 2407314 - ET RBN Known Russian Business Network IP TCP - BLOCKING (158) (emerging-rbn-BLOCK.rules) 2407315 - ET RBN Known Russian Business Network IP UDP - BLOCKING (158) (emerging-rbn-BLOCK.rules) 2407316 - ET RBN Known Russian Business Network IP TCP - BLOCKING (159) (emerging-rbn-BLOCK.rules) 2407317 - ET RBN Known Russian Business Network IP UDP - BLOCKING (159) (emerging-rbn-BLOCK.rules) 2407318 - ET RBN Known Russian Business Network IP TCP - BLOCKING (160) (emerging-rbn-BLOCK.rules) 2407319 - ET RBN Known Russian Business Network IP UDP - BLOCKING (160) (emerging-rbn-BLOCK.rules) 2407320 - ET RBN Known Russian Business Network IP TCP - BLOCKING (161) (emerging-rbn-BLOCK.rules) 2407321 - ET RBN Known Russian Business Network IP UDP - BLOCKING (161) (emerging-rbn-BLOCK.rules) 2407322 - ET RBN Known Russian Business Network IP TCP - BLOCKING (162) (emerging-rbn-BLOCK.rules) 2407323 - ET RBN Known Russian Business Network IP UDP - BLOCKING (162) (emerging-rbn-BLOCK.rules) 2407324 - ET RBN Known Russian Business Network IP TCP - BLOCKING (163) (emerging-rbn-BLOCK.rules) 2407325 - ET RBN Known Russian Business Network IP UDP - BLOCKING (163) (emerging-rbn-BLOCK.rules) 2407326 - ET RBN Known Russian Business Network IP TCP - BLOCKING (164) (emerging-rbn-BLOCK.rules) 2407327 - ET RBN Known Russian Business Network IP UDP - BLOCKING (164) (emerging-rbn-BLOCK.rules) 2407328 - ET RBN Known Russian Business Network IP TCP - BLOCKING (165) (emerging-rbn-BLOCK.rules) 2407329 - ET RBN Known Russian Business Network IP UDP - BLOCKING (165) (emerging-rbn-BLOCK.rules) 2407330 - ET RBN Known Russian Business Network IP TCP - BLOCKING (166) (emerging-rbn-BLOCK.rules) 2407331 - ET RBN Known Russian Business Network IP UDP - BLOCKING (166) (emerging-rbn-BLOCK.rules) 2407332 - ET RBN Known Russian Business Network IP TCP - BLOCKING (167) (emerging-rbn-BLOCK.rules) 2407333 - ET RBN Known Russian Business Network IP UDP - BLOCKING (167) (emerging-rbn-BLOCK.rules) 2407334 - ET RBN Known Russian Business Network IP TCP - BLOCKING (168) (emerging-rbn-BLOCK.rules) 2407335 - ET RBN Known Russian Business Network IP UDP - BLOCKING (168) (emerging-rbn-BLOCK.rules) 2407336 - ET RBN Known Russian Business Network IP TCP - BLOCKING (169) (emerging-rbn-BLOCK.rules) 2407337 - ET RBN Known Russian Business Network IP UDP - BLOCKING (169) (emerging-rbn-BLOCK.rules) 2407338 - ET RBN Known Russian Business Network IP TCP - BLOCKING (170) (emerging-rbn-BLOCK.rules) 2407339 - ET RBN Known Russian Business Network IP UDP - BLOCKING (170) (emerging-rbn-BLOCK.rules) 2407340 - ET RBN Known Russian Business Network IP TCP - BLOCKING (171) (emerging-rbn-BLOCK.rules) 2407341 - ET RBN Known Russian Business Network IP UDP - BLOCKING (171) (emerging-rbn-BLOCK.rules) 2407342 - ET RBN Known Russian Business Network IP TCP - BLOCKING (172) (emerging-rbn-BLOCK.rules) 2407343 - ET RBN Known Russian Business Network IP UDP - BLOCKING (172) (emerging-rbn-BLOCK.rules) 2407344 - ET RBN Known Russian Business Network IP TCP - BLOCKING (173) (emerging-rbn-BLOCK.rules) 2407345 - ET RBN Known Russian Business Network IP UDP - BLOCKING (173) (emerging-rbn-BLOCK.rules) 2407346 - ET RBN Known Russian Business Network IP TCP - BLOCKING (174) (emerging-rbn-BLOCK.rules) 2407347 - ET RBN Known Russian Business Network IP UDP - BLOCKING (174) (emerging-rbn-BLOCK.rules) 2407348 - ET RBN Known Russian Business Network IP TCP - BLOCKING (175) (emerging-rbn-BLOCK.rules) 2407349 - ET RBN Known Russian Business Network IP UDP - BLOCKING (175) (emerging-rbn-BLOCK.rules) 2407350 - ET RBN Known Russian Business Network IP TCP - BLOCKING (176) (emerging-rbn-BLOCK.rules) 2407351 - ET RBN Known Russian Business Network IP UDP - BLOCKING (176) (emerging-rbn-BLOCK.rules) 2407352 - ET RBN Known Russian Business Network IP TCP - BLOCKING (177) (emerging-rbn-BLOCK.rules) 2407353 - ET RBN Known Russian Business Network IP UDP - BLOCKING (177) (emerging-rbn-BLOCK.rules) 2407354 - ET RBN Known Russian Business Network IP TCP - BLOCKING (178) (emerging-rbn-BLOCK.rules) 2407355 - ET RBN Known Russian Business Network IP UDP - BLOCKING (178) (emerging-rbn-BLOCK.rules) 2407356 - ET RBN Known Russian Business Network IP TCP - BLOCKING (179) (emerging-rbn-BLOCK.rules) 2407357 - ET RBN Known Russian Business Network IP UDP - BLOCKING (179) (emerging-rbn-BLOCK.rules) 2407358 - ET RBN Known Russian Business Network IP TCP - BLOCKING (180) (emerging-rbn-BLOCK.rules) 2407359 - ET RBN Known Russian Business Network IP UDP - BLOCKING (180) (emerging-rbn-BLOCK.rules) 2407360 - ET RBN Known Russian Business Network IP TCP - BLOCKING (181) (emerging-rbn-BLOCK.rules) 2407361 - ET RBN Known Russian Business Network IP UDP - BLOCKING (181) (emerging-rbn-BLOCK.rules) 2407362 - ET RBN Known Russian Business Network IP TCP - BLOCKING (182) (emerging-rbn-BLOCK.rules) 2407363 - ET RBN Known Russian Business Network IP UDP - BLOCKING (182) (emerging-rbn-BLOCK.rules) 2407364 - ET RBN Known Russian Business Network IP TCP - BLOCKING (183) (emerging-rbn-BLOCK.rules) 2407365 - ET RBN Known Russian Business Network IP UDP - BLOCKING (183) (emerging-rbn-BLOCK.rules) 2407366 - ET RBN Known Russian Business Network IP TCP - BLOCKING (184) (emerging-rbn-BLOCK.rules) 2407367 - ET RBN Known Russian Business Network IP UDP - BLOCKING (184) (emerging-rbn-BLOCK.rules) 2407368 - ET RBN Known Russian Business Network IP TCP - BLOCKING (185) (emerging-rbn-BLOCK.rules) 2407369 - ET RBN Known Russian Business Network IP UDP - BLOCKING (185) (emerging-rbn-BLOCK.rules) 2407370 - ET RBN Known Russian Business Network IP TCP - BLOCKING (186) (emerging-rbn-BLOCK.rules) 2407371 - ET RBN Known Russian Business Network IP UDP - BLOCKING (186) (emerging-rbn-BLOCK.rules) 2407372 - ET RBN Known Russian Business Network IP TCP - BLOCKING (187) (emerging-rbn-BLOCK.rules) 2407373 - ET RBN Known Russian Business Network IP UDP - BLOCKING (187) (emerging-rbn-BLOCK.rules) 2407374 - ET RBN Known Russian Business Network IP TCP - BLOCKING (188) (emerging-rbn-BLOCK.rules) 2407375 - ET RBN Known Russian Business Network IP UDP - BLOCKING (188) (emerging-rbn-BLOCK.rules) 2407376 - ET RBN Known Russian Business Network IP TCP - BLOCKING (189) (emerging-rbn-BLOCK.rules) 2407377 - ET RBN Known Russian Business Network IP UDP - BLOCKING (189) (emerging-rbn-BLOCK.rules) 2407378 - ET RBN Known Russian Business Network IP TCP - BLOCKING (190) (emerging-rbn-BLOCK.rules) 2407379 - ET RBN Known Russian Business Network IP UDP - BLOCKING (190) (emerging-rbn-BLOCK.rules) 2407380 - ET RBN Known Russian Business Network IP TCP - BLOCKING (191) (emerging-rbn-BLOCK.rules) 2407381 - ET RBN Known Russian Business Network IP UDP - BLOCKING (191) (emerging-rbn-BLOCK.rules) 2407382 - ET RBN Known Russian Business Network IP TCP - BLOCKING (192) (emerging-rbn-BLOCK.rules) 2407383 - ET RBN Known Russian Business Network IP UDP - BLOCKING (192) (emerging-rbn-BLOCK.rules) 2407384 - ET RBN Known Russian Business Network IP TCP - BLOCKING (193) (emerging-rbn-BLOCK.rules) 2407385 - ET RBN Known Russian Business Network IP UDP - BLOCKING (193) (emerging-rbn-BLOCK.rules) 2407386 - ET RBN Known Russian Business Network IP TCP - BLOCKING (194) (emerging-rbn-BLOCK.rules) 2407387 - ET RBN Known Russian Business Network IP UDP - BLOCKING (194) (emerging-rbn-BLOCK.rules) 2407388 - ET RBN Known Russian Business Network IP TCP - BLOCKING (195) (emerging-rbn-BLOCK.rules) 2407389 - ET RBN Known Russian Business Network IP UDP - BLOCKING (195) (emerging-rbn-BLOCK.rules) 2407390 - ET RBN Known Russian Business Network IP TCP - BLOCKING (196) (emerging-rbn-BLOCK.rules) 2407391 - ET RBN Known Russian Business Network IP UDP - BLOCKING (196) (emerging-rbn-BLOCK.rules) 2407392 - ET RBN Known Russian Business Network IP TCP - BLOCKING (197) (emerging-rbn-BLOCK.rules) 2407393 - ET RBN Known Russian Business Network IP UDP - BLOCKING (197) (emerging-rbn-BLOCK.rules) 2407394 - ET RBN Known Russian Business Network IP TCP - BLOCKING (198) (emerging-rbn-BLOCK.rules) 2407395 - ET RBN Known Russian Business Network IP UDP - BLOCKING (198) (emerging-rbn-BLOCK.rules) 2407396 - ET RBN Known Russian Business Network IP TCP - BLOCKING (199) (emerging-rbn-BLOCK.rules) 2407397 - ET RBN Known Russian Business Network IP UDP - BLOCKING (199) (emerging-rbn-BLOCK.rules) 2407398 - ET RBN Known Russian Business Network IP TCP - BLOCKING (200) (emerging-rbn-BLOCK.rules) 2407399 - ET RBN Known Russian Business Network IP UDP - BLOCKING (200) (emerging-rbn-BLOCK.rules) 2407400 - ET RBN Known Russian Business Network IP TCP - BLOCKING (201) (emerging-rbn-BLOCK.rules) 2407401 - ET RBN Known Russian Business Network IP UDP - BLOCKING (201) (emerging-rbn-BLOCK.rules) 2407402 - ET RBN Known Russian Business Network IP TCP - BLOCKING (202) (emerging-rbn-BLOCK.rules) 2407403 - ET RBN Known Russian Business Network IP UDP - BLOCKING (202) (emerging-rbn-BLOCK.rules) 2407404 - ET RBN Known Russian Business Network IP TCP - BLOCKING (203) (emerging-rbn-BLOCK.rules) 2407405 - ET RBN Known Russian Business Network IP UDP - BLOCKING (203) (emerging-rbn-BLOCK.rules) 2407406 - ET RBN Known Russian Business Network IP TCP - BLOCKING (204) (emerging-rbn-BLOCK.rules) 2407407 - ET RBN Known Russian Business Network IP UDP - BLOCKING (204) (emerging-rbn-BLOCK.rules) 2407408 - ET RBN Known Russian Business Network IP TCP - BLOCKING (205) (emerging-rbn-BLOCK.rules) 2407409 - ET RBN Known Russian Business Network IP UDP - BLOCKING (205) (emerging-rbn-BLOCK.rules) 2407410 - ET RBN Known Russian Business Network IP TCP - BLOCKING (206) (emerging-rbn-BLOCK.rules) 2407411 - ET RBN Known Russian Business Network IP UDP - BLOCKING (206) (emerging-rbn-BLOCK.rules) 2407412 - ET RBN Known Russian Business Network IP TCP - BLOCKING (207) (emerging-rbn-BLOCK.rules) 2407413 - ET RBN Known Russian Business Network IP UDP - BLOCKING (207) (emerging-rbn-BLOCK.rules) 2407414 - ET RBN Known Russian Business Network IP TCP - BLOCKING (208) (emerging-rbn-BLOCK.rules) 2407415 - ET RBN Known Russian Business Network IP UDP - BLOCKING (208) (emerging-rbn-BLOCK.rules) 2407416 - ET RBN Known Russian Business Network IP TCP - BLOCKING (209) (emerging-rbn-BLOCK.rules) 2407417 - ET RBN Known Russian Business Network IP UDP - BLOCKING (209) (emerging-rbn-BLOCK.rules) 2407418 - ET RBN Known Russian Business Network IP TCP - BLOCKING (210) (emerging-rbn-BLOCK.rules) 2407419 - ET RBN Known Russian Business Network IP UDP - BLOCKING (210) (emerging-rbn-BLOCK.rules) 2407420 - ET RBN Known Russian Business Network IP TCP - BLOCKING (211) (emerging-rbn-BLOCK.rules) 2407421 - ET RBN Known Russian Business Network IP UDP - BLOCKING (211) (emerging-rbn-BLOCK.rules) 2407422 - ET RBN Known Russian Business Network IP TCP - BLOCKING (212) (emerging-rbn-BLOCK.rules) 2407423 - ET RBN Known Russian Business Network IP UDP - BLOCKING (212) (emerging-rbn-BLOCK.rules) 2407424 - ET RBN Known Russian Business Network IP TCP - BLOCKING (213) (emerging-rbn-BLOCK.rules) 2407425 - ET RBN Known Russian Business Network IP UDP - BLOCKING (213) (emerging-rbn-BLOCK.rules) 2407426 - ET RBN Known Russian Business Network IP TCP - BLOCKING (214) (emerging-rbn-BLOCK.rules) 2407427 - ET RBN Known Russian Business Network IP UDP - BLOCKING (214) (emerging-rbn-BLOCK.rules) 2407428 - ET RBN Known Russian Business Network IP TCP - BLOCKING (215) (emerging-rbn-BLOCK.rules) 2407429 - ET RBN Known Russian Business Network IP UDP - BLOCKING (215) (emerging-rbn-BLOCK.rules) 2407430 - ET RBN Known Russian Business Network IP TCP - BLOCKING (216) (emerging-rbn-BLOCK.rules) 2407431 - ET RBN Known Russian Business Network IP UDP - BLOCKING (216) (emerging-rbn-BLOCK.rules) 2407432 - ET RBN Known Russian Business Network IP TCP - BLOCKING (217) (emerging-rbn-BLOCK.rules) 2407433 - ET RBN Known Russian Business Network IP UDP - BLOCKING (217) (emerging-rbn-BLOCK.rules) 2407434 - ET RBN Known Russian Business Network IP TCP - BLOCKING (218) (emerging-rbn-BLOCK.rules) 2407435 - ET RBN Known Russian Business Network IP UDP - BLOCKING (218) (emerging-rbn-BLOCK.rules) 2407436 - ET RBN Known Russian Business Network IP TCP - BLOCKING (219) (emerging-rbn-BLOCK.rules) 2407437 - ET RBN Known Russian Business Network IP UDP - BLOCKING (219) (emerging-rbn-BLOCK.rules) 2407438 - ET RBN Known Russian Business Network IP TCP - BLOCKING (220) (emerging-rbn-BLOCK.rules) 2407439 - ET RBN Known Russian Business Network IP UDP - BLOCKING (220) (emerging-rbn-BLOCK.rules) 2407440 - ET RBN Known Russian Business Network IP TCP - BLOCKING (221) (emerging-rbn-BLOCK.rules) 2407441 - ET RBN Known Russian Business Network IP UDP - BLOCKING (221) (emerging-rbn-BLOCK.rules) 2407442 - ET RBN Known Russian Business Network IP TCP - BLOCKING (222) (emerging-rbn-BLOCK.rules) 2407443 - ET RBN Known Russian Business Network IP UDP - BLOCKING (222) (emerging-rbn-BLOCK.rules) 2407444 - ET RBN Known Russian Business Network IP TCP - BLOCKING (223) (emerging-rbn-BLOCK.rules) 2407445 - ET RBN Known Russian Business Network IP UDP - BLOCKING (223) (emerging-rbn-BLOCK.rules) 2407446 - ET RBN Known Russian Business Network IP TCP - BLOCKING (224) (emerging-rbn-BLOCK.rules) 2407447 - ET RBN Known Russian Business Network IP UDP - BLOCKING (224) (emerging-rbn-BLOCK.rules) 2407448 - ET RBN Known Russian Business Network IP TCP - BLOCKING (225) (emerging-rbn-BLOCK.rules) 2407449 - ET RBN Known Russian Business Network IP UDP - BLOCKING (225) (emerging-rbn-BLOCK.rules) 2407450 - ET RBN Known Russian Business Network IP TCP - BLOCKING (226) (emerging-rbn-BLOCK.rules) 2407451 - ET RBN Known Russian Business Network IP UDP - BLOCKING (226) (emerging-rbn-BLOCK.rules) 2407452 - ET RBN Known Russian Business Network IP TCP - BLOCKING (227) (emerging-rbn-BLOCK.rules) 2407453 - ET RBN Known Russian Business Network IP UDP - BLOCKING (227) (emerging-rbn-BLOCK.rules) 2407454 - ET RBN Known Russian Business Network IP TCP - BLOCKING (228) (emerging-rbn-BLOCK.rules) 2407455 - ET RBN Known Russian Business Network IP UDP - BLOCKING (228) (emerging-rbn-BLOCK.rules) 2407456 - ET RBN Known Russian Business Network IP TCP - BLOCKING (229) (emerging-rbn-BLOCK.rules) 2407457 - ET RBN Known Russian Business Network IP UDP - BLOCKING (229) (emerging-rbn-BLOCK.rules) 2407458 - ET RBN Known Russian Business Network IP TCP - BLOCKING (230) (emerging-rbn-BLOCK.rules) 2407459 - ET RBN Known Russian Business Network IP UDP - BLOCKING (230) (emerging-rbn-BLOCK.rules) 2407460 - ET RBN Known Russian Business Network IP TCP - BLOCKING (231) (emerging-rbn-BLOCK.rules) 2407461 - ET RBN Known Russian Business Network IP UDP - BLOCKING (231) (emerging-rbn-BLOCK.rules) 2407462 - ET RBN Known Russian Business Network IP TCP - BLOCKING (232) (emerging-rbn-BLOCK.rules) 2407463 - ET RBN Known Russian Business Network IP UDP - BLOCKING (232) (emerging-rbn-BLOCK.rules) 2407464 - ET RBN Known Russian Business Network IP TCP - BLOCKING (233) (emerging-rbn-BLOCK.rules) 2407465 - ET RBN Known Russian Business Network IP UDP - BLOCKING (233) (emerging-rbn-BLOCK.rules) 2407466 - ET RBN Known Russian Business Network IP TCP - BLOCKING (234) (emerging-rbn-BLOCK.rules) 2407467 - ET RBN Known Russian Business Network IP UDP - BLOCKING (234) (emerging-rbn-BLOCK.rules) 2407468 - ET RBN Known Russian Business Network IP TCP - BLOCKING (235) (emerging-rbn-BLOCK.rules) 2407469 - ET RBN Known Russian Business Network IP UDP - BLOCKING (235) (emerging-rbn-BLOCK.rules) 2407470 - ET RBN Known Russian Business Network IP TCP - BLOCKING (236) (emerging-rbn-BLOCK.rules) 2407471 - ET RBN Known Russian Business Network IP UDP - BLOCKING (236) (emerging-rbn-BLOCK.rules) 2407472 - ET RBN Known Russian Business Network IP TCP - BLOCKING (237) (emerging-rbn-BLOCK.rules) 2407473 - ET RBN Known Russian Business Network IP UDP - BLOCKING (237) (emerging-rbn-BLOCK.rules) 2407474 - ET RBN Known Russian Business Network IP TCP - BLOCKING (238) (emerging-rbn-BLOCK.rules) 2407475 - ET RBN Known Russian Business Network IP UDP - BLOCKING (238) (emerging-rbn-BLOCK.rules) 2407476 - ET RBN Known Russian Business Network IP TCP - BLOCKING (239) (emerging-rbn-BLOCK.rules) 2407477 - ET RBN Known Russian Business Network IP UDP - BLOCKING (239) (emerging-rbn-BLOCK.rules) 2407478 - ET RBN Known Russian Business Network IP TCP - BLOCKING (240) (emerging-rbn-BLOCK.rules) 2407479 - ET RBN Known Russian Business Network IP UDP - BLOCKING (240) (emerging-rbn-BLOCK.rules) 2407480 - ET RBN Known Russian Business Network IP TCP - BLOCKING (241) (emerging-rbn-BLOCK.rules) 2407481 - ET RBN Known Russian Business Network IP UDP - BLOCKING (241) (emerging-rbn-BLOCK.rules) 2407482 - ET RBN Known Russian Business Network IP TCP - BLOCKING (242) (emerging-rbn-BLOCK.rules) 2407483 - ET RBN Known Russian Business Network IP UDP - BLOCKING (242) (emerging-rbn-BLOCK.rules) 2407484 - ET RBN Known Russian Business Network IP TCP - BLOCKING (243) (emerging-rbn-BLOCK.rules) 2407485 - ET RBN Known Russian Business Network IP UDP - BLOCKING (243) (emerging-rbn-BLOCK.rules) 2407486 - ET RBN Known Russian Business Network IP TCP - BLOCKING (244) (emerging-rbn-BLOCK.rules) 2407487 - ET RBN Known Russian Business Network IP UDP - BLOCKING (244) (emerging-rbn-BLOCK.rules) 2407488 - ET RBN Known Russian Business Network IP TCP - BLOCKING (245) (emerging-rbn-BLOCK.rules) 2407489 - ET RBN Known Russian Business Network IP UDP - BLOCKING (245) (emerging-rbn-BLOCK.rules) 2407490 - ET RBN Known Russian Business Network IP TCP - BLOCKING (246) (emerging-rbn-BLOCK.rules) 2407491 - ET RBN Known Russian Business Network IP UDP - BLOCKING (246) (emerging-rbn-BLOCK.rules) 2407492 - ET RBN Known Russian Business Network IP TCP - BLOCKING (247) (emerging-rbn-BLOCK.rules) 2407493 - ET RBN Known Russian Business Network IP UDP - BLOCKING (247) (emerging-rbn-BLOCK.rules) 2407494 - ET RBN Known Russian Business Network IP TCP - BLOCKING (248) (emerging-rbn-BLOCK.rules) 2407495 - ET RBN Known Russian Business Network IP UDP - BLOCKING (248) (emerging-rbn-BLOCK.rules) 2407496 - ET RBN Known Russian Business Network IP TCP - BLOCKING (249) (emerging-rbn-BLOCK.rules) 2407497 - ET RBN Known Russian Business Network IP UDP - BLOCKING (249) (emerging-rbn-BLOCK.rules) 2407498 - ET RBN Known Russian Business Network IP TCP - BLOCKING (250) (emerging-rbn-BLOCK.rules) 2407499 - ET RBN Known Russian Business Network IP UDP - BLOCKING (250) (emerging-rbn-BLOCK.rules) 2407500 - ET RBN Known Russian Business Network IP TCP - BLOCKING (251) (emerging-rbn-BLOCK.rules) 2407501 - ET RBN Known Russian Business Network IP UDP - BLOCKING (251) (emerging-rbn-BLOCK.rules) 2407502 - ET RBN Known Russian Business Network IP TCP - BLOCKING (252) (emerging-rbn-BLOCK.rules) 2407503 - ET RBN Known Russian Business Network IP UDP - BLOCKING (252) (emerging-rbn-BLOCK.rules) 2407504 - ET RBN Known Russian Business Network IP TCP - BLOCKING (253) (emerging-rbn-BLOCK.rules) 2407505 - ET RBN Known Russian Business Network IP UDP - BLOCKING (253) (emerging-rbn-BLOCK.rules) 2407506 - ET RBN Known Russian Business Network IP TCP - BLOCKING (254) (emerging-rbn-BLOCK.rules) 2407507 - ET RBN Known Russian Business Network IP UDP - BLOCKING (254) (emerging-rbn-BLOCK.rules) 2407508 - ET RBN Known Russian Business Network IP TCP - BLOCKING (255) (emerging-rbn-BLOCK.rules) 2407509 - ET RBN Known Russian Business Network IP UDP - BLOCKING (255) (emerging-rbn-BLOCK.rules) 2407510 - ET RBN Known Russian Business Network IP TCP - BLOCKING (256) (emerging-rbn-BLOCK.rules) 2407511 - ET RBN Known Russian Business Network IP UDP - BLOCKING (256) (emerging-rbn-BLOCK.rules) 2407512 - ET RBN Known Russian Business Network IP TCP - BLOCKING (257) (emerging-rbn-BLOCK.rules) 2407513 - ET RBN Known Russian Business Network IP UDP - BLOCKING (257) (emerging-rbn-BLOCK.rules) 2407514 - ET RBN Known Russian Business Network IP TCP - BLOCKING (258) (emerging-rbn-BLOCK.rules) 2407515 - ET RBN Known Russian Business Network IP UDP - BLOCKING (258) (emerging-rbn-BLOCK.rules) 2407516 - ET RBN Known Russian Business Network IP TCP - BLOCKING (259) (emerging-rbn-BLOCK.rules) 2407517 - ET RBN Known Russian Business Network IP UDP - BLOCKING (259) (emerging-rbn-BLOCK.rules) 2407518 - ET RBN Known Russian Business Network IP TCP - BLOCKING (260) (emerging-rbn-BLOCK.rules) 2407519 - ET RBN Known Russian Business Network IP UDP - BLOCKING (260) (emerging-rbn-BLOCK.rules) 2407520 - ET RBN Known Russian Business Network IP TCP - BLOCKING (261) (emerging-rbn-BLOCK.rules) 2407521 - ET RBN Known Russian Business Network IP UDP - BLOCKING (261) (emerging-rbn-BLOCK.rules) 2407522 - ET RBN Known Russian Business Network IP TCP - BLOCKING (262) (emerging-rbn-BLOCK.rules) 2407523 - ET RBN Known Russian Business Network IP UDP - BLOCKING (262) (emerging-rbn-BLOCK.rules) 2407524 - ET RBN Known Russian Business Network IP TCP - BLOCKING (263) (emerging-rbn-BLOCK.rules) 2407525 - ET RBN Known Russian Business Network IP UDP - BLOCKING (263) (emerging-rbn-BLOCK.rules) 2407526 - ET RBN Known Russian Business Network IP TCP - BLOCKING (264) (emerging-rbn-BLOCK.rules) 2407527 - ET RBN Known Russian Business Network IP UDP - BLOCKING (264) (emerging-rbn-BLOCK.rules) 2407528 - ET RBN Known Russian Business Network IP TCP - BLOCKING (265) (emerging-rbn-BLOCK.rules) 2407529 - ET RBN Known Russian Business Network IP UDP - BLOCKING (265) (emerging-rbn-BLOCK.rules) 2407530 - ET RBN Known Russian Business Network IP TCP - BLOCKING (266) (emerging-rbn-BLOCK.rules) 2407531 - ET RBN Known Russian Business Network IP UDP - BLOCKING (266) (emerging-rbn-BLOCK.rules) 2407532 - ET RBN Known Russian Business Network IP TCP - BLOCKING (267) (emerging-rbn-BLOCK.rules) 2407533 - ET RBN Known Russian Business Network IP UDP - BLOCKING (267) (emerging-rbn-BLOCK.rules) 2407534 - ET RBN Known Russian Business Network IP TCP - BLOCKING (268) (emerging-rbn-BLOCK.rules) 2407535 - ET RBN Known Russian Business Network IP UDP - BLOCKING (268) (emerging-rbn-BLOCK.rules) 2407536 - ET RBN Known Russian Business Network IP TCP - BLOCKING (269) (emerging-rbn-BLOCK.rules) 2407537 - ET RBN Known Russian Business Network IP UDP - BLOCKING (269) (emerging-rbn-BLOCK.rules) 2407538 - ET RBN Known Russian Business Network IP TCP - BLOCKING (270) (emerging-rbn-BLOCK.rules) 2407539 - ET RBN Known Russian Business Network IP UDP - BLOCKING (270) (emerging-rbn-BLOCK.rules) 2407540 - ET RBN Known Russian Business Network IP TCP - BLOCKING (271) (emerging-rbn-BLOCK.rules) 2407541 - ET RBN Known Russian Business Network IP UDP - BLOCKING (271) (emerging-rbn-BLOCK.rules) 2407542 - ET RBN Known Russian Business Network IP TCP - BLOCKING (272) (emerging-rbn-BLOCK.rules) 2407543 - ET RBN Known Russian Business Network IP UDP - BLOCKING (272) (emerging-rbn-BLOCK.rules) 2407544 - ET RBN Known Russian Business Network IP TCP - BLOCKING (273) (emerging-rbn-BLOCK.rules) 2407545 - ET RBN Known Russian Business Network IP UDP - BLOCKING (273) (emerging-rbn-BLOCK.rules) 2407546 - ET RBN Known Russian Business Network IP TCP - BLOCKING (274) (emerging-rbn-BLOCK.rules) 2407547 - ET RBN Known Russian Business Network IP UDP - BLOCKING (274) (emerging-rbn-BLOCK.rules) 2407548 - ET RBN Known Russian Business Network IP TCP - BLOCKING (275) (emerging-rbn-BLOCK.rules) 2407549 - ET RBN Known Russian Business Network IP UDP - BLOCKING (275) (emerging-rbn-BLOCK.rules) 2407550 - ET RBN Known Russian Business Network IP TCP - BLOCKING (276) (emerging-rbn-BLOCK.rules) 2407551 - ET RBN Known Russian Business Network IP UDP - BLOCKING (276) (emerging-rbn-BLOCK.rules) 2407552 - ET RBN Known Russian Business Network IP TCP - BLOCKING (277) (emerging-rbn-BLOCK.rules) 2407553 - ET RBN Known Russian Business Network IP UDP - BLOCKING (277) (emerging-rbn-BLOCK.rules) 2407554 - ET RBN Known Russian Business Network IP TCP - BLOCKING (278) (emerging-rbn-BLOCK.rules) 2407555 - ET RBN Known Russian Business Network IP UDP - BLOCKING (278) (emerging-rbn-BLOCK.rules) 2407556 - ET RBN Known Russian Business Network IP TCP - BLOCKING (279) (emerging-rbn-BLOCK.rules) 2407557 - ET RBN Known Russian Business Network IP UDP - BLOCKING (279) (emerging-rbn-BLOCK.rules) 2407558 - ET RBN Known Russian Business Network IP TCP - BLOCKING (280) (emerging-rbn-BLOCK.rules) 2407559 - ET RBN Known Russian Business Network IP UDP - BLOCKING (280) (emerging-rbn-BLOCK.rules) 2407560 - ET RBN Known Russian Business Network IP TCP - BLOCKING (281) (emerging-rbn-BLOCK.rules) 2407561 - ET RBN Known Russian Business Network IP UDP - BLOCKING (281) (emerging-rbn-BLOCK.rules) 2407562 - ET RBN Known Russian Business Network IP TCP - BLOCKING (282) (emerging-rbn-BLOCK.rules) 2407563 - ET RBN Known Russian Business Network IP UDP - BLOCKING (282) (emerging-rbn-BLOCK.rules) 2407564 - ET RBN Known Russian Business Network IP TCP - BLOCKING (283) (emerging-rbn-BLOCK.rules) 2407565 - ET RBN Known Russian Business Network IP UDP - BLOCKING (283) (emerging-rbn-BLOCK.rules) 2407566 - ET RBN Known Russian Business Network IP TCP - BLOCKING (284) (emerging-rbn-BLOCK.rules) 2407567 - ET RBN Known Russian Business Network IP UDP - BLOCKING (284) (emerging-rbn-BLOCK.rules) 2407568 - ET RBN Known Russian Business Network IP TCP - BLOCKING (285) (emerging-rbn-BLOCK.rules) 2407569 - ET RBN Known Russian Business Network IP UDP - BLOCKING (285) (emerging-rbn-BLOCK.rules) 2407570 - ET RBN Known Russian Business Network IP TCP - BLOCKING (286) (emerging-rbn-BLOCK.rules) 2407571 - ET RBN Known Russian Business Network IP UDP - BLOCKING (286) (emerging-rbn-BLOCK.rules) 2407572 - ET RBN Known Russian Business Network IP TCP - BLOCKING (287) (emerging-rbn-BLOCK.rules) 2407573 - ET RBN Known Russian Business Network IP UDP - BLOCKING (287) (emerging-rbn-BLOCK.rules) 2407574 - ET RBN Known Russian Business Network IP TCP - BLOCKING (288) (emerging-rbn-BLOCK.rules) 2407575 - ET RBN Known Russian Business Network IP UDP - BLOCKING (288) (emerging-rbn-BLOCK.rules) 2407576 - ET RBN Known Russian Business Network IP TCP - BLOCKING (289) (emerging-rbn-BLOCK.rules) 2407577 - ET RBN Known Russian Business Network IP UDP - BLOCKING (289) (emerging-rbn-BLOCK.rules) 2407578 - ET RBN Known Russian Business Network IP TCP - BLOCKING (290) (emerging-rbn-BLOCK.rules) 2407579 - ET RBN Known Russian Business Network IP UDP - BLOCKING (290) (emerging-rbn-BLOCK.rules) 2407580 - ET RBN Known Russian Business Network IP TCP - BLOCKING (291) (emerging-rbn-BLOCK.rules) 2407581 - ET RBN Known Russian Business Network IP UDP - BLOCKING (291) (emerging-rbn-BLOCK.rules) 2407582 - ET RBN Known Russian Business Network IP TCP - BLOCKING (292) (emerging-rbn-BLOCK.rules) 2407583 - ET RBN Known Russian Business Network IP UDP - BLOCKING (292) (emerging-rbn-BLOCK.rules) 2407584 - ET RBN Known Russian Business Network IP TCP - BLOCKING (293) (emerging-rbn-BLOCK.rules) 2407585 - ET RBN Known Russian Business Network IP UDP - BLOCKING (293) (emerging-rbn-BLOCK.rules) 2407586 - ET RBN Known Russian Business Network IP TCP - BLOCKING (294) (emerging-rbn-BLOCK.rules) 2407587 - ET RBN Known Russian Business Network IP UDP - BLOCKING (294) (emerging-rbn-BLOCK.rules) 2407588 - ET RBN Known Russian Business Network IP TCP - BLOCKING (295) (emerging-rbn-BLOCK.rules) 2407589 - ET RBN Known Russian Business Network IP UDP - BLOCKING (295) (emerging-rbn-BLOCK.rules) 2407590 - ET RBN Known Russian Business Network IP TCP - BLOCKING (296) (emerging-rbn-BLOCK.rules) 2407591 - ET RBN Known Russian Business Network IP UDP - BLOCKING (296) (emerging-rbn-BLOCK.rules) 2407592 - ET RBN Known Russian Business Network IP TCP - BLOCKING (297) (emerging-rbn-BLOCK.rules) 2407593 - ET RBN Known Russian Business Network IP UDP - BLOCKING (297) (emerging-rbn-BLOCK.rules) 2407594 - ET RBN Known Russian Business Network IP TCP - BLOCKING (298) (emerging-rbn-BLOCK.rules) 2407595 - ET RBN Known Russian Business Network IP UDP - BLOCKING (298) (emerging-rbn-BLOCK.rules) 2407596 - ET RBN Known Russian Business Network IP TCP - BLOCKING (299) (emerging-rbn-BLOCK.rules) 2407597 - ET RBN Known Russian Business Network IP UDP - BLOCKING (299) (emerging-rbn-BLOCK.rules) 2407598 - ET RBN Known Russian Business Network IP TCP - BLOCKING (300) (emerging-rbn-BLOCK.rules) 2407599 - ET RBN Known Russian Business Network IP UDP - BLOCKING (300) (emerging-rbn-BLOCK.rules) 2407600 - ET RBN Known Russian Business Network IP TCP - BLOCKING (301) (emerging-rbn-BLOCK.rules) 2407601 - ET RBN Known Russian Business Network IP UDP - BLOCKING (301) (emerging-rbn-BLOCK.rules) 2407602 - ET RBN Known Russian Business Network IP TCP - BLOCKING (302) (emerging-rbn-BLOCK.rules) 2407603 - ET RBN Known Russian Business Network IP UDP - BLOCKING (302) (emerging-rbn-BLOCK.rules) 2407604 - ET RBN Known Russian Business Network IP TCP - BLOCKING (303) (emerging-rbn-BLOCK.rules) 2407605 - ET RBN Known Russian Business Network IP UDP - BLOCKING (303) (emerging-rbn-BLOCK.rules) 2407606 - ET RBN Known Russian Business Network IP TCP - BLOCKING (304) (emerging-rbn-BLOCK.rules) 2407607 - ET RBN Known Russian Business Network IP UDP - BLOCKING (304) (emerging-rbn-BLOCK.rules) 2407608 - ET RBN Known Russian Business Network IP TCP - BLOCKING (305) (emerging-rbn-BLOCK.rules) 2407609 - ET RBN Known Russian Business Network IP UDP - BLOCKING (305) (emerging-rbn-BLOCK.rules) 2407610 - ET RBN Known Russian Business Network IP TCP - BLOCKING (306) (emerging-rbn-BLOCK.rules) 2407611 - ET RBN Known Russian Business Network IP UDP - BLOCKING (306) (emerging-rbn-BLOCK.rules) 2407612 - ET RBN Known Russian Business Network IP TCP - BLOCKING (307) (emerging-rbn-BLOCK.rules) 2407613 - ET RBN Known Russian Business Network IP UDP - BLOCKING (307) (emerging-rbn-BLOCK.rules) 2407614 - ET RBN Known Russian Business Network IP TCP - BLOCKING (308) (emerging-rbn-BLOCK.rules) 2407615 - ET RBN Known Russian Business Network IP UDP - BLOCKING (308) (emerging-rbn-BLOCK.rules) 2407616 - ET RBN Known Russian Business Network IP TCP - BLOCKING (309) (emerging-rbn-BLOCK.rules) 2407617 - ET RBN Known Russian Business Network IP UDP - BLOCKING (309) (emerging-rbn-BLOCK.rules) 2407618 - ET RBN Known Russian Business Network IP TCP - BLOCKING (310) (emerging-rbn-BLOCK.rules) 2407619 - ET RBN Known Russian Business Network IP UDP - BLOCKING (310) (emerging-rbn-BLOCK.rules) [+++] Added non-rule lines: [+++] -> Added to emerging-rbn-BLOCK.rules (2): # VERSION 132 # Updated 2009-06-03 13:33:29 -> Added to emerging-rbn.rules (2): # VERSION 132 # Updated 2009-06-03 13:33:29 -> Added to emerging-sid-msg.map (76): 2500274 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (138) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500275 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (138) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500276 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (139) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500277 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (139) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500278 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (140) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500279 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (140) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500280 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (141) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500281 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (141) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500282 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (142) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500283 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (142) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500284 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (143) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500285 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (143) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500286 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (144) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500287 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (144) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500288 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (145) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500289 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (145) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500290 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (146) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500291 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (146) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500292 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (147) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500293 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (147) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500294 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (148) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500295 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (148) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500296 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (149) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500297 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (149) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500298 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (150) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500299 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (150) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500300 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (151) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500301 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (151) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500302 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (152) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500303 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (152) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500304 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (153) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500305 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (153) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500306 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (154) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500307 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (154) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500308 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (155) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500309 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (155) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500310 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (156) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500311 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (156) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510274 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (138) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510275 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (138) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510276 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (139) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510277 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (139) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510278 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (140) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510279 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (140) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510280 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (141) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510281 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (141) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510282 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (142) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510283 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (142) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510284 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (143) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510285 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (143) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510286 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (144) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510287 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (144) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510288 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (145) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510289 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (145) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510290 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (146) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510291 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (146) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510292 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (147) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510293 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (147) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510294 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (148) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510295 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (148) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510296 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (149) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510297 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (149) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510298 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (150) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510299 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (150) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510300 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (151) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510301 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (151) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510302 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (152) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510303 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (152) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510304 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (153) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510305 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (153) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510306 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (154) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510307 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (154) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510308 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (155) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510309 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (155) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510310 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (156) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510311 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (156) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts -> Added to emerging-sid-msg.map.txt (76): 2500274 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (138) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500275 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (138) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500276 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (139) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500277 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (139) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500278 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (140) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500279 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (140) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500280 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (141) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500281 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (141) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500282 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (142) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500283 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (142) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500284 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (143) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500285 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (143) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500286 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (144) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500287 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (144) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500288 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (145) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500289 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (145) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500290 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (146) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500291 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (146) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500292 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (147) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500293 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (147) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500294 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (148) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500295 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (148) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500296 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (149) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500297 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (149) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500298 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (150) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500299 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (150) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500300 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (151) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500301 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (151) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500302 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (152) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500303 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (152) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500304 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (153) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500305 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (153) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500306 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (154) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500307 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (154) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500308 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (155) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500309 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (155) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500310 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (156) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500311 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (156) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510274 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (138) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510275 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (138) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510276 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (139) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510277 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (139) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510278 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (140) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510279 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (140) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510280 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (141) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510281 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (141) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510282 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (142) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510283 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (142) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510284 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (143) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510285 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (143) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510286 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (144) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510287 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (144) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510288 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (145) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510289 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (145) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510290 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (146) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510291 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (146) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510292 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (147) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510293 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (147) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510294 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (148) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510295 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (148) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510296 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (149) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510297 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (149) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510298 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (150) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510299 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (150) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510300 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (151) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510301 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (151) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510302 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (152) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510303 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (152) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510304 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (153) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510305 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (153) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510306 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (154) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510307 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (154) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510308 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (155) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510309 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (155) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510310 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (156) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510311 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (156) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts [---] Removed non-rule lines: [---] -> Removed from emerging-rbn-BLOCK.rules (2): # VERSION 131 # Updated 2009-05-27 12:51:59 -> Removed from emerging-rbn.rules (2): # VERSION 131 # Updated 2009-05-27 12:51:59 From scheidell at secnap.net Fri Jun 5 10:48:06 2009 From: scheidell at secnap.net (Michael Scheidell) Date: Fri, 05 Jun 2009 10:48:06 -0400 Subject: [Emerging-Sigs] [Fwd: [SECNAP First-Alerts] Feds Shut Down 'Criminal' Internet Service Provider] Message-ID: <4A293026.6020104@secnap.net> good news, I wonder how many of those RBN ip's were from this network. (the IP lists seem to be the most cpu intensive part of a total snort rule set.. has anyone compiled them into a snort .so?) -------- Original Message -------- Subject: [SECNAP First-Alerts] Feds Shut Down 'Criminal' Internet Service Provider Date: Fri, 05 Jun 2009 10:18:05 -0400 From: Michael Scheidell To: first-alerts at listserver.hackertrap.net Friday , June 05, 2009 AP SAN FRANCISCO --- The federal government has severed the Internet connection of a company accused of helping criminals serve up a "witches' brew" of nasty content online, from computer viruses to child pornography. It's likely to be just a short-lived victory in the fight against cybercrime, though, since bad guys are very good at getting back online quickly. The Federal Trade Commission said Thursday that it has ordered the shutdown of a company called Pricewert LLC, described in a complaint filed in San Jose, Calif., federal court as an Oregon-based shell company run by "overseas criminals", operating out of Belize and running many its illegal operations out of servers in Silicon Valley. Pricewert, which operated the "Triple Fiber Network" or "3FN," wasn't the type of Internet service that average consumers would see or sign up for. Instead, the service was advertised "in the darkest corners of the Internet" and was targeted at criminals who want to put malicious Web sites online, but need the servers and bandwidth to do it, according to the complaint. [.....] The FTC's complaint draws a link between 3FN and a notorious Internet provider called McColo Corp., which was also operating out of a data center in Silicon Valley. McColo was believed responsible for half of the world's spam before it was shut down in November. Spam dropped precipitously after McColo's Internet providers pulled the plug on McColo, but it has since rebounded. When investigators from NASA looked into intrusions into some of its computers, they traced them back to McColo's servers. A search warrant later revealed those servers were also routing instant message conversations between 3FN employees and customers that formed the basis of some of the FTC's allegations. -- Michael Scheidell, CTO Phone: 561-999-5000, x 1259 > *| *SECNAP Network Security Corporation * Certified SNORT Integrator * 2008-9 Hot Company Award Winner, World Executive Alliance * Five-Star Partner Program 2009, VARBusiness * Best Anti-Spam Product 2008, Network Products Guide * King of Spam Filters, SC Magazine 2008 _________________________________________________________________________ This email has been scanned and certified safe by SpammerTrap(r). For Information please see http://www.secnap.com/products/spammertrap/ _________________________________________________________________________ -------------- next part -------------- An HTML attachment was scrubbed... URL: _______________________________________________ First-Alerts mailing list First-Alerts at listserver.hackertrap.net SECNAP First Alerts Editorial Staff: Michael Scheidell, Jared Braverman and Ray Artz. Please feel free to share this with interested parties via email but please do not post it to web sites or blogs. To unsubscribe from SECNAP First Alerts, send email to first-alerts-unsubscribe at listserver.hackertrap.net or visit web page at http://listserver.hackertrap.net/mailman/listinfo/first-alerts to unsubscribe or change options SECNAP Network Security Corporation 6421 Congress Avenue #206 Boca Raton,FL. 33487 (866) SECNAP.NET / (866) 732-6276 (561) 999-5000 -- Michael Scheidell, CTO Phone: 561-999-5000, x 1259 > *| *SECNAP Network Security Corporation * Certified SNORT Integrator * 2008-9 Hot Company Award Winner, World Executive Alliance * Five-Star Partner Program 2009, VARBusiness * Best Anti-Spam Product 2008, Network Products Guide * King of Spam Filters, SC Magazine 2008 _________________________________________________________________________ This email has been scanned and certified safe by SpammerTrap(r). For Information please see http://www.secnap.com/products/spammertrap/ _________________________________________________________________________ -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.emergingthreats.net/pipermail/emerging-sigs/attachments/20090605/f3bf501f/attachment.html From eoin.miller at trojanedbinaries.com Fri Jun 5 11:29:51 2009 From: eoin.miller at trojanedbinaries.com (Eoin Miller) Date: Fri, 05 Jun 2009 11:29:51 -0400 Subject: [Emerging-Sigs] [Fwd: [SECNAP First-Alerts] Feds Shut Down 'Criminal' Internet Service Provider] In-Reply-To: <4A293026.6020104@secnap.net> References: <4A293026.6020104@secnap.net> Message-ID: <4A2939EF.9080607@trojanedbinaries.com> Marty wrote a new preprocessor for alerting on IP since "alert ip" rules are very slow with Snort: However the EmergingThreats RBN rules have been optimized a bit more and just recently updated. Give the current version a whirl: http://www.emergingthreats.net/rules/emerging-rbn.rules -- Eoin Miller Michael Scheidell wrote: > good news, I wonder how many of those RBN ip's were from this network. > > (the IP lists seem to be the most cpu intensive part of a total snort > rule set.. has anyone compiled them into a snort .so?) > > > > > -------- Original Message -------- > Subject: [SECNAP First-Alerts] Feds Shut Down 'Criminal' Internet > Service Provider > Date: Fri, 05 Jun 2009 10:18:05 -0400 > From: Michael Scheidell > To: first-alerts at listserver.hackertrap.net > > > > Friday , June 05, 2009 > > AP > > SAN FRANCISCO --- > The federal government has severed the Internet connection of a company > accused of helping criminals serve up a "witches' brew" of nasty content > online, from computer viruses to child pornography. > > It's likely to be just a short-lived victory in the fight against > cybercrime, though, since bad guys are very good at getting back online > quickly. > > The Federal Trade Commission said Thursday that it has ordered the > shutdown of a company called Pricewert LLC, described in a complaint > filed in San Jose, Calif., federal court as an Oregon-based shell > company run by "overseas criminals", operating out of Belize and running > many its illegal operations out of servers in Silicon Valley. > > Pricewert, which operated the "Triple Fiber Network" or "3FN," wasn't > the type of Internet service that average consumers would see or sign up > for. > > Instead, the service was advertised "in the darkest corners of the > Internet" and was targeted at criminals who want to put malicious Web > sites online, but need the servers and bandwidth to do it, according to > the complaint. > [.....] > The FTC's complaint draws a link between 3FN and a notorious Internet > provider called McColo Corp., which was also operating out of a data > center in Silicon Valley. > > McColo was believed responsible for half of the world's spam before it > was shut down in November. Spam dropped precipitously after McColo's > Internet providers pulled the plug on McColo, but it has since rebounded. > > When investigators from NASA looked into intrusions into some of its > computers, they traced them back to McColo's servers. A search warrant > later revealed those servers were also routing instant message > conversations between 3FN employees and customers that formed the basis > of some of the FTC's allegations. > > > > -- > Michael Scheidell, CTO > Phone: 561-999-5000, x 1259 > > *| *SECNAP Network Security Corporation > > * Certified SNORT Integrator > * 2008-9 Hot Company Award Winner, World Executive Alliance > * Five-Star Partner Program 2009, VARBusiness > * Best Anti-Spam Product 2008, Network Products Guide > * King of Spam Filters, SC Magazine 2008 > > > _________________________________________________________________________ > This email has been scanned and certified safe by SpammerTrap(r). > For Information please see http://www.secnap.com/products/spammertrap/ > _________________________________________________________________________ > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: > _______________________________________________ > First-Alerts mailing list > First-Alerts at listserver.hackertrap.net > SECNAP First Alerts Editorial Staff: > Michael Scheidell, Jared Braverman and Ray Artz. > > Please feel free to share this with interested parties via email but please do not post it to web sites or blogs. > > To unsubscribe from SECNAP First Alerts, send email to > first-alerts-unsubscribe at listserver.hackertrap.net or visit web page at http://listserver.hackertrap.net/mailman/listinfo/first-alerts > to unsubscribe or change options > > SECNAP Network Security Corporation > 6421 Congress Avenue #206 > Boca Raton,FL. 33487 > (866) SECNAP.NET / (866) 732-6276 (561) 999-5000 > > > -- > Michael Scheidell, CTO > Phone: 561-999-5000, x 1259 > > *| *SECNAP Network Security Corporation > > * Certified SNORT Integrator > * 2008-9 Hot Company Award Winner, World Executive Alliance > * Five-Star Partner Program 2009, VARBusiness > * Best Anti-Spam Product 2008, Network Products Guide > * King of Spam Filters, SC Magazine 2008 > > > ------------------------------------------------------------------------ > > This email has been scanned and certified safe by SpammerTrap?. > For Information please see www.secnap.com/products/spammertrap/ > > > ------------------------------------------------------------------------ > > ------------------------------------------------------------------------ > > _______________________________________________ > Emerging-sigs mailing list > Emerging-sigs at emergingthreats.net > http://lists.emergingthreats.net/mailman/listinfo/emerging-sigs > From scheidell at secnap.net Fri Jun 5 11:49:26 2009 From: scheidell at secnap.net (Michael Scheidell) Date: Fri, 05 Jun 2009 11:49:26 -0400 Subject: [Emerging-Sigs] [Fwd: [SECNAP First-Alerts] Feds Shut Down 'Criminal' Internet Service Provider] In-Reply-To: <4A2939EF.9080607@trojanedbinaries.com> References: <4A293026.6020104@secnap.net> <4A2939EF.9080607@trojanedbinaries.com> Message-ID: <4A293E86.5050806@secnap.net> I already use oinkmaster to pull all of them in (the 'optimized' means move to seperate tcp and udp rules?) moving tcp and udp to seperate files would help also. we have some sites where one snort incense is tcp only, (actually, some where one is tcp 80 only, second one is tcp ! port 80, and third is ! tcp) Eoin Miller wrote: > Marty wrote a new preprocessor for alerting on IP since "alert ip" rules > are very slow with Snort: > > However the EmergingThreats RBN rules have been optimized a bit more and > just recently updated. Give the current version a whirl: > > http://www.emergingthreats.net/rules/emerging-rbn.rules > > -- > Eoin Miller > > > Michael Scheidell wrote: > >> good news, I wonder how many of those RBN ip's were from this network. >> >> (the IP lists seem to be the most cpu intensive part of a total snort >> rule set.. has anyone compiled them into a snort .so?) >> >> >> >> >> -------- Original Message -------- >> Subject: [SECNAP First-Alerts] Feds Shut Down 'Criminal' Internet >> Service Provider >> Date: Fri, 05 Jun 2009 10:18:05 -0400 >> From: Michael Scheidell >> To: first-alerts at listserver.hackertrap.net >> >> >> >> Friday , June 05, 2009 >> >> AP >> >> SAN FRANCISCO --- >> The federal government has severed the Internet connection of a company >> accused of helping criminals serve up a "witches' brew" of nasty content >> online, from computer viruses to child pornography. >> >> It's likely to be just a short-lived victory in the fight against >> cybercrime, though, since bad guys are very good at getting back online >> quickly. >> >> The Federal Trade Commission said Thursday that it has ordered the >> shutdown of a company called Pricewert LLC, described in a complaint >> filed in San Jose, Calif., federal court as an Oregon-based shell >> company run by "overseas criminals", operating out of Belize and running >> many its illegal operations out of servers in Silicon Valley. >> >> Pricewert, which operated the "Triple Fiber Network" or "3FN," wasn't >> the type of Internet service that average consumers would see or sign up >> for. >> >> Instead, the service was advertised "in the darkest corners of the >> Internet" and was targeted at criminals who want to put malicious Web >> sites online, but need the servers and bandwidth to do it, according to >> the complaint. >> [.....] >> The FTC's complaint draws a link between 3FN and a notorious Internet >> provider called McColo Corp., which was also operating out of a data >> center in Silicon Valley. >> >> McColo was believed responsible for half of the world's spam before it >> was shut down in November. Spam dropped precipitously after McColo's >> Internet providers pulled the plug on McColo, but it has since rebounded. >> >> When investigators from NASA looked into intrusions into some of its >> computers, they traced them back to McColo's servers. A search warrant >> later revealed those servers were also routing instant message >> conversations between 3FN employees and customers that formed the basis >> of some of the FTC's allegations. >> >> >> >> -- >> Michael Scheidell, CTO >> Phone: 561-999-5000, x 1259 >> >>> *| *SECNAP Network Security Corporation >>> >> * Certified SNORT Integrator >> * 2008-9 Hot Company Award Winner, World Executive Alliance >> * Five-Star Partner Program 2009, VARBusiness >> * Best Anti-Spam Product 2008, Network Products Guide >> * King of Spam Filters, SC Magazine 2008 >> >> >> _________________________________________________________________________ >> This email has been scanned and certified safe by SpammerTrap(r). >> For Information please see http://www.secnap.com/products/spammertrap/ >> _________________________________________________________________________ >> -------------- next part -------------- >> An HTML attachment was scrubbed... >> URL: >> _______________________________________________ >> First-Alerts mailing list >> First-Alerts at listserver.hackertrap.net >> SECNAP First Alerts Editorial Staff: >> Michael Scheidell, Jared Braverman and Ray Artz. >> >> Please feel free to share this with interested parties via email but please do not post it to web sites or blogs. >> >> To unsubscribe from SECNAP First Alerts, send email to >> first-alerts-unsubscribe at listserver.hackertrap.net or visit web page at http://listserver.hackertrap.net/mailman/listinfo/first-alerts >> to unsubscribe or change options >> >> SECNAP Network Security Corporation >> 6421 Congress Avenue #206 >> Boca Raton,FL. 33487 >> (866) SECNAP.NET / (866) 732-6276 (561) 999-5000 >> >> >> -- >> Michael Scheidell, CTO >> Phone: 561-999-5000, x 1259 >> >>> *| *SECNAP Network Security Corporation >>> >> * Certified SNORT Integrator >> * 2008-9 Hot Company Award Winner, World Executive Alliance >> * Five-Star Partner Program 2009, VARBusiness >> * Best Anti-Spam Product 2008, Network Products Guide >> * King of Spam Filters, SC Magazine 2008 >> >> >> ------------------------------------------------------------------------ >> >> This email has been scanned and certified safe by SpammerTrap?. >> For Information please see www.secnap.com/products/spammertrap/ >> >> >> ------------------------------------------------------------------------ >> >> ------------------------------------------------------------------------ >> >> _______________________________________________ >> Emerging-sigs mailing list >> Emerging-sigs at emergingthreats.net >> http://lists.emergingthreats.net/mailman/listinfo/emerging-sigs >> >> > > -- Michael Scheidell, CTO Phone: 561-999-5000, x 1259 > *| *SECNAP Network Security Corporation * Certified SNORT Integrator * 2008-9 Hot Company Award Winner, World Executive Alliance * Five-Star Partner Program 2009, VARBusiness * Best Anti-Spam Product 2008, Network Products Guide * King of Spam Filters, SC Magazine 2008 _________________________________________________________________________ This email has been scanned and certified safe by SpammerTrap(r). For Information please see http://www.secnap.com/products/spammertrap/ _________________________________________________________________________ -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.emergingthreats.net/pipermail/emerging-sigs/attachments/20090605/3b77bf35/attachment-0001.html From emerging at emergingthreats.net Fri Jun 5 16:00:11 2009 From: emerging at emergingthreats.net (emerging@emergingthreats.net) Date: Fri, 5 Jun 2009 16:00:11 -0400 (EDT) Subject: [Emerging-Sigs] Emerging Threats Daily Signature Changes Message-ID: <20090605200011.E3AFE4504A@goliath.jonkmans.com> [***] Results from Oinkmaster started Fri Jun 5 16:00:11 2009 [***] [*] Rules modifications: [*] None. [---] Removed non-rule lines: [---] -> Removed from emerging-sid-msg.map (8): 2500308 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (155) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500309 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (155) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500310 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (156) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500311 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (156) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510308 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (155) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510309 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (155) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510310 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (156) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510311 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (156) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts -> Removed from emerging-sid-msg.map.txt (8): 2500308 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (155) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500309 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (155) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500310 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (156) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500311 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (156) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510308 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (155) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510309 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (155) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510310 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (156) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510311 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (156) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts From emerging at emergingthreats.net Sat Jun 6 16:00:11 2009 From: emerging at emergingthreats.net (emerging@emergingthreats.net) Date: Sat, 6 Jun 2009 16:00:11 -0400 (EDT) Subject: [Emerging-Sigs] Emerging Threats Daily Signature Changes Message-ID: <20090606200011.B6E7A4504A@goliath.jonkmans.com> [***] Results from Oinkmaster started Sat Jun 6 16:00:11 2009 [***] [*] Rules modifications: [*] None. [---] Removed non-rule lines: [---] -> Removed from emerging-sid-msg.map (12): 2500302 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (152) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500303 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (152) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500304 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (153) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500305 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (153) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500306 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (154) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500307 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (154) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510302 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (152) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510303 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (152) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510304 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (153) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510305 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (153) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510306 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (154) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510307 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (154) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts -> Removed from emerging-sid-msg.map.txt (12): 2500302 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (152) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500303 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (152) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500304 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (153) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500305 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (153) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500306 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (154) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500307 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (154) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510302 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (152) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510303 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (152) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510304 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (153) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510305 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (153) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510306 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (154) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510307 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (154) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts From emerging at emergingthreats.net Sat Jun 6 18:00:11 2009 From: emerging at emergingthreats.net (emerging@emergingthreats.net) Date: Sat, 6 Jun 2009 18:00:11 -0400 (EDT) Subject: [Emerging-Sigs] Emerging Threats Weekly Signature Changes Message-ID: <20090606220011.A3F8F4504A@goliath.jonkmans.com> [***] Results from Oinkmaster started Sat Jun 6 18:00:11 2009 [***] [+++] Added rules: [+++] 2009375 - ET POLICY General MSN Chat Activity (emerging-policy.rules) 2009376 - ET POLICY MSN User-Agent Activity (emerging-policy.rules) [///] Modified active rules: [///] 2009353 - ET TROJAN Bredolab/Gumblar Downloader Communicating With Controller (1) (emerging-virus.rules) 2009354 - ET TROJAN Bredolab/Gumblar Downloader Communicating With Controller (2) (emerging-virus.rules) 2400000 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules) 2400001 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules) 2400002 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules) 2400003 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules) 2400004 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules) 2400005 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules) 2400006 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules) 2400007 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules) 2400008 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules) 2401000 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules) 2401001 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules) 2401002 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules) 2401003 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules) 2401004 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules) 2401005 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules) 2401006 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules) 2401007 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules) 2401008 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules) 2402000 - ET DROP Dshield Block Listed Source (emerging-dshield.rules) 2403000 - ET DROP Dshield Block Listed Source - BLOCKING (emerging-dshield-BLOCK.rules) 2404000 - ET DROP Known Bot C&C Server Traffic (group 1) (emerging-botcc.rules) 2404001 - ET DROP Known Bot C&C Server Traffic (group 2) (emerging-botcc.rules) 2404002 - ET DROP Known Bot C&C Server Traffic (group 3) (emerging-botcc.rules) 2404003 - ET DROP Known Bot C&C Server Traffic (group 4) (emerging-botcc.rules) 2404004 - ET DROP Known Bot C&C Server Traffic (group 5) (emerging-botcc.rules) 2404005 - ET DROP Known Bot C&C Server Traffic (group 6) (emerging-botcc.rules) 2404006 - ET DROP Known Bot C&C Server Traffic (group 7) (emerging-botcc.rules) 2404007 - ET DROP Known Bot C&C Server Traffic (group 8) (emerging-botcc.rules) 2404008 - ET DROP Known Bot C&C Server Traffic (group 9) (emerging-botcc.rules) 2404009 - ET DROP Known Bot C&C Server Traffic (group 10) (emerging-botcc.rules) 2404010 - ET DROP Known Bot C&C Server Traffic (group 11) (emerging-botcc.rules) 2404011 - ET DROP Known Bot C&C Server Traffic (group 12) (emerging-botcc.rules) 2404012 - ET DROP Known Bot C&C Server Traffic (group 13) (emerging-botcc.rules) 2404013 - ET DROP Known Bot C&C Server Traffic (group 14) (emerging-botcc.rules) 2404014 - ET DROP Known Bot C&C Server Traffic (group 15) (emerging-botcc.rules) 2404015 - ET DROP Known Bot C&C Server Traffic (group 16) (emerging-botcc.rules) 2404016 - ET DROP Known Bot C&C Server Traffic (group 17) (emerging-botcc.rules) 2404017 - ET DROP Known Bot C&C Server Traffic (group 18) (emerging-botcc.rules) 2404018 - ET DROP Known Bot C&C Server Traffic (group 19) (emerging-botcc.rules) 2404019 - ET DROP Known Bot C&C Server Traffic (group 20) (emerging-botcc.rules) 2404020 - ET DROP Known Bot C&C Server Traffic (group 21) (emerging-botcc.rules) 2404021 - ET DROP Known Bot C&C Server Traffic (group 22) (emerging-botcc.rules) 2404022 - ET DROP Known Bot C&C Server Traffic (group 23) (emerging-botcc.rules) 2404023 - ET DROP Known Bot C&C Server Traffic (group 24) (emerging-botcc.rules) 2405000 - ET DROP Known Bot C&C Traffic (group 1) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules) 2405001 - ET DROP Known Bot C&C Traffic (group 2) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules) 2405002 - ET DROP Known Bot C&C Traffic (group 3) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules) 2405003 - ET DROP Known Bot C&C Traffic (group 4) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules) 2405004 - ET DROP Known Bot C&C Traffic (group 5) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules) 2405005 - ET DROP Known Bot C&C Traffic (group 6) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules) 2405006 - ET DROP Known Bot C&C Traffic (group 7) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules) 2405007 - ET DROP Known Bot C&C Traffic (group 8) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules) 2405008 - ET DROP Known Bot C&C Traffic (group 9) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules) 2405009 - ET DROP Known Bot C&C Traffic (group 10) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules) 2405010 - ET DROP Known Bot C&C Traffic (group 11) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules) 2405011 - ET DROP Known Bot C&C Traffic (group 12) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules) 2405012 - ET DROP Known Bot C&C Traffic (group 13) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules) 2405013 - ET DROP Known Bot C&C Traffic (group 14) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules) 2405014 - ET DROP Known Bot C&C Traffic (group 15) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules) 2405015 - ET DROP Known Bot C&C Traffic (group 16) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules) 2405016 - ET DROP Known Bot C&C Traffic (group 17) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules) 2405017 - ET DROP Known Bot C&C Traffic (group 18) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules) 2405018 - ET DROP Known Bot C&C Traffic (group 19) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules) 2405019 - ET DROP Known Bot C&C Traffic (group 20) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules) 2405020 - ET DROP Known Bot C&C Traffic (group 21) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules) 2405021 - ET DROP Known Bot C&C Traffic (group 22) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules) 2405022 - ET DROP Known Bot C&C Traffic (group 23) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules) 2405023 - ET DROP Known Bot C&C Traffic (group 24) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules) 2406000 - ET RBN Known Russian Business Network IP TCP (1) (emerging-rbn.rules) 2406001 - ET RBN Known Russian Business Network IP UDP (1) (emerging-rbn.rules) 2406002 - ET RBN Known Russian Business Network IP TCP (2) (emerging-rbn.rules) 2406003 - ET RBN Known Russian Business Network IP UDP (2) (emerging-rbn.rules) 2406004 - ET RBN Known Russian Business Network IP TCP (3) (emerging-rbn.rules) 2406005 - ET RBN Known Russian Business Network IP UDP (3) (emerging-rbn.rules) 2406006 - ET RBN Known Russian Business Network IP TCP (4) (emerging-rbn.rules) 2406007 - ET RBN Known Russian Business Network IP UDP (4) (emerging-rbn.rules) 2406008 - ET RBN Known Russian Business Network IP TCP (5) (emerging-rbn.rules) 2406009 - ET RBN Known Russian Business Network IP UDP (5) (emerging-rbn.rules) 2406010 - ET RBN Known Russian Business Network IP TCP (6) (emerging-rbn.rules) 2406011 - ET RBN Known Russian Business Network IP UDP (6) (emerging-rbn.rules) 2406012 - ET RBN Known Russian Business Network IP TCP (7) (emerging-rbn.rules) 2406013 - ET RBN Known Russian Business Network IP UDP (7) (emerging-rbn.rules) 2406014 - ET RBN Known Russian Business Network IP TCP (8) (emerging-rbn.rules) 2406015 - ET RBN Known Russian Business Network IP UDP (8) (emerging-rbn.rules) 2406016 - ET RBN Known Russian Business Network IP TCP (9) (emerging-rbn.rules) 2406017 - ET RBN Known Russian Business Network IP UDP (9) (emerging-rbn.rules) 2406018 - ET RBN Known Russian Business Network IP TCP (10) (emerging-rbn.rules) 2406019 - ET RBN Known Russian Business Network IP UDP (10) (emerging-rbn.rules) 2406020 - ET RBN Known Russian Business Network IP TCP (11) (emerging-rbn.rules) 2406021 - ET RBN Known Russian Business Network IP UDP (11) (emerging-rbn.rules) 2406022 - ET RBN Known Russian Business Network IP TCP (12) (emerging-rbn.rules) 2406023 - ET RBN Known Russian Business Network IP UDP (12) (emerging-rbn.rules) 2406024 - ET RBN Known Russian Business Network IP TCP (13) (emerging-rbn.rules) 2406025 - ET RBN Known Russian Business Network IP UDP (13) (emerging-rbn.rules) 2406026 - ET RBN Known Russian Business Network IP TCP (14) (emerging-rbn.rules) 2406027 - ET RBN Known Russian Business Network IP UDP (14) (emerging-rbn.rules) 2406028 - ET RBN Known Russian Business Network IP TCP (15) (emerging-rbn.rules) 2406029 - ET RBN Known Russian Business Network IP UDP (15) (emerging-rbn.rules) 2406030 - ET RBN Known Russian Business Network IP TCP (16) (emerging-rbn.rules) 2406031 - ET RBN Known Russian Business Network IP UDP (16) (emerging-rbn.rules) 2406032 - ET RBN Known Russian Business Network IP TCP (17) (emerging-rbn.rules) 2406033 - ET RBN Known Russian Business Network IP UDP (17) (emerging-rbn.rules) 2406034 - ET RBN Known Russian Business Network IP TCP (18) (emerging-rbn.rules) 2406035 - ET RBN Known Russian Business Network IP UDP (18) (emerging-rbn.rules) 2406036 - ET RBN Known Russian Business Network IP TCP (19) (emerging-rbn.rules) 2406037 - ET RBN Known Russian Business Network IP UDP (19) (emerging-rbn.rules) 2406038 - ET RBN Known Russian Business Network IP TCP (20) (emerging-rbn.rules) 2406039 - ET RBN Known Russian Business Network IP UDP (20) (emerging-rbn.rules) 2406040 - ET RBN Known Russian Business Network IP TCP (21) (emerging-rbn.rules) 2406041 - ET RBN Known Russian Business Network IP UDP (21) (emerging-rbn.rules) 2406042 - ET RBN Known Russian Business Network IP TCP (22) (emerging-rbn.rules) 2406043 - ET RBN Known Russian Business Network IP UDP (22) (emerging-rbn.rules) 2406044 - ET RBN Known Russian Business Network IP TCP (23) (emerging-rbn.rules) 2406045 - ET RBN Known Russian Business Network IP UDP (23) (emerging-rbn.rules) 2406046 - ET RBN Known Russian Business Network IP TCP (24) (emerging-rbn.rules) 2406047 - ET RBN Known Russian Business Network IP UDP (24) (emerging-rbn.rules) 2406048 - ET RBN Known Russian Business Network IP TCP (25) (emerging-rbn.rules) 2406049 - ET RBN Known Russian Business Network IP UDP (25) (emerging-rbn.rules) 2406050 - ET RBN Known Russian Business Network IP TCP (26) (emerging-rbn.rules) 2406051 - ET RBN Known Russian Business Network IP UDP (26) (emerging-rbn.rules) 2406052 - ET RBN Known Russian Business Network IP TCP (27) (emerging-rbn.rules) 2406053 - ET RBN Known Russian Business Network IP UDP (27) (emerging-rbn.rules) 2406054 - ET RBN Known Russian Business Network IP TCP (28) (emerging-rbn.rules) 2406055 - ET RBN Known Russian Business Network IP UDP (28) (emerging-rbn.rules) 2406056 - ET RBN Known Russian Business Network IP TCP (29) (emerging-rbn.rules) 2406057 - ET RBN Known Russian Business Network IP UDP (29) (emerging-rbn.rules) 2406058 - ET RBN Known Russian Business Network IP TCP (30) (emerging-rbn.rules) 2406059 - ET RBN Known Russian Business Network IP UDP (30) (emerging-rbn.rules) 2406060 - ET RBN Known Russian Business Network IP TCP (31) (emerging-rbn.rules) 2406061 - ET RBN Known Russian Business Network IP UDP (31) (emerging-rbn.rules) 2406062 - ET RBN Known Russian Business Network IP TCP (32) (emerging-rbn.rules) 2406063 - ET RBN Known Russian Business Network IP UDP (32) (emerging-rbn.rules) 2406064 - ET RBN Known Russian Business Network IP TCP (33) (emerging-rbn.rules) 2406065 - ET RBN Known Russian Business Network IP UDP (33) (emerging-rbn.rules) 2406066 - ET RBN Known Russian Business Network IP TCP (34) (emerging-rbn.rules) 2406067 - ET RBN Known Russian Business Network IP UDP (34) (emerging-rbn.rules) 2406068 - ET RBN Known Russian Business Network IP TCP (35) (emerging-rbn.rules) 2406069 - ET RBN Known Russian Business Network IP UDP (35) (emerging-rbn.rules) 2406070 - ET RBN Known Russian Business Network IP TCP (36) (emerging-rbn.rules) 2406071 - ET RBN Known Russian Business Network IP UDP (36) (emerging-rbn.rules) 2406072 - ET RBN Known Russian Business Network IP TCP (37) (emerging-rbn.rules) 2406073 - ET RBN Known Russian Business Network IP UDP (37) (emerging-rbn.rules) 2406074 - ET RBN Known Russian Business Network IP TCP (38) (emerging-rbn.rules) 2406075 - ET RBN Known Russian Business Network IP UDP (38) (emerging-rbn.rules) 2406076 - ET RBN Known Russian Business Network IP TCP (39) (emerging-rbn.rules) 2406077 - ET RBN Known Russian Business Network IP UDP (39) (emerging-rbn.rules) 2406078 - ET RBN Known Russian Business Network IP TCP (40) (emerging-rbn.rules) 2406079 - ET RBN Known Russian Business Network IP UDP (40) (emerging-rbn.rules) 2406080 - ET RBN Known Russian Business Network IP TCP (41) (emerging-rbn.rules) 2406081 - ET RBN Known Russian Business Network IP UDP (41) (emerging-rbn.rules) 2406082 - ET RBN Known Russian Business Network IP TCP (42) (emerging-rbn.rules) 2406083 - ET RBN Known Russian Business Network IP UDP (42) (emerging-rbn.rules) 2406084 - ET RBN Known Russian Business Network IP TCP (43) (emerging-rbn.rules) 2406085 - ET RBN Known Russian Business Network IP UDP (43) (emerging-rbn.rules) 2406086 - ET RBN Known Russian Business Network IP TCP (44) (emerging-rbn.rules) 2406087 - ET RBN Known Russian Business Network IP UDP (44) (emerging-rbn.rules) 2406088 - ET RBN Known Russian Business Network IP TCP (45) (emerging-rbn.rules) 2406089 - ET RBN Known Russian Business Network IP UDP (45) (emerging-rbn.rules) 2406090 - ET RBN Known Russian Business Network IP TCP (46) (emerging-rbn.rules) 2406091 - ET RBN Known Russian Business Network IP UDP (46) (emerging-rbn.rules) 2406092 - ET RBN Known Russian Business Network IP TCP (47) (emerging-rbn.rules) 2406093 - ET RBN Known Russian Business Network IP UDP (47) (emerging-rbn.rules) 2406094 - ET RBN Known Russian Business Network IP TCP (48) (emerging-rbn.rules) 2406095 - ET RBN Known Russian Business Network IP UDP (48) (emerging-rbn.rules) 2406096 - ET RBN Known Russian Business Network IP TCP (49) (emerging-rbn.rules) 2406097 - ET RBN Known Russian Business Network IP UDP (49) (emerging-rbn.rules) 2406098 - ET RBN Known Russian Business Network IP TCP (50) (emerging-rbn.rules) 2406099 - ET RBN Known Russian Business Network IP UDP (50) (emerging-rbn.rules) 2406100 - ET RBN Known Russian Business Network IP TCP (51) (emerging-rbn.rules) 2406101 - ET RBN Known Russian Business Network IP UDP (51) (emerging-rbn.rules) 2406102 - ET RBN Known Russian Business Network IP TCP (52) (emerging-rbn.rules) 2406103 - ET RBN Known Russian Business Network IP UDP (52) (emerging-rbn.rules) 2406104 - ET RBN Known Russian Business Network IP TCP (53) (emerging-rbn.rules) 2406105 - ET RBN Known Russian Business Network IP UDP (53) (emerging-rbn.rules) 2406106 - ET RBN Known Russian Business Network IP TCP (54) (emerging-rbn.rules) 2406107 - ET RBN Known Russian Business Network IP UDP (54) (emerging-rbn.rules) 2406108 - ET RBN Known Russian Business Network IP TCP (55) (emerging-rbn.rules) 2406109 - ET RBN Known Russian Business Network IP UDP (55) (emerging-rbn.rules) 2406110 - ET RBN Known Russian Business Network IP TCP (56) (emerging-rbn.rules) 2406111 - ET RBN Known Russian Business Network IP UDP (56) (emerging-rbn.rules) 2406112 - ET RBN Known Russian Business Network IP TCP (57) (emerging-rbn.rules) 2406113 - ET RBN Known Russian Business Network IP UDP (57) (emerging-rbn.rules) 2406114 - ET RBN Known Russian Business Network IP TCP (58) (emerging-rbn.rules) 2406115 - ET RBN Known Russian Business Network IP UDP (58) (emerging-rbn.rules) 2406116 - ET RBN Known Russian Business Network IP TCP (59) (emerging-rbn.rules) 2406117 - ET RBN Known Russian Business Network IP UDP (59) (emerging-rbn.rules) 2406118 - ET RBN Known Russian Business Network IP TCP (60) (emerging-rbn.rules) 2406119 - ET RBN Known Russian Business Network IP UDP (60) (emerging-rbn.rules) 2406120 - ET RBN Known Russian Business Network IP TCP (61) (emerging-rbn.rules) 2406121 - ET RBN Known Russian Business Network IP UDP (61) (emerging-rbn.rules) 2406122 - ET RBN Known Russian Business Network IP TCP (62) (emerging-rbn.rules) 2406123 - ET RBN Known Russian Business Network IP UDP (62) (emerging-rbn.rules) 2406124 - ET RBN Known Russian Business Network IP TCP (63) (emerging-rbn.rules) 2406125 - ET RBN Known Russian Business Network IP UDP (63) (emerging-rbn.rules) 2406126 - ET RBN Known Russian Business Network IP TCP (64) (emerging-rbn.rules) 2406127 - ET RBN Known Russian Business Network IP UDP (64) (emerging-rbn.rules) 2406128 - ET RBN Known Russian Business Network IP TCP (65) (emerging-rbn.rules) 2406129 - ET RBN Known Russian Business Network IP UDP (65) (emerging-rbn.rules) 2406130 - ET RBN Known Russian Business Network IP TCP (66) (emerging-rbn.rules) 2406131 - ET RBN Known Russian Business Network IP UDP (66) (emerging-rbn.rules) 2406132 - ET RBN Known Russian Business Network IP TCP (67) (emerging-rbn.rules) 2406133 - ET RBN Known Russian Business Network IP UDP (67) (emerging-rbn.rules) 2406134 - ET RBN Known Russian Business Network IP TCP (68) (emerging-rbn.rules) 2406135 - ET RBN Known Russian Business Network IP UDP (68) (emerging-rbn.rules) 2406136 - ET RBN Known Russian Business Network IP TCP (69) (emerging-rbn.rules) 2406137 - ET RBN Known Russian Business Network IP UDP (69) (emerging-rbn.rules) 2406138 - ET RBN Known Russian Business Network IP TCP (70) (emerging-rbn.rules) 2406139 - ET RBN Known Russian Business Network IP UDP (70) (emerging-rbn.rules) 2406140 - ET RBN Known Russian Business Network IP TCP (71) (emerging-rbn.rules) 2406141 - ET RBN Known Russian Business Network IP UDP (71) (emerging-rbn.rules) 2406142 - ET RBN Known Russian Business Network IP TCP (72) (emerging-rbn.rules) 2406143 - ET RBN Known Russian Business Network IP UDP (72) (emerging-rbn.rules) 2406144 - ET RBN Known Russian Business Network IP TCP (73) (emerging-rbn.rules) 2406145 - ET RBN Known Russian Business Network IP UDP (73) (emerging-rbn.rules) 2406146 - ET RBN Known Russian Business Network IP TCP (74) (emerging-rbn.rules) 2406147 - ET RBN Known Russian Business Network IP UDP (74) (emerging-rbn.rules) 2406148 - ET RBN Known Russian Business Network IP TCP (75) (emerging-rbn.rules) 2406149 - ET RBN Known Russian Business Network IP UDP (75) (emerging-rbn.rules) 2406150 - ET RBN Known Russian Business Network IP TCP (76) (emerging-rbn.rules) 2406151 - ET RBN Known Russian Business Network IP UDP (76) (emerging-rbn.rules) 2406152 - ET RBN Known Russian Business Network IP TCP (77) (emerging-rbn.rules) 2406153 - ET RBN Known Russian Business Network IP UDP (77) (emerging-rbn.rules) 2406154 - ET RBN Known Russian Business Network IP TCP (78) (emerging-rbn.rules) 2406155 - ET RBN Known Russian Business Network IP UDP (78) (emerging-rbn.rules) 2406156 - ET RBN Known Russian Business Network IP TCP (79) (emerging-rbn.rules) 2406157 - ET RBN Known Russian Business Network IP UDP (79) (emerging-rbn.rules) 2406158 - ET RBN Known Russian Business Network IP TCP (80) (emerging-rbn.rules) 2406159 - ET RBN Known Russian Business Network IP UDP (80) (emerging-rbn.rules) 2406160 - ET RBN Known Russian Business Network IP TCP (81) (emerging-rbn.rules) 2406161 - ET RBN Known Russian Business Network IP UDP (81) (emerging-rbn.rules) 2406162 - ET RBN Known Russian Business Network IP TCP (82) (emerging-rbn.rules) 2406163 - ET RBN Known Russian Business Network IP UDP (82) (emerging-rbn.rules) 2406164 - ET RBN Known Russian Business Network IP TCP (83) (emerging-rbn.rules) 2406165 - ET RBN Known Russian Business Network IP UDP (83) (emerging-rbn.rules) 2406166 - ET RBN Known Russian Business Network IP TCP (84) (emerging-rbn.rules) 2406167 - ET RBN Known Russian Business Network IP UDP (84) (emerging-rbn.rules) 2406168 - ET RBN Known Russian Business Network IP TCP (85) (emerging-rbn.rules) 2406169 - ET RBN Known Russian Business Network IP UDP (85) (emerging-rbn.rules) 2406170 - ET RBN Known Russian Business Network IP TCP (86) (emerging-rbn.rules) 2406171 - ET RBN Known Russian Business Network IP UDP (86) (emerging-rbn.rules) 2406172 - ET RBN Known Russian Business Network IP TCP (87) (emerging-rbn.rules) 2406173 - ET RBN Known Russian Business Network IP UDP (87) (emerging-rbn.rules) 2406174 - ET RBN Known Russian Business Network IP TCP (88) (emerging-rbn.rules) 2406175 - ET RBN Known Russian Business Network IP UDP (88) (emerging-rbn.rules) 2406176 - ET RBN Known Russian Business Network IP TCP (89) (emerging-rbn.rules) 2406177 - ET RBN Known Russian Business Network IP UDP (89) (emerging-rbn.rules) 2406178 - ET RBN Known Russian Business Network IP TCP (90) (emerging-rbn.rules) 2406179 - ET RBN Known Russian Business Network IP UDP (90) (emerging-rbn.rules) 2406180 - ET RBN Known Russian Business Network IP TCP (91) (emerging-rbn.rules) 2406181 - ET RBN Known Russian Business Network IP UDP (91) (emerging-rbn.rules) 2406182 - ET RBN Known Russian Business Network IP TCP (92) (emerging-rbn.rules) 2406183 - ET RBN Known Russian Business Network IP UDP (92) (emerging-rbn.rules) 2406184 - ET RBN Known Russian Business Network IP TCP (93) (emerging-rbn.rules) 2406185 - ET RBN Known Russian Business Network IP UDP (93) (emerging-rbn.rules) 2406186 - ET RBN Known Russian Business Network IP TCP (94) (emerging-rbn.rules) 2406187 - ET RBN Known Russian Business Network IP UDP (94) (emerging-rbn.rules) 2406188 - ET RBN Known Russian Business Network IP TCP (95) (emerging-rbn.rules) 2406189 - ET RBN Known Russian Business Network IP UDP (95) (emerging-rbn.rules) 2406190 - ET RBN Known Russian Business Network IP TCP (96) (emerging-rbn.rules) 2406191 - ET RBN Known Russian Business Network IP UDP (96) (emerging-rbn.rules) 2406192 - ET RBN Known Russian Business Network IP TCP (97) (emerging-rbn.rules) 2406193 - ET RBN Known Russian Business Network IP UDP (97) (emerging-rbn.rules) 2406194 - ET RBN Known Russian Business Network IP TCP (98) (emerging-rbn.rules) 2406195 - ET RBN Known Russian Business Network IP UDP (98) (emerging-rbn.rules) 2406196 - ET RBN Known Russian Business Network IP TCP (99) (emerging-rbn.rules) 2406197 - ET RBN Known Russian Business Network IP UDP (99) (emerging-rbn.rules) 2406198 - ET RBN Known Russian Business Network IP TCP (100) (emerging-rbn.rules) 2406199 - ET RBN Known Russian Business Network IP UDP (100) (emerging-rbn.rules) 2406200 - ET RBN Known Russian Business Network IP TCP (101) (emerging-rbn.rules) 2406201 - ET RBN Known Russian Business Network IP UDP (101) (emerging-rbn.rules) 2406202 - ET RBN Known Russian Business Network IP TCP (102) (emerging-rbn.rules) 2406203 - ET RBN Known Russian Business Network IP UDP (102) (emerging-rbn.rules) 2406204 - ET RBN Known Russian Business Network IP TCP (103) (emerging-rbn.rules) 2406205 - ET RBN Known Russian Business Network IP UDP (103) (emerging-rbn.rules) 2406206 - ET RBN Known Russian Business Network IP TCP (104) (emerging-rbn.rules) 2406207 - ET RBN Known Russian Business Network IP UDP (104) (emerging-rbn.rules) 2406208 - ET RBN Known Russian Business Network IP TCP (105) (emerging-rbn.rules) 2406209 - ET RBN Known Russian Business Network IP UDP (105) (emerging-rbn.rules) 2406210 - ET RBN Known Russian Business Network IP TCP (106) (emerging-rbn.rules) 2406211 - ET RBN Known Russian Business Network IP UDP (106) (emerging-rbn.rules) 2406212 - ET RBN Known Russian Business Network IP TCP (107) (emerging-rbn.rules) 2406213 - ET RBN Known Russian Business Network IP UDP (107) (emerging-rbn.rules) 2406214 - ET RBN Known Russian Business Network IP TCP (108) (emerging-rbn.rules) 2406215 - ET RBN Known Russian Business Network IP UDP (108) (emerging-rbn.rules) 2406216 - ET RBN Known Russian Business Network IP TCP (109) (emerging-rbn.rules) 2406217 - ET RBN Known Russian Business Network IP UDP (109) (emerging-rbn.rules) 2406218 - ET RBN Known Russian Business Network IP TCP (110) (emerging-rbn.rules) 2406219 - ET RBN Known Russian Business Network IP UDP (110) (emerging-rbn.rules) 2406220 - ET RBN Known Russian Business Network IP TCP (111) (emerging-rbn.rules) 2406221 - ET RBN Known Russian Business Network IP UDP (111) (emerging-rbn.rules) 2406222 - ET RBN Known Russian Business Network IP TCP (112) (emerging-rbn.rules) 2406223 - ET RBN Known Russian Business Network IP UDP (112) (emerging-rbn.rules) 2406224 - ET RBN Known Russian Business Network IP TCP (113) (emerging-rbn.rules) 2406225 - ET RBN Known Russian Business Network IP UDP (113) (emerging-rbn.rules) 2406226 - ET RBN Known Russian Business Network IP TCP (114) (emerging-rbn.rules) 2406227 - ET RBN Known Russian Business Network IP UDP (114) (emerging-rbn.rules) 2406228 - ET RBN Known Russian Business Network IP TCP (115) (emerging-rbn.rules) 2406229 - ET RBN Known Russian Business Network IP UDP (115) (emerging-rbn.rules) 2406230 - ET RBN Known Russian Business Network IP TCP (116) (emerging-rbn.rules) 2406231 - ET RBN Known Russian Business Network IP UDP (116) (emerging-rbn.rules) 2406232 - ET RBN Known Russian Business Network IP TCP (117) (emerging-rbn.rules) 2406233 - ET RBN Known Russian Business Network IP UDP (117) (emerging-rbn.rules) 2406234 - ET RBN Known Russian Business Network IP TCP (118) (emerging-rbn.rules) 2406235 - ET RBN Known Russian Business Network IP UDP (118) (emerging-rbn.rules) 2406236 - ET RBN Known Russian Business Network IP TCP (119) (emerging-rbn.rules) 2406237 - ET RBN Known Russian Business Network IP UDP (119) (emerging-rbn.rules) 2406238 - ET RBN Known Russian Business Network IP TCP (120) (emerging-rbn.rules) 2406239 - ET RBN Known Russian Business Network IP UDP (120) (emerging-rbn.rules) 2406240 - ET RBN Known Russian Business Network IP TCP (121) (emerging-rbn.rules) 2406241 - ET RBN Known Russian Business Network IP UDP (121) (emerging-rbn.rules) 2406242 - ET RBN Known Russian Business Network IP TCP (122) (emerging-rbn.rules) 2406243 - ET RBN Known Russian Business Network IP UDP (122) (emerging-rbn.rules) 2406244 - ET RBN Known Russian Business Network IP TCP (123) (emerging-rbn.rules) 2406245 - ET RBN Known Russian Business Network IP UDP (123) (emerging-rbn.rules) 2406246 - ET RBN Known Russian Business Network IP TCP (124) (emerging-rbn.rules) 2406247 - ET RBN Known Russian Business Network IP UDP (124) (emerging-rbn.rules) 2406248 - ET RBN Known Russian Business Network IP TCP (125) (emerging-rbn.rules) 2406249 - ET RBN Known Russian Business Network IP UDP (125) (emerging-rbn.rules) 2406250 - ET RBN Known Russian Business Network IP TCP (126) (emerging-rbn.rules) 2406251 - ET RBN Known Russian Business Network IP UDP (126) (emerging-rbn.rules) 2406252 - ET RBN Known Russian Business Network IP TCP (127) (emerging-rbn.rules) 2406253 - ET RBN Known Russian Business Network IP UDP (127) (emerging-rbn.rules) 2406254 - ET RBN Known Russian Business Network IP TCP (128) (emerging-rbn.rules) 2406255 - ET RBN Known Russian Business Network IP UDP (128) (emerging-rbn.rules) 2406256 - ET RBN Known Russian Business Network IP TCP (129) (emerging-rbn.rules) 2406257 - ET RBN Known Russian Business Network IP UDP (129) (emerging-rbn.rules) 2406258 - ET RBN Known Russian Business Network IP TCP (130) (emerging-rbn.rules) 2406259 - ET RBN Known Russian Business Network IP UDP (130) (emerging-rbn.rules) 2406260 - ET RBN Known Russian Business Network IP TCP (131) (emerging-rbn.rules) 2406261 - ET RBN Known Russian Business Network IP UDP (131) (emerging-rbn.rules) 2406262 - ET RBN Known Russian Business Network IP TCP (132) (emerging-rbn.rules) 2406263 - ET RBN Known Russian Business Network IP UDP (132) (emerging-rbn.rules) 2406264 - ET RBN Known Russian Business Network IP TCP (133) (emerging-rbn.rules) 2406265 - ET RBN Known Russian Business Network IP UDP (133) (emerging-rbn.rules) 2406266 - ET RBN Known Russian Business Network IP TCP (134) (emerging-rbn.rules) 2406267 - ET RBN Known Russian Business Network IP UDP (134) (emerging-rbn.rules) 2406268 - ET RBN Known Russian Business Network IP TCP (135) (emerging-rbn.rules) 2406269 - ET RBN Known Russian Business Network IP UDP (135) (emerging-rbn.rules) 2406270 - ET RBN Known Russian Business Network IP TCP (136) (emerging-rbn.rules) 2406271 - ET RBN Known Russian Business Network IP UDP (136) (emerging-rbn.rules) 2406272 - ET RBN Known Russian Business Network IP TCP (137) (emerging-rbn.rules) 2406273 - ET RBN Known Russian Business Network IP UDP (137) (emerging-rbn.rules) 2406274 - ET RBN Known Russian Business Network IP TCP (138) (emerging-rbn.rules) 2406275 - ET RBN Known Russian Business Network IP UDP (138) (emerging-rbn.rules) 2406276 - ET RBN Known Russian Business Network IP TCP (139) (emerging-rbn.rules) 2406277 - ET RBN Known Russian Business Network IP UDP (139) (emerging-rbn.rules) 2406278 - ET RBN Known Russian Business Network IP TCP (140) (emerging-rbn.rules) 2406279 - ET RBN Known Russian Business Network IP UDP (140) (emerging-rbn.rules) 2406280 - ET RBN Known Russian Business Network IP TCP (141) (emerging-rbn.rules) 2406281 - ET RBN Known Russian Business Network IP UDP (141) (emerging-rbn.rules) 2406282 - ET RBN Known Russian Business Network IP TCP (142) (emerging-rbn.rules) 2406283 - ET RBN Known Russian Business Network IP UDP (142) (emerging-rbn.rules) 2406284 - ET RBN Known Russian Business Network IP TCP (143) (emerging-rbn.rules) 2406285 - ET RBN Known Russian Business Network IP UDP (143) (emerging-rbn.rules) 2406286 - ET RBN Known Russian Business Network IP TCP (144) (emerging-rbn.rules) 2406287 - ET RBN Known Russian Business Network IP UDP (144) (emerging-rbn.rules) 2406288 - ET RBN Known Russian Business Network IP TCP (145) (emerging-rbn.rules) 2406289 - ET RBN Known Russian Business Network IP UDP (145) (emerging-rbn.rules) 2406290 - ET RBN Known Russian Business Network IP TCP (146) (emerging-rbn.rules) 2406291 - ET RBN Known Russian Business Network IP UDP (146) (emerging-rbn.rules) 2406292 - ET RBN Known Russian Business Network IP TCP (147) (emerging-rbn.rules) 2406293 - ET RBN Known Russian Business Network IP UDP (147) (emerging-rbn.rules) 2406294 - ET RBN Known Russian Business Network IP TCP (148) (emerging-rbn.rules) 2406295 - ET RBN Known Russian Business Network IP UDP (148) (emerging-rbn.rules) 2406296 - ET RBN Known Russian Business Network IP TCP (149) (emerging-rbn.rules) 2406297 - ET RBN Known Russian Business Network IP UDP (149) (emerging-rbn.rules) 2406298 - ET RBN Known Russian Business Network IP TCP (150) (emerging-rbn.rules) 2406299 - ET RBN Known Russian Business Network IP UDP (150) (emerging-rbn.rules) 2406300 - ET RBN Known Russian Business Network IP TCP (151) (emerging-rbn.rules) 2406301 - ET RBN Known Russian Business Network IP UDP (151) (emerging-rbn.rules) 2406302 - ET RBN Known Russian Business Network IP TCP (152) (emerging-rbn.rules) 2406303 - ET RBN Known Russian Business Network IP UDP (152) (emerging-rbn.rules) 2406304 - ET RBN Known Russian Business Network IP TCP (153) (emerging-rbn.rules) 2406305 - ET RBN Known Russian Business Network IP UDP (153) (emerging-rbn.rules) 2406306 - ET RBN Known Russian Business Network IP TCP (154) (emerging-rbn.rules) 2406307 - ET RBN Known Russian Business Network IP UDP (154) (emerging-rbn.rules) 2406308 - ET RBN Known Russian Business Network IP TCP (155) (emerging-rbn.rules) 2406309 - ET RBN Known Russian Business Network IP UDP (155) (emerging-rbn.rules) 2406310 - ET RBN Known Russian Business Network IP TCP (156) (emerging-rbn.rules) 2406311 - ET RBN Known Russian Business Network IP UDP (156) (emerging-rbn.rules) 2406312 - ET RBN Known Russian Business Network IP TCP (157) (emerging-rbn.rules) 2406313 - ET RBN Known Russian Business Network IP UDP (157) (emerging-rbn.rules) 2406314 - ET RBN Known Russian Business Network IP TCP (158) (emerging-rbn.rules) 2406315 - ET RBN Known Russian Business Network IP UDP (158) (emerging-rbn.rules) 2406316 - ET RBN Known Russian Business Network IP TCP (159) (emerging-rbn.rules) 2406317 - ET RBN Known Russian Business Network IP UDP (159) (emerging-rbn.rules) 2406318 - ET RBN Known Russian Business Network IP TCP (160) (emerging-rbn.rules) 2406319 - ET RBN Known Russian Business Network IP UDP (160) (emerging-rbn.rules) 2406320 - ET RBN Known Russian Business Network IP TCP (161) (emerging-rbn.rules) 2406321 - ET RBN Known Russian Business Network IP UDP (161) (emerging-rbn.rules) 2406322 - ET RBN Known Russian Business Network IP TCP (162) (emerging-rbn.rules) 2406323 - ET RBN Known Russian Business Network IP UDP (162) (emerging-rbn.rules) 2406324 - ET RBN Known Russian Business Network IP TCP (163) (emerging-rbn.rules) 2406325 - ET RBN Known Russian Business Network IP UDP (163) (emerging-rbn.rules) 2406326 - ET RBN Known Russian Business Network IP TCP (164) (emerging-rbn.rules) 2406327 - ET RBN Known Russian Business Network IP UDP (164) (emerging-rbn.rules) 2406328 - ET RBN Known Russian Business Network IP TCP (165) (emerging-rbn.rules) 2406329 - ET RBN Known Russian Business Network IP UDP (165) (emerging-rbn.rules) 2406330 - ET RBN Known Russian Business Network IP TCP (166) (emerging-rbn.rules) 2406331 - ET RBN Known Russian Business Network IP UDP (166) (emerging-rbn.rules) 2406332 - ET RBN Known Russian Business Network IP TCP (167) (emerging-rbn.rules) 2406333 - ET RBN Known Russian Business Network IP UDP (167) (emerging-rbn.rules) 2406334 - ET RBN Known Russian Business Network IP TCP (168) (emerging-rbn.rules) 2406335 - ET RBN Known Russian Business Network IP UDP (168) (emerging-rbn.rules) 2406336 - ET RBN Known Russian Business Network IP TCP (169) (emerging-rbn.rules) 2406337 - ET RBN Known Russian Business Network IP UDP (169) (emerging-rbn.rules) 2406338 - ET RBN Known Russian Business Network IP TCP (170) (emerging-rbn.rules) 2406339 - ET RBN Known Russian Business Network IP UDP (170) (emerging-rbn.rules) 2406340 - ET RBN Known Russian Business Network IP TCP (171) (emerging-rbn.rules) 2406341 - ET RBN Known Russian Business Network IP UDP (171) (emerging-rbn.rules) 2406342 - ET RBN Known Russian Business Network IP TCP (172) (emerging-rbn.rules) 2406343 - ET RBN Known Russian Business Network IP UDP (172) (emerging-rbn.rules) 2406344 - ET RBN Known Russian Business Network IP TCP (173) (emerging-rbn.rules) 2406345 - ET RBN Known Russian Business Network IP UDP (173) (emerging-rbn.rules) 2406346 - ET RBN Known Russian Business Network IP TCP (174) (emerging-rbn.rules) 2406347 - ET RBN Known Russian Business Network IP UDP (174) (emerging-rbn.rules) 2406348 - ET RBN Known Russian Business Network IP TCP (175) (emerging-rbn.rules) 2406349 - ET RBN Known Russian Business Network IP UDP (175) (emerging-rbn.rules) 2406350 - ET RBN Known Russian Business Network IP TCP (176) (emerging-rbn.rules) 2406351 - ET RBN Known Russian Business Network IP UDP (176) (emerging-rbn.rules) 2406352 - ET RBN Known Russian Business Network IP TCP (177) (emerging-rbn.rules) 2406353 - ET RBN Known Russian Business Network IP UDP (177) (emerging-rbn.rules) 2406354 - ET RBN Known Russian Business Network IP TCP (178) (emerging-rbn.rules) 2406355 - ET RBN Known Russian Business Network IP UDP (178) (emerging-rbn.rules) 2406356 - ET RBN Known Russian Business Network IP TCP (179) (emerging-rbn.rules) 2406357 - ET RBN Known Russian Business Network IP UDP (179) (emerging-rbn.rules) 2406358 - ET RBN Known Russian Business Network IP TCP (180) (emerging-rbn.rules) 2406359 - ET RBN Known Russian Business Network IP UDP (180) (emerging-rbn.rules) 2406360 - ET RBN Known Russian Business Network IP TCP (181) (emerging-rbn.rules) 2406361 - ET RBN Known Russian Business Network IP UDP (181) (emerging-rbn.rules) 2406362 - ET RBN Known Russian Business Network IP TCP (182) (emerging-rbn.rules) 2406363 - ET RBN Known Russian Business Network IP UDP (182) (emerging-rbn.rules) 2406364 - ET RBN Known Russian Business Network IP TCP (183) (emerging-rbn.rules) 2406365 - ET RBN Known Russian Business Network IP UDP (183) (emerging-rbn.rules) 2406366 - ET RBN Known Russian Business Network IP TCP (184) (emerging-rbn.rules) 2406367 - ET RBN Known Russian Business Network IP UDP (184) (emerging-rbn.rules) 2406368 - ET RBN Known Russian Business Network IP TCP (185) (emerging-rbn.rules) 2406369 - ET RBN Known Russian Business Network IP UDP (185) (emerging-rbn.rules) 2406370 - ET RBN Known Russian Business Network IP TCP (186) (emerging-rbn.rules) 2406371 - ET RBN Known Russian Business Network IP UDP (186) (emerging-rbn.rules) 2406372 - ET RBN Known Russian Business Network IP TCP (187) (emerging-rbn.rules) 2406373 - ET RBN Known Russian Business Network IP UDP (187) (emerging-rbn.rules) 2406374 - ET RBN Known Russian Business Network IP TCP (188) (emerging-rbn.rules) 2406375 - ET RBN Known Russian Business Network IP UDP (188) (emerging-rbn.rules) 2406376 - ET RBN Known Russian Business Network IP TCP (189) (emerging-rbn.rules) 2406377 - ET RBN Known Russian Business Network IP UDP (189) (emerging-rbn.rules) 2406378 - ET RBN Known Russian Business Network IP TCP (190) (emerging-rbn.rules) 2406379 - ET RBN Known Russian Business Network IP UDP (190) (emerging-rbn.rules) 2406380 - ET RBN Known Russian Business Network IP TCP (191) (emerging-rbn.rules) 2406381 - ET RBN Known Russian Business Network IP UDP (191) (emerging-rbn.rules) 2406382 - ET RBN Known Russian Business Network IP TCP (192) (emerging-rbn.rules) 2406383 - ET RBN Known Russian Business Network IP UDP (192) (emerging-rbn.rules) 2406384 - ET RBN Known Russian Business Network IP TCP (193) (emerging-rbn.rules) 2406385 - ET RBN Known Russian Business Network IP UDP (193) (emerging-rbn.rules) 2406386 - ET RBN Known Russian Business Network IP TCP (194) (emerging-rbn.rules) 2406387 - ET RBN Known Russian Business Network IP UDP (194) (emerging-rbn.rules) 2406388 - ET RBN Known Russian Business Network IP TCP (195) (emerging-rbn.rules) 2406389 - ET RBN Known Russian Business Network IP UDP (195) (emerging-rbn.rules) 2406390 - ET RBN Known Russian Business Network IP TCP (196) (emerging-rbn.rules) 2406391 - ET RBN Known Russian Business Network IP UDP (196) (emerging-rbn.rules) 2406392 - ET RBN Known Russian Business Network IP TCP (197) (emerging-rbn.rules) 2406393 - ET RBN Known Russian Business Network IP UDP (197) (emerging-rbn.rules) 2406394 - ET RBN Known Russian Business Network IP TCP (198) (emerging-rbn.rules) 2406395 - ET RBN Known Russian Business Network IP UDP (198) (emerging-rbn.rules) 2406396 - ET RBN Known Russian Business Network IP TCP (199) (emerging-rbn.rules) 2406397 - ET RBN Known Russian Business Network IP UDP (199) (emerging-rbn.rules) 2406398 - ET RBN Known Russian Business Network IP TCP (200) (emerging-rbn.rules) 2406399 - ET RBN Known Russian Business Network IP UDP (200) (emerging-rbn.rules) 2406400 - ET RBN Known Russian Business Network IP TCP (201) (emerging-rbn.rules) 2406401 - ET RBN Known Russian Business Network IP UDP (201) (emerging-rbn.rules) 2406402 - ET RBN Known Russian Business Network IP TCP (202) (emerging-rbn.rules) 2406403 - ET RBN Known Russian Business Network IP UDP (202) (emerging-rbn.rules) 2406404 - ET RBN Known Russian Business Network IP TCP (203) (emerging-rbn.rules) 2406405 - ET RBN Known Russian Business Network IP UDP (203) (emerging-rbn.rules) 2406406 - ET RBN Known Russian Business Network IP TCP (204) (emerging-rbn.rules) 2406407 - ET RBN Known Russian Business Network IP UDP (204) (emerging-rbn.rules) 2406408 - ET RBN Known Russian Business Network IP TCP (205) (emerging-rbn.rules) 2406409 - ET RBN Known Russian Business Network IP UDP (205) (emerging-rbn.rules) 2406410 - ET RBN Known Russian Business Network IP TCP (206) (emerging-rbn.rules) 2406411 - ET RBN Known Russian Business Network IP UDP (206) (emerging-rbn.rules) 2406412 - ET RBN Known Russian Business Network IP TCP (207) (emerging-rbn.rules) 2406413 - ET RBN Known Russian Business Network IP UDP (207) (emerging-rbn.rules) 2406414 - ET RBN Known Russian Business Network IP TCP (208) (emerging-rbn.rules) 2406415 - ET RBN Known Russian Business Network IP UDP (208) (emerging-rbn.rules) 2406416 - ET RBN Known Russian Business Network IP TCP (209) (emerging-rbn.rules) 2406417 - ET RBN Known Russian Business Network IP UDP (209) (emerging-rbn.rules) 2406418 - ET RBN Known Russian Business Network IP TCP (210) (emerging-rbn.rules) 2406419 - ET RBN Known Russian Business Network IP UDP (210) (emerging-rbn.rules) 2406420 - ET RBN Known Russian Business Network IP TCP (211) (emerging-rbn.rules) 2406421 - ET RBN Known Russian Business Network IP UDP (211) (emerging-rbn.rules) 2406422 - ET RBN Known Russian Business Network IP TCP (212) (emerging-rbn.rules) 2406423 - ET RBN Known Russian Business Network IP UDP (212) (emerging-rbn.rules) 2406424 - ET RBN Known Russian Business Network IP TCP (213) (emerging-rbn.rules) 2406425 - ET RBN Known Russian Business Network IP UDP (213) (emerging-rbn.rules) 2406426 - ET RBN Known Russian Business Network IP TCP (214) (emerging-rbn.rules) 2406427 - ET RBN Known Russian Business Network IP UDP (214) (emerging-rbn.rules) 2406428 - ET RBN Known Russian Business Network IP TCP (215) (emerging-rbn.rules) 2406429 - ET RBN Known Russian Business Network IP UDP (215) (emerging-rbn.rules) 2406430 - ET RBN Known Russian Business Network IP TCP (216) (emerging-rbn.rules) 2406431 - ET RBN Known Russian Business Network IP UDP (216) (emerging-rbn.rules) 2406432 - ET RBN Known Russian Business Network IP TCP (217) (emerging-rbn.rules) 2406433 - ET RBN Known Russian Business Network IP UDP (217) (emerging-rbn.rules) 2406434 - ET RBN Known Russian Business Network IP TCP (218) (emerging-rbn.rules) 2406435 - ET RBN Known Russian Business Network IP UDP (218) (emerging-rbn.rules) 2406436 - ET RBN Known Russian Business Network IP TCP (219) (emerging-rbn.rules) 2406437 - ET RBN Known Russian Business Network IP UDP (219) (emerging-rbn.rules) 2406438 - ET RBN Known Russian Business Network IP TCP (220) (emerging-rbn.rules) 2406439 - ET RBN Known Russian Business Network IP UDP (220) (emerging-rbn.rules) 2406440 - ET RBN Known Russian Business Network IP TCP (221) (emerging-rbn.rules) 2406441 - ET RBN Known Russian Business Network IP UDP (221) (emerging-rbn.rules) 2406442 - ET RBN Known Russian Business Network IP TCP (222) (emerging-rbn.rules) 2406443 - ET RBN Known Russian Business Network IP UDP (222) (emerging-rbn.rules) 2406444 - ET RBN Known Russian Business Network IP TCP (223) (emerging-rbn.rules) 2406445 - ET RBN Known Russian Business Network IP UDP (223) (emerging-rbn.rules) 2406446 - ET RBN Known Russian Business Network IP TCP (224) (emerging-rbn.rules) 2406447 - ET RBN Known Russian Business Network IP UDP (224) (emerging-rbn.rules) 2406448 - ET RBN Known Russian Business Network IP TCP (225) (emerging-rbn.rules) 2406449 - ET RBN Known Russian Business Network IP UDP (225) (emerging-rbn.rules) 2406450 - ET RBN Known Russian Business Network IP TCP (226) (emerging-rbn.rules) 2406451 - ET RBN Known Russian Business Network IP UDP (226) (emerging-rbn.rules) 2406452 - ET RBN Known Russian Business Network IP TCP (227) (emerging-rbn.rules) 2406453 - ET RBN Known Russian Business Network IP UDP (227) (emerging-rbn.rules) 2406454 - ET RBN Known Russian Business Network IP TCP (228) (emerging-rbn.rules) 2406455 - ET RBN Known Russian Business Network IP UDP (228) (emerging-rbn.rules) 2406456 - ET RBN Known Russian Business Network IP TCP (229) (emerging-rbn.rules) 2406457 - ET RBN Known Russian Business Network IP UDP (229) (emerging-rbn.rules) 2406458 - ET RBN Known Russian Business Network IP TCP (230) (emerging-rbn.rules) 2406459 - ET RBN Known Russian Business Network IP UDP (230) (emerging-rbn.rules) 2406460 - ET RBN Known Russian Business Network IP TCP (231) (emerging-rbn.rules) 2406461 - ET RBN Known Russian Business Network IP UDP (231) (emerging-rbn.rules) 2406462 - ET RBN Known Russian Business Network IP TCP (232) (emerging-rbn.rules) 2406463 - ET RBN Known Russian Business Network IP UDP (232) (emerging-rbn.rules) 2406464 - ET RBN Known Russian Business Network IP TCP (233) (emerging-rbn.rules) 2406465 - ET RBN Known Russian Business Network IP UDP (233) (emerging-rbn.rules) 2406466 - ET RBN Known Russian Business Network IP TCP (234) (emerging-rbn.rules) 2406467 - ET RBN Known Russian Business Network IP UDP (234) (emerging-rbn.rules) 2406468 - ET RBN Known Russian Business Network IP TCP (235) (emerging-rbn.rules) 2406469 - ET RBN Known Russian Business Network IP UDP (235) (emerging-rbn.rules) 2406470 - ET RBN Known Russian Business Network IP TCP (236) (emerging-rbn.rules) 2406471 - ET RBN Known Russian Business Network IP UDP (236) (emerging-rbn.rules) 2406472 - ET RBN Known Russian Business Network IP TCP (237) (emerging-rbn.rules) 2406473 - ET RBN Known Russian Business Network IP UDP (237) (emerging-rbn.rules) 2406474 - ET RBN Known Russian Business Network IP TCP (238) (emerging-rbn.rules) 2406475 - ET RBN Known Russian Business Network IP UDP (238) (emerging-rbn.rules) 2406476 - ET RBN Known Russian Business Network IP TCP (239) (emerging-rbn.rules) 2406477 - ET RBN Known Russian Business Network IP UDP (239) (emerging-rbn.rules) 2406478 - ET RBN Known Russian Business Network IP TCP (240) (emerging-rbn.rules) 2406479 - ET RBN Known Russian Business Network IP UDP (240) (emerging-rbn.rules) 2406480 - ET RBN Known Russian Business Network IP TCP (241) (emerging-rbn.rules) 2406481 - ET RBN Known Russian Business Network IP UDP (241) (emerging-rbn.rules) 2406482 - ET RBN Known Russian Business Network IP TCP (242) (emerging-rbn.rules) 2406483 - ET RBN Known Russian Business Network IP UDP (242) (emerging-rbn.rules) 2406484 - ET RBN Known Russian Business Network IP TCP (243) (emerging-rbn.rules) 2406485 - ET RBN Known Russian Business Network IP UDP (243) (emerging-rbn.rules) 2406486 - ET RBN Known Russian Business Network IP TCP (244) (emerging-rbn.rules) 2406487 - ET RBN Known Russian Business Network IP UDP (244) (emerging-rbn.rules) 2406488 - ET RBN Known Russian Business Network IP TCP (245) (emerging-rbn.rules) 2406489 - ET RBN Known Russian Business Network IP UDP (245) (emerging-rbn.rules) 2406490 - ET RBN Known Russian Business Network IP TCP (246) (emerging-rbn.rules) 2406491 - ET RBN Known Russian Business Network IP UDP (246) (emerging-rbn.rules) 2406492 - ET RBN Known Russian Business Network IP TCP (247) (emerging-rbn.rules) 2406493 - ET RBN Known Russian Business Network IP UDP (247) (emerging-rbn.rules) 2406494 - ET RBN Known Russian Business Network IP TCP (248) (emerging-rbn.rules) 2406495 - ET RBN Known Russian Business Network IP UDP (248) (emerging-rbn.rules) 2406496 - ET RBN Known Russian Business Network IP TCP (249) (emerging-rbn.rules) 2406497 - ET RBN Known Russian Business Network IP UDP (249) (emerging-rbn.rules) 2406498 - ET RBN Known Russian Business Network IP TCP (250) (emerging-rbn.rules) 2406499 - ET RBN Known Russian Business Network IP UDP (250) (emerging-rbn.rules) 2406500 - ET RBN Known Russian Business Network IP TCP (251) (emerging-rbn.rules) 2406501 - ET RBN Known Russian Business Network IP UDP (251) (emerging-rbn.rules) 2406502 - ET RBN Known Russian Business Network IP TCP (252) (emerging-rbn.rules) 2406503 - ET RBN Known Russian Business Network IP UDP (252) (emerging-rbn.rules) 2406504 - ET RBN Known Russian Business Network IP TCP (253) (emerging-rbn.rules) 2406505 - ET RBN Known Russian Business Network IP UDP (253) (emerging-rbn.rules) 2406506 - ET RBN Known Russian Business Network IP TCP (254) (emerging-rbn.rules) 2406507 - ET RBN Known Russian Business Network IP UDP (254) (emerging-rbn.rules) 2406508 - ET RBN Known Russian Business Network IP TCP (255) (emerging-rbn.rules) 2406509 - ET RBN Known Russian Business Network IP UDP (255) (emerging-rbn.rules) 2406510 - ET RBN Known Russian Business Network IP TCP (256) (emerging-rbn.rules) 2406511 - ET RBN Known Russian Business Network IP UDP (256) (emerging-rbn.rules) 2406512 - ET RBN Known Russian Business Network IP TCP (257) (emerging-rbn.rules) 2406513 - ET RBN Known Russian Business Network IP UDP (257) (emerging-rbn.rules) 2406514 - ET RBN Known Russian Business Network IP TCP (258) (emerging-rbn.rules) 2406515 - ET RBN Known Russian Business Network IP UDP (258) (emerging-rbn.rules) 2406516 - ET RBN Known Russian Business Network IP TCP (259) (emerging-rbn.rules) 2406517 - ET RBN Known Russian Business Network IP UDP (259) (emerging-rbn.rules) 2406518 - ET RBN Known Russian Business Network IP TCP (260) (emerging-rbn.rules) 2406519 - ET RBN Known Russian Business Network IP UDP (260) (emerging-rbn.rules) 2406520 - ET RBN Known Russian Business Network IP TCP (261) (emerging-rbn.rules) 2406521 - ET RBN Known Russian Business Network IP UDP (261) (emerging-rbn.rules) 2406522 - ET RBN Known Russian Business Network IP TCP (262) (emerging-rbn.rules) 2406523 - ET RBN Known Russian Business Network IP UDP (262) (emerging-rbn.rules) 2406524 - ET RBN Known Russian Business Network IP TCP (263) (emerging-rbn.rules) 2406525 - ET RBN Known Russian Business Network IP UDP (263) (emerging-rbn.rules) 2406526 - ET RBN Known Russian Business Network IP TCP (264) (emerging-rbn.rules) 2406527 - ET RBN Known Russian Business Network IP UDP (264) (emerging-rbn.rules) 2406528 - ET RBN Known Russian Business Network IP TCP (265) (emerging-rbn.rules) 2406529 - ET RBN Known Russian Business Network IP UDP (265) (emerging-rbn.rules) 2406530 - ET RBN Known Russian Business Network IP TCP (266) (emerging-rbn.rules) 2406531 - ET RBN Known Russian Business Network IP UDP (266) (emerging-rbn.rules) 2406532 - ET RBN Known Russian Business Network IP TCP (267) (emerging-rbn.rules) 2406533 - ET RBN Known Russian Business Network IP UDP (267) (emerging-rbn.rules) 2406534 - ET RBN Known Russian Business Network IP TCP (268) (emerging-rbn.rules) 2406535 - ET RBN Known Russian Business Network IP UDP (268) (emerging-rbn.rules) 2406536 - ET RBN Known Russian Business Network IP TCP (269) (emerging-rbn.rules) 2406537 - ET RBN Known Russian Business Network IP UDP (269) (emerging-rbn.rules) 2406538 - ET RBN Known Russian Business Network IP TCP (270) (emerging-rbn.rules) 2406539 - ET RBN Known Russian Business Network IP UDP (270) (emerging-rbn.rules) 2406540 - ET RBN Known Russian Business Network IP TCP (271) (emerging-rbn.rules) 2406541 - ET RBN Known Russian Business Network IP UDP (271) (emerging-rbn.rules) 2406542 - ET RBN Known Russian Business Network IP TCP (272) (emerging-rbn.rules) 2406543 - ET RBN Known Russian Business Network IP UDP (272) (emerging-rbn.rules) 2406544 - ET RBN Known Russian Business Network IP TCP (273) (emerging-rbn.rules) 2406545 - ET RBN Known Russian Business Network IP UDP (273) (emerging-rbn.rules) 2406546 - ET RBN Known Russian Business Network IP TCP (274) (emerging-rbn.rules) 2406547 - ET RBN Known Russian Business Network IP UDP (274) (emerging-rbn.rules) 2406548 - ET RBN Known Russian Business Network IP TCP (275) (emerging-rbn.rules) 2406549 - ET RBN Known Russian Business Network IP UDP (275) (emerging-rbn.rules) 2406550 - ET RBN Known Russian Business Network IP TCP (276) (emerging-rbn.rules) 2406551 - ET RBN Known Russian Business Network IP UDP (276) (emerging-rbn.rules) 2406552 - ET RBN Known Russian Business Network IP TCP (277) (emerging-rbn.rules) 2406553 - ET RBN Known Russian Business Network IP UDP (277) (emerging-rbn.rules) 2406554 - ET RBN Known Russian Business Network IP TCP (278) (emerging-rbn.rules) 2406555 - ET RBN Known Russian Business Network IP UDP (278) (emerging-rbn.rules) 2406556 - ET RBN Known Russian Business Network IP TCP (279) (emerging-rbn.rules) 2406557 - ET RBN Known Russian Business Network IP UDP (279) (emerging-rbn.rules) 2406558 - ET RBN Known Russian Business Network IP TCP (280) (emerging-rbn.rules) 2406559 - ET RBN Known Russian Business Network IP UDP (280) (emerging-rbn.rules) 2406560 - ET RBN Known Russian Business Network IP TCP (281) (emerging-rbn.rules) 2406561 - ET RBN Known Russian Business Network IP UDP (281) (emerging-rbn.rules) 2406562 - ET RBN Known Russian Business Network IP TCP (282) (emerging-rbn.rules) 2406563 - ET RBN Known Russian Business Network IP UDP (282) (emerging-rbn.rules) 2406564 - ET RBN Known Russian Business Network IP TCP (283) (emerging-rbn.rules) 2406565 - ET RBN Known Russian Business Network IP UDP (283) (emerging-rbn.rules) 2406566 - ET RBN Known Russian Business Network IP TCP (284) (emerging-rbn.rules) 2406567 - ET RBN Known Russian Business Network IP UDP (284) (emerging-rbn.rules) 2406568 - ET RBN Known Russian Business Network IP TCP (285) (emerging-rbn.rules) 2406569 - ET RBN Known Russian Business Network IP UDP (285) (emerging-rbn.rules) 2406570 - ET RBN Known Russian Business Network IP TCP (286) (emerging-rbn.rules) 2406571 - ET RBN Known Russian Business Network IP UDP (286) (emerging-rbn.rules) 2406572 - ET RBN Known Russian Business Network IP TCP (287) (emerging-rbn.rules) 2406573 - ET RBN Known Russian Business Network IP UDP (287) (emerging-rbn.rules) 2406574 - ET RBN Known Russian Business Network IP TCP (288) (emerging-rbn.rules) 2406575 - ET RBN Known Russian Business Network IP UDP (288) (emerging-rbn.rules) 2406576 - ET RBN Known Russian Business Network IP TCP (289) (emerging-rbn.rules) 2406577 - ET RBN Known Russian Business Network IP UDP (289) (emerging-rbn.rules) 2406578 - ET RBN Known Russian Business Network IP TCP (290) (emerging-rbn.rules) 2406579 - ET RBN Known Russian Business Network IP UDP (290) (emerging-rbn.rules) 2406580 - ET RBN Known Russian Business Network IP TCP (291) (emerging-rbn.rules) 2406581 - ET RBN Known Russian Business Network IP UDP (291) (emerging-rbn.rules) 2406582 - ET RBN Known Russian Business Network IP TCP (292) (emerging-rbn.rules) 2406583 - ET RBN Known Russian Business Network IP UDP (292) (emerging-rbn.rules) 2406584 - ET RBN Known Russian Business Network IP TCP (293) (emerging-rbn.rules) 2406585 - ET RBN Known Russian Business Network IP UDP (293) (emerging-rbn.rules) 2406586 - ET RBN Known Russian Business Network IP TCP (294) (emerging-rbn.rules) 2406587 - ET RBN Known Russian Business Network IP UDP (294) (emerging-rbn.rules) 2406588 - ET RBN Known Russian Business Network IP TCP (295) (emerging-rbn.rules) 2406589 - ET RBN Known Russian Business Network IP UDP (295) (emerging-rbn.rules) 2406590 - ET RBN Known Russian Business Network IP TCP (296) (emerging-rbn.rules) 2406591 - ET RBN Known Russian Business Network IP UDP (296) (emerging-rbn.rules) 2406592 - ET RBN Known Russian Business Network IP TCP (297) (emerging-rbn.rules) 2406593 - ET RBN Known Russian Business Network IP UDP (297) (emerging-rbn.rules) 2406594 - ET RBN Known Russian Business Network IP TCP (298) (emerging-rbn.rules) 2406595 - ET RBN Known Russian Business Network IP UDP (298) (emerging-rbn.rules) 2406596 - ET RBN Known Russian Business Network IP TCP (299) (emerging-rbn.rules) 2406597 - ET RBN Known Russian Business Network IP UDP (299) (emerging-rbn.rules) 2406598 - ET RBN Known Russian Business Network IP TCP (300) (emerging-rbn.rules) 2406599 - ET RBN Known Russian Business Network IP UDP (300) (emerging-rbn.rules) 2406600 - ET RBN Known Russian Business Network IP TCP (301) (emerging-rbn.rules) 2406601 - ET RBN Known Russian Business Network IP UDP (301) (emerging-rbn.rules) 2406602 - ET RBN Known Russian Business Network IP TCP (302) (emerging-rbn.rules) 2406603 - ET RBN Known Russian Business Network IP UDP (302) (emerging-rbn.rules) 2406604 - ET RBN Known Russian Business Network IP TCP (303) (emerging-rbn.rules) 2406605 - ET RBN Known Russian Business Network IP UDP (303) (emerging-rbn.rules) 2406606 - ET RBN Known Russian Business Network IP TCP (304) (emerging-rbn.rules) 2406607 - ET RBN Known Russian Business Network IP UDP (304) (emerging-rbn.rules) 2406608 - ET RBN Known Russian Business Network IP TCP (305) (emerging-rbn.rules) 2406609 - ET RBN Known Russian Business Network IP UDP (305) (emerging-rbn.rules) 2406610 - ET RBN Known Russian Business Network IP TCP (306) (emerging-rbn.rules) 2406611 - ET RBN Known Russian Business Network IP UDP (306) (emerging-rbn.rules) 2406612 - ET RBN Known Russian Business Network IP TCP (307) (emerging-rbn.rules) 2406613 - ET RBN Known Russian Business Network IP UDP (307) (emerging-rbn.rules) 2406614 - ET RBN Known Russian Business Network IP TCP (308) (emerging-rbn.rules) 2406615 - ET RBN Known Russian Business Network IP UDP (308) (emerging-rbn.rules) 2406616 - ET RBN Known Russian Business Network IP TCP (309) (emerging-rbn.rules) 2406617 - ET RBN Known Russian Business Network IP UDP (309) (emerging-rbn.rules) 2406618 - ET RBN Known Russian Business Network IP TCP (310) (emerging-rbn.rules) 2406619 - ET RBN Known Russian Business Network IP UDP (310) (emerging-rbn.rules) 2407000 - ET RBN Known Russian Business Network IP TCP - BLOCKING (1) (emerging-rbn-BLOCK.rules) 2407001 - ET RBN Known Russian Business Network IP UDP - BLOCKING (1) (emerging-rbn-BLOCK.rules) 2407002 - ET RBN Known Russian Business Network IP TCP - BLOCKING (2) (emerging-rbn-BLOCK.rules) 2407003 - ET RBN Known Russian Business Network IP UDP - BLOCKING (2) (emerging-rbn-BLOCK.rules) 2407004 - ET RBN Known Russian Business Network IP TCP - BLOCKING (3) (emerging-rbn-BLOCK.rules) 2407005 - ET RBN Known Russian Business Network IP UDP - BLOCKING (3) (emerging-rbn-BLOCK.rules) 2407006 - ET RBN Known Russian Business Network IP TCP - BLOCKING (4) (emerging-rbn-BLOCK.rules) 2407007 - ET RBN Known Russian Business Network IP UDP - BLOCKING (4) (emerging-rbn-BLOCK.rules) 2407008 - ET RBN Known Russian Business Network IP TCP - BLOCKING (5) (emerging-rbn-BLOCK.rules) 2407009 - ET RBN Known Russian Business Network IP UDP - BLOCKING (5) (emerging-rbn-BLOCK.rules) 2407010 - ET RBN Known Russian Business Network IP TCP - BLOCKING (6) (emerging-rbn-BLOCK.rules) 2407011 - ET RBN Known Russian Business Network IP UDP - BLOCKING (6) (emerging-rbn-BLOCK.rules) 2407012 - ET RBN Known Russian Business Network IP TCP - BLOCKING (7) (emerging-rbn-BLOCK.rules) 2407013 - ET RBN Known Russian Business Network IP UDP - BLOCKING (7) (emerging-rbn-BLOCK.rules) 2407014 - ET RBN Known Russian Business Network IP TCP - BLOCKING (8) (emerging-rbn-BLOCK.rules) 2407015 - ET RBN Known Russian Business Network IP UDP - BLOCKING (8) (emerging-rbn-BLOCK.rules) 2407016 - ET RBN Known Russian Business Network IP TCP - BLOCKING (9) (emerging-rbn-BLOCK.rules) 2407017 - ET RBN Known Russian Business Network IP UDP - BLOCKING (9) (emerging-rbn-BLOCK.rules) 2407018 - ET RBN Known Russian Business Network IP TCP - BLOCKING (10) (emerging-rbn-BLOCK.rules) 2407019 - ET RBN Known Russian Business Network IP UDP - BLOCKING (10) (emerging-rbn-BLOCK.rules) 2407020 - ET RBN Known Russian Business Network IP TCP - BLOCKING (11) (emerging-rbn-BLOCK.rules) 2407021 - ET RBN Known Russian Business Network IP UDP - BLOCKING (11) (emerging-rbn-BLOCK.rules) 2407022 - ET RBN Known Russian Business Network IP TCP - BLOCKING (12) (emerging-rbn-BLOCK.rules) 2407023 - ET RBN Known Russian Business Network IP UDP - BLOCKING (12) (emerging-rbn-BLOCK.rules) 2407024 - ET RBN Known Russian Business Network IP TCP - BLOCKING (13) (emerging-rbn-BLOCK.rules) 2407025 - ET RBN Known Russian Business Network IP UDP - BLOCKING (13) (emerging-rbn-BLOCK.rules) 2407026 - ET RBN Known Russian Business Network IP TCP - BLOCKING (14) (emerging-rbn-BLOCK.rules) 2407027 - ET RBN Known Russian Business Network IP UDP - BLOCKING (14) (emerging-rbn-BLOCK.rules) 2407028 - ET RBN Known Russian Business Network IP TCP - BLOCKING (15) (emerging-rbn-BLOCK.rules) 2407029 - ET RBN Known Russian Business Network IP UDP - BLOCKING (15) (emerging-rbn-BLOCK.rules) 2407030 - ET RBN Known Russian Business Network IP TCP - BLOCKING (16) (emerging-rbn-BLOCK.rules) 2407031 - ET RBN Known Russian Business Network IP UDP - BLOCKING (16) (emerging-rbn-BLOCK.rules) 2407032 - ET RBN Known Russian Business Network IP TCP - BLOCKING (17) (emerging-rbn-BLOCK.rules) 2407033 - ET RBN Known Russian Business Network IP UDP - BLOCKING (17) (emerging-rbn-BLOCK.rules) 2407034 - ET RBN Known Russian Business Network IP TCP - BLOCKING (18) (emerging-rbn-BLOCK.rules) 2407035 - ET RBN Known Russian Business Network IP UDP - BLOCKING (18) (emerging-rbn-BLOCK.rules) 2407036 - ET RBN Known Russian Business Network IP TCP - BLOCKING (19) (emerging-rbn-BLOCK.rules) 2407037 - ET RBN Known Russian Business Network IP UDP - BLOCKING (19) (emerging-rbn-BLOCK.rules) 2407038 - ET RBN Known Russian Business Network IP TCP - BLOCKING (20) (emerging-rbn-BLOCK.rules) 2407039 - ET RBN Known Russian Business Network IP UDP - BLOCKING (20) (emerging-rbn-BLOCK.rules) 2407040 - ET RBN Known Russian Business Network IP TCP - BLOCKING (21) (emerging-rbn-BLOCK.rules) 2407041 - ET RBN Known Russian Business Network IP UDP - BLOCKING (21) (emerging-rbn-BLOCK.rules) 2407042 - ET RBN Known Russian Business Network IP TCP - BLOCKING (22) (emerging-rbn-BLOCK.rules) 2407043 - ET RBN Known Russian Business Network IP UDP - BLOCKING (22) (emerging-rbn-BLOCK.rules) 2407044 - ET RBN Known Russian Business Network IP TCP - BLOCKING (23) (emerging-rbn-BLOCK.rules) 2407045 - ET RBN Known Russian Business Network IP UDP - BLOCKING (23) (emerging-rbn-BLOCK.rules) 2407046 - ET RBN Known Russian Business Network IP TCP - BLOCKING (24) (emerging-rbn-BLOCK.rules) 2407047 - ET RBN Known Russian Business Network IP UDP - BLOCKING (24) (emerging-rbn-BLOCK.rules) 2407048 - ET RBN Known Russian Business Network IP TCP - BLOCKING (25) (emerging-rbn-BLOCK.rules) 2407049 - ET RBN Known Russian Business Network IP UDP - BLOCKING (25) (emerging-rbn-BLOCK.rules) 2407050 - ET RBN Known Russian Business Network IP TCP - BLOCKING (26) (emerging-rbn-BLOCK.rules) 2407051 - ET RBN Known Russian Business Network IP UDP - BLOCKING (26) (emerging-rbn-BLOCK.rules) 2407052 - ET RBN Known Russian Business Network IP TCP - BLOCKING (27) (emerging-rbn-BLOCK.rules) 2407053 - ET RBN Known Russian Business Network IP UDP - BLOCKING (27) (emerging-rbn-BLOCK.rules) 2407054 - ET RBN Known Russian Business Network IP TCP - BLOCKING (28) (emerging-rbn-BLOCK.rules) 2407055 - ET RBN Known Russian Business Network IP UDP - BLOCKING (28) (emerging-rbn-BLOCK.rules) 2407056 - ET RBN Known Russian Business Network IP TCP - BLOCKING (29) (emerging-rbn-BLOCK.rules) 2407057 - ET RBN Known Russian Business Network IP UDP - BLOCKING (29) (emerging-rbn-BLOCK.rules) 2407058 - ET RBN Known Russian Business Network IP TCP - BLOCKING (30) (emerging-rbn-BLOCK.rules) 2407059 - ET RBN Known Russian Business Network IP UDP - BLOCKING (30) (emerging-rbn-BLOCK.rules) 2407060 - ET RBN Known Russian Business Network IP TCP - BLOCKING (31) (emerging-rbn-BLOCK.rules) 2407061 - ET RBN Known Russian Business Network IP UDP - BLOCKING (31) (emerging-rbn-BLOCK.rules) 2407062 - ET RBN Known Russian Business Network IP TCP - BLOCKING (32) (emerging-rbn-BLOCK.rules) 2407063 - ET RBN Known Russian Business Network IP UDP - BLOCKING (32) (emerging-rbn-BLOCK.rules) 2407064 - ET RBN Known Russian Business Network IP TCP - BLOCKING (33) (emerging-rbn-BLOCK.rules) 2407065 - ET RBN Known Russian Business Network IP UDP - BLOCKING (33) (emerging-rbn-BLOCK.rules) 2407066 - ET RBN Known Russian Business Network IP TCP - BLOCKING (34) (emerging-rbn-BLOCK.rules) 2407067 - ET RBN Known Russian Business Network IP UDP - BLOCKING (34) (emerging-rbn-BLOCK.rules) 2407068 - ET RBN Known Russian Business Network IP TCP - BLOCKING (35) (emerging-rbn-BLOCK.rules) 2407069 - ET RBN Known Russian Business Network IP UDP - BLOCKING (35) (emerging-rbn-BLOCK.rules) 2407070 - ET RBN Known Russian Business Network IP TCP - BLOCKING (36) (emerging-rbn-BLOCK.rules) 2407071 - ET RBN Known Russian Business Network IP UDP - BLOCKING (36) (emerging-rbn-BLOCK.rules) 2407072 - ET RBN Known Russian Business Network IP TCP - BLOCKING (37) (emerging-rbn-BLOCK.rules) 2407073 - ET RBN Known Russian Business Network IP UDP - BLOCKING (37) (emerging-rbn-BLOCK.rules) 2407074 - ET RBN Known Russian Business Network IP TCP - BLOCKING (38) (emerging-rbn-BLOCK.rules) 2407075 - ET RBN Known Russian Business Network IP UDP - BLOCKING (38) (emerging-rbn-BLOCK.rules) 2407076 - ET RBN Known Russian Business Network IP TCP - BLOCKING (39) (emerging-rbn-BLOCK.rules) 2407077 - ET RBN Known Russian Business Network IP UDP - BLOCKING (39) (emerging-rbn-BLOCK.rules) 2407078 - ET RBN Known Russian Business Network IP TCP - BLOCKING (40) (emerging-rbn-BLOCK.rules) 2407079 - ET RBN Known Russian Business Network IP UDP - BLOCKING (40) (emerging-rbn-BLOCK.rules) 2407080 - ET RBN Known Russian Business Network IP TCP - BLOCKING (41) (emerging-rbn-BLOCK.rules) 2407081 - ET RBN Known Russian Business Network IP UDP - BLOCKING (41) (emerging-rbn-BLOCK.rules) 2407082 - ET RBN Known Russian Business Network IP TCP - BLOCKING (42) (emerging-rbn-BLOCK.rules) 2407083 - ET RBN Known Russian Business Network IP UDP - BLOCKING (42) (emerging-rbn-BLOCK.rules) 2407084 - ET RBN Known Russian Business Network IP TCP - BLOCKING (43) (emerging-rbn-BLOCK.rules) 2407085 - ET RBN Known Russian Business Network IP UDP - BLOCKING (43) (emerging-rbn-BLOCK.rules) 2407086 - ET RBN Known Russian Business Network IP TCP - BLOCKING (44) (emerging-rbn-BLOCK.rules) 2407087 - ET RBN Known Russian Business Network IP UDP - BLOCKING (44) (emerging-rbn-BLOCK.rules) 2407088 - ET RBN Known Russian Business Network IP TCP - BLOCKING (45) (emerging-rbn-BLOCK.rules) 2407089 - ET RBN Known Russian Business Network IP UDP - BLOCKING (45) (emerging-rbn-BLOCK.rules) 2407090 - ET RBN Known Russian Business Network IP TCP - BLOCKING (46) (emerging-rbn-BLOCK.rules) 2407091 - ET RBN Known Russian Business Network IP UDP - BLOCKING (46) (emerging-rbn-BLOCK.rules) 2407092 - ET RBN Known Russian Business Network IP TCP - BLOCKING (47) (emerging-rbn-BLOCK.rules) 2407093 - ET RBN Known Russian Business Network IP UDP - BLOCKING (47) (emerging-rbn-BLOCK.rules) 2407094 - ET RBN Known Russian Business Network IP TCP - BLOCKING (48) (emerging-rbn-BLOCK.rules) 2407095 - ET RBN Known Russian Business Network IP UDP - BLOCKING (48) (emerging-rbn-BLOCK.rules) 2407096 - ET RBN Known Russian Business Network IP TCP - BLOCKING (49) (emerging-rbn-BLOCK.rules) 2407097 - ET RBN Known Russian Business Network IP UDP - BLOCKING (49) (emerging-rbn-BLOCK.rules) 2407098 - ET RBN Known Russian Business Network IP TCP - BLOCKING (50) (emerging-rbn-BLOCK.rules) 2407099 - ET RBN Known Russian Business Network IP UDP - BLOCKING (50) (emerging-rbn-BLOCK.rules) 2407100 - ET RBN Known Russian Business Network IP TCP - BLOCKING (51) (emerging-rbn-BLOCK.rules) 2407101 - ET RBN Known Russian Business Network IP UDP - BLOCKING (51) (emerging-rbn-BLOCK.rules) 2407102 - ET RBN Known Russian Business Network IP TCP - BLOCKING (52) (emerging-rbn-BLOCK.rules) 2407103 - ET RBN Known Russian Business Network IP UDP - BLOCKING (52) (emerging-rbn-BLOCK.rules) 2407104 - ET RBN Known Russian Business Network IP TCP - BLOCKING (53) (emerging-rbn-BLOCK.rules) 2407105 - ET RBN Known Russian Business Network IP UDP - BLOCKING (53) (emerging-rbn-BLOCK.rules) 2407106 - ET RBN Known Russian Business Network IP TCP - BLOCKING (54) (emerging-rbn-BLOCK.rules) 2407107 - ET RBN Known Russian Business Network IP UDP - BLOCKING (54) (emerging-rbn-BLOCK.rules) 2407108 - ET RBN Known Russian Business Network IP TCP - BLOCKING (55) (emerging-rbn-BLOCK.rules) 2407109 - ET RBN Known Russian Business Network IP UDP - BLOCKING (55) (emerging-rbn-BLOCK.rules) 2407110 - ET RBN Known Russian Business Network IP TCP - BLOCKING (56) (emerging-rbn-BLOCK.rules) 2407111 - ET RBN Known Russian Business Network IP UDP - BLOCKING (56) (emerging-rbn-BLOCK.rules) 2407112 - ET RBN Known Russian Business Network IP TCP - BLOCKING (57) (emerging-rbn-BLOCK.rules) 2407113 - ET RBN Known Russian Business Network IP UDP - BLOCKING (57) (emerging-rbn-BLOCK.rules) 2407114 - ET RBN Known Russian Business Network IP TCP - BLOCKING (58) (emerging-rbn-BLOCK.rules) 2407115 - ET RBN Known Russian Business Network IP UDP - BLOCKING (58) (emerging-rbn-BLOCK.rules) 2407116 - ET RBN Known Russian Business Network IP TCP - BLOCKING (59) (emerging-rbn-BLOCK.rules) 2407117 - ET RBN Known Russian Business Network IP UDP - BLOCKING (59) (emerging-rbn-BLOCK.rules) 2407118 - ET RBN Known Russian Business Network IP TCP - BLOCKING (60) (emerging-rbn-BLOCK.rules) 2407119 - ET RBN Known Russian Business Network IP UDP - BLOCKING (60) (emerging-rbn-BLOCK.rules) 2407120 - ET RBN Known Russian Business Network IP TCP - BLOCKING (61) (emerging-rbn-BLOCK.rules) 2407121 - ET RBN Known Russian Business Network IP UDP - BLOCKING (61) (emerging-rbn-BLOCK.rules) 2407122 - ET RBN Known Russian Business Network IP TCP - BLOCKING (62) (emerging-rbn-BLOCK.rules) 2407123 - ET RBN Known Russian Business Network IP UDP - BLOCKING (62) (emerging-rbn-BLOCK.rules) 2407124 - ET RBN Known Russian Business Network IP TCP - BLOCKING (63) (emerging-rbn-BLOCK.rules) 2407125 - ET RBN Known Russian Business Network IP UDP - BLOCKING (63) (emerging-rbn-BLOCK.rules) 2407126 - ET RBN Known Russian Business Network IP TCP - BLOCKING (64) (emerging-rbn-BLOCK.rules) 2407127 - ET RBN Known Russian Business Network IP UDP - BLOCKING (64) (emerging-rbn-BLOCK.rules) 2407128 - ET RBN Known Russian Business Network IP TCP - BLOCKING (65) (emerging-rbn-BLOCK.rules) 2407129 - ET RBN Known Russian Business Network IP UDP - BLOCKING (65) (emerging-rbn-BLOCK.rules) 2407130 - ET RBN Known Russian Business Network IP TCP - BLOCKING (66) (emerging-rbn-BLOCK.rules) 2407131 - ET RBN Known Russian Business Network IP UDP - BLOCKING (66) (emerging-rbn-BLOCK.rules) 2407132 - ET RBN Known Russian Business Network IP TCP - BLOCKING (67) (emerging-rbn-BLOCK.rules) 2407133 - ET RBN Known Russian Business Network IP UDP - BLOCKING (67) (emerging-rbn-BLOCK.rules) 2407134 - ET RBN Known Russian Business Network IP TCP - BLOCKING (68) (emerging-rbn-BLOCK.rules) 2407135 - ET RBN Known Russian Business Network IP UDP - BLOCKING (68) (emerging-rbn-BLOCK.rules) 2407136 - ET RBN Known Russian Business Network IP TCP - BLOCKING (69) (emerging-rbn-BLOCK.rules) 2407137 - ET RBN Known Russian Business Network IP UDP - BLOCKING (69) (emerging-rbn-BLOCK.rules) 2407138 - ET RBN Known Russian Business Network IP TCP - BLOCKING (70) (emerging-rbn-BLOCK.rules) 2407139 - ET RBN Known Russian Business Network IP UDP - BLOCKING (70) (emerging-rbn-BLOCK.rules) 2407140 - ET RBN Known Russian Business Network IP TCP - BLOCKING (71) (emerging-rbn-BLOCK.rules) 2407141 - ET RBN Known Russian Business Network IP UDP - BLOCKING (71) (emerging-rbn-BLOCK.rules) 2407142 - ET RBN Known Russian Business Network IP TCP - BLOCKING (72) (emerging-rbn-BLOCK.rules) 2407143 - ET RBN Known Russian Business Network IP UDP - BLOCKING (72) (emerging-rbn-BLOCK.rules) 2407144 - ET RBN Known Russian Business Network IP TCP - BLOCKING (73) (emerging-rbn-BLOCK.rules) 2407145 - ET RBN Known Russian Business Network IP UDP - BLOCKING (73) (emerging-rbn-BLOCK.rules) 2407146 - ET RBN Known Russian Business Network IP TCP - BLOCKING (74) (emerging-rbn-BLOCK.rules) 2407147 - ET RBN Known Russian Business Network IP UDP - BLOCKING (74) (emerging-rbn-BLOCK.rules) 2407148 - ET RBN Known Russian Business Network IP TCP - BLOCKING (75) (emerging-rbn-BLOCK.rules) 2407149 - ET RBN Known Russian Business Network IP UDP - BLOCKING (75) (emerging-rbn-BLOCK.rules) 2407150 - ET RBN Known Russian Business Network IP TCP - BLOCKING (76) (emerging-rbn-BLOCK.rules) 2407151 - ET RBN Known Russian Business Network IP UDP - BLOCKING (76) (emerging-rbn-BLOCK.rules) 2407152 - ET RBN Known Russian Business Network IP TCP - BLOCKING (77) (emerging-rbn-BLOCK.rules) 2407153 - ET RBN Known Russian Business Network IP UDP - BLOCKING (77) (emerging-rbn-BLOCK.rules) 2407154 - ET RBN Known Russian Business Network IP TCP - BLOCKING (78) (emerging-rbn-BLOCK.rules) 2407155 - ET RBN Known Russian Business Network IP UDP - BLOCKING (78) (emerging-rbn-BLOCK.rules) 2407156 - ET RBN Known Russian Business Network IP TCP - BLOCKING (79) (emerging-rbn-BLOCK.rules) 2407157 - ET RBN Known Russian Business Network IP UDP - BLOCKING (79) (emerging-rbn-BLOCK.rules) 2407158 - ET RBN Known Russian Business Network IP TCP - BLOCKING (80) (emerging-rbn-BLOCK.rules) 2407159 - ET RBN Known Russian Business Network IP UDP - BLOCKING (80) (emerging-rbn-BLOCK.rules) 2407160 - ET RBN Known Russian Business Network IP TCP - BLOCKING (81) (emerging-rbn-BLOCK.rules) 2407161 - ET RBN Known Russian Business Network IP UDP - BLOCKING (81) (emerging-rbn-BLOCK.rules) 2407162 - ET RBN Known Russian Business Network IP TCP - BLOCKING (82) (emerging-rbn-BLOCK.rules) 2407163 - ET RBN Known Russian Business Network IP UDP - BLOCKING (82) (emerging-rbn-BLOCK.rules) 2407164 - ET RBN Known Russian Business Network IP TCP - BLOCKING (83) (emerging-rbn-BLOCK.rules) 2407165 - ET RBN Known Russian Business Network IP UDP - BLOCKING (83) (emerging-rbn-BLOCK.rules) 2407166 - ET RBN Known Russian Business Network IP TCP - BLOCKING (84) (emerging-rbn-BLOCK.rules) 2407167 - ET RBN Known Russian Business Network IP UDP - BLOCKING (84) (emerging-rbn-BLOCK.rules) 2407168 - ET RBN Known Russian Business Network IP TCP - BLOCKING (85) (emerging-rbn-BLOCK.rules) 2407169 - ET RBN Known Russian Business Network IP UDP - BLOCKING (85) (emerging-rbn-BLOCK.rules) 2407170 - ET RBN Known Russian Business Network IP TCP - BLOCKING (86) (emerging-rbn-BLOCK.rules) 2407171 - ET RBN Known Russian Business Network IP UDP - BLOCKING (86) (emerging-rbn-BLOCK.rules) 2407172 - ET RBN Known Russian Business Network IP TCP - BLOCKING (87) (emerging-rbn-BLOCK.rules) 2407173 - ET RBN Known Russian Business Network IP UDP - BLOCKING (87) (emerging-rbn-BLOCK.rules) 2407174 - ET RBN Known Russian Business Network IP TCP - BLOCKING (88) (emerging-rbn-BLOCK.rules) 2407175 - ET RBN Known Russian Business Network IP UDP - BLOCKING (88) (emerging-rbn-BLOCK.rules) 2407176 - ET RBN Known Russian Business Network IP TCP - BLOCKING (89) (emerging-rbn-BLOCK.rules) 2407177 - ET RBN Known Russian Business Network IP UDP - BLOCKING (89) (emerging-rbn-BLOCK.rules) 2407178 - ET RBN Known Russian Business Network IP TCP - BLOCKING (90) (emerging-rbn-BLOCK.rules) 2407179 - ET RBN Known Russian Business Network IP UDP - BLOCKING (90) (emerging-rbn-BLOCK.rules) 2407180 - ET RBN Known Russian Business Network IP TCP - BLOCKING (91) (emerging-rbn-BLOCK.rules) 2407181 - ET RBN Known Russian Business Network IP UDP - BLOCKING (91) (emerging-rbn-BLOCK.rules) 2407182 - ET RBN Known Russian Business Network IP TCP - BLOCKING (92) (emerging-rbn-BLOCK.rules) 2407183 - ET RBN Known Russian Business Network IP UDP - BLOCKING (92) (emerging-rbn-BLOCK.rules) 2407184 - ET RBN Known Russian Business Network IP TCP - BLOCKING (93) (emerging-rbn-BLOCK.rules) 2407185 - ET RBN Known Russian Business Network IP UDP - BLOCKING (93) (emerging-rbn-BLOCK.rules) 2407186 - ET RBN Known Russian Business Network IP TCP - BLOCKING (94) (emerging-rbn-BLOCK.rules) 2407187 - ET RBN Known Russian Business Network IP UDP - BLOCKING (94) (emerging-rbn-BLOCK.rules) 2407188 - ET RBN Known Russian Business Network IP TCP - BLOCKING (95) (emerging-rbn-BLOCK.rules) 2407189 - ET RBN Known Russian Business Network IP UDP - BLOCKING (95) (emerging-rbn-BLOCK.rules) 2407190 - ET RBN Known Russian Business Network IP TCP - BLOCKING (96) (emerging-rbn-BLOCK.rules) 2407191 - ET RBN Known Russian Business Network IP UDP - BLOCKING (96) (emerging-rbn-BLOCK.rules) 2407192 - ET RBN Known Russian Business Network IP TCP - BLOCKING (97) (emerging-rbn-BLOCK.rules) 2407193 - ET RBN Known Russian Business Network IP UDP - BLOCKING (97) (emerging-rbn-BLOCK.rules) 2407194 - ET RBN Known Russian Business Network IP TCP - BLOCKING (98) (emerging-rbn-BLOCK.rules) 2407195 - ET RBN Known Russian Business Network IP UDP - BLOCKING (98) (emerging-rbn-BLOCK.rules) 2407196 - ET RBN Known Russian Business Network IP TCP - BLOCKING (99) (emerging-rbn-BLOCK.rules) 2407197 - ET RBN Known Russian Business Network IP UDP - BLOCKING (99) (emerging-rbn-BLOCK.rules) 2407198 - ET RBN Known Russian Business Network IP TCP - BLOCKING (100) (emerging-rbn-BLOCK.rules) 2407199 - ET RBN Known Russian Business Network IP UDP - BLOCKING (100) (emerging-rbn-BLOCK.rules) 2407200 - ET RBN Known Russian Business Network IP TCP - BLOCKING (101) (emerging-rbn-BLOCK.rules) 2407201 - ET RBN Known Russian Business Network IP UDP - BLOCKING (101) (emerging-rbn-BLOCK.rules) 2407202 - ET RBN Known Russian Business Network IP TCP - BLOCKING (102) (emerging-rbn-BLOCK.rules) 2407203 - ET RBN Known Russian Business Network IP UDP - BLOCKING (102) (emerging-rbn-BLOCK.rules) 2407204 - ET RBN Known Russian Business Network IP TCP - BLOCKING (103) (emerging-rbn-BLOCK.rules) 2407205 - ET RBN Known Russian Business Network IP UDP - BLOCKING (103) (emerging-rbn-BLOCK.rules) 2407206 - ET RBN Known Russian Business Network IP TCP - BLOCKING (104) (emerging-rbn-BLOCK.rules) 2407207 - ET RBN Known Russian Business Network IP UDP - BLOCKING (104) (emerging-rbn-BLOCK.rules) 2407208 - ET RBN Known Russian Business Network IP TCP - BLOCKING (105) (emerging-rbn-BLOCK.rules) 2407209 - ET RBN Known Russian Business Network IP UDP - BLOCKING (105) (emerging-rbn-BLOCK.rules) 2407210 - ET RBN Known Russian Business Network IP TCP - BLOCKING (106) (emerging-rbn-BLOCK.rules) 2407211 - ET RBN Known Russian Business Network IP UDP - BLOCKING (106) (emerging-rbn-BLOCK.rules) 2407212 - ET RBN Known Russian Business Network IP TCP - BLOCKING (107) (emerging-rbn-BLOCK.rules) 2407213 - ET RBN Known Russian Business Network IP UDP - BLOCKING (107) (emerging-rbn-BLOCK.rules) 2407214 - ET RBN Known Russian Business Network IP TCP - BLOCKING (108) (emerging-rbn-BLOCK.rules) 2407215 - ET RBN Known Russian Business Network IP UDP - BLOCKING (108) (emerging-rbn-BLOCK.rules) 2407216 - ET RBN Known Russian Business Network IP TCP - BLOCKING (109) (emerging-rbn-BLOCK.rules) 2407217 - ET RBN Known Russian Business Network IP UDP - BLOCKING (109) (emerging-rbn-BLOCK.rules) 2407218 - ET RBN Known Russian Business Network IP TCP - BLOCKING (110) (emerging-rbn-BLOCK.rules) 2407219 - ET RBN Known Russian Business Network IP UDP - BLOCKING (110) (emerging-rbn-BLOCK.rules) 2407220 - ET RBN Known Russian Business Network IP TCP - BLOCKING (111) (emerging-rbn-BLOCK.rules) 2407221 - ET RBN Known Russian Business Network IP UDP - BLOCKING (111) (emerging-rbn-BLOCK.rules) 2407222 - ET RBN Known Russian Business Network IP TCP - BLOCKING (112) (emerging-rbn-BLOCK.rules) 2407223 - ET RBN Known Russian Business Network IP UDP - BLOCKING (112) (emerging-rbn-BLOCK.rules) 2407224 - ET RBN Known Russian Business Network IP TCP - BLOCKING (113) (emerging-rbn-BLOCK.rules) 2407225 - ET RBN Known Russian Business Network IP UDP - BLOCKING (113) (emerging-rbn-BLOCK.rules) 2407226 - ET RBN Known Russian Business Network IP TCP - BLOCKING (114) (emerging-rbn-BLOCK.rules) 2407227 - ET RBN Known Russian Business Network IP UDP - BLOCKING (114) (emerging-rbn-BLOCK.rules) 2407228 - ET RBN Known Russian Business Network IP TCP - BLOCKING (115) (emerging-rbn-BLOCK.rules) 2407229 - ET RBN Known Russian Business Network IP UDP - BLOCKING (115) (emerging-rbn-BLOCK.rules) 2407230 - ET RBN Known Russian Business Network IP TCP - BLOCKING (116) (emerging-rbn-BLOCK.rules) 2407231 - ET RBN Known Russian Business Network IP UDP - BLOCKING (116) (emerging-rbn-BLOCK.rules) 2407232 - ET RBN Known Russian Business Network IP TCP - BLOCKING (117) (emerging-rbn-BLOCK.rules) 2407233 - ET RBN Known Russian Business Network IP UDP - BLOCKING (117) (emerging-rbn-BLOCK.rules) 2407234 - ET RBN Known Russian Business Network IP TCP - BLOCKING (118) (emerging-rbn-BLOCK.rules) 2407235 - ET RBN Known Russian Business Network IP UDP - BLOCKING (118) (emerging-rbn-BLOCK.rules) 2407236 - ET RBN Known Russian Business Network IP TCP - BLOCKING (119) (emerging-rbn-BLOCK.rules) 2407237 - ET RBN Known Russian Business Network IP UDP - BLOCKING (119) (emerging-rbn-BLOCK.rules) 2407238 - ET RBN Known Russian Business Network IP TCP - BLOCKING (120) (emerging-rbn-BLOCK.rules) 2407239 - ET RBN Known Russian Business Network IP UDP - BLOCKING (120) (emerging-rbn-BLOCK.rules) 2407240 - ET RBN Known Russian Business Network IP TCP - BLOCKING (121) (emerging-rbn-BLOCK.rules) 2407241 - ET RBN Known Russian Business Network IP UDP - BLOCKING (121) (emerging-rbn-BLOCK.rules) 2407242 - ET RBN Known Russian Business Network IP TCP - BLOCKING (122) (emerging-rbn-BLOCK.rules) 2407243 - ET RBN Known Russian Business Network IP UDP - BLOCKING (122) (emerging-rbn-BLOCK.rules) 2407244 - ET RBN Known Russian Business Network IP TCP - BLOCKING (123) (emerging-rbn-BLOCK.rules) 2407245 - ET RBN Known Russian Business Network IP UDP - BLOCKING (123) (emerging-rbn-BLOCK.rules) 2407246 - ET RBN Known Russian Business Network IP TCP - BLOCKING (124) (emerging-rbn-BLOCK.rules) 2407247 - ET RBN Known Russian Business Network IP UDP - BLOCKING (124) (emerging-rbn-BLOCK.rules) 2407248 - ET RBN Known Russian Business Network IP TCP - BLOCKING (125) (emerging-rbn-BLOCK.rules) 2407249 - ET RBN Known Russian Business Network IP UDP - BLOCKING (125) (emerging-rbn-BLOCK.rules) 2407250 - ET RBN Known Russian Business Network IP TCP - BLOCKING (126) (emerging-rbn-BLOCK.rules) 2407251 - ET RBN Known Russian Business Network IP UDP - BLOCKING (126) (emerging-rbn-BLOCK.rules) 2407252 - ET RBN Known Russian Business Network IP TCP - BLOCKING (127) (emerging-rbn-BLOCK.rules) 2407253 - ET RBN Known Russian Business Network IP UDP - BLOCKING (127) (emerging-rbn-BLOCK.rules) 2407254 - ET RBN Known Russian Business Network IP TCP - BLOCKING (128) (emerging-rbn-BLOCK.rules) 2407255 - ET RBN Known Russian Business Network IP UDP - BLOCKING (128) (emerging-rbn-BLOCK.rules) 2407256 - ET RBN Known Russian Business Network IP TCP - BLOCKING (129) (emerging-rbn-BLOCK.rules) 2407257 - ET RBN Known Russian Business Network IP UDP - BLOCKING (129) (emerging-rbn-BLOCK.rules) 2407258 - ET RBN Known Russian Business Network IP TCP - BLOCKING (130) (emerging-rbn-BLOCK.rules) 2407259 - ET RBN Known Russian Business Network IP UDP - BLOCKING (130) (emerging-rbn-BLOCK.rules) 2407260 - ET RBN Known Russian Business Network IP TCP - BLOCKING (131) (emerging-rbn-BLOCK.rules) 2407261 - ET RBN Known Russian Business Network IP UDP - BLOCKING (131) (emerging-rbn-BLOCK.rules) 2407262 - ET RBN Known Russian Business Network IP TCP - BLOCKING (132) (emerging-rbn-BLOCK.rules) 2407263 - ET RBN Known Russian Business Network IP UDP - BLOCKING (132) (emerging-rbn-BLOCK.rules) 2407264 - ET RBN Known Russian Business Network IP TCP - BLOCKING (133) (emerging-rbn-BLOCK.rules) 2407265 - ET RBN Known Russian Business Network IP UDP - BLOCKING (133) (emerging-rbn-BLOCK.rules) 2407266 - ET RBN Known Russian Business Network IP TCP - BLOCKING (134) (emerging-rbn-BLOCK.rules) 2407267 - ET RBN Known Russian Business Network IP UDP - BLOCKING (134) (emerging-rbn-BLOCK.rules) 2407268 - ET RBN Known Russian Business Network IP TCP - BLOCKING (135) (emerging-rbn-BLOCK.rules) 2407269 - ET RBN Known Russian Business Network IP UDP - BLOCKING (135) (emerging-rbn-BLOCK.rules) 2407270 - ET RBN Known Russian Business Network IP TCP - BLOCKING (136) (emerging-rbn-BLOCK.rules) 2407271 - ET RBN Known Russian Business Network IP UDP - BLOCKING (136) (emerging-rbn-BLOCK.rules) 2407272 - ET RBN Known Russian Business Network IP TCP - BLOCKING (137) (emerging-rbn-BLOCK.rules) 2407273 - ET RBN Known Russian Business Network IP UDP - BLOCKING (137) (emerging-rbn-BLOCK.rules) 2407274 - ET RBN Known Russian Business Network IP TCP - BLOCKING (138) (emerging-rbn-BLOCK.rules) 2407275 - ET RBN Known Russian Business Network IP UDP - BLOCKING (138) (emerging-rbn-BLOCK.rules) 2407276 - ET RBN Known Russian Business Network IP TCP - BLOCKING (139) (emerging-rbn-BLOCK.rules) 2407277 - ET RBN Known Russian Business Network IP UDP - BLOCKING (139) (emerging-rbn-BLOCK.rules) 2407278 - ET RBN Known Russian Business Network IP TCP - BLOCKING (140) (emerging-rbn-BLOCK.rules) 2407279 - ET RBN Known Russian Business Network IP UDP - BLOCKING (140) (emerging-rbn-BLOCK.rules) 2407280 - ET RBN Known Russian Business Network IP TCP - BLOCKING (141) (emerging-rbn-BLOCK.rules) 2407281 - ET RBN Known Russian Business Network IP UDP - BLOCKING (141) (emerging-rbn-BLOCK.rules) 2407282 - ET RBN Known Russian Business Network IP TCP - BLOCKING (142) (emerging-rbn-BLOCK.rules) 2407283 - ET RBN Known Russian Business Network IP UDP - BLOCKING (142) (emerging-rbn-BLOCK.rules) 2407284 - ET RBN Known Russian Business Network IP TCP - BLOCKING (143) (emerging-rbn-BLOCK.rules) 2407285 - ET RBN Known Russian Business Network IP UDP - BLOCKING (143) (emerging-rbn-BLOCK.rules) 2407286 - ET RBN Known Russian Business Network IP TCP - BLOCKING (144) (emerging-rbn-BLOCK.rules) 2407287 - ET RBN Known Russian Business Network IP UDP - BLOCKING (144) (emerging-rbn-BLOCK.rules) 2407288 - ET RBN Known Russian Business Network IP TCP - BLOCKING (145) (emerging-rbn-BLOCK.rules) 2407289 - ET RBN Known Russian Business Network IP UDP - BLOCKING (145) (emerging-rbn-BLOCK.rules) 2407290 - ET RBN Known Russian Business Network IP TCP - BLOCKING (146) (emerging-rbn-BLOCK.rules) 2407291 - ET RBN Known Russian Business Network IP UDP - BLOCKING (146) (emerging-rbn-BLOCK.rules) 2407292 - ET RBN Known Russian Business Network IP TCP - BLOCKING (147) (emerging-rbn-BLOCK.rules) 2407293 - ET RBN Known Russian Business Network IP UDP - BLOCKING (147) (emerging-rbn-BLOCK.rules) 2407294 - ET RBN Known Russian Business Network IP TCP - BLOCKING (148) (emerging-rbn-BLOCK.rules) 2407295 - ET RBN Known Russian Business Network IP UDP - BLOCKING (148) (emerging-rbn-BLOCK.rules) 2407296 - ET RBN Known Russian Business Network IP TCP - BLOCKING (149) (emerging-rbn-BLOCK.rules) 2407297 - ET RBN Known Russian Business Network IP UDP - BLOCKING (149) (emerging-rbn-BLOCK.rules) 2407298 - ET RBN Known Russian Business Network IP TCP - BLOCKING (150) (emerging-rbn-BLOCK.rules) 2407299 - ET RBN Known Russian Business Network IP UDP - BLOCKING (150) (emerging-rbn-BLOCK.rules) 2407300 - ET RBN Known Russian Business Network IP TCP - BLOCKING (151) (emerging-rbn-BLOCK.rules) 2407301 - ET RBN Known Russian Business Network IP UDP - BLOCKING (151) (emerging-rbn-BLOCK.rules) 2407302 - ET RBN Known Russian Business Network IP TCP - BLOCKING (152) (emerging-rbn-BLOCK.rules) 2407303 - ET RBN Known Russian Business Network IP UDP - BLOCKING (152) (emerging-rbn-BLOCK.rules) 2407304 - ET RBN Known Russian Business Network IP TCP - BLOCKING (153) (emerging-rbn-BLOCK.rules) 2407305 - ET RBN Known Russian Business Network IP UDP - BLOCKING (153) (emerging-rbn-BLOCK.rules) 2407306 - ET RBN Known Russian Business Network IP TCP - BLOCKING (154) (emerging-rbn-BLOCK.rules) 2407307 - ET RBN Known Russian Business Network IP UDP - BLOCKING (154) (emerging-rbn-BLOCK.rules) 2407308 - ET RBN Known Russian Business Network IP TCP - BLOCKING (155) (emerging-rbn-BLOCK.rules) 2407309 - ET RBN Known Russian Business Network IP UDP - BLOCKING (155) (emerging-rbn-BLOCK.rules) 2407310 - ET RBN Known Russian Business Network IP TCP - BLOCKING (156) (emerging-rbn-BLOCK.rules) 2407311 - ET RBN Known Russian Business Network IP UDP - BLOCKING (156) (emerging-rbn-BLOCK.rules) 2407312 - ET RBN Known Russian Business Network IP TCP - BLOCKING (157) (emerging-rbn-BLOCK.rules) 2407313 - ET RBN Known Russian Business Network IP UDP - BLOCKING (157) (emerging-rbn-BLOCK.rules) 2407314 - ET RBN Known Russian Business Network IP TCP - BLOCKING (158) (emerging-rbn-BLOCK.rules) 2407315 - ET RBN Known Russian Business Network IP UDP - BLOCKING (158) (emerging-rbn-BLOCK.rules) 2407316 - ET RBN Known Russian Business Network IP TCP - BLOCKING (159) (emerging-rbn-BLOCK.rules) 2407317 - ET RBN Known Russian Business Network IP UDP - BLOCKING (159) (emerging-rbn-BLOCK.rules) 2407318 - ET RBN Known Russian Business Network IP TCP - BLOCKING (160) (emerging-rbn-BLOCK.rules) 2407319 - ET RBN Known Russian Business Network IP UDP - BLOCKING (160) (emerging-rbn-BLOCK.rules) 2407320 - ET RBN Known Russian Business Network IP TCP - BLOCKING (161) (emerging-rbn-BLOCK.rules) 2407321 - ET RBN Known Russian Business Network IP UDP - BLOCKING (161) (emerging-rbn-BLOCK.rules) 2407322 - ET RBN Known Russian Business Network IP TCP - BLOCKING (162) (emerging-rbn-BLOCK.rules) 2407323 - ET RBN Known Russian Business Network IP UDP - BLOCKING (162) (emerging-rbn-BLOCK.rules) 2407324 - ET RBN Known Russian Business Network IP TCP - BLOCKING (163) (emerging-rbn-BLOCK.rules) 2407325 - ET RBN Known Russian Business Network IP UDP - BLOCKING (163) (emerging-rbn-BLOCK.rules) 2407326 - ET RBN Known Russian Business Network IP TCP - BLOCKING (164) (emerging-rbn-BLOCK.rules) 2407327 - ET RBN Known Russian Business Network IP UDP - BLOCKING (164) (emerging-rbn-BLOCK.rules) 2407328 - ET RBN Known Russian Business Network IP TCP - BLOCKING (165) (emerging-rbn-BLOCK.rules) 2407329 - ET RBN Known Russian Business Network IP UDP - BLOCKING (165) (emerging-rbn-BLOCK.rules) 2407330 - ET RBN Known Russian Business Network IP TCP - BLOCKING (166) (emerging-rbn-BLOCK.rules) 2407331 - ET RBN Known Russian Business Network IP UDP - BLOCKING (166) (emerging-rbn-BLOCK.rules) 2407332 - ET RBN Known Russian Business Network IP TCP - BLOCKING (167) (emerging-rbn-BLOCK.rules) 2407333 - ET RBN Known Russian Business Network IP UDP - BLOCKING (167) (emerging-rbn-BLOCK.rules) 2407334 - ET RBN Known Russian Business Network IP TCP - BLOCKING (168) (emerging-rbn-BLOCK.rules) 2407335 - ET RBN Known Russian Business Network IP UDP - BLOCKING (168) (emerging-rbn-BLOCK.rules) 2407336 - ET RBN Known Russian Business Network IP TCP - BLOCKING (169) (emerging-rbn-BLOCK.rules) 2407337 - ET RBN Known Russian Business Network IP UDP - BLOCKING (169) (emerging-rbn-BLOCK.rules) 2407338 - ET RBN Known Russian Business Network IP TCP - BLOCKING (170) (emerging-rbn-BLOCK.rules) 2407339 - ET RBN Known Russian Business Network IP UDP - BLOCKING (170) (emerging-rbn-BLOCK.rules) 2407340 - ET RBN Known Russian Business Network IP TCP - BLOCKING (171) (emerging-rbn-BLOCK.rules) 2407341 - ET RBN Known Russian Business Network IP UDP - BLOCKING (171) (emerging-rbn-BLOCK.rules) 2407342 - ET RBN Known Russian Business Network IP TCP - BLOCKING (172) (emerging-rbn-BLOCK.rules) 2407343 - ET RBN Known Russian Business Network IP UDP - BLOCKING (172) (emerging-rbn-BLOCK.rules) 2407344 - ET RBN Known Russian Business Network IP TCP - BLOCKING (173) (emerging-rbn-BLOCK.rules) 2407345 - ET RBN Known Russian Business Network IP UDP - BLOCKING (173) (emerging-rbn-BLOCK.rules) 2407346 - ET RBN Known Russian Business Network IP TCP - BLOCKING (174) (emerging-rbn-BLOCK.rules) 2407347 - ET RBN Known Russian Business Network IP UDP - BLOCKING (174) (emerging-rbn-BLOCK.rules) 2407348 - ET RBN Known Russian Business Network IP TCP - BLOCKING (175) (emerging-rbn-BLOCK.rules) 2407349 - ET RBN Known Russian Business Network IP UDP - BLOCKING (175) (emerging-rbn-BLOCK.rules) 2407350 - ET RBN Known Russian Business Network IP TCP - BLOCKING (176) (emerging-rbn-BLOCK.rules) 2407351 - ET RBN Known Russian Business Network IP UDP - BLOCKING (176) (emerging-rbn-BLOCK.rules) 2407352 - ET RBN Known Russian Business Network IP TCP - BLOCKING (177) (emerging-rbn-BLOCK.rules) 2407353 - ET RBN Known Russian Business Network IP UDP - BLOCKING (177) (emerging-rbn-BLOCK.rules) 2407354 - ET RBN Known Russian Business Network IP TCP - BLOCKING (178) (emerging-rbn-BLOCK.rules) 2407355 - ET RBN Known Russian Business Network IP UDP - BLOCKING (178) (emerging-rbn-BLOCK.rules) 2407356 - ET RBN Known Russian Business Network IP TCP - BLOCKING (179) (emerging-rbn-BLOCK.rules) 2407357 - ET RBN Known Russian Business Network IP UDP - BLOCKING (179) (emerging-rbn-BLOCK.rules) 2407358 - ET RBN Known Russian Business Network IP TCP - BLOCKING (180) (emerging-rbn-BLOCK.rules) 2407359 - ET RBN Known Russian Business Network IP UDP - BLOCKING (180) (emerging-rbn-BLOCK.rules) 2407360 - ET RBN Known Russian Business Network IP TCP - BLOCKING (181) (emerging-rbn-BLOCK.rules) 2407361 - ET RBN Known Russian Business Network IP UDP - BLOCKING (181) (emerging-rbn-BLOCK.rules) 2407362 - ET RBN Known Russian Business Network IP TCP - BLOCKING (182) (emerging-rbn-BLOCK.rules) 2407363 - ET RBN Known Russian Business Network IP UDP - BLOCKING (182) (emerging-rbn-BLOCK.rules) 2407364 - ET RBN Known Russian Business Network IP TCP - BLOCKING (183) (emerging-rbn-BLOCK.rules) 2407365 - ET RBN Known Russian Business Network IP UDP - BLOCKING (183) (emerging-rbn-BLOCK.rules) 2407366 - ET RBN Known Russian Business Network IP TCP - BLOCKING (184) (emerging-rbn-BLOCK.rules) 2407367 - ET RBN Known Russian Business Network IP UDP - BLOCKING (184) (emerging-rbn-BLOCK.rules) 2407368 - ET RBN Known Russian Business Network IP TCP - BLOCKING (185) (emerging-rbn-BLOCK.rules) 2407369 - ET RBN Known Russian Business Network IP UDP - BLOCKING (185) (emerging-rbn-BLOCK.rules) 2407370 - ET RBN Known Russian Business Network IP TCP - BLOCKING (186) (emerging-rbn-BLOCK.rules) 2407371 - ET RBN Known Russian Business Network IP UDP - BLOCKING (186) (emerging-rbn-BLOCK.rules) 2407372 - ET RBN Known Russian Business Network IP TCP - BLOCKING (187) (emerging-rbn-BLOCK.rules) 2407373 - ET RBN Known Russian Business Network IP UDP - BLOCKING (187) (emerging-rbn-BLOCK.rules) 2407374 - ET RBN Known Russian Business Network IP TCP - BLOCKING (188) (emerging-rbn-BLOCK.rules) 2407375 - ET RBN Known Russian Business Network IP UDP - BLOCKING (188) (emerging-rbn-BLOCK.rules) 2407376 - ET RBN Known Russian Business Network IP TCP - BLOCKING (189) (emerging-rbn-BLOCK.rules) 2407377 - ET RBN Known Russian Business Network IP UDP - BLOCKING (189) (emerging-rbn-BLOCK.rules) 2407378 - ET RBN Known Russian Business Network IP TCP - BLOCKING (190) (emerging-rbn-BLOCK.rules) 2407379 - ET RBN Known Russian Business Network IP UDP - BLOCKING (190) (emerging-rbn-BLOCK.rules) 2407380 - ET RBN Known Russian Business Network IP TCP - BLOCKING (191) (emerging-rbn-BLOCK.rules) 2407381 - ET RBN Known Russian Business Network IP UDP - BLOCKING (191) (emerging-rbn-BLOCK.rules) 2407382 - ET RBN Known Russian Business Network IP TCP - BLOCKING (192) (emerging-rbn-BLOCK.rules) 2407383 - ET RBN Known Russian Business Network IP UDP - BLOCKING (192) (emerging-rbn-BLOCK.rules) 2407384 - ET RBN Known Russian Business Network IP TCP - BLOCKING (193) (emerging-rbn-BLOCK.rules) 2407385 - ET RBN Known Russian Business Network IP UDP - BLOCKING (193) (emerging-rbn-BLOCK.rules) 2407386 - ET RBN Known Russian Business Network IP TCP - BLOCKING (194) (emerging-rbn-BLOCK.rules) 2407387 - ET RBN Known Russian Business Network IP UDP - BLOCKING (194) (emerging-rbn-BLOCK.rules) 2407388 - ET RBN Known Russian Business Network IP TCP - BLOCKING (195) (emerging-rbn-BLOCK.rules) 2407389 - ET RBN Known Russian Business Network IP UDP - BLOCKING (195) (emerging-rbn-BLOCK.rules) 2407390 - ET RBN Known Russian Business Network IP TCP - BLOCKING (196) (emerging-rbn-BLOCK.rules) 2407391 - ET RBN Known Russian Business Network IP UDP - BLOCKING (196) (emerging-rbn-BLOCK.rules) 2407392 - ET RBN Known Russian Business Network IP TCP - BLOCKING (197) (emerging-rbn-BLOCK.rules) 2407393 - ET RBN Known Russian Business Network IP UDP - BLOCKING (197) (emerging-rbn-BLOCK.rules) 2407394 - ET RBN Known Russian Business Network IP TCP - BLOCKING (198) (emerging-rbn-BLOCK.rules) 2407395 - ET RBN Known Russian Business Network IP UDP - BLOCKING (198) (emerging-rbn-BLOCK.rules) 2407396 - ET RBN Known Russian Business Network IP TCP - BLOCKING (199) (emerging-rbn-BLOCK.rules) 2407397 - ET RBN Known Russian Business Network IP UDP - BLOCKING (199) (emerging-rbn-BLOCK.rules) 2407398 - ET RBN Known Russian Business Network IP TCP - BLOCKING (200) (emerging-rbn-BLOCK.rules) 2407399 - ET RBN Known Russian Business Network IP UDP - BLOCKING (200) (emerging-rbn-BLOCK.rules) 2407400 - ET RBN Known Russian Business Network IP TCP - BLOCKING (201) (emerging-rbn-BLOCK.rules) 2407401 - ET RBN Known Russian Business Network IP UDP - BLOCKING (201) (emerging-rbn-BLOCK.rules) 2407402 - ET RBN Known Russian Business Network IP TCP - BLOCKING (202) (emerging-rbn-BLOCK.rules) 2407403 - ET RBN Known Russian Business Network IP UDP - BLOCKING (202) (emerging-rbn-BLOCK.rules) 2407404 - ET RBN Known Russian Business Network IP TCP - BLOCKING (203) (emerging-rbn-BLOCK.rules) 2407405 - ET RBN Known Russian Business Network IP UDP - BLOCKING (203) (emerging-rbn-BLOCK.rules) 2407406 - ET RBN Known Russian Business Network IP TCP - BLOCKING (204) (emerging-rbn-BLOCK.rules) 2407407 - ET RBN Known Russian Business Network IP UDP - BLOCKING (204) (emerging-rbn-BLOCK.rules) 2407408 - ET RBN Known Russian Business Network IP TCP - BLOCKING (205) (emerging-rbn-BLOCK.rules) 2407409 - ET RBN Known Russian Business Network IP UDP - BLOCKING (205) (emerging-rbn-BLOCK.rules) 2407410 - ET RBN Known Russian Business Network IP TCP - BLOCKING (206) (emerging-rbn-BLOCK.rules) 2407411 - ET RBN Known Russian Business Network IP UDP - BLOCKING (206) (emerging-rbn-BLOCK.rules) 2407412 - ET RBN Known Russian Business Network IP TCP - BLOCKING (207) (emerging-rbn-BLOCK.rules) 2407413 - ET RBN Known Russian Business Network IP UDP - BLOCKING (207) (emerging-rbn-BLOCK.rules) 2407414 - ET RBN Known Russian Business Network IP TCP - BLOCKING (208) (emerging-rbn-BLOCK.rules) 2407415 - ET RBN Known Russian Business Network IP UDP - BLOCKING (208) (emerging-rbn-BLOCK.rules) 2407416 - ET RBN Known Russian Business Network IP TCP - BLOCKING (209) (emerging-rbn-BLOCK.rules) 2407417 - ET RBN Known Russian Business Network IP UDP - BLOCKING (209) (emerging-rbn-BLOCK.rules) 2407418 - ET RBN Known Russian Business Network IP TCP - BLOCKING (210) (emerging-rbn-BLOCK.rules) 2407419 - ET RBN Known Russian Business Network IP UDP - BLOCKING (210) (emerging-rbn-BLOCK.rules) 2407420 - ET RBN Known Russian Business Network IP TCP - BLOCKING (211) (emerging-rbn-BLOCK.rules) 2407421 - ET RBN Known Russian Business Network IP UDP - BLOCKING (211) (emerging-rbn-BLOCK.rules) 2407422 - ET RBN Known Russian Business Network IP TCP - BLOCKING (212) (emerging-rbn-BLOCK.rules) 2407423 - ET RBN Known Russian Business Network IP UDP - BLOCKING (212) (emerging-rbn-BLOCK.rules) 2407424 - ET RBN Known Russian Business Network IP TCP - BLOCKING (213) (emerging-rbn-BLOCK.rules) 2407425 - ET RBN Known Russian Business Network IP UDP - BLOCKING (213) (emerging-rbn-BLOCK.rules) 2407426 - ET RBN Known Russian Business Network IP TCP - BLOCKING (214) (emerging-rbn-BLOCK.rules) 2407427 - ET RBN Known Russian Business Network IP UDP - BLOCKING (214) (emerging-rbn-BLOCK.rules) 2407428 - ET RBN Known Russian Business Network IP TCP - BLOCKING (215) (emerging-rbn-BLOCK.rules) 2407429 - ET RBN Known Russian Business Network IP UDP - BLOCKING (215) (emerging-rbn-BLOCK.rules) 2407430 - ET RBN Known Russian Business Network IP TCP - BLOCKING (216) (emerging-rbn-BLOCK.rules) 2407431 - ET RBN Known Russian Business Network IP UDP - BLOCKING (216) (emerging-rbn-BLOCK.rules) 2407432 - ET RBN Known Russian Business Network IP TCP - BLOCKING (217) (emerging-rbn-BLOCK.rules) 2407433 - ET RBN Known Russian Business Network IP UDP - BLOCKING (217) (emerging-rbn-BLOCK.rules) 2407434 - ET RBN Known Russian Business Network IP TCP - BLOCKING (218) (emerging-rbn-BLOCK.rules) 2407435 - ET RBN Known Russian Business Network IP UDP - BLOCKING (218) (emerging-rbn-BLOCK.rules) 2407436 - ET RBN Known Russian Business Network IP TCP - BLOCKING (219) (emerging-rbn-BLOCK.rules) 2407437 - ET RBN Known Russian Business Network IP UDP - BLOCKING (219) (emerging-rbn-BLOCK.rules) 2407438 - ET RBN Known Russian Business Network IP TCP - BLOCKING (220) (emerging-rbn-BLOCK.rules) 2407439 - ET RBN Known Russian Business Network IP UDP - BLOCKING (220) (emerging-rbn-BLOCK.rules) 2407440 - ET RBN Known Russian Business Network IP TCP - BLOCKING (221) (emerging-rbn-BLOCK.rules) 2407441 - ET RBN Known Russian Business Network IP UDP - BLOCKING (221) (emerging-rbn-BLOCK.rules) 2407442 - ET RBN Known Russian Business Network IP TCP - BLOCKING (222) (emerging-rbn-BLOCK.rules) 2407443 - ET RBN Known Russian Business Network IP UDP - BLOCKING (222) (emerging-rbn-BLOCK.rules) 2407444 - ET RBN Known Russian Business Network IP TCP - BLOCKING (223) (emerging-rbn-BLOCK.rules) 2407445 - ET RBN Known Russian Business Network IP UDP - BLOCKING (223) (emerging-rbn-BLOCK.rules) 2407446 - ET RBN Known Russian Business Network IP TCP - BLOCKING (224) (emerging-rbn-BLOCK.rules) 2407447 - ET RBN Known Russian Business Network IP UDP - BLOCKING (224) (emerging-rbn-BLOCK.rules) 2407448 - ET RBN Known Russian Business Network IP TCP - BLOCKING (225) (emerging-rbn-BLOCK.rules) 2407449 - ET RBN Known Russian Business Network IP UDP - BLOCKING (225) (emerging-rbn-BLOCK.rules) 2407450 - ET RBN Known Russian Business Network IP TCP - BLOCKING (226) (emerging-rbn-BLOCK.rules) 2407451 - ET RBN Known Russian Business Network IP UDP - BLOCKING (226) (emerging-rbn-BLOCK.rules) 2407452 - ET RBN Known Russian Business Network IP TCP - BLOCKING (227) (emerging-rbn-BLOCK.rules) 2407453 - ET RBN Known Russian Business Network IP UDP - BLOCKING (227) (emerging-rbn-BLOCK.rules) 2407454 - ET RBN Known Russian Business Network IP TCP - BLOCKING (228) (emerging-rbn-BLOCK.rules) 2407455 - ET RBN Known Russian Business Network IP UDP - BLOCKING (228) (emerging-rbn-BLOCK.rules) 2407456 - ET RBN Known Russian Business Network IP TCP - BLOCKING (229) (emerging-rbn-BLOCK.rules) 2407457 - ET RBN Known Russian Business Network IP UDP - BLOCKING (229) (emerging-rbn-BLOCK.rules) 2407458 - ET RBN Known Russian Business Network IP TCP - BLOCKING (230) (emerging-rbn-BLOCK.rules) 2407459 - ET RBN Known Russian Business Network IP UDP - BLOCKING (230) (emerging-rbn-BLOCK.rules) 2407460 - ET RBN Known Russian Business Network IP TCP - BLOCKING (231) (emerging-rbn-BLOCK.rules) 2407461 - ET RBN Known Russian Business Network IP UDP - BLOCKING (231) (emerging-rbn-BLOCK.rules) 2407462 - ET RBN Known Russian Business Network IP TCP - BLOCKING (232) (emerging-rbn-BLOCK.rules) 2407463 - ET RBN Known Russian Business Network IP UDP - BLOCKING (232) (emerging-rbn-BLOCK.rules) 2407464 - ET RBN Known Russian Business Network IP TCP - BLOCKING (233) (emerging-rbn-BLOCK.rules) 2407465 - ET RBN Known Russian Business Network IP UDP - BLOCKING (233) (emerging-rbn-BLOCK.rules) 2407466 - ET RBN Known Russian Business Network IP TCP - BLOCKING (234) (emerging-rbn-BLOCK.rules) 2407467 - ET RBN Known Russian Business Network IP UDP - BLOCKING (234) (emerging-rbn-BLOCK.rules) 2407468 - ET RBN Known Russian Business Network IP TCP - BLOCKING (235) (emerging-rbn-BLOCK.rules) 2407469 - ET RBN Known Russian Business Network IP UDP - BLOCKING (235) (emerging-rbn-BLOCK.rules) 2407470 - ET RBN Known Russian Business Network IP TCP - BLOCKING (236) (emerging-rbn-BLOCK.rules) 2407471 - ET RBN Known Russian Business Network IP UDP - BLOCKING (236) (emerging-rbn-BLOCK.rules) 2407472 - ET RBN Known Russian Business Network IP TCP - BLOCKING (237) (emerging-rbn-BLOCK.rules) 2407473 - ET RBN Known Russian Business Network IP UDP - BLOCKING (237) (emerging-rbn-BLOCK.rules) 2407474 - ET RBN Known Russian Business Network IP TCP - BLOCKING (238) (emerging-rbn-BLOCK.rules) 2407475 - ET RBN Known Russian Business Network IP UDP - BLOCKING (238) (emerging-rbn-BLOCK.rules) 2407476 - ET RBN Known Russian Business Network IP TCP - BLOCKING (239) (emerging-rbn-BLOCK.rules) 2407477 - ET RBN Known Russian Business Network IP UDP - BLOCKING (239) (emerging-rbn-BLOCK.rules) 2407478 - ET RBN Known Russian Business Network IP TCP - BLOCKING (240) (emerging-rbn-BLOCK.rules) 2407479 - ET RBN Known Russian Business Network IP UDP - BLOCKING (240) (emerging-rbn-BLOCK.rules) 2407480 - ET RBN Known Russian Business Network IP TCP - BLOCKING (241) (emerging-rbn-BLOCK.rules) 2407481 - ET RBN Known Russian Business Network IP UDP - BLOCKING (241) (emerging-rbn-BLOCK.rules) 2407482 - ET RBN Known Russian Business Network IP TCP - BLOCKING (242) (emerging-rbn-BLOCK.rules) 2407483 - ET RBN Known Russian Business Network IP UDP - BLOCKING (242) (emerging-rbn-BLOCK.rules) 2407484 - ET RBN Known Russian Business Network IP TCP - BLOCKING (243) (emerging-rbn-BLOCK.rules) 2407485 - ET RBN Known Russian Business Network IP UDP - BLOCKING (243) (emerging-rbn-BLOCK.rules) 2407486 - ET RBN Known Russian Business Network IP TCP - BLOCKING (244) (emerging-rbn-BLOCK.rules) 2407487 - ET RBN Known Russian Business Network IP UDP - BLOCKING (244) (emerging-rbn-BLOCK.rules) 2407488 - ET RBN Known Russian Business Network IP TCP - BLOCKING (245) (emerging-rbn-BLOCK.rules) 2407489 - ET RBN Known Russian Business Network IP UDP - BLOCKING (245) (emerging-rbn-BLOCK.rules) 2407490 - ET RBN Known Russian Business Network IP TCP - BLOCKING (246) (emerging-rbn-BLOCK.rules) 2407491 - ET RBN Known Russian Business Network IP UDP - BLOCKING (246) (emerging-rbn-BLOCK.rules) 2407492 - ET RBN Known Russian Business Network IP TCP - BLOCKING (247) (emerging-rbn-BLOCK.rules) 2407493 - ET RBN Known Russian Business Network IP UDP - BLOCKING (247) (emerging-rbn-BLOCK.rules) 2407494 - ET RBN Known Russian Business Network IP TCP - BLOCKING (248) (emerging-rbn-BLOCK.rules) 2407495 - ET RBN Known Russian Business Network IP UDP - BLOCKING (248) (emerging-rbn-BLOCK.rules) 2407496 - ET RBN Known Russian Business Network IP TCP - BLOCKING (249) (emerging-rbn-BLOCK.rules) 2407497 - ET RBN Known Russian Business Network IP UDP - BLOCKING (249) (emerging-rbn-BLOCK.rules) 2407498 - ET RBN Known Russian Business Network IP TCP - BLOCKING (250) (emerging-rbn-BLOCK.rules) 2407499 - ET RBN Known Russian Business Network IP UDP - BLOCKING (250) (emerging-rbn-BLOCK.rules) 2407500 - ET RBN Known Russian Business Network IP TCP - BLOCKING (251) (emerging-rbn-BLOCK.rules) 2407501 - ET RBN Known Russian Business Network IP UDP - BLOCKING (251) (emerging-rbn-BLOCK.rules) 2407502 - ET RBN Known Russian Business Network IP TCP - BLOCKING (252) (emerging-rbn-BLOCK.rules) 2407503 - ET RBN Known Russian Business Network IP UDP - BLOCKING (252) (emerging-rbn-BLOCK.rules) 2407504 - ET RBN Known Russian Business Network IP TCP - BLOCKING (253) (emerging-rbn-BLOCK.rules) 2407505 - ET RBN Known Russian Business Network IP UDP - BLOCKING (253) (emerging-rbn-BLOCK.rules) 2407506 - ET RBN Known Russian Business Network IP TCP - BLOCKING (254) (emerging-rbn-BLOCK.rules) 2407507 - ET RBN Known Russian Business Network IP UDP - BLOCKING (254) (emerging-rbn-BLOCK.rules) 2407508 - ET RBN Known Russian Business Network IP TCP - BLOCKING (255) (emerging-rbn-BLOCK.rules) 2407509 - ET RBN Known Russian Business Network IP UDP - BLOCKING (255) (emerging-rbn-BLOCK.rules) 2407510 - ET RBN Known Russian Business Network IP TCP - BLOCKING (256) (emerging-rbn-BLOCK.rules) 2407511 - ET RBN Known Russian Business Network IP UDP - BLOCKING (256) (emerging-rbn-BLOCK.rules) 2407512 - ET RBN Known Russian Business Network IP TCP - BLOCKING (257) (emerging-rbn-BLOCK.rules) 2407513 - ET RBN Known Russian Business Network IP UDP - BLOCKING (257) (emerging-rbn-BLOCK.rules) 2407514 - ET RBN Known Russian Business Network IP TCP - BLOCKING (258) (emerging-rbn-BLOCK.rules) 2407515 - ET RBN Known Russian Business Network IP UDP - BLOCKING (258) (emerging-rbn-BLOCK.rules) 2407516 - ET RBN Known Russian Business Network IP TCP - BLOCKING (259) (emerging-rbn-BLOCK.rules) 2407517 - ET RBN Known Russian Business Network IP UDP - BLOCKING (259) (emerging-rbn-BLOCK.rules) 2407518 - ET RBN Known Russian Business Network IP TCP - BLOCKING (260) (emerging-rbn-BLOCK.rules) 2407519 - ET RBN Known Russian Business Network IP UDP - BLOCKING (260) (emerging-rbn-BLOCK.rules) 2407520 - ET RBN Known Russian Business Network IP TCP - BLOCKING (261) (emerging-rbn-BLOCK.rules) 2407521 - ET RBN Known Russian Business Network IP UDP - BLOCKING (261) (emerging-rbn-BLOCK.rules) 2407522 - ET RBN Known Russian Business Network IP TCP - BLOCKING (262) (emerging-rbn-BLOCK.rules) 2407523 - ET RBN Known Russian Business Network IP UDP - BLOCKING (262) (emerging-rbn-BLOCK.rules) 2407524 - ET RBN Known Russian Business Network IP TCP - BLOCKING (263) (emerging-rbn-BLOCK.rules) 2407525 - ET RBN Known Russian Business Network IP UDP - BLOCKING (263) (emerging-rbn-BLOCK.rules) 2407526 - ET RBN Known Russian Business Network IP TCP - BLOCKING (264) (emerging-rbn-BLOCK.rules) 2407527 - ET RBN Known Russian Business Network IP UDP - BLOCKING (264) (emerging-rbn-BLOCK.rules) 2407528 - ET RBN Known Russian Business Network IP TCP - BLOCKING (265) (emerging-rbn-BLOCK.rules) 2407529 - ET RBN Known Russian Business Network IP UDP - BLOCKING (265) (emerging-rbn-BLOCK.rules) 2407530 - ET RBN Known Russian Business Network IP TCP - BLOCKING (266) (emerging-rbn-BLOCK.rules) 2407531 - ET RBN Known Russian Business Network IP UDP - BLOCKING (266) (emerging-rbn-BLOCK.rules) 2407532 - ET RBN Known Russian Business Network IP TCP - BLOCKING (267) (emerging-rbn-BLOCK.rules) 2407533 - ET RBN Known Russian Business Network IP UDP - BLOCKING (267) (emerging-rbn-BLOCK.rules) 2407534 - ET RBN Known Russian Business Network IP TCP - BLOCKING (268) (emerging-rbn-BLOCK.rules) 2407535 - ET RBN Known Russian Business Network IP UDP - BLOCKING (268) (emerging-rbn-BLOCK.rules) 2407536 - ET RBN Known Russian Business Network IP TCP - BLOCKING (269) (emerging-rbn-BLOCK.rules) 2407537 - ET RBN Known Russian Business Network IP UDP - BLOCKING (269) (emerging-rbn-BLOCK.rules) 2407538 - ET RBN Known Russian Business Network IP TCP - BLOCKING (270) (emerging-rbn-BLOCK.rules) 2407539 - ET RBN Known Russian Business Network IP UDP - BLOCKING (270) (emerging-rbn-BLOCK.rules) 2407540 - ET RBN Known Russian Business Network IP TCP - BLOCKING (271) (emerging-rbn-BLOCK.rules) 2407541 - ET RBN Known Russian Business Network IP UDP - BLOCKING (271) (emerging-rbn-BLOCK.rules) 2407542 - ET RBN Known Russian Business Network IP TCP - BLOCKING (272) (emerging-rbn-BLOCK.rules) 2407543 - ET RBN Known Russian Business Network IP UDP - BLOCKING (272) (emerging-rbn-BLOCK.rules) 2407544 - ET RBN Known Russian Business Network IP TCP - BLOCKING (273) (emerging-rbn-BLOCK.rules) 2407545 - ET RBN Known Russian Business Network IP UDP - BLOCKING (273) (emerging-rbn-BLOCK.rules) 2407546 - ET RBN Known Russian Business Network IP TCP - BLOCKING (274) (emerging-rbn-BLOCK.rules) 2407547 - ET RBN Known Russian Business Network IP UDP - BLOCKING (274) (emerging-rbn-BLOCK.rules) 2407548 - ET RBN Known Russian Business Network IP TCP - BLOCKING (275) (emerging-rbn-BLOCK.rules) 2407549 - ET RBN Known Russian Business Network IP UDP - BLOCKING (275) (emerging-rbn-BLOCK.rules) 2407550 - ET RBN Known Russian Business Network IP TCP - BLOCKING (276) (emerging-rbn-BLOCK.rules) 2407551 - ET RBN Known Russian Business Network IP UDP - BLOCKING (276) (emerging-rbn-BLOCK.rules) 2407552 - ET RBN Known Russian Business Network IP TCP - BLOCKING (277) (emerging-rbn-BLOCK.rules) 2407553 - ET RBN Known Russian Business Network IP UDP - BLOCKING (277) (emerging-rbn-BLOCK.rules) 2407554 - ET RBN Known Russian Business Network IP TCP - BLOCKING (278) (emerging-rbn-BLOCK.rules) 2407555 - ET RBN Known Russian Business Network IP UDP - BLOCKING (278) (emerging-rbn-BLOCK.rules) 2407556 - ET RBN Known Russian Business Network IP TCP - BLOCKING (279) (emerging-rbn-BLOCK.rules) 2407557 - ET RBN Known Russian Business Network IP UDP - BLOCKING (279) (emerging-rbn-BLOCK.rules) 2407558 - ET RBN Known Russian Business Network IP TCP - BLOCKING (280) (emerging-rbn-BLOCK.rules) 2407559 - ET RBN Known Russian Business Network IP UDP - BLOCKING (280) (emerging-rbn-BLOCK.rules) 2407560 - ET RBN Known Russian Business Network IP TCP - BLOCKING (281) (emerging-rbn-BLOCK.rules) 2407561 - ET RBN Known Russian Business Network IP UDP - BLOCKING (281) (emerging-rbn-BLOCK.rules) 2407562 - ET RBN Known Russian Business Network IP TCP - BLOCKING (282) (emerging-rbn-BLOCK.rules) 2407563 - ET RBN Known Russian Business Network IP UDP - BLOCKING (282) (emerging-rbn-BLOCK.rules) 2407564 - ET RBN Known Russian Business Network IP TCP - BLOCKING (283) (emerging-rbn-BLOCK.rules) 2407565 - ET RBN Known Russian Business Network IP UDP - BLOCKING (283) (emerging-rbn-BLOCK.rules) 2407566 - ET RBN Known Russian Business Network IP TCP - BLOCKING (284) (emerging-rbn-BLOCK.rules) 2407567 - ET RBN Known Russian Business Network IP UDP - BLOCKING (284) (emerging-rbn-BLOCK.rules) 2407568 - ET RBN Known Russian Business Network IP TCP - BLOCKING (285) (emerging-rbn-BLOCK.rules) 2407569 - ET RBN Known Russian Business Network IP UDP - BLOCKING (285) (emerging-rbn-BLOCK.rules) 2407570 - ET RBN Known Russian Business Network IP TCP - BLOCKING (286) (emerging-rbn-BLOCK.rules) 2407571 - ET RBN Known Russian Business Network IP UDP - BLOCKING (286) (emerging-rbn-BLOCK.rules) 2407572 - ET RBN Known Russian Business Network IP TCP - BLOCKING (287) (emerging-rbn-BLOCK.rules) 2407573 - ET RBN Known Russian Business Network IP UDP - BLOCKING (287) (emerging-rbn-BLOCK.rules) 2407574 - ET RBN Known Russian Business Network IP TCP - BLOCKING (288) (emerging-rbn-BLOCK.rules) 2407575 - ET RBN Known Russian Business Network IP UDP - BLOCKING (288) (emerging-rbn-BLOCK.rules) 2407576 - ET RBN Known Russian Business Network IP TCP - BLOCKING (289) (emerging-rbn-BLOCK.rules) 2407577 - ET RBN Known Russian Business Network IP UDP - BLOCKING (289) (emerging-rbn-BLOCK.rules) 2407578 - ET RBN Known Russian Business Network IP TCP - BLOCKING (290) (emerging-rbn-BLOCK.rules) 2407579 - ET RBN Known Russian Business Network IP UDP - BLOCKING (290) (emerging-rbn-BLOCK.rules) 2407580 - ET RBN Known Russian Business Network IP TCP - BLOCKING (291) (emerging-rbn-BLOCK.rules) 2407581 - ET RBN Known Russian Business Network IP UDP - BLOCKING (291) (emerging-rbn-BLOCK.rules) 2407582 - ET RBN Known Russian Business Network IP TCP - BLOCKING (292) (emerging-rbn-BLOCK.rules) 2407583 - ET RBN Known Russian Business Network IP UDP - BLOCKING (292) (emerging-rbn-BLOCK.rules) 2407584 - ET RBN Known Russian Business Network IP TCP - BLOCKING (293) (emerging-rbn-BLOCK.rules) 2407585 - ET RBN Known Russian Business Network IP UDP - BLOCKING (293) (emerging-rbn-BLOCK.rules) 2407586 - ET RBN Known Russian Business Network IP TCP - BLOCKING (294) (emerging-rbn-BLOCK.rules) 2407587 - ET RBN Known Russian Business Network IP UDP - BLOCKING (294) (emerging-rbn-BLOCK.rules) 2407588 - ET RBN Known Russian Business Network IP TCP - BLOCKING (295) (emerging-rbn-BLOCK.rules) 2407589 - ET RBN Known Russian Business Network IP UDP - BLOCKING (295) (emerging-rbn-BLOCK.rules) 2407590 - ET RBN Known Russian Business Network IP TCP - BLOCKING (296) (emerging-rbn-BLOCK.rules) 2407591 - ET RBN Known Russian Business Network IP UDP - BLOCKING (296) (emerging-rbn-BLOCK.rules) 2407592 - ET RBN Known Russian Business Network IP TCP - BLOCKING (297) (emerging-rbn-BLOCK.rules) 2407593 - ET RBN Known Russian Business Network IP UDP - BLOCKING (297) (emerging-rbn-BLOCK.rules) 2407594 - ET RBN Known Russian Business Network IP TCP - BLOCKING (298) (emerging-rbn-BLOCK.rules) 2407595 - ET RBN Known Russian Business Network IP UDP - BLOCKING (298) (emerging-rbn-BLOCK.rules) 2407596 - ET RBN Known Russian Business Network IP TCP - BLOCKING (299) (emerging-rbn-BLOCK.rules) 2407597 - ET RBN Known Russian Business Network IP UDP - BLOCKING (299) (emerging-rbn-BLOCK.rules) 2407598 - ET RBN Known Russian Business Network IP TCP - BLOCKING (300) (emerging-rbn-BLOCK.rules) 2407599 - ET RBN Known Russian Business Network IP UDP - BLOCKING (300) (emerging-rbn-BLOCK.rules) 2407600 - ET RBN Known Russian Business Network IP TCP - BLOCKING (301) (emerging-rbn-BLOCK.rules) 2407601 - ET RBN Known Russian Business Network IP UDP - BLOCKING (301) (emerging-rbn-BLOCK.rules) 2407602 - ET RBN Known Russian Business Network IP TCP - BLOCKING (302) (emerging-rbn-BLOCK.rules) 2407603 - ET RBN Known Russian Business Network IP UDP - BLOCKING (302) (emerging-rbn-BLOCK.rules) 2407604 - ET RBN Known Russian Business Network IP TCP - BLOCKING (303) (emerging-rbn-BLOCK.rules) 2407605 - ET RBN Known Russian Business Network IP UDP - BLOCKING (303) (emerging-rbn-BLOCK.rules) 2407606 - ET RBN Known Russian Business Network IP TCP - BLOCKING (304) (emerging-rbn-BLOCK.rules) 2407607 - ET RBN Known Russian Business Network IP UDP - BLOCKING (304) (emerging-rbn-BLOCK.rules) 2407608 - ET RBN Known Russian Business Network IP TCP - BLOCKING (305) (emerging-rbn-BLOCK.rules) 2407609 - ET RBN Known Russian Business Network IP UDP - BLOCKING (305) (emerging-rbn-BLOCK.rules) 2407610 - ET RBN Known Russian Business Network IP TCP - BLOCKING (306) (emerging-rbn-BLOCK.rules) 2407611 - ET RBN Known Russian Business Network IP UDP - BLOCKING (306) (emerging-rbn-BLOCK.rules) 2407612 - ET RBN Known Russian Business Network IP TCP - BLOCKING (307) (emerging-rbn-BLOCK.rules) 2407613 - ET RBN Known Russian Business Network IP UDP - BLOCKING (307) (emerging-rbn-BLOCK.rules) 2407614 - ET RBN Known Russian Business Network IP TCP - BLOCKING (308) (emerging-rbn-BLOCK.rules) 2407615 - ET RBN Known Russian Business Network IP UDP - BLOCKING (308) (emerging-rbn-BLOCK.rules) 2407616 - ET RBN Known Russian Business Network IP TCP - BLOCKING (309) (emerging-rbn-BLOCK.rules) 2407617 - ET RBN Known Russian Business Network IP UDP - BLOCKING (309) (emerging-rbn-BLOCK.rules) 2407618 - ET RBN Known Russian Business Network IP TCP - BLOCKING (310) (emerging-rbn-BLOCK.rules) 2407619 - ET RBN Known Russian Business Network IP UDP - BLOCKING (310) (emerging-rbn-BLOCK.rules) [+++] Added non-rule lines: [+++] -> Added to emerging-drop-BLOCK.rules (2): # VERSION 1562 # Generated 2009-06-06 00:03:02 EDT -> Added to emerging-drop.rules (2): # VERSION 1562 # Generated 2009-06-06 00:03:02 EDT -> Added to emerging-policy.rules (1): #bu Jaime Blasco -> Added to emerging-rbn-BLOCK.rules (2): # VERSION 132 # Updated 2009-06-03 13:33:29 -> Added to emerging-rbn.rules (2): # VERSION 132 # Updated 2009-06-03 13:33:29 -> Added to emerging-sid-msg.map (160): 2009353 || ET TROJAN Bredolab/Gumblar Downloader Communicating With Controller (1) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/VIRUS/TROJAN_Bredolab || url,doc.emergingthreats.net/2009353 || url,www.microsoft.com/security/portal/Entry.aspx?Name=TrojanDownloader\:Win32/Bredolab.B 2009354 || ET TROJAN Bredolab/Gumblar Downloader Communicating With Controller (2) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/VIRUS/TROJAN_Bredolab || url,doc.emergingthreats.net/2009354 || url,www.microsoft.com/security/portal/Entry.aspx?Name=TrojanDownloader\:Win32/Bredolab.B 2009375 || ET POLICY General MSN Chat Activity || url,www.hypothetic.org/docs/msn/general/http_examples.php 2009376 || ET POLICY MSN User-Agent Activity || url,www.hypothetic.org/docs/msn/general/http_examples.php 2500224 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (113) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500225 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (113) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500226 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (114) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500227 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (114) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500228 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (115) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500229 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (115) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500230 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (116) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500231 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (116) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500232 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (117) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500233 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (117) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500234 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (118) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500235 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (118) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500236 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (119) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500237 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (119) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500238 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (120) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500239 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (120) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500240 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (121) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500241 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (121) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500242 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (122) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500243 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (122) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500244 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (123) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500245 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (123) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500246 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (124) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500247 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (124) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500248 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (125) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500249 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (125) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500250 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (126) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500251 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (126) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500252 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (127) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500253 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (127) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500254 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (128) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500255 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (128) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500256 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (129) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500257 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (129) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500258 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (130) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500259 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (130) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500260 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (131) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500261 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (131) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500262 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (132) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500263 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (132) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500264 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (133) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500265 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (133) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500266 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (134) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500267 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (134) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500268 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (135) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500269 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (135) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500270 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (136) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500271 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (136) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500272 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (137) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500273 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (137) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500274 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (138) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500275 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (138) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500276 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (139) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500277 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (139) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500278 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (140) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500279 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (140) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500280 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (141) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500281 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (141) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500282 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (142) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500283 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (142) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500284 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (143) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500285 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (143) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500286 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (144) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500287 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (144) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500288 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (145) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500289 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (145) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500290 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (146) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500291 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (146) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500292 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (147) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500293 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (147) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500294 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (148) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500295 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (148) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500296 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (149) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500297 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (149) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500298 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (150) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500299 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (150) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500300 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (151) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500301 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (151) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510224 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (113) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510225 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (113) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510226 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (114) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510227 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (114) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510228 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (115) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510229 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (115) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510230 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (116) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510231 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (116) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510232 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (117) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510233 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (117) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510234 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (118) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510235 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (118) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510236 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (119) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510237 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (119) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510238 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (120) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510239 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (120) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510240 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (121) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510241 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (121) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510242 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (122) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510243 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (122) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510244 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (123) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510245 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (123) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510246 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (124) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510247 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (124) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510248 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (125) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510249 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (125) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510250 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (126) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510251 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (126) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510252 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (127) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510253 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (127) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510254 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (128) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510255 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (128) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510256 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (129) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510257 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (129) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510258 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (130) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510259 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (130) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510260 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (131) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510261 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (131) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510262 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (132) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510263 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (132) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510264 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (133) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510265 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (133) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510266 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (134) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510267 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (134) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510268 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (135) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510269 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (135) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510270 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (136) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510271 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (136) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510272 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (137) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510273 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (137) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510274 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (138) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510275 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (138) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510276 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (139) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510277 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (139) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510278 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (140) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510279 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (140) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510280 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (141) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510281 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (141) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510282 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (142) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510283 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (142) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510284 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (143) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510285 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (143) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510286 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (144) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510287 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (144) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510288 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (145) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510289 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (145) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510290 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (146) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510291 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (146) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510292 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (147) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510293 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (147) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510294 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (148) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510295 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (148) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510296 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (149) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510297 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (149) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510298 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (150) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510299 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (150) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510300 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (151) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510301 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (151) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts -> Added to emerging-sid-msg.map.txt (160): 2009353 || ET TROJAN Bredolab/Gumblar Downloader Communicating With Controller (1) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/VIRUS/TROJAN_Bredolab || url,doc.emergingthreats.net/2009353 || url,www.microsoft.com/security/portal/Entry.aspx?Name=TrojanDownloader\:Win32/Bredolab.B 2009354 || ET TROJAN Bredolab/Gumblar Downloader Communicating With Controller (2) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/VIRUS/TROJAN_Bredolab || url,doc.emergingthreats.net/2009354 || url,www.microsoft.com/security/portal/Entry.aspx?Name=TrojanDownloader\:Win32/Bredolab.B 2009375 || ET POLICY General MSN Chat Activity || url,www.hypothetic.org/docs/msn/general/http_examples.php 2009376 || ET POLICY MSN User-Agent Activity || url,www.hypothetic.org/docs/msn/general/http_examples.php 2500224 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (113) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500225 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (113) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500226 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (114) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500227 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (114) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500228 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (115) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500229 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (115) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500230 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (116) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500231 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (116) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500232 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (117) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500233 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (117) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500234 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (118) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500235 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (118) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500236 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (119) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500237 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (119) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500238 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (120) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500239 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (120) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500240 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (121) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500241 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (121) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500242 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (122) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500243 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (122) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500244 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (123) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500245 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (123) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500246 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (124) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500247 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (124) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500248 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (125) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500249 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (125) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500250 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (126) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500251 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (126) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500252 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (127) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500253 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (127) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500254 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (128) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500255 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (128) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500256 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (129) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500257 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (129) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500258 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (130) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500259 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (130) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500260 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (131) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500261 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (131) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500262 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (132) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500263 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (132) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500264 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (133) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500265 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (133) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500266 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (134) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500267 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (134) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500268 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (135) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500269 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (135) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500270 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (136) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500271 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (136) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500272 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (137) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500273 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (137) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500274 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (138) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500275 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (138) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500276 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (139) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500277 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (139) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500278 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (140) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500279 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (140) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500280 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (141) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500281 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (141) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500282 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (142) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500283 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (142) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500284 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (143) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500285 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (143) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500286 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (144) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500287 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (144) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500288 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (145) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500289 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (145) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500290 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (146) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500291 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (146) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500292 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (147) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500293 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (147) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500294 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (148) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500295 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (148) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500296 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (149) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500297 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (149) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500298 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (150) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500299 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (150) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500300 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (151) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500301 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (151) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510224 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (113) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510225 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (113) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510226 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (114) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510227 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (114) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510228 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (115) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510229 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (115) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510230 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (116) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510231 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (116) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510232 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (117) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510233 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (117) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510234 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (118) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510235 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (118) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510236 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (119) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510237 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (119) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510238 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (120) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510239 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (120) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510240 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (121) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510241 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (121) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510242 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (122) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510243 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (122) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510244 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (123) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510245 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (123) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510246 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (124) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510247 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (124) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510248 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (125) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510249 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (125) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510250 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (126) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510251 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (126) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510252 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (127) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510253 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (127) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510254 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (128) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510255 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (128) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510256 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (129) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510257 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (129) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510258 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (130) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510259 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (130) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510260 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (131) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510261 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (131) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510262 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (132) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510263 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (132) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510264 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (133) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510265 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (133) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510266 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (134) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510267 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (134) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510268 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (135) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510269 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (135) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510270 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (136) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510271 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (136) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510272 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (137) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510273 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (137) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510274 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (138) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510275 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (138) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510276 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (139) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510277 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (139) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510278 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (140) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510279 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (140) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510280 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (141) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510281 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (141) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510282 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (142) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510283 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (142) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510284 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (143) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510285 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (143) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510286 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (144) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510287 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (144) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510288 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (145) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510289 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (145) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510290 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (146) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510291 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (146) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510292 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (147) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510293 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (147) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510294 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (148) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510295 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (148) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510296 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (149) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510297 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (149) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510298 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (150) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510299 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (150) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510300 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (151) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510301 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (151) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts [---] Removed non-rule lines: [---] -> Removed from emerging-drop-BLOCK.rules (2): # VERSION 1555 # Generated 2009-05-30 00:03:02 EDT -> Removed from emerging-drop.rules (2): # VERSION 1555 # Generated 2009-05-30 00:03:02 EDT -> Removed from emerging-rbn-BLOCK.rules (2): # VERSION 131 # Updated 2009-05-27 12:51:59 -> Removed from emerging-rbn.rules (2): # VERSION 131 # Updated 2009-05-27 12:51:59 -> Removed from emerging-sid-msg.map (2): 2009353 || ET TROJAN Bredolab/Gumblar Downloader Communicating With Controller (1) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/VIRUS/TROJAN_Bredolab || url,doc.emergingthreats.net/2009353 || url,www.microsoft.com/security/portal/Entry.aspx?Name=TrojanDownloader:Win32/Bredolab.B 2009354 || ET TROJAN Bredolab/Gumblar Downloader Communicating With Controller (2) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/VIRUS/TROJAN_Bredolab || url,doc.emergingthreats.net/2009354 || url,www.microsoft.com/security/portal/Entry.aspx?Name=TrojanDownloader:Win32/Bredolab.B -> Removed from emerging-sid-msg.map.txt (2): 2009353 || ET TROJAN Bredolab/Gumblar Downloader Communicating With Controller (1) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/VIRUS/TROJAN_Bredolab || url,doc.emergingthreats.net/2009353 || url,www.microsoft.com/security/portal/Entry.aspx?Name=TrojanDownloader:Win32/Bredolab.B 2009354 || ET TROJAN Bredolab/Gumblar Downloader Communicating With Controller (2) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/VIRUS/TROJAN_Bredolab || url,doc.emergingthreats.net/2009354 || url,www.microsoft.com/security/portal/Entry.aspx?Name=TrojanDownloader:Win32/Bredolab.B From emerging at emergingthreats.net Sun Jun 7 16:00:11 2009 From: emerging at emergingthreats.net (emerging@emergingthreats.net) Date: Sun, 7 Jun 2009 16:00:11 -0400 (EDT) Subject: [Emerging-Sigs] Emerging Threats Daily Signature Changes Message-ID: <20090607200011.C129F4504A@goliath.jonkmans.com> [***] Results from Oinkmaster started Sun Jun 7 16:00:11 2009 [***] [*] Rules modifications: [*] None. [---] Removed non-rule lines: [---] -> Removed from emerging-sid-msg.map (56): 2500274 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (138) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500275 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (138) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500276 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (139) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500277 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (139) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500278 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (140) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500279 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (140) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500280 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (141) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500281 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (141) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500282 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (142) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500283 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (142) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500284 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (143) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500285 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (143) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500286 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (144) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500287 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (144) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500288 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (145) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500289 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (145) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500290 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (146) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500291 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (146) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500292 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (147) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500293 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (147) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500294 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (148) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500295 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (148) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500296 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (149) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500297 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (149) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500298 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (150) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500299 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (150) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500300 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (151) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500301 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (151) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510274 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (138) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510275 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (138) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510276 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (139) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510277 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (139) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510278 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (140) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510279 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (140) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510280 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (141) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510281 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (141) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510282 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (142) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510283 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (142) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510284 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (143) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510285 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (143) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510286 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (144) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510287 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (144) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510288 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (145) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510289 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (145) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510290 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (146) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510291 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (146) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510292 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (147) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510293 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (147) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510294 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (148) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510295 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (148) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510296 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (149) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510297 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (149) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510298 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (150) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510299 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (150) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510300 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (151) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510301 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (151) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts -> Removed from emerging-sid-msg.map.txt (56): 2500274 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (138) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500275 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (138) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500276 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (139) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500277 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (139) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500278 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (140) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500279 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (140) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500280 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (141) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500281 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (141) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500282 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (142) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500283 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (142) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500284 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (143) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500285 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (143) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500286 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (144) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500287 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (144) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500288 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (145) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500289 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (145) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500290 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (146) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500291 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (146) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500292 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (147) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500293 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (147) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500294 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (148) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500295 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (148) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500296 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (149) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500297 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (149) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500298 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (150) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500299 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (150) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500300 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (151) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500301 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (151) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510274 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (138) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510275 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (138) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510276 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (139) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510277 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (139) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510278 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (140) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510279 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (140) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510280 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (141) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510281 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (141) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510282 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (142) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510283 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (142) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510284 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (143) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510285 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (143) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510286 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (144) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510287 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (144) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510288 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (145) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510289 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (145) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510290 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (146) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510291 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (146) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510292 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (147) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510293 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (147) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510294 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (148) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510295 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (148) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510296 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (149) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510297 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (149) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510298 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (150) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510299 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (150) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510300 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (151) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510301 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (151) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts From dxp2532 at gmail.com Sun Jun 7 22:45:31 2009 From: dxp2532 at gmail.com (dxp) Date: Sun, 07 Jun 2009 22:45:31 -0400 Subject: [Emerging-Sigs] FN on 2008625 - ET P2P Pando Client ... Message-ID: <1244429131.10764.4.camel@kinta> Due to case sensitivity this signature has False Negatives. I have observed the following UAS: "User-agent: Mozilla/4.0 (Windows; U) Pando/1.9.5.9" but the signature looks for "User-Agent" with uppercase "A". - -=[ dxp ]=- 0xA3F3C6E3 -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.emergingthreats.net/pipermail/emerging-sigs/attachments/20090607/016c3bf5/attachment.html -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.emergingthreats.net/pipermail/emerging-sigs/attachments/20090607/016c3bf5/attachment.bin From r.fulton at auckland.ac.nz Mon Jun 8 02:45:42 2009 From: r.fulton at auckland.ac.nz (Russell Fulton) Date: Mon, 8 Jun 2009 18:45:42 +1200 Subject: [Emerging-Sigs] query : ET TROJAN Pitbull IRCbotnet Commands Message-ID: <3698B97A-F10B-4B09-930B-5BE75318169C@auckland.ac.nz> alert tcp any any -> $HOME_NET any (msg:"ET TROJAN Pitbull IRCbotnet Commands"; flow:from_server,established; content:"PRIVMSG|20|"; pcre:"/ @(portscan|nmap|back|udpflood|tcpflood|httpflood|linuxhelp|rfi|system| milw0rm|logcleaner|sendmail|join|part|help)/i"; flowbits:set,irc.trojan; classtype:trojan-activity; reference:url,en.wikipedia.org/wiki/IRC_bot; reference:url,doc.emergingthreats.net/2007625; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/VIRUS/TROJAN_IRC_Pitbull ; sid:2007625; rev:4;) Presumably the command that the sig is looking for are part of the PRIVMSG (i.e. occur in the packet after the PRIVMSG) ? I'm getting hits on things like this: :back2thefutre!back2thefutre at back2thefutre.irc.justin.tv PRI VMSG #exclusive10-1 :wiener... it took me ages to realise that the pcre must be matching the "back" *before* the priv message. Russell From signatures at stillsecure.com Mon Jun 8 03:36:53 2009 From: signatures at stillsecure.com (signatures) Date: Mon, 8 Jun 2009 01:36:53 -0600 Subject: [Emerging-Sigs] StillSecure: 10 New Signatures - June-08-2009 Message-ID: <5C9E8CCEEB81ED498AC0C3B0054704F3054C2931@webmail.latis.com> Hi Matt, Please find 10 New Signatures below: 1. WEB-PHP Acute Control Panel container.php theme_directory parameter local file inclusion alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-PHP Acute Control Panel container.php theme_directory parameter local file inclusion"; flow:to_server,established; content:"GET "; depth:4; uricontent:"/container.php?"; nocase; uricontent:"theme_directory="; nocase; content:"../"; classtype:web-application-attack; reference:url,secunia.com/advisories/34485/; reference:bugtraq,34265; reference:url,milw0rm.com/exploits/8291; sid:2009259; rev:1;) 2. WEB-PHP Acute Control Panel container.php theme_directory parameter remote file inclusion alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-PHP Acute Control Panel container.php theme_directory parameter remote file inclusion"; flow:to_server,established; content:"GET "; depth:4; uricontent:"/container.php?"; nocase; uricontent:"theme_directory="; nocase; pcre:"/theme_directory=\s*(https?|ftps?|php)\:\//Ui"; classtype:web-application-attack; reference:url,secunia.com/advisories/34485/; reference:bugtraq,34265; reference:url,milw0rm.com/exploits/8291; sid:2009262; rev:1;) 3. WEB-PHP Acute Control Panel header.php theme_directory parameter remote file inclusion alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-PHP Acute Control Panel header.php theme_directory parameter remote file inclusion"; flow:to_server,established; content:"GET "; depth:4; uricontent:"/header.php?"; nocase; uricontent:"theme_directory="; nocase; pcre:"/theme_directory=\s*(https?|ftps?|php)\:\//Ui"; classtype:web-application-attack; reference:url,secunia.com/advisories/34485/; reference:bugtraq,34265; reference:url,milw0rm.com/exploits/8291; sid:2009260; rev:1;) 4. WEB-PHP Acute Control Panel header.php theme_directory parameter local file inclusion alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-PHP Acute Control Panel header.php theme_directory parameter local file inclusion"; flow:to_server,established; content:"GET "; depth:4; uricontent:"/header.php?"; nocase; uricontent:"theme_directory="; nocase; content:"../"; classtype:web-application-attack; reference:url,secunia.com/advisories/34485/; reference:bugtraq,34265; reference:url,milw0rm.com/exploits/8291; sid:2009261; rev:1;) 5. WEB-PHP Interact embedforum.php Remote File Inclusion alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-PHP Interact embedforum.php Remote File Inclusion"; flow:to_server,established; content:"GET "; depth:4; uricontent:"/embedforum.php?"; nocase; uricontent:"CONFIG[LANGUAGE_CPATH]="; nocase; pcre:"/CONFIG\[LANGUAGE_CPATH\]=\s*(https?|ftps?|php)\:\//Ui"; classtype:web-application-attack; reference:url,milw0rm.com/exploits/5526; reference:bugtraq,28996; sid:2009114; rev:1;) 6. WEB-PHP Interact lib.inc.php Remote File Inclusion alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-PHP Interact lib.inc.php Remote File Inclusion"; flow:to_server,established; content:"GET "; depth:4; uricontent:"/scorm/lib.inc.php?"; nocase; uricontent:"CONFIG[BASE_PATH]="; nocase; pcre:"/CONFIG\[BASE_PATH\]=\s*(https?|ftps?|php)\:\//Ui"; classtype:web-application-attack; reference:url,milw0rm.com/exploits/5526; reference:bugtraq,28996; sid:2009115; rev:1;) 7. WEB-PHP Agares Media ThemeSiteScript frontpage_right.php Remote File Inclusion alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-PHP Agares Media ThemeSiteScript frontpage_right.php Remote File Inclusion"; flow:to_server,established; content:"GET "; depth:4; uricontent:"/admin/frontpage_right.php?"; nocase; uricontent:"loadadminpage="; nocase; pcre:"/loadadminpage=\s*(https?|ftps?|php)\:\//Ui"; classtype:web-application-attack; reference:bugtraq,31959; reference:url,milw0rm.com/exploits/6859; reference:url,vupen.com/english/advisories/2008/2959; sid:2009118; rev:1;) 8. WEB-PHP Joomla Dada Mail Manager Component config.dadamail.php GLOBALS Parameter Local File Inclusion alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-PHP Joomla Dada Mail Manager Component config.dadamail.php GLOBALS Parameter Local File Inclusion"; flow:to_server,established; content:"GET "; depth:4; uricontent:"/config.dadamail.php?"; nocase; uricontent:"GLOBALS[mosConfig_absolute_path]="; nocase; content:"../"; classtype:web-application-attack; reference:url,secunia.com/advisories/32551; reference:bugtraq,32135; reference:url,milw0rm.com/exploits/7002; sid:2009262; rev:1;) 9. WEB-PHP Joomla Dada Mail Manager Component config.dadamail.php GLOBALS Parameter Remote File Inclusion alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-PHP Joomla Dada Mail Manager Component config.dadamail.php GLOBALS Parameter Remote File Inclusion"; flow:to_server,established; content:"GET "; depth:4; uricontent:"/config.dadamail.php?"; nocase; uricontent:"GLOBALS[mosConfig_absolute_path]="; nocase; pcre:"/GLOBALS\[mosConfig_absolute_path\]=\s*(ftps?|https?|php)\:\//Ui"; classtype:web-application-attack; reference:url,secunia.com/advisories/32551; reference:bugtraq,32135; reference:url,milw0rm.com/exploits/7002; sid:2009263; rev:1;) 10. WEB-ATTACKS Symantec WinFax Pro DCCFAXVW.DLL Heap Buffer Overflow alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"WEB-ATTACKS Symantec WinFax Pro DCCFAXVW.DLL Heap Buffer Overflow"; flow:to_client,established; content:"clsid"; nocase; content:"C05A1FBC-1413-11D1-B05F-00805F4945F6"; nocase; distance:0; content:"AppendFax"; nocase; classtype:web-application-attack; reference:bugtraq,34766; reference:url,milw0rm.com/exploits/8562; sid:7507; rev:1;) Looking forward for your comments, if any... Thanks & Regards, StillSecure -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.emergingthreats.net/pipermail/emerging-sigs/attachments/20090608/f2c96298/attachment-0001.html From jonkman at jonkmans.com Mon Jun 8 09:37:46 2009 From: jonkman at jonkmans.com (Matt Jonkman) Date: Mon, 08 Jun 2009 09:37:46 -0400 Subject: [Emerging-Sigs] StillSecure: 10 New Signatures - June-08-2009 In-Reply-To: <5C9E8CCEEB81ED498AC0C3B0054704F3054C2931@webmail.latis.com> References: <5C9E8CCEEB81ED498AC0C3B0054704F3054C2931@webmail.latis.com> Message-ID: <4A2D142A.7080305@jonkmans.com> Posted, thanks! Matt signatures wrote: > Hi Matt, > > Please find 10 New Signatures below: > > 1. *WEB-PHP Acute Control Panel container.php theme_directory > parameter local file inclusion* > alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-PHP > Acute Control Panel container.php theme_directory parameter local file > inclusion"; flow:to_server,established; content:"GET "; depth:4; > uricontent:"/container.php?"; nocase; uricontent:"theme_directory="; > nocase; content:"../"; classtype:web-application-attack; > reference:url,secunia.com/advisories/34485/; reference:bugtraq,34265; > reference:url,milw0rm.com/exploits/8291; sid:2009259; rev:1;) > > 2. *WEB-PHP Acute Control Panel container.php theme_directory > parameter remote file inclusion* > alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-PHP > Acute Control Panel container.php theme_directory parameter remote file > inclusion"; flow:to_server,established; content:"GET "; depth:4; > uricontent:"/container.php?"; nocase; uricontent:"theme_directory="; > nocase; pcre:"/theme_directory=\s*(https?|ftps?|php)\:\//Ui"; > classtype:web-application-attack; > reference:url,secunia.com/advisories/34485/; reference:bugtraq,34265; > reference:url,milw0rm.com/exploits/8291; sid:2009262; rev:1;) > > 3. *WEB-PHP Acute Control Panel header.php theme_directory > parameter remote file inclusion* > alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-PHP > Acute Control Panel header.php theme_directory parameter remote file > inclusion"; flow:to_server,established; content:"GET "; depth:4; > uricontent:"/header.php?"; nocase; uricontent:"theme_directory="; > nocase; pcre:"/theme_directory=\s*(https?|ftps?|php)\:\//Ui"; > classtype:web-application-attack; > reference:url,secunia.com/advisories/34485/; reference:bugtraq,34265; > reference:url,milw0rm.com/exploits/8291; sid:2009260; rev:1;) > > 4. *WEB-PHP Acute Control Panel header.php theme_directory > parameter local file inclusion* > alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-PHP > Acute Control Panel header.php theme_directory parameter local file > inclusion"; flow:to_server,established; content:"GET "; depth:4; > uricontent:"/header.php?"; nocase; uricontent:"theme_directory="; > nocase; content:"../"; classtype:web-application-attack; > reference:url,secunia.com/advisories/34485/; reference:bugtraq,34265; > reference:url,milw0rm.com/exploits/8291; sid:2009261; rev:1;) > > 5. *WEB-PHP Interact embedforum.php Remote File Inclusion* > alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-PHP > Interact embedforum.php Remote File Inclusion"; > flow:to_server,established; content:"GET "; depth:4; > uricontent:"/embedforum.php?"; nocase; > uricontent:"CONFIG[LANGUAGE_CPATH]="; nocase; > pcre:"/CONFIG\[LANGUAGE_CPATH\]=\s*(https?|ftps?|php)\:\//Ui"; > classtype:web-application-attack; > reference:url,milw0rm.com/exploits/5526; reference:bugtraq,28996; > sid:2009114; rev:1;) > > 6. *WEB-PHP Interact lib.inc.php Remote File Inclusion* > alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-PHP > Interact lib.inc.php Remote File Inclusion"; flow:to_server,established; > content:"GET "; depth:4; uricontent:"/scorm/lib.inc.php?"; nocase; > uricontent:"CONFIG[BASE_PATH]="; nocase; > pcre:"/CONFIG\[BASE_PATH\]=\s*(https?|ftps?|php)\:\//Ui"; > classtype:web-application-attack; > reference:url,milw0rm.com/exploits/5526; reference:bugtraq,28996; > sid:2009115; rev:1;) > > 7. *WEB-PHP Agares Media ThemeSiteScript frontpage_right.php > Remote File Inclusion* > alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-PHP > Agares Media ThemeSiteScript frontpage_right.php Remote File Inclusion"; > flow:to_server,established; content:"GET "; depth:4; > uricontent:"/admin/frontpage_right.php?"; nocase; > uricontent:"loadadminpage="; nocase; > pcre:"/loadadminpage=\s*(https?|ftps?|php)\:\//Ui"; > classtype:web-application-attack; reference:bugtraq,31959; > reference:url,milw0rm.com/exploits/6859; > reference:url,vupen.com/english/advisories/2008/2959; sid:2009118; rev:1;) > > 8. *WEB-PHP Joomla Dada Mail Manager Component config.dadamail.php > GLOBALS Parameter Local File Inclusion* > alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-PHP > Joomla Dada Mail Manager Component config.dadamail.php GLOBALS Parameter > Local File Inclusion"; flow:to_server,established; content:"GET "; > depth:4; uricontent:"/config.dadamail.php?"; nocase; > uricontent:"GLOBALS[mosConfig_absolute_path]="; nocase; content:"../"; > classtype:web-application-attack; > reference:url,secunia.com/advisories/32551; reference:bugtraq,32135; > reference:url,milw0rm.com/exploits/7002; sid:2009262; rev:1;) > > 9. *WEB-PHP Joomla Dada Mail Manager Component config.dadamail.php > GLOBALS Parameter Remote File Inclusion* > alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-PHP > Joomla Dada Mail Manager Component config.dadamail.php GLOBALS Parameter > Remote File Inclusion"; flow:to_server,established; content:"GET "; > depth:4; uricontent:"/config.dadamail.php?"; nocase; > uricontent:"GLOBALS[mosConfig_absolute_path]="; nocase; > pcre:"/GLOBALS\[mosConfig_absolute_path\]=\s*(ftps?|https?|php)\:\//Ui"; > classtype:web-application-attack; > reference:url,secunia.com/advisories/32551; reference:bugtraq,32135; > reference:url,milw0rm.com/exploits/7002; sid:2009263; rev:1;) > > 10. *WEB-ATTACKS Symantec WinFax Pro DCCFAXVW.DLL Heap Buffer Overflow* > alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"WEB-ATTACKS > Symantec WinFax Pro DCCFAXVW.DLL Heap Buffer Overflow"; > flow:to_client,established; content:"clsid"; nocase; > content:"C05A1FBC-1413-11D1-B05F-00805F4945F6"; nocase; distance:0; > content:"AppendFax"; nocase; classtype:web-application-attack; > reference:bugtraq,34766; reference:url,milw0rm.com/exploits/8562; > sid:7507; rev:1;) > > Looking forward for your comments, if any? > > Thanks & Regards, > StillSecure > > > ------------------------------------------------------------------------ > > _______________________________________________ > Emerging-sigs mailing list > Emerging-sigs at emergingthreats.net > http://lists.emergingthreats.net/mailman/listinfo/emerging-sigs -- -------------------------------------------- Matthew Jonkman Emerging Threats Phone 765-429-0398 Fax 312-264-0205 http://www.emergingthreats.net -------------------------------------------- PGP: http://www.jonkmans.com/mattjonkman.asc From jonkman at jonkmans.com Mon Jun 8 09:40:04 2009 From: jonkman at jonkmans.com (Matt Jonkman) Date: Mon, 08 Jun 2009 09:40:04 -0400 Subject: [Emerging-Sigs] query : ET TROJAN Pitbull IRCbotnet Commands In-Reply-To: <3698B97A-F10B-4B09-930B-5BE75318169C@auckland.ac.nz> References: <3698B97A-F10B-4B09-930B-5BE75318169C@auckland.ac.nz> Message-ID: <4A2D14B4.9070208@jonkmans.com> Good point. I've fixed that with a PRIVMSG at the beginning of the pcre. Can you let me know if you see any further falses? Thanks Russell! Matt Russell Fulton wrote: > alert tcp any any -> $HOME_NET any (msg:"ET TROJAN Pitbull IRCbotnet > Commands"; flow:from_server,established; content:"PRIVMSG|20|"; pcre:"/ > @(portscan|nmap|back|udpflood|tcpflood|httpflood|linuxhelp|rfi|system| > milw0rm|logcleaner|sendmail|join|part|help)/i"; > flowbits:set,irc.trojan; classtype:trojan-activity; > reference:url,en.wikipedia.org/wiki/IRC_bot; > reference:url,doc.emergingthreats.net/2007625; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/VIRUS/TROJAN_IRC_Pitbull > ; sid:2007625; rev:4;) > > Presumably the command that the sig is looking for are part of the > PRIVMSG (i.e. occur in the packet after the PRIVMSG) ? > > I'm getting hits on things like this: > > :back2thefutre!back2thefutre at back2thefutre.irc.justin.tv PRI > VMSG #exclusive10-1 :wiener... > > it took me ages to realise that the pcre must be matching the "back" > *before* the priv message. > > Russell > > _______________________________________________ > Emerging-sigs mailing list > Emerging-sigs at emergingthreats.net > http://lists.emergingthreats.net/mailman/listinfo/emerging-sigs -- -------------------------------------------- Matthew Jonkman Emerging Threats Phone 765-429-0398 Fax 312-264-0205 http://www.emergingthreats.net -------------------------------------------- PGP: http://www.jonkmans.com/mattjonkman.asc From jonkman at jonkmans.com Mon Jun 8 09:42:52 2009 From: jonkman at jonkmans.com (Matt Jonkman) Date: Mon, 08 Jun 2009 09:42:52 -0400 Subject: [Emerging-Sigs] FN on 2008625 - ET P2P Pando Client ... In-Reply-To: <1244429131.10764.4.camel@kinta> References: <1244429131.10764.4.camel@kinta> Message-ID: <4A2D155C.2010500@jonkmans.com> Interesting, but fixable. Update out momentarily. Thanks dxp! Matt dxp wrote: > Due to case sensitivity this signature has False Negatives. > > I have observed the following UAS: "User-agent: Mozilla/4.0 (Windows; U) > Pando/1.9.5.9" > but the signature looks for "User-Agent" with uppercase "A". > > > - > > -=[ dxp ]=- > 0xA3F3C6E3 > > > > > ------------------------------------------------------------------------ > > _______________________________________________ > Emerging-sigs mailing list > Emerging-sigs at emergingthreats.net > http://lists.emergingthreats.net/mailman/listinfo/emerging-sigs -- -------------------------------------------- Matthew Jonkman Emerging Threats Phone 765-429-0398 Fax 312-264-0205 http://www.emergingthreats.net -------------------------------------------- PGP: http://www.jonkmans.com/mattjonkman.asc From jonkman at jonkmans.com Mon Jun 8 12:13:29 2009 From: jonkman at jonkmans.com (Matt Jonkman) Date: Mon, 08 Jun 2009 12:13:29 -0400 Subject: [Emerging-Sigs] PPTP In-Reply-To: <53834cf20906040902u6474e18dg5951b579ee74a97c@mail.gmail.com> References: <53834cf20906040811h668cb664tbbcd7c1601a7bf30@mail.gmail.com> <53834cf20906040818h1311b1ffof3a998172687682a@mail.gmail.com> <20090604105841.4hteezu7lwkwgo8c@mail.afferentsecurity.com> <53834cf20906040902u6474e18dg5951b579ee74a97c@mail.gmail.com> Message-ID: <4A2D38A9.1020703@jonkmans.com> Got it posted, thanks guys, great sig! Matt Jaime Blasco wrote: > Yeah, Thanks > > Regards > > 2009/6/4 Jack Pepper > > > and SRC should be HOME_NET, DST=EXTERNAL_NET, right? > > jp > > Quoting Jaime Blasco >: > > > Sorry there is an error on the rule I've posted. The src port must > be 1723 > > not the dst port: > > > > alert tcp $EXTERNAL_NET 1723 -> $HOME_NET any (msg:"ET POLICY PPTP > Requester > > is not authorized to establish a command channel"; > > flow:to_server,established,no_stream; content:"|00 01|"; depth:2; > offset:2; > > content:"|00 02|"; depth:2; offset:8; content:"|04|; depth:1; > offset:12; > > classtype:attempted-admin; > reference:url,tools.ietf.org/html/rfc2637 > ; sid:; > > rev:1;) > > > > > > > > 2009/6/4 Jaime Blasco > > > > >> Hi all, > >> > >> I was looking for some rules to detect PPTP not authorized responses. > >> > >> On snort we only have a rule to detect Start Control Requests > sid:2126 > >> > >> As described on the rfc: http://tools.ietf.org/html/rfc2637 this rule > >> might work to detect attempts to connect to pptp denied by the > server. > >> > >> alert tcp $EXTERNAL_NET any -> $HOME_NET 1723 (msg:"ET POLICY PPTP > >> Requester is not authorized to establish a command channel"; > >> flow:to_server,established,no_stream; content:"|00 01|"; depth:2; > offset:2; > >> content:"|00 02|"; depth:2; offset:8; content:"|04|; depth:1; > offset:12; > >> classtype:attempted-admin; > reference:url,tools.ietf.org/html/rfc2637 > ; > >> sid:; rev:1;) > >> > >> > >> -- > >> _______________________________ > >> > >> Jaime Blasco > >> > >> www.ossim.com > >> www.alienvault.com > >> Email: jaime.blasco at alienvault.com > > >> > >> > > > > > > -- > > _______________________________ > > > > Jaime Blasco > > > > www.ossim.com > > www.alienvault.com > > Email: jaime.blasco at alienvault.com > > > > > -- > > Framework? I don't need no stinking framework! > > ---------------------------------------------------------------- > @fferent Security Labs: Isolate/Insulate/Innovate > http://www.afferentsecurity.com > > _______________________________________________ > Emerging-sigs mailing list > Emerging-sigs at emergingthreats.net > > http://lists.emergingthreats.net/mailman/listinfo/emerging-sigs > > > > > -- > _______________________________ > > Jaime Blasco > > www.ossim.com > www.alienvault.com > Email: jaime.blasco at alienvault.com > > > ------------------------------------------------------------------------ > > _______________________________________________ > Emerging-sigs mailing list > Emerging-sigs at emergingthreats.net > http://lists.emergingthreats.net/mailman/listinfo/emerging-sigs -- -------------------------------------------- Matthew Jonkman Emerging Threats Phone 765-429-0398 Fax 312-264-0205 http://www.emergingthreats.net -------------------------------------------- PGP: http://www.jonkmans.com/mattjonkman.asc From jonkman at jonkmans.com Mon Jun 8 12:22:03 2009 From: jonkman at jonkmans.com (Matt Jonkman) Date: Mon, 08 Jun 2009 12:22:03 -0400 Subject: [Emerging-Sigs] PPTP In-Reply-To: <4A2D38A9.1020703@jonkmans.com> References: <53834cf20906040811h668cb664tbbcd7c1601a7bf30@mail.gmail.com> <53834cf20906040818h1311b1ffof3a998172687682a@mail.gmail.com> <20090604105841.4hteezu7lwkwgo8c@mail.afferentsecurity.com> <53834cf20906040902u6474e18dg5951b579ee74a97c@mail.gmail.com> <4A2D38A9.1020703@jonkmans.com> Message-ID: <4A2D3AAB.8000603@jonkmans.com> Wait, question: depth:1 offset:2 are contradictory. What's the intended positions? Matt Matt Jonkman wrote: > Got it posted, thanks guys, great sig! > > Matt > > Jaime Blasco wrote: >> Yeah, Thanks >> >> Regards >> >> 2009/6/4 Jack Pepper > > >> >> and SRC should be HOME_NET, DST=EXTERNAL_NET, right? >> >> jp >> >> Quoting Jaime Blasco > >: >> >> > Sorry there is an error on the rule I've posted. The src port must >> be 1723 >> > not the dst port: >> > >> > alert tcp $EXTERNAL_NET 1723 -> $HOME_NET any (msg:"ET POLICY PPTP >> Requester >> > is not authorized to establish a command channel"; >> > flow:to_server,established,no_stream; content:"|00 01|"; depth:2; >> offset:2; >> > content:"|00 02|"; depth:2; offset:8; content:"|04|; depth:1; >> offset:12; >> > classtype:attempted-admin; >> reference:url,tools.ietf.org/html/rfc2637 >> ; sid:; >> > rev:1;) >> > >> > >> > >> > 2009/6/4 Jaime Blasco > > >> > >> >> Hi all, >> >> >> >> I was looking for some rules to detect PPTP not authorized responses. >> >> >> >> On snort we only have a rule to detect Start Control Requests >> sid:2126 >> >> >> >> As described on the rfc: http://tools.ietf.org/html/rfc2637 this rule >> >> might work to detect attempts to connect to pptp denied by the >> server. >> >> >> >> alert tcp $EXTERNAL_NET any -> $HOME_NET 1723 (msg:"ET POLICY PPTP >> >> Requester is not authorized to establish a command channel"; >> >> flow:to_server,established,no_stream; content:"|00 01|"; depth:2; >> offset:2; >> >> content:"|00 02|"; depth:2; offset:8; content:"|04|; depth:1; >> offset:12; >> >> classtype:attempted-admin; >> reference:url,tools.ietf.org/html/rfc2637 >> ; >> >> sid:; rev:1;) >> >> >> >> >> >> -- >> >> _______________________________ >> >> >> >> Jaime Blasco >> >> >> >> www.ossim.com >> >> www.alienvault.com >> >> Email: jaime.blasco at alienvault.com >> >> >> >> >> >> > >> > >> > -- >> > _______________________________ >> > >> > Jaime Blasco >> > >> > www.ossim.com >> > www.alienvault.com >> > Email: jaime.blasco at alienvault.com >> >> > >> >> -- >> >> Framework? I don't need no stinking framework! >> >> ---------------------------------------------------------------- >> @fferent Security Labs: Isolate/Insulate/Innovate >> http://www.afferentsecurity.com >> >> _______________________________________________ >> Emerging-sigs mailing list >> Emerging-sigs at emergingthreats.net >> >> http://lists.emergingthreats.net/mailman/listinfo/emerging-sigs >> >> >> >> >> -- >> _______________________________ >> >> Jaime Blasco >> >> www.ossim.com >> www.alienvault.com >> Email: jaime.blasco at alienvault.com >> >> >> ------------------------------------------------------------------------ >> >> _______________________________________________ >> Emerging-sigs mailing list >> Emerging-sigs at emergingthreats.net >> http://lists.emergingthreats.net/mailman/listinfo/emerging-sigs > -- -------------------------------------------- Matthew Jonkman Emerging Threats Phone 765-429-0398 Fax 312-264-0205 http://www.emergingthreats.net -------------------------------------------- PGP: http://www.jonkmans.com/mattjonkman.asc From jaime.blasco at alienvault.com Mon Jun 8 12:27:08 2009 From: jaime.blasco at alienvault.com (Jaime Blasco) Date: Mon, 8 Jun 2009 18:27:08 +0200 Subject: [Emerging-Sigs] PPTP In-Reply-To: <4A2D3AAB.8000603@jonkmans.com> References: <53834cf20906040811h668cb664tbbcd7c1601a7bf30@mail.gmail.com> <53834cf20906040818h1311b1ffof3a998172687682a@mail.gmail.com> <20090604105841.4hteezu7lwkwgo8c@mail.afferentsecurity.com> <53834cf20906040902u6474e18dg5951b579ee74a97c@mail.gmail.com> <4A2D38A9.1020703@jonkmans.com> <4A2D3AAB.8000603@jonkmans.com> Message-ID: <53834cf20906080927v20098892n5dca2be2ed3be56b@mail.gmail.com> The rule doesn't contains depth:1 offset:2 Maybe depth:1; offset:12; ?? Regards 2009/6/8 Matt Jonkman > Wait, question: depth:1 offset:2 are contradictory. What's the intended > positions? > > Matt > > Matt Jonkman wrote: > > Got it posted, thanks guys, great sig! > > > > Matt > > > > Jaime Blasco wrote: > >> Yeah, Thanks > >> > >> Regards > >> > >> 2009/6/4 Jack Pepper >> > > >> > >> and SRC should be HOME_NET, DST=EXTERNAL_NET, right? > >> > >> jp > >> > >> Quoting Jaime Blasco >> >: > >> > >> > Sorry there is an error on the rule I've posted. The src port must > >> be 1723 > >> > not the dst port: > >> > > >> > alert tcp $EXTERNAL_NET 1723 -> $HOME_NET any (msg:"ET POLICY PPTP > >> Requester > >> > is not authorized to establish a command channel"; > >> > flow:to_server,established,no_stream; content:"|00 01|"; depth:2; > >> offset:2; > >> > content:"|00 02|"; depth:2; offset:8; content:"|04|; depth:1; > >> offset:12; > >> > classtype:attempted-admin; > >> reference:url,tools.ietf.org/html/rfc2637 > >> ; sid:; > >> > rev:1;) > >> > > >> > > >> > > >> > 2009/6/4 Jaime Blasco >> > > >> > > >> >> Hi all, > >> >> > >> >> I was looking for some rules to detect PPTP not authorized > responses. > >> >> > >> >> On snort we only have a rule to detect Start Control Requests > >> sid:2126 > >> >> > >> >> As described on the rfc: http://tools.ietf.org/html/rfc2637 this > rule > >> >> might work to detect attempts to connect to pptp denied by the > >> server. > >> >> > >> >> alert tcp $EXTERNAL_NET any -> $HOME_NET 1723 (msg:"ET POLICY > PPTP > >> >> Requester is not authorized to establish a command channel"; > >> >> flow:to_server,established,no_stream; content:"|00 01|"; depth:2; > >> offset:2; > >> >> content:"|00 02|"; depth:2; offset:8; content:"|04|; depth:1; > >> offset:12; > >> >> classtype:attempted-admin; > >> reference:url,tools.ietf.org/html/rfc2637 > >> ; > >> >> sid:; rev:1;) > >> >> > >> >> > >> >> -- > >> >> _______________________________ > >> >> > >> >> Jaime Blasco > >> >> > >> >> www.ossim.com > >> >> www.alienvault.com > >> >> Email: jaime.blasco at alienvault.com > >> > >> >> > >> >> > >> > > >> > > >> > -- > >> > _______________________________ > >> > > >> > Jaime Blasco > >> > > >> > www.ossim.com > >> > www.alienvault.com > >> > Email: jaime.blasco at alienvault.com > >> > >> > > >> > >> -- > >> > >> Framework? I don't need no stinking framework! > >> > >> ---------------------------------------------------------------- > >> @fferent Security Labs: Isolate/Insulate/Innovate > >> http://www.afferentsecurity.com > >> > >> _______________________________________________ > >> Emerging-sigs mailing list > >> Emerging-sigs at emergingthreats.net > >> > >> http://lists.emergingthreats.net/mailman/listinfo/emerging-sigs > >> > >> > >> > >> > >> -- > >> _______________________________ > >> > >> Jaime Blasco > >> > >> www.ossim.com > >> www.alienvault.com > >> Email: jaime.blasco at alienvault.com > >> > >> > >> ------------------------------------------------------------------------ > >> > >> _______________________________________________ > >> Emerging-sigs mailing list > >> Emerging-sigs at emergingthreats.net > >> http://lists.emergingthreats.net/mailman/listinfo/emerging-sigs > > > > -- > -------------------------------------------- > Matthew Jonkman > Emerging Threats > Phone 765-429-0398 > Fax 312-264-0205 > http://www.emergingthreats.net > -------------------------------------------- > > PGP: http://www.jonkmans.com/mattjonkman.asc > > > -- _______________________________ Jaime Blasco www.ossim.com www.alienvault.com Email: jaime.blasco at alienvault.com -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.emergingthreats.net/pipermail/emerging-sigs/attachments/20090608/e8bc6fd9/attachment.html From frank at knobbe.us Mon Jun 8 15:35:48 2009 From: frank at knobbe.us (Frank Knobbe) Date: Mon, 08 Jun 2009 14:35:48 -0500 Subject: [Emerging-Sigs] PPTP In-Reply-To: <53834cf20906080927v20098892n5dca2be2ed3be56b@mail.gmail.com> References: <53834cf20906040811h668cb664tbbcd7c1601a7bf30@mail.gmail.com> <53834cf20906040818h1311b1ffof3a998172687682a@mail.gmail.com> <20090604105841.4hteezu7lwkwgo8c@mail.afferentsecurity.com> <53834cf20906040902u6474e18dg5951b579ee74a97c@mail.gmail.com> <4A2D38A9.1020703@jonkmans.com> <4A2D3AAB.8000603@jonkmans.com> <53834cf20906080927v20098892n5dca2be2ed3be56b@mail.gmail.com> Message-ID: <1244489748.1754.22.camel@localhost> On Mon, 2009-06-08 at 18:27 +0200, Jaime Blasco wrote: > The rule doesn't contains depth:1 offset:2 > Maybe depth:1; offset:12; ?? That's still wrong. Have you actually verified that these rules work? :) As far as I recall, depth always has to be greater than offset. IT's good practice to write offset first and then depth which helps you visualize the search space that you are limiting. 123456789 Match offset:2; depth:7; Cheers, Frank -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 188 bytes Desc: This is a digitally signed message part Url : http://lists.emergingthreats.net/pipermail/emerging-sigs/attachments/20090608/eeec6a2b/attachment-0001.bin From emerging at emergingthreats.net Mon Jun 8 16:00:11 2009 From: emerging at emergingthreats.net (emerging@emergingthreats.net) Date: Mon, 8 Jun 2009 16:00:11 -0400 (EDT) Subject: [Emerging-Sigs] Emerging Threats Daily Signature Changes Message-ID: <20090608200011.DC4674504A@goliath.jonkmans.com> [***] Results from Oinkmaster started Mon Jun 8 16:00:11 2009 [***] [+++] Added rules: [+++] 2009377 - ET WEB_SPECIFIC Acute Control Panel container.php theme_directory parameter local file inclusion (emerging-web_sql_injection.rules) 2009378 - ET WEB_SPECIFIC Acute Control Panel container.php theme_directory parameter remote file inclusion (emerging-web_sql_injection.rules) 2009379 - ET WEB_SPECIFIC Acute Control Panel header.php theme_directory parameter remote file inclusion (emerging-web_sql_injection.rules) 2009380 - ET WEB_SPECIFIC Acute Control Panel header.php theme_directory parameter local file inclusion (emerging-web_sql_injection.rules) 2009381 - ET WEB_SPECIFIC Interact embedforum.php Remote File Inclusion (emerging-web_sql_injection.rules) 2009382 - ET WEB_SPECIFIC Agares Media ThemeSiteScript frontpage_right.php Remote File Inclusion (emerging-web_sql_injection.rules) 2009383 - ET WEB_SPECIFIC Joomla Dada Mail Manager Component config.dadamail.php GLOBALS Parameter Local File Inclusion (emerging-web_sql_injection.rules) 2009384 - ET WEB_SPECIFIC Joomla Dada Mail Manager Component config.dadamail.php GLOBALS Parameter Remote File Inclusion (emerging-web_sql_injection.rules) 2009385 - ET WEB Symantec WinFax Pro DCCFAXVW.DLL Heap Buffer Overflow (emerging-web.rules) 2009386 - ET WEB_SPECIFIC Interact lib.inc.php Remote File Inclusion (emerging-web_sql_injection.rules) 2009387 - ET POLICY PPTP Requester is not authorized to establish a command channel (emerging-policy.rules) [///] Modified active rules: [///] 2007625 - ET TROJAN Pitbull IRCbotnet Commands (emerging-virus.rules) 2008625 - ET P2P Pando Client User-Agent Detected (Mozilla/4.0 (Windows\; U) Pando/1.xx) (emerging-p2p.rules) [+++] Added non-rule lines: [+++] -> Added to emerging-policy.rules (1): #Needs tweaking -> Added to emerging-sid-msg.map (13): 2009377 || ET WEB_SPECIFIC Acute Control Panel container.php theme_directory parameter local file inclusion || url,milw0rm.com/exploits/8291 || bugtraq,34265 || url,secunia.com/advisories/34485/ 2009378 || ET WEB_SPECIFIC Acute Control Panel container.php theme_directory parameter remote file inclusion || url,milw0rm.com/exploits/8291 || bugtraq,34265 || url,secunia.com/advisories/34485/ 2009379 || ET WEB_SPECIFIC Acute Control Panel header.php theme_directory parameter remote file inclusion || url,milw0rm.com/exploits/8291 || bugtraq,34265 || url,secunia.com/advisories/34485/ 2009380 || ET WEB_SPECIFIC Acute Control Panel header.php theme_directory parameter local file inclusion || url,milw0rm.com/exploits/8291 || bugtraq,34265 || url,secunia.com/advisories/34485/ 2009381 || ET WEB_SPECIFIC Interact embedforum.php Remote File Inclusion || bugtraq,28996 || url,milw0rm.com/exploits/5526 2009382 || ET WEB_SPECIFIC Agares Media ThemeSiteScript frontpage_right.php Remote File Inclusion || url,vupen.com/english/advisories/2008/2959 || url,milw0rm.com/exploits/6859 || bugtraq,31959 2009383 || ET WEB_SPECIFIC Joomla Dada Mail Manager Component config.dadamail.php GLOBALS Parameter Local File Inclusion || url,milw0rm.com/exploits/7002 || bugtraq,32135 || url,secunia.com/advisories/32551 2009384 || ET WEB_SPECIFIC Joomla Dada Mail Manager Component config.dadamail.php GLOBALS Parameter Remote File Inclusion || url,milw0rm.com/exploits/7002 || bugtraq,32135 || url,secunia.com/advisories/32551 2009385 || ET WEB Symantec WinFax Pro DCCFAXVW.DLL Heap Buffer Overflow || url,milw0rm.com/exploits/8562 || bugtraq,34766 2009386 || ET WEB_SPECIFIC Interact lib.inc.php Remote File Inclusion || bugtraq,28996 || url,milw0rm.com/exploits/5526 2009387 || ET POLICY PPTP Requester is not authorized to establish a command channel || url,tools.ietf.org/html/rfc2637 2404024 || ET DROP Known Bot C&C Server Traffic (group 25) || url,www.shadowserver.org 2405024 || ET DROP Known Bot C&C Traffic (group 25) - BLOCKING SOURCE || url,www.shadowserver.org -> Added to emerging-sid-msg.map.txt (13): 2009377 || ET WEB_SPECIFIC Acute Control Panel container.php theme_directory parameter local file inclusion || url,milw0rm.com/exploits/8291 || bugtraq,34265 || url,secunia.com/advisories/34485/ 2009378 || ET WEB_SPECIFIC Acute Control Panel container.php theme_directory parameter remote file inclusion || url,milw0rm.com/exploits/8291 || bugtraq,34265 || url,secunia.com/advisories/34485/ 2009379 || ET WEB_SPECIFIC Acute Control Panel header.php theme_directory parameter remote file inclusion || url,milw0rm.com/exploits/8291 || bugtraq,34265 || url,secunia.com/advisories/34485/ 2009380 || ET WEB_SPECIFIC Acute Control Panel header.php theme_directory parameter local file inclusion || url,milw0rm.com/exploits/8291 || bugtraq,34265 || url,secunia.com/advisories/34485/ 2009381 || ET WEB_SPECIFIC Interact embedforum.php Remote File Inclusion || bugtraq,28996 || url,milw0rm.com/exploits/5526 2009382 || ET WEB_SPECIFIC Agares Media ThemeSiteScript frontpage_right.php Remote File Inclusion || url,vupen.com/english/advisories/2008/2959 || url,milw0rm.com/exploits/6859 || bugtraq,31959 2009383 || ET WEB_SPECIFIC Joomla Dada Mail Manager Component config.dadamail.php GLOBALS Parameter Local File Inclusion || url,milw0rm.com/exploits/7002 || bugtraq,32135 || url,secunia.com/advisories/32551 2009384 || ET WEB_SPECIFIC Joomla Dada Mail Manager Component config.dadamail.php GLOBALS Parameter Remote File Inclusion || url,milw0rm.com/exploits/7002 || bugtraq,32135 || url,secunia.com/advisories/32551 2009385 || ET WEB Symantec WinFax Pro DCCFAXVW.DLL Heap Buffer Overflow || url,milw0rm.com/exploits/8562 || bugtraq,34766 2009386 || ET WEB_SPECIFIC Interact lib.inc.php Remote File Inclusion || bugtraq,28996 || url,milw0rm.com/exploits/5526 2009387 || ET POLICY PPTP Requester is not authorized to establish a command channel || url,tools.ietf.org/html/rfc2637 2404024 || ET DROP Known Bot C&C Server Traffic (group 25) || url,www.shadowserver.org 2405024 || ET DROP Known Bot C&C Traffic (group 25) - BLOCKING SOURCE || url,www.shadowserver.org [---] Removed non-rule lines: [---] -> Removed from emerging-sid-msg.map (4): 2500272 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (137) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500273 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (137) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510272 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (137) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510273 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (137) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts -> Removed from emerging-sid-msg.map.txt (4): 2500272 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (137) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500273 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (137) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510272 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (137) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510273 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (137) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts From jonkman at jonkmans.com Tue Jun 9 15:49:25 2009 From: jonkman at jonkmans.com (Matt Jonkman) Date: Tue, 09 Jun 2009 15:49:25 -0400 Subject: [Emerging-Sigs] BManager communication In-Reply-To: <839aec700906041223n4abf5681q94f4e8a26db5f9ba@mail.gmail.com> References: <839aec700905130903j772857fcwdcf65406f5c881ef@mail.gmail.com> <839aec700905191828n24bf7b28i15c275caeacc2f30@mail.gmail.com> <4A142EDA.9050505@jonkmans.com> <839aec700906041223n4abf5681q94f4e8a26db5f9ba@mail.gmail.com> Message-ID: <4A2EBCC5.9070402@jonkmans.com> Sorry for the slow post. It's up there and looks good. We should watch this, of those anchor strings happen in legit traffic we could add some load with the pcre, but I think it's unlikely. Thanks Darren! Matt Darren Spruell wrote: > I also put together this signature to detect the response payload > coming back from the controller with a package of binaries for the > victim: > > alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET TROJAN > Bredolab Downloader Response Binaries from Controller"; > flow:established,from_server; content:"|0d 0a|Entity-Info|3a|"; > nocase; content:"|0d 0a|Magic-Number|3a|"; nocase; > pcre:"/\x0d\x0aEntity-Info\x3a\s+\d+\x3a\d+/"; > pcre:"/\x0d\x0aMagic-Number\x3a\s+\d+\|\d+/"; > classtype:trojan-activity; > reference:url,www.microsoft.com/security/portal/Entry.aspx?Name=TrojanDownloader\:Win32/Bredolab.B; > sid:XXXXXXX; rev:1; ) > > As the content checks themselves are pretty unique the pcres might be > overkill. I also don't know if this might FP on nonevents like reading > about the trojan response on a web page (headers are anchored to > CRLFs, could maybe consider a flowbit check if set on the original > outbound request or something.) > > DS > > On Wed, May 20, 2009 at 9:24 AM, Matt Jonkman wrote: >> Posting now, thanks Darren! Great research. >> >> Matt >> >> Darren Spruell wrote: >>> On Wed, May 13, 2009 at 9:03 AM, Darren Spruell wrote: >>>> Looks to be a downloader communicating with backend management kit, >>>> characteristic URLs: >>>> >>>> hXXp://websitecheck.cn/nr/controller.php?action=bot&entity_list=&uid=&first=1&guid=5421361321&rnd=874493 >>>> hXXp://turokgame.cn/bm/controller.php?action=bot&entity_list=&uid=1&first=1&guid=3858361321&rnd=923635 >>>> hXXp://78.109.29.112/new/controller.php?action=bot&entity_list=&uid=1&first=1&guid=3970894049&rnd=981633 >>>> >>>> Related (later stage) >>>> >>>> hXXp://78.109.29.112/new/controller.php?action=report&guid=0&rnd=981633&uid=1&entity=1239013921:unique_start;1239013932:unique_start;1239013964:unique_start;1239022982:unique_start;1239024633:unique_start;1239875139:unique_start >>>> >>>> http://www.threatexpert.com/report.aspx?md5=ffe09f9b2470575727ea72bcb3ebce0a >>>> >>>> Microsoft calls it Bredolab, others some variant of Downloader. >>> The Bredolab naming seems to be taking it; BManager is apparently only >>> the backend controller. MMPC reports Bredolab as responsible for >>> dropping a number of other prevalent threats on victim hosts: >>> >>> "Bredolab is notorious for installing prevalent spam bots such as >>> Rustock, Cutwail, Srizbi, Tedroo and Rlsloup." >>> >>> http://blogs.technet.com/mmpc/archive/2009/04/14/wheres-waledac.aspx >>> >>> Updated rules: >>> >>> alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET TROJAN >>> Bredolab Downloader Communicating With Controller (1)"; >>> flow:established,to_server; uricontent:"action="; nocase; >>> uricontent:"&entity_list="; nocase; uricontent:"&uid="; nocase; >>> uricontent:"&first="; uricontent:"&guid="; nocase; uricontent:"&rnd="; >>> nocase; classtype:trojan-activity; >>> reference:url,www.microsoft.com/security/portal/Entry.aspx?Name=TrojanDownloader:Win32/Bredolab.B; >>> sid:XXXXXXX; rev:2;) >>> >>> alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET TROJAN >>> Bredolab Downloader Communicating With Controller (2)"; >>> flow:established,to_server; uricontent:"action="; nocase; >>> uricontent:"&guid="; nocase; uricontent:"&rnd="; nocase; >>> uricontent:"&uid="; nocase; uricontent:"&entity="; nocase; >>> classtype:trojan-activity; >>> reference:url,www.microsoft.com/security/portal/Entry.aspx?Name=TrojanDownloader:Win32/Bredolab.B; >>> sid:XXXXXXX; rev:2;) >>> >> -- >> -------------------------------------------- >> Matthew Jonkman >> Emerging Threats >> Phone 765-429-0398 >> Fax 312-264-0205 >> http://www.emergingthreats.net >> -------------------------------------------- >> >> PGP: http://www.jonkmans.com/mattjonkman.asc >> >> >> > > > -- -------------------------------------------- Matthew Jonkman Emerging Threats Phone 765-429-0398 Fax 312-264-0205 http://www.emergingthreats.net -------------------------------------------- PGP: http://www.jonkmans.com/mattjonkman.asc From emerging at emergingthreats.net Tue Jun 9 16:00:12 2009 From: emerging at emergingthreats.net (emerging@emergingthreats.net) Date: Tue, 9 Jun 2009 16:00:12 -0400 (EDT) Subject: [Emerging-Sigs] Emerging Threats Daily Signature Changes Message-ID: <20090609200012.8891C4504C@goliath.jonkmans.com> [***] Results from Oinkmaster started Tue Jun 9 16:00:12 2009 [***] [///] Modified active rules: [///] 2009360 - ET MALWARE Gumblar/Bredolab Check In (emerging-virus.rules) 2009375 - ET POLICY General MSN Chat Activity (emerging-policy.rules) 2009376 - ET POLICY MSN User-Agent Activity (emerging-policy.rules) 2009377 - ET WEB_SPECIFIC Acute Control Panel container.php theme_directory parameter local file inclusion (emerging-web_sql_injection.rules) 2009378 - ET WEB_SPECIFIC Acute Control Panel container.php theme_directory parameter remote file inclusion (emerging-web_sql_injection.rules) 2009379 - ET WEB_SPECIFIC Acute Control Panel header.php theme_directory parameter remote file inclusion (emerging-web_sql_injection.rules) 2009380 - ET WEB_SPECIFIC Acute Control Panel header.php theme_directory parameter local file inclusion (emerging-web_sql_injection.rules) 2009381 - ET WEB_SPECIFIC Interact embedforum.php Remote File Inclusion (emerging-web_sql_injection.rules) 2009382 - ET WEB_SPECIFIC Agares Media ThemeSiteScript frontpage_right.php Remote File Inclusion (emerging-web_sql_injection.rules) 2009383 - ET WEB_SPECIFIC Joomla Dada Mail Manager Component config.dadamail.php GLOBALS Parameter Local File Inclusion (emerging-web_sql_injection.rules) 2009384 - ET WEB_SPECIFIC Joomla Dada Mail Manager Component config.dadamail.php GLOBALS Parameter Remote File Inclusion (emerging-web_sql_injection.rules) 2009385 - ET WEB Symantec WinFax Pro DCCFAXVW.DLL Heap Buffer Overflow (emerging-web.rules) 2009386 - ET WEB_SPECIFIC Interact lib.inc.php Remote File Inclusion (emerging-web_sql_injection.rules) [///] Modified inactive rules: [///] 2009387 - ET POLICY PPTP Requester is not authorized to establish a command channel (emerging-policy.rules) [+++] Added non-rule lines: [+++] -> Added to emerging-sid-msg.map (29): 2009375 || ET POLICY General MSN Chat Activity || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/POLICY/POLICY_IM_MSN || url,doc.emergingthreats.net/2009375 || url,www.hypothetic.org/docs/msn/general/http_examples.php 2009376 || ET POLICY MSN User-Agent Activity || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/POLICY/POLICY_IM_MSN || url,doc.emergingthreats.net/2009376 || url,www.hypothetic.org/docs/msn/general/http_examples.php 2009377 || ET WEB_SPECIFIC Acute Control Panel container.php theme_directory parameter local file inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_Acute || url,doc.emergingthreats.net/2009377 || url,milw0rm.com/exploits/8291 || bugtraq,34265 || url,secunia.com/advisories/34485/ 2009378 || ET WEB_SPECIFIC Acute Control Panel container.php theme_directory parameter remote file inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_Acute || url,doc.emergingthreats.net/2009378 || url,milw0rm.com/exploits/8291 || bugtraq,34265 || url,secunia.com/advisories/34485/ 2009379 || ET WEB_SPECIFIC Acute Control Panel header.php theme_directory parameter remote file inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_Acute || url,doc.emergingthreats.net/2009379 || url,milw0rm.com/exploits/8291 || bugtraq,34265 || url,secunia.com/advisories/34485/ 2009380 || ET WEB_SPECIFIC Acute Control Panel header.php theme_directory parameter local file inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_Acute || url,doc.emergingthreats.net/2009380 || url,milw0rm.com/exploits/8291 || bugtraq,34265 || url,secunia.com/advisories/34485/ 2009381 || ET WEB_SPECIFIC Interact embedforum.php Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_Interact || url,doc.emergingthreats.net/2009381 || bugtraq,28996 || url,milw0rm.com/exploits/5526 2009382 || ET WEB_SPECIFIC Agares Media ThemeSiteScript frontpage_right.php Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_Agares || url,doc.emergingthreats.net/2009382 || url,vupen.com/english/advisories/2008/2959 || url,milw0rm.com/exploits/6859 || bugtraq,31959 2009383 || ET WEB_SPECIFIC Joomla Dada Mail Manager Component config.dadamail.php GLOBALS Parameter Local File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_Joomla_Dada || url,doc.emergingthreats.net/2009383 || url,milw0rm.com/exploits/7002 || bugtraq,32135 || url,secunia.com/advisories/32551 2009384 || ET WEB_SPECIFIC Joomla Dada Mail Manager Component config.dadamail.php GLOBALS Parameter Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_Joomla_Dada || url,doc.emergingthreats.net/2009384 || url,milw0rm.com/exploits/7002 || bugtraq,32135 || url,secunia.com/advisories/32551 2009385 || ET WEB Symantec WinFax Pro DCCFAXVW.DLL Heap Buffer Overflow || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_Symantec || url,doc.emergingthreats.net/2009385 || url,milw0rm.com/exploits/8562 || bugtraq,34766 2009386 || ET WEB_SPECIFIC Interact lib.inc.php Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_Interact || url,doc.emergingthreats.net/2009386 || bugtraq,28996 || url,milw0rm.com/exploits/5526 2009387 || ET POLICY PPTP Requester is not authorized to establish a command channel || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/POLICY/POLICY_PPTP || url,doc.emergingthreats.net/2009387 || url,tools.ietf.org/html/rfc2637 2500272 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (137) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500273 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (137) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500274 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (138) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500275 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (138) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500276 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (139) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500277 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (139) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500278 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (140) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500279 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (140) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510272 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (137) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510273 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (137) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510274 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (138) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510275 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (138) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510276 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (139) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510277 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (139) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510278 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (140) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510279 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (140) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts -> Added to emerging-sid-msg.map.txt (29): 2009375 || ET POLICY General MSN Chat Activity || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/POLICY/POLICY_IM_MSN || url,doc.emergingthreats.net/2009375 || url,www.hypothetic.org/docs/msn/general/http_examples.php 2009376 || ET POLICY MSN User-Agent Activity || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/POLICY/POLICY_IM_MSN || url,doc.emergingthreats.net/2009376 || url,www.hypothetic.org/docs/msn/general/http_examples.php 2009377 || ET WEB_SPECIFIC Acute Control Panel container.php theme_directory parameter local file inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_Acute || url,doc.emergingthreats.net/2009377 || url,milw0rm.com/exploits/8291 || bugtraq,34265 || url,secunia.com/advisories/34485/ 2009378 || ET WEB_SPECIFIC Acute Control Panel container.php theme_directory parameter remote file inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_Acute || url,doc.emergingthreats.net/2009378 || url,milw0rm.com/exploits/8291 || bugtraq,34265 || url,secunia.com/advisories/34485/ 2009379 || ET WEB_SPECIFIC Acute Control Panel header.php theme_directory parameter remote file inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_Acute || url,doc.emergingthreats.net/2009379 || url,milw0rm.com/exploits/8291 || bugtraq,34265 || url,secunia.com/advisories/34485/ 2009380 || ET WEB_SPECIFIC Acute Control Panel header.php theme_directory parameter local file inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_Acute || url,doc.emergingthreats.net/2009380 || url,milw0rm.com/exploits/8291 || bugtraq,34265 || url,secunia.com/advisories/34485/ 2009381 || ET WEB_SPECIFIC Interact embedforum.php Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_Interact || url,doc.emergingthreats.net/2009381 || bugtraq,28996 || url,milw0rm.com/exploits/5526 2009382 || ET WEB_SPECIFIC Agares Media ThemeSiteScript frontpage_right.php Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_Agares || url,doc.emergingthreats.net/2009382 || url,vupen.com/english/advisories/2008/2959 || url,milw0rm.com/exploits/6859 || bugtraq,31959 2009383 || ET WEB_SPECIFIC Joomla Dada Mail Manager Component config.dadamail.php GLOBALS Parameter Local File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_Joomla_Dada || url,doc.emergingthreats.net/2009383 || url,milw0rm.com/exploits/7002 || bugtraq,32135 || url,secunia.com/advisories/32551 2009384 || ET WEB_SPECIFIC Joomla Dada Mail Manager Component config.dadamail.php GLOBALS Parameter Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_Joomla_Dada || url,doc.emergingthreats.net/2009384 || url,milw0rm.com/exploits/7002 || bugtraq,32135 || url,secunia.com/advisories/32551 2009385 || ET WEB Symantec WinFax Pro DCCFAXVW.DLL Heap Buffer Overflow || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_Symantec || url,doc.emergingthreats.net/2009385 || url,milw0rm.com/exploits/8562 || bugtraq,34766 2009386 || ET WEB_SPECIFIC Interact lib.inc.php Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_Interact || url,doc.emergingthreats.net/2009386 || bugtraq,28996 || url,milw0rm.com/exploits/5526 2009387 || ET POLICY PPTP Requester is not authorized to establish a command channel || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/POLICY/POLICY_PPTP || url,doc.emergingthreats.net/2009387 || url,tools.ietf.org/html/rfc2637 2500272 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (137) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500273 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (137) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500274 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (138) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500275 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (138) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500276 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (139) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500277 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (139) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500278 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (140) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500279 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (140) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510272 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (137) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510273 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (137) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510274 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (138) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510275 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (138) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510276 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (139) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510277 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (139) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510278 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (140) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510279 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (140) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts [---] Removed non-rule lines: [---] -> Removed from emerging-sid-msg.map (13): 2009375 || ET POLICY General MSN Chat Activity || url,www.hypothetic.org/docs/msn/general/http_examples.php 2009376 || ET POLICY MSN User-Agent Activity || url,www.hypothetic.org/docs/msn/general/http_examples.php 2009377 || ET WEB_SPECIFIC Acute Control Panel container.php theme_directory parameter local file inclusion || url,milw0rm.com/exploits/8291 || bugtraq,34265 || url,secunia.com/advisories/34485/ 2009378 || ET WEB_SPECIFIC Acute Control Panel container.php theme_directory parameter remote file inclusion || url,milw0rm.com/exploits/8291 || bugtraq,34265 || url,secunia.com/advisories/34485/ 2009379 || ET WEB_SPECIFIC Acute Control Panel header.php theme_directory parameter remote file inclusion || url,milw0rm.com/exploits/8291 || bugtraq,34265 || url,secunia.com/advisories/34485/ 2009380 || ET WEB_SPECIFIC Acute Control Panel header.php theme_directory parameter local file inclusion || url,milw0rm.com/exploits/8291 || bugtraq,34265 || url,secunia.com/advisories/34485/ 2009381 || ET WEB_SPECIFIC Interact embedforum.php Remote File Inclusion || bugtraq,28996 || url,milw0rm.com/exploits/5526 2009382 || ET WEB_SPECIFIC Agares Media ThemeSiteScript frontpage_right.php Remote File Inclusion || url,vupen.com/english/advisories/2008/2959 || url,milw0rm.com/exploits/6859 || bugtraq,31959 2009383 || ET WEB_SPECIFIC Joomla Dada Mail Manager Component config.dadamail.php GLOBALS Parameter Local File Inclusion || url,milw0rm.com/exploits/7002 || bugtraq,32135 || url,secunia.com/advisories/32551 2009384 || ET WEB_SPECIFIC Joomla Dada Mail Manager Component config.dadamail.php GLOBALS Parameter Remote File Inclusion || url,milw0rm.com/exploits/7002 || bugtraq,32135 || url,secunia.com/advisories/32551 2009385 || ET WEB Symantec WinFax Pro DCCFAXVW.DLL Heap Buffer Overflow || url,milw0rm.com/exploits/8562 || bugtraq,34766 2009386 || ET WEB_SPECIFIC Interact lib.inc.php Remote File Inclusion || bugtraq,28996 || url,milw0rm.com/exploits/5526 2009387 || ET POLICY PPTP Requester is not authorized to establish a command channel || url,tools.ietf.org/html/rfc2637 -> Removed from emerging-sid-msg.map.txt (13): 2009375 || ET POLICY General MSN Chat Activity || url,www.hypothetic.org/docs/msn/general/http_examples.php 2009376 || ET POLICY MSN User-Agent Activity || url,www.hypothetic.org/docs/msn/general/http_examples.php 2009377 || ET WEB_SPECIFIC Acute Control Panel container.php theme_directory parameter local file inclusion || url,milw0rm.com/exploits/8291 || bugtraq,34265 || url,secunia.com/advisories/34485/ 2009378 || ET WEB_SPECIFIC Acute Control Panel container.php theme_directory parameter remote file inclusion || url,milw0rm.com/exploits/8291 || bugtraq,34265 || url,secunia.com/advisories/34485/ 2009379 || ET WEB_SPECIFIC Acute Control Panel header.php theme_directory parameter remote file inclusion || url,milw0rm.com/exploits/8291 || bugtraq,34265 || url,secunia.com/advisories/34485/ 2009380 || ET WEB_SPECIFIC Acute Control Panel header.php theme_directory parameter local file inclusion || url,milw0rm.com/exploits/8291 || bugtraq,34265 || url,secunia.com/advisories/34485/ 2009381 || ET WEB_SPECIFIC Interact embedforum.php Remote File Inclusion || bugtraq,28996 || url,milw0rm.com/exploits/5526 2009382 || ET WEB_SPECIFIC Agares Media ThemeSiteScript frontpage_right.php Remote File Inclusion || url,vupen.com/english/advisories/2008/2959 || url,milw0rm.com/exploits/6859 || bugtraq,31959 2009383 || ET WEB_SPECIFIC Joomla Dada Mail Manager Component config.dadamail.php GLOBALS Parameter Local File Inclusion || url,milw0rm.com/exploits/7002 || bugtraq,32135 || url,secunia.com/advisories/32551 2009384 || ET WEB_SPECIFIC Joomla Dada Mail Manager Component config.dadamail.php GLOBALS Parameter Remote File Inclusion || url,milw0rm.com/exploits/7002 || bugtraq,32135 || url,secunia.com/advisories/32551 2009385 || ET WEB Symantec WinFax Pro DCCFAXVW.DLL Heap Buffer Overflow || url,milw0rm.com/exploits/8562 || bugtraq,34766 2009386 || ET WEB_SPECIFIC Interact lib.inc.php Remote File Inclusion || bugtraq,28996 || url,milw0rm.com/exploits/5526 2009387 || ET POLICY PPTP Requester is not authorized to establish a command channel || url,tools.ietf.org/html/rfc2637 From jaime.blasco at alienvault.com Wed Jun 10 05:11:32 2009 From: jaime.blasco at alienvault.com (Jaime Blasco) Date: Wed, 10 Jun 2009 11:11:32 +0200 Subject: [Emerging-Sigs] rules to cover Microsoft Tuesday 969898 Advisory Message-ID: <53834cf20906100211h655772f4m44b5ec143e6283b5@mail.gmail.com> Hi all, Here is some rules to cover Microsoft Tuesday 969898 Advisory: alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB_ACTIVEX Microsoft Communications Control Clsid Access"; flow:from_server,established; content:"648A5600-2C6E-101B-82B6-000000000014"; nocase; pcre:"/]*classid\s*=\s*[\x22\x27]?\s*clsid\s*\x3a\s*\x7B?\s*648A5600-2C6E-101B-82B6-000000000014/si"; classtype:attempted-user; reference:url, www.microsoft.com/technet/security/advisory/969898.mspx; sid:; rev:1;) alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB_ACTIVEX Microgaming FlashXControl Control Clsid Access"; flow:from_server,established; content:"D8089245-3211-40F6-819B-9E5E92CD61A2"; nocase; pcre:"/]*classid\s*=\s*[\x22\x27]?\s*clsid\s*\x3a\s*\x7B?\s*D8089245-3211-40F6-819B-9E5E92CD61A2/si"; classtype:attempted-user; reference:url, www.microsoft.com/technet/security/advisory/969898.mspx; reference:url, www.microgaming.co.uk/news_flashxcontrol.php; sid:; rev:1;) alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB_ACTIVEX eBay Enhanced Picture Services Control Clsid Access (1)"; flow:from_server,established; content:"4C39376E-FA9D-4349-BACC-D305C1750EF3"; nocase; pcre:"/]*classid\s*=\s*[\x22\x27]?\s*clsid\s*\x3a\s*\x7B?\s*4C39376E-FA9D-4349-BACC-D305C1750EF3/si"; classtype:attempted-user; reference:url, www.microsoft.com/technet/security/advisory/969898.mspx; reference:url, pages.ebay.com/securitycenter/activex/index.html; sid:; rev:1;) alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB_ACTIVEX eBay Enhanced Picture Services Control Clsid Access (2)"; flow:from_server,established; content:"C3EB1670-84E0-4EDA-B570-0B51AAE81679"; nocase; pcre:"/]*classid\s*=\s*[\x22\x27]?\s*clsid\s*\x3a\s*\x7B?\s*C3EB1670-84E0-4EDA-B570-0B51AAE81679/si"; classtype:attempted-user; reference:url, www.microsoft.com/technet/security/advisory/969898.mspx; reference:url, pages.ebay.com/securitycenter/activex/index.html; sid:; rev:1;) alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB_ACTIVEX HP Virtual Rooms Control Clsid Access"; flow:from_server,established; content:"00000032-9593-4264-8B29-930B3E4EDCCD"; nocase; pcre:"/]*classid\s*=\s*[\x22\x27]?\s*clsid\s*\x3a\s*\x7B?\s*00000032-9593-4264-8B29-930B3E4EDCCD/si"; classtype:attempted-user; reference:url, www.microsoft.com/technet/security/advisory/969898.mspx; reference:url, h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01678405; sid:; rev:1;) Regards -- _______________________________ Jaime Blasco www.ossim.com www.alienvault.com Email: jaime.blasco at alienvault.com -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.emergingthreats.net/pipermail/emerging-sigs/attachments/20090610/b91c4815/attachment-0001.html From jonkman at jonkmans.com Wed Jun 10 08:23:33 2009 From: jonkman at jonkmans.com (Matt Jonkman) Date: Wed, 10 Jun 2009 08:23:33 -0400 Subject: [Emerging-Sigs] rules to cover Microsoft Tuesday 969898 Advisory In-Reply-To: <53834cf20906100211h655772f4m44b5ec143e6283b5@mail.gmail.com> References: <53834cf20906100211h655772f4m44b5ec143e6283b5@mail.gmail.com> Message-ID: <4A2FA5C5.9040000@jonkmans.com> Got it, posting. Thanks Jaime!! Matt Jaime Blasco wrote: > Hi all, > > Here is some rules to cover Microsoft Tuesday 969898 Advisory: > > alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET > WEB_ACTIVEX Microsoft Communications Control Clsid Access"; > flow:from_server,established; > content:"648A5600-2C6E-101B-82B6-000000000014"; nocase; > pcre:"/]*classid\s*=\s*[\x22\x27]?\s*clsid\s*\x3a\s*\x7B?\s*648A5600-2C6E-101B-82B6-000000000014/si"; > classtype:attempted-user; > reference:url,www.microsoft.com/technet/security/advisory/969898.mspx > ; sid:; > rev:1;) > > alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET > WEB_ACTIVEX Microgaming FlashXControl Control Clsid Access"; > flow:from_server,established; > content:"D8089245-3211-40F6-819B-9E5E92CD61A2"; nocase; > pcre:"/]*classid\s*=\s*[\x22\x27]?\s*clsid\s*\x3a\s*\x7B?\s*D8089245-3211-40F6-819B-9E5E92CD61A2/si"; > classtype:attempted-user; > reference:url,www.microsoft.com/technet/security/advisory/969898.mspx > ; > reference:url,www.microgaming.co.uk/news_flashxcontrol.php > ; sid:; rev:1;) > > alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET > WEB_ACTIVEX eBay Enhanced Picture Services Control Clsid Access (1)"; > flow:from_server,established; > content:"4C39376E-FA9D-4349-BACC-D305C1750EF3"; nocase; > pcre:"/]*classid\s*=\s*[\x22\x27]?\s*clsid\s*\x3a\s*\x7B?\s*4C39376E-FA9D-4349-BACC-D305C1750EF3/si"; > classtype:attempted-user; > reference:url,www.microsoft.com/technet/security/advisory/969898.mspx > ; > reference:url,pages.ebay.com/securitycenter/activex/index.html > ; sid:; rev:1;) > > alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET > WEB_ACTIVEX eBay Enhanced Picture Services Control Clsid Access (2)"; > flow:from_server,established; > content:"C3EB1670-84E0-4EDA-B570-0B51AAE81679"; nocase; > pcre:"/]*classid\s*=\s*[\x22\x27]?\s*clsid\s*\x3a\s*\x7B?\s*C3EB1670-84E0-4EDA-B570-0B51AAE81679/si"; > classtype:attempted-user; > reference:url,www.microsoft.com/technet/security/advisory/969898.mspx > ; > reference:url,pages.ebay.com/securitycenter/activex/index.html > ; sid:; rev:1;) > > alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET > WEB_ACTIVEX HP Virtual Rooms Control Clsid Access"; > flow:from_server,established; > content:"00000032-9593-4264-8B29-930B3E4EDCCD"; nocase; > pcre:"/]*classid\s*=\s*[\x22\x27]?\s*clsid\s*\x3a\s*\x7B?\s*00000032-9593-4264-8B29-930B3E4EDCCD/si"; > classtype:attempted-user; > reference:url,www.microsoft.com/technet/security/advisory/969898.mspx > ; > reference:url,h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01678405 > ; > sid:; rev:1;) > > Regards > > -- > _______________________________ > > Jaime Blasco > > www.ossim.com > www.alienvault.com > Email: jaime.blasco at alienvault.com > > > ------------------------------------------------------------------------ > > _______________________________________________ > Emerging-sigs mailing list > Emerging-sigs at emergingthreats.net > http://lists.emergingthreats.net/mailman/listinfo/emerging-sigs -- -------------------------------------------- Matthew Jonkman Emerging Threats Phone 765-429-0398 Fax 312-264-0205 http://www.emergingthreats.net -------------------------------------------- PGP: http://www.jonkmans.com/mattjonkman.asc From greencm at gmail.com Wed Jun 10 09:37:57 2009 From: greencm at gmail.com (Chris Green) Date: Wed, 10 Jun 2009 08:37:57 -0500 Subject: [Emerging-Sigs] Personal Defender 2009 Message-ID: These rules have been useful for me with no false positives. alert tcp any any -> any 80 (msg: "TROJAN Personal Defender 2009 - prinimalka.py"; uricontent:"/prinimalka.py"; sid: 100000248; reference:url,malwarebytes.besttechie.net/2008/11/03/removal-instructions-for-personal-defender-2009/; rev: 1;) alert tcp any any -> any 80 (msg: "TROJAN Personal Defender 2009 - trash.py"; uricontent:"/trash.py"; sid: 100000249; reference:url,malwarebytes.besttechie.net/2008/11/03/removal-instructions-for-personal-defender-2009/; rev: 1;) REDACTED:4005 -> 78.109.23.2:80 TCP TTL:126 TOS:0x0 ID:58779 IpLen:20 DgmLen:819 DF ***AP*** Seq: 0xE09C666C Ack: 0x827DA94A Win: 0x40B0 TcpLen: 20 50 4F 53 54 20 2F 73 79 73 74 65 6D 2F 70 72 69 POST /system/pri 6E 69 6D 61 6C 6B 61 2E 70 79 2F 66 6F 72 6D 73 nimalka.py/forms 20 48 54 54 50 2F 31 2E 31 0D 0A 43 6F 6E 74 65 HTTP/1.1..Conte alert tcp any 80 -> $HOME_NET any (msg: "TROJAN Koobface BLACKLABEL"; content: "#BLACKLABEL|0d0a|"; sid: 10000242; reference: url,blog.threatexpert.com/2008/12/koobface-leaves-victims-black-spot.html; rev: 1;) FYI, I munged this URL below slightly so it doesn't set off spam filters 92.38.0.69:80 -> REDACTED:1149 TCP TTL:55 TOS:0x0 ID:58251 IpLen:20 DgmLen:279 DF ***AP*** Seq: 0x77D60C84 Ack: 0x7C28B0DE Win: 0x1920 TcpLen: 20 48 54 54 50 2F 31 2E 31 20 32 30 30 20 4F 4B 0D HTTP/1.1 200 OK. 0A 44 61 74 65 3A 20 54 75 65 2C 20 30 39 20 4A .Date: Tue, 09 J 75 6E 20 32 30 30 39 20 32 30 3A 33 35 3A 33 39 un 2009 20:35:39 20 47 4D 54 0D 0A 53 65 72 76 65 72 3A 20 41 70 GMT..Server: Ap 61 63 68 65 2F 31 2E 33 2E 34 31 20 28 55 6E 69 ache/1.3.41 (Uni 78 29 20 50 48 50 2F 35 2E 32 2E 39 0D 0A 58 2D x) PHP/5.2.9..X- 50 6F 77 65 72 65 64 2D 42 79 3A 20 50 48 50 2F Powered-By: PHP/ 35 2E 32 2E 39 0D 0A 43 6F 6E 6E 65 63 74 69 6F 5.2.9..Connectio 6E 3A 20 63 6C 6F 73 65 0D 0A 43 6F 6E 74 65 6E n: close..Conten 74 2D 54 79 70 65 3A 20 74 65 78 74 2F 68 74 6D t-Type: text/htm 6C 0D 0A 0D 0A 23 50 49 44 3D 38 30 30 30 0A 53 l....#PID=8000.S 54 41 52 54 4F 4E 43 45 7C 68 74 74 70 3A 2F 2F TARTONCE|http:// 65 76 69 64 65 6B 2E 72 6F 2F 31 2F 70 64 72 76 evidek_ro/1/pdrv 2E 65 78 65 0A 57 41 49 54 7C 31 32 30 0A 23 42 .exe.WAIT|120.#B 4C 41 43 4B 4C 41 42 45 4C 0D 0A 45 58 49 54 LACKLABEL..EXIT http://www.threatexpert.com/report.aspx?md5=fb0da2ada35fa4547c75b3740c35a40e is When I initially reported, I had 1/40 flag it as suspicous file. Now 7/39 http://www.virustotal.com/analisis/64d8a55d1473741dfba72090b3048b14ec3285f9c4937b4f1e1110770a59f82b-1244630275 -- Chris Green From jonkman at jonkmans.com Wed Jun 10 12:13:13 2009 From: jonkman at jonkmans.com (Matt Jonkman) Date: Wed, 10 Jun 2009 12:13:13 -0400 Subject: [Emerging-Sigs] Personal Defender 2009 In-Reply-To: References: Message-ID: <4A2FDB99.7000706@jonkmans.com> Great sigs Chris! Posting now. Thanks! Matt Chris Green wrote: > These rules have been useful for me with no false positives. > > alert tcp any any -> any 80 (msg: "TROJAN Personal Defender 2009 - > prinimalka.py"; uricontent:"/prinimalka.py"; sid: 100000248; > reference:url,malwarebytes.besttechie.net/2008/11/03/removal-instructions-for-personal-defender-2009/; > rev: 1;) > alert tcp any any -> any 80 (msg: "TROJAN Personal Defender 2009 - > trash.py"; uricontent:"/trash.py"; sid: 100000249; > reference:url,malwarebytes.besttechie.net/2008/11/03/removal-instructions-for-personal-defender-2009/; > rev: 1;) > > REDACTED:4005 -> 78.109.23.2:80 TCP TTL:126 TOS:0x0 ID:58779 IpLen:20 > DgmLen:819 DF > ***AP*** Seq: 0xE09C666C Ack: 0x827DA94A Win: 0x40B0 TcpLen: 20 > 50 4F 53 54 20 2F 73 79 73 74 65 6D 2F 70 72 69 POST /system/pri > 6E 69 6D 61 6C 6B 61 2E 70 79 2F 66 6F 72 6D 73 nimalka.py/forms > 20 48 54 54 50 2F 31 2E 31 0D 0A 43 6F 6E 74 65 HTTP/1.1..Conte > > alert tcp any 80 -> $HOME_NET any (msg: "TROJAN Koobface BLACKLABEL"; > content: "#BLACKLABEL|0d0a|"; sid: 10000242; reference: > url,blog.threatexpert.com/2008/12/koobface-leaves-victims-black-spot.html; > rev: 1;) > > FYI, I munged this URL below slightly so it doesn't set off spam filters > > 92.38.0.69:80 -> REDACTED:1149 TCP TTL:55 TOS:0x0 ID:58251 IpLen:20 > DgmLen:279 DF > ***AP*** Seq: 0x77D60C84 Ack: 0x7C28B0DE Win: 0x1920 TcpLen: 20 > 48 54 54 50 2F 31 2E 31 20 32 30 30 20 4F 4B 0D HTTP/1.1 200 OK. > 0A 44 61 74 65 3A 20 54 75 65 2C 20 30 39 20 4A .Date: Tue, 09 J > 75 6E 20 32 30 30 39 20 32 30 3A 33 35 3A 33 39 un 2009 20:35:39 > 20 47 4D 54 0D 0A 53 65 72 76 65 72 3A 20 41 70 GMT..Server: Ap > 61 63 68 65 2F 31 2E 33 2E 34 31 20 28 55 6E 69 ache/1.3.41 (Uni > 78 29 20 50 48 50 2F 35 2E 32 2E 39 0D 0A 58 2D x) PHP/5.2.9..X- > 50 6F 77 65 72 65 64 2D 42 79 3A 20 50 48 50 2F Powered-By: PHP/ > 35 2E 32 2E 39 0D 0A 43 6F 6E 6E 65 63 74 69 6F 5.2.9..Connectio > 6E 3A 20 63 6C 6F 73 65 0D 0A 43 6F 6E 74 65 6E n: close..Conten > 74 2D 54 79 70 65 3A 20 74 65 78 74 2F 68 74 6D t-Type: text/htm > 6C 0D 0A 0D 0A 23 50 49 44 3D 38 30 30 30 0A 53 l....#PID=8000.S > 54 41 52 54 4F 4E 43 45 7C 68 74 74 70 3A 2F 2F TARTONCE|http:// > 65 76 69 64 65 6B 2E 72 6F 2F 31 2F 70 64 72 76 evidek_ro/1/pdrv > 2E 65 78 65 0A 57 41 49 54 7C 31 32 30 0A 23 42 .exe.WAIT|120.#B > 4C 41 43 4B 4C 41 42 45 4C 0D 0A 45 58 49 54 LACKLABEL..EXIT > > http://www.threatexpert.com/report.aspx?md5=fb0da2ada35fa4547c75b3740c35a40e is > When I initially reported, I had 1/40 flag it as suspicous file. Now 7/39 > > http://www.virustotal.com/analisis/64d8a55d1473741dfba72090b3048b14ec3285f9c4937b4f1e1110770a59f82b-1244630275 -- -------------------------------------------- Matthew Jonkman Emerging Threats Phone 765-429-0398 Fax 312-264-0205 http://www.emergingthreats.net -------------------------------------------- PGP: http://www.jonkmans.com/mattjonkman.asc From emerging at emergingthreats.net Wed Jun 10 16:00:12 2009 From: emerging at emergingthreats.net (emerging@emergingthreats.net) Date: Wed, 10 Jun 2009 16:00:12 -0400 (EDT) Subject: [Emerging-Sigs] Emerging Threats Daily Signature Changes Message-ID: <20090610200012.14E334504B@goliath.jonkmans.com> [***] Results from Oinkmaster started Wed Jun 10 16:00:12 2009 [***] [+++] Added rules: [+++] 2009388 - ET TROJAN Bredolab Downloader Response Binaries from Controller (emerging-virus.rules) 2009389 - ET TROJAN Tornado Pack Binary Request (emerging-virus.rules) 2009390 - ET WEB_SPECIFIC PHPizabi dac.php sendChatData Parameter Local File Inclusion (emerging-web_sql_injection.rules) 2009391 - ET WEB_SPECIFIC Joomla Onguma Time Sheet Component onguma.class.php mosConfig_absolute_path Parameter Remote File Inclusion (emerging-web_sql_injection.rules) 2009393 - ET WEB_SPECIFIC YouTube Blog cuerpo.php base_archivo Local File Inclusion (emerging-web_sql_injection.rules) 2009394 - ET WEB_SPECIFIC GDL gdl.php node Parameter SQL Injection (emerging-web_sql_injection.rules) 2009395 - ET WEB_SPECIFIC OTManager ADM_Pagina.php Tipo Remote File Inclusion (emerging-web_sql_injection.rules) 2009396 - ET WEB_SPECIFIC OTManager ADM_Pagina.php Tipo Local File Inclusion (emerging-web_sql_injection.rules) 2009397 - ET WEB_SPECIFIC phpProfiles body_comm.inc.php content parameter remote file inclusion (emerging-web_sql_injection.rules) 2009398 - ET WEB_SPECIFIC HoMaP plugin_admin.php _settings Parameter Remote File Inclusion (emerging-web_sql_injection.rules) 2009399 - ET WEB_ACTIVEX Autodesk IDrop Indicator ActiveX Control Memory Corruption (emerging-web.rules) 2009400 - ET WEB_ACTIVEX Microsoft Communications Control Clsid Access (emerging-web.rules) 2009402 - ET WEB_ACTIVEX eBay Enhanced Picture Services Control Clsid Access (1) (emerging-web.rules) 2009403 - ET WEB_ACTIVEX eBay Enhanced Picture Services Control Clsid Access (2) (emerging-web.rules) 2009404 - ET WEB_ACTIVEX HP Virtual Rooms Control Clsid Access (emerging-web.rules) 2009405 - ET TROJAN Personal Defender 2009 - prinimalka.py (emerging-virus.rules) 2009406 - ET TROJAN Personal Defender 2009 - trash.py (emerging-virus.rules) 2009407 - ET TROJAN Koobface BLACKLABEL (emerging-virus.rules) [+++] Added non-rule lines: [+++] -> Added to emerging-sid-msg.map (74): 2009388 || ET TROJAN Bredolab Downloader Response Binaries from Controller || url,www.microsoft.com/security/portal/Entry.aspx?Name=TrojanDownloader\:Win32/Bredolab.B 2009389 || ET TROJAN Tornado Pack Binary Request || url,dxp2532.blogspot.com/2009/05/tornado-exploit-pack.html 2009390 || ET WEB_SPECIFIC PHPizabi dac.php sendChatData Parameter Local File Inclusion || bugtraq,34213 || url,milw0rm.com/exploits/8268 2009391 || ET WEB_SPECIFIC Joomla Onguma Time Sheet Component onguma.class.php mosConfig_absolute_path Parameter Remote File Inclusion || url,milw0rm.com/exploits/6976 || cve,CVE-2008-6347 || bugtraq,32095 2009393 || ET WEB_SPECIFIC YouTube Blog cuerpo.php base_archivo Local File Inclusion || url,secunia.com/advisories/31161 || bugtraq,30345 || url,milw0rm.com/exploits/6117 2009394 || ET WEB_SPECIFIC GDL gdl.php node Parameter SQL Injection || url,milw0rm.com/exploits/8228 || bugtraq,34144 2009395 || ET WEB_SPECIFIC OTManager ADM_Pagina.php Tipo Remote File Inclusion || url,secunia.com/advisories/32645 || url,vupen.com/english/advisories/2008/3093 || cve,CVE-2008-5063 2009396 || ET WEB_SPECIFIC OTManager ADM_Pagina.php Tipo Local File Inclusion || url,secunia.com/advisories/32645 || url,vupen.com/english/advisories/2008/3093 || cve,CVE-2008-5063 2009397 || ET WEB_SPECIFIC phpProfiles body_comm.inc.php content parameter remote file inclusion || url,milw0rm.com/exploits/5175 || bugtraq,27952 2009398 || ET WEB_SPECIFIC HoMaP plugin_admin.php _settings Parameter Remote File Inclusion || bugtraq,29877 || url,milw0rm.com/exploits/5902 2009399 || ET WEB_ACTIVEX Autodesk IDrop Indicator ActiveX Control Memory Corruption || url,milw0rm.com/exploits/8560 || url,vupen.com/english/advisories/2009/0942 || url,archives.neohapsis.com/archives/fulldisclosure/2009-04/0020.html || url,secunia.com/advisories/34563/ 2009400 || ET WEB_ACTIVEX Microsoft Communications Control Clsid Access || url,www.microsoft.com/technet/security/advisory/969898.mspx 2009402 || ET WEB_ACTIVEX eBay Enhanced Picture Services Control Clsid Access (1) || url,pages.ebay.com/securitycenter/activex/index.html || url,www.microsoft.com/technet/security/advisory/969898.mspx 2009403 || ET WEB_ACTIVEX eBay Enhanced Picture Services Control Clsid Access (2) || url,pages.ebay.com/securitycenter/activex/index.html || url,www.microsoft.com/technet/security/advisory/969898.mspx 2009404 || ET WEB_ACTIVEX HP Virtual Rooms Control Clsid Access || url,h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01678405 || url,www.microsoft.com/technet/security/advisory/969898.mspx 2009405 || ET TROJAN Personal Defender 2009 - prinimalka.py || url,malwarebytes.besttechie.net/2008/11/03/removal-instructions-for-personal-defender-2009/ 2009406 || ET TROJAN Personal Defender 2009 - trash.py || url,malwarebytes.besttechie.net/2008/11/03/removal-instructions-for-personal-defender-2009/ 2009407 || ET TROJAN Koobface BLACKLABEL || url,blog.threatexpert.com/2008/12/koobface-leaves-victims-black-spot.html 2500280 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (141) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500281 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (141) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500282 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (142) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500283 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (142) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500284 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (143) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500285 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (143) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500286 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (144) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500287 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (144) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500288 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (145) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500289 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (145) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500290 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (146) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500291 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (146) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500292 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (147) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500293 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (147) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500294 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (148) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500295 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (148) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500296 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (149) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500297 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (149) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500298 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (150) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500299 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (150) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500300 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (151) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500301 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (151) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500302 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (152) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500303 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (152) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500304 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (153) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500305 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (153) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500306 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (154) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500307 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (154) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510280 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (141) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510281 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (141) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510282 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (142) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510283 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (142) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510284 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (143) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510285 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (143) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510286 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (144) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510287 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (144) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510288 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (145) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510289 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (145) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510290 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (146) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510291 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (146) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510292 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (147) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510293 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (147) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510294 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (148) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510295 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (148) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510296 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (149) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510297 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (149) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510298 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (150) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510299 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (150) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510300 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (151) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510301 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (151) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510302 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (152) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510303 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (152) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510304 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (153) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510305 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (153) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510306 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (154) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510307 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (154) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts -> Added to emerging-sid-msg.map.txt (74): 2009388 || ET TROJAN Bredolab Downloader Response Binaries from Controller || url,www.microsoft.com/security/portal/Entry.aspx?Name=TrojanDownloader\:Win32/Bredolab.B 2009389 || ET TROJAN Tornado Pack Binary Request || url,dxp2532.blogspot.com/2009/05/tornado-exploit-pack.html 2009390 || ET WEB_SPECIFIC PHPizabi dac.php sendChatData Parameter Local File Inclusion || bugtraq,34213 || url,milw0rm.com/exploits/8268 2009391 || ET WEB_SPECIFIC Joomla Onguma Time Sheet Component onguma.class.php mosConfig_absolute_path Parameter Remote File Inclusion || url,milw0rm.com/exploits/6976 || cve,CVE-2008-6347 || bugtraq,32095 2009393 || ET WEB_SPECIFIC YouTube Blog cuerpo.php base_archivo Local File Inclusion || url,secunia.com/advisories/31161 || bugtraq,30345 || url,milw0rm.com/exploits/6117 2009394 || ET WEB_SPECIFIC GDL gdl.php node Parameter SQL Injection || url,milw0rm.com/exploits/8228 || bugtraq,34144 2009395 || ET WEB_SPECIFIC OTManager ADM_Pagina.php Tipo Remote File Inclusion || url,secunia.com/advisories/32645 || url,vupen.com/english/advisories/2008/3093 || cve,CVE-2008-5063 2009396 || ET WEB_SPECIFIC OTManager ADM_Pagina.php Tipo Local File Inclusion || url,secunia.com/advisories/32645 || url,vupen.com/english/advisories/2008/3093 || cve,CVE-2008-5063 2009397 || ET WEB_SPECIFIC phpProfiles body_comm.inc.php content parameter remote file inclusion || url,milw0rm.com/exploits/5175 || bugtraq,27952 2009398 || ET WEB_SPECIFIC HoMaP plugin_admin.php _settings Parameter Remote File Inclusion || bugtraq,29877 || url,milw0rm.com/exploits/5902 2009399 || ET WEB_ACTIVEX Autodesk IDrop Indicator ActiveX Control Memory Corruption || url,milw0rm.com/exploits/8560 || url,vupen.com/english/advisories/2009/0942 || url,archives.neohapsis.com/archives/fulldisclosure/2009-04/0020.html || url,secunia.com/advisories/34563/ 2009400 || ET WEB_ACTIVEX Microsoft Communications Control Clsid Access || url,www.microsoft.com/technet/security/advisory/969898.mspx 2009402 || ET WEB_ACTIVEX eBay Enhanced Picture Services Control Clsid Access (1) || url,pages.ebay.com/securitycenter/activex/index.html || url,www.microsoft.com/technet/security/advisory/969898.mspx 2009403 || ET WEB_ACTIVEX eBay Enhanced Picture Services Control Clsid Access (2) || url,pages.ebay.com/securitycenter/activex/index.html || url,www.microsoft.com/technet/security/advisory/969898.mspx 2009404 || ET WEB_ACTIVEX HP Virtual Rooms Control Clsid Access || url,h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01678405 || url,www.microsoft.com/technet/security/advisory/969898.mspx 2009405 || ET TROJAN Personal Defender 2009 - prinimalka.py || url,malwarebytes.besttechie.net/2008/11/03/removal-instructions-for-personal-defender-2009/ 2009406 || ET TROJAN Personal Defender 2009 - trash.py || url,malwarebytes.besttechie.net/2008/11/03/removal-instructions-for-personal-defender-2009/ 2009407 || ET TROJAN Koobface BLACKLABEL || url,blog.threatexpert.com/2008/12/koobface-leaves-victims-black-spot.html 2500280 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (141) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500281 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (141) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500282 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (142) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500283 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (142) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500284 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (143) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500285 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (143) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500286 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (144) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500287 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (144) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500288 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (145) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500289 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (145) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500290 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (146) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500291 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (146) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500292 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (147) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500293 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (147) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500294 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (148) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500295 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (148) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500296 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (149) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500297 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (149) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500298 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (150) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500299 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (150) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500300 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (151) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500301 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (151) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500302 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (152) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500303 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (152) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500304 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (153) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500305 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (153) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500306 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (154) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500307 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (154) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510280 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (141) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510281 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (141) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510282 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (142) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510283 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (142) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510284 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (143) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510285 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (143) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510286 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (144) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510287 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (144) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510288 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (145) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510289 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (145) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510290 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (146) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510291 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (146) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510292 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (147) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510293 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (147) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510294 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (148) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510295 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (148) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510296 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (149) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510297 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (149) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510298 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (150) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510299 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (150) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510300 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (151) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510301 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (151) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510302 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (152) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510303 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (152) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510304 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (153) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510305 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (153) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510306 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (154) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510307 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (154) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts -> Added to emerging-virus.rules (7): #by Chris Green #by Chris Green #Description of parameters: # ?o= integer value to identify attacker # &t= integer value represents time the exploit was generated # &i= integer value represent IP address of victim # &e= integer value represents exploit used From emerging at emergingthreats.net Thu Jun 11 16:00:11 2009 From: emerging at emergingthreats.net (emerging@emergingthreats.net) Date: Thu, 11 Jun 2009 16:00:11 -0400 (EDT) Subject: [Emerging-Sigs] Emerging Threats Daily Signature Changes Message-ID: <20090611200011.91C5C4504B@goliath.jonkmans.com> [***] Results from Oinkmaster started Thu Jun 11 16:00:11 2009 [***] [*] Rules modifications: [*] None. [+++] Added non-rule lines: [+++] -> Added to emerging-sid-msg.map (8): 2500308 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (155) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500309 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (155) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500310 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (156) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500311 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (156) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510308 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (155) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510309 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (155) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510310 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (156) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510311 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (156) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts -> Added to emerging-sid-msg.map.txt (8): 2500308 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (155) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500309 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (155) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500310 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (156) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500311 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (156) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510308 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (155) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510309 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (155) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510310 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (156) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510311 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (156) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts From mikek at plixer.com Fri Jun 12 11:14:02 2009 From: mikek at plixer.com (Michael Krygeris) Date: Fri, 12 Jun 2009 11:14:02 -0400 Subject: [Emerging-Sigs] Proxy Server listings Message-ID: <003101c9eb70$6affbfe0$40ff3fa0$@com> Hello, I was wondering if anybody has compiled a list of public proxy servers. I am looking for something that is fairly comprehensive and up to the minute. Anyone know of such a beast? Thanks, Mike Krygeris Plixer International, Inc. 207-324-8805 x225 mikek at plixer.com -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.emergingthreats.net/pipermail/emerging-sigs/attachments/20090612/5365b384/attachment.html From jaime.blasco at alienvault.com Fri Jun 12 11:16:02 2009 From: jaime.blasco at alienvault.com (Jaime Blasco) Date: Fri, 12 Jun 2009 17:16:02 +0200 Subject: [Emerging-Sigs] Proxy Server listings In-Reply-To: <003101c9eb70$6affbfe0$40ff3fa0$@com> References: <003101c9eb70$6affbfe0$40ff3fa0$@com> Message-ID: <53834cf20906120816v2c34ca11kbb57b5b21faa87da@mail.gmail.com> http://proxy.org/ Regards 2009/6/12 Michael Krygeris > Hello, > > I was wondering if anybody has compiled a list of public proxy servers. > I am looking for something that is fairly comprehensive and up to the > minute. Anyone know of such a beast? > > > > Thanks, > > Mike Krygeris > > Plixer International, Inc. > > 207-324-8805 x225 > > mikek at plixer.com > > > > _______________________________________________ > Emerging-sigs mailing list > Emerging-sigs at emergingthreats.net > http://lists.emergingthreats.net/mailman/listinfo/emerging-sigs > > -- _______________________________ Jaime Blasco www.ossim.com www.alienvault.com Email: jaime.blasco at alienvault.com -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.emergingthreats.net/pipermail/emerging-sigs/attachments/20090612/0d3542b3/attachment.html From emerging at emergingthreats.net Fri Jun 12 16:00:11 2009 From: emerging at emergingthreats.net (emerging@emergingthreats.net) Date: Fri, 12 Jun 2009 16:00:11 -0400 (EDT) Subject: [Emerging-Sigs] Emerging Threats Daily Signature Changes Message-ID: <20090612200011.573BC4501B@goliath.jonkmans.com> [***] Results from Oinkmaster started Fri Jun 12 16:00:11 2009 [***] [///] Modified active rules: [///] 2009388 - ET TROJAN Bredolab Downloader Response Binaries from Controller (emerging-virus.rules) 2009389 - ET TROJAN Tornado Pack Binary Request (emerging-virus.rules) 2009390 - ET WEB_SPECIFIC PHPizabi dac.php sendChatData Parameter Local File Inclusion (emerging-web_sql_injection.rules) 2009391 - ET WEB_SPECIFIC Joomla Onguma Time Sheet Component onguma.class.php mosConfig_absolute_path Parameter Remote File Inclusion (emerging-web_sql_injection.rules) 2009393 - ET WEB_SPECIFIC YouTube Blog cuerpo.php base_archivo Local File Inclusion (emerging-web_sql_injection.rules) 2009394 - ET WEB_SPECIFIC GDL gdl.php node Parameter SQL Injection (emerging-web_sql_injection.rules) 2009395 - ET WEB_SPECIFIC OTManager ADM_Pagina.php Tipo Remote File Inclusion (emerging-web_sql_injection.rules) 2009396 - ET WEB_SPECIFIC OTManager ADM_Pagina.php Tipo Local File Inclusion (emerging-web_sql_injection.rules) 2009397 - ET WEB_SPECIFIC phpProfiles body_comm.inc.php content parameter remote file inclusion (emerging-web_sql_injection.rules) 2009398 - ET WEB_SPECIFIC HoMaP plugin_admin.php _settings Parameter Remote File Inclusion (emerging-web_sql_injection.rules) 2009399 - ET WEB_ACTIVEX Autodesk IDrop Indicator ActiveX Control Memory Corruption (emerging-web.rules) 2009400 - ET WEB_ACTIVEX Microsoft Communications Control Clsid Access (emerging-web.rules) 2009402 - ET WEB_ACTIVEX eBay Enhanced Picture Services Control Clsid Access (1) (emerging-web.rules) 2009403 - ET WEB_ACTIVEX eBay Enhanced Picture Services Control Clsid Access (2) (emerging-web.rules) 2009404 - ET WEB_ACTIVEX HP Virtual Rooms Control Clsid Access (emerging-web.rules) 2009405 - ET TROJAN Personal Defender 2009 - prinimalka.py (emerging-virus.rules) 2009406 - ET TROJAN Personal Defender 2009 - trash.py (emerging-virus.rules) 2009407 - ET TROJAN Koobface BLACKLABEL (emerging-virus.rules) [///] Modified inactive rules: [///] 2009387 - ET POLICY PPTP Requester is not authorized to establish a command channel (emerging-policy.rules) [+++] Added non-rule lines: [+++] -> Added to emerging-policy.rules (1): #Needs tweaking ... aight, tweaked... needs testing now :) -> Added to emerging-sid-msg.map (18): 2009388 || ET TROJAN Bredolab Downloader Response Binaries from Controller || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/VIRUS/TROJAN_Bredolab || url,doc.emergingthreats.net/2009388 || url,www.microsoft.com/security/portal/Entry.aspx?Name=TrojanDownloader\:Win32/Bredolab.B 2009389 || ET TROJAN Tornado Pack Binary Request || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/VIRUS/TROJAN_Tornado || url,doc.emergingthreats.net/2009389 || url,dxp2532.blogspot.com/2009/05/tornado-exploit-pack.html 2009390 || ET WEB_SPECIFIC PHPizabi dac.php sendChatData Parameter Local File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_PHPizabi || url,doc.emergingthreats.net/2009390 || bugtraq,34213 || url,milw0rm.com/exploits/8268 2009391 || ET WEB_SPECIFIC Joomla Onguma Time Sheet Component onguma.class.php mosConfig_absolute_path Parameter Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_Joomla_Onguma || url,doc.emergingthreats.net/2009391 || url,milw0rm.com/exploits/6976 || cve,CVE-2008-6347 || bugtraq,32095 2009393 || ET WEB_SPECIFIC YouTube Blog cuerpo.php base_archivo Local File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_Youtube_Blog || url,doc.emergingthreats.net/2009393 || url,secunia.com/advisories/31161 || bugtraq,30345 || url,milw0rm.com/exploits/6117 2009394 || ET WEB_SPECIFIC GDL gdl.php node Parameter SQL Injection || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_GDL || url,doc.emergingthreats.net/2009394 || url,milw0rm.com/exploits/8228 || bugtraq,34144 2009395 || ET WEB_SPECIFIC OTManager ADM_Pagina.php Tipo Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_OTManager || url,doc.emergingthreats.net/2009395 || url,secunia.com/advisories/32645 || url,vupen.com/english/advisories/2008/3093 || cve,CVE-2008-5063 2009396 || ET WEB_SPECIFIC OTManager ADM_Pagina.php Tipo Local File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_OTManager || url,doc.emergingthreats.net/2009396 || url,secunia.com/advisories/32645 || url,vupen.com/english/advisories/2008/3093 || cve,CVE-2008-5063 2009397 || ET WEB_SPECIFIC phpProfiles body_comm.inc.php content parameter remote file inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_phpProfiles || url,doc.emergingthreats.net/2009397 || url,milw0rm.com/exploits/5175 || bugtraq,27952 2009398 || ET WEB_SPECIFIC HoMaP plugin_admin.php _settings Parameter Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_HoMaP || url,doc.emergingthreats.net/2009398 || bugtraq,29877 || url,milw0rm.com/exploits/5902 2009399 || ET WEB_ACTIVEX Autodesk IDrop Indicator ActiveX Control Memory Corruption || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_Autodesk || url,doc.emergingthreats.net/2009399 || url,milw0rm.com/exploits/8560 || url,vupen.com/english/advisories/2009/0942 || url,archives.neohapsis.com/archives/fulldisclosure/2009-04/0020.html || url,secunia.com/advisories/34563/ 2009400 || ET WEB_ACTIVEX Microsoft Communications Control Clsid Access || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_MSCC || url,doc.emergingthreats.net/2009400 || url,www.microsoft.com/technet/security/advisory/969898.mspx 2009402 || ET WEB_ACTIVEX eBay Enhanced Picture Services Control Clsid Access (1) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_Ebay || url,doc.emergingthreats.net/2009402 || url,pages.ebay.com/securitycenter/activex/index.html || url,www.microsoft.com/technet/security/advisory/969898.mspx 2009403 || ET WEB_ACTIVEX eBay Enhanced Picture Services Control Clsid Access (2) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_Ebay || url,doc.emergingthreats.net/2009403 || url,pages.ebay.com/securitycenter/activex/index.html || url,www.microsoft.com/technet/security/advisory/969898.mspx 2009404 || ET WEB_ACTIVEX HP Virtual Rooms Control Clsid Access || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_HP_Virtual_Rooms || url,doc.emergingthreats.net/2009404 || url,h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01678405 || url,www.microsoft.com/technet/security/advisory/969898.mspx 2009405 || ET TROJAN Personal Defender 2009 - prinimalka.py || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/VIRUS/TROJAN_Personal_Defender || url,doc.emergingthreats.net/2009405 || url,malwarebytes.besttechie.net/2008/11/03/removal-instructions-for-personal-defender-2009/ 2009406 || ET TROJAN Personal Defender 2009 - trash.py || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/VIRUS/TROJAN_Personal_Defender || url,doc.emergingthreats.net/2009406 || url,malwarebytes.besttechie.net/2008/11/03/removal-instructions-for-personal-defender-2009/ 2009407 || ET TROJAN Koobface BLACKLABEL || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/VIRUS/TROJAN_Koobface || url,doc.emergingthreats.net/2009407 || url,blog.threatexpert.com/2008/12/koobface-leaves-victims-black-spot.html -> Added to emerging-sid-msg.map.txt (18): 2009388 || ET TROJAN Bredolab Downloader Response Binaries from Controller || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/VIRUS/TROJAN_Bredolab || url,doc.emergingthreats.net/2009388 || url,www.microsoft.com/security/portal/Entry.aspx?Name=TrojanDownloader\:Win32/Bredolab.B 2009389 || ET TROJAN Tornado Pack Binary Request || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/VIRUS/TROJAN_Tornado || url,doc.emergingthreats.net/2009389 || url,dxp2532.blogspot.com/2009/05/tornado-exploit-pack.html 2009390 || ET WEB_SPECIFIC PHPizabi dac.php sendChatData Parameter Local File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_PHPizabi || url,doc.emergingthreats.net/2009390 || bugtraq,34213 || url,milw0rm.com/exploits/8268 2009391 || ET WEB_SPECIFIC Joomla Onguma Time Sheet Component onguma.class.php mosConfig_absolute_path Parameter Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_Joomla_Onguma || url,doc.emergingthreats.net/2009391 || url,milw0rm.com/exploits/6976 || cve,CVE-2008-6347 || bugtraq,32095 2009393 || ET WEB_SPECIFIC YouTube Blog cuerpo.php base_archivo Local File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_Youtube_Blog || url,doc.emergingthreats.net/2009393 || url,secunia.com/advisories/31161 || bugtraq,30345 || url,milw0rm.com/exploits/6117 2009394 || ET WEB_SPECIFIC GDL gdl.php node Parameter SQL Injection || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_GDL || url,doc.emergingthreats.net/2009394 || url,milw0rm.com/exploits/8228 || bugtraq,34144 2009395 || ET WEB_SPECIFIC OTManager ADM_Pagina.php Tipo Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_OTManager || url,doc.emergingthreats.net/2009395 || url,secunia.com/advisories/32645 || url,vupen.com/english/advisories/2008/3093 || cve,CVE-2008-5063 2009396 || ET WEB_SPECIFIC OTManager ADM_Pagina.php Tipo Local File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_OTManager || url,doc.emergingthreats.net/2009396 || url,secunia.com/advisories/32645 || url,vupen.com/english/advisories/2008/3093 || cve,CVE-2008-5063 2009397 || ET WEB_SPECIFIC phpProfiles body_comm.inc.php content parameter remote file inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_phpProfiles || url,doc.emergingthreats.net/2009397 || url,milw0rm.com/exploits/5175 || bugtraq,27952 2009398 || ET WEB_SPECIFIC HoMaP plugin_admin.php _settings Parameter Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_HoMaP || url,doc.emergingthreats.net/2009398 || bugtraq,29877 || url,milw0rm.com/exploits/5902 2009399 || ET WEB_ACTIVEX Autodesk IDrop Indicator ActiveX Control Memory Corruption || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_Autodesk || url,doc.emergingthreats.net/2009399 || url,milw0rm.com/exploits/8560 || url,vupen.com/english/advisories/2009/0942 || url,archives.neohapsis.com/archives/fulldisclosure/2009-04/0020.html || url,secunia.com/advisories/34563/ 2009400 || ET WEB_ACTIVEX Microsoft Communications Control Clsid Access || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_MSCC || url,doc.emergingthreats.net/2009400 || url,www.microsoft.com/technet/security/advisory/969898.mspx 2009402 || ET WEB_ACTIVEX eBay Enhanced Picture Services Control Clsid Access (1) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_Ebay || url,doc.emergingthreats.net/2009402 || url,pages.ebay.com/securitycenter/activex/index.html || url,www.microsoft.com/technet/security/advisory/969898.mspx 2009403 || ET WEB_ACTIVEX eBay Enhanced Picture Services Control Clsid Access (2) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_Ebay || url,doc.emergingthreats.net/2009403 || url,pages.ebay.com/securitycenter/activex/index.html || url,www.microsoft.com/technet/security/advisory/969898.mspx 2009404 || ET WEB_ACTIVEX HP Virtual Rooms Control Clsid Access || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_HP_Virtual_Rooms || url,doc.emergingthreats.net/2009404 || url,h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01678405 || url,www.microsoft.com/technet/security/advisory/969898.mspx 2009405 || ET TROJAN Personal Defender 2009 - prinimalka.py || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/VIRUS/TROJAN_Personal_Defender || url,doc.emergingthreats.net/2009405 || url,malwarebytes.besttechie.net/2008/11/03/removal-instructions-for-personal-defender-2009/ 2009406 || ET TROJAN Personal Defender 2009 - trash.py || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/VIRUS/TROJAN_Personal_Defender || url,doc.emergingthreats.net/2009406 || url,malwarebytes.besttechie.net/2008/11/03/removal-instructions-for-personal-defender-2009/ 2009407 || ET TROJAN Koobface BLACKLABEL || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/VIRUS/TROJAN_Koobface || url,doc.emergingthreats.net/2009407 || url,blog.threatexpert.com/2008/12/koobface-leaves-victims-black-spot.html -> Added to emerging-virus.rules (4): # ?o= integer value to identify attacker # &t= integer value represents time the exploit was generated # &i= integer value represent IP address of victim # &e= integer value represents exploit used [---] Removed non-rule lines: [---] -> Removed from emerging-policy.rules (1): #Needs tweaking -> Removed from emerging-sid-msg.map (24): 2009388 || ET TROJAN Bredolab Downloader Response Binaries from Controller || url,www.microsoft.com/security/portal/Entry.aspx?Name=TrojanDownloader\:Win32/Bredolab.B 2009389 || ET TROJAN Tornado Pack Binary Request || url,dxp2532.blogspot.com/2009/05/tornado-exploit-pack.html 2009390 || ET WEB_SPECIFIC PHPizabi dac.php sendChatData Parameter Local File Inclusion || bugtraq,34213 || url,milw0rm.com/exploits/8268 2009391 || ET WEB_SPECIFIC Joomla Onguma Time Sheet Component onguma.class.php mosConfig_absolute_path Parameter Remote File Inclusion || url,milw0rm.com/exploits/6976 || cve,CVE-2008-6347 || bugtraq,32095 2009393 || ET WEB_SPECIFIC YouTube Blog cuerpo.php base_archivo Local File Inclusion || url,secunia.com/advisories/31161 || bugtraq,30345 || url,milw0rm.com/exploits/6117 2009394 || ET WEB_SPECIFIC GDL gdl.php node Parameter SQL Injection || url,milw0rm.com/exploits/8228 || bugtraq,34144 2009395 || ET WEB_SPECIFIC OTManager ADM_Pagina.php Tipo Remote File Inclusion || url,secunia.com/advisories/32645 || url,vupen.com/english/advisories/2008/3093 || cve,CVE-2008-5063 2009396 || ET WEB_SPECIFIC OTManager ADM_Pagina.php Tipo Local File Inclusion || url,secunia.com/advisories/32645 || url,vupen.com/english/advisories/2008/3093 || cve,CVE-2008-5063 2009397 || ET WEB_SPECIFIC phpProfiles body_comm.inc.php content parameter remote file inclusion || url,milw0rm.com/exploits/5175 || bugtraq,27952 2009398 || ET WEB_SPECIFIC HoMaP plugin_admin.php _settings Parameter Remote File Inclusion || bugtraq,29877 || url,milw0rm.com/exploits/5902 2009399 || ET WEB_ACTIVEX Autodesk IDrop Indicator ActiveX Control Memory Corruption || url,milw0rm.com/exploits/8560 || url,vupen.com/english/advisories/2009/0942 || url,archives.neohapsis.com/archives/fulldisclosure/2009-04/0020.html || url,secunia.com/advisories/34563/ 2009400 || ET WEB_ACTIVEX Microsoft Communications Control Clsid Access || url,www.microsoft.com/technet/security/advisory/969898.mspx 2009402 || ET WEB_ACTIVEX eBay Enhanced Picture Services Control Clsid Access (1) || url,pages.ebay.com/securitycenter/activex/index.html || url,www.microsoft.com/technet/security/advisory/969898.mspx 2009403 || ET WEB_ACTIVEX eBay Enhanced Picture Services Control Clsid Access (2) || url,pages.ebay.com/securitycenter/activex/index.html || url,www.microsoft.com/technet/security/advisory/969898.mspx 2009404 || ET WEB_ACTIVEX HP Virtual Rooms Control Clsid Access || url,h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01678405 || url,www.microsoft.com/technet/security/advisory/969898.mspx 2009405 || ET TROJAN Personal Defender 2009 - prinimalka.py || url,malwarebytes.besttechie.net/2008/11/03/removal-instructions-for-personal-defender-2009/ 2009406 || ET TROJAN Personal Defender 2009 - trash.py || url,malwarebytes.besttechie.net/2008/11/03/removal-instructions-for-personal-defender-2009/ 2009407 || ET TROJAN Koobface BLACKLABEL || url,blog.threatexpert.com/2008/12/koobface-leaves-victims-black-spot.html 2404024 || ET DROP Known Bot C&C Server Traffic (group 25) || url,www.shadowserver.org 2405024 || ET DROP Known Bot C&C Traffic (group 25) - BLOCKING SOURCE || url,www.shadowserver.org 2500310 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (156) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500311 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (156) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510310 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (156) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510311 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (156) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts -> Removed from emerging-sid-msg.map.txt (24): 2009388 || ET TROJAN Bredolab Downloader Response Binaries from Controller || url,www.microsoft.com/security/portal/Entry.aspx?Name=TrojanDownloader\:Win32/Bredolab.B 2009389 || ET TROJAN Tornado Pack Binary Request || url,dxp2532.blogspot.com/2009/05/tornado-exploit-pack.html 2009390 || ET WEB_SPECIFIC PHPizabi dac.php sendChatData Parameter Local File Inclusion || bugtraq,34213 || url,milw0rm.com/exploits/8268 2009391 || ET WEB_SPECIFIC Joomla Onguma Time Sheet Component onguma.class.php mosConfig_absolute_path Parameter Remote File Inclusion || url,milw0rm.com/exploits/6976 || cve,CVE-2008-6347 || bugtraq,32095 2009393 || ET WEB_SPECIFIC YouTube Blog cuerpo.php base_archivo Local File Inclusion || url,secunia.com/advisories/31161 || bugtraq,30345 || url,milw0rm.com/exploits/6117 2009394 || ET WEB_SPECIFIC GDL gdl.php node Parameter SQL Injection || url,milw0rm.com/exploits/8228 || bugtraq,34144 2009395 || ET WEB_SPECIFIC OTManager ADM_Pagina.php Tipo Remote File Inclusion || url,secunia.com/advisories/32645 || url,vupen.com/english/advisories/2008/3093 || cve,CVE-2008-5063 2009396 || ET WEB_SPECIFIC OTManager ADM_Pagina.php Tipo Local File Inclusion || url,secunia.com/advisories/32645 || url,vupen.com/english/advisories/2008/3093 || cve,CVE-2008-5063 2009397 || ET WEB_SPECIFIC phpProfiles body_comm.inc.php content parameter remote file inclusion || url,milw0rm.com/exploits/5175 || bugtraq,27952 2009398 || ET WEB_SPECIFIC HoMaP plugin_admin.php _settings Parameter Remote File Inclusion || bugtraq,29877 || url,milw0rm.com/exploits/5902 2009399 || ET WEB_ACTIVEX Autodesk IDrop Indicator ActiveX Control Memory Corruption || url,milw0rm.com/exploits/8560 || url,vupen.com/english/advisories/2009/0942 || url,archives.neohapsis.com/archives/fulldisclosure/2009-04/0020.html || url,secunia.com/advisories/34563/ 2009400 || ET WEB_ACTIVEX Microsoft Communications Control Clsid Access || url,www.microsoft.com/technet/security/advisory/969898.mspx 2009402 || ET WEB_ACTIVEX eBay Enhanced Picture Services Control Clsid Access (1) || url,pages.ebay.com/securitycenter/activex/index.html || url,www.microsoft.com/technet/security/advisory/969898.mspx 2009403 || ET WEB_ACTIVEX eBay Enhanced Picture Services Control Clsid Access (2) || url,pages.ebay.com/securitycenter/activex/index.html || url,www.microsoft.com/technet/security/advisory/969898.mspx 2009404 || ET WEB_ACTIVEX HP Virtual Rooms Control Clsid Access || url,h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01678405 || url,www.microsoft.com/technet/security/advisory/969898.mspx 2009405 || ET TROJAN Personal Defender 2009 - prinimalka.py || url,malwarebytes.besttechie.net/2008/11/03/removal-instructions-for-personal-defender-2009/ 2009406 || ET TROJAN Personal Defender 2009 - trash.py || url,malwarebytes.besttechie.net/2008/11/03/removal-instructions-for-personal-defender-2009/ 2009407 || ET TROJAN Koobface BLACKLABEL || url,blog.threatexpert.com/2008/12/koobface-leaves-victims-black-spot.html 2404024 || ET DROP Known Bot C&C Server Traffic (group 25) || url,www.shadowserver.org 2405024 || ET DROP Known Bot C&C Traffic (group 25) - BLOCKING SOURCE || url,www.shadowserver.org 2500310 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (156) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500311 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (156) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510310 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (156) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510311 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (156) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts -> Removed from emerging-virus.rules (4): # ?o= integer value to identify attacker # &t= integer value represents time the exploit was generated # &i= integer value represent IP address of victim # &e= integer value represents exploit used From dxp2532 at gmail.com Sat Jun 13 02:17:46 2009 From: dxp2532 at gmail.com (dxp) Date: Sat, 13 Jun 2009 02:17:46 -0400 Subject: [Emerging-Sigs] Personal Defender 2009 In-Reply-To: References: Message-ID: <1244873866.7258.22.camel@kinta> This activity is associated with the trojan typically known as Ursnif/Gozi/Ordergun/Snifula/Orderjack. There are couple of rules already present in the set but are too specific and that's why they missed this activity. The trojan uses a very unique URI scheme so I think the set of current sigs can be rolled into one and it will provide detection. Here are the SIDs of current rules: 2003509, 2003510, 2003511, 2002854. Some of them look for data leakage (POSTs) others for C&C registration and command options (GETs). I propose to have a single rule which will detect the trojan when it registeres or checks in for updates/commands. This would be the rule: alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET TROJAN Gozi check-in / update"; flow:established,to_server; uricontent:"?user_id="; nocase; uricontent:"&version_id="; nocase; uricontent:"&passphrase="; nocase; uricontent:"&socks="; nocase; uricontent:"&version="; nocase; uricontent:"&crc="; nocase; reference:url,www.secureworks.com/research/threats/gozi; classtype:trojan-activity; sid:XXXX; rev:1;) If the current POST detection sigs will be kept then they need to be updated to get rid off reliance on .cgi as well as UAS. PS: Chris, if you have the binary which created the "prinimalka.py" POSTs can you send it to me privately or upload to Offensive Computing and share the link. I've been following the activity of this (older versions) trojan and would like to see what changes are in this one. - -=[ dxp ]=- 0xA3F3C6E3 On Wed, 2009-06-10 at 08:37 -0500, Chris Green wrote: > These rules have been useful for me with no false positives. > > alert tcp any any -> any 80 (msg: "TROJAN Personal Defender 2009 - > prinimalka.py"; uricontent:"/prinimalka.py"; sid: 100000248; > reference:url,malwarebytes.besttechie.net/2008/11/03/removal-instructions-for-personal-defender-2009/; > rev: 1;) > alert tcp any any -> any 80 (msg: "TROJAN Personal Defender 2009 - > trash.py"; uricontent:"/trash.py"; sid: 100000249; > reference:url,malwarebytes.besttechie.net/2008/11/03/removal-instructions-for-personal-defender-2009/; > rev: 1;) > > REDACTED:4005 -> 78.109.23.2:80 TCP TTL:126 TOS:0x0 ID:58779 IpLen:20 > DgmLen:819 DF > ***AP*** Seq: 0xE09C666C Ack: 0x827DA94A Win: 0x40B0 TcpLen: 20 > 50 4F 53 54 20 2F 73 79 73 74 65 6D 2F 70 72 69 POST /system/pri > 6E 69 6D 61 6C 6B 61 2E 70 79 2F 66 6F 72 6D 73 nimalka.py/forms > 20 48 54 54 50 2F 31 2E 31 0D 0A 43 6F 6E 74 65 HTTP/1.1..Conte -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.emergingthreats.net/pipermail/emerging-sigs/attachments/20090613/45de922b/attachment-0001.html -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.emergingthreats.net/pipermail/emerging-sigs/attachments/20090613/45de922b/attachment-0001.bin From emerging at emergingthreats.net Sat Jun 13 16:00:11 2009 From: emerging at emergingthreats.net (emerging@emergingthreats.net) Date: Sat, 13 Jun 2009 16:00:11 -0400 (EDT) Subject: [Emerging-Sigs] Emerging Threats Daily Signature Changes Message-ID: <20090613200011.B5C0A4504B@goliath.jonkmans.com> [***] Results from Oinkmaster started Sat Jun 13 16:00:11 2009 [***] [+++] Added rules: [+++] 2406620 - ET RBN Known Russian Business Network IP TCP (311) (emerging-rbn.rules) 2406621 - ET RBN Known Russian Business Network IP UDP (311) (emerging-rbn.rules) 2406622 - ET RBN Known Russian Business Network IP TCP (312) (emerging-rbn.rules) 2406623 - ET RBN Known Russian Business Network IP UDP (312) (emerging-rbn.rules) 2406624 - ET RBN Known Russian Business Network IP TCP (313) (emerging-rbn.rules) 2406625 - ET RBN Known Russian Business Network IP UDP (313) (emerging-rbn.rules) 2406626 - ET RBN Known Russian Business Network IP TCP (314) (emerging-rbn.rules) 2406627 - ET RBN Known Russian Business Network IP UDP (314) (emerging-rbn.rules) 2406628 - ET RBN Known Russian Business Network IP TCP (315) (emerging-rbn.rules) 2406629 - ET RBN Known Russian Business Network IP UDP (315) (emerging-rbn.rules) 2406630 - ET RBN Known Russian Business Network IP TCP (316) (emerging-rbn.rules) 2406631 - ET RBN Known Russian Business Network IP UDP (316) (emerging-rbn.rules) 2406632 - ET RBN Known Russian Business Network IP TCP (317) (emerging-rbn.rules) 2406633 - ET RBN Known Russian Business Network IP UDP (317) (emerging-rbn.rules) 2406634 - ET RBN Known Russian Business Network IP TCP (318) (emerging-rbn.rules) 2406635 - ET RBN Known Russian Business Network IP UDP (318) (emerging-rbn.rules) 2406636 - ET RBN Known Russian Business Network IP TCP (319) (emerging-rbn.rules) 2406637 - ET RBN Known Russian Business Network IP UDP (319) (emerging-rbn.rules) 2406638 - ET RBN Known Russian Business Network IP TCP (320) (emerging-rbn.rules) 2406639 - ET RBN Known Russian Business Network IP UDP (320) (emerging-rbn.rules) 2406640 - ET RBN Known Russian Business Network IP TCP (321) (emerging-rbn.rules) 2406641 - ET RBN Known Russian Business Network IP UDP (321) (emerging-rbn.rules) 2406642 - ET RBN Known Russian Business Network IP TCP (322) (emerging-rbn.rules) 2406643 - ET RBN Known Russian Business Network IP UDP (322) (emerging-rbn.rules) 2406644 - ET RBN Known Russian Business Network IP TCP (323) (emerging-rbn.rules) 2406645 - ET RBN Known Russian Business Network IP UDP (323) (emerging-rbn.rules) 2406646 - ET RBN Known Russian Business Network IP TCP (324) (emerging-rbn.rules) 2406647 - ET RBN Known Russian Business Network IP UDP (324) (emerging-rbn.rules) 2406648 - ET RBN Known Russian Business Network IP TCP (325) (emerging-rbn.rules) 2406649 - ET RBN Known Russian Business Network IP UDP (325) (emerging-rbn.rules) 2406650 - ET RBN Known Russian Business Network IP TCP (326) (emerging-rbn.rules) 2406651 - ET RBN Known Russian Business Network IP UDP (326) (emerging-rbn.rules) 2406652 - ET RBN Known Russian Business Network IP TCP (327) (emerging-rbn.rules) 2406653 - ET RBN Known Russian Business Network IP UDP (327) (emerging-rbn.rules) 2406654 - ET RBN Known Russian Business Network IP TCP (328) (emerging-rbn.rules) 2406655 - ET RBN Known Russian Business Network IP UDP (328) (emerging-rbn.rules) 2406656 - ET RBN Known Russian Business Network IP TCP (329) (emerging-rbn.rules) 2406657 - ET RBN Known Russian Business Network IP UDP (329) (emerging-rbn.rules) 2406658 - ET RBN Known Russian Business Network IP TCP (330) (emerging-rbn.rules) 2406659 - ET RBN Known Russian Business Network IP UDP (330) (emerging-rbn.rules) 2406660 - ET RBN Known Russian Business Network IP TCP (331) (emerging-rbn.rules) 2406661 - ET RBN Known Russian Business Network IP UDP (331) (emerging-rbn.rules) 2406662 - ET RBN Known Russian Business Network IP TCP (332) (emerging-rbn.rules) 2406663 - ET RBN Known Russian Business Network IP UDP (332) (emerging-rbn.rules) 2406664 - ET RBN Known Russian Business Network IP TCP (333) (emerging-rbn.rules) 2406665 - ET RBN Known Russian Business Network IP UDP (333) (emerging-rbn.rules) 2406666 - ET RBN Known Russian Business Network IP TCP (334) (emerging-rbn.rules) 2406667 - ET RBN Known Russian Business Network IP UDP (334) (emerging-rbn.rules) 2406668 - ET RBN Known Russian Business Network IP TCP (335) (emerging-rbn.rules) 2406669 - ET RBN Known Russian Business Network IP UDP (335) (emerging-rbn.rules) 2406670 - ET RBN Known Russian Business Network IP TCP (336) (emerging-rbn.rules) 2406671 - ET RBN Known Russian Business Network IP UDP (336) (emerging-rbn.rules) 2406672 - ET RBN Known Russian Business Network IP TCP (337) (emerging-rbn.rules) 2406673 - ET RBN Known Russian Business Network IP UDP (337) (emerging-rbn.rules) 2406674 - ET RBN Known Russian Business Network IP TCP (338) (emerging-rbn.rules) 2406675 - ET RBN Known Russian Business Network IP UDP (338) (emerging-rbn.rules) 2406676 - ET RBN Known Russian Business Network IP TCP (339) (emerging-rbn.rules) 2406677 - ET RBN Known Russian Business Network IP UDP (339) (emerging-rbn.rules) 2406678 - ET RBN Known Russian Business Network IP TCP (340) (emerging-rbn.rules) 2406679 - ET RBN Known Russian Business Network IP UDP (340) (emerging-rbn.rules) 2406680 - ET RBN Known Russian Business Network IP TCP (341) (emerging-rbn.rules) 2406681 - ET RBN Known Russian Business Network IP UDP (341) (emerging-rbn.rules) 2406682 - ET RBN Known Russian Business Network IP TCP (342) (emerging-rbn.rules) 2406683 - ET RBN Known Russian Business Network IP UDP (342) (emerging-rbn.rules) 2406684 - ET RBN Known Russian Business Network IP TCP (343) (emerging-rbn.rules) 2406685 - ET RBN Known Russian Business Network IP UDP (343) (emerging-rbn.rules) 2406686 - ET RBN Known Russian Business Network IP TCP (344) (emerging-rbn.rules) 2406687 - ET RBN Known Russian Business Network IP UDP (344) (emerging-rbn.rules) 2406688 - ET RBN Known Russian Business Network IP TCP (345) (emerging-rbn.rules) 2406689 - ET RBN Known Russian Business Network IP UDP (345) (emerging-rbn.rules) 2407620 - ET RBN Known Russian Business Network IP TCP - BLOCKING (311) (emerging-rbn-BLOCK.rules) 2407621 - ET RBN Known Russian Business Network IP UDP - BLOCKING (311) (emerging-rbn-BLOCK.rules) 2407622 - ET RBN Known Russian Business Network IP TCP - BLOCKING (312) (emerging-rbn-BLOCK.rules) 2407623 - ET RBN Known Russian Business Network IP UDP - BLOCKING (312) (emerging-rbn-BLOCK.rules) 2407624 - ET RBN Known Russian Business Network IP TCP - BLOCKING (313) (emerging-rbn-BLOCK.rules) 2407625 - ET RBN Known Russian Business Network IP UDP - BLOCKING (313) (emerging-rbn-BLOCK.rules) 2407626 - ET RBN Known Russian Business Network IP TCP - BLOCKING (314) (emerging-rbn-BLOCK.rules) 2407627 - ET RBN Known Russian Business Network IP UDP - BLOCKING (314) (emerging-rbn-BLOCK.rules) 2407628 - ET RBN Known Russian Business Network IP TCP - BLOCKING (315) (emerging-rbn-BLOCK.rules) 2407629 - ET RBN Known Russian Business Network IP UDP - BLOCKING (315) (emerging-rbn-BLOCK.rules) 2407630 - ET RBN Known Russian Business Network IP TCP - BLOCKING (316) (emerging-rbn-BLOCK.rules) 2407631 - ET RBN Known Russian Business Network IP UDP - BLOCKING (316) (emerging-rbn-BLOCK.rules) 2407632 - ET RBN Known Russian Business Network IP TCP - BLOCKING (317) (emerging-rbn-BLOCK.rules) 2407633 - ET RBN Known Russian Business Network IP UDP - BLOCKING (317) (emerging-rbn-BLOCK.rules) 2407634 - ET RBN Known Russian Business Network IP TCP - BLOCKING (318) (emerging-rbn-BLOCK.rules) 2407635 - ET RBN Known Russian Business Network IP UDP - BLOCKING (318) (emerging-rbn-BLOCK.rules) 2407636 - ET RBN Known Russian Business Network IP TCP - BLOCKING (319) (emerging-rbn-BLOCK.rules) 2407637 - ET RBN Known Russian Business Network IP UDP - BLOCKING (319) (emerging-rbn-BLOCK.rules) 2407638 - ET RBN Known Russian Business Network IP TCP - BLOCKING (320) (emerging-rbn-BLOCK.rules) 2407639 - ET RBN Known Russian Business Network IP UDP - BLOCKING (320) (emerging-rbn-BLOCK.rules) 2407640 - ET RBN Known Russian Business Network IP TCP - BLOCKING (321) (emerging-rbn-BLOCK.rules) 2407641 - ET RBN Known Russian Business Network IP UDP - BLOCKING (321) (emerging-rbn-BLOCK.rules) 2407642 - ET RBN Known Russian Business Network IP TCP - BLOCKING (322) (emerging-rbn-BLOCK.rules) 2407643 - ET RBN Known Russian Business Network IP UDP - BLOCKING (322) (emerging-rbn-BLOCK.rules) 2407644 - ET RBN Known Russian Business Network IP TCP - BLOCKING (323) (emerging-rbn-BLOCK.rules) 2407645 - ET RBN Known Russian Business Network IP UDP - BLOCKING (323) (emerging-rbn-BLOCK.rules) 2407646 - ET RBN Known Russian Business Network IP TCP - BLOCKING (324) (emerging-rbn-BLOCK.rules) 2407647 - ET RBN Known Russian Business Network IP UDP - BLOCKING (324) (emerging-rbn-BLOCK.rules) 2407648 - ET RBN Known Russian Business Network IP TCP - BLOCKING (325) (emerging-rbn-BLOCK.rules) 2407649 - ET RBN Known Russian Business Network IP UDP - BLOCKING (325) (emerging-rbn-BLOCK.rules) 2407650 - ET RBN Known Russian Business Network IP TCP - BLOCKING (326) (emerging-rbn-BLOCK.rules) 2407651 - ET RBN Known Russian Business Network IP UDP - BLOCKING (326) (emerging-rbn-BLOCK.rules) 2407652 - ET RBN Known Russian Business Network IP TCP - BLOCKING (327) (emerging-rbn-BLOCK.rules) 2407653 - ET RBN Known Russian Business Network IP UDP - BLOCKING (327) (emerging-rbn-BLOCK.rules) 2407654 - ET RBN Known Russian Business Network IP TCP - BLOCKING (328) (emerging-rbn-BLOCK.rules) 2407655 - ET RBN Known Russian Business Network IP UDP - BLOCKING (328) (emerging-rbn-BLOCK.rules) 2407656 - ET RBN Known Russian Business Network IP TCP - BLOCKING (329) (emerging-rbn-BLOCK.rules) 2407657 - ET RBN Known Russian Business Network IP UDP - BLOCKING (329) (emerging-rbn-BLOCK.rules) 2407658 - ET RBN Known Russian Business Network IP TCP - BLOCKING (330) (emerging-rbn-BLOCK.rules) 2407659 - ET RBN Known Russian Business Network IP UDP - BLOCKING (330) (emerging-rbn-BLOCK.rules) 2407660 - ET RBN Known Russian Business Network IP TCP - BLOCKING (331) (emerging-rbn-BLOCK.rules) 2407661 - ET RBN Known Russian Business Network IP UDP - BLOCKING (331) (emerging-rbn-BLOCK.rules) 2407662 - ET RBN Known Russian Business Network IP TCP - BLOCKING (332) (emerging-rbn-BLOCK.rules) 2407663 - ET RBN Known Russian Business Network IP UDP - BLOCKING (332) (emerging-rbn-BLOCK.rules) 2407664 - ET RBN Known Russian Business Network IP TCP - BLOCKING (333) (emerging-rbn-BLOCK.rules) 2407665 - ET RBN Known Russian Business Network IP UDP - BLOCKING (333) (emerging-rbn-BLOCK.rules) 2407666 - ET RBN Known Russian Business Network IP TCP - BLOCKING (334) (emerging-rbn-BLOCK.rules) 2407667 - ET RBN Known Russian Business Network IP UDP - BLOCKING (334) (emerging-rbn-BLOCK.rules) 2407668 - ET RBN Known Russian Business Network IP TCP - BLOCKING (335) (emerging-rbn-BLOCK.rules) 2407669 - ET RBN Known Russian Business Network IP UDP - BLOCKING (335) (emerging-rbn-BLOCK.rules) 2407670 - ET RBN Known Russian Business Network IP TCP - BLOCKING (336) (emerging-rbn-BLOCK.rules) 2407671 - ET RBN Known Russian Business Network IP UDP - BLOCKING (336) (emerging-rbn-BLOCK.rules) 2407672 - ET RBN Known Russian Business Network IP TCP - BLOCKING (337) (emerging-rbn-BLOCK.rules) 2407673 - ET RBN Known Russian Business Network IP UDP - BLOCKING (337) (emerging-rbn-BLOCK.rules) 2407674 - ET RBN Known Russian Business Network IP TCP - BLOCKING (338) (emerging-rbn-BLOCK.rules) 2407675 - ET RBN Known Russian Business Network IP UDP - BLOCKING (338) (emerging-rbn-BLOCK.rules) 2407676 - ET RBN Known Russian Business Network IP TCP - BLOCKING (339) (emerging-rbn-BLOCK.rules) 2407677 - ET RBN Known Russian Business Network IP UDP - BLOCKING (339) (emerging-rbn-BLOCK.rules) 2407678 - ET RBN Known Russian Business Network IP TCP - BLOCKING (340) (emerging-rbn-BLOCK.rules) 2407679 - ET RBN Known Russian Business Network IP UDP - BLOCKING (340) (emerging-rbn-BLOCK.rules) 2407680 - ET RBN Known Russian Business Network IP TCP - BLOCKING (341) (emerging-rbn-BLOCK.rules) 2407681 - ET RBN Known Russian Business Network IP UDP - BLOCKING (341) (emerging-rbn-BLOCK.rules) 2407682 - ET RBN Known Russian Business Network IP TCP - BLOCKING (342) (emerging-rbn-BLOCK.rules) 2407683 - ET RBN Known Russian Business Network IP UDP - BLOCKING (342) (emerging-rbn-BLOCK.rules) 2407684 - ET RBN Known Russian Business Network IP TCP - BLOCKING (343) (emerging-rbn-BLOCK.rules) 2407685 - ET RBN Known Russian Business Network IP UDP - BLOCKING (343) (emerging-rbn-BLOCK.rules) 2407686 - ET RBN Known Russian Business Network IP TCP - BLOCKING (344) (emerging-rbn-BLOCK.rules) 2407687 - ET RBN Known Russian Business Network IP UDP - BLOCKING (344) (emerging-rbn-BLOCK.rules) 2407688 - ET RBN Known Russian Business Network IP TCP - BLOCKING (345) (emerging-rbn-BLOCK.rules) 2407689 - ET RBN Known Russian Business Network IP UDP - BLOCKING (345) (emerging-rbn-BLOCK.rules) [///] Modified active rules: [///] 2406000 - ET RBN Known Russian Business Network IP TCP (1) (emerging-rbn.rules) 2406001 - ET RBN Known Russian Business Network IP UDP (1) (emerging-rbn.rules) 2406002 - ET RBN Known Russian Business Network IP TCP (2) (emerging-rbn.rules) 2406003 - ET RBN Known Russian Business Network IP UDP (2) (emerging-rbn.rules) 2406004 - ET RBN Known Russian Business Network IP TCP (3) (emerging-rbn.rules) 2406005 - ET RBN Known Russian Business Network IP UDP (3) (emerging-rbn.rules) 2406006 - ET RBN Known Russian Business Network IP TCP (4) (emerging-rbn.rules) 2406007 - ET RBN Known Russian Business Network IP UDP (4) (emerging-rbn.rules) 2406008 - ET RBN Known Russian Business Network IP TCP (5) (emerging-rbn.rules) 2406009 - ET RBN Known Russian Business Network IP UDP (5) (emerging-rbn.rules) 2406010 - ET RBN Known Russian Business Network IP TCP (6) (emerging-rbn.rules) 2406011 - ET RBN Known Russian Business Network IP UDP (6) (emerging-rbn.rules) 2406012 - ET RBN Known Russian Business Network IP TCP (7) (emerging-rbn.rules) 2406013 - ET RBN Known Russian Business Network IP UDP (7) (emerging-rbn.rules) 2406014 - ET RBN Known Russian Business Network IP TCP (8) (emerging-rbn.rules) 2406015 - ET RBN Known Russian Business Network IP UDP (8) (emerging-rbn.rules) 2406016 - ET RBN Known Russian Business Network IP TCP (9) (emerging-rbn.rules) 2406017 - ET RBN Known Russian Business Network IP UDP (9) (emerging-rbn.rules) 2406018 - ET RBN Known Russian Business Network IP TCP (10) (emerging-rbn.rules) 2406019 - ET RBN Known Russian Business Network IP UDP (10) (emerging-rbn.rules) 2406020 - ET RBN Known Russian Business Network IP TCP (11) (emerging-rbn.rules) 2406021 - ET RBN Known Russian Business Network IP UDP (11) (emerging-rbn.rules) 2406022 - ET RBN Known Russian Business Network IP TCP (12) (emerging-rbn.rules) 2406023 - ET RBN Known Russian Business Network IP UDP (12) (emerging-rbn.rules) 2406024 - ET RBN Known Russian Business Network IP TCP (13) (emerging-rbn.rules) 2406025 - ET RBN Known Russian Business Network IP UDP (13) (emerging-rbn.rules) 2406026 - ET RBN Known Russian Business Network IP TCP (14) (emerging-rbn.rules) 2406027 - ET RBN Known Russian Business Network IP UDP (14) (emerging-rbn.rules) 2406028 - ET RBN Known Russian Business Network IP TCP (15) (emerging-rbn.rules) 2406029 - ET RBN Known Russian Business Network IP UDP (15) (emerging-rbn.rules) 2406030 - ET RBN Known Russian Business Network IP TCP (16) (emerging-rbn.rules) 2406031 - ET RBN Known Russian Business Network IP UDP (16) (emerging-rbn.rules) 2406032 - ET RBN Known Russian Business Network IP TCP (17) (emerging-rbn.rules) 2406033 - ET RBN Known Russian Business Network IP UDP (17) (emerging-rbn.rules) 2406034 - ET RBN Known Russian Business Network IP TCP (18) (emerging-rbn.rules) 2406035 - ET RBN Known Russian Business Network IP UDP (18) (emerging-rbn.rules) 2406036 - ET RBN Known Russian Business Network IP TCP (19) (emerging-rbn.rules) 2406037 - ET RBN Known Russian Business Network IP UDP (19) (emerging-rbn.rules) 2406038 - ET RBN Known Russian Business Network IP TCP (20) (emerging-rbn.rules) 2406039 - ET RBN Known Russian Business Network IP UDP (20) (emerging-rbn.rules) 2406040 - ET RBN Known Russian Business Network IP TCP (21) (emerging-rbn.rules) 2406041 - ET RBN Known Russian Business Network IP UDP (21) (emerging-rbn.rules) 2406042 - ET RBN Known Russian Business Network IP TCP (22) (emerging-rbn.rules) 2406043 - ET RBN Known Russian Business Network IP UDP (22) (emerging-rbn.rules) 2406044 - ET RBN Known Russian Business Network IP TCP (23) (emerging-rbn.rules) 2406045 - ET RBN Known Russian Business Network IP UDP (23) (emerging-rbn.rules) 2406046 - ET RBN Known Russian Business Network IP TCP (24) (emerging-rbn.rules) 2406047 - ET RBN Known Russian Business Network IP UDP (24) (emerging-rbn.rules) 2406048 - ET RBN Known Russian Business Network IP TCP (25) (emerging-rbn.rules) 2406049 - ET RBN Known Russian Business Network IP UDP (25) (emerging-rbn.rules) 2406050 - ET RBN Known Russian Business Network IP TCP (26) (emerging-rbn.rules) 2406051 - ET RBN Known Russian Business Network IP UDP (26) (emerging-rbn.rules) 2406052 - ET RBN Known Russian Business Network IP TCP (27) (emerging-rbn.rules) 2406053 - ET RBN Known Russian Business Network IP UDP (27) (emerging-rbn.rules) 2406054 - ET RBN Known Russian Business Network IP TCP (28) (emerging-rbn.rules) 2406055 - ET RBN Known Russian Business Network IP UDP (28) (emerging-rbn.rules) 2406056 - ET RBN Known Russian Business Network IP TCP (29) (emerging-rbn.rules) 2406057 - ET RBN Known Russian Business Network IP UDP (29) (emerging-rbn.rules) 2406058 - ET RBN Known Russian Business Network IP TCP (30) (emerging-rbn.rules) 2406059 - ET RBN Known Russian Business Network IP UDP (30) (emerging-rbn.rules) 2406060 - ET RBN Known Russian Business Network IP TCP (31) (emerging-rbn.rules) 2406061 - ET RBN Known Russian Business Network IP UDP (31) (emerging-rbn.rules) 2406062 - ET RBN Known Russian Business Network IP TCP (32) (emerging-rbn.rules) 2406063 - ET RBN Known Russian Business Network IP UDP (32) (emerging-rbn.rules) 2406064 - ET RBN Known Russian Business Network IP TCP (33) (emerging-rbn.rules) 2406065 - ET RBN Known Russian Business Network IP UDP (33) (emerging-rbn.rules) 2406066 - ET RBN Known Russian Business Network IP TCP (34) (emerging-rbn.rules) 2406067 - ET RBN Known Russian Business Network IP UDP (34) (emerging-rbn.rules) 2406068 - ET RBN Known Russian Business Network IP TCP (35) (emerging-rbn.rules) 2406069 - ET RBN Known Russian Business Network IP UDP (35) (emerging-rbn.rules) 2406070 - ET RBN Known Russian Business Network IP TCP (36) (emerging-rbn.rules) 2406071 - ET RBN Known Russian Business Network IP UDP (36) (emerging-rbn.rules) 2406072 - ET RBN Known Russian Business Network IP TCP (37) (emerging-rbn.rules) 2406073 - ET RBN Known Russian Business Network IP UDP (37) (emerging-rbn.rules) 2406074 - ET RBN Known Russian Business Network IP TCP (38) (emerging-rbn.rules) 2406075 - ET RBN Known Russian Business Network IP UDP (38) (emerging-rbn.rules) 2406076 - ET RBN Known Russian Business Network IP TCP (39) (emerging-rbn.rules) 2406077 - ET RBN Known Russian Business Network IP UDP (39) (emerging-rbn.rules) 2406078 - ET RBN Known Russian Business Network IP TCP (40) (emerging-rbn.rules) 2406079 - ET RBN Known Russian Business Network IP UDP (40) (emerging-rbn.rules) 2406080 - ET RBN Known Russian Business Network IP TCP (41) (emerging-rbn.rules) 2406081 - ET RBN Known Russian Business Network IP UDP (41) (emerging-rbn.rules) 2406082 - ET RBN Known Russian Business Network IP TCP (42) (emerging-rbn.rules) 2406083 - ET RBN Known Russian Business Network IP UDP (42) (emerging-rbn.rules) 2406084 - ET RBN Known Russian Business Network IP TCP (43) (emerging-rbn.rules) 2406085 - ET RBN Known Russian Business Network IP UDP (43) (emerging-rbn.rules) 2406086 - ET RBN Known Russian Business Network IP TCP (44) (emerging-rbn.rules) 2406087 - ET RBN Known Russian Business Network IP UDP (44) (emerging-rbn.rules) 2406088 - ET RBN Known Russian Business Network IP TCP (45) (emerging-rbn.rules) 2406089 - ET RBN Known Russian Business Network IP UDP (45) (emerging-rbn.rules) 2406090 - ET RBN Known Russian Business Network IP TCP (46) (emerging-rbn.rules) 2406091 - ET RBN Known Russian Business Network IP UDP (46) (emerging-rbn.rules) 2406092 - ET RBN Known Russian Business Network IP TCP (47) (emerging-rbn.rules) 2406093 - ET RBN Known Russian Business Network IP UDP (47) (emerging-rbn.rules) 2406094 - ET RBN Known Russian Business Network IP TCP (48) (emerging-rbn.rules) 2406095 - ET RBN Known Russian Business Network IP UDP (48) (emerging-rbn.rules) 2406096 - ET RBN Known Russian Business Network IP TCP (49) (emerging-rbn.rules) 2406097 - ET RBN Known Russian Business Network IP UDP (49) (emerging-rbn.rules) 2406098 - ET RBN Known Russian Business Network IP TCP (50) (emerging-rbn.rules) 2406099 - ET RBN Known Russian Business Network IP UDP (50) (emerging-rbn.rules) 2406100 - ET RBN Known Russian Business Network IP TCP (51) (emerging-rbn.rules) 2406101 - ET RBN Known Russian Business Network IP UDP (51) (emerging-rbn.rules) 2406102 - ET RBN Known Russian Business Network IP TCP (52) (emerging-rbn.rules) 2406103 - ET RBN Known Russian Business Network IP UDP (52) (emerging-rbn.rules) 2406104 - ET RBN Known Russian Business Network IP TCP (53) (emerging-rbn.rules) 2406105 - ET RBN Known Russian Business Network IP UDP (53) (emerging-rbn.rules) 2406106 - ET RBN Known Russian Business Network IP TCP (54) (emerging-rbn.rules) 2406107 - ET RBN Known Russian Business Network IP UDP (54) (emerging-rbn.rules) 2406108 - ET RBN Known Russian Business Network IP TCP (55) (emerging-rbn.rules) 2406109 - ET RBN Known Russian Business Network IP UDP (55) (emerging-rbn.rules) 2406110 - ET RBN Known Russian Business Network IP TCP (56) (emerging-rbn.rules) 2406111 - ET RBN Known Russian Business Network IP UDP (56) (emerging-rbn.rules) 2406112 - ET RBN Known Russian Business Network IP TCP (57) (emerging-rbn.rules) 2406113 - ET RBN Known Russian Business Network IP UDP (57) (emerging-rbn.rules) 2406114 - ET RBN Known Russian Business Network IP TCP (58) (emerging-rbn.rules) 2406115 - ET RBN Known Russian Business Network IP UDP (58) (emerging-rbn.rules) 2406116 - ET RBN Known Russian Business Network IP TCP (59) (emerging-rbn.rules) 2406117 - ET RBN Known Russian Business Network IP UDP (59) (emerging-rbn.rules) 2406118 - ET RBN Known Russian Business Network IP TCP (60) (emerging-rbn.rules) 2406119 - ET RBN Known Russian Business Network IP UDP (60) (emerging-rbn.rules) 2406120 - ET RBN Known Russian Business Network IP TCP (61) (emerging-rbn.rules) 2406121 - ET RBN Known Russian Business Network IP UDP (61) (emerging-rbn.rules) 2406122 - ET RBN Known Russian Business Network IP TCP (62) (emerging-rbn.rules) 2406123 - ET RBN Known Russian Business Network IP UDP (62) (emerging-rbn.rules) 2406124 - ET RBN Known Russian Business Network IP TCP (63) (emerging-rbn.rules) 2406125 - ET RBN Known Russian Business Network IP UDP (63) (emerging-rbn.rules) 2406126 - ET RBN Known Russian Business Network IP TCP (64) (emerging-rbn.rules) 2406127 - ET RBN Known Russian Business Network IP UDP (64) (emerging-rbn.rules) 2406128 - ET RBN Known Russian Business Network IP TCP (65) (emerging-rbn.rules) 2406129 - ET RBN Known Russian Business Network IP UDP (65) (emerging-rbn.rules) 2406130 - ET RBN Known Russian Business Network IP TCP (66) (emerging-rbn.rules) 2406131 - ET RBN Known Russian Business Network IP UDP (66) (emerging-rbn.rules) 2406132 - ET RBN Known Russian Business Network IP TCP (67) (emerging-rbn.rules) 2406133 - ET RBN Known Russian Business Network IP UDP (67) (emerging-rbn.rules) 2406134 - ET RBN Known Russian Business Network IP TCP (68) (emerging-rbn.rules) 2406135 - ET RBN Known Russian Business Network IP UDP (68) (emerging-rbn.rules) 2406136 - ET RBN Known Russian Business Network IP TCP (69) (emerging-rbn.rules) 2406137 - ET RBN Known Russian Business Network IP UDP (69) (emerging-rbn.rules) 2406138 - ET RBN Known Russian Business Network IP TCP (70) (emerging-rbn.rules) 2406139 - ET RBN Known Russian Business Network IP UDP (70) (emerging-rbn.rules) 2406140 - ET RBN Known Russian Business Network IP TCP (71) (emerging-rbn.rules) 2406141 - ET RBN Known Russian Business Network IP UDP (71) (emerging-rbn.rules) 2406142 - ET RBN Known Russian Business Network IP TCP (72) (emerging-rbn.rules) 2406143 - ET RBN Known Russian Business Network IP UDP (72) (emerging-rbn.rules) 2406144 - ET RBN Known Russian Business Network IP TCP (73) (emerging-rbn.rules) 2406145 - ET RBN Known Russian Business Network IP UDP (73) (emerging-rbn.rules) 2406146 - ET RBN Known Russian Business Network IP TCP (74) (emerging-rbn.rules) 2406147 - ET RBN Known Russian Business Network IP UDP (74) (emerging-rbn.rules) 2406148 - ET RBN Known Russian Business Network IP TCP (75) (emerging-rbn.rules) 2406149 - ET RBN Known Russian Business Network IP UDP (75) (emerging-rbn.rules) 2406150 - ET RBN Known Russian Business Network IP TCP (76) (emerging-rbn.rules) 2406151 - ET RBN Known Russian Business Network IP UDP (76) (emerging-rbn.rules) 2406152 - ET RBN Known Russian Business Network IP TCP (77) (emerging-rbn.rules) 2406153 - ET RBN Known Russian Business Network IP UDP (77) (emerging-rbn.rules) 2406154 - ET RBN Known Russian Business Network IP TCP (78) (emerging-rbn.rules) 2406155 - ET RBN Known Russian Business Network IP UDP (78) (emerging-rbn.rules) 2406156 - ET RBN Known Russian Business Network IP TCP (79) (emerging-rbn.rules) 2406157 - ET RBN Known Russian Business Network IP UDP (79) (emerging-rbn.rules) 2406158 - ET RBN Known Russian Business Network IP TCP (80) (emerging-rbn.rules) 2406159 - ET RBN Known Russian Business Network IP UDP (80) (emerging-rbn.rules) 2406160 - ET RBN Known Russian Business Network IP TCP (81) (emerging-rbn.rules) 2406161 - ET RBN Known Russian Business Network IP UDP (81) (emerging-rbn.rules) 2406162 - ET RBN Known Russian Business Network IP TCP (82) (emerging-rbn.rules) 2406163 - ET RBN Known Russian Business Network IP UDP (82) (emerging-rbn.rules) 2406164 - ET RBN Known Russian Business Network IP TCP (83) (emerging-rbn.rules) 2406165 - ET RBN Known Russian Business Network IP UDP (83) (emerging-rbn.rules) 2406166 - ET RBN Known Russian Business Network IP TCP (84) (emerging-rbn.rules) 2406167 - ET RBN Known Russian Business Network IP UDP (84) (emerging-rbn.rules) 2406168 - ET RBN Known Russian Business Network IP TCP (85) (emerging-rbn.rules) 2406169 - ET RBN Known Russian Business Network IP UDP (85) (emerging-rbn.rules) 2406170 - ET RBN Known Russian Business Network IP TCP (86) (emerging-rbn.rules) 2406171 - ET RBN Known Russian Business Network IP UDP (86) (emerging-rbn.rules) 2406172 - ET RBN Known Russian Business Network IP TCP (87) (emerging-rbn.rules) 2406173 - ET RBN Known Russian Business Network IP UDP (87) (emerging-rbn.rules) 2406174 - ET RBN Known Russian Business Network IP TCP (88) (emerging-rbn.rules) 2406175 - ET RBN Known Russian Business Network IP UDP (88) (emerging-rbn.rules) 2406176 - ET RBN Known Russian Business Network IP TCP (89) (emerging-rbn.rules) 2406177 - ET RBN Known Russian Business Network IP UDP (89) (emerging-rbn.rules) 2406178 - ET RBN Known Russian Business Network IP TCP (90) (emerging-rbn.rules) 2406179 - ET RBN Known Russian Business Network IP UDP (90) (emerging-rbn.rules) 2406180 - ET RBN Known Russian Business Network IP TCP (91) (emerging-rbn.rules) 2406181 - ET RBN Known Russian Business Network IP UDP (91) (emerging-rbn.rules) 2406182 - ET RBN Known Russian Business Network IP TCP (92) (emerging-rbn.rules) 2406183 - ET RBN Known Russian Business Network IP UDP (92) (emerging-rbn.rules) 2406184 - ET RBN Known Russian Business Network IP TCP (93) (emerging-rbn.rules) 2406185 - ET RBN Known Russian Business Network IP UDP (93) (emerging-rbn.rules) 2406186 - ET RBN Known Russian Business Network IP TCP (94) (emerging-rbn.rules) 2406187 - ET RBN Known Russian Business Network IP UDP (94) (emerging-rbn.rules) 2406188 - ET RBN Known Russian Business Network IP TCP (95) (emerging-rbn.rules) 2406189 - ET RBN Known Russian Business Network IP UDP (95) (emerging-rbn.rules) 2406190 - ET RBN Known Russian Business Network IP TCP (96) (emerging-rbn.rules) 2406191 - ET RBN Known Russian Business Network IP UDP (96) (emerging-rbn.rules) 2406192 - ET RBN Known Russian Business Network IP TCP (97) (emerging-rbn.rules) 2406193 - ET RBN Known Russian Business Network IP UDP (97) (emerging-rbn.rules) 2406194 - ET RBN Known Russian Business Network IP TCP (98) (emerging-rbn.rules) 2406195 - ET RBN Known Russian Business Network IP UDP (98) (emerging-rbn.rules) 2406196 - ET RBN Known Russian Business Network IP TCP (99) (emerging-rbn.rules) 2406197 - ET RBN Known Russian Business Network IP UDP (99) (emerging-rbn.rules) 2406198 - ET RBN Known Russian Business Network IP TCP (100) (emerging-rbn.rules) 2406199 - ET RBN Known Russian Business Network IP UDP (100) (emerging-rbn.rules) 2406200 - ET RBN Known Russian Business Network IP TCP (101) (emerging-rbn.rules) 2406201 - ET RBN Known Russian Business Network IP UDP (101) (emerging-rbn.rules) 2406202 - ET RBN Known Russian Business Network IP TCP (102) (emerging-rbn.rules) 2406203 - ET RBN Known Russian Business Network IP UDP (102) (emerging-rbn.rules) 2406204 - ET RBN Known Russian Business Network IP TCP (103) (emerging-rbn.rules) 2406205 - ET RBN Known Russian Business Network IP UDP (103) (emerging-rbn.rules) 2406206 - ET RBN Known Russian Business Network IP TCP (104) (emerging-rbn.rules) 2406207 - ET RBN Known Russian Business Network IP UDP (104) (emerging-rbn.rules) 2406208 - ET RBN Known Russian Business Network IP TCP (105) (emerging-rbn.rules) 2406209 - ET RBN Known Russian Business Network IP UDP (105) (emerging-rbn.rules) 2406210 - ET RBN Known Russian Business Network IP TCP (106) (emerging-rbn.rules) 2406211 - ET RBN Known Russian Business Network IP UDP (106) (emerging-rbn.rules) 2406212 - ET RBN Known Russian Business Network IP TCP (107) (emerging-rbn.rules) 2406213 - ET RBN Known Russian Business Network IP UDP (107) (emerging-rbn.rules) 2406214 - ET RBN Known Russian Business Network IP TCP (108) (emerging-rbn.rules) 2406215 - ET RBN Known Russian Business Network IP UDP (108) (emerging-rbn.rules) 2406216 - ET RBN Known Russian Business Network IP TCP (109) (emerging-rbn.rules) 2406217 - ET RBN Known Russian Business Network IP UDP (109) (emerging-rbn.rules) 2406218 - ET RBN Known Russian Business Network IP TCP (110) (emerging-rbn.rules) 2406219 - ET RBN Known Russian Business Network IP UDP (110) (emerging-rbn.rules) 2406220 - ET RBN Known Russian Business Network IP TCP (111) (emerging-rbn.rules) 2406221 - ET RBN Known Russian Business Network IP UDP (111) (emerging-rbn.rules) 2406222 - ET RBN Known Russian Business Network IP TCP (112) (emerging-rbn.rules) 2406223 - ET RBN Known Russian Business Network IP UDP (112) (emerging-rbn.rules) 2406224 - ET RBN Known Russian Business Network IP TCP (113) (emerging-rbn.rules) 2406225 - ET RBN Known Russian Business Network IP UDP (113) (emerging-rbn.rules) 2406226 - ET RBN Known Russian Business Network IP TCP (114) (emerging-rbn.rules) 2406227 - ET RBN Known Russian Business Network IP UDP (114) (emerging-rbn.rules) 2406228 - ET RBN Known Russian Business Network IP TCP (115) (emerging-rbn.rules) 2406229 - ET RBN Known Russian Business Network IP UDP (115) (emerging-rbn.rules) 2406230 - ET RBN Known Russian Business Network IP TCP (116) (emerging-rbn.rules) 2406231 - ET RBN Known Russian Business Network IP UDP (116) (emerging-rbn.rules) 2406232 - ET RBN Known Russian Business Network IP TCP (117) (emerging-rbn.rules) 2406233 - ET RBN Known Russian Business Network IP UDP (117) (emerging-rbn.rules) 2406234 - ET RBN Known Russian Business Network IP TCP (118) (emerging-rbn.rules) 2406235 - ET RBN Known Russian Business Network IP UDP (118) (emerging-rbn.rules) 2406236 - ET RBN Known Russian Business Network IP TCP (119) (emerging-rbn.rules) 2406237 - ET RBN Known Russian Business Network IP UDP (119) (emerging-rbn.rules) 2406238 - ET RBN Known Russian Business Network IP TCP (120) (emerging-rbn.rules) 2406239 - ET RBN Known Russian Business Network IP UDP (120) (emerging-rbn.rules) 2406240 - ET RBN Known Russian Business Network IP TCP (121) (emerging-rbn.rules) 2406241 - ET RBN Known Russian Business Network IP UDP (121) (emerging-rbn.rules) 2406242 - ET RBN Known Russian Business Network IP TCP (122) (emerging-rbn.rules) 2406243 - ET RBN Known Russian Business Network IP UDP (122) (emerging-rbn.rules) 2406244 - ET RBN Known Russian Business Network IP TCP (123) (emerging-rbn.rules) 2406245 - ET RBN Known Russian Business Network IP UDP (123) (emerging-rbn.rules) 2406246 - ET RBN Known Russian Business Network IP TCP (124) (emerging-rbn.rules) 2406247 - ET RBN Known Russian Business Network IP UDP (124) (emerging-rbn.rules) 2406248 - ET RBN Known Russian Business Network IP TCP (125) (emerging-rbn.rules) 2406249 - ET RBN Known Russian Business Network IP UDP (125) (emerging-rbn.rules) 2406250 - ET RBN Known Russian Business Network IP TCP (126) (emerging-rbn.rules) 2406251 - ET RBN Known Russian Business Network IP UDP (126) (emerging-rbn.rules) 2406252 - ET RBN Known Russian Business Network IP TCP (127) (emerging-rbn.rules) 2406253 - ET RBN Known Russian Business Network IP UDP (127) (emerging-rbn.rules) 2406254 - ET RBN Known Russian Business Network IP TCP (128) (emerging-rbn.rules) 2406255 - ET RBN Known Russian Business Network IP UDP (128) (emerging-rbn.rules) 2406256 - ET RBN Known Russian Business Network IP TCP (129) (emerging-rbn.rules) 2406257 - ET RBN Known Russian Business Network IP UDP (129) (emerging-rbn.rules) 2406258 - ET RBN Known Russian Business Network IP TCP (130) (emerging-rbn.rules) 2406259 - ET RBN Known Russian Business Network IP UDP (130) (emerging-rbn.rules) 2406260 - ET RBN Known Russian Business Network IP TCP (131) (emerging-rbn.rules) 2406261 - ET RBN Known Russian Business Network IP UDP (131) (emerging-rbn.rules) 2406262 - ET RBN Known Russian Business Network IP TCP (132) (emerging-rbn.rules) 2406263 - ET RBN Known Russian Business Network IP UDP (132) (emerging-rbn.rules) 2406264 - ET RBN Known Russian Business Network IP TCP (133) (emerging-rbn.rules) 2406265 - ET RBN Known Russian Business Network IP UDP (133) (emerging-rbn.rules) 2406266 - ET RBN Known Russian Business Network IP TCP (134) (emerging-rbn.rules) 2406267 - ET RBN Known Russian Business Network IP UDP (134) (emerging-rbn.rules) 2406268 - ET RBN Known Russian Business Network IP TCP (135) (emerging-rbn.rules) 2406269 - ET RBN Known Russian Business Network IP UDP (135) (emerging-rbn.rules) 2406270 - ET RBN Known Russian Business Network IP TCP (136) (emerging-rbn.rules) 2406271 - ET RBN Known Russian Business Network IP UDP (136) (emerging-rbn.rules) 2406272 - ET RBN Known Russian Business Network IP TCP (137) (emerging-rbn.rules) 2406273 - ET RBN Known Russian Business Network IP UDP (137) (emerging-rbn.rules) 2406274 - ET RBN Known Russian Business Network IP TCP (138) (emerging-rbn.rules) 2406275 - ET RBN Known Russian Business Network IP UDP (138) (emerging-rbn.rules) 2406276 - ET RBN Known Russian Business Network IP TCP (139) (emerging-rbn.rules) 2406277 - ET RBN Known Russian Business Network IP UDP (139) (emerging-rbn.rules) 2406278 - ET RBN Known Russian Business Network IP TCP (140) (emerging-rbn.rules) 2406279 - ET RBN Known Russian Business Network IP UDP (140) (emerging-rbn.rules) 2406280 - ET RBN Known Russian Business Network IP TCP (141) (emerging-rbn.rules) 2406281 - ET RBN Known Russian Business Network IP UDP (141) (emerging-rbn.rules) 2406282 - ET RBN Known Russian Business Network IP TCP (142) (emerging-rbn.rules) 2406283 - ET RBN Known Russian Business Network IP UDP (142) (emerging-rbn.rules) 2406284 - ET RBN Known Russian Business Network IP TCP (143) (emerging-rbn.rules) 2406285 - ET RBN Known Russian Business Network IP UDP (143) (emerging-rbn.rules) 2406286 - ET RBN Known Russian Business Network IP TCP (144) (emerging-rbn.rules) 2406287 - ET RBN Known Russian Business Network IP UDP (144) (emerging-rbn.rules) 2406288 - ET RBN Known Russian Business Network IP TCP (145) (emerging-rbn.rules) 2406289 - ET RBN Known Russian Business Network IP UDP (145) (emerging-rbn.rules) 2406290 - ET RBN Known Russian Business Network IP TCP (146) (emerging-rbn.rules) 2406291 - ET RBN Known Russian Business Network IP UDP (146) (emerging-rbn.rules) 2406292 - ET RBN Known Russian Business Network IP TCP (147) (emerging-rbn.rules) 2406293 - ET RBN Known Russian Business Network IP UDP (147) (emerging-rbn.rules) 2406294 - ET RBN Known Russian Business Network IP TCP (148) (emerging-rbn.rules) 2406295 - ET RBN Known Russian Business Network IP UDP (148) (emerging-rbn.rules) 2406296 - ET RBN Known Russian Business Network IP TCP (149) (emerging-rbn.rules) 2406297 - ET RBN Known Russian Business Network IP UDP (149) (emerging-rbn.rules) 2406298 - ET RBN Known Russian Business Network IP TCP (150) (emerging-rbn.rules) 2406299 - ET RBN Known Russian Business Network IP UDP (150) (emerging-rbn.rules) 2406300 - ET RBN Known Russian Business Network IP TCP (151) (emerging-rbn.rules) 2406301 - ET RBN Known Russian Business Network IP UDP (151) (emerging-rbn.rules) 2406302 - ET RBN Known Russian Business Network IP TCP (152) (emerging-rbn.rules) 2406303 - ET RBN Known Russian Business Network IP UDP (152) (emerging-rbn.rules) 2406304 - ET RBN Known Russian Business Network IP TCP (153) (emerging-rbn.rules) 2406305 - ET RBN Known Russian Business Network IP UDP (153) (emerging-rbn.rules) 2406306 - ET RBN Known Russian Business Network IP TCP (154) (emerging-rbn.rules) 2406307 - ET RBN Known Russian Business Network IP UDP (154) (emerging-rbn.rules) 2406308 - ET RBN Known Russian Business Network IP TCP (155) (emerging-rbn.rules) 2406309 - ET RBN Known Russian Business Network IP UDP (155) (emerging-rbn.rules) 2406310 - ET RBN Known Russian Business Network IP TCP (156) (emerging-rbn.rules) 2406311 - ET RBN Known Russian Business Network IP UDP (156) (emerging-rbn.rules) 2406312 - ET RBN Known Russian Business Network IP TCP (157) (emerging-rbn.rules) 2406313 - ET RBN Known Russian Business Network IP UDP (157) (emerging-rbn.rules) 2406314 - ET RBN Known Russian Business Network IP TCP (158) (emerging-rbn.rules) 2406315 - ET RBN Known Russian Business Network IP UDP (158) (emerging-rbn.rules) 2406316 - ET RBN Known Russian Business Network IP TCP (159) (emerging-rbn.rules) 2406317 - ET RBN Known Russian Business Network IP UDP (159) (emerging-rbn.rules) 2406318 - ET RBN Known Russian Business Network IP TCP (160) (emerging-rbn.rules) 2406319 - ET RBN Known Russian Business Network IP UDP (160) (emerging-rbn.rules) 2406320 - ET RBN Known Russian Business Network IP TCP (161) (emerging-rbn.rules) 2406321 - ET RBN Known Russian Business Network IP UDP (161) (emerging-rbn.rules) 2406322 - ET RBN Known Russian Business Network IP TCP (162) (emerging-rbn.rules) 2406323 - ET RBN Known Russian Business Network IP UDP (162) (emerging-rbn.rules) 2406324 - ET RBN Known Russian Business Network IP TCP (163) (emerging-rbn.rules) 2406325 - ET RBN Known Russian Business Network IP UDP (163) (emerging-rbn.rules) 2406326 - ET RBN Known Russian Business Network IP TCP (164) (emerging-rbn.rules) 2406327 - ET RBN Known Russian Business Network IP UDP (164) (emerging-rbn.rules) 2406328 - ET RBN Known Russian Business Network IP TCP (165) (emerging-rbn.rules) 2406329 - ET RBN Known Russian Business Network IP UDP (165) (emerging-rbn.rules) 2406330 - ET RBN Known Russian Business Network IP TCP (166) (emerging-rbn.rules) 2406331 - ET RBN Known Russian Business Network IP UDP (166) (emerging-rbn.rules) 2406332 - ET RBN Known Russian Business Network IP TCP (167) (emerging-rbn.rules) 2406333 - ET RBN Known Russian Business Network IP UDP (167) (emerging-rbn.rules) 2406334 - ET RBN Known Russian Business Network IP TCP (168) (emerging-rbn.rules) 2406335 - ET RBN Known Russian Business Network IP UDP (168) (emerging-rbn.rules) 2406336 - ET RBN Known Russian Business Network IP TCP (169) (emerging-rbn.rules) 2406337 - ET RBN Known Russian Business Network IP UDP (169) (emerging-rbn.rules) 2406338 - ET RBN Known Russian Business Network IP TCP (170) (emerging-rbn.rules) 2406339 - ET RBN Known Russian Business Network IP UDP (170) (emerging-rbn.rules) 2406340 - ET RBN Known Russian Business Network IP TCP (171) (emerging-rbn.rules) 2406341 - ET RBN Known Russian Business Network IP UDP (171) (emerging-rbn.rules) 2406342 - ET RBN Known Russian Business Network IP TCP (172) (emerging-rbn.rules) 2406343 - ET RBN Known Russian Business Network IP UDP (172) (emerging-rbn.rules) 2406344 - ET RBN Known Russian Business Network IP TCP (173) (emerging-rbn.rules) 2406345 - ET RBN Known Russian Business Network IP UDP (173) (emerging-rbn.rules) 2406346 - ET RBN Known Russian Business Network IP TCP (174) (emerging-rbn.rules) 2406347 - ET RBN Known Russian Business Network IP UDP (174) (emerging-rbn.rules) 2406348 - ET RBN Known Russian Business Network IP TCP (175) (emerging-rbn.rules) 2406349 - ET RBN Known Russian Business Network IP UDP (175) (emerging-rbn.rules) 2406350 - ET RBN Known Russian Business Network IP TCP (176) (emerging-rbn.rules) 2406351 - ET RBN Known Russian Business Network IP UDP (176) (emerging-rbn.rules) 2406352 - ET RBN Known Russian Business Network IP TCP (177) (emerging-rbn.rules) 2406353 - ET RBN Known Russian Business Network IP UDP (177) (emerging-rbn.rules) 2406354 - ET RBN Known Russian Business Network IP TCP (178) (emerging-rbn.rules) 2406355 - ET RBN Known Russian Business Network IP UDP (178) (emerging-rbn.rules) 2406356 - ET RBN Known Russian Business Network IP TCP (179) (emerging-rbn.rules) 2406357 - ET RBN Known Russian Business Network IP UDP (179) (emerging-rbn.rules) 2406358 - ET RBN Known Russian Business Network IP TCP (180) (emerging-rbn.rules) 2406359 - ET RBN Known Russian Business Network IP UDP (180) (emerging-rbn.rules) 2406360 - ET RBN Known Russian Business Network IP TCP (181) (emerging-rbn.rules) 2406361 - ET RBN Known Russian Business Network IP UDP (181) (emerging-rbn.rules) 2406362 - ET RBN Known Russian Business Network IP TCP (182) (emerging-rbn.rules) 2406363 - ET RBN Known Russian Business Network IP UDP (182) (emerging-rbn.rules) 2406364 - ET RBN Known Russian Business Network IP TCP (183) (emerging-rbn.rules) 2406365 - ET RBN Known Russian Business Network IP UDP (183) (emerging-rbn.rules) 2406366 - ET RBN Known Russian Business Network IP TCP (184) (emerging-rbn.rules) 2406367 - ET RBN Known Russian Business Network IP UDP (184) (emerging-rbn.rules) 2406368 - ET RBN Known Russian Business Network IP TCP (185) (emerging-rbn.rules) 2406369 - ET RBN Known Russian Business Network IP UDP (185) (emerging-rbn.rules) 2406370 - ET RBN Known Russian Business Network IP TCP (186) (emerging-rbn.rules) 2406371 - ET RBN Known Russian Business Network IP UDP (186) (emerging-rbn.rules) 2406372 - ET RBN Known Russian Business Network IP TCP (187) (emerging-rbn.rules) 2406373 - ET RBN Known Russian Business Network IP UDP (187) (emerging-rbn.rules) 2406374 - ET RBN Known Russian Business Network IP TCP (188) (emerging-rbn.rules) 2406375 - ET RBN Known Russian Business Network IP UDP (188) (emerging-rbn.rules) 2406376 - ET RBN Known Russian Business Network IP TCP (189) (emerging-rbn.rules) 2406377 - ET RBN Known Russian Business Network IP UDP (189) (emerging-rbn.rules) 2406378 - ET RBN Known Russian Business Network IP TCP (190) (emerging-rbn.rules) 2406379 - ET RBN Known Russian Business Network IP UDP (190) (emerging-rbn.rules) 2406380 - ET RBN Known Russian Business Network IP TCP (191) (emerging-rbn.rules) 2406381 - ET RBN Known Russian Business Network IP UDP (191) (emerging-rbn.rules) 2406382 - ET RBN Known Russian Business Network IP TCP (192) (emerging-rbn.rules) 2406383 - ET RBN Known Russian Business Network IP UDP (192) (emerging-rbn.rules) 2406384 - ET RBN Known Russian Business Network IP TCP (193) (emerging-rbn.rules) 2406385 - ET RBN Known Russian Business Network IP UDP (193) (emerging-rbn.rules) 2406386 - ET RBN Known Russian Business Network IP TCP (194) (emerging-rbn.rules) 2406387 - ET RBN Known Russian Business Network IP UDP (194) (emerging-rbn.rules) 2406388 - ET RBN Known Russian Business Network IP TCP (195) (emerging-rbn.rules) 2406389 - ET RBN Known Russian Business Network IP UDP (195) (emerging-rbn.rules) 2406390 - ET RBN Known Russian Business Network IP TCP (196) (emerging-rbn.rules) 2406391 - ET RBN Known Russian Business Network IP UDP (196) (emerging-rbn.rules) 2406392 - ET RBN Known Russian Business Network IP TCP (197) (emerging-rbn.rules) 2406393 - ET RBN Known Russian Business Network IP UDP (197) (emerging-rbn.rules) 2406394 - ET RBN Known Russian Business Network IP TCP (198) (emerging-rbn.rules) 2406395 - ET RBN Known Russian Business Network IP UDP (198) (emerging-rbn.rules) 2406396 - ET RBN Known Russian Business Network IP TCP (199) (emerging-rbn.rules) 2406397 - ET RBN Known Russian Business Network IP UDP (199) (emerging-rbn.rules) 2406398 - ET RBN Known Russian Business Network IP TCP (200) (emerging-rbn.rules) 2406399 - ET RBN Known Russian Business Network IP UDP (200) (emerging-rbn.rules) 2406400 - ET RBN Known Russian Business Network IP TCP (201) (emerging-rbn.rules) 2406401 - ET RBN Known Russian Business Network IP UDP (201) (emerging-rbn.rules) 2406402 - ET RBN Known Russian Business Network IP TCP (202) (emerging-rbn.rules) 2406403 - ET RBN Known Russian Business Network IP UDP (202) (emerging-rbn.rules) 2406404 - ET RBN Known Russian Business Network IP TCP (203) (emerging-rbn.rules) 2406405 - ET RBN Known Russian Business Network IP UDP (203) (emerging-rbn.rules) 2406406 - ET RBN Known Russian Business Network IP TCP (204) (emerging-rbn.rules) 2406407 - ET RBN Known Russian Business Network IP UDP (204) (emerging-rbn.rules) 2406408 - ET RBN Known Russian Business Network IP TCP (205) (emerging-rbn.rules) 2406409 - ET RBN Known Russian Business Network IP UDP (205) (emerging-rbn.rules) 2406410 - ET RBN Known Russian Business Network IP TCP (206) (emerging-rbn.rules) 2406411 - ET RBN Known Russian Business Network IP UDP (206) (emerging-rbn.rules) 2406412 - ET RBN Known Russian Business Network IP TCP (207) (emerging-rbn.rules) 2406413 - ET RBN Known Russian Business Network IP UDP (207) (emerging-rbn.rules) 2406414 - ET RBN Known Russian Business Network IP TCP (208) (emerging-rbn.rules) 2406415 - ET RBN Known Russian Business Network IP UDP (208) (emerging-rbn.rules) 2406416 - ET RBN Known Russian Business Network IP TCP (209) (emerging-rbn.rules) 2406417 - ET RBN Known Russian Business Network IP UDP (209) (emerging-rbn.rules) 2406418 - ET RBN Known Russian Business Network IP TCP (210) (emerging-rbn.rules) 2406419 - ET RBN Known Russian Business Network IP UDP (210) (emerging-rbn.rules) 2406420 - ET RBN Known Russian Business Network IP TCP (211) (emerging-rbn.rules) 2406421 - ET RBN Known Russian Business Network IP UDP (211) (emerging-rbn.rules) 2406422 - ET RBN Known Russian Business Network IP TCP (212) (emerging-rbn.rules) 2406423 - ET RBN Known Russian Business Network IP UDP (212) (emerging-rbn.rules) 2406424 - ET RBN Known Russian Business Network IP TCP (213) (emerging-rbn.rules) 2406425 - ET RBN Known Russian Business Network IP UDP (213) (emerging-rbn.rules) 2406426 - ET RBN Known Russian Business Network IP TCP (214) (emerging-rbn.rules) 2406427 - ET RBN Known Russian Business Network IP UDP (214) (emerging-rbn.rules) 2406428 - ET RBN Known Russian Business Network IP TCP (215) (emerging-rbn.rules) 2406429 - ET RBN Known Russian Business Network IP UDP (215) (emerging-rbn.rules) 2406430 - ET RBN Known Russian Business Network IP TCP (216) (emerging-rbn.rules) 2406431 - ET RBN Known Russian Business Network IP UDP (216) (emerging-rbn.rules) 2406432 - ET RBN Known Russian Business Network IP TCP (217) (emerging-rbn.rules) 2406433 - ET RBN Known Russian Business Network IP UDP (217) (emerging-rbn.rules) 2406434 - ET RBN Known Russian Business Network IP TCP (218) (emerging-rbn.rules) 2406435 - ET RBN Known Russian Business Network IP UDP (218) (emerging-rbn.rules) 2406436 - ET RBN Known Russian Business Network IP TCP (219) (emerging-rbn.rules) 2406437 - ET RBN Known Russian Business Network IP UDP (219) (emerging-rbn.rules) 2406438 - ET RBN Known Russian Business Network IP TCP (220) (emerging-rbn.rules) 2406439 - ET RBN Known Russian Business Network IP UDP (220) (emerging-rbn.rules) 2406440 - ET RBN Known Russian Business Network IP TCP (221) (emerging-rbn.rules) 2406441 - ET RBN Known Russian Business Network IP UDP (221) (emerging-rbn.rules) 2406442 - ET RBN Known Russian Business Network IP TCP (222) (emerging-rbn.rules) 2406443 - ET RBN Known Russian Business Network IP UDP (222) (emerging-rbn.rules) 2406444 - ET RBN Known Russian Business Network IP TCP (223) (emerging-rbn.rules) 2406445 - ET RBN Known Russian Business Network IP UDP (223) (emerging-rbn.rules) 2406446 - ET RBN Known Russian Business Network IP TCP (224) (emerging-rbn.rules) 2406447 - ET RBN Known Russian Business Network IP UDP (224) (emerging-rbn.rules) 2406448 - ET RBN Known Russian Business Network IP TCP (225) (emerging-rbn.rules) 2406449 - ET RBN Known Russian Business Network IP UDP (225) (emerging-rbn.rules) 2406450 - ET RBN Known Russian Business Network IP TCP (226) (emerging-rbn.rules) 2406451 - ET RBN Known Russian Business Network IP UDP (226) (emerging-rbn.rules) 2406452 - ET RBN Known Russian Business Network IP TCP (227) (emerging-rbn.rules) 2406453 - ET RBN Known Russian Business Network IP UDP (227) (emerging-rbn.rules) 2406454 - ET RBN Known Russian Business Network IP TCP (228) (emerging-rbn.rules) 2406455 - ET RBN Known Russian Business Network IP UDP (228) (emerging-rbn.rules) 2406456 - ET RBN Known Russian Business Network IP TCP (229) (emerging-rbn.rules) 2406457 - ET RBN Known Russian Business Network IP UDP (229) (emerging-rbn.rules) 2406458 - ET RBN Known Russian Business Network IP TCP (230) (emerging-rbn.rules) 2406459 - ET RBN Known Russian Business Network IP UDP (230) (emerging-rbn.rules) 2406460 - ET RBN Known Russian Business Network IP TCP (231) (emerging-rbn.rules) 2406461 - ET RBN Known Russian Business Network IP UDP (231) (emerging-rbn.rules) 2406462 - ET RBN Known Russian Business Network IP TCP (232) (emerging-rbn.rules) 2406463 - ET RBN Known Russian Business Network IP UDP (232) (emerging-rbn.rules) 2406464 - ET RBN Known Russian Business Network IP TCP (233) (emerging-rbn.rules) 2406465 - ET RBN Known Russian Business Network IP UDP (233) (emerging-rbn.rules) 2406466 - ET RBN Known Russian Business Network IP TCP (234) (emerging-rbn.rules) 2406467 - ET RBN Known Russian Business Network IP UDP (234) (emerging-rbn.rules) 2406468 - ET RBN Known Russian Business Network IP TCP (235) (emerging-rbn.rules) 2406469 - ET RBN Known Russian Business Network IP UDP (235) (emerging-rbn.rules) 2406470 - ET RBN Known Russian Business Network IP TCP (236) (emerging-rbn.rules) 2406471 - ET RBN Known Russian Business Network IP UDP (236) (emerging-rbn.rules) 2406472 - ET RBN Known Russian Business Network IP TCP (237) (emerging-rbn.rules) 2406473 - ET RBN Known Russian Business Network IP UDP (237) (emerging-rbn.rules) 2406474 - ET RBN Known Russian Business Network IP TCP (238) (emerging-rbn.rules) 2406475 - ET RBN Known Russian Business Network IP UDP (238) (emerging-rbn.rules) 2406476 - ET RBN Known Russian Business Network IP TCP (239) (emerging-rbn.rules) 2406477 - ET RBN Known Russian Business Network IP UDP (239) (emerging-rbn.rules) 2406478 - ET RBN Known Russian Business Network IP TCP (240) (emerging-rbn.rules) 2406479 - ET RBN Known Russian Business Network IP UDP (240) (emerging-rbn.rules) 2406480 - ET RBN Known Russian Business Network IP TCP (241) (emerging-rbn.rules) 2406481 - ET RBN Known Russian Business Network IP UDP (241) (emerging-rbn.rules) 2406482 - ET RBN Known Russian Business Network IP TCP (242) (emerging-rbn.rules) 2406483 - ET RBN Known Russian Business Network IP UDP (242) (emerging-rbn.rules) 2406484 - ET RBN Known Russian Business Network IP TCP (243) (emerging-rbn.rules) 2406485 - ET RBN Known Russian Business Network IP UDP (243) (emerging-rbn.rules) 2406486 - ET RBN Known Russian Business Network IP TCP (244) (emerging-rbn.rules) 2406487 - ET RBN Known Russian Business Network IP UDP (244) (emerging-rbn.rules) 2406488 - ET RBN Known Russian Business Network IP TCP (245) (emerging-rbn.rules) 2406489 - ET RBN Known Russian Business Network IP UDP (245) (emerging-rbn.rules) 2406490 - ET RBN Known Russian Business Network IP TCP (246) (emerging-rbn.rules) 2406491 - ET RBN Known Russian Business Network IP UDP (246) (emerging-rbn.rules) 2406492 - ET RBN Known Russian Business Network IP TCP (247) (emerging-rbn.rules) 2406493 - ET RBN Known Russian Business Network IP UDP (247) (emerging-rbn.rules) 2406494 - ET RBN Known Russian Business Network IP TCP (248) (emerging-rbn.rules) 2406495 - ET RBN Known Russian Business Network IP UDP (248) (emerging-rbn.rules) 2406496 - ET RBN Known Russian Business Network IP TCP (249) (emerging-rbn.rules) 2406497 - ET RBN Known Russian Business Network IP UDP (249) (emerging-rbn.rules) 2406498 - ET RBN Known Russian Business Network IP TCP (250) (emerging-rbn.rules) 2406499 - ET RBN Known Russian Business Network IP UDP (250) (emerging-rbn.rules) 2406500 - ET RBN Known Russian Business Network IP TCP (251) (emerging-rbn.rules) 2406501 - ET RBN Known Russian Business Network IP UDP (251) (emerging-rbn.rules) 2406502 - ET RBN Known Russian Business Network IP TCP (252) (emerging-rbn.rules) 2406503 - ET RBN Known Russian Business Network IP UDP (252) (emerging-rbn.rules) 2406504 - ET RBN Known Russian Business Network IP TCP (253) (emerging-rbn.rules) 2406505 - ET RBN Known Russian Business Network IP UDP (253) (emerging-rbn.rules) 2406506 - ET RBN Known Russian Business Network IP TCP (254) (emerging-rbn.rules) 2406507 - ET RBN Known Russian Business Network IP UDP (254) (emerging-rbn.rules) 2406508 - ET RBN Known Russian Business Network IP TCP (255) (emerging-rbn.rules) 2406509 - ET RBN Known Russian Business Network IP UDP (255) (emerging-rbn.rules) 2406510 - ET RBN Known Russian Business Network IP TCP (256) (emerging-rbn.rules) 2406511 - ET RBN Known Russian Business Network IP UDP (256) (emerging-rbn.rules) 2406512 - ET RBN Known Russian Business Network IP TCP (257) (emerging-rbn.rules) 2406513 - ET RBN Known Russian Business Network IP UDP (257) (emerging-rbn.rules) 2406514 - ET RBN Known Russian Business Network IP TCP (258) (emerging-rbn.rules) 2406515 - ET RBN Known Russian Business Network IP UDP (258) (emerging-rbn.rules) 2406516 - ET RBN Known Russian Business Network IP TCP (259) (emerging-rbn.rules) 2406517 - ET RBN Known Russian Business Network IP UDP (259) (emerging-rbn.rules) 2406518 - ET RBN Known Russian Business Network IP TCP (260) (emerging-rbn.rules) 2406519 - ET RBN Known Russian Business Network IP UDP (260) (emerging-rbn.rules) 2406520 - ET RBN Known Russian Business Network IP TCP (261) (emerging-rbn.rules) 2406521 - ET RBN Known Russian Business Network IP UDP (261) (emerging-rbn.rules) 2406522 - ET RBN Known Russian Business Network IP TCP (262) (emerging-rbn.rules) 2406523 - ET RBN Known Russian Business Network IP UDP (262) (emerging-rbn.rules) 2406524 - ET RBN Known Russian Business Network IP TCP (263) (emerging-rbn.rules) 2406525 - ET RBN Known Russian Business Network IP UDP (263) (emerging-rbn.rules) 2406526 - ET RBN Known Russian Business Network IP TCP (264) (emerging-rbn.rules) 2406527 - ET RBN Known Russian Business Network IP UDP (264) (emerging-rbn.rules) 2406528 - ET RBN Known Russian Business Network IP TCP (265) (emerging-rbn.rules) 2406529 - ET RBN Known Russian Business Network IP UDP (265) (emerging-rbn.rules) 2406530 - ET RBN Known Russian Business Network IP TCP (266) (emerging-rbn.rules) 2406531 - ET RBN Known Russian Business Network IP UDP (266) (emerging-rbn.rules) 2406532 - ET RBN Known Russian Business Network IP TCP (267) (emerging-rbn.rules) 2406533 - ET RBN Known Russian Business Network IP UDP (267) (emerging-rbn.rules) 2406534 - ET RBN Known Russian Business Network IP TCP (268) (emerging-rbn.rules) 2406535 - ET RBN Known Russian Business Network IP UDP (268) (emerging-rbn.rules) 2406536 - ET RBN Known Russian Business Network IP TCP (269) (emerging-rbn.rules) 2406537 - ET RBN Known Russian Business Network IP UDP (269) (emerging-rbn.rules) 2406538 - ET RBN Known Russian Business Network IP TCP (270) (emerging-rbn.rules) 2406539 - ET RBN Known Russian Business Network IP UDP (270) (emerging-rbn.rules) 2406540 - ET RBN Known Russian Business Network IP TCP (271) (emerging-rbn.rules) 2406541 - ET RBN Known Russian Business Network IP UDP (271) (emerging-rbn.rules) 2406542 - ET RBN Known Russian Business Network IP TCP (272) (emerging-rbn.rules) 2406543 - ET RBN Known Russian Business Network IP UDP (272) (emerging-rbn.rules) 2406544 - ET RBN Known Russian Business Network IP TCP (273) (emerging-rbn.rules) 2406545 - ET RBN Known Russian Business Network IP UDP (273) (emerging-rbn.rules) 2406546 - ET RBN Known Russian Business Network IP TCP (274) (emerging-rbn.rules) 2406547 - ET RBN Known Russian Business Network IP UDP (274) (emerging-rbn.rules) 2406548 - ET RBN Known Russian Business Network IP TCP (275) (emerging-rbn.rules) 2406549 - ET RBN Known Russian Business Network IP UDP (275) (emerging-rbn.rules) 2406550 - ET RBN Known Russian Business Network IP TCP (276) (emerging-rbn.rules) 2406551 - ET RBN Known Russian Business Network IP UDP (276) (emerging-rbn.rules) 2406552 - ET RBN Known Russian Business Network IP TCP (277) (emerging-rbn.rules) 2406553 - ET RBN Known Russian Business Network IP UDP (277) (emerging-rbn.rules) 2406554 - ET RBN Known Russian Business Network IP TCP (278) (emerging-rbn.rules) 2406555 - ET RBN Known Russian Business Network IP UDP (278) (emerging-rbn.rules) 2406556 - ET RBN Known Russian Business Network IP TCP (279) (emerging-rbn.rules) 2406557 - ET RBN Known Russian Business Network IP UDP (279) (emerging-rbn.rules) 2406558 - ET RBN Known Russian Business Network IP TCP (280) (emerging-rbn.rules) 2406559 - ET RBN Known Russian Business Network IP UDP (280) (emerging-rbn.rules) 2406560 - ET RBN Known Russian Business Network IP TCP (281) (emerging-rbn.rules) 2406561 - ET RBN Known Russian Business Network IP UDP (281) (emerging-rbn.rules) 2406562 - ET RBN Known Russian Business Network IP TCP (282) (emerging-rbn.rules) 2406563 - ET RBN Known Russian Business Network IP UDP (282) (emerging-rbn.rules) 2406564 - ET RBN Known Russian Business Network IP TCP (283) (emerging-rbn.rules) 2406565 - ET RBN Known Russian Business Network IP UDP (283) (emerging-rbn.rules) 2406566 - ET RBN Known Russian Business Network IP TCP (284) (emerging-rbn.rules) 2406567 - ET RBN Known Russian Business Network IP UDP (284) (emerging-rbn.rules) 2406568 - ET RBN Known Russian Business Network IP TCP (285) (emerging-rbn.rules) 2406569 - ET RBN Known Russian Business Network IP UDP (285) (emerging-rbn.rules) 2406570 - ET RBN Known Russian Business Network IP TCP (286) (emerging-rbn.rules) 2406571 - ET RBN Known Russian Business Network IP UDP (286) (emerging-rbn.rules) 2406572 - ET RBN Known Russian Business Network IP TCP (287) (emerging-rbn.rules) 2406573 - ET RBN Known Russian Business Network IP UDP (287) (emerging-rbn.rules) 2406574 - ET RBN Known Russian Business Network IP TCP (288) (emerging-rbn.rules) 2406575 - ET RBN Known Russian Business Network IP UDP (288) (emerging-rbn.rules) 2406576 - ET RBN Known Russian Business Network IP TCP (289) (emerging-rbn.rules) 2406577 - ET RBN Known Russian Business Network IP UDP (289) (emerging-rbn.rules) 2406578 - ET RBN Known Russian Business Network IP TCP (290) (emerging-rbn.rules) 2406579 - ET RBN Known Russian Business Network IP UDP (290) (emerging-rbn.rules) 2406580 - ET RBN Known Russian Business Network IP TCP (291) (emerging-rbn.rules) 2406581 - ET RBN Known Russian Business Network IP UDP (291) (emerging-rbn.rules) 2406582 - ET RBN Known Russian Business Network IP TCP (292) (emerging-rbn.rules) 2406583 - ET RBN Known Russian Business Network IP UDP (292) (emerging-rbn.rules) 2406584 - ET RBN Known Russian Business Network IP TCP (293) (emerging-rbn.rules) 2406585 - ET RBN Known Russian Business Network IP UDP (293) (emerging-rbn.rules) 2406586 - ET RBN Known Russian Business Network IP TCP (294) (emerging-rbn.rules) 2406587 - ET RBN Known Russian Business Network IP UDP (294) (emerging-rbn.rules) 2406588 - ET RBN Known Russian Business Network IP TCP (295) (emerging-rbn.rules) 2406589 - ET RBN Known Russian Business Network IP UDP (295) (emerging-rbn.rules) 2406590 - ET RBN Known Russian Business Network IP TCP (296) (emerging-rbn.rules) 2406591 - ET RBN Known Russian Business Network IP UDP (296) (emerging-rbn.rules) 2406592 - ET RBN Known Russian Business Network IP TCP (297) (emerging-rbn.rules) 2406593 - ET RBN Known Russian Business Network IP UDP (297) (emerging-rbn.rules) 2406594 - ET RBN Known Russian Business Network IP TCP (298) (emerging-rbn.rules) 2406595 - ET RBN Known Russian Business Network IP UDP (298) (emerging-rbn.rules) 2406596 - ET RBN Known Russian Business Network IP TCP (299) (emerging-rbn.rules) 2406597 - ET RBN Known Russian Business Network IP UDP (299) (emerging-rbn.rules) 2406598 - ET RBN Known Russian Business Network IP TCP (300) (emerging-rbn.rules) 2406599 - ET RBN Known Russian Business Network IP UDP (300) (emerging-rbn.rules) 2406600 - ET RBN Known Russian Business Network IP TCP (301) (emerging-rbn.rules) 2406601 - ET RBN Known Russian Business Network IP UDP (301) (emerging-rbn.rules) 2406602 - ET RBN Known Russian Business Network IP TCP (302) (emerging-rbn.rules) 2406603 - ET RBN Known Russian Business Network IP UDP (302) (emerging-rbn.rules) 2406604 - ET RBN Known Russian Business Network IP TCP (303) (emerging-rbn.rules) 2406605 - ET RBN Known Russian Business Network IP UDP (303) (emerging-rbn.rules) 2406606 - ET RBN Known Russian Business Network IP TCP (304) (emerging-rbn.rules) 2406607 - ET RBN Known Russian Business Network IP UDP (304) (emerging-rbn.rules) 2406608 - ET RBN Known Russian Business Network IP TCP (305) (emerging-rbn.rules) 2406609 - ET RBN Known Russian Business Network IP UDP (305) (emerging-rbn.rules) 2406610 - ET RBN Known Russian Business Network IP TCP (306) (emerging-rbn.rules) 2406611 - ET RBN Known Russian Business Network IP UDP (306) (emerging-rbn.rules) 2406612 - ET RBN Known Russian Business Network IP TCP (307) (emerging-rbn.rules) 2406613 - ET RBN Known Russian Business Network IP UDP (307) (emerging-rbn.rules) 2406614 - ET RBN Known Russian Business Network IP TCP (308) (emerging-rbn.rules) 2406615 - ET RBN Known Russian Business Network IP UDP (308) (emerging-rbn.rules) 2406616 - ET RBN Known Russian Business Network IP TCP (309) (emerging-rbn.rules) 2406617 - ET RBN Known Russian Business Network IP UDP (309) (emerging-rbn.rules) 2406618 - ET RBN Known Russian Business Network IP TCP (310) (emerging-rbn.rules) 2406619 - ET RBN Known Russian Business Network IP UDP (310) (emerging-rbn.rules) 2407000 - ET RBN Known Russian Business Network IP TCP - BLOCKING (1) (emerging-rbn-BLOCK.rules) 2407001 - ET RBN Known Russian Business Network IP UDP - BLOCKING (1) (emerging-rbn-BLOCK.rules) 2407002 - ET RBN Known Russian Business Network IP TCP - BLOCKING (2) (emerging-rbn-BLOCK.rules) 2407003 - ET RBN Known Russian Business Network IP UDP - BLOCKING (2) (emerging-rbn-BLOCK.rules) 2407004 - ET RBN Known Russian Business Network IP TCP - BLOCKING (3) (emerging-rbn-BLOCK.rules) 2407005 - ET RBN Known Russian Business Network IP UDP - BLOCKING (3) (emerging-rbn-BLOCK.rules) 2407006 - ET RBN Known Russian Business Network IP TCP - BLOCKING (4) (emerging-rbn-BLOCK.rules) 2407007 - ET RBN Known Russian Business Network IP UDP - BLOCKING (4) (emerging-rbn-BLOCK.rules) 2407008 - ET RBN Known Russian Business Network IP TCP - BLOCKING (5) (emerging-rbn-BLOCK.rules) 2407009 - ET RBN Known Russian Business Network IP UDP - BLOCKING (5) (emerging-rbn-BLOCK.rules) 2407010 - ET RBN Known Russian Business Network IP TCP - BLOCKING (6) (emerging-rbn-BLOCK.rules) 2407011 - ET RBN Known Russian Business Network IP UDP - BLOCKING (6) (emerging-rbn-BLOCK.rules) 2407012 - ET RBN Known Russian Business Network IP TCP - BLOCKING (7) (emerging-rbn-BLOCK.rules) 2407013 - ET RBN Known Russian Business Network IP UDP - BLOCKING (7) (emerging-rbn-BLOCK.rules) 2407014 - ET RBN Known Russian Business Network IP TCP - BLOCKING (8) (emerging-rbn-BLOCK.rules) 2407015 - ET RBN Known Russian Business Network IP UDP - BLOCKING (8) (emerging-rbn-BLOCK.rules) 2407016 - ET RBN Known Russian Business Network IP TCP - BLOCKING (9) (emerging-rbn-BLOCK.rules) 2407017 - ET RBN Known Russian Business Network IP UDP - BLOCKING (9) (emerging-rbn-BLOCK.rules) 2407018 - ET RBN Known Russian Business Network IP TCP - BLOCKING (10) (emerging-rbn-BLOCK.rules) 2407019 - ET RBN Known Russian Business Network IP UDP - BLOCKING (10) (emerging-rbn-BLOCK.rules) 2407020 - ET RBN Known Russian Business Network IP TCP - BLOCKING (11) (emerging-rbn-BLOCK.rules) 2407021 - ET RBN Known Russian Business Network IP UDP - BLOCKING (11) (emerging-rbn-BLOCK.rules) 2407022 - ET RBN Known Russian Business Network IP TCP - BLOCKING (12) (emerging-rbn-BLOCK.rules) 2407023 - ET RBN Known Russian Business Network IP UDP - BLOCKING (12) (emerging-rbn-BLOCK.rules) 2407024 - ET RBN Known Russian Business Network IP TCP - BLOCKING (13) (emerging-rbn-BLOCK.rules) 2407025 - ET RBN Known Russian Business Network IP UDP - BLOCKING (13) (emerging-rbn-BLOCK.rules) 2407026 - ET RBN Known Russian Business Network IP TCP - BLOCKING (14) (emerging-rbn-BLOCK.rules) 2407027 - ET RBN Known Russian Business Network IP UDP - BLOCKING (14) (emerging-rbn-BLOCK.rules) 2407028 - ET RBN Known Russian Business Network IP TCP - BLOCKING (15) (emerging-rbn-BLOCK.rules) 2407029 - ET RBN Known Russian Business Network IP UDP - BLOCKING (15) (emerging-rbn-BLOCK.rules) 2407030 - ET RBN Known Russian Business Network IP TCP - BLOCKING (16) (emerging-rbn-BLOCK.rules) 2407031 - ET RBN Known Russian Business Network IP UDP - BLOCKING (16) (emerging-rbn-BLOCK.rules) 2407032 - ET RBN Known Russian Business Network IP TCP - BLOCKING (17) (emerging-rbn-BLOCK.rules) 2407033 - ET RBN Known Russian Business Network IP UDP - BLOCKING (17) (emerging-rbn-BLOCK.rules) 2407034 - ET RBN Known Russian Business Network IP TCP - BLOCKING (18) (emerging-rbn-BLOCK.rules) 2407035 - ET RBN Known Russian Business Network IP UDP - BLOCKING (18) (emerging-rbn-BLOCK.rules) 2407036 - ET RBN Known Russian Business Network IP TCP - BLOCKING (19) (emerging-rbn-BLOCK.rules) 2407037 - ET RBN Known Russian Business Network IP UDP - BLOCKING (19) (emerging-rbn-BLOCK.rules) 2407038 - ET RBN Known Russian Business Network IP TCP - BLOCKING (20) (emerging-rbn-BLOCK.rules) 2407039 - ET RBN Known Russian Business Network IP UDP - BLOCKING (20) (emerging-rbn-BLOCK.rules) 2407040 - ET RBN Known Russian Business Network IP TCP - BLOCKING (21) (emerging-rbn-BLOCK.rules) 2407041 - ET RBN Known Russian Business Network IP UDP - BLOCKING (21) (emerging-rbn-BLOCK.rules) 2407042 - ET RBN Known Russian Business Network IP TCP - BLOCKING (22) (emerging-rbn-BLOCK.rules) 2407043 - ET RBN Known Russian Business Network IP UDP - BLOCKING (22) (emerging-rbn-BLOCK.rules) 2407044 - ET RBN Known Russian Business Network IP TCP - BLOCKING (23) (emerging-rbn-BLOCK.rules) 2407045 - ET RBN Known Russian Business Network IP UDP - BLOCKING (23) (emerging-rbn-BLOCK.rules) 2407046 - ET RBN Known Russian Business Network IP TCP - BLOCKING (24) (emerging-rbn-BLOCK.rules) 2407047 - ET RBN Known Russian Business Network IP UDP - BLOCKING (24) (emerging-rbn-BLOCK.rules) 2407048 - ET RBN Known Russian Business Network IP TCP - BLOCKING (25) (emerging-rbn-BLOCK.rules) 2407049 - ET RBN Known Russian Business Network IP UDP - BLOCKING (25) (emerging-rbn-BLOCK.rules) 2407050 - ET RBN Known Russian Business Network IP TCP - BLOCKING (26) (emerging-rbn-BLOCK.rules) 2407051 - ET RBN Known Russian Business Network IP UDP - BLOCKING (26) (emerging-rbn-BLOCK.rules) 2407052 - ET RBN Known Russian Business Network IP TCP - BLOCKING (27) (emerging-rbn-BLOCK.rules) 2407053 - ET RBN Known Russian Business Network IP UDP - BLOCKING (27) (emerging-rbn-BLOCK.rules) 2407054 - ET RBN Known Russian Business Network IP TCP - BLOCKING (28) (emerging-rbn-BLOCK.rules) 2407055 - ET RBN Known Russian Business Network IP UDP - BLOCKING (28) (emerging-rbn-BLOCK.rules) 2407056 - ET RBN Known Russian Business Network IP TCP - BLOCKING (29) (emerging-rbn-BLOCK.rules) 2407057 - ET RBN Known Russian Business Network IP UDP - BLOCKING (29) (emerging-rbn-BLOCK.rules) 2407058 - ET RBN Known Russian Business Network IP TCP - BLOCKING (30) (emerging-rbn-BLOCK.rules) 2407059 - ET RBN Known Russian Business Network IP UDP - BLOCKING (30) (emerging-rbn-BLOCK.rules) 2407060 - ET RBN Known Russian Business Network IP TCP - BLOCKING (31) (emerging-rbn-BLOCK.rules) 2407061 - ET RBN Known Russian Business Network IP UDP - BLOCKING (31) (emerging-rbn-BLOCK.rules) 2407062 - ET RBN Known Russian Business Network IP TCP - BLOCKING (32) (emerging-rbn-BLOCK.rules) 2407063 - ET RBN Known Russian Business Network IP UDP - BLOCKING (32) (emerging-rbn-BLOCK.rules) 2407064 - ET RBN Known Russian Business Network IP TCP - BLOCKING (33) (emerging-rbn-BLOCK.rules) 2407065 - ET RBN Known Russian Business Network IP UDP - BLOCKING (33) (emerging-rbn-BLOCK.rules) 2407066 - ET RBN Known Russian Business Network IP TCP - BLOCKING (34) (emerging-rbn-BLOCK.rules) 2407067 - ET RBN Known Russian Business Network IP UDP - BLOCKING (34) (emerging-rbn-BLOCK.rules) 2407068 - ET RBN Known Russian Business Network IP TCP - BLOCKING (35) (emerging-rbn-BLOCK.rules) 2407069 - ET RBN Known Russian Business Network IP UDP - BLOCKING (35) (emerging-rbn-BLOCK.rules) 2407070 - ET RBN Known Russian Business Network IP TCP - BLOCKING (36) (emerging-rbn-BLOCK.rules) 2407071 - ET RBN Known Russian Business Network IP UDP - BLOCKING (36) (emerging-rbn-BLOCK.rules) 2407072 - ET RBN Known Russian Business Network IP TCP - BLOCKING (37) (emerging-rbn-BLOCK.rules) 2407073 - ET RBN Known Russian Business Network IP UDP - BLOCKING (37) (emerging-rbn-BLOCK.rules) 2407074 - ET RBN Known Russian Business Network IP TCP - BLOCKING (38) (emerging-rbn-BLOCK.rules) 2407075 - ET RBN Known Russian Business Network IP UDP - BLOCKING (38) (emerging-rbn-BLOCK.rules) 2407076 - ET RBN Known Russian Business Network IP TCP - BLOCKING (39) (emerging-rbn-BLOCK.rules) 2407077 - ET RBN Known Russian Business Network IP UDP - BLOCKING (39) (emerging-rbn-BLOCK.rules) 2407078 - ET RBN Known Russian Business Network IP TCP - BLOCKING (40) (emerging-rbn-BLOCK.rules) 2407079 - ET RBN Known Russian Business Network IP UDP - BLOCKING (40) (emerging-rbn-BLOCK.rules) 2407080 - ET RBN Known Russian Business Network IP TCP - BLOCKING (41) (emerging-rbn-BLOCK.rules) 2407081 - ET RBN Known Russian Business Network IP UDP - BLOCKING (41) (emerging-rbn-BLOCK.rules) 2407082 - ET RBN Known Russian Business Network IP TCP - BLOCKING (42) (emerging-rbn-BLOCK.rules) 2407083 - ET RBN Known Russian Business Network IP UDP - BLOCKING (42) (emerging-rbn-BLOCK.rules) 2407084 - ET RBN Known Russian Business Network IP TCP - BLOCKING (43) (emerging-rbn-BLOCK.rules) 2407085 - ET RBN Known Russian Business Network IP UDP - BLOCKING (43) (emerging-rbn-BLOCK.rules) 2407086 - ET RBN Known Russian Business Network IP TCP - BLOCKING (44) (emerging-rbn-BLOCK.rules) 2407087 - ET RBN Known Russian Business Network IP UDP - BLOCKING (44) (emerging-rbn-BLOCK.rules) 2407088 - ET RBN Known Russian Business Network IP TCP - BLOCKING (45) (emerging-rbn-BLOCK.rules) 2407089 - ET RBN Known Russian Business Network IP UDP - BLOCKING (45) (emerging-rbn-BLOCK.rules) 2407090 - ET RBN Known Russian Business Network IP TCP - BLOCKING (46) (emerging-rbn-BLOCK.rules) 2407091 - ET RBN Known Russian Business Network IP UDP - BLOCKING (46) (emerging-rbn-BLOCK.rules) 2407092 - ET RBN Known Russian Business Network IP TCP - BLOCKING (47) (emerging-rbn-BLOCK.rules) 2407093 - ET RBN Known Russian Business Network IP UDP - BLOCKING (47) (emerging-rbn-BLOCK.rules) 2407094 - ET RBN Known Russian Business Network IP TCP - BLOCKING (48) (emerging-rbn-BLOCK.rules) 2407095 - ET RBN Known Russian Business Network IP UDP - BLOCKING (48) (emerging-rbn-BLOCK.rules) 2407096 - ET RBN Known Russian Business Network IP TCP - BLOCKING (49) (emerging-rbn-BLOCK.rules) 2407097 - ET RBN Known Russian Business Network IP UDP - BLOCKING (49) (emerging-rbn-BLOCK.rules) 2407098 - ET RBN Known Russian Business Network IP TCP - BLOCKING (50) (emerging-rbn-BLOCK.rules) 2407099 - ET RBN Known Russian Business Network IP UDP - BLOCKING (50) (emerging-rbn-BLOCK.rules) 2407100 - ET RBN Known Russian Business Network IP TCP - BLOCKING (51) (emerging-rbn-BLOCK.rules) 2407101 - ET RBN Known Russian Business Network IP UDP - BLOCKING (51) (emerging-rbn-BLOCK.rules) 2407102 - ET RBN Known Russian Business Network IP TCP - BLOCKING (52) (emerging-rbn-BLOCK.rules) 2407103 - ET RBN Known Russian Business Network IP UDP - BLOCKING (52) (emerging-rbn-BLOCK.rules) 2407104 - ET RBN Known Russian Business Network IP TCP - BLOCKING (53) (emerging-rbn-BLOCK.rules) 2407105 - ET RBN Known Russian Business Network IP UDP - BLOCKING (53) (emerging-rbn-BLOCK.rules) 2407106 - ET RBN Known Russian Business Network IP TCP - BLOCKING (54) (emerging-rbn-BLOCK.rules) 2407107 - ET RBN Known Russian Business Network IP UDP - BLOCKING (54) (emerging-rbn-BLOCK.rules) 2407108 - ET RBN Known Russian Business Network IP TCP - BLOCKING (55) (emerging-rbn-BLOCK.rules) 2407109 - ET RBN Known Russian Business Network IP UDP - BLOCKING (55) (emerging-rbn-BLOCK.rules) 2407110 - ET RBN Known Russian Business Network IP TCP - BLOCKING (56) (emerging-rbn-BLOCK.rules) 2407111 - ET RBN Known Russian Business Network IP UDP - BLOCKING (56) (emerging-rbn-BLOCK.rules) 2407112 - ET RBN Known Russian Business Network IP TCP - BLOCKING (57) (emerging-rbn-BLOCK.rules) 2407113 - ET RBN Known Russian Business Network IP UDP - BLOCKING (57) (emerging-rbn-BLOCK.rules) 2407114 - ET RBN Known Russian Business Network IP TCP - BLOCKING (58) (emerging-rbn-BLOCK.rules) 2407115 - ET RBN Known Russian Business Network IP UDP - BLOCKING (58) (emerging-rbn-BLOCK.rules) 2407116 - ET RBN Known Russian Business Network IP TCP - BLOCKING (59) (emerging-rbn-BLOCK.rules) 2407117 - ET RBN Known Russian Business Network IP UDP - BLOCKING (59) (emerging-rbn-BLOCK.rules) 2407118 - ET RBN Known Russian Business Network IP TCP - BLOCKING (60) (emerging-rbn-BLOCK.rules) 2407119 - ET RBN Known Russian Business Network IP UDP - BLOCKING (60) (emerging-rbn-BLOCK.rules) 2407120 - ET RBN Known Russian Business Network IP TCP - BLOCKING (61) (emerging-rbn-BLOCK.rules) 2407121 - ET RBN Known Russian Business Network IP UDP - BLOCKING (61) (emerging-rbn-BLOCK.rules) 2407122 - ET RBN Known Russian Business Network IP TCP - BLOCKING (62) (emerging-rbn-BLOCK.rules) 2407123 - ET RBN Known Russian Business Network IP UDP - BLOCKING (62) (emerging-rbn-BLOCK.rules) 2407124 - ET RBN Known Russian Business Network IP TCP - BLOCKING (63) (emerging-rbn-BLOCK.rules) 2407125 - ET RBN Known Russian Business Network IP UDP - BLOCKING (63) (emerging-rbn-BLOCK.rules) 2407126 - ET RBN Known Russian Business Network IP TCP - BLOCKING (64) (emerging-rbn-BLOCK.rules) 2407127 - ET RBN Known Russian Business Network IP UDP - BLOCKING (64) (emerging-rbn-BLOCK.rules) 2407128 - ET RBN Known Russian Business Network IP TCP - BLOCKING (65) (emerging-rbn-BLOCK.rules) 2407129 - ET RBN Known Russian Business Network IP UDP - BLOCKING (65) (emerging-rbn-BLOCK.rules) 2407130 - ET RBN Known Russian Business Network IP TCP - BLOCKING (66) (emerging-rbn-BLOCK.rules) 2407131 - ET RBN Known Russian Business Network IP UDP - BLOCKING (66) (emerging-rbn-BLOCK.rules) 2407132 - ET RBN Known Russian Business Network IP TCP - BLOCKING (67) (emerging-rbn-BLOCK.rules) 2407133 - ET RBN Known Russian Business Network IP UDP - BLOCKING (67) (emerging-rbn-BLOCK.rules) 2407134 - ET RBN Known Russian Business Network IP TCP - BLOCKING (68) (emerging-rbn-BLOCK.rules) 2407135 - ET RBN Known Russian Business Network IP UDP - BLOCKING (68) (emerging-rbn-BLOCK.rules) 2407136 - ET RBN Known Russian Business Network IP TCP - BLOCKING (69) (emerging-rbn-BLOCK.rules) 2407137 - ET RBN Known Russian Business Network IP UDP - BLOCKING (69) (emerging-rbn-BLOCK.rules) 2407138 - ET RBN Known Russian Business Network IP TCP - BLOCKING (70) (emerging-rbn-BLOCK.rules) 2407139 - ET RBN Known Russian Business Network IP UDP - BLOCKING (70) (emerging-rbn-BLOCK.rules) 2407140 - ET RBN Known Russian Business Network IP TCP - BLOCKING (71) (emerging-rbn-BLOCK.rules) 2407141 - ET RBN Known Russian Business Network IP UDP - BLOCKING (71) (emerging-rbn-BLOCK.rules) 2407142 - ET RBN Known Russian Business Network IP TCP - BLOCKING (72) (emerging-rbn-BLOCK.rules) 2407143 - ET RBN Known Russian Business Network IP UDP - BLOCKING (72) (emerging-rbn-BLOCK.rules) 2407144 - ET RBN Known Russian Business Network IP TCP - BLOCKING (73) (emerging-rbn-BLOCK.rules) 2407145 - ET RBN Known Russian Business Network IP UDP - BLOCKING (73) (emerging-rbn-BLOCK.rules) 2407146 - ET RBN Known Russian Business Network IP TCP - BLOCKING (74) (emerging-rbn-BLOCK.rules) 2407147 - ET RBN Known Russian Business Network IP UDP - BLOCKING (74) (emerging-rbn-BLOCK.rules) 2407148 - ET RBN Known Russian Business Network IP TCP - BLOCKING (75) (emerging-rbn-BLOCK.rules) 2407149 - ET RBN Known Russian Business Network IP UDP - BLOCKING (75) (emerging-rbn-BLOCK.rules) 2407150 - ET RBN Known Russian Business Network IP TCP - BLOCKING (76) (emerging-rbn-BLOCK.rules) 2407151 - ET RBN Known Russian Business Network IP UDP - BLOCKING (76) (emerging-rbn-BLOCK.rules) 2407152 - ET RBN Known Russian Business Network IP TCP - BLOCKING (77) (emerging-rbn-BLOCK.rules) 2407153 - ET RBN Known Russian Business Network IP UDP - BLOCKING (77) (emerging-rbn-BLOCK.rules) 2407154 - ET RBN Known Russian Business Network IP TCP - BLOCKING (78) (emerging-rbn-BLOCK.rules) 2407155 - ET RBN Known Russian Business Network IP UDP - BLOCKING (78) (emerging-rbn-BLOCK.rules) 2407156 - ET RBN Known Russian Business Network IP TCP - BLOCKING (79) (emerging-rbn-BLOCK.rules) 2407157 - ET RBN Known Russian Business Network IP UDP - BLOCKING (79) (emerging-rbn-BLOCK.rules) 2407158 - ET RBN Known Russian Business Network IP TCP - BLOCKING (80) (emerging-rbn-BLOCK.rules) 2407159 - ET RBN Known Russian Business Network IP UDP - BLOCKING (80) (emerging-rbn-BLOCK.rules) 2407160 - ET RBN Known Russian Business Network IP TCP - BLOCKING (81) (emerging-rbn-BLOCK.rules) 2407161 - ET RBN Known Russian Business Network IP UDP - BLOCKING (81) (emerging-rbn-BLOCK.rules) 2407162 - ET RBN Known Russian Business Network IP TCP - BLOCKING (82) (emerging-rbn-BLOCK.rules) 2407163 - ET RBN Known Russian Business Network IP UDP - BLOCKING (82) (emerging-rbn-BLOCK.rules) 2407164 - ET RBN Known Russian Business Network IP TCP - BLOCKING (83) (emerging-rbn-BLOCK.rules) 2407165 - ET RBN Known Russian Business Network IP UDP - BLOCKING (83) (emerging-rbn-BLOCK.rules) 2407166 - ET RBN Known Russian Business Network IP TCP - BLOCKING (84) (emerging-rbn-BLOCK.rules) 2407167 - ET RBN Known Russian Business Network IP UDP - BLOCKING (84) (emerging-rbn-BLOCK.rules) 2407168 - ET RBN Known Russian Business Network IP TCP - BLOCKING (85) (emerging-rbn-BLOCK.rules) 2407169 - ET RBN Known Russian Business Network IP UDP - BLOCKING (85) (emerging-rbn-BLOCK.rules) 2407170 - ET RBN Known Russian Business Network IP TCP - BLOCKING (86) (emerging-rbn-BLOCK.rules) 2407171 - ET RBN Known Russian Business Network IP UDP - BLOCKING (86) (emerging-rbn-BLOCK.rules) 2407172 - ET RBN Known Russian Business Network IP TCP - BLOCKING (87) (emerging-rbn-BLOCK.rules) 2407173 - ET RBN Known Russian Business Network IP UDP - BLOCKING (87) (emerging-rbn-BLOCK.rules) 2407174 - ET RBN Known Russian Business Network IP TCP - BLOCKING (88) (emerging-rbn-BLOCK.rules) 2407175 - ET RBN Known Russian Business Network IP UDP - BLOCKING (88) (emerging-rbn-BLOCK.rules) 2407176 - ET RBN Known Russian Business Network IP TCP - BLOCKING (89) (emerging-rbn-BLOCK.rules) 2407177 - ET RBN Known Russian Business Network IP UDP - BLOCKING (89) (emerging-rbn-BLOCK.rules) 2407178 - ET RBN Known Russian Business Network IP TCP - BLOCKING (90) (emerging-rbn-BLOCK.rules) 2407179 - ET RBN Known Russian Business Network IP UDP - BLOCKING (90) (emerging-rbn-BLOCK.rules) 2407180 - ET RBN Known Russian Business Network IP TCP - BLOCKING (91) (emerging-rbn-BLOCK.rules) 2407181 - ET RBN Known Russian Business Network IP UDP - BLOCKING (91) (emerging-rbn-BLOCK.rules) 2407182 - ET RBN Known Russian Business Network IP TCP - BLOCKING (92) (emerging-rbn-BLOCK.rules) 2407183 - ET RBN Known Russian Business Network IP UDP - BLOCKING (92) (emerging-rbn-BLOCK.rules) 2407184 - ET RBN Known Russian Business Network IP TCP - BLOCKING (93) (emerging-rbn-BLOCK.rules) 2407185 - ET RBN Known Russian Business Network IP UDP - BLOCKING (93) (emerging-rbn-BLOCK.rules) 2407186 - ET RBN Known Russian Business Network IP TCP - BLOCKING (94) (emerging-rbn-BLOCK.rules) 2407187 - ET RBN Known Russian Business Network IP UDP - BLOCKING (94) (emerging-rbn-BLOCK.rules) 2407188 - ET RBN Known Russian Business Network IP TCP - BLOCKING (95) (emerging-rbn-BLOCK.rules) 2407189 - ET RBN Known Russian Business Network IP UDP - BLOCKING (95) (emerging-rbn-BLOCK.rules) 2407190 - ET RBN Known Russian Business Network IP TCP - BLOCKING (96) (emerging-rbn-BLOCK.rules) 2407191 - ET RBN Known Russian Business Network IP UDP - BLOCKING (96) (emerging-rbn-BLOCK.rules) 2407192 - ET RBN Known Russian Business Network IP TCP - BLOCKING (97) (emerging-rbn-BLOCK.rules) 2407193 - ET RBN Known Russian Business Network IP UDP - BLOCKING (97) (emerging-rbn-BLOCK.rules) 2407194 - ET RBN Known Russian Business Network IP TCP - BLOCKING (98) (emerging-rbn-BLOCK.rules) 2407195 - ET RBN Known Russian Business Network IP UDP - BLOCKING (98) (emerging-rbn-BLOCK.rules) 2407196 - ET RBN Known Russian Business Network IP TCP - BLOCKING (99) (emerging-rbn-BLOCK.rules) 2407197 - ET RBN Known Russian Business Network IP UDP - BLOCKING (99) (emerging-rbn-BLOCK.rules) 2407198 - ET RBN Known Russian Business Network IP TCP - BLOCKING (100) (emerging-rbn-BLOCK.rules) 2407199 - ET RBN Known Russian Business Network IP UDP - BLOCKING (100) (emerging-rbn-BLOCK.rules) 2407200 - ET RBN Known Russian Business Network IP TCP - BLOCKING (101) (emerging-rbn-BLOCK.rules) 2407201 - ET RBN Known Russian Business Network IP UDP - BLOCKING (101) (emerging-rbn-BLOCK.rules) 2407202 - ET RBN Known Russian Business Network IP TCP - BLOCKING (102) (emerging-rbn-BLOCK.rules) 2407203 - ET RBN Known Russian Business Network IP UDP - BLOCKING (102) (emerging-rbn-BLOCK.rules) 2407204 - ET RBN Known Russian Business Network IP TCP - BLOCKING (103) (emerging-rbn-BLOCK.rules) 2407205 - ET RBN Known Russian Business Network IP UDP - BLOCKING (103) (emerging-rbn-BLOCK.rules) 2407206 - ET RBN Known Russian Business Network IP TCP - BLOCKING (104) (emerging-rbn-BLOCK.rules) 2407207 - ET RBN Known Russian Business Network IP UDP - BLOCKING (104) (emerging-rbn-BLOCK.rules) 2407208 - ET RBN Known Russian Business Network IP TCP - BLOCKING (105) (emerging-rbn-BLOCK.rules) 2407209 - ET RBN Known Russian Business Network IP UDP - BLOCKING (105) (emerging-rbn-BLOCK.rules) 2407210 - ET RBN Known Russian Business Network IP TCP - BLOCKING (106) (emerging-rbn-BLOCK.rules) 2407211 - ET RBN Known Russian Business Network IP UDP - BLOCKING (106) (emerging-rbn-BLOCK.rules) 2407212 - ET RBN Known Russian Business Network IP TCP - BLOCKING (107) (emerging-rbn-BLOCK.rules) 2407213 - ET RBN Known Russian Business Network IP UDP - BLOCKING (107) (emerging-rbn-BLOCK.rules) 2407214 - ET RBN Known Russian Business Network IP TCP - BLOCKING (108) (emerging-rbn-BLOCK.rules) 2407215 - ET RBN Known Russian Business Network IP UDP - BLOCKING (108) (emerging-rbn-BLOCK.rules) 2407216 - ET RBN Known Russian Business Network IP TCP - BLOCKING (109) (emerging-rbn-BLOCK.rules) 2407217 - ET RBN Known Russian Business Network IP UDP - BLOCKING (109) (emerging-rbn-BLOCK.rules) 2407218 - ET RBN Known Russian Business Network IP TCP - BLOCKING (110) (emerging-rbn-BLOCK.rules) 2407219 - ET RBN Known Russian Business Network IP UDP - BLOCKING (110) (emerging-rbn-BLOCK.rules) 2407220 - ET RBN Known Russian Business Network IP TCP - BLOCKING (111) (emerging-rbn-BLOCK.rules) 2407221 - ET RBN Known Russian Business Network IP UDP - BLOCKING (111) (emerging-rbn-BLOCK.rules) 2407222 - ET RBN Known Russian Business Network IP TCP - BLOCKING (112) (emerging-rbn-BLOCK.rules) 2407223 - ET RBN Known Russian Business Network IP UDP - BLOCKING (112) (emerging-rbn-BLOCK.rules) 2407224 - ET RBN Known Russian Business Network IP TCP - BLOCKING (113) (emerging-rbn-BLOCK.rules) 2407225 - ET RBN Known Russian Business Network IP UDP - BLOCKING (113) (emerging-rbn-BLOCK.rules) 2407226 - ET RBN Known Russian Business Network IP TCP - BLOCKING (114) (emerging-rbn-BLOCK.rules) 2407227 - ET RBN Known Russian Business Network IP UDP - BLOCKING (114) (emerging-rbn-BLOCK.rules) 2407228 - ET RBN Known Russian Business Network IP TCP - BLOCKING (115) (emerging-rbn-BLOCK.rules) 2407229 - ET RBN Known Russian Business Network IP UDP - BLOCKING (115) (emerging-rbn-BLOCK.rules) 2407230 - ET RBN Known Russian Business Network IP TCP - BLOCKING (116) (emerging-rbn-BLOCK.rules) 2407231 - ET RBN Known Russian Business Network IP UDP - BLOCKING (116) (emerging-rbn-BLOCK.rules) 2407232 - ET RBN Known Russian Business Network IP TCP - BLOCKING (117) (emerging-rbn-BLOCK.rules) 2407233 - ET RBN Known Russian Business Network IP UDP - BLOCKING (117) (emerging-rbn-BLOCK.rules) 2407234 - ET RBN Known Russian Business Network IP TCP - BLOCKING (118) (emerging-rbn-BLOCK.rules) 2407235 - ET RBN Known Russian Business Network IP UDP - BLOCKING (118) (emerging-rbn-BLOCK.rules) 2407236 - ET RBN Known Russian Business Network IP TCP - BLOCKING (119) (emerging-rbn-BLOCK.rules) 2407237 - ET RBN Known Russian Business Network IP UDP - BLOCKING (119) (emerging-rbn-BLOCK.rules) 2407238 - ET RBN Known Russian Business Network IP TCP - BLOCKING (120) (emerging-rbn-BLOCK.rules) 2407239 - ET RBN Known Russian Business Network IP UDP - BLOCKING (120) (emerging-rbn-BLOCK.rules) 2407240 - ET RBN Known Russian Business Network IP TCP - BLOCKING (121) (emerging-rbn-BLOCK.rules) 2407241 - ET RBN Known Russian Business Network IP UDP - BLOCKING (121) (emerging-rbn-BLOCK.rules) 2407242 - ET RBN Known Russian Business Network IP TCP - BLOCKING (122) (emerging-rbn-BLOCK.rules) 2407243 - ET RBN Known Russian Business Network IP UDP - BLOCKING (122) (emerging-rbn-BLOCK.rules) 2407244 - ET RBN Known Russian Business Network IP TCP - BLOCKING (123) (emerging-rbn-BLOCK.rules) 2407245 - ET RBN Known Russian Business Network IP UDP - BLOCKING (123) (emerging-rbn-BLOCK.rules) 2407246 - ET RBN Known Russian Business Network IP TCP - BLOCKING (124) (emerging-rbn-BLOCK.rules) 2407247 - ET RBN Known Russian Business Network IP UDP - BLOCKING (124) (emerging-rbn-BLOCK.rules) 2407248 - ET RBN Known Russian Business Network IP TCP - BLOCKING (125) (emerging-rbn-BLOCK.rules) 2407249 - ET RBN Known Russian Business Network IP UDP - BLOCKING (125) (emerging-rbn-BLOCK.rules) 2407250 - ET RBN Known Russian Business Network IP TCP - BLOCKING (126) (emerging-rbn-BLOCK.rules) 2407251 - ET RBN Known Russian Business Network IP UDP - BLOCKING (126) (emerging-rbn-BLOCK.rules) 2407252 - ET RBN Known Russian Business Network IP TCP - BLOCKING (127) (emerging-rbn-BLOCK.rules) 2407253 - ET RBN Known Russian Business Network IP UDP - BLOCKING (127) (emerging-rbn-BLOCK.rules) 2407254 - ET RBN Known Russian Business Network IP TCP - BLOCKING (128) (emerging-rbn-BLOCK.rules) 2407255 - ET RBN Known Russian Business Network IP UDP - BLOCKING (128) (emerging-rbn-BLOCK.rules) 2407256 - ET RBN Known Russian Business Network IP TCP - BLOCKING (129) (emerging-rbn-BLOCK.rules) 2407257 - ET RBN Known Russian Business Network IP UDP - BLOCKING (129) (emerging-rbn-BLOCK.rules) 2407258 - ET RBN Known Russian Business Network IP TCP - BLOCKING (130) (emerging-rbn-BLOCK.rules) 2407259 - ET RBN Known Russian Business Network IP UDP - BLOCKING (130) (emerging-rbn-BLOCK.rules) 2407260 - ET RBN Known Russian Business Network IP TCP - BLOCKING (131) (emerging-rbn-BLOCK.rules) 2407261 - ET RBN Known Russian Business Network IP UDP - BLOCKING (131) (emerging-rbn-BLOCK.rules) 2407262 - ET RBN Known Russian Business Network IP TCP - BLOCKING (132) (emerging-rbn-BLOCK.rules) 2407263 - ET RBN Known Russian Business Network IP UDP - BLOCKING (132) (emerging-rbn-BLOCK.rules) 2407264 - ET RBN Known Russian Business Network IP TCP - BLOCKING (133) (emerging-rbn-BLOCK.rules) 2407265 - ET RBN Known Russian Business Network IP UDP - BLOCKING (133) (emerging-rbn-BLOCK.rules) 2407266 - ET RBN Known Russian Business Network IP TCP - BLOCKING (134) (emerging-rbn-BLOCK.rules) 2407267 - ET RBN Known Russian Business Network IP UDP - BLOCKING (134) (emerging-rbn-BLOCK.rules) 2407268 - ET RBN Known Russian Business Network IP TCP - BLOCKING (135) (emerging-rbn-BLOCK.rules) 2407269 - ET RBN Known Russian Business Network IP UDP - BLOCKING (135) (emerging-rbn-BLOCK.rules) 2407270 - ET RBN Known Russian Business Network IP TCP - BLOCKING (136) (emerging-rbn-BLOCK.rules) 2407271 - ET RBN Known Russian Business Network IP UDP - BLOCKING (136) (emerging-rbn-BLOCK.rules) 2407272 - ET RBN Known Russian Business Network IP TCP - BLOCKING (137) (emerging-rbn-BLOCK.rules) 2407273 - ET RBN Known Russian Business Network IP UDP - BLOCKING (137) (emerging-rbn-BLOCK.rules) 2407274 - ET RBN Known Russian Business Network IP TCP - BLOCKING (138) (emerging-rbn-BLOCK.rules) 2407275 - ET RBN Known Russian Business Network IP UDP - BLOCKING (138) (emerging-rbn-BLOCK.rules) 2407276 - ET RBN Known Russian Business Network IP TCP - BLOCKING (139) (emerging-rbn-BLOCK.rules) 2407277 - ET RBN Known Russian Business Network IP UDP - BLOCKING (139) (emerging-rbn-BLOCK.rules) 2407278 - ET RBN Known Russian Business Network IP TCP - BLOCKING (140) (emerging-rbn-BLOCK.rules) 2407279 - ET RBN Known Russian Business Network IP UDP - BLOCKING (140) (emerging-rbn-BLOCK.rules) 2407280 - ET RBN Known Russian Business Network IP TCP - BLOCKING (141) (emerging-rbn-BLOCK.rules) 2407281 - ET RBN Known Russian Business Network IP UDP - BLOCKING (141) (emerging-rbn-BLOCK.rules) 2407282 - ET RBN Known Russian Business Network IP TCP - BLOCKING (142) (emerging-rbn-BLOCK.rules) 2407283 - ET RBN Known Russian Business Network IP UDP - BLOCKING (142) (emerging-rbn-BLOCK.rules) 2407284 - ET RBN Known Russian Business Network IP TCP - BLOCKING (143) (emerging-rbn-BLOCK.rules) 2407285 - ET RBN Known Russian Business Network IP UDP - BLOCKING (143) (emerging-rbn-BLOCK.rules) 2407286 - ET RBN Known Russian Business Network IP TCP - BLOCKING (144) (emerging-rbn-BLOCK.rules) 2407287 - ET RBN Known Russian Business Network IP UDP - BLOCKING (144) (emerging-rbn-BLOCK.rules) 2407288 - ET RBN Known Russian Business Network IP TCP - BLOCKING (145) (emerging-rbn-BLOCK.rules) 2407289 - ET RBN Known Russian Business Network IP UDP - BLOCKING (145) (emerging-rbn-BLOCK.rules) 2407290 - ET RBN Known Russian Business Network IP TCP - BLOCKING (146) (emerging-rbn-BLOCK.rules) 2407291 - ET RBN Known Russian Business Network IP UDP - BLOCKING (146) (emerging-rbn-BLOCK.rules) 2407292 - ET RBN Known Russian Business Network IP TCP - BLOCKING (147) (emerging-rbn-BLOCK.rules) 2407293 - ET RBN Known Russian Business Network IP UDP - BLOCKING (147) (emerging-rbn-BLOCK.rules) 2407294 - ET RBN Known Russian Business Network IP TCP - BLOCKING (148) (emerging-rbn-BLOCK.rules) 2407295 - ET RBN Known Russian Business Network IP UDP - BLOCKING (148) (emerging-rbn-BLOCK.rules) 2407296 - ET RBN Known Russian Business Network IP TCP - BLOCKING (149) (emerging-rbn-BLOCK.rules) 2407297 - ET RBN Known Russian Business Network IP UDP - BLOCKING (149) (emerging-rbn-BLOCK.rules) 2407298 - ET RBN Known Russian Business Network IP TCP - BLOCKING (150) (emerging-rbn-BLOCK.rules) 2407299 - ET RBN Known Russian Business Network IP UDP - BLOCKING (150) (emerging-rbn-BLOCK.rules) 2407300 - ET RBN Known Russian Business Network IP TCP - BLOCKING (151) (emerging-rbn-BLOCK.rules) 2407301 - ET RBN Known Russian Business Network IP UDP - BLOCKING (151) (emerging-rbn-BLOCK.rules) 2407302 - ET RBN Known Russian Business Network IP TCP - BLOCKING (152) (emerging-rbn-BLOCK.rules) 2407303 - ET RBN Known Russian Business Network IP UDP - BLOCKING (152) (emerging-rbn-BLOCK.rules) 2407304 - ET RBN Known Russian Business Network IP TCP - BLOCKING (153) (emerging-rbn-BLOCK.rules) 2407305 - ET RBN Known Russian Business Network IP UDP - BLOCKING (153) (emerging-rbn-BLOCK.rules) 2407306 - ET RBN Known Russian Business Network IP TCP - BLOCKING (154) (emerging-rbn-BLOCK.rules) 2407307 - ET RBN Known Russian Business Network IP UDP - BLOCKING (154) (emerging-rbn-BLOCK.rules) 2407308 - ET RBN Known Russian Business Network IP TCP - BLOCKING (155) (emerging-rbn-BLOCK.rules) 2407309 - ET RBN Known Russian Business Network IP UDP - BLOCKING (155) (emerging-rbn-BLOCK.rules) 2407310 - ET RBN Known Russian Business Network IP TCP - BLOCKING (156) (emerging-rbn-BLOCK.rules) 2407311 - ET RBN Known Russian Business Network IP UDP - BLOCKING (156) (emerging-rbn-BLOCK.rules) 2407312 - ET RBN Known Russian Business Network IP TCP - BLOCKING (157) (emerging-rbn-BLOCK.rules) 2407313 - ET RBN Known Russian Business Network IP UDP - BLOCKING (157) (emerging-rbn-BLOCK.rules) 2407314 - ET RBN Known Russian Business Network IP TCP - BLOCKING (158) (emerging-rbn-BLOCK.rules) 2407315 - ET RBN Known Russian Business Network IP UDP - BLOCKING (158) (emerging-rbn-BLOCK.rules) 2407316 - ET RBN Known Russian Business Network IP TCP - BLOCKING (159) (emerging-rbn-BLOCK.rules) 2407317 - ET RBN Known Russian Business Network IP UDP - BLOCKING (159) (emerging-rbn-BLOCK.rules) 2407318 - ET RBN Known Russian Business Network IP TCP - BLOCKING (160) (emerging-rbn-BLOCK.rules) 2407319 - ET RBN Known Russian Business Network IP UDP - BLOCKING (160) (emerging-rbn-BLOCK.rules) 2407320 - ET RBN Known Russian Business Network IP TCP - BLOCKING (161) (emerging-rbn-BLOCK.rules) 2407321 - ET RBN Known Russian Business Network IP UDP - BLOCKING (161) (emerging-rbn-BLOCK.rules) 2407322 - ET RBN Known Russian Business Network IP TCP - BLOCKING (162) (emerging-rbn-BLOCK.rules) 2407323 - ET RBN Known Russian Business Network IP UDP - BLOCKING (162) (emerging-rbn-BLOCK.rules) 2407324 - ET RBN Known Russian Business Network IP TCP - BLOCKING (163) (emerging-rbn-BLOCK.rules) 2407325 - ET RBN Known Russian Business Network IP UDP - BLOCKING (163) (emerging-rbn-BLOCK.rules) 2407326 - ET RBN Known Russian Business Network IP TCP - BLOCKING (164) (emerging-rbn-BLOCK.rules) 2407327 - ET RBN Known Russian Business Network IP UDP - BLOCKING (164) (emerging-rbn-BLOCK.rules) 2407328 - ET RBN Known Russian Business Network IP TCP - BLOCKING (165) (emerging-rbn-BLOCK.rules) 2407329 - ET RBN Known Russian Business Network IP UDP - BLOCKING (165) (emerging-rbn-BLOCK.rules) 2407330 - ET RBN Known Russian Business Network IP TCP - BLOCKING (166) (emerging-rbn-BLOCK.rules) 2407331 - ET RBN Known Russian Business Network IP UDP - BLOCKING (166) (emerging-rbn-BLOCK.rules) 2407332 - ET RBN Known Russian Business Network IP TCP - BLOCKING (167) (emerging-rbn-BLOCK.rules) 2407333 - ET RBN Known Russian Business Network IP UDP - BLOCKING (167) (emerging-rbn-BLOCK.rules) 2407334 - ET RBN Known Russian Business Network IP TCP - BLOCKING (168) (emerging-rbn-BLOCK.rules) 2407335 - ET RBN Known Russian Business Network IP UDP - BLOCKING (168) (emerging-rbn-BLOCK.rules) 2407336 - ET RBN Known Russian Business Network IP TCP - BLOCKING (169) (emerging-rbn-BLOCK.rules) 2407337 - ET RBN Known Russian Business Network IP UDP - BLOCKING (169) (emerging-rbn-BLOCK.rules) 2407338 - ET RBN Known Russian Business Network IP TCP - BLOCKING (170) (emerging-rbn-BLOCK.rules) 2407339 - ET RBN Known Russian Business Network IP UDP - BLOCKING (170) (emerging-rbn-BLOCK.rules) 2407340 - ET RBN Known Russian Business Network IP TCP - BLOCKING (171) (emerging-rbn-BLOCK.rules) 2407341 - ET RBN Known Russian Business Network IP UDP - BLOCKING (171) (emerging-rbn-BLOCK.rules) 2407342 - ET RBN Known Russian Business Network IP TCP - BLOCKING (172) (emerging-rbn-BLOCK.rules) 2407343 - ET RBN Known Russian Business Network IP UDP - BLOCKING (172) (emerging-rbn-BLOCK.rules) 2407344 - ET RBN Known Russian Business Network IP TCP - BLOCKING (173) (emerging-rbn-BLOCK.rules) 2407345 - ET RBN Known Russian Business Network IP UDP - BLOCKING (173) (emerging-rbn-BLOCK.rules) 2407346 - ET RBN Known Russian Business Network IP TCP - BLOCKING (174) (emerging-rbn-BLOCK.rules) 2407347 - ET RBN Known Russian Business Network IP UDP - BLOCKING (174) (emerging-rbn-BLOCK.rules) 2407348 - ET RBN Known Russian Business Network IP TCP - BLOCKING (175) (emerging-rbn-BLOCK.rules) 2407349 - ET RBN Known Russian Business Network IP UDP - BLOCKING (175) (emerging-rbn-BLOCK.rules) 2407350 - ET RBN Known Russian Business Network IP TCP - BLOCKING (176) (emerging-rbn-BLOCK.rules) 2407351 - ET RBN Known Russian Business Network IP UDP - BLOCKING (176) (emerging-rbn-BLOCK.rules) 2407352 - ET RBN Known Russian Business Network IP TCP - BLOCKING (177) (emerging-rbn-BLOCK.rules) 2407353 - ET RBN Known Russian Business Network IP UDP - BLOCKING (177) (emerging-rbn-BLOCK.rules) 2407354 - ET RBN Known Russian Business Network IP TCP - BLOCKING (178) (emerging-rbn-BLOCK.rules) 2407355 - ET RBN Known Russian Business Network IP UDP - BLOCKING (178) (emerging-rbn-BLOCK.rules) 2407356 - ET RBN Known Russian Business Network IP TCP - BLOCKING (179) (emerging-rbn-BLOCK.rules) 2407357 - ET RBN Known Russian Business Network IP UDP - BLOCKING (179) (emerging-rbn-BLOCK.rules) 2407358 - ET RBN Known Russian Business Network IP TCP - BLOCKING (180) (emerging-rbn-BLOCK.rules) 2407359 - ET RBN Known Russian Business Network IP UDP - BLOCKING (180) (emerging-rbn-BLOCK.rules) 2407360 - ET RBN Known Russian Business Network IP TCP - BLOCKING (181) (emerging-rbn-BLOCK.rules) 2407361 - ET RBN Known Russian Business Network IP UDP - BLOCKING (181) (emerging-rbn-BLOCK.rules) 2407362 - ET RBN Known Russian Business Network IP TCP - BLOCKING (182) (emerging-rbn-BLOCK.rules) 2407363 - ET RBN Known Russian Business Network IP UDP - BLOCKING (182) (emerging-rbn-BLOCK.rules) 2407364 - ET RBN Known Russian Business Network IP TCP - BLOCKING (183) (emerging-rbn-BLOCK.rules) 2407365 - ET RBN Known Russian Business Network IP UDP - BLOCKING (183) (emerging-rbn-BLOCK.rules) 2407366 - ET RBN Known Russian Business Network IP TCP - BLOCKING (184) (emerging-rbn-BLOCK.rules) 2407367 - ET RBN Known Russian Business Network IP UDP - BLOCKING (184) (emerging-rbn-BLOCK.rules) 2407368 - ET RBN Known Russian Business Network IP TCP - BLOCKING (185) (emerging-rbn-BLOCK.rules) 2407369 - ET RBN Known Russian Business Network IP UDP - BLOCKING (185) (emerging-rbn-BLOCK.rules) 2407370 - ET RBN Known Russian Business Network IP TCP - BLOCKING (186) (emerging-rbn-BLOCK.rules) 2407371 - ET RBN Known Russian Business Network IP UDP - BLOCKING (186) (emerging-rbn-BLOCK.rules) 2407372 - ET RBN Known Russian Business Network IP TCP - BLOCKING (187) (emerging-rbn-BLOCK.rules) 2407373 - ET RBN Known Russian Business Network IP UDP - BLOCKING (187) (emerging-rbn-BLOCK.rules) 2407374 - ET RBN Known Russian Business Network IP TCP - BLOCKING (188) (emerging-rbn-BLOCK.rules) 2407375 - ET RBN Known Russian Business Network IP UDP - BLOCKING (188) (emerging-rbn-BLOCK.rules) 2407376 - ET RBN Known Russian Business Network IP TCP - BLOCKING (189) (emerging-rbn-BLOCK.rules) 2407377 - ET RBN Known Russian Business Network IP UDP - BLOCKING (189) (emerging-rbn-BLOCK.rules) 2407378 - ET RBN Known Russian Business Network IP TCP - BLOCKING (190) (emerging-rbn-BLOCK.rules) 2407379 - ET RBN Known Russian Business Network IP UDP - BLOCKING (190) (emerging-rbn-BLOCK.rules) 2407380 - ET RBN Known Russian Business Network IP TCP - BLOCKING (191) (emerging-rbn-BLOCK.rules) 2407381 - ET RBN Known Russian Business Network IP UDP - BLOCKING (191) (emerging-rbn-BLOCK.rules) 2407382 - ET RBN Known Russian Business Network IP TCP - BLOCKING (192) (emerging-rbn-BLOCK.rules) 2407383 - ET RBN Known Russian Business Network IP UDP - BLOCKING (192) (emerging-rbn-BLOCK.rules) 2407384 - ET RBN Known Russian Business Network IP TCP - BLOCKING (193) (emerging-rbn-BLOCK.rules) 2407385 - ET RBN Known Russian Business Network IP UDP - BLOCKING (193) (emerging-rbn-BLOCK.rules) 2407386 - ET RBN Known Russian Business Network IP TCP - BLOCKING (194) (emerging-rbn-BLOCK.rules) 2407387 - ET RBN Known Russian Business Network IP UDP - BLOCKING (194) (emerging-rbn-BLOCK.rules) 2407388 - ET RBN Known Russian Business Network IP TCP - BLOCKING (195) (emerging-rbn-BLOCK.rules) 2407389 - ET RBN Known Russian Business Network IP UDP - BLOCKING (195) (emerging-rbn-BLOCK.rules) 2407390 - ET RBN Known Russian Business Network IP TCP - BLOCKING (196) (emerging-rbn-BLOCK.rules) 2407391 - ET RBN Known Russian Business Network IP UDP - BLOCKING (196) (emerging-rbn-BLOCK.rules) 2407392 - ET RBN Known Russian Business Network IP TCP - BLOCKING (197) (emerging-rbn-BLOCK.rules) 2407393 - ET RBN Known Russian Business Network IP UDP - BLOCKING (197) (emerging-rbn-BLOCK.rules) 2407394 - ET RBN Known Russian Business Network IP TCP - BLOCKING (198) (emerging-rbn-BLOCK.rules) 2407395 - ET RBN Known Russian Business Network IP UDP - BLOCKING (198) (emerging-rbn-BLOCK.rules) 2407396 - ET RBN Known Russian Business Network IP TCP - BLOCKING (199) (emerging-rbn-BLOCK.rules) 2407397 - ET RBN Known Russian Business Network IP UDP - BLOCKING (199) (emerging-rbn-BLOCK.rules) 2407398 - ET RBN Known Russian Business Network IP TCP - BLOCKING (200) (emerging-rbn-BLOCK.rules) 2407399 - ET RBN Known Russian Business Network IP UDP - BLOCKING (200) (emerging-rbn-BLOCK.rules) 2407400 - ET RBN Known Russian Business Network IP TCP - BLOCKING (201) (emerging-rbn-BLOCK.rules) 2407401 - ET RBN Known Russian Business Network IP UDP - BLOCKING (201) (emerging-rbn-BLOCK.rules) 2407402 - ET RBN Known Russian Business Network IP TCP - BLOCKING (202) (emerging-rbn-BLOCK.rules) 2407403 - ET RBN Known Russian Business Network IP UDP - BLOCKING (202) (emerging-rbn-BLOCK.rules) 2407404 - ET RBN Known Russian Business Network IP TCP - BLOCKING (203) (emerging-rbn-BLOCK.rules) 2407405 - ET RBN Known Russian Business Network IP UDP - BLOCKING (203) (emerging-rbn-BLOCK.rules) 2407406 - ET RBN Known Russian Business Network IP TCP - BLOCKING (204) (emerging-rbn-BLOCK.rules) 2407407 - ET RBN Known Russian Business Network IP UDP - BLOCKING (204) (emerging-rbn-BLOCK.rules) 2407408 - ET RBN Known Russian Business Network IP TCP - BLOCKING (205) (emerging-rbn-BLOCK.rules) 2407409 - ET RBN Known Russian Business Network IP UDP - BLOCKING (205) (emerging-rbn-BLOCK.rules) 2407410 - ET RBN Known Russian Business Network IP TCP - BLOCKING (206) (emerging-rbn-BLOCK.rules) 2407411 - ET RBN Known Russian Business Network IP UDP - BLOCKING (206) (emerging-rbn-BLOCK.rules) 2407412 - ET RBN Known Russian Business Network IP TCP - BLOCKING (207) (emerging-rbn-BLOCK.rules) 2407413 - ET RBN Known Russian Business Network IP UDP - BLOCKING (207) (emerging-rbn-BLOCK.rules) 2407414 - ET RBN Known Russian Business Network IP TCP - BLOCKING (208) (emerging-rbn-BLOCK.rules) 2407415 - ET RBN Known Russian Business Network IP UDP - BLOCKING (208) (emerging-rbn-BLOCK.rules) 2407416 - ET RBN Known Russian Business Network IP TCP - BLOCKING (209) (emerging-rbn-BLOCK.rules) 2407417 - ET RBN Known Russian Business Network IP UDP - BLOCKING (209) (emerging-rbn-BLOCK.rules) 2407418 - ET RBN Known Russian Business Network IP TCP - BLOCKING (210) (emerging-rbn-BLOCK.rules) 2407419 - ET RBN Known Russian Business Network IP UDP - BLOCKING (210) (emerging-rbn-BLOCK.rules) 2407420 - ET RBN Known Russian Business Network IP TCP - BLOCKING (211) (emerging-rbn-BLOCK.rules) 2407421 - ET RBN Known Russian Business Network IP UDP - BLOCKING (211) (emerging-rbn-BLOCK.rules) 2407422 - ET RBN Known Russian Business Network IP TCP - BLOCKING (212) (emerging-rbn-BLOCK.rules) 2407423 - ET RBN Known Russian Business Network IP UDP - BLOCKING (212) (emerging-rbn-BLOCK.rules) 2407424 - ET RBN Known Russian Business Network IP TCP - BLOCKING (213) (emerging-rbn-BLOCK.rules) 2407425 - ET RBN Known Russian Business Network IP UDP - BLOCKING (213) (emerging-rbn-BLOCK.rules) 2407426 - ET RBN Known Russian Business Network IP TCP - BLOCKING (214) (emerging-rbn-BLOCK.rules) 2407427 - ET RBN Known Russian Business Network IP UDP - BLOCKING (214) (emerging-rbn-BLOCK.rules) 2407428 - ET RBN Known Russian Business Network IP TCP - BLOCKING (215) (emerging-rbn-BLOCK.rules) 2407429 - ET RBN Known Russian Business Network IP UDP - BLOCKING (215) (emerging-rbn-BLOCK.rules) 2407430 - ET RBN Known Russian Business Network IP TCP - BLOCKING (216) (emerging-rbn-BLOCK.rules) 2407431 - ET RBN Known Russian Business Network IP UDP - BLOCKING (216) (emerging-rbn-BLOCK.rules) 2407432 - ET RBN Known Russian Business Network IP TCP - BLOCKING (217) (emerging-rbn-BLOCK.rules) 2407433 - ET RBN Known Russian Business Network IP UDP - BLOCKING (217) (emerging-rbn-BLOCK.rules) 2407434 - ET RBN Known Russian Business Network IP TCP - BLOCKING (218) (emerging-rbn-BLOCK.rules) 2407435 - ET RBN Known Russian Business Network IP UDP - BLOCKING (218) (emerging-rbn-BLOCK.rules) 2407436 - ET RBN Known Russian Business Network IP TCP - BLOCKING (219) (emerging-rbn-BLOCK.rules) 2407437 - ET RBN Known Russian Business Network IP UDP - BLOCKING (219) (emerging-rbn-BLOCK.rules) 2407438 - ET RBN Known Russian Business Network IP TCP - BLOCKING (220) (emerging-rbn-BLOCK.rules) 2407439 - ET RBN Known Russian Business Network IP UDP - BLOCKING (220) (emerging-rbn-BLOCK.rules) 2407440 - ET RBN Known Russian Business Network IP TCP - BLOCKING (221) (emerging-rbn-BLOCK.rules) 2407441 - ET RBN Known Russian Business Network IP UDP - BLOCKING (221) (emerging-rbn-BLOCK.rules) 2407442 - ET RBN Known Russian Business Network IP TCP - BLOCKING (222) (emerging-rbn-BLOCK.rules) 2407443 - ET RBN Known Russian Business Network IP UDP - BLOCKING (222) (emerging-rbn-BLOCK.rules) 2407444 - ET RBN Known Russian Business Network IP TCP - BLOCKING (223) (emerging-rbn-BLOCK.rules) 2407445 - ET RBN Known Russian Business Network IP UDP - BLOCKING (223) (emerging-rbn-BLOCK.rules) 2407446 - ET RBN Known Russian Business Network IP TCP - BLOCKING (224) (emerging-rbn-BLOCK.rules) 2407447 - ET RBN Known Russian Business Network IP UDP - BLOCKING (224) (emerging-rbn-BLOCK.rules) 2407448 - ET RBN Known Russian Business Network IP TCP - BLOCKING (225) (emerging-rbn-BLOCK.rules) 2407449 - ET RBN Known Russian Business Network IP UDP - BLOCKING (225) (emerging-rbn-BLOCK.rules) 2407450 - ET RBN Known Russian Business Network IP TCP - BLOCKING (226) (emerging-rbn-BLOCK.rules) 2407451 - ET RBN Known Russian Business Network IP UDP - BLOCKING (226) (emerging-rbn-BLOCK.rules) 2407452 - ET RBN Known Russian Business Network IP TCP - BLOCKING (227) (emerging-rbn-BLOCK.rules) 2407453 - ET RBN Known Russian Business Network IP UDP - BLOCKING (227) (emerging-rbn-BLOCK.rules) 2407454 - ET RBN Known Russian Business Network IP TCP - BLOCKING (228) (emerging-rbn-BLOCK.rules) 2407455 - ET RBN Known Russian Business Network IP UDP - BLOCKING (228) (emerging-rbn-BLOCK.rules) 2407456 - ET RBN Known Russian Business Network IP TCP - BLOCKING (229) (emerging-rbn-BLOCK.rules) 2407457 - ET RBN Known Russian Business Network IP UDP - BLOCKING (229) (emerging-rbn-BLOCK.rules) 2407458 - ET RBN Known Russian Business Network IP TCP - BLOCKING (230) (emerging-rbn-BLOCK.rules) 2407459 - ET RBN Known Russian Business Network IP UDP - BLOCKING (230) (emerging-rbn-BLOCK.rules) 2407460 - ET RBN Known Russian Business Network IP TCP - BLOCKING (231) (emerging-rbn-BLOCK.rules) 2407461 - ET RBN Known Russian Business Network IP UDP - BLOCKING (231) (emerging-rbn-BLOCK.rules) 2407462 - ET RBN Known Russian Business Network IP TCP - BLOCKING (232) (emerging-rbn-BLOCK.rules) 2407463 - ET RBN Known Russian Business Network IP UDP - BLOCKING (232) (emerging-rbn-BLOCK.rules) 2407464 - ET RBN Known Russian Business Network IP TCP - BLOCKING (233) (emerging-rbn-BLOCK.rules) 2407465 - ET RBN Known Russian Business Network IP UDP - BLOCKING (233) (emerging-rbn-BLOCK.rules) 2407466 - ET RBN Known Russian Business Network IP TCP - BLOCKING (234) (emerging-rbn-BLOCK.rules) 2407467 - ET RBN Known Russian Business Network IP UDP - BLOCKING (234) (emerging-rbn-BLOCK.rules) 2407468 - ET RBN Known Russian Business Network IP TCP - BLOCKING (235) (emerging-rbn-BLOCK.rules) 2407469 - ET RBN Known Russian Business Network IP UDP - BLOCKING (235) (emerging-rbn-BLOCK.rules) 2407470 - ET RBN Known Russian Business Network IP TCP - BLOCKING (236) (emerging-rbn-BLOCK.rules) 2407471 - ET RBN Known Russian Business Network IP UDP - BLOCKING (236) (emerging-rbn-BLOCK.rules) 2407472 - ET RBN Known Russian Business Network IP TCP - BLOCKING (237) (emerging-rbn-BLOCK.rules) 2407473 - ET RBN Known Russian Business Network IP UDP - BLOCKING (237) (emerging-rbn-BLOCK.rules) 2407474 - ET RBN Known Russian Business Network IP TCP - BLOCKING (238) (emerging-rbn-BLOCK.rules) 2407475 - ET RBN Known Russian Business Network IP UDP - BLOCKING (238) (emerging-rbn-BLOCK.rules) 2407476 - ET RBN Known Russian Business Network IP TCP - BLOCKING (239) (emerging-rbn-BLOCK.rules) 2407477 - ET RBN Known Russian Business Network IP UDP - BLOCKING (239) (emerging-rbn-BLOCK.rules) 2407478 - ET RBN Known Russian Business Network IP TCP - BLOCKING (240) (emerging-rbn-BLOCK.rules) 2407479 - ET RBN Known Russian Business Network IP UDP - BLOCKING (240) (emerging-rbn-BLOCK.rules) 2407480 - ET RBN Known Russian Business Network IP TCP - BLOCKING (241) (emerging-rbn-BLOCK.rules) 2407481 - ET RBN Known Russian Business Network IP UDP - BLOCKING (241) (emerging-rbn-BLOCK.rules) 2407482 - ET RBN Known Russian Business Network IP TCP - BLOCKING (242) (emerging-rbn-BLOCK.rules) 2407483 - ET RBN Known Russian Business Network IP UDP - BLOCKING (242) (emerging-rbn-BLOCK.rules) 2407484 - ET RBN Known Russian Business Network IP TCP - BLOCKING (243) (emerging-rbn-BLOCK.rules) 2407485 - ET RBN Known Russian Business Network IP UDP - BLOCKING (243) (emerging-rbn-BLOCK.rules) 2407486 - ET RBN Known Russian Business Network IP TCP - BLOCKING (244) (emerging-rbn-BLOCK.rules) 2407487 - ET RBN Known Russian Business Network IP UDP - BLOCKING (244) (emerging-rbn-BLOCK.rules) 2407488 - ET RBN Known Russian Business Network IP TCP - BLOCKING (245) (emerging-rbn-BLOCK.rules) 2407489 - ET RBN Known Russian Business Network IP UDP - BLOCKING (245) (emerging-rbn-BLOCK.rules) 2407490 - ET RBN Known Russian Business Network IP TCP - BLOCKING (246) (emerging-rbn-BLOCK.rules) 2407491 - ET RBN Known Russian Business Network IP UDP - BLOCKING (246) (emerging-rbn-BLOCK.rules) 2407492 - ET RBN Known Russian Business Network IP TCP - BLOCKING (247) (emerging-rbn-BLOCK.rules) 2407493 - ET RBN Known Russian Business Network IP UDP - BLOCKING (247) (emerging-rbn-BLOCK.rules) 2407494 - ET RBN Known Russian Business Network IP TCP - BLOCKING (248) (emerging-rbn-BLOCK.rules) 2407495 - ET RBN Known Russian Business Network IP UDP - BLOCKING (248) (emerging-rbn-BLOCK.rules) 2407496 - ET RBN Known Russian Business Network IP TCP - BLOCKING (249) (emerging-rbn-BLOCK.rules) 2407497 - ET RBN Known Russian Business Network IP UDP - BLOCKING (249) (emerging-rbn-BLOCK.rules) 2407498 - ET RBN Known Russian Business Network IP TCP - BLOCKING (250) (emerging-rbn-BLOCK.rules) 2407499 - ET RBN Known Russian Business Network IP UDP - BLOCKING (250) (emerging-rbn-BLOCK.rules) 2407500 - ET RBN Known Russian Business Network IP TCP - BLOCKING (251) (emerging-rbn-BLOCK.rules) 2407501 - ET RBN Known Russian Business Network IP UDP - BLOCKING (251) (emerging-rbn-BLOCK.rules) 2407502 - ET RBN Known Russian Business Network IP TCP - BLOCKING (252) (emerging-rbn-BLOCK.rules) 2407503 - ET RBN Known Russian Business Network IP UDP - BLOCKING (252) (emerging-rbn-BLOCK.rules) 2407504 - ET RBN Known Russian Business Network IP TCP - BLOCKING (253) (emerging-rbn-BLOCK.rules) 2407505 - ET RBN Known Russian Business Network IP UDP - BLOCKING (253) (emerging-rbn-BLOCK.rules) 2407506 - ET RBN Known Russian Business Network IP TCP - BLOCKING (254) (emerging-rbn-BLOCK.rules) 2407507 - ET RBN Known Russian Business Network IP UDP - BLOCKING (254) (emerging-rbn-BLOCK.rules) 2407508 - ET RBN Known Russian Business Network IP TCP - BLOCKING (255) (emerging-rbn-BLOCK.rules) 2407509 - ET RBN Known Russian Business Network IP UDP - BLOCKING (255) (emerging-rbn-BLOCK.rules) 2407510 - ET RBN Known Russian Business Network IP TCP - BLOCKING (256) (emerging-rbn-BLOCK.rules) 2407511 - ET RBN Known Russian Business Network IP UDP - BLOCKING (256) (emerging-rbn-BLOCK.rules) 2407512 - ET RBN Known Russian Business Network IP TCP - BLOCKING (257) (emerging-rbn-BLOCK.rules) 2407513 - ET RBN Known Russian Business Network IP UDP - BLOCKING (257) (emerging-rbn-BLOCK.rules) 2407514 - ET RBN Known Russian Business Network IP TCP - BLOCKING (258) (emerging-rbn-BLOCK.rules) 2407515 - ET RBN Known Russian Business Network IP UDP - BLOCKING (258) (emerging-rbn-BLOCK.rules) 2407516 - ET RBN Known Russian Business Network IP TCP - BLOCKING (259) (emerging-rbn-BLOCK.rules) 2407517 - ET RBN Known Russian Business Network IP UDP - BLOCKING (259) (emerging-rbn-BLOCK.rules) 2407518 - ET RBN Known Russian Business Network IP TCP - BLOCKING (260) (emerging-rbn-BLOCK.rules) 2407519 - ET RBN Known Russian Business Network IP UDP - BLOCKING (260) (emerging-rbn-BLOCK.rules) 2407520 - ET RBN Known Russian Business Network IP TCP - BLOCKING (261) (emerging-rbn-BLOCK.rules) 2407521 - ET RBN Known Russian Business Network IP UDP - BLOCKING (261) (emerging-rbn-BLOCK.rules) 2407522 - ET RBN Known Russian Business Network IP TCP - BLOCKING (262) (emerging-rbn-BLOCK.rules) 2407523 - ET RBN Known Russian Business Network IP UDP - BLOCKING (262) (emerging-rbn-BLOCK.rules) 2407524 - ET RBN Known Russian Business Network IP TCP - BLOCKING (263) (emerging-rbn-BLOCK.rules) 2407525 - ET RBN Known Russian Business Network IP UDP - BLOCKING (263) (emerging-rbn-BLOCK.rules) 2407526 - ET RBN Known Russian Business Network IP TCP - BLOCKING (264) (emerging-rbn-BLOCK.rules) 2407527 - ET RBN Known Russian Business Network IP UDP - BLOCKING (264) (emerging-rbn-BLOCK.rules) 2407528 - ET RBN Known Russian Business Network IP TCP - BLOCKING (265) (emerging-rbn-BLOCK.rules) 2407529 - ET RBN Known Russian Business Network IP UDP - BLOCKING (265) (emerging-rbn-BLOCK.rules) 2407530 - ET RBN Known Russian Business Network IP TCP - BLOCKING (266) (emerging-rbn-BLOCK.rules) 2407531 - ET RBN Known Russian Business Network IP UDP - BLOCKING (266) (emerging-rbn-BLOCK.rules) 2407532 - ET RBN Known Russian Business Network IP TCP - BLOCKING (267) (emerging-rbn-BLOCK.rules) 2407533 - ET RBN Known Russian Business Network IP UDP - BLOCKING (267) (emerging-rbn-BLOCK.rules) 2407534 - ET RBN Known Russian Business Network IP TCP - BLOCKING (268) (emerging-rbn-BLOCK.rules) 2407535 - ET RBN Known Russian Business Network IP UDP - BLOCKING (268) (emerging-rbn-BLOCK.rules) 2407536 - ET RBN Known Russian Business Network IP TCP - BLOCKING (269) (emerging-rbn-BLOCK.rules) 2407537 - ET RBN Known Russian Business Network IP UDP - BLOCKING (269) (emerging-rbn-BLOCK.rules) 2407538 - ET RBN Known Russian Business Network IP TCP - BLOCKING (270) (emerging-rbn-BLOCK.rules) 2407539 - ET RBN Known Russian Business Network IP UDP - BLOCKING (270) (emerging-rbn-BLOCK.rules) 2407540 - ET RBN Known Russian Business Network IP TCP - BLOCKING (271) (emerging-rbn-BLOCK.rules) 2407541 - ET RBN Known Russian Business Network IP UDP - BLOCKING (271) (emerging-rbn-BLOCK.rules) 2407542 - ET RBN Known Russian Business Network IP TCP - BLOCKING (272) (emerging-rbn-BLOCK.rules) 2407543 - ET RBN Known Russian Business Network IP UDP - BLOCKING (272) (emerging-rbn-BLOCK.rules) 2407544 - ET RBN Known Russian Business Network IP TCP - BLOCKING (273) (emerging-rbn-BLOCK.rules) 2407545 - ET RBN Known Russian Business Network IP UDP - BLOCKING (273) (emerging-rbn-BLOCK.rules) 2407546 - ET RBN Known Russian Business Network IP TCP - BLOCKING (274) (emerging-rbn-BLOCK.rules) 2407547 - ET RBN Known Russian Business Network IP UDP - BLOCKING (274) (emerging-rbn-BLOCK.rules) 2407548 - ET RBN Known Russian Business Network IP TCP - BLOCKING (275) (emerging-rbn-BLOCK.rules) 2407549 - ET RBN Known Russian Business Network IP UDP - BLOCKING (275) (emerging-rbn-BLOCK.rules) 2407550 - ET RBN Known Russian Business Network IP TCP - BLOCKING (276) (emerging-rbn-BLOCK.rules) 2407551 - ET RBN Known Russian Business Network IP UDP - BLOCKING (276) (emerging-rbn-BLOCK.rules) 2407552 - ET RBN Known Russian Business Network IP TCP - BLOCKING (277) (emerging-rbn-BLOCK.rules) 2407553 - ET RBN Known Russian Business Network IP UDP - BLOCKING (277) (emerging-rbn-BLOCK.rules) 2407554 - ET RBN Known Russian Business Network IP TCP - BLOCKING (278) (emerging-rbn-BLOCK.rules) 2407555 - ET RBN Known Russian Business Network IP UDP - BLOCKING (278) (emerging-rbn-BLOCK.rules) 2407556 - ET RBN Known Russian Business Network IP TCP - BLOCKING (279) (emerging-rbn-BLOCK.rules) 2407557 - ET RBN Known Russian Business Network IP UDP - BLOCKING (279) (emerging-rbn-BLOCK.rules) 2407558 - ET RBN Known Russian Business Network IP TCP - BLOCKING (280) (emerging-rbn-BLOCK.rules) 2407559 - ET RBN Known Russian Business Network IP UDP - BLOCKING (280) (emerging-rbn-BLOCK.rules) 2407560 - ET RBN Known Russian Business Network IP TCP - BLOCKING (281) (emerging-rbn-BLOCK.rules) 2407561 - ET RBN Known Russian Business Network IP UDP - BLOCKING (281) (emerging-rbn-BLOCK.rules) 2407562 - ET RBN Known Russian Business Network IP TCP - BLOCKING (282) (emerging-rbn-BLOCK.rules) 2407563 - ET RBN Known Russian Business Network IP UDP - BLOCKING (282) (emerging-rbn-BLOCK.rules) 2407564 - ET RBN Known Russian Business Network IP TCP - BLOCKING (283) (emerging-rbn-BLOCK.rules) 2407565 - ET RBN Known Russian Business Network IP UDP - BLOCKING (283) (emerging-rbn-BLOCK.rules) 2407566 - ET RBN Known Russian Business Network IP TCP - BLOCKING (284) (emerging-rbn-BLOCK.rules) 2407567 - ET RBN Known Russian Business Network IP UDP - BLOCKING (284) (emerging-rbn-BLOCK.rules) 2407568 - ET RBN Known Russian Business Network IP TCP - BLOCKING (285) (emerging-rbn-BLOCK.rules) 2407569 - ET RBN Known Russian Business Network IP UDP - BLOCKING (285) (emerging-rbn-BLOCK.rules) 2407570 - ET RBN Known Russian Business Network IP TCP - BLOCKING (286) (emerging-rbn-BLOCK.rules) 2407571 - ET RBN Known Russian Business Network IP UDP - BLOCKING (286) (emerging-rbn-BLOCK.rules) 2407572 - ET RBN Known Russian Business Network IP TCP - BLOCKING (287) (emerging-rbn-BLOCK.rules) 2407573 - ET RBN Known Russian Business Network IP UDP - BLOCKING (287) (emerging-rbn-BLOCK.rules) 2407574 - ET RBN Known Russian Business Network IP TCP - BLOCKING (288) (emerging-rbn-BLOCK.rules) 2407575 - ET RBN Known Russian Business Network IP UDP - BLOCKING (288) (emerging-rbn-BLOCK.rules) 2407576 - ET RBN Known Russian Business Network IP TCP - BLOCKING (289) (emerging-rbn-BLOCK.rules) 2407577 - ET RBN Known Russian Business Network IP UDP - BLOCKING (289) (emerging-rbn-BLOCK.rules) 2407578 - ET RBN Known Russian Business Network IP TCP - BLOCKING (290) (emerging-rbn-BLOCK.rules) 2407579 - ET RBN Known Russian Business Network IP UDP - BLOCKING (290) (emerging-rbn-BLOCK.rules) 2407580 - ET RBN Known Russian Business Network IP TCP - BLOCKING (291) (emerging-rbn-BLOCK.rules) 2407581 - ET RBN Known Russian Business Network IP UDP - BLOCKING (291) (emerging-rbn-BLOCK.rules) 2407582 - ET RBN Known Russian Business Network IP TCP - BLOCKING (292) (emerging-rbn-BLOCK.rules) 2407583 - ET RBN Known Russian Business Network IP UDP - BLOCKING (292) (emerging-rbn-BLOCK.rules) 2407584 - ET RBN Known Russian Business Network IP TCP - BLOCKING (293) (emerging-rbn-BLOCK.rules) 2407585 - ET RBN Known Russian Business Network IP UDP - BLOCKING (293) (emerging-rbn-BLOCK.rules) 2407586 - ET RBN Known Russian Business Network IP TCP - BLOCKING (294) (emerging-rbn-BLOCK.rules) 2407587 - ET RBN Known Russian Business Network IP UDP - BLOCKING (294) (emerging-rbn-BLOCK.rules) 2407588 - ET RBN Known Russian Business Network IP TCP - BLOCKING (295) (emerging-rbn-BLOCK.rules) 2407589 - ET RBN Known Russian Business Network IP UDP - BLOCKING (295) (emerging-rbn-BLOCK.rules) 2407590 - ET RBN Known Russian Business Network IP TCP - BLOCKING (296) (emerging-rbn-BLOCK.rules) 2407591 - ET RBN Known Russian Business Network IP UDP - BLOCKING (296) (emerging-rbn-BLOCK.rules) 2407592 - ET RBN Known Russian Business Network IP TCP - BLOCKING (297) (emerging-rbn-BLOCK.rules) 2407593 - ET RBN Known Russian Business Network IP UDP - BLOCKING (297) (emerging-rbn-BLOCK.rules) 2407594 - ET RBN Known Russian Business Network IP TCP - BLOCKING (298) (emerging-rbn-BLOCK.rules) 2407595 - ET RBN Known Russian Business Network IP UDP - BLOCKING (298) (emerging-rbn-BLOCK.rules) 2407596 - ET RBN Known Russian Business Network IP TCP - BLOCKING (299) (emerging-rbn-BLOCK.rules) 2407597 - ET RBN Known Russian Business Network IP UDP - BLOCKING (299) (emerging-rbn-BLOCK.rules) 2407598 - ET RBN Known Russian Business Network IP TCP - BLOCKING (300) (emerging-rbn-BLOCK.rules) 2407599 - ET RBN Known Russian Business Network IP UDP - BLOCKING (300) (emerging-rbn-BLOCK.rules) 2407600 - ET RBN Known Russian Business Network IP TCP - BLOCKING (301) (emerging-rbn-BLOCK.rules) 2407601 - ET RBN Known Russian Business Network IP UDP - BLOCKING (301) (emerging-rbn-BLOCK.rules) 2407602 - ET RBN Known Russian Business Network IP TCP - BLOCKING (302) (emerging-rbn-BLOCK.rules) 2407603 - ET RBN Known Russian Business Network IP UDP - BLOCKING (302) (emerging-rbn-BLOCK.rules) 2407604 - ET RBN Known Russian Business Network IP TCP - BLOCKING (303) (emerging-rbn-BLOCK.rules) 2407605 - ET RBN Known Russian Business Network IP UDP - BLOCKING (303) (emerging-rbn-BLOCK.rules) 2407606 - ET RBN Known Russian Business Network IP TCP - BLOCKING (304) (emerging-rbn-BLOCK.rules) 2407607 - ET RBN Known Russian Business Network IP UDP - BLOCKING (304) (emerging-rbn-BLOCK.rules) 2407608 - ET RBN Known Russian Business Network IP TCP - BLOCKING (305) (emerging-rbn-BLOCK.rules) 2407609 - ET RBN Known Russian Business Network IP UDP - BLOCKING (305) (emerging-rbn-BLOCK.rules) 2407610 - ET RBN Known Russian Business Network IP TCP - BLOCKING (306) (emerging-rbn-BLOCK.rules) 2407611 - ET RBN Known Russian Business Network IP UDP - BLOCKING (306) (emerging-rbn-BLOCK.rules) 2407612 - ET RBN Known Russian Business Network IP TCP - BLOCKING (307) (emerging-rbn-BLOCK.rules) 2407613 - ET RBN Known Russian Business Network IP UDP - BLOCKING (307) (emerging-rbn-BLOCK.rules) 2407614 - ET RBN Known Russian Business Network IP TCP - BLOCKING (308) (emerging-rbn-BLOCK.rules) 2407615 - ET RBN Known Russian Business Network IP UDP - BLOCKING (308) (emerging-rbn-BLOCK.rules) 2407616 - ET RBN Known Russian Business Network IP TCP - BLOCKING (309) (emerging-rbn-BLOCK.rules) 2407617 - ET RBN Known Russian Business Network IP UDP - BLOCKING (309) (emerging-rbn-BLOCK.rules) 2407618 - ET RBN Known Russian Business Network IP TCP - BLOCKING (310) (emerging-rbn-BLOCK.rules) 2407619 - ET RBN Known Russian Business Network IP UDP - BLOCKING (310) (emerging-rbn-BLOCK.rules) [+++] Added non-rule lines: [+++] -> Added to emerging-rbn-BLOCK.rules (2): # VERSION 133 # Updated 2009-06-13 12:37:44 -> Added to emerging-rbn.rules (2): # VERSION 133 # Updated 2009-06-13 12:37:44 -> Added to emerging-sid-msg.map (142): 2404024 || ET DROP Known Bot C&C Server Traffic (group 25) || url,www.shadowserver.org 2405024 || ET DROP Known Bot C&C Traffic (group 25) - BLOCKING SOURCE || url,www.shadowserver.org 2406620 || ET RBN Known Russian Business Network IP TCP (311) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406621 || ET RBN Known Russian Business Network IP UDP (311) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406622 || ET RBN Known Russian Business Network IP TCP (312) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406623 || ET RBN Known Russian Business Network IP UDP (312) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406624 || ET RBN Known Russian Business Network IP TCP (313) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406625 || ET RBN Known Russian Business Network IP UDP (313) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406626 || ET RBN Known Russian Business Network IP TCP (314) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406627 || ET RBN Known Russian Business Network IP UDP (314) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406628 || ET RBN Known Russian Business Network IP TCP (315) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406629 || ET RBN Known Russian Business Network IP UDP (315) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406630 || ET RBN Known Russian Business Network IP TCP (316) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406631 || ET RBN Known Russian Business Network IP UDP (316) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406632 || ET RBN Known Russian Business Network IP TCP (317) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406633 || ET RBN Known Russian Business Network IP UDP (317) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406634 || ET RBN Known Russian Business Network IP TCP (318) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406635 || ET RBN Known Russian Business Network IP UDP (318) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406636 || ET RBN Known Russian Business Network IP TCP (319) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406637 || ET RBN Known Russian Business Network IP UDP (319) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406638 || ET RBN Known Russian Business Network IP TCP (320) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406639 || ET RBN Known Russian Business Network IP UDP (320) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406640 || ET RBN Known Russian Business Network IP TCP (321) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406641 || ET RBN Known Russian Business Network IP UDP (321) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406642 || ET RBN Known Russian Business Network IP TCP (322) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406643 || ET RBN Known Russian Business Network IP UDP (322) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406644 || ET RBN Known Russian Business Network IP TCP (323) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406645 || ET RBN Known Russian Business Network IP UDP (323) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406646 || ET RBN Known Russian Business Network IP TCP (324) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406647 || ET RBN Known Russian Business Network IP UDP (324) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406648 || ET RBN Known Russian Business Network IP TCP (325) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406649 || ET RBN Known Russian Business Network IP UDP (325) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406650 || ET RBN Known Russian Business Network IP TCP (326) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406651 || ET RBN Known Russian Business Network IP UDP (326) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406652 || ET RBN Known Russian Business Network IP TCP (327) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406653 || ET RBN Known Russian Business Network IP UDP (327) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406654 || ET RBN Known Russian Business Network IP TCP (328) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406655 || ET RBN Known Russian Business Network IP UDP (328) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406656 || ET RBN Known Russian Business Network IP TCP (329) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406657 || ET RBN Known Russian Business Network IP UDP (329) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406658 || ET RBN Known Russian Business Network IP TCP (330) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406659 || ET RBN Known Russian Business Network IP UDP (330) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406660 || ET RBN Known Russian Business Network IP TCP (331) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406661 || ET RBN Known Russian Business Network IP UDP (331) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406662 || ET RBN Known Russian Business Network IP TCP (332) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406663 || ET RBN Known Russian Business Network IP UDP (332) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406664 || ET RBN Known Russian Business Network IP TCP (333) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406665 || ET RBN Known Russian Business Network IP UDP (333) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406666 || ET RBN Known Russian Business Network IP TCP (334) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406667 || ET RBN Known Russian Business Network IP UDP (334) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406668 || ET RBN Known Russian Business Network IP TCP (335) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406669 || ET RBN Known Russian Business Network IP UDP (335) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406670 || ET RBN Known Russian Business Network IP TCP (336) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406671 || ET RBN Known Russian Business Network IP UDP (336) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406672 || ET RBN Known Russian Business Network IP TCP (337) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406673 || ET RBN Known Russian Business Network IP UDP (337) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406674 || ET RBN Known Russian Business Network IP TCP (338) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406675 || ET RBN Known Russian Business Network IP UDP (338) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406676 || ET RBN Known Russian Business Network IP TCP (339) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406677 || ET RBN Known Russian Business Network IP UDP (339) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406678 || ET RBN Known Russian Business Network IP TCP (340) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406679 || ET RBN Known Russian Business Network IP UDP (340) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406680 || ET RBN Known Russian Business Network IP TCP (341) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406681 || ET RBN Known Russian Business Network IP UDP (341) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406682 || ET RBN Known Russian Business Network IP TCP (342) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406683 || ET RBN Known Russian Business Network IP UDP (342) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406684 || ET RBN Known Russian Business Network IP TCP (343) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406685 || ET RBN Known Russian Business Network IP UDP (343) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406686 || ET RBN Known Russian Business Network IP TCP (344) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406687 || ET RBN Known Russian Business Network IP UDP (344) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406688 || ET RBN Known Russian Business Network IP TCP (345) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406689 || ET RBN Known Russian Business Network IP UDP (345) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407620 || ET RBN Known Russian Business Network IP TCP - BLOCKING (311) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407621 || ET RBN Known Russian Business Network IP UDP - BLOCKING (311) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407622 || ET RBN Known Russian Business Network IP TCP - BLOCKING (312) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407623 || ET RBN Known Russian Business Network IP UDP - BLOCKING (312) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407624 || ET RBN Known Russian Business Network IP TCP - BLOCKING (313) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407625 || ET RBN Known Russian Business Network IP UDP - BLOCKING (313) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407626 || ET RBN Known Russian Business Network IP TCP - BLOCKING (314) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407627 || ET RBN Known Russian Business Network IP UDP - BLOCKING (314) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407628 || ET RBN Known Russian Business Network IP TCP - BLOCKING (315) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407629 || ET RBN Known Russian Business Network IP UDP - BLOCKING (315) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407630 || ET RBN Known Russian Business Network IP TCP - BLOCKING (316) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407631 || ET RBN Known Russian Business Network IP UDP - BLOCKING (316) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407632 || ET RBN Known Russian Business Network IP TCP - BLOCKING (317) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407633 || ET RBN Known Russian Business Network IP UDP - BLOCKING (317) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407634 || ET RBN Known Russian Business Network IP TCP - BLOCKING (318) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407635 || ET RBN Known Russian Business Network IP UDP - BLOCKING (318) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407636 || ET RBN Known Russian Business Network IP TCP - BLOCKING (319) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407637 || ET RBN Known Russian Business Network IP UDP - BLOCKING (319) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407638 || ET RBN Known Russian Business Network IP TCP - BLOCKING (320) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407639 || ET RBN Known Russian Business Network IP UDP - BLOCKING (320) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407640 || ET RBN Known Russian Business Network IP TCP - BLOCKING (321) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407641 || ET RBN Known Russian Business Network IP UDP - BLOCKING (321) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407642 || ET RBN Known Russian Business Network IP TCP - BLOCKING (322) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407643 || ET RBN Known Russian Business Network IP UDP - BLOCKING (322) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407644 || ET RBN Known Russian Business Network IP TCP - BLOCKING (323) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407645 || ET RBN Known Russian Business Network IP UDP - BLOCKING (323) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407646 || ET RBN Known Russian Business Network IP TCP - BLOCKING (324) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407647 || ET RBN Known Russian Business Network IP UDP - BLOCKING (324) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407648 || ET RBN Known Russian Business Network IP TCP - BLOCKING (325) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407649 || ET RBN Known Russian Business Network IP UDP - BLOCKING (325) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407650 || ET RBN Known Russian Business Network IP TCP - BLOCKING (326) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407651 || ET RBN Known Russian Business Network IP UDP - BLOCKING (326) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407652 || ET RBN Known Russian Business Network IP TCP - BLOCKING (327) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407653 || ET RBN Known Russian Business Network IP UDP - BLOCKING (327) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407654 || ET RBN Known Russian Business Network IP TCP - BLOCKING (328) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407655 || ET RBN Known Russian Business Network IP UDP - BLOCKING (328) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407656 || ET RBN Known Russian Business Network IP TCP - BLOCKING (329) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407657 || ET RBN Known Russian Business Network IP UDP - BLOCKING (329) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407658 || ET RBN Known Russian Business Network IP TCP - BLOCKING (330) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407659 || ET RBN Known Russian Business Network IP UDP - BLOCKING (330) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407660 || ET RBN Known Russian Business Network IP TCP - BLOCKING (331) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407661 || ET RBN Known Russian Business Network IP UDP - BLOCKING (331) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407662 || ET RBN Known Russian Business Network IP TCP - BLOCKING (332) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407663 || ET RBN Known Russian Business Network IP UDP - BLOCKING (332) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407664 || ET RBN Known Russian Business Network IP TCP - BLOCKING (333) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407665 || ET RBN Known Russian Business Network IP UDP - BLOCKING (333) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407666 || ET RBN Known Russian Business Network IP TCP - BLOCKING (334) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407667 || ET RBN Known Russian Business Network IP UDP - BLOCKING (334) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407668 || ET RBN Known Russian Business Network IP TCP - BLOCKING (335) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407669 || ET RBN Known Russian Business Network IP UDP - BLOCKING (335) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407670 || ET RBN Known Russian Business Network IP TCP - BLOCKING (336) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407671 || ET RBN Known Russian Business Network IP UDP - BLOCKING (336) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407672 || ET RBN Known Russian Business Network IP TCP - BLOCKING (337) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407673 || ET RBN Known Russian Business Network IP UDP - BLOCKING (337) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407674 || ET RBN Known Russian Business Network IP TCP - BLOCKING (338) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407675 || ET RBN Known Russian Business Network IP UDP - BLOCKING (338) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407676 || ET RBN Known Russian Business Network IP TCP - BLOCKING (339) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407677 || ET RBN Known Russian Business Network IP UDP - BLOCKING (339) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407678 || ET RBN Known Russian Business Network IP TCP - BLOCKING (340) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407679 || ET RBN Known Russian Business Network IP UDP - BLOCKING (340) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407680 || ET RBN Known Russian Business Network IP TCP - BLOCKING (341) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407681 || ET RBN Known Russian Business Network IP UDP - BLOCKING (341) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407682 || ET RBN Known Russian Business Network IP TCP - BLOCKING (342) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407683 || ET RBN Known Russian Business Network IP UDP - BLOCKING (342) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407684 || ET RBN Known Russian Business Network IP TCP - BLOCKING (343) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407685 || ET RBN Known Russian Business Network IP UDP - BLOCKING (343) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407686 || ET RBN Known Russian Business Network IP TCP - BLOCKING (344) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407687 || ET RBN Known Russian Business Network IP UDP - BLOCKING (344) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407688 || ET RBN Known Russian Business Network IP TCP - BLOCKING (345) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407689 || ET RBN Known Russian Business Network IP UDP - BLOCKING (345) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork -> Added to emerging-sid-msg.map.txt (142): 2404024 || ET DROP Known Bot C&C Server Traffic (group 25) || url,www.shadowserver.org 2405024 || ET DROP Known Bot C&C Traffic (group 25) - BLOCKING SOURCE || url,www.shadowserver.org 2406620 || ET RBN Known Russian Business Network IP TCP (311) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406621 || ET RBN Known Russian Business Network IP UDP (311) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406622 || ET RBN Known Russian Business Network IP TCP (312) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406623 || ET RBN Known Russian Business Network IP UDP (312) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406624 || ET RBN Known Russian Business Network IP TCP (313) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406625 || ET RBN Known Russian Business Network IP UDP (313) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406626 || ET RBN Known Russian Business Network IP TCP (314) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406627 || ET RBN Known Russian Business Network IP UDP (314) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406628 || ET RBN Known Russian Business Network IP TCP (315) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406629 || ET RBN Known Russian Business Network IP UDP (315) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406630 || ET RBN Known Russian Business Network IP TCP (316) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406631 || ET RBN Known Russian Business Network IP UDP (316) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406632 || ET RBN Known Russian Business Network IP TCP (317) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406633 || ET RBN Known Russian Business Network IP UDP (317) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406634 || ET RBN Known Russian Business Network IP TCP (318) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406635 || ET RBN Known Russian Business Network IP UDP (318) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406636 || ET RBN Known Russian Business Network IP TCP (319) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406637 || ET RBN Known Russian Business Network IP UDP (319) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406638 || ET RBN Known Russian Business Network IP TCP (320) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406639 || ET RBN Known Russian Business Network IP UDP (320) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406640 || ET RBN Known Russian Business Network IP TCP (321) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406641 || ET RBN Known Russian Business Network IP UDP (321) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406642 || ET RBN Known Russian Business Network IP TCP (322) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406643 || ET RBN Known Russian Business Network IP UDP (322) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406644 || ET RBN Known Russian Business Network IP TCP (323) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406645 || ET RBN Known Russian Business Network IP UDP (323) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406646 || ET RBN Known Russian Business Network IP TCP (324) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406647 || ET RBN Known Russian Business Network IP UDP (324) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406648 || ET RBN Known Russian Business Network IP TCP (325) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406649 || ET RBN Known Russian Business Network IP UDP (325) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406650 || ET RBN Known Russian Business Network IP TCP (326) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406651 || ET RBN Known Russian Business Network IP UDP (326) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406652 || ET RBN Known Russian Business Network IP TCP (327) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406653 || ET RBN Known Russian Business Network IP UDP (327) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406654 || ET RBN Known Russian Business Network IP TCP (328) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406655 || ET RBN Known Russian Business Network IP UDP (328) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406656 || ET RBN Known Russian Business Network IP TCP (329) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406657 || ET RBN Known Russian Business Network IP UDP (329) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406658 || ET RBN Known Russian Business Network IP TCP (330) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406659 || ET RBN Known Russian Business Network IP UDP (330) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406660 || ET RBN Known Russian Business Network IP TCP (331) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406661 || ET RBN Known Russian Business Network IP UDP (331) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406662 || ET RBN Known Russian Business Network IP TCP (332) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406663 || ET RBN Known Russian Business Network IP UDP (332) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406664 || ET RBN Known Russian Business Network IP TCP (333) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406665 || ET RBN Known Russian Business Network IP UDP (333) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406666 || ET RBN Known Russian Business Network IP TCP (334) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406667 || ET RBN Known Russian Business Network IP UDP (334) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406668 || ET RBN Known Russian Business Network IP TCP (335) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406669 || ET RBN Known Russian Business Network IP UDP (335) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406670 || ET RBN Known Russian Business Network IP TCP (336) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406671 || ET RBN Known Russian Business Network IP UDP (336) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406672 || ET RBN Known Russian Business Network IP TCP (337) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406673 || ET RBN Known Russian Business Network IP UDP (337) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406674 || ET RBN Known Russian Business Network IP TCP (338) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406675 || ET RBN Known Russian Business Network IP UDP (338) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406676 || ET RBN Known Russian Business Network IP TCP (339) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406677 || ET RBN Known Russian Business Network IP UDP (339) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406678 || ET RBN Known Russian Business Network IP TCP (340) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406679 || ET RBN Known Russian Business Network IP UDP (340) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406680 || ET RBN Known Russian Business Network IP TCP (341) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406681 || ET RBN Known Russian Business Network IP UDP (341) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406682 || ET RBN Known Russian Business Network IP TCP (342) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406683 || ET RBN Known Russian Business Network IP UDP (342) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406684 || ET RBN Known Russian Business Network IP TCP (343) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406685 || ET RBN Known Russian Business Network IP UDP (343) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406686 || ET RBN Known Russian Business Network IP TCP (344) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406687 || ET RBN Known Russian Business Network IP UDP (344) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406688 || ET RBN Known Russian Business Network IP TCP (345) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406689 || ET RBN Known Russian Business Network IP UDP (345) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407620 || ET RBN Known Russian Business Network IP TCP - BLOCKING (311) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407621 || ET RBN Known Russian Business Network IP UDP - BLOCKING (311) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407622 || ET RBN Known Russian Business Network IP TCP - BLOCKING (312) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407623 || ET RBN Known Russian Business Network IP UDP - BLOCKING (312) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407624 || ET RBN Known Russian Business Network IP TCP - BLOCKING (313) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407625 || ET RBN Known Russian Business Network IP UDP - BLOCKING (313) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407626 || ET RBN Known Russian Business Network IP TCP - BLOCKING (314) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407627 || ET RBN Known Russian Business Network IP UDP - BLOCKING (314) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407628 || ET RBN Known Russian Business Network IP TCP - BLOCKING (315) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407629 || ET RBN Known Russian Business Network IP UDP - BLOCKING (315) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407630 || ET RBN Known Russian Business Network IP TCP - BLOCKING (316) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407631 || ET RBN Known Russian Business Network IP UDP - BLOCKING (316) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407632 || ET RBN Known Russian Business Network IP TCP - BLOCKING (317) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407633 || ET RBN Known Russian Business Network IP UDP - BLOCKING (317) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407634 || ET RBN Known Russian Business Network IP TCP - BLOCKING (318) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407635 || ET RBN Known Russian Business Network IP UDP - BLOCKING (318) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407636 || ET RBN Known Russian Business Network IP TCP - BLOCKING (319) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407637 || ET RBN Known Russian Business Network IP UDP - BLOCKING (319) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407638 || ET RBN Known Russian Business Network IP TCP - BLOCKING (320) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407639 || ET RBN Known Russian Business Network IP UDP - BLOCKING (320) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407640 || ET RBN Known Russian Business Network IP TCP - BLOCKING (321) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407641 || ET RBN Known Russian Business Network IP UDP - BLOCKING (321) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407642 || ET RBN Known Russian Business Network IP TCP - BLOCKING (322) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407643 || ET RBN Known Russian Business Network IP UDP - BLOCKING (322) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407644 || ET RBN Known Russian Business Network IP TCP - BLOCKING (323) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407645 || ET RBN Known Russian Business Network IP UDP - BLOCKING (323) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407646 || ET RBN Known Russian Business Network IP TCP - BLOCKING (324) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407647 || ET RBN Known Russian Business Network IP UDP - BLOCKING (324) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407648 || ET RBN Known Russian Business Network IP TCP - BLOCKING (325) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407649 || ET RBN Known Russian Business Network IP UDP - BLOCKING (325) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407650 || ET RBN Known Russian Business Network IP TCP - BLOCKING (326) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407651 || ET RBN Known Russian Business Network IP UDP - BLOCKING (326) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407652 || ET RBN Known Russian Business Network IP TCP - BLOCKING (327) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407653 || ET RBN Known Russian Business Network IP UDP - BLOCKING (327) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407654 || ET RBN Known Russian Business Network IP TCP - BLOCKING (328) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407655 || ET RBN Known Russian Business Network IP UDP - BLOCKING (328) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407656 || ET RBN Known Russian Business Network IP TCP - BLOCKING (329) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407657 || ET RBN Known Russian Business Network IP UDP - BLOCKING (329) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407658 || ET RBN Known Russian Business Network IP TCP - BLOCKING (330) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407659 || ET RBN Known Russian Business Network IP UDP - BLOCKING (330) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407660 || ET RBN Known Russian Business Network IP TCP - BLOCKING (331) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407661 || ET RBN Known Russian Business Network IP UDP - BLOCKING (331) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407662 || ET RBN Known Russian Business Network IP TCP - BLOCKING (332) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407663 || ET RBN Known Russian Business Network IP UDP - BLOCKING (332) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407664 || ET RBN Known Russian Business Network IP TCP - BLOCKING (333) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407665 || ET RBN Known Russian Business Network IP UDP - BLOCKING (333) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407666 || ET RBN Known Russian Business Network IP TCP - BLOCKING (334) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407667 || ET RBN Known Russian Business Network IP UDP - BLOCKING (334) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407668 || ET RBN Known Russian Business Network IP TCP - BLOCKING (335) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407669 || ET RBN Known Russian Business Network IP UDP - BLOCKING (335) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407670 || ET RBN Known Russian Business Network IP TCP - BLOCKING (336) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407671 || ET RBN Known Russian Business Network IP UDP - BLOCKING (336) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407672 || ET RBN Known Russian Business Network IP TCP - BLOCKING (337) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407673 || ET RBN Known Russian Business Network IP UDP - BLOCKING (337) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407674 || ET RBN Known Russian Business Network IP TCP - BLOCKING (338) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407675 || ET RBN Known Russian Business Network IP UDP - BLOCKING (338) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407676 || ET RBN Known Russian Business Network IP TCP - BLOCKING (339) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407677 || ET RBN Known Russian Business Network IP UDP - BLOCKING (339) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407678 || ET RBN Known Russian Business Network IP TCP - BLOCKING (340) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407679 || ET RBN Known Russian Business Network IP UDP - BLOCKING (340) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407680 || ET RBN Known Russian Business Network IP TCP - BLOCKING (341) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407681 || ET RBN Known Russian Business Network IP UDP - BLOCKING (341) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407682 || ET RBN Known Russian Business Network IP TCP - BLOCKING (342) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407683 || ET RBN Known Russian Business Network IP UDP - BLOCKING (342) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407684 || ET RBN Known Russian Business Network IP TCP - BLOCKING (343) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407685 || ET RBN Known Russian Business Network IP UDP - BLOCKING (343) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407686 || ET RBN Known Russian Business Network IP TCP - BLOCKING (344) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407687 || ET RBN Known Russian Business Network IP UDP - BLOCKING (344) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407688 || ET RBN Known Russian Business Network IP TCP - BLOCKING (345) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407689 || ET RBN Known Russian Business Network IP UDP - BLOCKING (345) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork [---] Removed non-rule lines: [---] -> Removed from emerging-rbn-BLOCK.rules (2): # VERSION 132 # Updated 2009-06-03 13:33:29 -> Removed from emerging-rbn.rules (2): # VERSION 132 # Updated 2009-06-03 13:33:29 -> Removed from emerging-sid-msg.map (8): 2500306 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (154) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500307 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (154) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500308 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (155) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500309 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (155) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510306 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (154) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510307 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (154) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510308 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (155) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510309 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (155) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts -> Removed from emerging-sid-msg.map.txt (8): 2500306 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (154) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500307 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (154) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500308 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (155) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500309 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (155) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510306 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (154) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510307 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (154) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510308 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (155) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510309 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (155) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts From emerging at emergingthreats.net Sat Jun 13 18:00:11 2009 From: emerging at emergingthreats.net (emerging@emergingthreats.net) Date: Sat, 13 Jun 2009 18:00:11 -0400 (EDT) Subject: [Emerging-Sigs] Emerging Threats Weekly Signature Changes Message-ID: <20090613220011.EE7384504A@goliath.jonkmans.com> [***] Results from Oinkmaster started Sat Jun 13 18:00:11 2009 [***] [+++] Added rules: [+++] 2009377 - ET WEB_SPECIFIC Acute Control Panel container.php theme_directory parameter local file inclusion (emerging-web_sql_injection.rules) 2009378 - ET WEB_SPECIFIC Acute Control Panel container.php theme_directory parameter remote file inclusion (emerging-web_sql_injection.rules) 2009379 - ET WEB_SPECIFIC Acute Control Panel header.php theme_directory parameter remote file inclusion (emerging-web_sql_injection.rules) 2009380 - ET WEB_SPECIFIC Acute Control Panel header.php theme_directory parameter local file inclusion (emerging-web_sql_injection.rules) 2009381 - ET WEB_SPECIFIC Interact embedforum.php Remote File Inclusion (emerging-web_sql_injection.rules) 2009382 - ET WEB_SPECIFIC Agares Media ThemeSiteScript frontpage_right.php Remote File Inclusion (emerging-web_sql_injection.rules) 2009383 - ET WEB_SPECIFIC Joomla Dada Mail Manager Component config.dadamail.php GLOBALS Parameter Local File Inclusion (emerging-web_sql_injection.rules) 2009384 - ET WEB_SPECIFIC Joomla Dada Mail Manager Component config.dadamail.php GLOBALS Parameter Remote File Inclusion (emerging-web_sql_injection.rules) 2009385 - ET WEB Symantec WinFax Pro DCCFAXVW.DLL Heap Buffer Overflow (emerging-web.rules) 2009386 - ET WEB_SPECIFIC Interact lib.inc.php Remote File Inclusion (emerging-web_sql_injection.rules) 2009387 - ET POLICY PPTP Requester is not authorized to establish a command channel (emerging-policy.rules) 2009388 - ET TROJAN Bredolab Downloader Response Binaries from Controller (emerging-virus.rules) 2009389 - ET TROJAN Tornado Pack Binary Request (emerging-virus.rules) 2009390 - ET WEB_SPECIFIC PHPizabi dac.php sendChatData Parameter Local File Inclusion (emerging-web_sql_injection.rules) 2009391 - ET WEB_SPECIFIC Joomla Onguma Time Sheet Component onguma.class.php mosConfig_absolute_path Parameter Remote File Inclusion (emerging-web_sql_injection.rules) 2009393 - ET WEB_SPECIFIC YouTube Blog cuerpo.php base_archivo Local File Inclusion (emerging-web_sql_injection.rules) 2009394 - ET WEB_SPECIFIC GDL gdl.php node Parameter SQL Injection (emerging-web_sql_injection.rules) 2009395 - ET WEB_SPECIFIC OTManager ADM_Pagina.php Tipo Remote File Inclusion (emerging-web_sql_injection.rules) 2009396 - ET WEB_SPECIFIC OTManager ADM_Pagina.php Tipo Local File Inclusion (emerging-web_sql_injection.rules) 2009397 - ET WEB_SPECIFIC phpProfiles body_comm.inc.php content parameter remote file inclusion (emerging-web_sql_injection.rules) 2009398 - ET WEB_SPECIFIC HoMaP plugin_admin.php _settings Parameter Remote File Inclusion (emerging-web_sql_injection.rules) 2009399 - ET WEB_ACTIVEX Autodesk IDrop Indicator ActiveX Control Memory Corruption (emerging-web.rules) 2009400 - ET WEB_ACTIVEX Microsoft Communications Control Clsid Access (emerging-web.rules) 2009402 - ET WEB_ACTIVEX eBay Enhanced Picture Services Control Clsid Access (1) (emerging-web.rules) 2009403 - ET WEB_ACTIVEX eBay Enhanced Picture Services Control Clsid Access (2) (emerging-web.rules) 2009404 - ET WEB_ACTIVEX HP Virtual Rooms Control Clsid Access (emerging-web.rules) 2009405 - ET TROJAN Personal Defender 2009 - prinimalka.py (emerging-virus.rules) 2009406 - ET TROJAN Personal Defender 2009 - trash.py (emerging-virus.rules) 2009407 - ET TROJAN Koobface BLACKLABEL (emerging-virus.rules) 2404024 - ET DROP Known Bot C&C Server Traffic (group 25) (emerging-botcc.rules) 2405024 - ET DROP Known Bot C&C Traffic (group 25) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules) 2406620 - ET RBN Known Russian Business Network IP TCP (311) (emerging-rbn.rules) 2406621 - ET RBN Known Russian Business Network IP UDP (311) (emerging-rbn.rules) 2406622 - ET RBN Known Russian Business Network IP TCP (312) (emerging-rbn.rules) 2406623 - ET RBN Known Russian Business Network IP UDP (312) (emerging-rbn.rules) 2406624 - ET RBN Known Russian Business Network IP TCP (313) (emerging-rbn.rules) 2406625 - ET RBN Known Russian Business Network IP UDP (313) (emerging-rbn.rules) 2406626 - ET RBN Known Russian Business Network IP TCP (314) (emerging-rbn.rules) 2406627 - ET RBN Known Russian Business Network IP UDP (314) (emerging-rbn.rules) 2406628 - ET RBN Known Russian Business Network IP TCP (315) (emerging-rbn.rules) 2406629 - ET RBN Known Russian Business Network IP UDP (315) (emerging-rbn.rules) 2406630 - ET RBN Known Russian Business Network IP TCP (316) (emerging-rbn.rules) 2406631 - ET RBN Known Russian Business Network IP UDP (316) (emerging-rbn.rules) 2406632 - ET RBN Known Russian Business Network IP TCP (317) (emerging-rbn.rules) 2406633 - ET RBN Known Russian Business Network IP UDP (317) (emerging-rbn.rules) 2406634 - ET RBN Known Russian Business Network IP TCP (318) (emerging-rbn.rules) 2406635 - ET RBN Known Russian Business Network IP UDP (318) (emerging-rbn.rules) 2406636 - ET RBN Known Russian Business Network IP TCP (319) (emerging-rbn.rules) 2406637 - ET RBN Known Russian Business Network IP UDP (319) (emerging-rbn.rules) 2406638 - ET RBN Known Russian Business Network IP TCP (320) (emerging-rbn.rules) 2406639 - ET RBN Known Russian Business Network IP UDP (320) (emerging-rbn.rules) 2406640 - ET RBN Known Russian Business Network IP TCP (321) (emerging-rbn.rules) 2406641 - ET RBN Known Russian Business Network IP UDP (321) (emerging-rbn.rules) 2406642 - ET RBN Known Russian Business Network IP TCP (322) (emerging-rbn.rules) 2406643 - ET RBN Known Russian Business Network IP UDP (322) (emerging-rbn.rules) 2406644 - ET RBN Known Russian Business Network IP TCP (323) (emerging-rbn.rules) 2406645 - ET RBN Known Russian Business Network IP UDP (323) (emerging-rbn.rules) 2406646 - ET RBN Known Russian Business Network IP TCP (324) (emerging-rbn.rules) 2406647 - ET RBN Known Russian Business Network IP UDP (324) (emerging-rbn.rules) 2406648 - ET RBN Known Russian Business Network IP TCP (325) (emerging-rbn.rules) 2406649 - ET RBN Known Russian Business Network IP UDP (325) (emerging-rbn.rules) 2406650 - ET RBN Known Russian Business Network IP TCP (326) (emerging-rbn.rules) 2406651 - ET RBN Known Russian Business Network IP UDP (326) (emerging-rbn.rules) 2406652 - ET RBN Known Russian Business Network IP TCP (327) (emerging-rbn.rules) 2406653 - ET RBN Known Russian Business Network IP UDP (327) (emerging-rbn.rules) 2406654 - ET RBN Known Russian Business Network IP TCP (328) (emerging-rbn.rules) 2406655 - ET RBN Known Russian Business Network IP UDP (328) (emerging-rbn.rules) 2406656 - ET RBN Known Russian Business Network IP TCP (329) (emerging-rbn.rules) 2406657 - ET RBN Known Russian Business Network IP UDP (329) (emerging-rbn.rules) 2406658 - ET RBN Known Russian Business Network IP TCP (330) (emerging-rbn.rules) 2406659 - ET RBN Known Russian Business Network IP UDP (330) (emerging-rbn.rules) 2406660 - ET RBN Known Russian Business Network IP TCP (331) (emerging-rbn.rules) 2406661 - ET RBN Known Russian Business Network IP UDP (331) (emerging-rbn.rules) 2406662 - ET RBN Known Russian Business Network IP TCP (332) (emerging-rbn.rules) 2406663 - ET RBN Known Russian Business Network IP UDP (332) (emerging-rbn.rules) 2406664 - ET RBN Known Russian Business Network IP TCP (333) (emerging-rbn.rules) 2406665 - ET RBN Known Russian Business Network IP UDP (333) (emerging-rbn.rules) 2406666 - ET RBN Known Russian Business Network IP TCP (334) (emerging-rbn.rules) 2406667 - ET RBN Known Russian Business Network IP UDP (334) (emerging-rbn.rules) 2406668 - ET RBN Known Russian Business Network IP TCP (335) (emerging-rbn.rules) 2406669 - ET RBN Known Russian Business Network IP UDP (335) (emerging-rbn.rules) 2406670 - ET RBN Known Russian Business Network IP TCP (336) (emerging-rbn.rules) 2406671 - ET RBN Known Russian Business Network IP UDP (336) (emerging-rbn.rules) 2406672 - ET RBN Known Russian Business Network IP TCP (337) (emerging-rbn.rules) 2406673 - ET RBN Known Russian Business Network IP UDP (337) (emerging-rbn.rules) 2406674 - ET RBN Known Russian Business Network IP TCP (338) (emerging-rbn.rules) 2406675 - ET RBN Known Russian Business Network IP UDP (338) (emerging-rbn.rules) 2406676 - ET RBN Known Russian Business Network IP TCP (339) (emerging-rbn.rules) 2406677 - ET RBN Known Russian Business Network IP UDP (339) (emerging-rbn.rules) 2406678 - ET RBN Known Russian Business Network IP TCP (340) (emerging-rbn.rules) 2406679 - ET RBN Known Russian Business Network IP UDP (340) (emerging-rbn.rules) 2406680 - ET RBN Known Russian Business Network IP TCP (341) (emerging-rbn.rules) 2406681 - ET RBN Known Russian Business Network IP UDP (341) (emerging-rbn.rules) 2406682 - ET RBN Known Russian Business Network IP TCP (342) (emerging-rbn.rules) 2406683 - ET RBN Known Russian Business Network IP UDP (342) (emerging-rbn.rules) 2406684 - ET RBN Known Russian Business Network IP TCP (343) (emerging-rbn.rules) 2406685 - ET RBN Known Russian Business Network IP UDP (343) (emerging-rbn.rules) 2406686 - ET RBN Known Russian Business Network IP TCP (344) (emerging-rbn.rules) 2406687 - ET RBN Known Russian Business Network IP UDP (344) (emerging-rbn.rules) 2406688 - ET RBN Known Russian Business Network IP TCP (345) (emerging-rbn.rules) 2406689 - ET RBN Known Russian Business Network IP UDP (345) (emerging-rbn.rules) 2407620 - ET RBN Known Russian Business Network IP TCP - BLOCKING (311) (emerging-rbn-BLOCK.rules) 2407621 - ET RBN Known Russian Business Network IP UDP - BLOCKING (311) (emerging-rbn-BLOCK.rules) 2407622 - ET RBN Known Russian Business Network IP TCP - BLOCKING (312) (emerging-rbn-BLOCK.rules) 2407623 - ET RBN Known Russian Business Network IP UDP - BLOCKING (312) (emerging-rbn-BLOCK.rules) 2407624 - ET RBN Known Russian Business Network IP TCP - BLOCKING (313) (emerging-rbn-BLOCK.rules) 2407625 - ET RBN Known Russian Business Network IP UDP - BLOCKING (313) (emerging-rbn-BLOCK.rules) 2407626 - ET RBN Known Russian Business Network IP TCP - BLOCKING (314) (emerging-rbn-BLOCK.rules) 2407627 - ET RBN Known Russian Business Network IP UDP - BLOCKING (314) (emerging-rbn-BLOCK.rules) 2407628 - ET RBN Known Russian Business Network IP TCP - BLOCKING (315) (emerging-rbn-BLOCK.rules) 2407629 - ET RBN Known Russian Business Network IP UDP - BLOCKING (315) (emerging-rbn-BLOCK.rules) 2407630 - ET RBN Known Russian Business Network IP TCP - BLOCKING (316) (emerging-rbn-BLOCK.rules) 2407631 - ET RBN Known Russian Business Network IP UDP - BLOCKING (316) (emerging-rbn-BLOCK.rules) 2407632 - ET RBN Known Russian Business Network IP TCP - BLOCKING (317) (emerging-rbn-BLOCK.rules) 2407633 - ET RBN Known Russian Business Network IP UDP - BLOCKING (317) (emerging-rbn-BLOCK.rules) 2407634 - ET RBN Known Russian Business Network IP TCP - BLOCKING (318) (emerging-rbn-BLOCK.rules) 2407635 - ET RBN Known Russian Business Network IP UDP - BLOCKING (318) (emerging-rbn-BLOCK.rules) 2407636 - ET RBN Known Russian Business Network IP TCP - BLOCKING (319) (emerging-rbn-BLOCK.rules) 2407637 - ET RBN Known Russian Business Network IP UDP - BLOCKING (319) (emerging-rbn-BLOCK.rules) 2407638 - ET RBN Known Russian Business Network IP TCP - BLOCKING (320) (emerging-rbn-BLOCK.rules) 2407639 - ET RBN Known Russian Business Network IP UDP - BLOCKING (320) (emerging-rbn-BLOCK.rules) 2407640 - ET RBN Known Russian Business Network IP TCP - BLOCKING (321) (emerging-rbn-BLOCK.rules) 2407641 - ET RBN Known Russian Business Network IP UDP - BLOCKING (321) (emerging-rbn-BLOCK.rules) 2407642 - ET RBN Known Russian Business Network IP TCP - BLOCKING (322) (emerging-rbn-BLOCK.rules) 2407643 - ET RBN Known Russian Business Network IP UDP - BLOCKING (322) (emerging-rbn-BLOCK.rules) 2407644 - ET RBN Known Russian Business Network IP TCP - BLOCKING (323) (emerging-rbn-BLOCK.rules) 2407645 - ET RBN Known Russian Business Network IP UDP - BLOCKING (323) (emerging-rbn-BLOCK.rules) 2407646 - ET RBN Known Russian Business Network IP TCP - BLOCKING (324) (emerging-rbn-BLOCK.rules) 2407647 - ET RBN Known Russian Business Network IP UDP - BLOCKING (324) (emerging-rbn-BLOCK.rules) 2407648 - ET RBN Known Russian Business Network IP TCP - BLOCKING (325) (emerging-rbn-BLOCK.rules) 2407649 - ET RBN Known Russian Business Network IP UDP - BLOCKING (325) (emerging-rbn-BLOCK.rules) 2407650 - ET RBN Known Russian Business Network IP TCP - BLOCKING (326) (emerging-rbn-BLOCK.rules) 2407651 - ET RBN Known Russian Business Network IP UDP - BLOCKING (326) (emerging-rbn-BLOCK.rules) 2407652 - ET RBN Known Russian Business Network IP TCP - BLOCKING (327) (emerging-rbn-BLOCK.rules) 2407653 - ET RBN Known Russian Business Network IP UDP - BLOCKING (327) (emerging-rbn-BLOCK.rules) 2407654 - ET RBN Known Russian Business Network IP TCP - BLOCKING (328) (emerging-rbn-BLOCK.rules) 2407655 - ET RBN Known Russian Business Network IP UDP - BLOCKING (328) (emerging-rbn-BLOCK.rules) 2407656 - ET RBN Known Russian Business Network IP TCP - BLOCKING (329) (emerging-rbn-BLOCK.rules) 2407657 - ET RBN Known Russian Business Network IP UDP - BLOCKING (329) (emerging-rbn-BLOCK.rules) 2407658 - ET RBN Known Russian Business Network IP TCP - BLOCKING (330) (emerging-rbn-BLOCK.rules) 2407659 - ET RBN Known Russian Business Network IP UDP - BLOCKING (330) (emerging-rbn-BLOCK.rules) 2407660 - ET RBN Known Russian Business Network IP TCP - BLOCKING (331) (emerging-rbn-BLOCK.rules) 2407661 - ET RBN Known Russian Business Network IP UDP - BLOCKING (331) (emerging-rbn-BLOCK.rules) 2407662 - ET RBN Known Russian Business Network IP TCP - BLOCKING (332) (emerging-rbn-BLOCK.rules) 2407663 - ET RBN Known Russian Business Network IP UDP - BLOCKING (332) (emerging-rbn-BLOCK.rules) 2407664 - ET RBN Known Russian Business Network IP TCP - BLOCKING (333) (emerging-rbn-BLOCK.rules) 2407665 - ET RBN Known Russian Business Network IP UDP - BLOCKING (333) (emerging-rbn-BLOCK.rules) 2407666 - ET RBN Known Russian Business Network IP TCP - BLOCKING (334) (emerging-rbn-BLOCK.rules) 2407667 - ET RBN Known Russian Business Network IP UDP - BLOCKING (334) (emerging-rbn-BLOCK.rules) 2407668 - ET RBN Known Russian Business Network IP TCP - BLOCKING (335) (emerging-rbn-BLOCK.rules) 2407669 - ET RBN Known Russian Business Network IP UDP - BLOCKING (335) (emerging-rbn-BLOCK.rules) 2407670 - ET RBN Known Russian Business Network IP TCP - BLOCKING (336) (emerging-rbn-BLOCK.rules) 2407671 - ET RBN Known Russian Business Network IP UDP - BLOCKING (336) (emerging-rbn-BLOCK.rules) 2407672 - ET RBN Known Russian Business Network IP TCP - BLOCKING (337) (emerging-rbn-BLOCK.rules) 2407673 - ET RBN Known Russian Business Network IP UDP - BLOCKING (337) (emerging-rbn-BLOCK.rules) 2407674 - ET RBN Known Russian Business Network IP TCP - BLOCKING (338) (emerging-rbn-BLOCK.rules) 2407675 - ET RBN Known Russian Business Network IP UDP - BLOCKING (338) (emerging-rbn-BLOCK.rules) 2407676 - ET RBN Known Russian Business Network IP TCP - BLOCKING (339) (emerging-rbn-BLOCK.rules) 2407677 - ET RBN Known Russian Business Network IP UDP - BLOCKING (339) (emerging-rbn-BLOCK.rules) 2407678 - ET RBN Known Russian Business Network IP TCP - BLOCKING (340) (emerging-rbn-BLOCK.rules) 2407679 - ET RBN Known Russian Business Network IP UDP - BLOCKING (340) (emerging-rbn-BLOCK.rules) 2407680 - ET RBN Known Russian Business Network IP TCP - BLOCKING (341) (emerging-rbn-BLOCK.rules) 2407681 - ET RBN Known Russian Business Network IP UDP - BLOCKING (341) (emerging-rbn-BLOCK.rules) 2407682 - ET RBN Known Russian Business Network IP TCP - BLOCKING (342) (emerging-rbn-BLOCK.rules) 2407683 - ET RBN Known Russian Business Network IP UDP - BLOCKING (342) (emerging-rbn-BLOCK.rules) 2407684 - ET RBN Known Russian Business Network IP TCP - BLOCKING (343) (emerging-rbn-BLOCK.rules) 2407685 - ET RBN Known Russian Business Network IP UDP - BLOCKING (343) (emerging-rbn-BLOCK.rules) 2407686 - ET RBN Known Russian Business Network IP TCP - BLOCKING (344) (emerging-rbn-BLOCK.rules) 2407687 - ET RBN Known Russian Business Network IP UDP - BLOCKING (344) (emerging-rbn-BLOCK.rules) 2407688 - ET RBN Known Russian Business Network IP TCP - BLOCKING (345) (emerging-rbn-BLOCK.rules) 2407689 - ET RBN Known Russian Business Network IP UDP - BLOCKING (345) (emerging-rbn-BLOCK.rules) [///] Modified active rules: [///] 2007625 - ET TROJAN Pitbull IRCbotnet Commands (emerging-virus.rules) 2008625 - ET P2P Pando Client User-Agent Detected (Mozilla/4.0 (Windows\; U) Pando/1.xx) (emerging-p2p.rules) 2009360 - ET MALWARE Gumblar/Bredolab Check In (emerging-virus.rules) 2009375 - ET POLICY General MSN Chat Activity (emerging-policy.rules) 2009376 - ET POLICY MSN User-Agent Activity (emerging-policy.rules) 2400000 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules) 2400001 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules) 2400002 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules) 2400003 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules) 2400004 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules) 2400005 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules) 2400006 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules) 2400007 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules) 2400008 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules) 2401000 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules) 2401001 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules) 2401002 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules) 2401003 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules) 2401004 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules) 2401005 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules) 2401006 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules) 2401007 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules) 2401008 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules) 2402000 - ET DROP Dshield Block Listed Source (emerging-dshield.rules) 2403000 - ET DROP Dshield Block Listed Source - BLOCKING (emerging-dshield-BLOCK.rules) 2404000 - ET DROP Known Bot C&C Server Traffic (group 1) (emerging-botcc.rules) 2404001 - ET DROP Known Bot C&C Server Traffic (group 2) (emerging-botcc.rules) 2404002 - ET DROP Known Bot C&C Server Traffic (group 3) (emerging-botcc.rules) 2404003 - ET DROP Known Bot C&C Server Traffic (group 4) (emerging-botcc.rules) 2404004 - ET DROP Known Bot C&C Server Traffic (group 5) (emerging-botcc.rules) 2404005 - ET DROP Known Bot C&C Server Traffic (group 6) (emerging-botcc.rules) 2404006 - ET DROP Known Bot C&C Server Traffic (group 7) (emerging-botcc.rules) 2404007 - ET DROP Known Bot C&C Server Traffic (group 8) (emerging-botcc.rules) 2404008 - ET DROP Known Bot C&C Server Traffic (group 9) (emerging-botcc.rules) 2404009 - ET DROP Known Bot C&C Server Traffic (group 10) (emerging-botcc.rules) 2404010 - ET DROP Known Bot C&C Server Traffic (group 11) (emerging-botcc.rules) 2404011 - ET DROP Known Bot C&C Server Traffic (group 12) (emerging-botcc.rules) 2404012 - ET DROP Known Bot C&C Server Traffic (group 13) (emerging-botcc.rules) 2404013 - ET DROP Known Bot C&C Server Traffic (group 14) (emerging-botcc.rules) 2404014 - ET DROP Known Bot C&C Server Traffic (group 15) (emerging-botcc.rules) 2404015 - ET DROP Known Bot C&C Server Traffic (group 16) (emerging-botcc.rules) 2404016 - ET DROP Known Bot C&C Server Traffic (group 17) (emerging-botcc.rules) 2404017 - ET DROP Known Bot C&C Server Traffic (group 18) (emerging-botcc.rules) 2404018 - ET DROP Known Bot C&C Server Traffic (group 19) (emerging-botcc.rules) 2404019 - ET DROP Known Bot C&C Server Traffic (group 20) (emerging-botcc.rules) 2404020 - ET DROP Known Bot C&C Server Traffic (group 21) (emerging-botcc.rules) 2404021 - ET DROP Known Bot C&C Server Traffic (group 22) (emerging-botcc.rules) 2404022 - ET DROP Known Bot C&C Server Traffic (group 23) (emerging-botcc.rules) 2404023 - ET DROP Known Bot C&C Server Traffic (group 24) (emerging-botcc.rules) 2405000 - ET DROP Known Bot C&C Traffic (group 1) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules) 2405001 - ET DROP Known Bot C&C Traffic (group 2) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules) 2405002 - ET DROP Known Bot C&C Traffic (group 3) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules) 2405003 - ET DROP Known Bot C&C Traffic (group 4) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules) 2405004 - ET DROP Known Bot C&C Traffic (group 5) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules) 2405005 - ET DROP Known Bot C&C Traffic (group 6) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules) 2405006 - ET DROP Known Bot C&C Traffic (group 7) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules) 2405007 - ET DROP Known Bot C&C Traffic (group 8) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules) 2405008 - ET DROP Known Bot C&C Traffic (group 9) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules) 2405009 - ET DROP Known Bot C&C Traffic (group 10) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules) 2405010 - ET DROP Known Bot C&C Traffic (group 11) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules) 2405011 - ET DROP Known Bot C&C Traffic (group 12) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules) 2405012 - ET DROP Known Bot C&C Traffic (group 13) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules) 2405013 - ET DROP Known Bot C&C Traffic (group 14) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules) 2405014 - ET DROP Known Bot C&C Traffic (group 15) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules) 2405015 - ET DROP Known Bot C&C Traffic (group 16) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules) 2405016 - ET DROP Known Bot C&C Traffic (group 17) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules) 2405017 - ET DROP Known Bot C&C Traffic (group 18) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules) 2405018 - ET DROP Known Bot C&C Traffic (group 19) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules) 2405019 - ET DROP Known Bot C&C Traffic (group 20) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules) 2405020 - ET DROP Known Bot C&C Traffic (group 21) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules) 2405021 - ET DROP Known Bot C&C Traffic (group 22) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules) 2405022 - ET DROP Known Bot C&C Traffic (group 23) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules) 2405023 - ET DROP Known Bot C&C Traffic (group 24) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules) 2406000 - ET RBN Known Russian Business Network IP TCP (1) (emerging-rbn.rules) 2406001 - ET RBN Known Russian Business Network IP UDP (1) (emerging-rbn.rules) 2406002 - ET RBN Known Russian Business Network IP TCP (2) (emerging-rbn.rules) 2406003 - ET RBN Known Russian Business Network IP UDP (2) (emerging-rbn.rules) 2406004 - ET RBN Known Russian Business Network IP TCP (3) (emerging-rbn.rules) 2406005 - ET RBN Known Russian Business Network IP UDP (3) (emerging-rbn.rules) 2406006 - ET RBN Known Russian Business Network IP TCP (4) (emerging-rbn.rules) 2406007 - ET RBN Known Russian Business Network IP UDP (4) (emerging-rbn.rules) 2406008 - ET RBN Known Russian Business Network IP TCP (5) (emerging-rbn.rules) 2406009 - ET RBN Known Russian Business Network IP UDP (5) (emerging-rbn.rules) 2406010 - ET RBN Known Russian Business Network IP TCP (6) (emerging-rbn.rules) 2406011 - ET RBN Known Russian Business Network IP UDP (6) (emerging-rbn.rules) 2406012 - ET RBN Known Russian Business Network IP TCP (7) (emerging-rbn.rules) 2406013 - ET RBN Known Russian Business Network IP UDP (7) (emerging-rbn.rules) 2406014 - ET RBN Known Russian Business Network IP TCP (8) (emerging-rbn.rules) 2406015 - ET RBN Known Russian Business Network IP UDP (8) (emerging-rbn.rules) 2406016 - ET RBN Known Russian Business Network IP TCP (9) (emerging-rbn.rules) 2406017 - ET RBN Known Russian Business Network IP UDP (9) (emerging-rbn.rules) 2406018 - ET RBN Known Russian Business Network IP TCP (10) (emerging-rbn.rules) 2406019 - ET RBN Known Russian Business Network IP UDP (10) (emerging-rbn.rules) 2406020 - ET RBN Known Russian Business Network IP TCP (11) (emerging-rbn.rules) 2406021 - ET RBN Known Russian Business Network IP UDP (11) (emerging-rbn.rules) 2406022 - ET RBN Known Russian Business Network IP TCP (12) (emerging-rbn.rules) 2406023 - ET RBN Known Russian Business Network IP UDP (12) (emerging-rbn.rules) 2406024 - ET RBN Known Russian Business Network IP TCP (13) (emerging-rbn.rules) 2406025 - ET RBN Known Russian Business Network IP UDP (13) (emerging-rbn.rules) 2406026 - ET RBN Known Russian Business Network IP TCP (14) (emerging-rbn.rules) 2406027 - ET RBN Known Russian Business Network IP UDP (14) (emerging-rbn.rules) 2406028 - ET RBN Known Russian Business Network IP TCP (15) (emerging-rbn.rules) 2406029 - ET RBN Known Russian Business Network IP UDP (15) (emerging-rbn.rules) 2406030 - ET RBN Known Russian Business Network IP TCP (16) (emerging-rbn.rules) 2406031 - ET RBN Known Russian Business Network IP UDP (16) (emerging-rbn.rules) 2406032 - ET RBN Known Russian Business Network IP TCP (17) (emerging-rbn.rules) 2406033 - ET RBN Known Russian Business Network IP UDP (17) (emerging-rbn.rules) 2406034 - ET RBN Known Russian Business Network IP TCP (18) (emerging-rbn.rules) 2406035 - ET RBN Known Russian Business Network IP UDP (18) (emerging-rbn.rules) 2406036 - ET RBN Known Russian Business Network IP TCP (19) (emerging-rbn.rules) 2406037 - ET RBN Known Russian Business Network IP UDP (19) (emerging-rbn.rules) 2406038 - ET RBN Known Russian Business Network IP TCP (20) (emerging-rbn.rules) 2406039 - ET RBN Known Russian Business Network IP UDP (20) (emerging-rbn.rules) 2406040 - ET RBN Known Russian Business Network IP TCP (21) (emerging-rbn.rules) 2406041 - ET RBN Known Russian Business Network IP UDP (21) (emerging-rbn.rules) 2406042 - ET RBN Known Russian Business Network IP TCP (22) (emerging-rbn.rules) 2406043 - ET RBN Known Russian Business Network IP UDP (22) (emerging-rbn.rules) 2406044 - ET RBN Known Russian Business Network IP TCP (23) (emerging-rbn.rules) 2406045 - ET RBN Known Russian Business Network IP UDP (23) (emerging-rbn.rules) 2406046 - ET RBN Known Russian Business Network IP TCP (24) (emerging-rbn.rules) 2406047 - ET RBN Known Russian Business Network IP UDP (24) (emerging-rbn.rules) 2406048 - ET RBN Known Russian Business Network IP TCP (25) (emerging-rbn.rules) 2406049 - ET RBN Known Russian Business Network IP UDP (25) (emerging-rbn.rules) 2406050 - ET RBN Known Russian Business Network IP TCP (26) (emerging-rbn.rules) 2406051 - ET RBN Known Russian Business Network IP UDP (26) (emerging-rbn.rules) 2406052 - ET RBN Known Russian Business Network IP TCP (27) (emerging-rbn.rules) 2406053 - ET RBN Known Russian Business Network IP UDP (27) (emerging-rbn.rules) 2406054 - ET RBN Known Russian Business Network IP TCP (28) (emerging-rbn.rules) 2406055 - ET RBN Known Russian Business Network IP UDP (28) (emerging-rbn.rules) 2406056 - ET RBN Known Russian Business Network IP TCP (29) (emerging-rbn.rules) 2406057 - ET RBN Known Russian Business Network IP UDP (29) (emerging-rbn.rules) 2406058 - ET RBN Known Russian Business Network IP TCP (30) (emerging-rbn.rules) 2406059 - ET RBN Known Russian Business Network IP UDP (30) (emerging-rbn.rules) 2406060 - ET RBN Known Russian Business Network IP TCP (31) (emerging-rbn.rules) 2406061 - ET RBN Known Russian Business Network IP UDP (31) (emerging-rbn.rules) 2406062 - ET RBN Known Russian Business Network IP TCP (32) (emerging-rbn.rules) 2406063 - ET RBN Known Russian Business Network IP UDP (32) (emerging-rbn.rules) 2406064 - ET RBN Known Russian Business Network IP TCP (33) (emerging-rbn.rules) 2406065 - ET RBN Known Russian Business Network IP UDP (33) (emerging-rbn.rules) 2406066 - ET RBN Known Russian Business Network IP TCP (34) (emerging-rbn.rules) 2406067 - ET RBN Known Russian Business Network IP UDP (34) (emerging-rbn.rules) 2406068 - ET RBN Known Russian Business Network IP TCP (35) (emerging-rbn.rules) 2406069 - ET RBN Known Russian Business Network IP UDP (35) (emerging-rbn.rules) 2406070 - ET RBN Known Russian Business Network IP TCP (36) (emerging-rbn.rules) 2406071 - ET RBN Known Russian Business Network IP UDP (36) (emerging-rbn.rules) 2406072 - ET RBN Known Russian Business Network IP TCP (37) (emerging-rbn.rules) 2406073 - ET RBN Known Russian Business Network IP UDP (37) (emerging-rbn.rules) 2406074 - ET RBN Known Russian Business Network IP TCP (38) (emerging-rbn.rules) 2406075 - ET RBN Known Russian Business Network IP UDP (38) (emerging-rbn.rules) 2406076 - ET RBN Known Russian Business Network IP TCP (39) (emerging-rbn.rules) 2406077 - ET RBN Known Russian Business Network IP UDP (39) (emerging-rbn.rules) 2406078 - ET RBN Known Russian Business Network IP TCP (40) (emerging-rbn.rules) 2406079 - ET RBN Known Russian Business Network IP UDP (40) (emerging-rbn.rules) 2406080 - ET RBN Known Russian Business Network IP TCP (41) (emerging-rbn.rules) 2406081 - ET RBN Known Russian Business Network IP UDP (41) (emerging-rbn.rules) 2406082 - ET RBN Known Russian Business Network IP TCP (42) (emerging-rbn.rules) 2406083 - ET RBN Known Russian Business Network IP UDP (42) (emerging-rbn.rules) 2406084 - ET RBN Known Russian Business Network IP TCP (43) (emerging-rbn.rules) 2406085 - ET RBN Known Russian Business Network IP UDP (43) (emerging-rbn.rules) 2406086 - ET RBN Known Russian Business Network IP TCP (44) (emerging-rbn.rules) 2406087 - ET RBN Known Russian Business Network IP UDP (44) (emerging-rbn.rules) 2406088 - ET RBN Known Russian Business Network IP TCP (45) (emerging-rbn.rules) 2406089 - ET RBN Known Russian Business Network IP UDP (45) (emerging-rbn.rules) 2406090 - ET RBN Known Russian Business Network IP TCP (46) (emerging-rbn.rules) 2406091 - ET RBN Known Russian Business Network IP UDP (46) (emerging-rbn.rules) 2406092 - ET RBN Known Russian Business Network IP TCP (47) (emerging-rbn.rules) 2406093 - ET RBN Known Russian Business Network IP UDP (47) (emerging-rbn.rules) 2406094 - ET RBN Known Russian Business Network IP TCP (48) (emerging-rbn.rules) 2406095 - ET RBN Known Russian Business Network IP UDP (48) (emerging-rbn.rules) 2406096 - ET RBN Known Russian Business Network IP TCP (49) (emerging-rbn.rules) 2406097 - ET RBN Known Russian Business Network IP UDP (49) (emerging-rbn.rules) 2406098 - ET RBN Known Russian Business Network IP TCP (50) (emerging-rbn.rules) 2406099 - ET RBN Known Russian Business Network IP UDP (50) (emerging-rbn.rules) 2406100 - ET RBN Known Russian Business Network IP TCP (51) (emerging-rbn.rules) 2406101 - ET RBN Known Russian Business Network IP UDP (51) (emerging-rbn.rules) 2406102 - ET RBN Known Russian Business Network IP TCP (52) (emerging-rbn.rules) 2406103 - ET RBN Known Russian Business Network IP UDP (52) (emerging-rbn.rules) 2406104 - ET RBN Known Russian Business Network IP TCP (53) (emerging-rbn.rules) 2406105 - ET RBN Known Russian Business Network IP UDP (53) (emerging-rbn.rules) 2406106 - ET RBN Known Russian Business Network IP TCP (54) (emerging-rbn.rules) 2406107 - ET RBN Known Russian Business Network IP UDP (54) (emerging-rbn.rules) 2406108 - ET RBN Known Russian Business Network IP TCP (55) (emerging-rbn.rules) 2406109 - ET RBN Known Russian Business Network IP UDP (55) (emerging-rbn.rules) 2406110 - ET RBN Known Russian Business Network IP TCP (56) (emerging-rbn.rules) 2406111 - ET RBN Known Russian Business Network IP UDP (56) (emerging-rbn.rules) 2406112 - ET RBN Known Russian Business Network IP TCP (57) (emerging-rbn.rules) 2406113 - ET RBN Known Russian Business Network IP UDP (57) (emerging-rbn.rules) 2406114 - ET RBN Known Russian Business Network IP TCP (58) (emerging-rbn.rules) 2406115 - ET RBN Known Russian Business Network IP UDP (58) (emerging-rbn.rules) 2406116 - ET RBN Known Russian Business Network IP TCP (59) (emerging-rbn.rules) 2406117 - ET RBN Known Russian Business Network IP UDP (59) (emerging-rbn.rules) 2406118 - ET RBN Known Russian Business Network IP TCP (60) (emerging-rbn.rules) 2406119 - ET RBN Known Russian Business Network IP UDP (60) (emerging-rbn.rules) 2406120 - ET RBN Known Russian Business Network IP TCP (61) (emerging-rbn.rules) 2406121 - ET RBN Known Russian Business Network IP UDP (61) (emerging-rbn.rules) 2406122 - ET RBN Known Russian Business Network IP TCP (62) (emerging-rbn.rules) 2406123 - ET RBN Known Russian Business Network IP UDP (62) (emerging-rbn.rules) 2406124 - ET RBN Known Russian Business Network IP TCP (63) (emerging-rbn.rules) 2406125 - ET RBN Known Russian Business Network IP UDP (63) (emerging-rbn.rules) 2406126 - ET RBN Known Russian Business Network IP TCP (64) (emerging-rbn.rules) 2406127 - ET RBN Known Russian Business Network IP UDP (64) (emerging-rbn.rules) 2406128 - ET RBN Known Russian Business Network IP TCP (65) (emerging-rbn.rules) 2406129 - ET RBN Known Russian Business Network IP UDP (65) (emerging-rbn.rules) 2406130 - ET RBN Known Russian Business Network IP TCP (66) (emerging-rbn.rules) 2406131 - ET RBN Known Russian Business Network IP UDP (66) (emerging-rbn.rules) 2406132 - ET RBN Known Russian Business Network IP TCP (67) (emerging-rbn.rules) 2406133 - ET RBN Known Russian Business Network IP UDP (67) (emerging-rbn.rules) 2406134 - ET RBN Known Russian Business Network IP TCP (68) (emerging-rbn.rules) 2406135 - ET RBN Known Russian Business Network IP UDP (68) (emerging-rbn.rules) 2406136 - ET RBN Known Russian Business Network IP TCP (69) (emerging-rbn.rules) 2406137 - ET RBN Known Russian Business Network IP UDP (69) (emerging-rbn.rules) 2406138 - ET RBN Known Russian Business Network IP TCP (70) (emerging-rbn.rules) 2406139 - ET RBN Known Russian Business Network IP UDP (70) (emerging-rbn.rules) 2406140 - ET RBN Known Russian Business Network IP TCP (71) (emerging-rbn.rules) 2406141 - ET RBN Known Russian Business Network IP UDP (71) (emerging-rbn.rules) 2406142 - ET RBN Known Russian Business Network IP TCP (72) (emerging-rbn.rules) 2406143 - ET RBN Known Russian Business Network IP UDP (72) (emerging-rbn.rules) 2406144 - ET RBN Known Russian Business Network IP TCP (73) (emerging-rbn.rules) 2406145 - ET RBN Known Russian Business Network IP UDP (73) (emerging-rbn.rules) 2406146 - ET RBN Known Russian Business Network IP TCP (74) (emerging-rbn.rules) 2406147 - ET RBN Known Russian Business Network IP UDP (74) (emerging-rbn.rules) 2406148 - ET RBN Known Russian Business Network IP TCP (75) (emerging-rbn.rules) 2406149 - ET RBN Known Russian Business Network IP UDP (75) (emerging-rbn.rules) 2406150 - ET RBN Known Russian Business Network IP TCP (76) (emerging-rbn.rules) 2406151 - ET RBN Known Russian Business Network IP UDP (76) (emerging-rbn.rules) 2406152 - ET RBN Known Russian Business Network IP TCP (77) (emerging-rbn.rules) 2406153 - ET RBN Known Russian Business Network IP UDP (77) (emerging-rbn.rules) 2406154 - ET RBN Known Russian Business Network IP TCP (78) (emerging-rbn.rules) 2406155 - ET RBN Known Russian Business Network IP UDP (78) (emerging-rbn.rules) 2406156 - ET RBN Known Russian Business Network IP TCP (79) (emerging-rbn.rules) 2406157 - ET RBN Known Russian Business Network IP UDP (79) (emerging-rbn.rules) 2406158 - ET RBN Known Russian Business Network IP TCP (80) (emerging-rbn.rules) 2406159 - ET RBN Known Russian Business Network IP UDP (80) (emerging-rbn.rules) 2406160 - ET RBN Known Russian Business Network IP TCP (81) (emerging-rbn.rules) 2406161 - ET RBN Known Russian Business Network IP UDP (81) (emerging-rbn.rules) 2406162 - ET RBN Known Russian Business Network IP TCP (82) (emerging-rbn.rules) 2406163 - ET RBN Known Russian Business Network IP UDP (82) (emerging-rbn.rules) 2406164 - ET RBN Known Russian Business Network IP TCP (83) (emerging-rbn.rules) 2406165 - ET RBN Known Russian Business Network IP UDP (83) (emerging-rbn.rules) 2406166 - ET RBN Known Russian Business Network IP TCP (84) (emerging-rbn.rules) 2406167 - ET RBN Known Russian Business Network IP UDP (84) (emerging-rbn.rules) 2406168 - ET RBN Known Russian Business Network IP TCP (85) (emerging-rbn.rules) 2406169 - ET RBN Known Russian Business Network IP UDP (85) (emerging-rbn.rules) 2406170 - ET RBN Known Russian Business Network IP TCP (86) (emerging-rbn.rules) 2406171 - ET RBN Known Russian Business Network IP UDP (86) (emerging-rbn.rules) 2406172 - ET RBN Known Russian Business Network IP TCP (87) (emerging-rbn.rules) 2406173 - ET RBN Known Russian Business Network IP UDP (87) (emerging-rbn.rules) 2406174 - ET RBN Known Russian Business Network IP TCP (88) (emerging-rbn.rules) 2406175 - ET RBN Known Russian Business Network IP UDP (88) (emerging-rbn.rules) 2406176 - ET RBN Known Russian Business Network IP TCP (89) (emerging-rbn.rules) 2406177 - ET RBN Known Russian Business Network IP UDP (89) (emerging-rbn.rules) 2406178 - ET RBN Known Russian Business Network IP TCP (90) (emerging-rbn.rules) 2406179 - ET RBN Known Russian Business Network IP UDP (90) (emerging-rbn.rules) 2406180 - ET RBN Known Russian Business Network IP TCP (91) (emerging-rbn.rules) 2406181 - ET RBN Known Russian Business Network IP UDP (91) (emerging-rbn.rules) 2406182 - ET RBN Known Russian Business Network IP TCP (92) (emerging-rbn.rules) 2406183 - ET RBN Known Russian Business Network IP UDP (92) (emerging-rbn.rules) 2406184 - ET RBN Known Russian Business Network IP TCP (93) (emerging-rbn.rules) 2406185 - ET RBN Known Russian Business Network IP UDP (93) (emerging-rbn.rules) 2406186 - ET RBN Known Russian Business Network IP TCP (94) (emerging-rbn.rules) 2406187 - ET RBN Known Russian Business Network IP UDP (94) (emerging-rbn.rules) 2406188 - ET RBN Known Russian Business Network IP TCP (95) (emerging-rbn.rules) 2406189 - ET RBN Known Russian Business Network IP UDP (95) (emerging-rbn.rules) 2406190 - ET RBN Known Russian Business Network IP TCP (96) (emerging-rbn.rules) 2406191 - ET RBN Known Russian Business Network IP UDP (96) (emerging-rbn.rules) 2406192 - ET RBN Known Russian Business Network IP TCP (97) (emerging-rbn.rules) 2406193 - ET RBN Known Russian Business Network IP UDP (97) (emerging-rbn.rules) 2406194 - ET RBN Known Russian Business Network IP TCP (98) (emerging-rbn.rules) 2406195 - ET RBN Known Russian Business Network IP UDP (98) (emerging-rbn.rules) 2406196 - ET RBN Known Russian Business Network IP TCP (99) (emerging-rbn.rules) 2406197 - ET RBN Known Russian Business Network IP UDP (99) (emerging-rbn.rules) 2406198 - ET RBN Known Russian Business Network IP TCP (100) (emerging-rbn.rules) 2406199 - ET RBN Known Russian Business Network IP UDP (100) (emerging-rbn.rules) 2406200 - ET RBN Known Russian Business Network IP TCP (101) (emerging-rbn.rules) 2406201 - ET RBN Known Russian Business Network IP UDP (101) (emerging-rbn.rules) 2406202 - ET RBN Known Russian Business Network IP TCP (102) (emerging-rbn.rules) 2406203 - ET RBN Known Russian Business Network IP UDP (102) (emerging-rbn.rules) 2406204 - ET RBN Known Russian Business Network IP TCP (103) (emerging-rbn.rules) 2406205 - ET RBN Known Russian Business Network IP UDP (103) (emerging-rbn.rules) 2406206 - ET RBN Known Russian Business Network IP TCP (104) (emerging-rbn.rules) 2406207 - ET RBN Known Russian Business Network IP UDP (104) (emerging-rbn.rules) 2406208 - ET RBN Known Russian Business Network IP TCP (105) (emerging-rbn.rules) 2406209 - ET RBN Known Russian Business Network IP UDP (105) (emerging-rbn.rules) 2406210 - ET RBN Known Russian Business Network IP TCP (106) (emerging-rbn.rules) 2406211 - ET RBN Known Russian Business Network IP UDP (106) (emerging-rbn.rules) 2406212 - ET RBN Known Russian Business Network IP TCP (107) (emerging-rbn.rules) 2406213 - ET RBN Known Russian Business Network IP UDP (107) (emerging-rbn.rules) 2406214 - ET RBN Known Russian Business Network IP TCP (108) (emerging-rbn.rules) 2406215 - ET RBN Known Russian Business Network IP UDP (108) (emerging-rbn.rules) 2406216 - ET RBN Known Russian Business Network IP TCP (109) (emerging-rbn.rules) 2406217 - ET RBN Known Russian Business Network IP UDP (109) (emerging-rbn.rules) 2406218 - ET RBN Known Russian Business Network IP TCP (110) (emerging-rbn.rules) 2406219 - ET RBN Known Russian Business Network IP UDP (110) (emerging-rbn.rules) 2406220 - ET RBN Known Russian Business Network IP TCP (111) (emerging-rbn.rules) 2406221 - ET RBN Known Russian Business Network IP UDP (111) (emerging-rbn.rules) 2406222 - ET RBN Known Russian Business Network IP TCP (112) (emerging-rbn.rules) 2406223 - ET RBN Known Russian Business Network IP UDP (112) (emerging-rbn.rules) 2406224 - ET RBN Known Russian Business Network IP TCP (113) (emerging-rbn.rules) 2406225 - ET RBN Known Russian Business Network IP UDP (113) (emerging-rbn.rules) 2406226 - ET RBN Known Russian Business Network IP TCP (114) (emerging-rbn.rules) 2406227 - ET RBN Known Russian Business Network IP UDP (114) (emerging-rbn.rules) 2406228 - ET RBN Known Russian Business Network IP TCP (115) (emerging-rbn.rules) 2406229 - ET RBN Known Russian Business Network IP UDP (115) (emerging-rbn.rules) 2406230 - ET RBN Known Russian Business Network IP TCP (116) (emerging-rbn.rules) 2406231 - ET RBN Known Russian Business Network IP UDP (116) (emerging-rbn.rules) 2406232 - ET RBN Known Russian Business Network IP TCP (117) (emerging-rbn.rules) 2406233 - ET RBN Known Russian Business Network IP UDP (117) (emerging-rbn.rules) 2406234 - ET RBN Known Russian Business Network IP TCP (118) (emerging-rbn.rules) 2406235 - ET RBN Known Russian Business Network IP UDP (118) (emerging-rbn.rules) 2406236 - ET RBN Known Russian Business Network IP TCP (119) (emerging-rbn.rules) 2406237 - ET RBN Known Russian Business Network IP UDP (119) (emerging-rbn.rules) 2406238 - ET RBN Known Russian Business Network IP TCP (120) (emerging-rbn.rules) 2406239 - ET RBN Known Russian Business Network IP UDP (120) (emerging-rbn.rules) 2406240 - ET RBN Known Russian Business Network IP TCP (121) (emerging-rbn.rules) 2406241 - ET RBN Known Russian Business Network IP UDP (121) (emerging-rbn.rules) 2406242 - ET RBN Known Russian Business Network IP TCP (122) (emerging-rbn.rules) 2406243 - ET RBN Known Russian Business Network IP UDP (122) (emerging-rbn.rules) 2406244 - ET RBN Known Russian Business Network IP TCP (123) (emerging-rbn.rules) 2406245 - ET RBN Known Russian Business Network IP UDP (123) (emerging-rbn.rules) 2406246 - ET RBN Known Russian Business Network IP TCP (124) (emerging-rbn.rules) 2406247 - ET RBN Known Russian Business Network IP UDP (124) (emerging-rbn.rules) 2406248 - ET RBN Known Russian Business Network IP TCP (125) (emerging-rbn.rules) 2406249 - ET RBN Known Russian Business Network IP UDP (125) (emerging-rbn.rules) 2406250 - ET RBN Known Russian Business Network IP TCP (126) (emerging-rbn.rules) 2406251 - ET RBN Known Russian Business Network IP UDP (126) (emerging-rbn.rules) 2406252 - ET RBN Known Russian Business Network IP TCP (127) (emerging-rbn.rules) 2406253 - ET RBN Known Russian Business Network IP UDP (127) (emerging-rbn.rules) 2406254 - ET RBN Known Russian Business Network IP TCP (128) (emerging-rbn.rules) 2406255 - ET RBN Known Russian Business Network IP UDP (128) (emerging-rbn.rules) 2406256 - ET RBN Known Russian Business Network IP TCP (129) (emerging-rbn.rules) 2406257 - ET RBN Known Russian Business Network IP UDP (129) (emerging-rbn.rules) 2406258 - ET RBN Known Russian Business Network IP TCP (130) (emerging-rbn.rules) 2406259 - ET RBN Known Russian Business Network IP UDP (130) (emerging-rbn.rules) 2406260 - ET RBN Known Russian Business Network IP TCP (131) (emerging-rbn.rules) 2406261 - ET RBN Known Russian Business Network IP UDP (131) (emerging-rbn.rules) 2406262 - ET RBN Known Russian Business Network IP TCP (132) (emerging-rbn.rules) 2406263 - ET RBN Known Russian Business Network IP UDP (132) (emerging-rbn.rules) 2406264 - ET RBN Known Russian Business Network IP TCP (133) (emerging-rbn.rules) 2406265 - ET RBN Known Russian Business Network IP UDP (133) (emerging-rbn.rules) 2406266 - ET RBN Known Russian Business Network IP TCP (134) (emerging-rbn.rules) 2406267 - ET RBN Known Russian Business Network IP UDP (134) (emerging-rbn.rules) 2406268 - ET RBN Known Russian Business Network IP TCP (135) (emerging-rbn.rules) 2406269 - ET RBN Known Russian Business Network IP UDP (135) (emerging-rbn.rules) 2406270 - ET RBN Known Russian Business Network IP TCP (136) (emerging-rbn.rules) 2406271 - ET RBN Known Russian Business Network IP UDP (136) (emerging-rbn.rules) 2406272 - ET RBN Known Russian Business Network IP TCP (137) (emerging-rbn.rules) 2406273 - ET RBN Known Russian Business Network IP UDP (137) (emerging-rbn.rules) 2406274 - ET RBN Known Russian Business Network IP TCP (138) (emerging-rbn.rules) 2406275 - ET RBN Known Russian Business Network IP UDP (138) (emerging-rbn.rules) 2406276 - ET RBN Known Russian Business Network IP TCP (139) (emerging-rbn.rules) 2406277 - ET RBN Known Russian Business Network IP UDP (139) (emerging-rbn.rules) 2406278 - ET RBN Known Russian Business Network IP TCP (140) (emerging-rbn.rules) 2406279 - ET RBN Known Russian Business Network IP UDP (140) (emerging-rbn.rules) 2406280 - ET RBN Known Russian Business Network IP TCP (141) (emerging-rbn.rules) 2406281 - ET RBN Known Russian Business Network IP UDP (141) (emerging-rbn.rules) 2406282 - ET RBN Known Russian Business Network IP TCP (142) (emerging-rbn.rules) 2406283 - ET RBN Known Russian Business Network IP UDP (142) (emerging-rbn.rules) 2406284 - ET RBN Known Russian Business Network IP TCP (143) (emerging-rbn.rules) 2406285 - ET RBN Known Russian Business Network IP UDP (143) (emerging-rbn.rules) 2406286 - ET RBN Known Russian Business Network IP TCP (144) (emerging-rbn.rules) 2406287 - ET RBN Known Russian Business Network IP UDP (144) (emerging-rbn.rules) 2406288 - ET RBN Known Russian Business Network IP TCP (145) (emerging-rbn.rules) 2406289 - ET RBN Known Russian Business Network IP UDP (145) (emerging-rbn.rules) 2406290 - ET RBN Known Russian Business Network IP TCP (146) (emerging-rbn.rules) 2406291 - ET RBN Known Russian Business Network IP UDP (146) (emerging-rbn.rules) 2406292 - ET RBN Known Russian Business Network IP TCP (147) (emerging-rbn.rules) 2406293 - ET RBN Known Russian Business Network IP UDP (147) (emerging-rbn.rules) 2406294 - ET RBN Known Russian Business Network IP TCP (148) (emerging-rbn.rules) 2406295 - ET RBN Known Russian Business Network IP UDP (148) (emerging-rbn.rules) 2406296 - ET RBN Known Russian Business Network IP TCP (149) (emerging-rbn.rules) 2406297 - ET RBN Known Russian Business Network IP UDP (149) (emerging-rbn.rules) 2406298 - ET RBN Known Russian Business Network IP TCP (150) (emerging-rbn.rules) 2406299 - ET RBN Known Russian Business Network IP UDP (150) (emerging-rbn.rules) 2406300 - ET RBN Known Russian Business Network IP TCP (151) (emerging-rbn.rules) 2406301 - ET RBN Known Russian Business Network IP UDP (151) (emerging-rbn.rules) 2406302 - ET RBN Known Russian Business Network IP TCP (152) (emerging-rbn.rules) 2406303 - ET RBN Known Russian Business Network IP UDP (152) (emerging-rbn.rules) 2406304 - ET RBN Known Russian Business Network IP TCP (153) (emerging-rbn.rules) 2406305 - ET RBN Known Russian Business Network IP UDP (153) (emerging-rbn.rules) 2406306 - ET RBN Known Russian Business Network IP TCP (154) (emerging-rbn.rules) 2406307 - ET RBN Known Russian Business Network IP UDP (154) (emerging-rbn.rules) 2406308 - ET RBN Known Russian Business Network IP TCP (155) (emerging-rbn.rules) 2406309 - ET RBN Known Russian Business Network IP UDP (155) (emerging-rbn.rules) 2406310 - ET RBN Known Russian Business Network IP TCP (156) (emerging-rbn.rules) 2406311 - ET RBN Known Russian Business Network IP UDP (156) (emerging-rbn.rules) 2406312 - ET RBN Known Russian Business Network IP TCP (157) (emerging-rbn.rules) 2406313 - ET RBN Known Russian Business Network IP UDP (157) (emerging-rbn.rules) 2406314 - ET RBN Known Russian Business Network IP TCP (158) (emerging-rbn.rules) 2406315 - ET RBN Known Russian Business Network IP UDP (158) (emerging-rbn.rules) 2406316 - ET RBN Known Russian Business Network IP TCP (159) (emerging-rbn.rules) 2406317 - ET RBN Known Russian Business Network IP UDP (159) (emerging-rbn.rules) 2406318 - ET RBN Known Russian Business Network IP TCP (160) (emerging-rbn.rules) 2406319 - ET RBN Known Russian Business Network IP UDP (160) (emerging-rbn.rules) 2406320 - ET RBN Known Russian Business Network IP TCP (161) (emerging-rbn.rules) 2406321 - ET RBN Known Russian Business Network IP UDP (161) (emerging-rbn.rules) 2406322 - ET RBN Known Russian Business Network IP TCP (162) (emerging-rbn.rules) 2406323 - ET RBN Known Russian Business Network IP UDP (162) (emerging-rbn.rules) 2406324 - ET RBN Known Russian Business Network IP TCP (163) (emerging-rbn.rules) 2406325 - ET RBN Known Russian Business Network IP UDP (163) (emerging-rbn.rules) 2406326 - ET RBN Known Russian Business Network IP TCP (164) (emerging-rbn.rules) 2406327 - ET RBN Known Russian Business Network IP UDP (164) (emerging-rbn.rules) 2406328 - ET RBN Known Russian Business Network IP TCP (165) (emerging-rbn.rules) 2406329 - ET RBN Known Russian Business Network IP UDP (165) (emerging-rbn.rules) 2406330 - ET RBN Known Russian Business Network IP TCP (166) (emerging-rbn.rules) 2406331 - ET RBN Known Russian Business Network IP UDP (166) (emerging-rbn.rules) 2406332 - ET RBN Known Russian Business Network IP TCP (167) (emerging-rbn.rules) 2406333 - ET RBN Known Russian Business Network IP UDP (167) (emerging-rbn.rules) 2406334 - ET RBN Known Russian Business Network IP TCP (168) (emerging-rbn.rules) 2406335 - ET RBN Known Russian Business Network IP UDP (168) (emerging-rbn.rules) 2406336 - ET RBN Known Russian Business Network IP TCP (169) (emerging-rbn.rules) 2406337 - ET RBN Known Russian Business Network IP UDP (169) (emerging-rbn.rules) 2406338 - ET RBN Known Russian Business Network IP TCP (170) (emerging-rbn.rules) 2406339 - ET RBN Known Russian Business Network IP UDP (170) (emerging-rbn.rules) 2406340 - ET RBN Known Russian Business Network IP TCP (171) (emerging-rbn.rules) 2406341 - ET RBN Known Russian Business Network IP UDP (171) (emerging-rbn.rules) 2406342 - ET RBN Known Russian Business Network IP TCP (172) (emerging-rbn.rules) 2406343 - ET RBN Known Russian Business Network IP UDP (172) (emerging-rbn.rules) 2406344 - ET RBN Known Russian Business Network IP TCP (173) (emerging-rbn.rules) 2406345 - ET RBN Known Russian Business Network IP UDP (173) (emerging-rbn.rules) 2406346 - ET RBN Known Russian Business Network IP TCP (174) (emerging-rbn.rules) 2406347 - ET RBN Known Russian Business Network IP UDP (174) (emerging-rbn.rules) 2406348 - ET RBN Known Russian Business Network IP TCP (175) (emerging-rbn.rules) 2406349 - ET RBN Known Russian Business Network IP UDP (175) (emerging-rbn.rules) 2406350 - ET RBN Known Russian Business Network IP TCP (176) (emerging-rbn.rules) 2406351 - ET RBN Known Russian Business Network IP UDP (176) (emerging-rbn.rules) 2406352 - ET RBN Known Russian Business Network IP TCP (177) (emerging-rbn.rules) 2406353 - ET RBN Known Russian Business Network IP UDP (177) (emerging-rbn.rules) 2406354 - ET RBN Known Russian Business Network IP TCP (178) (emerging-rbn.rules) 2406355 - ET RBN Known Russian Business Network IP UDP (178) (emerging-rbn.rules) 2406356 - ET RBN Known Russian Business Network IP TCP (179) (emerging-rbn.rules) 2406357 - ET RBN Known Russian Business Network IP UDP (179) (emerging-rbn.rules) 2406358 - ET RBN Known Russian Business Network IP TCP (180) (emerging-rbn.rules) 2406359 - ET RBN Known Russian Business Network IP UDP (180) (emerging-rbn.rules) 2406360 - ET RBN Known Russian Business Network IP TCP (181) (emerging-rbn.rules) 2406361 - ET RBN Known Russian Business Network IP UDP (181) (emerging-rbn.rules) 2406362 - ET RBN Known Russian Business Network IP TCP (182) (emerging-rbn.rules) 2406363 - ET RBN Known Russian Business Network IP UDP (182) (emerging-rbn.rules) 2406364 - ET RBN Known Russian Business Network IP TCP (183) (emerging-rbn.rules) 2406365 - ET RBN Known Russian Business Network IP UDP (183) (emerging-rbn.rules) 2406366 - ET RBN Known Russian Business Network IP TCP (184) (emerging-rbn.rules) 2406367 - ET RBN Known Russian Business Network IP UDP (184) (emerging-rbn.rules) 2406368 - ET RBN Known Russian Business Network IP TCP (185) (emerging-rbn.rules) 2406369 - ET RBN Known Russian Business Network IP UDP (185) (emerging-rbn.rules) 2406370 - ET RBN Known Russian Business Network IP TCP (186) (emerging-rbn.rules) 2406371 - ET RBN Known Russian Business Network IP UDP (186) (emerging-rbn.rules) 2406372 - ET RBN Known Russian Business Network IP TCP (187) (emerging-rbn.rules) 2406373 - ET RBN Known Russian Business Network IP UDP (187) (emerging-rbn.rules) 2406374 - ET RBN Known Russian Business Network IP TCP (188) (emerging-rbn.rules) 2406375 - ET RBN Known Russian Business Network IP UDP (188) (emerging-rbn.rules) 2406376 - ET RBN Known Russian Business Network IP TCP (189) (emerging-rbn.rules) 2406377 - ET RBN Known Russian Business Network IP UDP (189) (emerging-rbn.rules) 2406378 - ET RBN Known Russian Business Network IP TCP (190) (emerging-rbn.rules) 2406379 - ET RBN Known Russian Business Network IP UDP (190) (emerging-rbn.rules) 2406380 - ET RBN Known Russian Business Network IP TCP (191) (emerging-rbn.rules) 2406381 - ET RBN Known Russian Business Network IP UDP (191) (emerging-rbn.rules) 2406382 - ET RBN Known Russian Business Network IP TCP (192) (emerging-rbn.rules) 2406383 - ET RBN Known Russian Business Network IP UDP (192) (emerging-rbn.rules) 2406384 - ET RBN Known Russian Business Network IP TCP (193) (emerging-rbn.rules) 2406385 - ET RBN Known Russian Business Network IP UDP (193) (emerging-rbn.rules) 2406386 - ET RBN Known Russian Business Network IP TCP (194) (emerging-rbn.rules) 2406387 - ET RBN Known Russian Business Network IP UDP (194) (emerging-rbn.rules) 2406388 - ET RBN Known Russian Business Network IP TCP (195) (emerging-rbn.rules) 2406389 - ET RBN Known Russian Business Network IP UDP (195) (emerging-rbn.rules) 2406390 - ET RBN Known Russian Business Network IP TCP (196) (emerging-rbn.rules) 2406391 - ET RBN Known Russian Business Network IP UDP (196) (emerging-rbn.rules) 2406392 - ET RBN Known Russian Business Network IP TCP (197) (emerging-rbn.rules) 2406393 - ET RBN Known Russian Business Network IP UDP (197) (emerging-rbn.rules) 2406394 - ET RBN Known Russian Business Network IP TCP (198) (emerging-rbn.rules) 2406395 - ET RBN Known Russian Business Network IP UDP (198) (emerging-rbn.rules) 2406396 - ET RBN Known Russian Business Network IP TCP (199) (emerging-rbn.rules) 2406397 - ET RBN Known Russian Business Network IP UDP (199) (emerging-rbn.rules) 2406398 - ET RBN Known Russian Business Network IP TCP (200) (emerging-rbn.rules) 2406399 - ET RBN Known Russian Business Network IP UDP (200) (emerging-rbn.rules) 2406400 - ET RBN Known Russian Business Network IP TCP (201) (emerging-rbn.rules) 2406401 - ET RBN Known Russian Business Network IP UDP (201) (emerging-rbn.rules) 2406402 - ET RBN Known Russian Business Network IP TCP (202) (emerging-rbn.rules) 2406403 - ET RBN Known Russian Business Network IP UDP (202) (emerging-rbn.rules) 2406404 - ET RBN Known Russian Business Network IP TCP (203) (emerging-rbn.rules) 2406405 - ET RBN Known Russian Business Network IP UDP (203) (emerging-rbn.rules) 2406406 - ET RBN Known Russian Business Network IP TCP (204) (emerging-rbn.rules) 2406407 - ET RBN Known Russian Business Network IP UDP (204) (emerging-rbn.rules) 2406408 - ET RBN Known Russian Business Network IP TCP (205) (emerging-rbn.rules) 2406409 - ET RBN Known Russian Business Network IP UDP (205) (emerging-rbn.rules) 2406410 - ET RBN Known Russian Business Network IP TCP (206) (emerging-rbn.rules) 2406411 - ET RBN Known Russian Business Network IP UDP (206) (emerging-rbn.rules) 2406412 - ET RBN Known Russian Business Network IP TCP (207) (emerging-rbn.rules) 2406413 - ET RBN Known Russian Business Network IP UDP (207) (emerging-rbn.rules) 2406414 - ET RBN Known Russian Business Network IP TCP (208) (emerging-rbn.rules) 2406415 - ET RBN Known Russian Business Network IP UDP (208) (emerging-rbn.rules) 2406416 - ET RBN Known Russian Business Network IP TCP (209) (emerging-rbn.rules) 2406417 - ET RBN Known Russian Business Network IP UDP (209) (emerging-rbn.rules) 2406418 - ET RBN Known Russian Business Network IP TCP (210) (emerging-rbn.rules) 2406419 - ET RBN Known Russian Business Network IP UDP (210) (emerging-rbn.rules) 2406420 - ET RBN Known Russian Business Network IP TCP (211) (emerging-rbn.rules) 2406421 - ET RBN Known Russian Business Network IP UDP (211) (emerging-rbn.rules) 2406422 - ET RBN Known Russian Business Network IP TCP (212) (emerging-rbn.rules) 2406423 - ET RBN Known Russian Business Network IP UDP (212) (emerging-rbn.rules) 2406424 - ET RBN Known Russian Business Network IP TCP (213) (emerging-rbn.rules) 2406425 - ET RBN Known Russian Business Network IP UDP (213) (emerging-rbn.rules) 2406426 - ET RBN Known Russian Business Network IP TCP (214) (emerging-rbn.rules) 2406427 - ET RBN Known Russian Business Network IP UDP (214) (emerging-rbn.rules) 2406428 - ET RBN Known Russian Business Network IP TCP (215) (emerging-rbn.rules) 2406429 - ET RBN Known Russian Business Network IP UDP (215) (emerging-rbn.rules) 2406430 - ET RBN Known Russian Business Network IP TCP (216) (emerging-rbn.rules) 2406431 - ET RBN Known Russian Business Network IP UDP (216) (emerging-rbn.rules) 2406432 - ET RBN Known Russian Business Network IP TCP (217) (emerging-rbn.rules) 2406433 - ET RBN Known Russian Business Network IP UDP (217) (emerging-rbn.rules) 2406434 - ET RBN Known Russian Business Network IP TCP (218) (emerging-rbn.rules) 2406435 - ET RBN Known Russian Business Network IP UDP (218) (emerging-rbn.rules) 2406436 - ET RBN Known Russian Business Network IP TCP (219) (emerging-rbn.rules) 2406437 - ET RBN Known Russian Business Network IP UDP (219) (emerging-rbn.rules) 2406438 - ET RBN Known Russian Business Network IP TCP (220) (emerging-rbn.rules) 2406439 - ET RBN Known Russian Business Network IP UDP (220) (emerging-rbn.rules) 2406440 - ET RBN Known Russian Business Network IP TCP (221) (emerging-rbn.rules) 2406441 - ET RBN Known Russian Business Network IP UDP (221) (emerging-rbn.rules) 2406442 - ET RBN Known Russian Business Network IP TCP (222) (emerging-rbn.rules) 2406443 - ET RBN Known Russian Business Network IP UDP (222) (emerging-rbn.rules) 2406444 - ET RBN Known Russian Business Network IP TCP (223) (emerging-rbn.rules) 2406445 - ET RBN Known Russian Business Network IP UDP (223) (emerging-rbn.rules) 2406446 - ET RBN Known Russian Business Network IP TCP (224) (emerging-rbn.rules) 2406447 - ET RBN Known Russian Business Network IP UDP (224) (emerging-rbn.rules) 2406448 - ET RBN Known Russian Business Network IP TCP (225) (emerging-rbn.rules) 2406449 - ET RBN Known Russian Business Network IP UDP (225) (emerging-rbn.rules) 2406450 - ET RBN Known Russian Business Network IP TCP (226) (emerging-rbn.rules) 2406451 - ET RBN Known Russian Business Network IP UDP (226) (emerging-rbn.rules) 2406452 - ET RBN Known Russian Business Network IP TCP (227) (emerging-rbn.rules) 2406453 - ET RBN Known Russian Business Network IP UDP (227) (emerging-rbn.rules) 2406454 - ET RBN Known Russian Business Network IP TCP (228) (emerging-rbn.rules) 2406455 - ET RBN Known Russian Business Network IP UDP (228) (emerging-rbn.rules) 2406456 - ET RBN Known Russian Business Network IP TCP (229) (emerging-rbn.rules) 2406457 - ET RBN Known Russian Business Network IP UDP (229) (emerging-rbn.rules) 2406458 - ET RBN Known Russian Business Network IP TCP (230) (emerging-rbn.rules) 2406459 - ET RBN Known Russian Business Network IP UDP (230) (emerging-rbn.rules) 2406460 - ET RBN Known Russian Business Network IP TCP (231) (emerging-rbn.rules) 2406461 - ET RBN Known Russian Business Network IP UDP (231) (emerging-rbn.rules) 2406462 - ET RBN Known Russian Business Network IP TCP (232) (emerging-rbn.rules) 2406463 - ET RBN Known Russian Business Network IP UDP (232) (emerging-rbn.rules) 2406464 - ET RBN Known Russian Business Network IP TCP (233) (emerging-rbn.rules) 2406465 - ET RBN Known Russian Business Network IP UDP (233) (emerging-rbn.rules) 2406466 - ET RBN Known Russian Business Network IP TCP (234) (emerging-rbn.rules) 2406467 - ET RBN Known Russian Business Network IP UDP (234) (emerging-rbn.rules) 2406468 - ET RBN Known Russian Business Network IP TCP (235) (emerging-rbn.rules) 2406469 - ET RBN Known Russian Business Network IP UDP (235) (emerging-rbn.rules) 2406470 - ET RBN Known Russian Business Network IP TCP (236) (emerging-rbn.rules) 2406471 - ET RBN Known Russian Business Network IP UDP (236) (emerging-rbn.rules) 2406472 - ET RBN Known Russian Business Network IP TCP (237) (emerging-rbn.rules) 2406473 - ET RBN Known Russian Business Network IP UDP (237) (emerging-rbn.rules) 2406474 - ET RBN Known Russian Business Network IP TCP (238) (emerging-rbn.rules) 2406475 - ET RBN Known Russian Business Network IP UDP (238) (emerging-rbn.rules) 2406476 - ET RBN Known Russian Business Network IP TCP (239) (emerging-rbn.rules) 2406477 - ET RBN Known Russian Business Network IP UDP (239) (emerging-rbn.rules) 2406478 - ET RBN Known Russian Business Network IP TCP (240) (emerging-rbn.rules) 2406479 - ET RBN Known Russian Business Network IP UDP (240) (emerging-rbn.rules) 2406480 - ET RBN Known Russian Business Network IP TCP (241) (emerging-rbn.rules) 2406481 - ET RBN Known Russian Business Network IP UDP (241) (emerging-rbn.rules) 2406482 - ET RBN Known Russian Business Network IP TCP (242) (emerging-rbn.rules) 2406483 - ET RBN Known Russian Business Network IP UDP (242) (emerging-rbn.rules) 2406484 - ET RBN Known Russian Business Network IP TCP (243) (emerging-rbn.rules) 2406485 - ET RBN Known Russian Business Network IP UDP (243) (emerging-rbn.rules) 2406486 - ET RBN Known Russian Business Network IP TCP (244) (emerging-rbn.rules) 2406487 - ET RBN Known Russian Business Network IP UDP (244) (emerging-rbn.rules) 2406488 - ET RBN Known Russian Business Network IP TCP (245) (emerging-rbn.rules) 2406489 - ET RBN Known Russian Business Network IP UDP (245) (emerging-rbn.rules) 2406490 - ET RBN Known Russian Business Network IP TCP (246) (emerging-rbn.rules) 2406491 - ET RBN Known Russian Business Network IP UDP (246) (emerging-rbn.rules) 2406492 - ET RBN Known Russian Business Network IP TCP (247) (emerging-rbn.rules) 2406493 - ET RBN Known Russian Business Network IP UDP (247) (emerging-rbn.rules) 2406494 - ET RBN Known Russian Business Network IP TCP (248) (emerging-rbn.rules) 2406495 - ET RBN Known Russian Business Network IP UDP (248) (emerging-rbn.rules) 2406496 - ET RBN Known Russian Business Network IP TCP (249) (emerging-rbn.rules) 2406497 - ET RBN Known Russian Business Network IP UDP (249) (emerging-rbn.rules) 2406498 - ET RBN Known Russian Business Network IP TCP (250) (emerging-rbn.rules) 2406499 - ET RBN Known Russian Business Network IP UDP (250) (emerging-rbn.rules) 2406500 - ET RBN Known Russian Business Network IP TCP (251) (emerging-rbn.rules) 2406501 - ET RBN Known Russian Business Network IP UDP (251) (emerging-rbn.rules) 2406502 - ET RBN Known Russian Business Network IP TCP (252) (emerging-rbn.rules) 2406503 - ET RBN Known Russian Business Network IP UDP (252) (emerging-rbn.rules) 2406504 - ET RBN Known Russian Business Network IP TCP (253) (emerging-rbn.rules) 2406505 - ET RBN Known Russian Business Network IP UDP (253) (emerging-rbn.rules) 2406506 - ET RBN Known Russian Business Network IP TCP (254) (emerging-rbn.rules) 2406507 - ET RBN Known Russian Business Network IP UDP (254) (emerging-rbn.rules) 2406508 - ET RBN Known Russian Business Network IP TCP (255) (emerging-rbn.rules) 2406509 - ET RBN Known Russian Business Network IP UDP (255) (emerging-rbn.rules) 2406510 - ET RBN Known Russian Business Network IP TCP (256) (emerging-rbn.rules) 2406511 - ET RBN Known Russian Business Network IP UDP (256) (emerging-rbn.rules) 2406512 - ET RBN Known Russian Business Network IP TCP (257) (emerging-rbn.rules) 2406513 - ET RBN Known Russian Business Network IP UDP (257) (emerging-rbn.rules) 2406514 - ET RBN Known Russian Business Network IP TCP (258) (emerging-rbn.rules) 2406515 - ET RBN Known Russian Business Network IP UDP (258) (emerging-rbn.rules) 2406516 - ET RBN Known Russian Business Network IP TCP (259) (emerging-rbn.rules) 2406517 - ET RBN Known Russian Business Network IP UDP (259) (emerging-rbn.rules) 2406518 - ET RBN Known Russian Business Network IP TCP (260) (emerging-rbn.rules) 2406519 - ET RBN Known Russian Business Network IP UDP (260) (emerging-rbn.rules) 2406520 - ET RBN Known Russian Business Network IP TCP (261) (emerging-rbn.rules) 2406521 - ET RBN Known Russian Business Network IP UDP (261) (emerging-rbn.rules) 2406522 - ET RBN Known Russian Business Network IP TCP (262) (emerging-rbn.rules) 2406523 - ET RBN Known Russian Business Network IP UDP (262) (emerging-rbn.rules) 2406524 - ET RBN Known Russian Business Network IP TCP (263) (emerging-rbn.rules) 2406525 - ET RBN Known Russian Business Network IP UDP (263) (emerging-rbn.rules) 2406526 - ET RBN Known Russian Business Network IP TCP (264) (emerging-rbn.rules) 2406527 - ET RBN Known Russian Business Network IP UDP (264) (emerging-rbn.rules) 2406528 - ET RBN Known Russian Business Network IP TCP (265) (emerging-rbn.rules) 2406529 - ET RBN Known Russian Business Network IP UDP (265) (emerging-rbn.rules) 2406530 - ET RBN Known Russian Business Network IP TCP (266) (emerging-rbn.rules) 2406531 - ET RBN Known Russian Business Network IP UDP (266) (emerging-rbn.rules) 2406532 - ET RBN Known Russian Business Network IP TCP (267) (emerging-rbn.rules) 2406533 - ET RBN Known Russian Business Network IP UDP (267) (emerging-rbn.rules) 2406534 - ET RBN Known Russian Business Network IP TCP (268) (emerging-rbn.rules) 2406535 - ET RBN Known Russian Business Network IP UDP (268) (emerging-rbn.rules) 2406536 - ET RBN Known Russian Business Network IP TCP (269) (emerging-rbn.rules) 2406537 - ET RBN Known Russian Business Network IP UDP (269) (emerging-rbn.rules) 2406538 - ET RBN Known Russian Business Network IP TCP (270) (emerging-rbn.rules) 2406539 - ET RBN Known Russian Business Network IP UDP (270) (emerging-rbn.rules) 2406540 - ET RBN Known Russian Business Network IP TCP (271) (emerging-rbn.rules) 2406541 - ET RBN Known Russian Business Network IP UDP (271) (emerging-rbn.rules) 2406542 - ET RBN Known Russian Business Network IP TCP (272) (emerging-rbn.rules) 2406543 - ET RBN Known Russian Business Network IP UDP (272) (emerging-rbn.rules) 2406544 - ET RBN Known Russian Business Network IP TCP (273) (emerging-rbn.rules) 2406545 - ET RBN Known Russian Business Network IP UDP (273) (emerging-rbn.rules) 2406546 - ET RBN Known Russian Business Network IP TCP (274) (emerging-rbn.rules) 2406547 - ET RBN Known Russian Business Network IP UDP (274) (emerging-rbn.rules) 2406548 - ET RBN Known Russian Business Network IP TCP (275) (emerging-rbn.rules) 2406549 - ET RBN Known Russian Business Network IP UDP (275) (emerging-rbn.rules) 2406550 - ET RBN Known Russian Business Network IP TCP (276) (emerging-rbn.rules) 2406551 - ET RBN Known Russian Business Network IP UDP (276) (emerging-rbn.rules) 2406552 - ET RBN Known Russian Business Network IP TCP (277) (emerging-rbn.rules) 2406553 - ET RBN Known Russian Business Network IP UDP (277) (emerging-rbn.rules) 2406554 - ET RBN Known Russian Business Network IP TCP (278) (emerging-rbn.rules) 2406555 - ET RBN Known Russian Business Network IP UDP (278) (emerging-rbn.rules) 2406556 - ET RBN Known Russian Business Network IP TCP (279) (emerging-rbn.rules) 2406557 - ET RBN Known Russian Business Network IP UDP (279) (emerging-rbn.rules) 2406558 - ET RBN Known Russian Business Network IP TCP (280) (emerging-rbn.rules) 2406559 - ET RBN Known Russian Business Network IP UDP (280) (emerging-rbn.rules) 2406560 - ET RBN Known Russian Business Network IP TCP (281) (emerging-rbn.rules) 2406561 - ET RBN Known Russian Business Network IP UDP (281) (emerging-rbn.rules) 2406562 - ET RBN Known Russian Business Network IP TCP (282) (emerging-rbn.rules) 2406563 - ET RBN Known Russian Business Network IP UDP (282) (emerging-rbn.rules) 2406564 - ET RBN Known Russian Business Network IP TCP (283) (emerging-rbn.rules) 2406565 - ET RBN Known Russian Business Network IP UDP (283) (emerging-rbn.rules) 2406566 - ET RBN Known Russian Business Network IP TCP (284) (emerging-rbn.rules) 2406567 - ET RBN Known Russian Business Network IP UDP (284) (emerging-rbn.rules) 2406568 - ET RBN Known Russian Business Network IP TCP (285) (emerging-rbn.rules) 2406569 - ET RBN Known Russian Business Network IP UDP (285) (emerging-rbn.rules) 2406570 - ET RBN Known Russian Business Network IP TCP (286) (emerging-rbn.rules) 2406571 - ET RBN Known Russian Business Network IP UDP (286) (emerging-rbn.rules) 2406572 - ET RBN Known Russian Business Network IP TCP (287) (emerging-rbn.rules) 2406573 - ET RBN Known Russian Business Network IP UDP (287) (emerging-rbn.rules) 2406574 - ET RBN Known Russian Business Network IP TCP (288) (emerging-rbn.rules) 2406575 - ET RBN Known Russian Business Network IP UDP (288) (emerging-rbn.rules) 2406576 - ET RBN Known Russian Business Network IP TCP (289) (emerging-rbn.rules) 2406577 - ET RBN Known Russian Business Network IP UDP (289) (emerging-rbn.rules) 2406578 - ET RBN Known Russian Business Network IP TCP (290) (emerging-rbn.rules) 2406579 - ET RBN Known Russian Business Network IP UDP (290) (emerging-rbn.rules) 2406580 - ET RBN Known Russian Business Network IP TCP (291) (emerging-rbn.rules) 2406581 - ET RBN Known Russian Business Network IP UDP (291) (emerging-rbn.rules) 2406582 - ET RBN Known Russian Business Network IP TCP (292) (emerging-rbn.rules) 2406583 - ET RBN Known Russian Business Network IP UDP (292) (emerging-rbn.rules) 2406584 - ET RBN Known Russian Business Network IP TCP (293) (emerging-rbn.rules) 2406585 - ET RBN Known Russian Business Network IP UDP (293) (emerging-rbn.rules) 2406586 - ET RBN Known Russian Business Network IP TCP (294) (emerging-rbn.rules) 2406587 - ET RBN Known Russian Business Network IP UDP (294) (emerging-rbn.rules) 2406588 - ET RBN Known Russian Business Network IP TCP (295) (emerging-rbn.rules) 2406589 - ET RBN Known Russian Business Network IP UDP (295) (emerging-rbn.rules) 2406590 - ET RBN Known Russian Business Network IP TCP (296) (emerging-rbn.rules) 2406591 - ET RBN Known Russian Business Network IP UDP (296) (emerging-rbn.rules) 2406592 - ET RBN Known Russian Business Network IP TCP (297) (emerging-rbn.rules) 2406593 - ET RBN Known Russian Business Network IP UDP (297) (emerging-rbn.rules) 2406594 - ET RBN Known Russian Business Network IP TCP (298) (emerging-rbn.rules) 2406595 - ET RBN Known Russian Business Network IP UDP (298) (emerging-rbn.rules) 2406596 - ET RBN Known Russian Business Network IP TCP (299) (emerging-rbn.rules) 2406597 - ET RBN Known Russian Business Network IP UDP (299) (emerging-rbn.rules) 2406598 - ET RBN Known Russian Business Network IP TCP (300) (emerging-rbn.rules) 2406599 - ET RBN Known Russian Business Network IP UDP (300) (emerging-rbn.rules) 2406600 - ET RBN Known Russian Business Network IP TCP (301) (emerging-rbn.rules) 2406601 - ET RBN Known Russian Business Network IP UDP (301) (emerging-rbn.rules) 2406602 - ET RBN Known Russian Business Network IP TCP (302) (emerging-rbn.rules) 2406603 - ET RBN Known Russian Business Network IP UDP (302) (emerging-rbn.rules) 2406604 - ET RBN Known Russian Business Network IP TCP (303) (emerging-rbn.rules) 2406605 - ET RBN Known Russian Business Network IP UDP (303) (emerging-rbn.rules) 2406606 - ET RBN Known Russian Business Network IP TCP (304) (emerging-rbn.rules) 2406607 - ET RBN Known Russian Business Network IP UDP (304) (emerging-rbn.rules) 2406608 - ET RBN Known Russian Business Network IP TCP (305) (emerging-rbn.rules) 2406609 - ET RBN Known Russian Business Network IP UDP (305) (emerging-rbn.rules) 2406610 - ET RBN Known Russian Business Network IP TCP (306) (emerging-rbn.rules) 2406611 - ET RBN Known Russian Business Network IP UDP (306) (emerging-rbn.rules) 2406612 - ET RBN Known Russian Business Network IP TCP (307) (emerging-rbn.rules) 2406613 - ET RBN Known Russian Business Network IP UDP (307) (emerging-rbn.rules) 2406614 - ET RBN Known Russian Business Network IP TCP (308) (emerging-rbn.rules) 2406615 - ET RBN Known Russian Business Network IP UDP (308) (emerging-rbn.rules) 2406616 - ET RBN Known Russian Business Network IP TCP (309) (emerging-rbn.rules) 2406617 - ET RBN Known Russian Business Network IP UDP (309) (emerging-rbn.rules) 2406618 - ET RBN Known Russian Business Network IP TCP (310) (emerging-rbn.rules) 2406619 - ET RBN Known Russian Business Network IP UDP (310) (emerging-rbn.rules) 2407000 - ET RBN Known Russian Business Network IP TCP - BLOCKING (1) (emerging-rbn-BLOCK.rules) 2407001 - ET RBN Known Russian Business Network IP UDP - BLOCKING (1) (emerging-rbn-BLOCK.rules) 2407002 - ET RBN Known Russian Business Network IP TCP - BLOCKING (2) (emerging-rbn-BLOCK.rules) 2407003 - ET RBN Known Russian Business Network IP UDP - BLOCKING (2) (emerging-rbn-BLOCK.rules) 2407004 - ET RBN Known Russian Business Network IP TCP - BLOCKING (3) (emerging-rbn-BLOCK.rules) 2407005 - ET RBN Known Russian Business Network IP UDP - BLOCKING (3) (emerging-rbn-BLOCK.rules) 2407006 - ET RBN Known Russian Business Network IP TCP - BLOCKING (4) (emerging-rbn-BLOCK.rules) 2407007 - ET RBN Known Russian Business Network IP UDP - BLOCKING (4) (emerging-rbn-BLOCK.rules) 2407008 - ET RBN Known Russian Business Network IP TCP - BLOCKING (5) (emerging-rbn-BLOCK.rules) 2407009 - ET RBN Known Russian Business Network IP UDP - BLOCKING (5) (emerging-rbn-BLOCK.rules) 2407010 - ET RBN Known Russian Business Network IP TCP - BLOCKING (6) (emerging-rbn-BLOCK.rules) 2407011 - ET RBN Known Russian Business Network IP UDP - BLOCKING (6) (emerging-rbn-BLOCK.rules) 2407012 - ET RBN Known Russian Business Network IP TCP - BLOCKING (7) (emerging-rbn-BLOCK.rules) 2407013 - ET RBN Known Russian Business Network IP UDP - BLOCKING (7) (emerging-rbn-BLOCK.rules) 2407014 - ET RBN Known Russian Business Network IP TCP - BLOCKING (8) (emerging-rbn-BLOCK.rules) 2407015 - ET RBN Known Russian Business Network IP UDP - BLOCKING (8) (emerging-rbn-BLOCK.rules) 2407016 - ET RBN Known Russian Business Network IP TCP - BLOCKING (9) (emerging-rbn-BLOCK.rules) 2407017 - ET RBN Known Russian Business Network IP UDP - BLOCKING (9) (emerging-rbn-BLOCK.rules) 2407018 - ET RBN Known Russian Business Network IP TCP - BLOCKING (10) (emerging-rbn-BLOCK.rules) 2407019 - ET RBN Known Russian Business Network IP UDP - BLOCKING (10) (emerging-rbn-BLOCK.rules) 2407020 - ET RBN Known Russian Business Network IP TCP - BLOCKING (11) (emerging-rbn-BLOCK.rules) 2407021 - ET RBN Known Russian Business Network IP UDP - BLOCKING (11) (emerging-rbn-BLOCK.rules) 2407022 - ET RBN Known Russian Business Network IP TCP - BLOCKING (12) (emerging-rbn-BLOCK.rules) 2407023 - ET RBN Known Russian Business Network IP UDP - BLOCKING (12) (emerging-rbn-BLOCK.rules) 2407024 - ET RBN Known Russian Business Network IP TCP - BLOCKING (13) (emerging-rbn-BLOCK.rules) 2407025 - ET RBN Known Russian Business Network IP UDP - BLOCKING (13) (emerging-rbn-BLOCK.rules) 2407026 - ET RBN Known Russian Business Network IP TCP - BLOCKING (14) (emerging-rbn-BLOCK.rules) 2407027 - ET RBN Known Russian Business Network IP UDP - BLOCKING (14) (emerging-rbn-BLOCK.rules) 2407028 - ET RBN Known Russian Business Network IP TCP - BLOCKING (15) (emerging-rbn-BLOCK.rules) 2407029 - ET RBN Known Russian Business Network IP UDP - BLOCKING (15) (emerging-rbn-BLOCK.rules) 2407030 - ET RBN Known Russian Business Network IP TCP - BLOCKING (16) (emerging-rbn-BLOCK.rules) 2407031 - ET RBN Known Russian Business Network IP UDP - BLOCKING (16) (emerging-rbn-BLOCK.rules) 2407032 - ET RBN Known Russian Business Network IP TCP - BLOCKING (17) (emerging-rbn-BLOCK.rules) 2407033 - ET RBN Known Russian Business Network IP UDP - BLOCKING (17) (emerging-rbn-BLOCK.rules) 2407034 - ET RBN Known Russian Business Network IP TCP - BLOCKING (18) (emerging-rbn-BLOCK.rules) 2407035 - ET RBN Known Russian Business Network IP UDP - BLOCKING (18) (emerging-rbn-BLOCK.rules) 2407036 - ET RBN Known Russian Business Network IP TCP - BLOCKING (19) (emerging-rbn-BLOCK.rules) 2407037 - ET RBN Known Russian Business Network IP UDP - BLOCKING (19) (emerging-rbn-BLOCK.rules) 2407038 - ET RBN Known Russian Business Network IP TCP - BLOCKING (20) (emerging-rbn-BLOCK.rules) 2407039 - ET RBN Known Russian Business Network IP UDP - BLOCKING (20) (emerging-rbn-BLOCK.rules) 2407040 - ET RBN Known Russian Business Network IP TCP - BLOCKING (21) (emerging-rbn-BLOCK.rules) 2407041 - ET RBN Known Russian Business Network IP UDP - BLOCKING (21) (emerging-rbn-BLOCK.rules) 2407042 - ET RBN Known Russian Business Network IP TCP - BLOCKING (22) (emerging-rbn-BLOCK.rules) 2407043 - ET RBN Known Russian Business Network IP UDP - BLOCKING (22) (emerging-rbn-BLOCK.rules) 2407044 - ET RBN Known Russian Business Network IP TCP - BLOCKING (23) (emerging-rbn-BLOCK.rules) 2407045 - ET RBN Known Russian Business Network IP UDP - BLOCKING (23) (emerging-rbn-BLOCK.rules) 2407046 - ET RBN Known Russian Business Network IP TCP - BLOCKING (24) (emerging-rbn-BLOCK.rules) 2407047 - ET RBN Known Russian Business Network IP UDP - BLOCKING (24) (emerging-rbn-BLOCK.rules) 2407048 - ET RBN Known Russian Business Network IP TCP - BLOCKING (25) (emerging-rbn-BLOCK.rules) 2407049 - ET RBN Known Russian Business Network IP UDP - BLOCKING (25) (emerging-rbn-BLOCK.rules) 2407050 - ET RBN Known Russian Business Network IP TCP - BLOCKING (26) (emerging-rbn-BLOCK.rules) 2407051 - ET RBN Known Russian Business Network IP UDP - BLOCKING (26) (emerging-rbn-BLOCK.rules) 2407052 - ET RBN Known Russian Business Network IP TCP - BLOCKING (27) (emerging-rbn-BLOCK.rules) 2407053 - ET RBN Known Russian Business Network IP UDP - BLOCKING (27) (emerging-rbn-BLOCK.rules) 2407054 - ET RBN Known Russian Business Network IP TCP - BLOCKING (28) (emerging-rbn-BLOCK.rules) 2407055 - ET RBN Known Russian Business Network IP UDP - BLOCKING (28) (emerging-rbn-BLOCK.rules) 2407056 - ET RBN Known Russian Business Network IP TCP - BLOCKING (29) (emerging-rbn-BLOCK.rules) 2407057 - ET RBN Known Russian Business Network IP UDP - BLOCKING (29) (emerging-rbn-BLOCK.rules) 2407058 - ET RBN Known Russian Business Network IP TCP - BLOCKING (30) (emerging-rbn-BLOCK.rules) 2407059 - ET RBN Known Russian Business Network IP UDP - BLOCKING (30) (emerging-rbn-BLOCK.rules) 2407060 - ET RBN Known Russian Business Network IP TCP - BLOCKING (31) (emerging-rbn-BLOCK.rules) 2407061 - ET RBN Known Russian Business Network IP UDP - BLOCKING (31) (emerging-rbn-BLOCK.rules) 2407062 - ET RBN Known Russian Business Network IP TCP - BLOCKING (32) (emerging-rbn-BLOCK.rules) 2407063 - ET RBN Known Russian Business Network IP UDP - BLOCKING (32) (emerging-rbn-BLOCK.rules) 2407064 - ET RBN Known Russian Business Network IP TCP - BLOCKING (33) (emerging-rbn-BLOCK.rules) 2407065 - ET RBN Known Russian Business Network IP UDP - BLOCKING (33) (emerging-rbn-BLOCK.rules) 2407066 - ET RBN Known Russian Business Network IP TCP - BLOCKING (34) (emerging-rbn-BLOCK.rules) 2407067 - ET RBN Known Russian Business Network IP UDP - BLOCKING (34) (emerging-rbn-BLOCK.rules) 2407068 - ET RBN Known Russian Business Network IP TCP - BLOCKING (35) (emerging-rbn-BLOCK.rules) 2407069 - ET RBN Known Russian Business Network IP UDP - BLOCKING (35) (emerging-rbn-BLOCK.rules) 2407070 - ET RBN Known Russian Business Network IP TCP - BLOCKING (36) (emerging-rbn-BLOCK.rules) 2407071 - ET RBN Known Russian Business Network IP UDP - BLOCKING (36) (emerging-rbn-BLOCK.rules) 2407072 - ET RBN Known Russian Business Network IP TCP - BLOCKING (37) (emerging-rbn-BLOCK.rules) 2407073 - ET RBN Known Russian Business Network IP UDP - BLOCKING (37) (emerging-rbn-BLOCK.rules) 2407074 - ET RBN Known Russian Business Network IP TCP - BLOCKING (38) (emerging-rbn-BLOCK.rules) 2407075 - ET RBN Known Russian Business Network IP UDP - BLOCKING (38) (emerging-rbn-BLOCK.rules) 2407076 - ET RBN Known Russian Business Network IP TCP - BLOCKING (39) (emerging-rbn-BLOCK.rules) 2407077 - ET RBN Known Russian Business Network IP UDP - BLOCKING (39) (emerging-rbn-BLOCK.rules) 2407078 - ET RBN Known Russian Business Network IP TCP - BLOCKING (40) (emerging-rbn-BLOCK.rules) 2407079 - ET RBN Known Russian Business Network IP UDP - BLOCKING (40) (emerging-rbn-BLOCK.rules) 2407080 - ET RBN Known Russian Business Network IP TCP - BLOCKING (41) (emerging-rbn-BLOCK.rules) 2407081 - ET RBN Known Russian Business Network IP UDP - BLOCKING (41) (emerging-rbn-BLOCK.rules) 2407082 - ET RBN Known Russian Business Network IP TCP - BLOCKING (42) (emerging-rbn-BLOCK.rules) 2407083 - ET RBN Known Russian Business Network IP UDP - BLOCKING (42) (emerging-rbn-BLOCK.rules) 2407084 - ET RBN Known Russian Business Network IP TCP - BLOCKING (43) (emerging-rbn-BLOCK.rules) 2407085 - ET RBN Known Russian Business Network IP UDP - BLOCKING (43) (emerging-rbn-BLOCK.rules) 2407086 - ET RBN Known Russian Business Network IP TCP - BLOCKING (44) (emerging-rbn-BLOCK.rules) 2407087 - ET RBN Known Russian Business Network IP UDP - BLOCKING (44) (emerging-rbn-BLOCK.rules) 2407088 - ET RBN Known Russian Business Network IP TCP - BLOCKING (45) (emerging-rbn-BLOCK.rules) 2407089 - ET RBN Known Russian Business Network IP UDP - BLOCKING (45) (emerging-rbn-BLOCK.rules) 2407090 - ET RBN Known Russian Business Network IP TCP - BLOCKING (46) (emerging-rbn-BLOCK.rules) 2407091 - ET RBN Known Russian Business Network IP UDP - BLOCKING (46) (emerging-rbn-BLOCK.rules) 2407092 - ET RBN Known Russian Business Network IP TCP - BLOCKING (47) (emerging-rbn-BLOCK.rules) 2407093 - ET RBN Known Russian Business Network IP UDP - BLOCKING (47) (emerging-rbn-BLOCK.rules) 2407094 - ET RBN Known Russian Business Network IP TCP - BLOCKING (48) (emerging-rbn-BLOCK.rules) 2407095 - ET RBN Known Russian Business Network IP UDP - BLOCKING (48) (emerging-rbn-BLOCK.rules) 2407096 - ET RBN Known Russian Business Network IP TCP - BLOCKING (49) (emerging-rbn-BLOCK.rules) 2407097 - ET RBN Known Russian Business Network IP UDP - BLOCKING (49) (emerging-rbn-BLOCK.rules) 2407098 - ET RBN Known Russian Business Network IP TCP - BLOCKING (50) (emerging-rbn-BLOCK.rules) 2407099 - ET RBN Known Russian Business Network IP UDP - BLOCKING (50) (emerging-rbn-BLOCK.rules) 2407100 - ET RBN Known Russian Business Network IP TCP - BLOCKING (51) (emerging-rbn-BLOCK.rules) 2407101 - ET RBN Known Russian Business Network IP UDP - BLOCKING (51) (emerging-rbn-BLOCK.rules) 2407102 - ET RBN Known Russian Business Network IP TCP - BLOCKING (52) (emerging-rbn-BLOCK.rules) 2407103 - ET RBN Known Russian Business Network IP UDP - BLOCKING (52) (emerging-rbn-BLOCK.rules) 2407104 - ET RBN Known Russian Business Network IP TCP - BLOCKING (53) (emerging-rbn-BLOCK.rules) 2407105 - ET RBN Known Russian Business Network IP UDP - BLOCKING (53) (emerging-rbn-BLOCK.rules) 2407106 - ET RBN Known Russian Business Network IP TCP - BLOCKING (54) (emerging-rbn-BLOCK.rules) 2407107 - ET RBN Known Russian Business Network IP UDP - BLOCKING (54) (emerging-rbn-BLOCK.rules) 2407108 - ET RBN Known Russian Business Network IP TCP - BLOCKING (55) (emerging-rbn-BLOCK.rules) 2407109 - ET RBN Known Russian Business Network IP UDP - BLOCKING (55) (emerging-rbn-BLOCK.rules) 2407110 - ET RBN Known Russian Business Network IP TCP - BLOCKING (56) (emerging-rbn-BLOCK.rules) 2407111 - ET RBN Known Russian Business Network IP UDP - BLOCKING (56) (emerging-rbn-BLOCK.rules) 2407112 - ET RBN Known Russian Business Network IP TCP - BLOCKING (57) (emerging-rbn-BLOCK.rules) 2407113 - ET RBN Known Russian Business Network IP UDP - BLOCKING (57) (emerging-rbn-BLOCK.rules) 2407114 - ET RBN Known Russian Business Network IP TCP - BLOCKING (58) (emerging-rbn-BLOCK.rules) 2407115 - ET RBN Known Russian Business Network IP UDP - BLOCKING (58) (emerging-rbn-BLOCK.rules) 2407116 - ET RBN Known Russian Business Network IP TCP - BLOCKING (59) (emerging-rbn-BLOCK.rules) 2407117 - ET RBN Known Russian Business Network IP UDP - BLOCKING (59) (emerging-rbn-BLOCK.rules) 2407118 - ET RBN Known Russian Business Network IP TCP - BLOCKING (60) (emerging-rbn-BLOCK.rules) 2407119 - ET RBN Known Russian Business Network IP UDP - BLOCKING (60) (emerging-rbn-BLOCK.rules) 2407120 - ET RBN Known Russian Business Network IP TCP - BLOCKING (61) (emerging-rbn-BLOCK.rules) 2407121 - ET RBN Known Russian Business Network IP UDP - BLOCKING (61) (emerging-rbn-BLOCK.rules) 2407122 - ET RBN Known Russian Business Network IP TCP - BLOCKING (62) (emerging-rbn-BLOCK.rules) 2407123 - ET RBN Known Russian Business Network IP UDP - BLOCKING (62) (emerging-rbn-BLOCK.rules) 2407124 - ET RBN Known Russian Business Network IP TCP - BLOCKING (63) (emerging-rbn-BLOCK.rules) 2407125 - ET RBN Known Russian Business Network IP UDP - BLOCKING (63) (emerging-rbn-BLOCK.rules) 2407126 - ET RBN Known Russian Business Network IP TCP - BLOCKING (64) (emerging-rbn-BLOCK.rules) 2407127 - ET RBN Known Russian Business Network IP UDP - BLOCKING (64) (emerging-rbn-BLOCK.rules) 2407128 - ET RBN Known Russian Business Network IP TCP - BLOCKING (65) (emerging-rbn-BLOCK.rules) 2407129 - ET RBN Known Russian Business Network IP UDP - BLOCKING (65) (emerging-rbn-BLOCK.rules) 2407130 - ET RBN Known Russian Business Network IP TCP - BLOCKING (66) (emerging-rbn-BLOCK.rules) 2407131 - ET RBN Known Russian Business Network IP UDP - BLOCKING (66) (emerging-rbn-BLOCK.rules) 2407132 - ET RBN Known Russian Business Network IP TCP - BLOCKING (67) (emerging-rbn-BLOCK.rules) 2407133 - ET RBN Known Russian Business Network IP UDP - BLOCKING (67) (emerging-rbn-BLOCK.rules) 2407134 - ET RBN Known Russian Business Network IP TCP - BLOCKING (68) (emerging-rbn-BLOCK.rules) 2407135 - ET RBN Known Russian Business Network IP UDP - BLOCKING (68) (emerging-rbn-BLOCK.rules) 2407136 - ET RBN Known Russian Business Network IP TCP - BLOCKING (69) (emerging-rbn-BLOCK.rules) 2407137 - ET RBN Known Russian Business Network IP UDP - BLOCKING (69) (emerging-rbn-BLOCK.rules) 2407138 - ET RBN Known Russian Business Network IP TCP - BLOCKING (70) (emerging-rbn-BLOCK.rules) 2407139 - ET RBN Known Russian Business Network IP UDP - BLOCKING (70) (emerging-rbn-BLOCK.rules) 2407140 - ET RBN Known Russian Business Network IP TCP - BLOCKING (71) (emerging-rbn-BLOCK.rules) 2407141 - ET RBN Known Russian Business Network IP UDP - BLOCKING (71) (emerging-rbn-BLOCK.rules) 2407142 - ET RBN Known Russian Business Network IP TCP - BLOCKING (72) (emerging-rbn-BLOCK.rules) 2407143 - ET RBN Known Russian Business Network IP UDP - BLOCKING (72) (emerging-rbn-BLOCK.rules) 2407144 - ET RBN Known Russian Business Network IP TCP - BLOCKING (73) (emerging-rbn-BLOCK.rules) 2407145 - ET RBN Known Russian Business Network IP UDP - BLOCKING (73) (emerging-rbn-BLOCK.rules) 2407146 - ET RBN Known Russian Business Network IP TCP - BLOCKING (74) (emerging-rbn-BLOCK.rules) 2407147 - ET RBN Known Russian Business Network IP UDP - BLOCKING (74) (emerging-rbn-BLOCK.rules) 2407148 - ET RBN Known Russian Business Network IP TCP - BLOCKING (75) (emerging-rbn-BLOCK.rules) 2407149 - ET RBN Known Russian Business Network IP UDP - BLOCKING (75) (emerging-rbn-BLOCK.rules) 2407150 - ET RBN Known Russian Business Network IP TCP - BLOCKING (76) (emerging-rbn-BLOCK.rules) 2407151 - ET RBN Known Russian Business Network IP UDP - BLOCKING (76) (emerging-rbn-BLOCK.rules) 2407152 - ET RBN Known Russian Business Network IP TCP - BLOCKING (77) (emerging-rbn-BLOCK.rules) 2407153 - ET RBN Known Russian Business Network IP UDP - BLOCKING (77) (emerging-rbn-BLOCK.rules) 2407154 - ET RBN Known Russian Business Network IP TCP - BLOCKING (78) (emerging-rbn-BLOCK.rules) 2407155 - ET RBN Known Russian Business Network IP UDP - BLOCKING (78) (emerging-rbn-BLOCK.rules) 2407156 - ET RBN Known Russian Business Network IP TCP - BLOCKING (79) (emerging-rbn-BLOCK.rules) 2407157 - ET RBN Known Russian Business Network IP UDP - BLOCKING (79) (emerging-rbn-BLOCK.rules) 2407158 - ET RBN Known Russian Business Network IP TCP - BLOCKING (80) (emerging-rbn-BLOCK.rules) 2407159 - ET RBN Known Russian Business Network IP UDP - BLOCKING (80) (emerging-rbn-BLOCK.rules) 2407160 - ET RBN Known Russian Business Network IP TCP - BLOCKING (81) (emerging-rbn-BLOCK.rules) 2407161 - ET RBN Known Russian Business Network IP UDP - BLOCKING (81) (emerging-rbn-BLOCK.rules) 2407162 - ET RBN Known Russian Business Network IP TCP - BLOCKING (82) (emerging-rbn-BLOCK.rules) 2407163 - ET RBN Known Russian Business Network IP UDP - BLOCKING (82) (emerging-rbn-BLOCK.rules) 2407164 - ET RBN Known Russian Business Network IP TCP - BLOCKING (83) (emerging-rbn-BLOCK.rules) 2407165 - ET RBN Known Russian Business Network IP UDP - BLOCKING (83) (emerging-rbn-BLOCK.rules) 2407166 - ET RBN Known Russian Business Network IP TCP - BLOCKING (84) (emerging-rbn-BLOCK.rules) 2407167 - ET RBN Known Russian Business Network IP UDP - BLOCKING (84) (emerging-rbn-BLOCK.rules) 2407168 - ET RBN Known Russian Business Network IP TCP - BLOCKING (85) (emerging-rbn-BLOCK.rules) 2407169 - ET RBN Known Russian Business Network IP UDP - BLOCKING (85) (emerging-rbn-BLOCK.rules) 2407170 - ET RBN Known Russian Business Network IP TCP - BLOCKING (86) (emerging-rbn-BLOCK.rules) 2407171 - ET RBN Known Russian Business Network IP UDP - BLOCKING (86) (emerging-rbn-BLOCK.rules) 2407172 - ET RBN Known Russian Business Network IP TCP - BLOCKING (87) (emerging-rbn-BLOCK.rules) 2407173 - ET RBN Known Russian Business Network IP UDP - BLOCKING (87) (emerging-rbn-BLOCK.rules) 2407174 - ET RBN Known Russian Business Network IP TCP - BLOCKING (88) (emerging-rbn-BLOCK.rules) 2407175 - ET RBN Known Russian Business Network IP UDP - BLOCKING (88) (emerging-rbn-BLOCK.rules) 2407176 - ET RBN Known Russian Business Network IP TCP - BLOCKING (89) (emerging-rbn-BLOCK.rules) 2407177 - ET RBN Known Russian Business Network IP UDP - BLOCKING (89) (emerging-rbn-BLOCK.rules) 2407178 - ET RBN Known Russian Business Network IP TCP - BLOCKING (90) (emerging-rbn-BLOCK.rules) 2407179 - ET RBN Known Russian Business Network IP UDP - BLOCKING (90) (emerging-rbn-BLOCK.rules) 2407180 - ET RBN Known Russian Business Network IP TCP - BLOCKING (91) (emerging-rbn-BLOCK.rules) 2407181 - ET RBN Known Russian Business Network IP UDP - BLOCKING (91) (emerging-rbn-BLOCK.rules) 2407182 - ET RBN Known Russian Business Network IP TCP - BLOCKING (92) (emerging-rbn-BLOCK.rules) 2407183 - ET RBN Known Russian Business Network IP UDP - BLOCKING (92) (emerging-rbn-BLOCK.rules) 2407184 - ET RBN Known Russian Business Network IP TCP - BLOCKING (93) (emerging-rbn-BLOCK.rules) 2407185 - ET RBN Known Russian Business Network IP UDP - BLOCKING (93) (emerging-rbn-BLOCK.rules) 2407186 - ET RBN Known Russian Business Network IP TCP - BLOCKING (94) (emerging-rbn-BLOCK.rules) 2407187 - ET RBN Known Russian Business Network IP UDP - BLOCKING (94) (emerging-rbn-BLOCK.rules) 2407188 - ET RBN Known Russian Business Network IP TCP - BLOCKING (95) (emerging-rbn-BLOCK.rules) 2407189 - ET RBN Known Russian Business Network IP UDP - BLOCKING (95) (emerging-rbn-BLOCK.rules) 2407190 - ET RBN Known Russian Business Network IP TCP - BLOCKING (96) (emerging-rbn-BLOCK.rules) 2407191 - ET RBN Known Russian Business Network IP UDP - BLOCKING (96) (emerging-rbn-BLOCK.rules) 2407192 - ET RBN Known Russian Business Network IP TCP - BLOCKING (97) (emerging-rbn-BLOCK.rules) 2407193 - ET RBN Known Russian Business Network IP UDP - BLOCKING (97) (emerging-rbn-BLOCK.rules) 2407194 - ET RBN Known Russian Business Network IP TCP - BLOCKING (98) (emerging-rbn-BLOCK.rules) 2407195 - ET RBN Known Russian Business Network IP UDP - BLOCKING (98) (emerging-rbn-BLOCK.rules) 2407196 - ET RBN Known Russian Business Network IP TCP - BLOCKING (99) (emerging-rbn-BLOCK.rules) 2407197 - ET RBN Known Russian Business Network IP UDP - BLOCKING (99) (emerging-rbn-BLOCK.rules) 2407198 - ET RBN Known Russian Business Network IP TCP - BLOCKING (100) (emerging-rbn-BLOCK.rules) 2407199 - ET RBN Known Russian Business Network IP UDP - BLOCKING (100) (emerging-rbn-BLOCK.rules) 2407200 - ET RBN Known Russian Business Network IP TCP - BLOCKING (101) (emerging-rbn-BLOCK.rules) 2407201 - ET RBN Known Russian Business Network IP UDP - BLOCKING (101) (emerging-rbn-BLOCK.rules) 2407202 - ET RBN Known Russian Business Network IP TCP - BLOCKING (102) (emerging-rbn-BLOCK.rules) 2407203 - ET RBN Known Russian Business Network IP UDP - BLOCKING (102) (emerging-rbn-BLOCK.rules) 2407204 - ET RBN Known Russian Business Network IP TCP - BLOCKING (103) (emerging-rbn-BLOCK.rules) 2407205 - ET RBN Known Russian Business Network IP UDP - BLOCKING (103) (emerging-rbn-BLOCK.rules) 2407206 - ET RBN Known Russian Business Network IP TCP - BLOCKING (104) (emerging-rbn-BLOCK.rules) 2407207 - ET RBN Known Russian Business Network IP UDP - BLOCKING (104) (emerging-rbn-BLOCK.rules) 2407208 - ET RBN Known Russian Business Network IP TCP - BLOCKING (105) (emerging-rbn-BLOCK.rules) 2407209 - ET RBN Known Russian Business Network IP UDP - BLOCKING (105) (emerging-rbn-BLOCK.rules) 2407210 - ET RBN Known Russian Business Network IP TCP - BLOCKING (106) (emerging-rbn-BLOCK.rules) 2407211 - ET RBN Known Russian Business Network IP UDP - BLOCKING (106) (emerging-rbn-BLOCK.rules) 2407212 - ET RBN Known Russian Business Network IP TCP - BLOCKING (107) (emerging-rbn-BLOCK.rules) 2407213 - ET RBN Known Russian Business Network IP UDP - BLOCKING (107) (emerging-rbn-BLOCK.rules) 2407214 - ET RBN Known Russian Business Network IP TCP - BLOCKING (108) (emerging-rbn-BLOCK.rules) 2407215 - ET RBN Known Russian Business Network IP UDP - BLOCKING (108) (emerging-rbn-BLOCK.rules) 2407216 - ET RBN Known Russian Business Network IP TCP - BLOCKING (109) (emerging-rbn-BLOCK.rules) 2407217 - ET RBN Known Russian Business Network IP UDP - BLOCKING (109) (emerging-rbn-BLOCK.rules) 2407218 - ET RBN Known Russian Business Network IP TCP - BLOCKING (110) (emerging-rbn-BLOCK.rules) 2407219 - ET RBN Known Russian Business Network IP UDP - BLOCKING (110) (emerging-rbn-BLOCK.rules) 2407220 - ET RBN Known Russian Business Network IP TCP - BLOCKING (111) (emerging-rbn-BLOCK.rules) 2407221 - ET RBN Known Russian Business Network IP UDP - BLOCKING (111) (emerging-rbn-BLOCK.rules) 2407222 - ET RBN Known Russian Business Network IP TCP - BLOCKING (112) (emerging-rbn-BLOCK.rules) 2407223 - ET RBN Known Russian Business Network IP UDP - BLOCKING (112) (emerging-rbn-BLOCK.rules) 2407224 - ET RBN Known Russian Business Network IP TCP - BLOCKING (113) (emerging-rbn-BLOCK.rules) 2407225 - ET RBN Known Russian Business Network IP UDP - BLOCKING (113) (emerging-rbn-BLOCK.rules) 2407226 - ET RBN Known Russian Business Network IP TCP - BLOCKING (114) (emerging-rbn-BLOCK.rules) 2407227 - ET RBN Known Russian Business Network IP UDP - BLOCKING (114) (emerging-rbn-BLOCK.rules) 2407228 - ET RBN Known Russian Business Network IP TCP - BLOCKING (115) (emerging-rbn-BLOCK.rules) 2407229 - ET RBN Known Russian Business Network IP UDP - BLOCKING (115) (emerging-rbn-BLOCK.rules) 2407230 - ET RBN Known Russian Business Network IP TCP - BLOCKING (116) (emerging-rbn-BLOCK.rules) 2407231 - ET RBN Known Russian Business Network IP UDP - BLOCKING (116) (emerging-rbn-BLOCK.rules) 2407232 - ET RBN Known Russian Business Network IP TCP - BLOCKING (117) (emerging-rbn-BLOCK.rules) 2407233 - ET RBN Known Russian Business Network IP UDP - BLOCKING (117) (emerging-rbn-BLOCK.rules) 2407234 - ET RBN Known Russian Business Network IP TCP - BLOCKING (118) (emerging-rbn-BLOCK.rules) 2407235 - ET RBN Known Russian Business Network IP UDP - BLOCKING (118) (emerging-rbn-BLOCK.rules) 2407236 - ET RBN Known Russian Business Network IP TCP - BLOCKING (119) (emerging-rbn-BLOCK.rules) 2407237 - ET RBN Known Russian Business Network IP UDP - BLOCKING (119) (emerging-rbn-BLOCK.rules) 2407238 - ET RBN Known Russian Business Network IP TCP - BLOCKING (120) (emerging-rbn-BLOCK.rules) 2407239 - ET RBN Known Russian Business Network IP UDP - BLOCKING (120) (emerging-rbn-BLOCK.rules) 2407240 - ET RBN Known Russian Business Network IP TCP - BLOCKING (121) (emerging-rbn-BLOCK.rules) 2407241 - ET RBN Known Russian Business Network IP UDP - BLOCKING (121) (emerging-rbn-BLOCK.rules) 2407242 - ET RBN Known Russian Business Network IP TCP - BLOCKING (122) (emerging-rbn-BLOCK.rules) 2407243 - ET RBN Known Russian Business Network IP UDP - BLOCKING (122) (emerging-rbn-BLOCK.rules) 2407244 - ET RBN Known Russian Business Network IP TCP - BLOCKING (123) (emerging-rbn-BLOCK.rules) 2407245 - ET RBN Known Russian Business Network IP UDP - BLOCKING (123) (emerging-rbn-BLOCK.rules) 2407246 - ET RBN Known Russian Business Network IP TCP - BLOCKING (124) (emerging-rbn-BLOCK.rules) 2407247 - ET RBN Known Russian Business Network IP UDP - BLOCKING (124) (emerging-rbn-BLOCK.rules) 2407248 - ET RBN Known Russian Business Network IP TCP - BLOCKING (125) (emerging-rbn-BLOCK.rules) 2407249 - ET RBN Known Russian Business Network IP UDP - BLOCKING (125) (emerging-rbn-BLOCK.rules) 2407250 - ET RBN Known Russian Business Network IP TCP - BLOCKING (126) (emerging-rbn-BLOCK.rules) 2407251 - ET RBN Known Russian Business Network IP UDP - BLOCKING (126) (emerging-rbn-BLOCK.rules) 2407252 - ET RBN Known Russian Business Network IP TCP - BLOCKING (127) (emerging-rbn-BLOCK.rules) 2407253 - ET RBN Known Russian Business Network IP UDP - BLOCKING (127) (emerging-rbn-BLOCK.rules) 2407254 - ET RBN Known Russian Business Network IP TCP - BLOCKING (128) (emerging-rbn-BLOCK.rules) 2407255 - ET RBN Known Russian Business Network IP UDP - BLOCKING (128) (emerging-rbn-BLOCK.rules) 2407256 - ET RBN Known Russian Business Network IP TCP - BLOCKING (129) (emerging-rbn-BLOCK.rules) 2407257 - ET RBN Known Russian Business Network IP UDP - BLOCKING (129) (emerging-rbn-BLOCK.rules) 2407258 - ET RBN Known Russian Business Network IP TCP - BLOCKING (130) (emerging-rbn-BLOCK.rules) 2407259 - ET RBN Known Russian Business Network IP UDP - BLOCKING (130) (emerging-rbn-BLOCK.rules) 2407260 - ET RBN Known Russian Business Network IP TCP - BLOCKING (131) (emerging-rbn-BLOCK.rules) 2407261 - ET RBN Known Russian Business Network IP UDP - BLOCKING (131) (emerging-rbn-BLOCK.rules) 2407262 - ET RBN Known Russian Business Network IP TCP - BLOCKING (132) (emerging-rbn-BLOCK.rules) 2407263 - ET RBN Known Russian Business Network IP UDP - BLOCKING (132) (emerging-rbn-BLOCK.rules) 2407264 - ET RBN Known Russian Business Network IP TCP - BLOCKING (133) (emerging-rbn-BLOCK.rules) 2407265 - ET RBN Known Russian Business Network IP UDP - BLOCKING (133) (emerging-rbn-BLOCK.rules) 2407266 - ET RBN Known Russian Business Network IP TCP - BLOCKING (134) (emerging-rbn-BLOCK.rules) 2407267 - ET RBN Known Russian Business Network IP UDP - BLOCKING (134) (emerging-rbn-BLOCK.rules) 2407268 - ET RBN Known Russian Business Network IP TCP - BLOCKING (135) (emerging-rbn-BLOCK.rules) 2407269 - ET RBN Known Russian Business Network IP UDP - BLOCKING (135) (emerging-rbn-BLOCK.rules) 2407270 - ET RBN Known Russian Business Network IP TCP - BLOCKING (136) (emerging-rbn-BLOCK.rules) 2407271 - ET RBN Known Russian Business Network IP UDP - BLOCKING (136) (emerging-rbn-BLOCK.rules) 2407272 - ET RBN Known Russian Business Network IP TCP - BLOCKING (137) (emerging-rbn-BLOCK.rules) 2407273 - ET RBN Known Russian Business Network IP UDP - BLOCKING (137) (emerging-rbn-BLOCK.rules) 2407274 - ET RBN Known Russian Business Network IP TCP - BLOCKING (138) (emerging-rbn-BLOCK.rules) 2407275 - ET RBN Known Russian Business Network IP UDP - BLOCKING (138) (emerging-rbn-BLOCK.rules) 2407276 - ET RBN Known Russian Business Network IP TCP - BLOCKING (139) (emerging-rbn-BLOCK.rules) 2407277 - ET RBN Known Russian Business Network IP UDP - BLOCKING (139) (emerging-rbn-BLOCK.rules) 2407278 - ET RBN Known Russian Business Network IP TCP - BLOCKING (140) (emerging-rbn-BLOCK.rules) 2407279 - ET RBN Known Russian Business Network IP UDP - BLOCKING (140) (emerging-rbn-BLOCK.rules) 2407280 - ET RBN Known Russian Business Network IP TCP - BLOCKING (141) (emerging-rbn-BLOCK.rules) 2407281 - ET RBN Known Russian Business Network IP UDP - BLOCKING (141) (emerging-rbn-BLOCK.rules) 2407282 - ET RBN Known Russian Business Network IP TCP - BLOCKING (142) (emerging-rbn-BLOCK.rules) 2407283 - ET RBN Known Russian Business Network IP UDP - BLOCKING (142) (emerging-rbn-BLOCK.rules) 2407284 - ET RBN Known Russian Business Network IP TCP - BLOCKING (143) (emerging-rbn-BLOCK.rules) 2407285 - ET RBN Known Russian Business Network IP UDP - BLOCKING (143) (emerging-rbn-BLOCK.rules) 2407286 - ET RBN Known Russian Business Network IP TCP - BLOCKING (144) (emerging-rbn-BLOCK.rules) 2407287 - ET RBN Known Russian Business Network IP UDP - BLOCKING (144) (emerging-rbn-BLOCK.rules) 2407288 - ET RBN Known Russian Business Network IP TCP - BLOCKING (145) (emerging-rbn-BLOCK.rules) 2407289 - ET RBN Known Russian Business Network IP UDP - BLOCKING (145) (emerging-rbn-BLOCK.rules) 2407290 - ET RBN Known Russian Business Network IP TCP - BLOCKING (146) (emerging-rbn-BLOCK.rules) 2407291 - ET RBN Known Russian Business Network IP UDP - BLOCKING (146) (emerging-rbn-BLOCK.rules) 2407292 - ET RBN Known Russian Business Network IP TCP - BLOCKING (147) (emerging-rbn-BLOCK.rules) 2407293 - ET RBN Known Russian Business Network IP UDP - BLOCKING (147) (emerging-rbn-BLOCK.rules) 2407294 - ET RBN Known Russian Business Network IP TCP - BLOCKING (148) (emerging-rbn-BLOCK.rules) 2407295 - ET RBN Known Russian Business Network IP UDP - BLOCKING (148) (emerging-rbn-BLOCK.rules) 2407296 - ET RBN Known Russian Business Network IP TCP - BLOCKING (149) (emerging-rbn-BLOCK.rules) 2407297 - ET RBN Known Russian Business Network IP UDP - BLOCKING (149) (emerging-rbn-BLOCK.rules) 2407298 - ET RBN Known Russian Business Network IP TCP - BLOCKING (150) (emerging-rbn-BLOCK.rules) 2407299 - ET RBN Known Russian Business Network IP UDP - BLOCKING (150) (emerging-rbn-BLOCK.rules) 2407300 - ET RBN Known Russian Business Network IP TCP - BLOCKING (151) (emerging-rbn-BLOCK.rules) 2407301 - ET RBN Known Russian Business Network IP UDP - BLOCKING (151) (emerging-rbn-BLOCK.rules) 2407302 - ET RBN Known Russian Business Network IP TCP - BLOCKING (152) (emerging-rbn-BLOCK.rules) 2407303 - ET RBN Known Russian Business Network IP UDP - BLOCKING (152) (emerging-rbn-BLOCK.rules) 2407304 - ET RBN Known Russian Business Network IP TCP - BLOCKING (153) (emerging-rbn-BLOCK.rules) 2407305 - ET RBN Known Russian Business Network IP UDP - BLOCKING (153) (emerging-rbn-BLOCK.rules) 2407306 - ET RBN Known Russian Business Network IP TCP - BLOCKING (154) (emerging-rbn-BLOCK.rules) 2407307 - ET RBN Known Russian Business Network IP UDP - BLOCKING (154) (emerging-rbn-BLOCK.rules) 2407308 - ET RBN Known Russian Business Network IP TCP - BLOCKING (155) (emerging-rbn-BLOCK.rules) 2407309 - ET RBN Known Russian Business Network IP UDP - BLOCKING (155) (emerging-rbn-BLOCK.rules) 2407310 - ET RBN Known Russian Business Network IP TCP - BLOCKING (156) (emerging-rbn-BLOCK.rules) 2407311 - ET RBN Known Russian Business Network IP UDP - BLOCKING (156) (emerging-rbn-BLOCK.rules) 2407312 - ET RBN Known Russian Business Network IP TCP - BLOCKING (157) (emerging-rbn-BLOCK.rules) 2407313 - ET RBN Known Russian Business Network IP UDP - BLOCKING (157) (emerging-rbn-BLOCK.rules) 2407314 - ET RBN Known Russian Business Network IP TCP - BLOCKING (158) (emerging-rbn-BLOCK.rules) 2407315 - ET RBN Known Russian Business Network IP UDP - BLOCKING (158) (emerging-rbn-BLOCK.rules) 2407316 - ET RBN Known Russian Business Network IP TCP - BLOCKING (159) (emerging-rbn-BLOCK.rules) 2407317 - ET RBN Known Russian Business Network IP UDP - BLOCKING (159) (emerging-rbn-BLOCK.rules) 2407318 - ET RBN Known Russian Business Network IP TCP - BLOCKING (160) (emerging-rbn-BLOCK.rules) 2407319 - ET RBN Known Russian Business Network IP UDP - BLOCKING (160) (emerging-rbn-BLOCK.rules) 2407320 - ET RBN Known Russian Business Network IP TCP - BLOCKING (161) (emerging-rbn-BLOCK.rules) 2407321 - ET RBN Known Russian Business Network IP UDP - BLOCKING (161) (emerging-rbn-BLOCK.rules) 2407322 - ET RBN Known Russian Business Network IP TCP - BLOCKING (162) (emerging-rbn-BLOCK.rules) 2407323 - ET RBN Known Russian Business Network IP UDP - BLOCKING (162) (emerging-rbn-BLOCK.rules) 2407324 - ET RBN Known Russian Business Network IP TCP - BLOCKING (163) (emerging-rbn-BLOCK.rules) 2407325 - ET RBN Known Russian Business Network IP UDP - BLOCKING (163) (emerging-rbn-BLOCK.rules) 2407326 - ET RBN Known Russian Business Network IP TCP - BLOCKING (164) (emerging-rbn-BLOCK.rules) 2407327 - ET RBN Known Russian Business Network IP UDP - BLOCKING (164) (emerging-rbn-BLOCK.rules) 2407328 - ET RBN Known Russian Business Network IP TCP - BLOCKING (165) (emerging-rbn-BLOCK.rules) 2407329 - ET RBN Known Russian Business Network IP UDP - BLOCKING (165) (emerging-rbn-BLOCK.rules) 2407330 - ET RBN Known Russian Business Network IP TCP - BLOCKING (166) (emerging-rbn-BLOCK.rules) 2407331 - ET RBN Known Russian Business Network IP UDP - BLOCKING (166) (emerging-rbn-BLOCK.rules) 2407332 - ET RBN Known Russian Business Network IP TCP - BLOCKING (167) (emerging-rbn-BLOCK.rules) 2407333 - ET RBN Known Russian Business Network IP UDP - BLOCKING (167) (emerging-rbn-BLOCK.rules) 2407334 - ET RBN Known Russian Business Network IP TCP - BLOCKING (168) (emerging-rbn-BLOCK.rules) 2407335 - ET RBN Known Russian Business Network IP UDP - BLOCKING (168) (emerging-rbn-BLOCK.rules) 2407336 - ET RBN Known Russian Business Network IP TCP - BLOCKING (169) (emerging-rbn-BLOCK.rules) 2407337 - ET RBN Known Russian Business Network IP UDP - BLOCKING (169) (emerging-rbn-BLOCK.rules) 2407338 - ET RBN Known Russian Business Network IP TCP - BLOCKING (170) (emerging-rbn-BLOCK.rules) 2407339 - ET RBN Known Russian Business Network IP UDP - BLOCKING (170) (emerging-rbn-BLOCK.rules) 2407340 - ET RBN Known Russian Business Network IP TCP - BLOCKING (171) (emerging-rbn-BLOCK.rules) 2407341 - ET RBN Known Russian Business Network IP UDP - BLOCKING (171) (emerging-rbn-BLOCK.rules) 2407342 - ET RBN Known Russian Business Network IP TCP - BLOCKING (172) (emerging-rbn-BLOCK.rules) 2407343 - ET RBN Known Russian Business Network IP UDP - BLOCKING (172) (emerging-rbn-BLOCK.rules) 2407344 - ET RBN Known Russian Business Network IP TCP - BLOCKING (173) (emerging-rbn-BLOCK.rules) 2407345 - ET RBN Known Russian Business Network IP UDP - BLOCKING (173) (emerging-rbn-BLOCK.rules) 2407346 - ET RBN Known Russian Business Network IP TCP - BLOCKING (174) (emerging-rbn-BLOCK.rules) 2407347 - ET RBN Known Russian Business Network IP UDP - BLOCKING (174) (emerging-rbn-BLOCK.rules) 2407348 - ET RBN Known Russian Business Network IP TCP - BLOCKING (175) (emerging-rbn-BLOCK.rules) 2407349 - ET RBN Known Russian Business Network IP UDP - BLOCKING (175) (emerging-rbn-BLOCK.rules) 2407350 - ET RBN Known Russian Business Network IP TCP - BLOCKING (176) (emerging-rbn-BLOCK.rules) 2407351 - ET RBN Known Russian Business Network IP UDP - BLOCKING (176) (emerging-rbn-BLOCK.rules) 2407352 - ET RBN Known Russian Business Network IP TCP - BLOCKING (177) (emerging-rbn-BLOCK.rules) 2407353 - ET RBN Known Russian Business Network IP UDP - BLOCKING (177) (emerging-rbn-BLOCK.rules) 2407354 - ET RBN Known Russian Business Network IP TCP - BLOCKING (178) (emerging-rbn-BLOCK.rules) 2407355 - ET RBN Known Russian Business Network IP UDP - BLOCKING (178) (emerging-rbn-BLOCK.rules) 2407356 - ET RBN Known Russian Business Network IP TCP - BLOCKING (179) (emerging-rbn-BLOCK.rules) 2407357 - ET RBN Known Russian Business Network IP UDP - BLOCKING (179) (emerging-rbn-BLOCK.rules) 2407358 - ET RBN Known Russian Business Network IP TCP - BLOCKING (180) (emerging-rbn-BLOCK.rules) 2407359 - ET RBN Known Russian Business Network IP UDP - BLOCKING (180) (emerging-rbn-BLOCK.rules) 2407360 - ET RBN Known Russian Business Network IP TCP - BLOCKING (181) (emerging-rbn-BLOCK.rules) 2407361 - ET RBN Known Russian Business Network IP UDP - BLOCKING (181) (emerging-rbn-BLOCK.rules) 2407362 - ET RBN Known Russian Business Network IP TCP - BLOCKING (182) (emerging-rbn-BLOCK.rules) 2407363 - ET RBN Known Russian Business Network IP UDP - BLOCKING (182) (emerging-rbn-BLOCK.rules) 2407364 - ET RBN Known Russian Business Network IP TCP - BLOCKING (183) (emerging-rbn-BLOCK.rules) 2407365 - ET RBN Known Russian Business Network IP UDP - BLOCKING (183) (emerging-rbn-BLOCK.rules) 2407366 - ET RBN Known Russian Business Network IP TCP - BLOCKING (184) (emerging-rbn-BLOCK.rules) 2407367 - ET RBN Known Russian Business Network IP UDP - BLOCKING (184) (emerging-rbn-BLOCK.rules) 2407368 - ET RBN Known Russian Business Network IP TCP - BLOCKING (185) (emerging-rbn-BLOCK.rules) 2407369 - ET RBN Known Russian Business Network IP UDP - BLOCKING (185) (emerging-rbn-BLOCK.rules) 2407370 - ET RBN Known Russian Business Network IP TCP - BLOCKING (186) (emerging-rbn-BLOCK.rules) 2407371 - ET RBN Known Russian Business Network IP UDP - BLOCKING (186) (emerging-rbn-BLOCK.rules) 2407372 - ET RBN Known Russian Business Network IP TCP - BLOCKING (187) (emerging-rbn-BLOCK.rules) 2407373 - ET RBN Known Russian Business Network IP UDP - BLOCKING (187) (emerging-rbn-BLOCK.rules) 2407374 - ET RBN Known Russian Business Network IP TCP - BLOCKING (188) (emerging-rbn-BLOCK.rules) 2407375 - ET RBN Known Russian Business Network IP UDP - BLOCKING (188) (emerging-rbn-BLOCK.rules) 2407376 - ET RBN Known Russian Business Network IP TCP - BLOCKING (189) (emerging-rbn-BLOCK.rules) 2407377 - ET RBN Known Russian Business Network IP UDP - BLOCKING (189) (emerging-rbn-BLOCK.rules) 2407378 - ET RBN Known Russian Business Network IP TCP - BLOCKING (190) (emerging-rbn-BLOCK.rules) 2407379 - ET RBN Known Russian Business Network IP UDP - BLOCKING (190) (emerging-rbn-BLOCK.rules) 2407380 - ET RBN Known Russian Business Network IP TCP - BLOCKING (191) (emerging-rbn-BLOCK.rules) 2407381 - ET RBN Known Russian Business Network IP UDP - BLOCKING (191) (emerging-rbn-BLOCK.rules) 2407382 - ET RBN Known Russian Business Network IP TCP - BLOCKING (192) (emerging-rbn-BLOCK.rules) 2407383 - ET RBN Known Russian Business Network IP UDP - BLOCKING (192) (emerging-rbn-BLOCK.rules) 2407384 - ET RBN Known Russian Business Network IP TCP - BLOCKING (193) (emerging-rbn-BLOCK.rules) 2407385 - ET RBN Known Russian Business Network IP UDP - BLOCKING (193) (emerging-rbn-BLOCK.rules) 2407386 - ET RBN Known Russian Business Network IP TCP - BLOCKING (194) (emerging-rbn-BLOCK.rules) 2407387 - ET RBN Known Russian Business Network IP UDP - BLOCKING (194) (emerging-rbn-BLOCK.rules) 2407388 - ET RBN Known Russian Business Network IP TCP - BLOCKING (195) (emerging-rbn-BLOCK.rules) 2407389 - ET RBN Known Russian Business Network IP UDP - BLOCKING (195) (emerging-rbn-BLOCK.rules) 2407390 - ET RBN Known Russian Business Network IP TCP - BLOCKING (196) (emerging-rbn-BLOCK.rules) 2407391 - ET RBN Known Russian Business Network IP UDP - BLOCKING (196) (emerging-rbn-BLOCK.rules) 2407392 - ET RBN Known Russian Business Network IP TCP - BLOCKING (197) (emerging-rbn-BLOCK.rules) 2407393 - ET RBN Known Russian Business Network IP UDP - BLOCKING (197) (emerging-rbn-BLOCK.rules) 2407394 - ET RBN Known Russian Business Network IP TCP - BLOCKING (198) (emerging-rbn-BLOCK.rules) 2407395 - ET RBN Known Russian Business Network IP UDP - BLOCKING (198) (emerging-rbn-BLOCK.rules) 2407396 - ET RBN Known Russian Business Network IP TCP - BLOCKING (199) (emerging-rbn-BLOCK.rules) 2407397 - ET RBN Known Russian Business Network IP UDP - BLOCKING (199) (emerging-rbn-BLOCK.rules) 2407398 - ET RBN Known Russian Business Network IP TCP - BLOCKING (200) (emerging-rbn-BLOCK.rules) 2407399 - ET RBN Known Russian Business Network IP UDP - BLOCKING (200) (emerging-rbn-BLOCK.rules) 2407400 - ET RBN Known Russian Business Network IP TCP - BLOCKING (201) (emerging-rbn-BLOCK.rules) 2407401 - ET RBN Known Russian Business Network IP UDP - BLOCKING (201) (emerging-rbn-BLOCK.rules) 2407402 - ET RBN Known Russian Business Network IP TCP - BLOCKING (202) (emerging-rbn-BLOCK.rules) 2407403 - ET RBN Known Russian Business Network IP UDP - BLOCKING (202) (emerging-rbn-BLOCK.rules) 2407404 - ET RBN Known Russian Business Network IP TCP - BLOCKING (203) (emerging-rbn-BLOCK.rules) 2407405 - ET RBN Known Russian Business Network IP UDP - BLOCKING (203) (emerging-rbn-BLOCK.rules) 2407406 - ET RBN Known Russian Business Network IP TCP - BLOCKING (204) (emerging-rbn-BLOCK.rules) 2407407 - ET RBN Known Russian Business Network IP UDP - BLOCKING (204) (emerging-rbn-BLOCK.rules) 2407408 - ET RBN Known Russian Business Network IP TCP - BLOCKING (205) (emerging-rbn-BLOCK.rules) 2407409 - ET RBN Known Russian Business Network IP UDP - BLOCKING (205) (emerging-rbn-BLOCK.rules) 2407410 - ET RBN Known Russian Business Network IP TCP - BLOCKING (206) (emerging-rbn-BLOCK.rules) 2407411 - ET RBN Known Russian Business Network IP UDP - BLOCKING (206) (emerging-rbn-BLOCK.rules) 2407412 - ET RBN Known Russian Business Network IP TCP - BLOCKING (207) (emerging-rbn-BLOCK.rules) 2407413 - ET RBN Known Russian Business Network IP UDP - BLOCKING (207) (emerging-rbn-BLOCK.rules) 2407414 - ET RBN Known Russian Business Network IP TCP - BLOCKING (208) (emerging-rbn-BLOCK.rules) 2407415 - ET RBN Known Russian Business Network IP UDP - BLOCKING (208) (emerging-rbn-BLOCK.rules) 2407416 - ET RBN Known Russian Business Network IP TCP - BLOCKING (209) (emerging-rbn-BLOCK.rules) 2407417 - ET RBN Known Russian Business Network IP UDP - BLOCKING (209) (emerging-rbn-BLOCK.rules) 2407418 - ET RBN Known Russian Business Network IP TCP - BLOCKING (210) (emerging-rbn-BLOCK.rules) 2407419 - ET RBN Known Russian Business Network IP UDP - BLOCKING (210) (emerging-rbn-BLOCK.rules) 2407420 - ET RBN Known Russian Business Network IP TCP - BLOCKING (211) (emerging-rbn-BLOCK.rules) 2407421 - ET RBN Known Russian Business Network IP UDP - BLOCKING (211) (emerging-rbn-BLOCK.rules) 2407422 - ET RBN Known Russian Business Network IP TCP - BLOCKING (212) (emerging-rbn-BLOCK.rules) 2407423 - ET RBN Known Russian Business Network IP UDP - BLOCKING (212) (emerging-rbn-BLOCK.rules) 2407424 - ET RBN Known Russian Business Network IP TCP - BLOCKING (213) (emerging-rbn-BLOCK.rules) 2407425 - ET RBN Known Russian Business Network IP UDP - BLOCKING (213) (emerging-rbn-BLOCK.rules) 2407426 - ET RBN Known Russian Business Network IP TCP - BLOCKING (214) (emerging-rbn-BLOCK.rules) 2407427 - ET RBN Known Russian Business Network IP UDP - BLOCKING (214) (emerging-rbn-BLOCK.rules) 2407428 - ET RBN Known Russian Business Network IP TCP - BLOCKING (215) (emerging-rbn-BLOCK.rules) 2407429 - ET RBN Known Russian Business Network IP UDP - BLOCKING (215) (emerging-rbn-BLOCK.rules) 2407430 - ET RBN Known Russian Business Network IP TCP - BLOCKING (216) (emerging-rbn-BLOCK.rules) 2407431 - ET RBN Known Russian Business Network IP UDP - BLOCKING (216) (emerging-rbn-BLOCK.rules) 2407432 - ET RBN Known Russian Business Network IP TCP - BLOCKING (217) (emerging-rbn-BLOCK.rules) 2407433 - ET RBN Known Russian Business Network IP UDP - BLOCKING (217) (emerging-rbn-BLOCK.rules) 2407434 - ET RBN Known Russian Business Network IP TCP - BLOCKING (218) (emerging-rbn-BLOCK.rules) 2407435 - ET RBN Known Russian Business Network IP UDP - BLOCKING (218) (emerging-rbn-BLOCK.rules) 2407436 - ET RBN Known Russian Business Network IP TCP - BLOCKING (219) (emerging-rbn-BLOCK.rules) 2407437 - ET RBN Known Russian Business Network IP UDP - BLOCKING (219) (emerging-rbn-BLOCK.rules) 2407438 - ET RBN Known Russian Business Network IP TCP - BLOCKING (220) (emerging-rbn-BLOCK.rules) 2407439 - ET RBN Known Russian Business Network IP UDP - BLOCKING (220) (emerging-rbn-BLOCK.rules) 2407440 - ET RBN Known Russian Business Network IP TCP - BLOCKING (221) (emerging-rbn-BLOCK.rules) 2407441 - ET RBN Known Russian Business Network IP UDP - BLOCKING (221) (emerging-rbn-BLOCK.rules) 2407442 - ET RBN Known Russian Business Network IP TCP - BLOCKING (222) (emerging-rbn-BLOCK.rules) 2407443 - ET RBN Known Russian Business Network IP UDP - BLOCKING (222) (emerging-rbn-BLOCK.rules) 2407444 - ET RBN Known Russian Business Network IP TCP - BLOCKING (223) (emerging-rbn-BLOCK.rules) 2407445 - ET RBN Known Russian Business Network IP UDP - BLOCKING (223) (emerging-rbn-BLOCK.rules) 2407446 - ET RBN Known Russian Business Network IP TCP - BLOCKING (224) (emerging-rbn-BLOCK.rules) 2407447 - ET RBN Known Russian Business Network IP UDP - BLOCKING (224) (emerging-rbn-BLOCK.rules) 2407448 - ET RBN Known Russian Business Network IP TCP - BLOCKING (225) (emerging-rbn-BLOCK.rules) 2407449 - ET RBN Known Russian Business Network IP UDP - BLOCKING (225) (emerging-rbn-BLOCK.rules) 2407450 - ET RBN Known Russian Business Network IP TCP - BLOCKING (226) (emerging-rbn-BLOCK.rules) 2407451 - ET RBN Known Russian Business Network IP UDP - BLOCKING (226) (emerging-rbn-BLOCK.rules) 2407452 - ET RBN Known Russian Business Network IP TCP - BLOCKING (227) (emerging-rbn-BLOCK.rules) 2407453 - ET RBN Known Russian Business Network IP UDP - BLOCKING (227) (emerging-rbn-BLOCK.rules) 2407454 - ET RBN Known Russian Business Network IP TCP - BLOCKING (228) (emerging-rbn-BLOCK.rules) 2407455 - ET RBN Known Russian Business Network IP UDP - BLOCKING (228) (emerging-rbn-BLOCK.rules) 2407456 - ET RBN Known Russian Business Network IP TCP - BLOCKING (229) (emerging-rbn-BLOCK.rules) 2407457 - ET RBN Known Russian Business Network IP UDP - BLOCKING (229) (emerging-rbn-BLOCK.rules) 2407458 - ET RBN Known Russian Business Network IP TCP - BLOCKING (230) (emerging-rbn-BLOCK.rules) 2407459 - ET RBN Known Russian Business Network IP UDP - BLOCKING (230) (emerging-rbn-BLOCK.rules) 2407460 - ET RBN Known Russian Business Network IP TCP - BLOCKING (231) (emerging-rbn-BLOCK.rules) 2407461 - ET RBN Known Russian Business Network IP UDP - BLOCKING (231) (emerging-rbn-BLOCK.rules) 2407462 - ET RBN Known Russian Business Network IP TCP - BLOCKING (232) (emerging-rbn-BLOCK.rules) 2407463 - ET RBN Known Russian Business Network IP UDP - BLOCKING (232) (emerging-rbn-BLOCK.rules) 2407464 - ET RBN Known Russian Business Network IP TCP - BLOCKING (233) (emerging-rbn-BLOCK.rules) 2407465 - ET RBN Known Russian Business Network IP UDP - BLOCKING (233) (emerging-rbn-BLOCK.rules) 2407466 - ET RBN Known Russian Business Network IP TCP - BLOCKING (234) (emerging-rbn-BLOCK.rules) 2407467 - ET RBN Known Russian Business Network IP UDP - BLOCKING (234) (emerging-rbn-BLOCK.rules) 2407468 - ET RBN Known Russian Business Network IP TCP - BLOCKING (235) (emerging-rbn-BLOCK.rules) 2407469 - ET RBN Known Russian Business Network IP UDP - BLOCKING (235) (emerging-rbn-BLOCK.rules) 2407470 - ET RBN Known Russian Business Network IP TCP - BLOCKING (236) (emerging-rbn-BLOCK.rules) 2407471 - ET RBN Known Russian Business Network IP UDP - BLOCKING (236) (emerging-rbn-BLOCK.rules) 2407472 - ET RBN Known Russian Business Network IP TCP - BLOCKING (237) (emerging-rbn-BLOCK.rules) 2407473 - ET RBN Known Russian Business Network IP UDP - BLOCKING (237) (emerging-rbn-BLOCK.rules) 2407474 - ET RBN Known Russian Business Network IP TCP - BLOCKING (238) (emerging-rbn-BLOCK.rules) 2407475 - ET RBN Known Russian Business Network IP UDP - BLOCKING (238) (emerging-rbn-BLOCK.rules) 2407476 - ET RBN Known Russian Business Network IP TCP - BLOCKING (239) (emerging-rbn-BLOCK.rules) 2407477 - ET RBN Known Russian Business Network IP UDP - BLOCKING (239) (emerging-rbn-BLOCK.rules) 2407478 - ET RBN Known Russian Business Network IP TCP - BLOCKING (240) (emerging-rbn-BLOCK.rules) 2407479 - ET RBN Known Russian Business Network IP UDP - BLOCKING (240) (emerging-rbn-BLOCK.rules) 2407480 - ET RBN Known Russian Business Network IP TCP - BLOCKING (241) (emerging-rbn-BLOCK.rules) 2407481 - ET RBN Known Russian Business Network IP UDP - BLOCKING (241) (emerging-rbn-BLOCK.rules) 2407482 - ET RBN Known Russian Business Network IP TCP - BLOCKING (242) (emerging-rbn-BLOCK.rules) 2407483 - ET RBN Known Russian Business Network IP UDP - BLOCKING (242) (emerging-rbn-BLOCK.rules) 2407484 - ET RBN Known Russian Business Network IP TCP - BLOCKING (243) (emerging-rbn-BLOCK.rules) 2407485 - ET RBN Known Russian Business Network IP UDP - BLOCKING (243) (emerging-rbn-BLOCK.rules) 2407486 - ET RBN Known Russian Business Network IP TCP - BLOCKING (244) (emerging-rbn-BLOCK.rules) 2407487 - ET RBN Known Russian Business Network IP UDP - BLOCKING (244) (emerging-rbn-BLOCK.rules) 2407488 - ET RBN Known Russian Business Network IP TCP - BLOCKING (245) (emerging-rbn-BLOCK.rules) 2407489 - ET RBN Known Russian Business Network IP UDP - BLOCKING (245) (emerging-rbn-BLOCK.rules) 2407490 - ET RBN Known Russian Business Network IP TCP - BLOCKING (246) (emerging-rbn-BLOCK.rules) 2407491 - ET RBN Known Russian Business Network IP UDP - BLOCKING (246) (emerging-rbn-BLOCK.rules) 2407492 - ET RBN Known Russian Business Network IP TCP - BLOCKING (247) (emerging-rbn-BLOCK.rules) 2407493 - ET RBN Known Russian Business Network IP UDP - BLOCKING (247) (emerging-rbn-BLOCK.rules) 2407494 - ET RBN Known Russian Business Network IP TCP - BLOCKING (248) (emerging-rbn-BLOCK.rules) 2407495 - ET RBN Known Russian Business Network IP UDP - BLOCKING (248) (emerging-rbn-BLOCK.rules) 2407496 - ET RBN Known Russian Business Network IP TCP - BLOCKING (249) (emerging-rbn-BLOCK.rules) 2407497 - ET RBN Known Russian Business Network IP UDP - BLOCKING (249) (emerging-rbn-BLOCK.rules) 2407498 - ET RBN Known Russian Business Network IP TCP - BLOCKING (250) (emerging-rbn-BLOCK.rules) 2407499 - ET RBN Known Russian Business Network IP UDP - BLOCKING (250) (emerging-rbn-BLOCK.rules) 2407500 - ET RBN Known Russian Business Network IP TCP - BLOCKING (251) (emerging-rbn-BLOCK.rules) 2407501 - ET RBN Known Russian Business Network IP UDP - BLOCKING (251) (emerging-rbn-BLOCK.rules) 2407502 - ET RBN Known Russian Business Network IP TCP - BLOCKING (252) (emerging-rbn-BLOCK.rules) 2407503 - ET RBN Known Russian Business Network IP UDP - BLOCKING (252) (emerging-rbn-BLOCK.rules) 2407504 - ET RBN Known Russian Business Network IP TCP - BLOCKING (253) (emerging-rbn-BLOCK.rules) 2407505 - ET RBN Known Russian Business Network IP UDP - BLOCKING (253) (emerging-rbn-BLOCK.rules) 2407506 - ET RBN Known Russian Business Network IP TCP - BLOCKING (254) (emerging-rbn-BLOCK.rules) 2407507 - ET RBN Known Russian Business Network IP UDP - BLOCKING (254) (emerging-rbn-BLOCK.rules) 2407508 - ET RBN Known Russian Business Network IP TCP - BLOCKING (255) (emerging-rbn-BLOCK.rules) 2407509 - ET RBN Known Russian Business Network IP UDP - BLOCKING (255) (emerging-rbn-BLOCK.rules) 2407510 - ET RBN Known Russian Business Network IP TCP - BLOCKING (256) (emerging-rbn-BLOCK.rules) 2407511 - ET RBN Known Russian Business Network IP UDP - BLOCKING (256) (emerging-rbn-BLOCK.rules) 2407512 - ET RBN Known Russian Business Network IP TCP - BLOCKING (257) (emerging-rbn-BLOCK.rules) 2407513 - ET RBN Known Russian Business Network IP UDP - BLOCKING (257) (emerging-rbn-BLOCK.rules) 2407514 - ET RBN Known Russian Business Network IP TCP - BLOCKING (258) (emerging-rbn-BLOCK.rules) 2407515 - ET RBN Known Russian Business Network IP UDP - BLOCKING (258) (emerging-rbn-BLOCK.rules) 2407516 - ET RBN Known Russian Business Network IP TCP - BLOCKING (259) (emerging-rbn-BLOCK.rules) 2407517 - ET RBN Known Russian Business Network IP UDP - BLOCKING (259) (emerging-rbn-BLOCK.rules) 2407518 - ET RBN Known Russian Business Network IP TCP - BLOCKING (260) (emerging-rbn-BLOCK.rules) 2407519 - ET RBN Known Russian Business Network IP UDP - BLOCKING (260) (emerging-rbn-BLOCK.rules) 2407520 - ET RBN Known Russian Business Network IP TCP - BLOCKING (261) (emerging-rbn-BLOCK.rules) 2407521 - ET RBN Known Russian Business Network IP UDP - BLOCKING (261) (emerging-rbn-BLOCK.rules) 2407522 - ET RBN Known Russian Business Network IP TCP - BLOCKING (262) (emerging-rbn-BLOCK.rules) 2407523 - ET RBN Known Russian Business Network IP UDP - BLOCKING (262) (emerging-rbn-BLOCK.rules) 2407524 - ET RBN Known Russian Business Network IP TCP - BLOCKING (263) (emerging-rbn-BLOCK.rules) 2407525 - ET RBN Known Russian Business Network IP UDP - BLOCKING (263) (emerging-rbn-BLOCK.rules) 2407526 - ET RBN Known Russian Business Network IP TCP - BLOCKING (264) (emerging-rbn-BLOCK.rules) 2407527 - ET RBN Known Russian Business Network IP UDP - BLOCKING (264) (emerging-rbn-BLOCK.rules) 2407528 - ET RBN Known Russian Business Network IP TCP - BLOCKING (265) (emerging-rbn-BLOCK.rules) 2407529 - ET RBN Known Russian Business Network IP UDP - BLOCKING (265) (emerging-rbn-BLOCK.rules) 2407530 - ET RBN Known Russian Business Network IP TCP - BLOCKING (266) (emerging-rbn-BLOCK.rules) 2407531 - ET RBN Known Russian Business Network IP UDP - BLOCKING (266) (emerging-rbn-BLOCK.rules) 2407532 - ET RBN Known Russian Business Network IP TCP - BLOCKING (267) (emerging-rbn-BLOCK.rules) 2407533 - ET RBN Known Russian Business Network IP UDP - BLOCKING (267) (emerging-rbn-BLOCK.rules) 2407534 - ET RBN Known Russian Business Network IP TCP - BLOCKING (268) (emerging-rbn-BLOCK.rules) 2407535 - ET RBN Known Russian Business Network IP UDP - BLOCKING (268) (emerging-rbn-BLOCK.rules) 2407536 - ET RBN Known Russian Business Network IP TCP - BLOCKING (269) (emerging-rbn-BLOCK.rules) 2407537 - ET RBN Known Russian Business Network IP UDP - BLOCKING (269) (emerging-rbn-BLOCK.rules) 2407538 - ET RBN Known Russian Business Network IP TCP - BLOCKING (270) (emerging-rbn-BLOCK.rules) 2407539 - ET RBN Known Russian Business Network IP UDP - BLOCKING (270) (emerging-rbn-BLOCK.rules) 2407540 - ET RBN Known Russian Business Network IP TCP - BLOCKING (271) (emerging-rbn-BLOCK.rules) 2407541 - ET RBN Known Russian Business Network IP UDP - BLOCKING (271) (emerging-rbn-BLOCK.rules) 2407542 - ET RBN Known Russian Business Network IP TCP - BLOCKING (272) (emerging-rbn-BLOCK.rules) 2407543 - ET RBN Known Russian Business Network IP UDP - BLOCKING (272) (emerging-rbn-BLOCK.rules) 2407544 - ET RBN Known Russian Business Network IP TCP - BLOCKING (273) (emerging-rbn-BLOCK.rules) 2407545 - ET RBN Known Russian Business Network IP UDP - BLOCKING (273) (emerging-rbn-BLOCK.rules) 2407546 - ET RBN Known Russian Business Network IP TCP - BLOCKING (274) (emerging-rbn-BLOCK.rules) 2407547 - ET RBN Known Russian Business Network IP UDP - BLOCKING (274) (emerging-rbn-BLOCK.rules) 2407548 - ET RBN Known Russian Business Network IP TCP - BLOCKING (275) (emerging-rbn-BLOCK.rules) 2407549 - ET RBN Known Russian Business Network IP UDP - BLOCKING (275) (emerging-rbn-BLOCK.rules) 2407550 - ET RBN Known Russian Business Network IP TCP - BLOCKING (276) (emerging-rbn-BLOCK.rules) 2407551 - ET RBN Known Russian Business Network IP UDP - BLOCKING (276) (emerging-rbn-BLOCK.rules) 2407552 - ET RBN Known Russian Business Network IP TCP - BLOCKING (277) (emerging-rbn-BLOCK.rules) 2407553 - ET RBN Known Russian Business Network IP UDP - BLOCKING (277) (emerging-rbn-BLOCK.rules) 2407554 - ET RBN Known Russian Business Network IP TCP - BLOCKING (278) (emerging-rbn-BLOCK.rules) 2407555 - ET RBN Known Russian Business Network IP UDP - BLOCKING (278) (emerging-rbn-BLOCK.rules) 2407556 - ET RBN Known Russian Business Network IP TCP - BLOCKING (279) (emerging-rbn-BLOCK.rules) 2407557 - ET RBN Known Russian Business Network IP UDP - BLOCKING (279) (emerging-rbn-BLOCK.rules) 2407558 - ET RBN Known Russian Business Network IP TCP - BLOCKING (280) (emerging-rbn-BLOCK.rules) 2407559 - ET RBN Known Russian Business Network IP UDP - BLOCKING (280) (emerging-rbn-BLOCK.rules) 2407560 - ET RBN Known Russian Business Network IP TCP - BLOCKING (281) (emerging-rbn-BLOCK.rules) 2407561 - ET RBN Known Russian Business Network IP UDP - BLOCKING (281) (emerging-rbn-BLOCK.rules) 2407562 - ET RBN Known Russian Business Network IP TCP - BLOCKING (282) (emerging-rbn-BLOCK.rules) 2407563 - ET RBN Known Russian Business Network IP UDP - BLOCKING (282) (emerging-rbn-BLOCK.rules) 2407564 - ET RBN Known Russian Business Network IP TCP - BLOCKING (283) (emerging-rbn-BLOCK.rules) 2407565 - ET RBN Known Russian Business Network IP UDP - BLOCKING (283) (emerging-rbn-BLOCK.rules) 2407566 - ET RBN Known Russian Business Network IP TCP - BLOCKING (284) (emerging-rbn-BLOCK.rules) 2407567 - ET RBN Known Russian Business Network IP UDP - BLOCKING (284) (emerging-rbn-BLOCK.rules) 2407568 - ET RBN Known Russian Business Network IP TCP - BLOCKING (285) (emerging-rbn-BLOCK.rules) 2407569 - ET RBN Known Russian Business Network IP UDP - BLOCKING (285) (emerging-rbn-BLOCK.rules) 2407570 - ET RBN Known Russian Business Network IP TCP - BLOCKING (286) (emerging-rbn-BLOCK.rules) 2407571 - ET RBN Known Russian Business Network IP UDP - BLOCKING (286) (emerging-rbn-BLOCK.rules) 2407572 - ET RBN Known Russian Business Network IP TCP - BLOCKING (287) (emerging-rbn-BLOCK.rules) 2407573 - ET RBN Known Russian Business Network IP UDP - BLOCKING (287) (emerging-rbn-BLOCK.rules) 2407574 - ET RBN Known Russian Business Network IP TCP - BLOCKING (288) (emerging-rbn-BLOCK.rules) 2407575 - ET RBN Known Russian Business Network IP UDP - BLOCKING (288) (emerging-rbn-BLOCK.rules) 2407576 - ET RBN Known Russian Business Network IP TCP - BLOCKING (289) (emerging-rbn-BLOCK.rules) 2407577 - ET RBN Known Russian Business Network IP UDP - BLOCKING (289) (emerging-rbn-BLOCK.rules) 2407578 - ET RBN Known Russian Business Network IP TCP - BLOCKING (290) (emerging-rbn-BLOCK.rules) 2407579 - ET RBN Known Russian Business Network IP UDP - BLOCKING (290) (emerging-rbn-BLOCK.rules) 2407580 - ET RBN Known Russian Business Network IP TCP - BLOCKING (291) (emerging-rbn-BLOCK.rules) 2407581 - ET RBN Known Russian Business Network IP UDP - BLOCKING (291) (emerging-rbn-BLOCK.rules) 2407582 - ET RBN Known Russian Business Network IP TCP - BLOCKING (292) (emerging-rbn-BLOCK.rules) 2407583 - ET RBN Known Russian Business Network IP UDP - BLOCKING (292) (emerging-rbn-BLOCK.rules) 2407584 - ET RBN Known Russian Business Network IP TCP - BLOCKING (293) (emerging-rbn-BLOCK.rules) 2407585 - ET RBN Known Russian Business Network IP UDP - BLOCKING (293) (emerging-rbn-BLOCK.rules) 2407586 - ET RBN Known Russian Business Network IP TCP - BLOCKING (294) (emerging-rbn-BLOCK.rules) 2407587 - ET RBN Known Russian Business Network IP UDP - BLOCKING (294) (emerging-rbn-BLOCK.rules) 2407588 - ET RBN Known Russian Business Network IP TCP - BLOCKING (295) (emerging-rbn-BLOCK.rules) 2407589 - ET RBN Known Russian Business Network IP UDP - BLOCKING (295) (emerging-rbn-BLOCK.rules) 2407590 - ET RBN Known Russian Business Network IP TCP - BLOCKING (296) (emerging-rbn-BLOCK.rules) 2407591 - ET RBN Known Russian Business Network IP UDP - BLOCKING (296) (emerging-rbn-BLOCK.rules) 2407592 - ET RBN Known Russian Business Network IP TCP - BLOCKING (297) (emerging-rbn-BLOCK.rules) 2407593 - ET RBN Known Russian Business Network IP UDP - BLOCKING (297) (emerging-rbn-BLOCK.rules) 2407594 - ET RBN Known Russian Business Network IP TCP - BLOCKING (298) (emerging-rbn-BLOCK.rules) 2407595 - ET RBN Known Russian Business Network IP UDP - BLOCKING (298) (emerging-rbn-BLOCK.rules) 2407596 - ET RBN Known Russian Business Network IP TCP - BLOCKING (299) (emerging-rbn-BLOCK.rules) 2407597 - ET RBN Known Russian Business Network IP UDP - BLOCKING (299) (emerging-rbn-BLOCK.rules) 2407598 - ET RBN Known Russian Business Network IP TCP - BLOCKING (300) (emerging-rbn-BLOCK.rules) 2407599 - ET RBN Known Russian Business Network IP UDP - BLOCKING (300) (emerging-rbn-BLOCK.rules) 2407600 - ET RBN Known Russian Business Network IP TCP - BLOCKING (301) (emerging-rbn-BLOCK.rules) 2407601 - ET RBN Known Russian Business Network IP UDP - BLOCKING (301) (emerging-rbn-BLOCK.rules) 2407602 - ET RBN Known Russian Business Network IP TCP - BLOCKING (302) (emerging-rbn-BLOCK.rules) 2407603 - ET RBN Known Russian Business Network IP UDP - BLOCKING (302) (emerging-rbn-BLOCK.rules) 2407604 - ET RBN Known Russian Business Network IP TCP - BLOCKING (303) (emerging-rbn-BLOCK.rules) 2407605 - ET RBN Known Russian Business Network IP UDP - BLOCKING (303) (emerging-rbn-BLOCK.rules) 2407606 - ET RBN Known Russian Business Network IP TCP - BLOCKING (304) (emerging-rbn-BLOCK.rules) 2407607 - ET RBN Known Russian Business Network IP UDP - BLOCKING (304) (emerging-rbn-BLOCK.rules) 2407608 - ET RBN Known Russian Business Network IP TCP - BLOCKING (305) (emerging-rbn-BLOCK.rules) 2407609 - ET RBN Known Russian Business Network IP UDP - BLOCKING (305) (emerging-rbn-BLOCK.rules) 2407610 - ET RBN Known Russian Business Network IP TCP - BLOCKING (306) (emerging-rbn-BLOCK.rules) 2407611 - ET RBN Known Russian Business Network IP UDP - BLOCKING (306) (emerging-rbn-BLOCK.rules) 2407612 - ET RBN Known Russian Business Network IP TCP - BLOCKING (307) (emerging-rbn-BLOCK.rules) 2407613 - ET RBN Known Russian Business Network IP UDP - BLOCKING (307) (emerging-rbn-BLOCK.rules) 2407614 - ET RBN Known Russian Business Network IP TCP - BLOCKING (308) (emerging-rbn-BLOCK.rules) 2407615 - ET RBN Known Russian Business Network IP UDP - BLOCKING (308) (emerging-rbn-BLOCK.rules) 2407616 - ET RBN Known Russian Business Network IP TCP - BLOCKING (309) (emerging-rbn-BLOCK.rules) 2407617 - ET RBN Known Russian Business Network IP UDP - BLOCKING (309) (emerging-rbn-BLOCK.rules) 2407618 - ET RBN Known Russian Business Network IP TCP - BLOCKING (310) (emerging-rbn-BLOCK.rules) 2407619 - ET RBN Known Russian Business Network IP UDP - BLOCKING (310) (emerging-rbn-BLOCK.rules) [+++] Added non-rule lines: [+++] -> Added to emerging-drop-BLOCK.rules (2): # VERSION 1569 # Generated 2009-06-13 00:03:03 EDT -> Added to emerging-drop.rules (2): # VERSION 1569 # Generated 2009-06-13 00:03:03 EDT -> Added to emerging-policy.rules (1): #Needs tweaking ... aight, tweaked... needs testing now :) -> Added to emerging-rbn-BLOCK.rules (2): # VERSION 133 # Updated 2009-06-13 12:37:44 -> Added to emerging-rbn.rules (2): # VERSION 133 # Updated 2009-06-13 12:37:44 -> Added to emerging-sid-msg.map (181): 2009375 || ET POLICY General MSN Chat Activity || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/POLICY/POLICY_IM_MSN || url,doc.emergingthreats.net/2009375 || url,www.hypothetic.org/docs/msn/general/http_examples.php 2009376 || ET POLICY MSN User-Agent Activity || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/POLICY/POLICY_IM_MSN || url,doc.emergingthreats.net/2009376 || url,www.hypothetic.org/docs/msn/general/http_examples.php 2009377 || ET WEB_SPECIFIC Acute Control Panel container.php theme_directory parameter local file inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_Acute || url,doc.emergingthreats.net/2009377 || url,milw0rm.com/exploits/8291 || bugtraq,34265 || url,secunia.com/advisories/34485/ 2009378 || ET WEB_SPECIFIC Acute Control Panel container.php theme_directory parameter remote file inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_Acute || url,doc.emergingthreats.net/2009378 || url,milw0rm.com/exploits/8291 || bugtraq,34265 || url,secunia.com/advisories/34485/ 2009379 || ET WEB_SPECIFIC Acute Control Panel header.php theme_directory parameter remote file inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_Acute || url,doc.emergingthreats.net/2009379 || url,milw0rm.com/exploits/8291 || bugtraq,34265 || url,secunia.com/advisories/34485/ 2009380 || ET WEB_SPECIFIC Acute Control Panel header.php theme_directory parameter local file inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_Acute || url,doc.emergingthreats.net/2009380 || url,milw0rm.com/exploits/8291 || bugtraq,34265 || url,secunia.com/advisories/34485/ 2009381 || ET WEB_SPECIFIC Interact embedforum.php Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_Interact || url,doc.emergingthreats.net/2009381 || bugtraq,28996 || url,milw0rm.com/exploits/5526 2009382 || ET WEB_SPECIFIC Agares Media ThemeSiteScript frontpage_right.php Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_Agares || url,doc.emergingthreats.net/2009382 || url,vupen.com/english/advisories/2008/2959 || url,milw0rm.com/exploits/6859 || bugtraq,31959 2009383 || ET WEB_SPECIFIC Joomla Dada Mail Manager Component config.dadamail.php GLOBALS Parameter Local File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_Joomla_Dada || url,doc.emergingthreats.net/2009383 || url,milw0rm.com/exploits/7002 || bugtraq,32135 || url,secunia.com/advisories/32551 2009384 || ET WEB_SPECIFIC Joomla Dada Mail Manager Component config.dadamail.php GLOBALS Parameter Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_Joomla_Dada || url,doc.emergingthreats.net/2009384 || url,milw0rm.com/exploits/7002 || bugtraq,32135 || url,secunia.com/advisories/32551 2009385 || ET WEB Symantec WinFax Pro DCCFAXVW.DLL Heap Buffer Overflow || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_Symantec || url,doc.emergingthreats.net/2009385 || url,milw0rm.com/exploits/8562 || bugtraq,34766 2009386 || ET WEB_SPECIFIC Interact lib.inc.php Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_Interact || url,doc.emergingthreats.net/2009386 || bugtraq,28996 || url,milw0rm.com/exploits/5526 2009387 || ET POLICY PPTP Requester is not authorized to establish a command channel || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/POLICY/POLICY_PPTP || url,doc.emergingthreats.net/2009387 || url,tools.ietf.org/html/rfc2637 2009388 || ET TROJAN Bredolab Downloader Response Binaries from Controller || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/VIRUS/TROJAN_Bredolab || url,doc.emergingthreats.net/2009388 || url,www.microsoft.com/security/portal/Entry.aspx?Name=TrojanDownloader\:Win32/Bredolab.B 2009389 || ET TROJAN Tornado Pack Binary Request || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/VIRUS/TROJAN_Tornado || url,doc.emergingthreats.net/2009389 || url,dxp2532.blogspot.com/2009/05/tornado-exploit-pack.html 2009390 || ET WEB_SPECIFIC PHPizabi dac.php sendChatData Parameter Local File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_PHPizabi || url,doc.emergingthreats.net/2009390 || bugtraq,34213 || url,milw0rm.com/exploits/8268 2009391 || ET WEB_SPECIFIC Joomla Onguma Time Sheet Component onguma.class.php mosConfig_absolute_path Parameter Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_Joomla_Onguma || url,doc.emergingthreats.net/2009391 || url,milw0rm.com/exploits/6976 || cve,CVE-2008-6347 || bugtraq,32095 2009393 || ET WEB_SPECIFIC YouTube Blog cuerpo.php base_archivo Local File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_Youtube_Blog || url,doc.emergingthreats.net/2009393 || url,secunia.com/advisories/31161 || bugtraq,30345 || url,milw0rm.com/exploits/6117 2009394 || ET WEB_SPECIFIC GDL gdl.php node Parameter SQL Injection || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_GDL || url,doc.emergingthreats.net/2009394 || url,milw0rm.com/exploits/8228 || bugtraq,34144 2009395 || ET WEB_SPECIFIC OTManager ADM_Pagina.php Tipo Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_OTManager || url,doc.emergingthreats.net/2009395 || url,secunia.com/advisories/32645 || url,vupen.com/english/advisories/2008/3093 || cve,CVE-2008-5063 2009396 || ET WEB_SPECIFIC OTManager ADM_Pagina.php Tipo Local File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_OTManager || url,doc.emergingthreats.net/2009396 || url,secunia.com/advisories/32645 || url,vupen.com/english/advisories/2008/3093 || cve,CVE-2008-5063 2009397 || ET WEB_SPECIFIC phpProfiles body_comm.inc.php content parameter remote file inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_phpProfiles || url,doc.emergingthreats.net/2009397 || url,milw0rm.com/exploits/5175 || bugtraq,27952 2009398 || ET WEB_SPECIFIC HoMaP plugin_admin.php _settings Parameter Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_HoMaP || url,doc.emergingthreats.net/2009398 || bugtraq,29877 || url,milw0rm.com/exploits/5902 2009399 || ET WEB_ACTIVEX Autodesk IDrop Indicator ActiveX Control Memory Corruption || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_Autodesk || url,doc.emergingthreats.net/2009399 || url,milw0rm.com/exploits/8560 || url,vupen.com/english/advisories/2009/0942 || url,archives.neohapsis.com/archives/fulldisclosure/2009-04/0020.html || url,secunia.com/advisories/34563/ 2009400 || ET WEB_ACTIVEX Microsoft Communications Control Clsid Access || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_MSCC || url,doc.emergingthreats.net/2009400 || url,www.microsoft.com/technet/security/advisory/969898.mspx 2009402 || ET WEB_ACTIVEX eBay Enhanced Picture Services Control Clsid Access (1) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_Ebay || url,doc.emergingthreats.net/2009402 || url,pages.ebay.com/securitycenter/activex/index.html || url,www.microsoft.com/technet/security/advisory/969898.mspx 2009403 || ET WEB_ACTIVEX eBay Enhanced Picture Services Control Clsid Access (2) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_Ebay || url,doc.emergingthreats.net/2009403 || url,pages.ebay.com/securitycenter/activex/index.html || url,www.microsoft.com/technet/security/advisory/969898.mspx 2009404 || ET WEB_ACTIVEX HP Virtual Rooms Control Clsid Access || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_HP_Virtual_Rooms || url,doc.emergingthreats.net/2009404 || url,h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01678405 || url,www.microsoft.com/technet/security/advisory/969898.mspx 2009405 || ET TROJAN Personal Defender 2009 - prinimalka.py || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/VIRUS/TROJAN_Personal_Defender || url,doc.emergingthreats.net/2009405 || url,malwarebytes.besttechie.net/2008/11/03/removal-instructions-for-personal-defender-2009/ 2009406 || ET TROJAN Personal Defender 2009 - trash.py || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/VIRUS/TROJAN_Personal_Defender || url,doc.emergingthreats.net/2009406 || url,malwarebytes.besttechie.net/2008/11/03/removal-instructions-for-personal-defender-2009/ 2009407 || ET TROJAN Koobface BLACKLABEL || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/VIRUS/TROJAN_Koobface || url,doc.emergingthreats.net/2009407 || url,blog.threatexpert.com/2008/12/koobface-leaves-victims-black-spot.html 2404024 || ET DROP Known Bot C&C Server Traffic (group 25) || url,www.shadowserver.org 2405024 || ET DROP Known Bot C&C Traffic (group 25) - BLOCKING SOURCE || url,www.shadowserver.org 2406620 || ET RBN Known Russian Business Network IP TCP (311) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406621 || ET RBN Known Russian Business Network IP UDP (311) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406622 || ET RBN Known Russian Business Network IP TCP (312) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406623 || ET RBN Known Russian Business Network IP UDP (312) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406624 || ET RBN Known Russian Business Network IP TCP (313) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406625 || ET RBN Known Russian Business Network IP UDP (313) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406626 || ET RBN Known Russian Business Network IP TCP (314) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406627 || ET RBN Known Russian Business Network IP UDP (314) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406628 || ET RBN Known Russian Business Network IP TCP (315) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406629 || ET RBN Known Russian Business Network IP UDP (315) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406630 || ET RBN Known Russian Business Network IP TCP (316) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406631 || ET RBN Known Russian Business Network IP UDP (316) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406632 || ET RBN Known Russian Business Network IP TCP (317) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406633 || ET RBN Known Russian Business Network IP UDP (317) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406634 || ET RBN Known Russian Business Network IP TCP (318) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406635 || ET RBN Known Russian Business Network IP UDP (318) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406636 || ET RBN Known Russian Business Network IP TCP (319) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406637 || ET RBN Known Russian Business Network IP UDP (319) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406638 || ET RBN Known Russian Business Network IP TCP (320) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406639 || ET RBN Known Russian Business Network IP UDP (320) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406640 || ET RBN Known Russian Business Network IP TCP (321) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406641 || ET RBN Known Russian Business Network IP UDP (321) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406642 || ET RBN Known Russian Business Network IP TCP (322) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406643 || ET RBN Known Russian Business Network IP UDP (322) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406644 || ET RBN Known Russian Business Network IP TCP (323) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406645 || ET RBN Known Russian Business Network IP UDP (323) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406646 || ET RBN Known Russian Business Network IP TCP (324) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406647 || ET RBN Known Russian Business Network IP UDP (324) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406648 || ET RBN Known Russian Business Network IP TCP (325) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406649 || ET RBN Known Russian Business Network IP UDP (325) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406650 || ET RBN Known Russian Business Network IP TCP (326) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406651 || ET RBN Known Russian Business Network IP UDP (326) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406652 || ET RBN Known Russian Business Network IP TCP (327) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406653 || ET RBN Known Russian Business Network IP UDP (327) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406654 || ET RBN Known Russian Business Network IP TCP (328) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406655 || ET RBN Known Russian Business Network IP UDP (328) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406656 || ET RBN Known Russian Business Network IP TCP (329) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406657 || ET RBN Known Russian Business Network IP UDP (329) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406658 || ET RBN Known Russian Business Network IP TCP (330) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406659 || ET RBN Known Russian Business Network IP UDP (330) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406660 || ET RBN Known Russian Business Network IP TCP (331) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406661 || ET RBN Known Russian Business Network IP UDP (331) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406662 || ET RBN Known Russian Business Network IP TCP (332) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406663 || ET RBN Known Russian Business Network IP UDP (332) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406664 || ET RBN Known Russian Business Network IP TCP (333) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406665 || ET RBN Known Russian Business Network IP UDP (333) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406666 || ET RBN Known Russian Business Network IP TCP (334) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406667 || ET RBN Known Russian Business Network IP UDP (334) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406668 || ET RBN Known Russian Business Network IP TCP (335) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406669 || ET RBN Known Russian Business Network IP UDP (335) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406670 || ET RBN Known Russian Business Network IP TCP (336) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406671 || ET RBN Known Russian Business Network IP UDP (336) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406672 || ET RBN Known Russian Business Network IP TCP (337) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406673 || ET RBN Known Russian Business Network IP UDP (337) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406674 || ET RBN Known Russian Business Network IP TCP (338) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406675 || ET RBN Known Russian Business Network IP UDP (338) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406676 || ET RBN Known Russian Business Network IP TCP (339) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406677 || ET RBN Known Russian Business Network IP UDP (339) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406678 || ET RBN Known Russian Business Network IP TCP (340) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406679 || ET RBN Known Russian Business Network IP UDP (340) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406680 || ET RBN Known Russian Business Network IP TCP (341) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406681 || ET RBN Known Russian Business Network IP UDP (341) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406682 || ET RBN Known Russian Business Network IP TCP (342) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406683 || ET RBN Known Russian Business Network IP UDP (342) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406684 || ET RBN Known Russian Business Network IP TCP (343) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406685 || ET RBN Known Russian Business Network IP UDP (343) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406686 || ET RBN Known Russian Business Network IP TCP (344) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406687 || ET RBN Known Russian Business Network IP UDP (344) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406688 || ET RBN Known Russian Business Network IP TCP (345) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406689 || ET RBN Known Russian Business Network IP UDP (345) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407620 || ET RBN Known Russian Business Network IP TCP - BLOCKING (311) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407621 || ET RBN Known Russian Business Network IP UDP - BLOCKING (311) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407622 || ET RBN Known Russian Business Network IP TCP - BLOCKING (312) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407623 || ET RBN Known Russian Business Network IP UDP - BLOCKING (312) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407624 || ET RBN Known Russian Business Network IP TCP - BLOCKING (313) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407625 || ET RBN Known Russian Business Network IP UDP - BLOCKING (313) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407626 || ET RBN Known Russian Business Network IP TCP - BLOCKING (314) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407627 || ET RBN Known Russian Business Network IP UDP - BLOCKING (314) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407628 || ET RBN Known Russian Business Network IP TCP - BLOCKING (315) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407629 || ET RBN Known Russian Business Network IP UDP - BLOCKING (315) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407630 || ET RBN Known Russian Business Network IP TCP - BLOCKING (316) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407631 || ET RBN Known Russian Business Network IP UDP - BLOCKING (316) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407632 || ET RBN Known Russian Business Network IP TCP - BLOCKING (317) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407633 || ET RBN Known Russian Business Network IP UDP - BLOCKING (317) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407634 || ET RBN Known Russian Business Network IP TCP - BLOCKING (318) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407635 || ET RBN Known Russian Business Network IP UDP - BLOCKING (318) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407636 || ET RBN Known Russian Business Network IP TCP - BLOCKING (319) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407637 || ET RBN Known Russian Business Network IP UDP - BLOCKING (319) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407638 || ET RBN Known Russian Business Network IP TCP - BLOCKING (320) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407639 || ET RBN Known Russian Business Network IP UDP - BLOCKING (320) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407640 || ET RBN Known Russian Business Network IP TCP - BLOCKING (321) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407641 || ET RBN Known Russian Business Network IP UDP - BLOCKING (321) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407642 || ET RBN Known Russian Business Network IP TCP - BLOCKING (322) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407643 || ET RBN Known Russian Business Network IP UDP - BLOCKING (322) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407644 || ET RBN Known Russian Business Network IP TCP - BLOCKING (323) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407645 || ET RBN Known Russian Business Network IP UDP - BLOCKING (323) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407646 || ET RBN Known Russian Business Network IP TCP - BLOCKING (324) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407647 || ET RBN Known Russian Business Network IP UDP - BLOCKING (324) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407648 || ET RBN Known Russian Business Network IP TCP - BLOCKING (325) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407649 || ET RBN Known Russian Business Network IP UDP - BLOCKING (325) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407650 || ET RBN Known Russian Business Network IP TCP - BLOCKING (326) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407651 || ET RBN Known Russian Business Network IP UDP - BLOCKING (326) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407652 || ET RBN Known Russian Business Network IP TCP - BLOCKING (327) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407653 || ET RBN Known Russian Business Network IP UDP - BLOCKING (327) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407654 || ET RBN Known Russian Business Network IP TCP - BLOCKING (328) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407655 || ET RBN Known Russian Business Network IP UDP - BLOCKING (328) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407656 || ET RBN Known Russian Business Network IP TCP - BLOCKING (329) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407657 || ET RBN Known Russian Business Network IP UDP - BLOCKING (329) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407658 || ET RBN Known Russian Business Network IP TCP - BLOCKING (330) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407659 || ET RBN Known Russian Business Network IP UDP - BLOCKING (330) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407660 || ET RBN Known Russian Business Network IP TCP - BLOCKING (331) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407661 || ET RBN Known Russian Business Network IP UDP - BLOCKING (331) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407662 || ET RBN Known Russian Business Network IP TCP - BLOCKING (332) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407663 || ET RBN Known Russian Business Network IP UDP - BLOCKING (332) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407664 || ET RBN Known Russian Business Network IP TCP - BLOCKING (333) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407665 || ET RBN Known Russian Business Network IP UDP - BLOCKING (333) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407666 || ET RBN Known Russian Business Network IP TCP - BLOCKING (334) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407667 || ET RBN Known Russian Business Network IP UDP - BLOCKING (334) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407668 || ET RBN Known Russian Business Network IP TCP - BLOCKING (335) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407669 || ET RBN Known Russian Business Network IP UDP - BLOCKING (335) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407670 || ET RBN Known Russian Business Network IP TCP - BLOCKING (336) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407671 || ET RBN Known Russian Business Network IP UDP - BLOCKING (336) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407672 || ET RBN Known Russian Business Network IP TCP - BLOCKING (337) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407673 || ET RBN Known Russian Business Network IP UDP - BLOCKING (337) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407674 || ET RBN Known Russian Business Network IP TCP - BLOCKING (338) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407675 || ET RBN Known Russian Business Network IP UDP - BLOCKING (338) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407676 || ET RBN Known Russian Business Network IP TCP - BLOCKING (339) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407677 || ET RBN Known Russian Business Network IP UDP - BLOCKING (339) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407678 || ET RBN Known Russian Business Network IP TCP - BLOCKING (340) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407679 || ET RBN Known Russian Business Network IP UDP - BLOCKING (340) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407680 || ET RBN Known Russian Business Network IP TCP - BLOCKING (341) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407681 || ET RBN Known Russian Business Network IP UDP - BLOCKING (341) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407682 || ET RBN Known Russian Business Network IP TCP - BLOCKING (342) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407683 || ET RBN Known Russian Business Network IP UDP - BLOCKING (342) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407684 || ET RBN Known Russian Business Network IP TCP - BLOCKING (343) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407685 || ET RBN Known Russian Business Network IP UDP - BLOCKING (343) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407686 || ET RBN Known Russian Business Network IP TCP - BLOCKING (344) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407687 || ET RBN Known Russian Business Network IP UDP - BLOCKING (344) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407688 || ET RBN Known Russian Business Network IP TCP - BLOCKING (345) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407689 || ET RBN Known Russian Business Network IP UDP - BLOCKING (345) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2500302 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (152) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500303 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (152) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500304 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (153) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500305 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (153) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510302 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (152) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510303 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (152) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510304 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (153) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510305 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (153) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts -> Added to emerging-sid-msg.map.txt (181): 2009375 || ET POLICY General MSN Chat Activity || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/POLICY/POLICY_IM_MSN || url,doc.emergingthreats.net/2009375 || url,www.hypothetic.org/docs/msn/general/http_examples.php 2009376 || ET POLICY MSN User-Agent Activity || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/POLICY/POLICY_IM_MSN || url,doc.emergingthreats.net/2009376 || url,www.hypothetic.org/docs/msn/general/http_examples.php 2009377 || ET WEB_SPECIFIC Acute Control Panel container.php theme_directory parameter local file inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_Acute || url,doc.emergingthreats.net/2009377 || url,milw0rm.com/exploits/8291 || bugtraq,34265 || url,secunia.com/advisories/34485/ 2009378 || ET WEB_SPECIFIC Acute Control Panel container.php theme_directory parameter remote file inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_Acute || url,doc.emergingthreats.net/2009378 || url,milw0rm.com/exploits/8291 || bugtraq,34265 || url,secunia.com/advisories/34485/ 2009379 || ET WEB_SPECIFIC Acute Control Panel header.php theme_directory parameter remote file inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_Acute || url,doc.emergingthreats.net/2009379 || url,milw0rm.com/exploits/8291 || bugtraq,34265 || url,secunia.com/advisories/34485/ 2009380 || ET WEB_SPECIFIC Acute Control Panel header.php theme_directory parameter local file inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_Acute || url,doc.emergingthreats.net/2009380 || url,milw0rm.com/exploits/8291 || bugtraq,34265 || url,secunia.com/advisories/34485/ 2009381 || ET WEB_SPECIFIC Interact embedforum.php Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_Interact || url,doc.emergingthreats.net/2009381 || bugtraq,28996 || url,milw0rm.com/exploits/5526 2009382 || ET WEB_SPECIFIC Agares Media ThemeSiteScript frontpage_right.php Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_Agares || url,doc.emergingthreats.net/2009382 || url,vupen.com/english/advisories/2008/2959 || url,milw0rm.com/exploits/6859 || bugtraq,31959 2009383 || ET WEB_SPECIFIC Joomla Dada Mail Manager Component config.dadamail.php GLOBALS Parameter Local File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_Joomla_Dada || url,doc.emergingthreats.net/2009383 || url,milw0rm.com/exploits/7002 || bugtraq,32135 || url,secunia.com/advisories/32551 2009384 || ET WEB_SPECIFIC Joomla Dada Mail Manager Component config.dadamail.php GLOBALS Parameter Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_Joomla_Dada || url,doc.emergingthreats.net/2009384 || url,milw0rm.com/exploits/7002 || bugtraq,32135 || url,secunia.com/advisories/32551 2009385 || ET WEB Symantec WinFax Pro DCCFAXVW.DLL Heap Buffer Overflow || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_Symantec || url,doc.emergingthreats.net/2009385 || url,milw0rm.com/exploits/8562 || bugtraq,34766 2009386 || ET WEB_SPECIFIC Interact lib.inc.php Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_Interact || url,doc.emergingthreats.net/2009386 || bugtraq,28996 || url,milw0rm.com/exploits/5526 2009387 || ET POLICY PPTP Requester is not authorized to establish a command channel || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/POLICY/POLICY_PPTP || url,doc.emergingthreats.net/2009387 || url,tools.ietf.org/html/rfc2637 2009388 || ET TROJAN Bredolab Downloader Response Binaries from Controller || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/VIRUS/TROJAN_Bredolab || url,doc.emergingthreats.net/2009388 || url,www.microsoft.com/security/portal/Entry.aspx?Name=TrojanDownloader\:Win32/Bredolab.B 2009389 || ET TROJAN Tornado Pack Binary Request || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/VIRUS/TROJAN_Tornado || url,doc.emergingthreats.net/2009389 || url,dxp2532.blogspot.com/2009/05/tornado-exploit-pack.html 2009390 || ET WEB_SPECIFIC PHPizabi dac.php sendChatData Parameter Local File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_PHPizabi || url,doc.emergingthreats.net/2009390 || bugtraq,34213 || url,milw0rm.com/exploits/8268 2009391 || ET WEB_SPECIFIC Joomla Onguma Time Sheet Component onguma.class.php mosConfig_absolute_path Parameter Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_Joomla_Onguma || url,doc.emergingthreats.net/2009391 || url,milw0rm.com/exploits/6976 || cve,CVE-2008-6347 || bugtraq,32095 2009393 || ET WEB_SPECIFIC YouTube Blog cuerpo.php base_archivo Local File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_Youtube_Blog || url,doc.emergingthreats.net/2009393 || url,secunia.com/advisories/31161 || bugtraq,30345 || url,milw0rm.com/exploits/6117 2009394 || ET WEB_SPECIFIC GDL gdl.php node Parameter SQL Injection || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_GDL || url,doc.emergingthreats.net/2009394 || url,milw0rm.com/exploits/8228 || bugtraq,34144 2009395 || ET WEB_SPECIFIC OTManager ADM_Pagina.php Tipo Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_OTManager || url,doc.emergingthreats.net/2009395 || url,secunia.com/advisories/32645 || url,vupen.com/english/advisories/2008/3093 || cve,CVE-2008-5063 2009396 || ET WEB_SPECIFIC OTManager ADM_Pagina.php Tipo Local File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_OTManager || url,doc.emergingthreats.net/2009396 || url,secunia.com/advisories/32645 || url,vupen.com/english/advisories/2008/3093 || cve,CVE-2008-5063 2009397 || ET WEB_SPECIFIC phpProfiles body_comm.inc.php content parameter remote file inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_phpProfiles || url,doc.emergingthreats.net/2009397 || url,milw0rm.com/exploits/5175 || bugtraq,27952 2009398 || ET WEB_SPECIFIC HoMaP plugin_admin.php _settings Parameter Remote File Inclusion || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_HoMaP || url,doc.emergingthreats.net/2009398 || bugtraq,29877 || url,milw0rm.com/exploits/5902 2009399 || ET WEB_ACTIVEX Autodesk IDrop Indicator ActiveX Control Memory Corruption || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_Autodesk || url,doc.emergingthreats.net/2009399 || url,milw0rm.com/exploits/8560 || url,vupen.com/english/advisories/2009/0942 || url,archives.neohapsis.com/archives/fulldisclosure/2009-04/0020.html || url,secunia.com/advisories/34563/ 2009400 || ET WEB_ACTIVEX Microsoft Communications Control Clsid Access || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_MSCC || url,doc.emergingthreats.net/2009400 || url,www.microsoft.com/technet/security/advisory/969898.mspx 2009402 || ET WEB_ACTIVEX eBay Enhanced Picture Services Control Clsid Access (1) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_Ebay || url,doc.emergingthreats.net/2009402 || url,pages.ebay.com/securitycenter/activex/index.html || url,www.microsoft.com/technet/security/advisory/969898.mspx 2009403 || ET WEB_ACTIVEX eBay Enhanced Picture Services Control Clsid Access (2) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_Ebay || url,doc.emergingthreats.net/2009403 || url,pages.ebay.com/securitycenter/activex/index.html || url,www.microsoft.com/technet/security/advisory/969898.mspx 2009404 || ET WEB_ACTIVEX HP Virtual Rooms Control Clsid Access || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_HP_Virtual_Rooms || url,doc.emergingthreats.net/2009404 || url,h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01678405 || url,www.microsoft.com/technet/security/advisory/969898.mspx 2009405 || ET TROJAN Personal Defender 2009 - prinimalka.py || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/VIRUS/TROJAN_Personal_Defender || url,doc.emergingthreats.net/2009405 || url,malwarebytes.besttechie.net/2008/11/03/removal-instructions-for-personal-defender-2009/ 2009406 || ET TROJAN Personal Defender 2009 - trash.py || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/VIRUS/TROJAN_Personal_Defender || url,doc.emergingthreats.net/2009406 || url,malwarebytes.besttechie.net/2008/11/03/removal-instructions-for-personal-defender-2009/ 2009407 || ET TROJAN Koobface BLACKLABEL || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/VIRUS/TROJAN_Koobface || url,doc.emergingthreats.net/2009407 || url,blog.threatexpert.com/2008/12/koobface-leaves-victims-black-spot.html 2404024 || ET DROP Known Bot C&C Server Traffic (group 25) || url,www.shadowserver.org 2405024 || ET DROP Known Bot C&C Traffic (group 25) - BLOCKING SOURCE || url,www.shadowserver.org 2406620 || ET RBN Known Russian Business Network IP TCP (311) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406621 || ET RBN Known Russian Business Network IP UDP (311) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406622 || ET RBN Known Russian Business Network IP TCP (312) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406623 || ET RBN Known Russian Business Network IP UDP (312) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406624 || ET RBN Known Russian Business Network IP TCP (313) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406625 || ET RBN Known Russian Business Network IP UDP (313) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406626 || ET RBN Known Russian Business Network IP TCP (314) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406627 || ET RBN Known Russian Business Network IP UDP (314) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406628 || ET RBN Known Russian Business Network IP TCP (315) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406629 || ET RBN Known Russian Business Network IP UDP (315) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406630 || ET RBN Known Russian Business Network IP TCP (316) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406631 || ET RBN Known Russian Business Network IP UDP (316) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406632 || ET RBN Known Russian Business Network IP TCP (317) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406633 || ET RBN Known Russian Business Network IP UDP (317) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406634 || ET RBN Known Russian Business Network IP TCP (318) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406635 || ET RBN Known Russian Business Network IP UDP (318) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406636 || ET RBN Known Russian Business Network IP TCP (319) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406637 || ET RBN Known Russian Business Network IP UDP (319) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406638 || ET RBN Known Russian Business Network IP TCP (320) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406639 || ET RBN Known Russian Business Network IP UDP (320) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406640 || ET RBN Known Russian Business Network IP TCP (321) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406641 || ET RBN Known Russian Business Network IP UDP (321) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406642 || ET RBN Known Russian Business Network IP TCP (322) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406643 || ET RBN Known Russian Business Network IP UDP (322) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406644 || ET RBN Known Russian Business Network IP TCP (323) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406645 || ET RBN Known Russian Business Network IP UDP (323) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406646 || ET RBN Known Russian Business Network IP TCP (324) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406647 || ET RBN Known Russian Business Network IP UDP (324) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406648 || ET RBN Known Russian Business Network IP TCP (325) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406649 || ET RBN Known Russian Business Network IP UDP (325) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406650 || ET RBN Known Russian Business Network IP TCP (326) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406651 || ET RBN Known Russian Business Network IP UDP (326) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406652 || ET RBN Known Russian Business Network IP TCP (327) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406653 || ET RBN Known Russian Business Network IP UDP (327) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406654 || ET RBN Known Russian Business Network IP TCP (328) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406655 || ET RBN Known Russian Business Network IP UDP (328) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406656 || ET RBN Known Russian Business Network IP TCP (329) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406657 || ET RBN Known Russian Business Network IP UDP (329) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406658 || ET RBN Known Russian Business Network IP TCP (330) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406659 || ET RBN Known Russian Business Network IP UDP (330) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406660 || ET RBN Known Russian Business Network IP TCP (331) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406661 || ET RBN Known Russian Business Network IP UDP (331) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406662 || ET RBN Known Russian Business Network IP TCP (332) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406663 || ET RBN Known Russian Business Network IP UDP (332) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406664 || ET RBN Known Russian Business Network IP TCP (333) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406665 || ET RBN Known Russian Business Network IP UDP (333) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406666 || ET RBN Known Russian Business Network IP TCP (334) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406667 || ET RBN Known Russian Business Network IP UDP (334) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406668 || ET RBN Known Russian Business Network IP TCP (335) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406669 || ET RBN Known Russian Business Network IP UDP (335) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406670 || ET RBN Known Russian Business Network IP TCP (336) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406671 || ET RBN Known Russian Business Network IP UDP (336) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406672 || ET RBN Known Russian Business Network IP TCP (337) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406673 || ET RBN Known Russian Business Network IP UDP (337) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406674 || ET RBN Known Russian Business Network IP TCP (338) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406675 || ET RBN Known Russian Business Network IP UDP (338) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406676 || ET RBN Known Russian Business Network IP TCP (339) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406677 || ET RBN Known Russian Business Network IP UDP (339) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406678 || ET RBN Known Russian Business Network IP TCP (340) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406679 || ET RBN Known Russian Business Network IP UDP (340) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406680 || ET RBN Known Russian Business Network IP TCP (341) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406681 || ET RBN Known Russian Business Network IP UDP (341) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406682 || ET RBN Known Russian Business Network IP TCP (342) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406683 || ET RBN Known Russian Business Network IP UDP (342) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406684 || ET RBN Known Russian Business Network IP TCP (343) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406685 || ET RBN Known Russian Business Network IP UDP (343) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406686 || ET RBN Known Russian Business Network IP TCP (344) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406687 || ET RBN Known Russian Business Network IP UDP (344) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406688 || ET RBN Known Russian Business Network IP TCP (345) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2406689 || ET RBN Known Russian Business Network IP UDP (345) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407620 || ET RBN Known Russian Business Network IP TCP - BLOCKING (311) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407621 || ET RBN Known Russian Business Network IP UDP - BLOCKING (311) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407622 || ET RBN Known Russian Business Network IP TCP - BLOCKING (312) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407623 || ET RBN Known Russian Business Network IP UDP - BLOCKING (312) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407624 || ET RBN Known Russian Business Network IP TCP - BLOCKING (313) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407625 || ET RBN Known Russian Business Network IP UDP - BLOCKING (313) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407626 || ET RBN Known Russian Business Network IP TCP - BLOCKING (314) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407627 || ET RBN Known Russian Business Network IP UDP - BLOCKING (314) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407628 || ET RBN Known Russian Business Network IP TCP - BLOCKING (315) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407629 || ET RBN Known Russian Business Network IP UDP - BLOCKING (315) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407630 || ET RBN Known Russian Business Network IP TCP - BLOCKING (316) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407631 || ET RBN Known Russian Business Network IP UDP - BLOCKING (316) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407632 || ET RBN Known Russian Business Network IP TCP - BLOCKING (317) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407633 || ET RBN Known Russian Business Network IP UDP - BLOCKING (317) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407634 || ET RBN Known Russian Business Network IP TCP - BLOCKING (318) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407635 || ET RBN Known Russian Business Network IP UDP - BLOCKING (318) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407636 || ET RBN Known Russian Business Network IP TCP - BLOCKING (319) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407637 || ET RBN Known Russian Business Network IP UDP - BLOCKING (319) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407638 || ET RBN Known Russian Business Network IP TCP - BLOCKING (320) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407639 || ET RBN Known Russian Business Network IP UDP - BLOCKING (320) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407640 || ET RBN Known Russian Business Network IP TCP - BLOCKING (321) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407641 || ET RBN Known Russian Business Network IP UDP - BLOCKING (321) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407642 || ET RBN Known Russian Business Network IP TCP - BLOCKING (322) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407643 || ET RBN Known Russian Business Network IP UDP - BLOCKING (322) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407644 || ET RBN Known Russian Business Network IP TCP - BLOCKING (323) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407645 || ET RBN Known Russian Business Network IP UDP - BLOCKING (323) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407646 || ET RBN Known Russian Business Network IP TCP - BLOCKING (324) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407647 || ET RBN Known Russian Business Network IP UDP - BLOCKING (324) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407648 || ET RBN Known Russian Business Network IP TCP - BLOCKING (325) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407649 || ET RBN Known Russian Business Network IP UDP - BLOCKING (325) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407650 || ET RBN Known Russian Business Network IP TCP - BLOCKING (326) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407651 || ET RBN Known Russian Business Network IP UDP - BLOCKING (326) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407652 || ET RBN Known Russian Business Network IP TCP - BLOCKING (327) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407653 || ET RBN Known Russian Business Network IP UDP - BLOCKING (327) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407654 || ET RBN Known Russian Business Network IP TCP - BLOCKING (328) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407655 || ET RBN Known Russian Business Network IP UDP - BLOCKING (328) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407656 || ET RBN Known Russian Business Network IP TCP - BLOCKING (329) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407657 || ET RBN Known Russian Business Network IP UDP - BLOCKING (329) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407658 || ET RBN Known Russian Business Network IP TCP - BLOCKING (330) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407659 || ET RBN Known Russian Business Network IP UDP - BLOCKING (330) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407660 || ET RBN Known Russian Business Network IP TCP - BLOCKING (331) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407661 || ET RBN Known Russian Business Network IP UDP - BLOCKING (331) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407662 || ET RBN Known Russian Business Network IP TCP - BLOCKING (332) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407663 || ET RBN Known Russian Business Network IP UDP - BLOCKING (332) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407664 || ET RBN Known Russian Business Network IP TCP - BLOCKING (333) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407665 || ET RBN Known Russian Business Network IP UDP - BLOCKING (333) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407666 || ET RBN Known Russian Business Network IP TCP - BLOCKING (334) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407667 || ET RBN Known Russian Business Network IP UDP - BLOCKING (334) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407668 || ET RBN Known Russian Business Network IP TCP - BLOCKING (335) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407669 || ET RBN Known Russian Business Network IP UDP - BLOCKING (335) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407670 || ET RBN Known Russian Business Network IP TCP - BLOCKING (336) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407671 || ET RBN Known Russian Business Network IP UDP - BLOCKING (336) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407672 || ET RBN Known Russian Business Network IP TCP - BLOCKING (337) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407673 || ET RBN Known Russian Business Network IP UDP - BLOCKING (337) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407674 || ET RBN Known Russian Business Network IP TCP - BLOCKING (338) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407675 || ET RBN Known Russian Business Network IP UDP - BLOCKING (338) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407676 || ET RBN Known Russian Business Network IP TCP - BLOCKING (339) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407677 || ET RBN Known Russian Business Network IP UDP - BLOCKING (339) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407678 || ET RBN Known Russian Business Network IP TCP - BLOCKING (340) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407679 || ET RBN Known Russian Business Network IP UDP - BLOCKING (340) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407680 || ET RBN Known Russian Business Network IP TCP - BLOCKING (341) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407681 || ET RBN Known Russian Business Network IP UDP - BLOCKING (341) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407682 || ET RBN Known Russian Business Network IP TCP - BLOCKING (342) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407683 || ET RBN Known Russian Business Network IP UDP - BLOCKING (342) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407684 || ET RBN Known Russian Business Network IP TCP - BLOCKING (343) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407685 || ET RBN Known Russian Business Network IP UDP - BLOCKING (343) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407686 || ET RBN Known Russian Business Network IP TCP - BLOCKING (344) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407687 || ET RBN Known Russian Business Network IP UDP - BLOCKING (344) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407688 || ET RBN Known Russian Business Network IP TCP - BLOCKING (345) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2407689 || ET RBN Known Russian Business Network IP UDP - BLOCKING (345) || url,doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork 2500302 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (152) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500303 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (152) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500304 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (153) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500305 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (153) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510302 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (152) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510303 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (152) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510304 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (153) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510305 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (153) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts -> Added to emerging-virus.rules (7): #by Chris Green #by Chris Green #Description of parameters: # ?o= integer value to identify attacker # &t= integer value represents time the exploit was generated # &i= integer value represent IP address of victim # &e= integer value represents exploit used [---] Removed non-rule lines: [---] -> Removed from emerging-drop-BLOCK.rules (2): # VERSION 1562 # Generated 2009-06-06 00:03:02 EDT -> Removed from emerging-drop.rules (2): # VERSION 1562 # Generated 2009-06-06 00:03:02 EDT -> Removed from emerging-rbn-BLOCK.rules (2): # VERSION 132 # Updated 2009-06-03 13:33:29 -> Removed from emerging-rbn.rules (2): # VERSION 132 # Updated 2009-06-03 13:33:29 -> Removed from emerging-sid-msg.map (2): 2009375 || ET POLICY General MSN Chat Activity || url,www.hypothetic.org/docs/msn/general/http_examples.php 2009376 || ET POLICY MSN User-Agent Activity || url,www.hypothetic.org/docs/msn/general/http_examples.php -> Removed from emerging-sid-msg.map.txt (2): 2009375 || ET POLICY General MSN Chat Activity || url,www.hypothetic.org/docs/msn/general/http_examples.php 2009376 || ET POLICY MSN User-Agent Activity || url,www.hypothetic.org/docs/msn/general/http_examples.php From phatbuckett at gmail.com Sun Jun 14 08:52:55 2009 From: phatbuckett at gmail.com (Darren Spruell) Date: Sun, 14 Jun 2009 05:52:55 -0700 Subject: [Emerging-Sigs] Personal Defender 2009 In-Reply-To: <1244873866.7258.22.camel@kinta> References: <1244873866.7258.22.camel@kinta> Message-ID: <839aec700906140552r25f9ab8yb460651d61be88e2@mail.gmail.com> Validated, the post at http://malwarebytes.besttechie.net/2008/11/03/removal-instructions-for-personal-defender-2009/#comment-725 is describing an older Gozi registry configuration format. The poster probably had multiple trojans and assumed everything was tied to the rogue AV. In the end the activity should match on dxp's revised rule. 2002854 is typically very reliable except for the assertion that the server-side script is *.cgi and fails in limited cases where they are .py (and perhaps other extensions.) The others (2003509-2003511) are too specific and don't match on many instances of the trojan but traffic they *would* match on should never be seen without the registration/checkin activity the revised sig should pick up. There's so much variance in the server-side script naming that basing content checks on the URI paths will just be very patchy. We've been trying to nail this down better since beginning of the year: http://lists.emergingthreats.net/pipermail/emerging-sigs/2009-January/001793.html Here's some reports on samples showing recent .py variants: http://www.threatexpert.com/report.aspx?md5=342bd0710b981f1e3436f89cb1e61192 http://www.threatexpert.com/reports.aspx?find=prinimalka.py&x=0&y=0 DS On Fri, Jun 12, 2009 at 11:17 PM, dxp wrote: > This activity is associated with the trojan typically known as > Ursnif/Gozi/Ordergun/Snifula/Orderjack.? There are couple of rules already > present in the set but are too specific and that's why they missed this > activity.? The trojan uses a very unique URI scheme so I think the set of > current sigs can be rolled into one and it will provide detection. > > Here are the SIDs of current rules: 2003509, 2003510, 2003511, 2002854. > Some of them look for data leakage (POSTs) others for C&C registration and > command options (GETs). > > I propose to have a single rule which will detect the trojan when it > registeres or checks in for updates/commands.? This would be the rule: > > alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET TROJAN Gozi > check-in / update"; flow:established,to_server; uricontent:"?user_id="; > nocase; uricontent:"&version_id="; nocase; uricontent:"&passphrase="; > nocase; uricontent:"&socks="; nocase; uricontent:"&version="; nocase; > uricontent:"&crc="; nocase; > reference:url,www.secureworks.com/research/threats/gozi; > classtype:trojan-activity; sid:XXXX; rev:1;) > > If the current POST detection sigs will be kept then they need to be updated > to get rid off reliance on .cgi as well as UAS. > > PS: Chris, if you have the binary which created the "prinimalka.py" POSTs > can you send it to me privately or upload to Offensive Computing and share > the link.? I've been following the activity of this (older versions) trojan > and would like to see what changes are in this one. > > - > > -=[ dxp ]=- > 0xA3F3C6E3 > > > > On Wed, 2009-06-10 at 08:37 -0500, Chris Green wrote: > > These rules have been useful for me with no false positives. > > alert tcp any any -> any 80 (msg: "TROJAN Personal Defender 2009 - > prinimalka.py"; uricontent:"/prinimalka.py"; sid: 100000248; > reference:url,malwarebytes.besttechie.net/2008/11/03/removal-instructions-for-personal-defender-2009/; > rev: 1;) > alert tcp any any -> any 80 (msg: "TROJAN Personal Defender 2009 - > trash.py"; uricontent:"/trash.py"; sid: 100000249; > reference:url,malwarebytes.besttechie.net/2008/11/03/removal-instructions-for-personal-defender-2009/; > rev: 1;) > > REDACTED:4005 -> 78.109.23.2:80 TCP TTL:126 TOS:0x0 ID:58779 IpLen:20 > DgmLen:819 DF > ***AP*** Seq: 0xE09C666C? Ack: 0x827DA94A? Win: 0x40B0? TcpLen: 20 > 50 4F 53 54 20 2F 73 79 73 74 65 6D 2F 70 72 69? POST /system/pri > 6E 69 6D 61 6C 6B 61 2E 70 79 2F 66 6F 72 6D 73? nimalka.py/forms > 20 48 54 54 50 2F 31 2E 31 0D 0A 43 6F 6E 74 65?? HTTP/1.1..Conte > > _______________________________________________ > Emerging-sigs mailing list > Emerging-sigs at emergingthreats.net > http://lists.emergingthreats.net/mailman/listinfo/emerging-sigs > > -- Darren Spruell phatbuckett at gmail.com From greencm at gmail.com Sun Jun 14 14:01:05 2009 From: greencm at gmail.com (Chris Green) Date: Sun, 14 Jun 2009 13:01:05 -0500 Subject: [Emerging-Sigs] Personal Defender 2009 Message-ID: <4a353adf.14025a0a.70b0.ffffee43@mx.google.com> Yes, its named the wrong thing by me. Let me go ahead and vote to maintain the data leakage variants as well. On the incident response side, you have a password stealing trojan is scary but easy to ignore. The heres what you logged into and heres your facebook/gmail/bank/enterprise credential makes the abstract concrete which goes a long way in justifying incident response efforts including identifying the affected end user in a large environment. The argument against it is analysts see valuable data but that line was crossed when they got to use a sniffer. Only real reason i added these is i had known bad sites i wasnt detecting it. -----Original Message----- From: "Darren Spruell" To: "dxp" Cc: "Chris Green" ; emerging-sigs at emergingthreats.net Sent: 6/14/2009 7:52 AM Subject: Re: [Emerging-Sigs] Personal Defender 2009 Validated, the post at http://malwarebytes.besttechie.net/2008/11/03/removal-instructions-for-personal-defender-2009/#comment-725 is describing an older Gozi registry configuration format. The poster probably had multiple trojans and assumed everything was tied to the rogue AV. In the end the activity should match on dxp's revised rule. 2002854 is typically very reliable except for the assertion that the server-side script is *.cgi and fails in limited cases where they are .py (and perhaps other extensions.) The others (2003509-2003511) are too specific and don't match on many instances of the trojan but traffic they *would* match on should never be seen without the registration/checkin activity the revised sig should pick up. There's so much variance in the server-side script naming that basing content checks on the URI paths will just be very patchy. We've been trying to nail this down better since beginning of the year: http://lists.emergingthreats.net/pipermail/emerging-sigs/2009-January/001793.html Here's some reports on samples showing recent .py variants: http://www.threatexpert.com/report.aspx?md5=342bd0710b981f1e3436f89cb1e61192 http://www.threatexpert.com/reports.aspx?find=prinimalka.py&x=0&y=0 DS On Fri, Jun 12, 2009 at 11:17 PM, dxp wrote: > This activity is associated with the trojan typically known as > Ursnif/Gozi/Ordergun/Snifula/Orderjack.? There are couple of rules already > present in the set but are too specific and that's why they missed this > activity.? The trojan uses a very unique URI scheme so I think the set of > current sigs can be rolled into one and it will provide detection. > > Here are the SIDs of current rules: 2003509, 2003510, 2003511, 2002854. > Some of them look for data leakage (POSTs) others for C&C registration and > command options (GETs). > > I propose to have a single rule which will detect the trojan when it > registeres or checks in for updates/commands.? This would be the rule: > > alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET TROJAN Gozi > check-in / update"; flow:established,to_server; uricontent:"?user_id="; > nocase; uricontent:"&version_id="; nocase; uricontent:"&passphrase="; > nocase; uricontent:"&socks="; nocase; uricontent:"&version="; nocase; > uricontent:"&crc="; nocase; > reference:url,www.secureworks.com/research/threats/gozi; > classtype:trojan-activity; sid:XXXX; rev:1;) > > If the current POST detection sigs will be kept then they need to be updated > to get rid off reliance on .cgi as well as UAS. > > PS: Chris, if you have the binary which created the "prinimalka.py" POSTs > can you send it to me privately or upload to Offensive Computing and share > the link.? I've been following the activity of this (older versions) trojan > and would like to see what changes are in this one. > > - > > -=[ dxp ]=- > 0xA3F3C6E3 > > > > On Wed, 2009-06-10 at 08:37 -0500, Chris Green wrote: > > These rules have been useful for me with no false positives. > > alert tcp any any -> any 80 (msg: "TROJAN Personal Defender 2009 - > prinimalka.py"; uricontent:"/prinimalka.py"; sid: 100000248; > reference:url,malwarebytes.besttechie.net/2008/11/03/removal-instructions-for-personal-defender-2009/; > rev: 1;) > alert tcp any any -> any 80 (msg: "TROJAN Personal Defender 2009 - > trash.py"; uricontent:"/trash.py"; sid: 100000249; > reference:url,malwarebytes.besttechie.net/2008/11/03/removal-instructions-for-personal-defender-2009/; > rev: 1;) > > REDACTED:4005 -> 78.109.23.2:80 TCP TTL:126 TOS:0x0 ID:58779 IpLen:20 > DgmLen:819 DF > ***AP*** Seq: 0xE09C666C? Ack: 0x827DA94A? Win: 0x40B0? TcpLen: 20 > 50 4F 53 54 20 2F 73 79 73 74 65 6D 2F 70 72 69? POST /system/pri > 6E 69 6D 61 6C 6B 61 2E 70 79 2F 66 6F 72 6D 73? nimalka.py/forms > 20 48 54 54 50 2F 31 2E 31 0D 0A 43 6F 6E 74 65?? HTTP/1.1..Conte > > _______________________________________________ > Emerging-sigs mailing list > Emerging-sigs at emergingthreats.net > http://lists.emergingthreats.net/mailman/listinfo/emerging-sigs > > -- Darren Spruell phatbuckett at gmail.com From frank at knobbe.us Sun Jun 14 15:40:00 2009 From: frank at knobbe.us (Frank Knobbe) Date: Sun, 14 Jun 2009 14:40:00 -0500 Subject: [Emerging-Sigs] Proxy Server listings In-Reply-To: <53834cf20906120816v2c34ca11kbb57b5b21faa87da@mail.gmail.com> References: <003101c9eb70$6affbfe0$40ff3fa0$@com> <53834cf20906120816v2c34ca11kbb57b5b21faa87da@mail.gmail.com> Message-ID: <1245008400.10699.18.camel@localhost> On Fri, 2009-06-12 at 17:16 +0200, Jaime Blasco wrote: > http://proxy.org/ But note that proxies change very frequently. That's the reason for the frequent "open proxy scans" you get against your networks :) A lot of open proxies have a limited lifetime (IP changes, machines powered off, etc). Blocking those proactively, or using the IP's/domains in rules, is not very effective. It's best to use rules that detect proxy activity rather than certain IPs. Cheers, Frank -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 188 bytes Desc: This is a digitally signed message part Url : http://lists.emergingthreats.net/pipermail/emerging-sigs/attachments/20090614/4a592044/attachment.bin From emerging at emergingthreats.net Sun Jun 14 16:00:11 2009 From: emerging at emergingthreats.net (emerging@emergingthreats.net) Date: Sun, 14 Jun 2009 16:00:11 -0400 (EDT) Subject: [Emerging-Sigs] Emerging Threats Daily Signature Changes Message-ID: <20090614200011.ABC4A4504B@goliath.jonkmans.com> [***] Results from Oinkmaster started Sun Jun 14 16:00:11 2009 [***] [*] Rules modifications: [*] None. [---] Removed non-rule lines: [---] -> Removed from emerging-sid-msg.map (24): 2500294 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (148) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500295 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (148) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500296 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (149) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500297 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (149) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500298 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (150) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500299 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (150) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500300 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (151) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500301 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (151) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500302 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (152) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500303 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (152) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500304 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (153) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500305 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (153) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510294 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (148) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510295 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (148) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510296 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (149) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510297 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (149) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510298 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (150) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510299 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (150) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510300 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (151) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510301 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (151) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510302 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (152) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510303 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (152) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510304 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (153) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510305 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (153) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts -> Removed from emerging-sid-msg.map.txt (24): 2500294 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (148) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500295 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (148) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500296 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (149) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500297 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (149) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500298 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (150) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500299 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (150) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500300 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (151) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500301 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (151) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500302 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (152) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500303 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (152) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500304 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (153) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500305 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (153) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510294 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (148) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510295 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (148) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510296 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (149) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510297 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (149) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510298 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (150) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510299 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (150) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510300 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (151) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510301 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (151) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510302 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (152) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510303 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (152) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510304 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (153) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510305 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (153) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts From phatbuckett at gmail.com Sun Jun 14 19:30:05 2009 From: phatbuckett at gmail.com (Darren Spruell) Date: Sun, 14 Jun 2009 16:30:05 -0700 Subject: [Emerging-Sigs] Patcher/Bankpatch communication with controller Message-ID: <839aec700906141630h7bf709a7y1dfa1d321f5a6dba@mail.gmail.com> alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET TROJAN Patcher/Bankpatch Communication with Controller"; flow:established,to_server; uricontent:"id="; nocase; uricontent:"&check="; nocase; uricontent:"&version="; nocase; pcre:"/\?id=[A-Za-z]+_[A-Za-z]+&/U"; classtype:trojan-activity; reference:url,www.symantec.com/security_response/writeup.jsp?docid=2008-081817-1808-99&tabid=2; sid:XXXXXXX; rev:1;) alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET TROJAN Patcher/Bankpatch Module Download Request"; flow:established,to_server; uricontent:"/dl/AcroIEHelpe"; nocase; uricontent:".dll"; nocase; pcre:"/\/dl\/AcroIEHelpe(r)?(\d)?\.dll/U"; classtype:trojan-activity; reference:url,www.symantec.com/security_response/writeup.jsp?docid=2008-081817-1808-99&tabid=2; sid:XXXXXXX; rev:1;) Hoping someone can chip in on these / test against samples / whatever. First rule should detect the GET request (checkin, maybe?) listed in the Symantec writeup. Second should detect the retrieval of the infostealer component (typically called Nadebanker) after initialization. The pcre on the second rule should account for various forms of the file names used in the download requests as in these samples: hxxp://meiwrsa.com/dl/AcroIEHelper.dll hxxp://ffcsanta.com/dl/AcroIEHelpe.dll hxxp://ffcsanta.com/dl/AcroIEHelpe1.dll hxxp://ffcsanta.com/dl/AcroIEHelper3.dll https://forums2.symantec.com/t5/blogs/blogarticlepage/blog-id/malicious_code/article-id/235 https://forums2.symantec.com/t5/blogs/blogarticlepage/blog-id/malicious_code/article-id/236 http://www.symantec.com/security_response/writeup.jsp?docid=2008-081817-1808-99&tabid=2 http://www.symantec.com/en/ca/business/security_response/writeup.jsp?docid=2009-013015-1832-99 http://www.trustdefender.com/blog/2009/02/28/banking-malware-bankpatchc-shows-that-the-bad-guys-are-extremely-innovative/ -- Darren Spruell phatbuckett at gmail.com From signatures at stillsecure.com Mon Jun 15 05:18:18 2009 From: signatures at stillsecure.com (signatures) Date: Mon, 15 Jun 2009 03:18:18 -0600 Subject: [Emerging-Sigs] StillSecure: 10 New Signatures - June-15-2009 Message-ID: <5C9E8CCEEB81ED498AC0C3B0054704F3054C2932@webmail.latis.com> Hi Matt, Please find 10 New Signatures below: 1. WEB-PHP PhpBlock basicfogfactory.class.php PATH_TO_CODE Parameter Remote File Inclusion alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-PHP PhpBlock basicfogfactory.class.php PATH_TO_CODE Parameter Remote File Inclusion"; flow:to_server,established; content:"GET "; depth:4; uricontent:"/basicfogfactory.class.php?"; nocase; uricontent:"PATH_TO_CODE="; nocase; pcre:"/PATH_TO_CODE=\s*(https?|ftps?|php)\:\//Ui"; classtype:web-application-attack; reference:bugtraq,28588; reference:url,milw0rm.com/exploits/5348; sid:2009124; rev:1;) 2. WEB-PHP txtSQL startup.php CFG Parameter Remote File Inclusion alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-PHP txtSQL startup.php CFG Parameter Remote File Inclusion"; flow:to_server,established; content:"GET "; depth:4; uricontent:"/startup.php?"; nocase; uricontent:"CFG[txtsql][class]="; nocase; pcre:"/CFG\[txtsql\]\[class\]=\s*(ftps?|https?|php)\:\//Ui"; classtype:web-application-attack; reference:bugtraq,30625; reference:url,milw0rm.com/exploits/6224; sid:2009267; rev:1;) 3. WEB-PHP Blogplus block_center_down.php Local File Inclusion alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-PHP Blogplus block_center_down.php Local File Inclusion"; flow:to_server,established; content:"GET "; depth:4; uricontent:"/block_center_down.php?"; nocase; uricontent:"row_mysql_blocks_center_down[file]="; nocase; content:"../"; classtype:web-application-attack; reference:url,milw0rm.com/exploits/8290; reference:bugtraq,34261; reference:url,secunia.com/advisories/34480/; sid:2009166; rev:1;) 4. WEB-PHP Blogplus block_center_top.php Local File Inclusion alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-PHP Blogplus block_center_top.php Local File Inclusion"; flow:to_server,established; content:"GET "; depth:4; uricontent:"/block_center_top.php?"; nocase; uricontent:"row_mysql_blocks_center_top[file]="; nocase; content:"../"; classtype:web-application-attack; reference:url,milw0rm.com/exploits/8290; reference:bugtraq,34261; reference:url,secunia.com/advisories/34480/; sid:2009155; rev:1;) 5. WEB-PHP Blogplus block_left.php Local File Inclusion alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-PHP Blogplus block_left.php Local File Inclusion"; flow:to_server,established; content:"GET "; depth:4; uricontent:"/block_left.php?"; nocase; uricontent:"row_mysql_blocks_left[file]="; nocase; content:"../"; classtype:web-application-attack; reference:url,milw0rm.com/exploits/8290; reference:bugtraq,34261; reference:url,secunia.com/advisories/34480/; sid:2009144; rev:1;) 6. WEB-PHP Blogplus block_right.php Local File Inclusion alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-PHP Blogplus block_right.php Local File Inclusion"; flow:to_server,established; content:"GET "; depth:4; uricontent:"/block_right.php?"; nocase; uricontent:"row_mysql_blocks_right[file]="; nocase; content:"../"; classtype:web-application-attack; reference:url,milw0rm.com/exploits/8290; reference:bugtraq,34261; reference:url,secunia.com/advisories/34480/; sid:2009133; rev:1;) 7. WEB-PHP Blogplus window_down.php Local File Inclusion alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-PHP Blogplus window_down.php Local File Inclusion"; flow:to_server,established; content:"GET "; depth:4; uricontent:"/window_down.php?"; nocase; uricontent:"row_mysql_bloginfo[theme]="; nocase; content:"../"; classtype:web-application-attack; reference:url,milw0rm.com/exploits/8290; reference:bugtraq,34261; reference:url,secunia.com/advisories/34480/; sid:2009122; rev:1;) 8. WEB-PHP Blogplus window_top.php Local File Inclusion alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-PHP Blogplus window_top.php Local File Inclusion"; flow:to_server,established; content:"GET "; depth:4; uricontent:"/window_top.php?"; nocase; uricontent:"row_mysql_bloginfo[theme]="; nocase; content:"../"; classtype:web-application-attack; reference:url,milw0rm.com/exploits/8290; reference:bugtraq,34261; reference:url,secunia.com/advisories/34480/; sid:2009111; rev:1;) 9. WEB-PHP AjaxPortal ajaxp_backend.php page Parameter SQL Injection alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-PHP AjaxPortal ajaxp_backend.php page Parameter SQL Injection"; flow:to_server,established; content:"GET "; depth:4; uricontent:"/ajaxp_backend.php?"; nocase; uricontent:"page="; nocase; uricontent:"UNION"; nocase; uricontent:"SELECT"; nocase; pcre:"/UNION.+SELECT/Ui"; classtype:web-application-attack; reference:url,milw0rm.com/exploits/8341; reference:bugtraq,34338; sid:2009151; rev:1;) 10. WEB-ATTACKS BaoFeng Storm ActiveX Control OnBeforeVideoDownload Method Buffer Overflow alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"WEB-ATTACKS BaoFeng Storm ActiveX Control OnBeforeVideoDownload Method Buffer Overflow"; flow:to_client,established; content:"clsid"; nocase; content:"6BE52E1D-E586-474F-A6E2-1A85A9B4D9FB"; nocase; distance:0; content:"OnBeforeVideoDownload"; nocase; classtype:web-application-attack; reference:bugtraq,34789; reference:url,milw0rm.com/exploits/8579; sid:2009124; rev:1;) Looking forward for your comments, if any... Thanks & Regards, StillSecure -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.emergingthreats.net/pipermail/emerging-sigs/attachments/20090615/d06b4229/attachment-0001.html From jonkman at jonkmans.com Mon Jun 15 08:52:57 2009 From: jonkman at jonkmans.com (Matt Jonkman) Date: Mon, 15 Jun 2009 08:52:57 -0400 Subject: [Emerging-Sigs] Patcher/Bankpatch communication with controller In-Reply-To: <839aec700906141630h7bf709a7y1dfa1d321f5a6dba@mail.gmail.com> References: <839aec700906141630h7bf709a7y1dfa1d321f5a6dba@mail.gmail.com> Message-ID: <4A364429.9030307@jonkmans.com> Good looking sigs Darren, thanks! Posting now. Matt Darren Spruell wrote: > alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET TROJAN > Patcher/Bankpatch Communication with Controller"; > flow:established,to_server; uricontent:"id="; nocase; > uricontent:"&check="; nocase; uricontent:"&version="; nocase; > pcre:"/\?id=[A-Za-z]+_[A-Za-z]+&/U"; classtype:trojan-activity; > reference:url,www.symantec.com/security_response/writeup.jsp?docid=2008-081817-1808-99&tabid=2; > sid:XXXXXXX; rev:1;) > > alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET TROJAN > Patcher/Bankpatch Module Download Request"; > flow:established,to_server; uricontent:"/dl/AcroIEHelpe"; nocase; > uricontent:".dll"; nocase; pcre:"/\/dl\/AcroIEHelpe(r)?(\d)?\.dll/U"; > classtype:trojan-activity; > reference:url,www.symantec.com/security_response/writeup.jsp?docid=2008-081817-1808-99&tabid=2; > sid:XXXXXXX; rev:1;) > > Hoping someone can chip in on these / test against samples / whatever. > First rule should detect the GET request (checkin, maybe?) listed in > the Symantec writeup. Second should detect the retrieval of the > infostealer component (typically called Nadebanker) after > initialization. The pcre on the second rule should account for various > forms of the file names used in the download requests as in these > samples: > > hxxp://meiwrsa.com/dl/AcroIEHelper.dll > hxxp://ffcsanta.com/dl/AcroIEHelpe.dll > hxxp://ffcsanta.com/dl/AcroIEHelpe1.dll > hxxp://ffcsanta.com/dl/AcroIEHelper3.dll > > https://forums2.symantec.com/t5/blogs/blogarticlepage/blog-id/malicious_code/article-id/235 > https://forums2.symantec.com/t5/blogs/blogarticlepage/blog-id/malicious_code/article-id/236 > http://www.symantec.com/security_response/writeup.jsp?docid=2008-081817-1808-99&tabid=2 > http://www.symantec.com/en/ca/business/security_response/writeup.jsp?docid=2009-013015-1832-99 > http://www.trustdefender.com/blog/2009/02/28/banking-malware-bankpatchc-shows-that-the-bad-guys-are-extremely-innovative/ > -- -------------------------------------------- Matthew Jonkman Emerging Threats Phone 765-429-0398 Fax 312-264-0205 http://www.emergingthreats.net -------------------------------------------- PGP: http://www.jonkmans.com/mattjonkman.asc From jonkman at jonkmans.com Mon Jun 15 09:17:54 2009 From: jonkman at jonkmans.com (Matt Jonkman) Date: Mon, 15 Jun 2009 09:17:54 -0400 Subject: [Emerging-Sigs] Personal Defender 2009 In-Reply-To: <839aec700906140552r25f9ab8yb460651d61be88e2@mail.gmail.com> References: <1244873866.7258.22.camel@kinta> <839aec700906140552r25f9ab8yb460651d61be88e2@mail.gmail.com> Message-ID: <4A364A02.8010200@jonkmans.com> I agree. The single rule will be more efficient. I'll get it posted and drop the duplicates now. Thanks guys! Matt Darren Spruell wrote: > Validated, the post at > http://malwarebytes.besttechie.net/2008/11/03/removal-instructions-for-personal-defender-2009/#comment-725 > is describing an older Gozi registry configuration format. The poster > probably had multiple trojans and assumed everything was tied to the > rogue AV. In the end the activity should match on dxp's revised rule. > 2002854 is typically very reliable except for the assertion that the > server-side script is *.cgi and fails in limited cases where they are > .py (and perhaps other extensions.) The others (2003509-2003511) are > too specific and don't match on many instances of the trojan but > traffic they *would* match on should never be seen without the > registration/checkin activity the revised sig should pick up. There's > so much variance in the server-side script naming that basing content > checks on the URI paths will just be very patchy. > > We've been trying to nail this down better since beginning of the year: > > http://lists.emergingthreats.net/pipermail/emerging-sigs/2009-January/001793.html > > Here's some reports on samples showing recent .py variants: > > http://www.threatexpert.com/report.aspx?md5=342bd0710b981f1e3436f89cb1e61192 > http://www.threatexpert.com/reports.aspx?find=prinimalka.py&x=0&y=0 > > DS > > > On Fri, Jun 12, 2009 at 11:17 PM, dxp wrote: >> This activity is associated with the trojan typically known as >> Ursnif/Gozi/Ordergun/Snifula/Orderjack. There are couple of rules already >> present in the set but are too specific and that's why they missed this >> activity. The trojan uses a very unique URI scheme so I think the set of >> current sigs can be rolled into one and it will provide detection. >> >> Here are the SIDs of current rules: 2003509, 2003510, 2003511, 2002854. >> Some of them look for data leakage (POSTs) others for C&C registration and >> command options (GETs). >> >> I propose to have a single rule which will detect the trojan when it >> registeres or checks in for updates/commands. This would be the rule: >> >> alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET TROJAN Gozi >> check-in / update"; flow:established,to_server; uricontent:"?user_id="; >> nocase; uricontent:"&version_id="; nocase; uricontent:"&passphrase="; >> nocase; uricontent:"&socks="; nocase; uricontent:"&version="; nocase; >> uricontent:"&crc="; nocase; >> reference:url,www.secureworks.com/research/threats/gozi; >> classtype:trojan-activity; sid:XXXX; rev:1;) >> >> If the current POST detection sigs will be kept then they need to be updated >> to get rid off reliance on .cgi as well as UAS. >> >> PS: Chris, if you have the binary which created the "prinimalka.py" POSTs >> can you send it to me privately or upload to Offensive Computing and share >> the link. I've been following the activity of this (older versions) trojan >> and would like to see what changes are in this one. >> >> - >> >> -=[ dxp ]=- >> 0xA3F3C6E3 >> >> >> >> On Wed, 2009-06-10 at 08:37 -0500, Chris Green wrote: >> >> These rules have been useful for me with no false positives. >> >> alert tcp any any -> any 80 (msg: "TROJAN Personal Defender 2009 - >> prinimalka.py"; uricontent:"/prinimalka.py"; sid: 100000248; >> reference:url,malwarebytes.besttechie.net/2008/11/03/removal-instructions-for-personal-defender-2009/; >> rev: 1;) >> alert tcp any any -> any 80 (msg: "TROJAN Personal Defender 2009 - >> trash.py"; uricontent:"/trash.py"; sid: 100000249; >> reference:url,malwarebytes.besttechie.net/2008/11/03/removal-instructions-for-personal-defender-2009/; >> rev: 1;) >> >> REDACTED:4005 -> 78.109.23.2:80 TCP TTL:126 TOS:0x0 ID:58779 IpLen:20 >> DgmLen:819 DF >> ***AP*** Seq: 0xE09C666C Ack: 0x827DA94A Win: 0x40B0 TcpLen: 20 >> 50 4F 53 54 20 2F 73 79 73 74 65 6D 2F 70 72 69 POST /system/pri >> 6E 69 6D 61 6C 6B 61 2E 70 79 2F 66 6F 72 6D 73 nimalka.py/forms >> 20 48 54 54 50 2F 31 2E 31 0D 0A 43 6F 6E 74 65 HTTP/1.1..Conte >> >> _______________________________________________ >> Emerging-sigs mailing list >> Emerging-sigs at emergingthreats.net >> http://lists.emergingthreats.net/mailman/listinfo/emerging-sigs >> >> > > > -- -------------------------------------------- Matthew Jonkman Emerging Threats Phone 765-429-0398 Fax 312-264-0205 http://www.emergingthreats.net -------------------------------------------- PGP: http://www.jonkmans.com/mattjonkman.asc From jonkman at jonkmans.com Mon Jun 15 10:24:42 2009 From: jonkman at jonkmans.com (Matt Jonkman) Date: Mon, 15 Jun 2009 10:24:42 -0400 Subject: [Emerging-Sigs] OISF Board Meeting Message-ID: <4A3659AA.20100@jonkmans.com> The Open Information Security Foundation held it's first Board Meeting and Planning Session. The meeting was incredibly productive, and we were able to secure the support of a number of new organizations and vendors. We're very excited about the future, and we've a lot of news to share. Most of the news and decisions that have been made we'll release in individual statements in order to avoid information overload. But overall let me summarize what the Foundation is doing and where we all stand: We have received allocation of the second phase funding, and we're part of the OSSI HOST program (http://www.oss-institute.org). This allows us to begin immediately our coding efforts. We have finalized hiring of about ten contractors for everything from coding and research to quality assurance and sysadmin work. These individuals will be introduced to the community soon, but you know most of them already. I'm VERY excited about the team that's coming together. That said we have room for more. Primarily we need more programmers, but we are also in search of an exceptional individual to become our documentation project lead. If you are interested please email jonkman at emergingthreats.net. We are in the process of building out our infrastructure. Code repository, QA lab and hardware, and public facing hosting and the like. We are in need of all sorts of assistance, the less we spend on hardware and infrastructure the more goes into coding efforts of course. If you or your organization is interested in becoming a member of the Foundation Consortium (which grants the ability to use an alternative more permissive license) please contact us now. We have quite a few needs that will save the foundation's resources for more directly beneficial effort. We'll be announcing a number of other things shortly, including a new draft of our bylaws, new mailing lists, and a list of the features we're going to build into our first release. Please stay tuned. While we're getting to coding later than we had hoped last year, rest assured we are still committed to a production release of the engine by the end of 2009! We will make this goal and we have the resources and brain trust to make it happen!! Thanks to all for your support to date. This is truly a community driven and supported project, and we look forward to cementing the relationships with both the community and the organizations that will be our constituency over time. -- -------------------------------------------- Matthew Jonkman Emerging Threats Phone 765-429-0398 Fax 312-264-0205 http://www.emergingthreats.net -------------------------------------------- PGP: http://www.jonkmans.com/mattjonkman.asc From emerging at emergingthreats.net Mon Jun 15 16:00:11 2009 From: emerging at emergingthreats.net (emerging@emergingthreats.net) Date: Mon, 15 Jun 2009 16:00:11 -0400 (EDT) Subject: [Emerging-Sigs] Emerging Threats Daily Signature Changes Message-ID: <20090615200011.5CA734504B@goliath.jonkmans.com> [***] Results from Oinkmaster started Mon Jun 15 16:00:11 2009 [***] [+++] Added rules: [+++] 2009408 - ET TROJAN Patcher/Bankpatch Communication with Controller (emerging-virus.rules) 2009409 - ET TROJAN Patcher/Bankpatch Module Download Request (emerging-virus.rules) 2009410 - ET TROJAN Gozi check-in / update (emerging-virus.rules) [///] Modified active rules: [///] 2007936 - ET WEB Netwin Webmail SurgeMail Mail Server Format String Vulnerability (emerging-web.rules) 2008452 - ET TROJAN Downloader.uxk checkin (emerging-virus.rules) 2009374 - ET TROJAN Virut Counter/Check-in (emerging-virus.rules) [---] Removed rules: [---] 2002854 - ET TROJAN Gozi/Orderjack Reporting User Activity (emerging-virus.rules) 2003509 - ET TROJAN Gozi Certificate Information Leakage (emerging-virus.rules) 2003510 - ET TROJAN Gozi Registration (emerging-virus.rules) 2003511 - ET TROJAN Gozi Form Data Information Leakage (emerging-virus.rules) [+++] Added non-rule lines: [+++] -> Added to emerging-sid-msg.map (3): 2009408 || ET TROJAN Patcher/Bankpatch Communication with Controller || url,www.symantec.com/security_response/writeup.jsp?docid=2008-081817-1808-99&tabid=2 2009409 || ET TROJAN Patcher/Bankpatch Module Download Request || url,www.symantec.com/security_response/writeup.jsp?docid=2008-081817-1808-99&tabid=2 2009410 || ET TROJAN Gozi check-in / update || url,www.secureworks.com/research/threats/gozi -> Added to emerging-sid-msg.map.txt (3): 2009408 || ET TROJAN Patcher/Bankpatch Communication with Controller || url,www.symantec.com/security_response/writeup.jsp?docid=2008-081817-1808-99&tabid=2 2009409 || ET TROJAN Patcher/Bankpatch Module Download Request || url,www.symantec.com/security_response/writeup.jsp?docid=2008-081817-1808-99&tabid=2 2009410 || ET TROJAN Gozi check-in / update || url,www.secureworks.com/research/threats/gozi -> Added to emerging-virus.rules (1): #by dxp and Darren Spruell. Compilation of former sids 2003509-2003511 and 2002854 [---] Removed non-rule lines: [---] -> Removed from emerging-sid-msg.map (14): 2002854 || ET TROJAN Gozi/Orderjack Reporting User Activity || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/VIRUS/TROJAN_Orderjack || url,doc.emergingthreats.net/2002854 || url,www.avira.com/en/threats/section/fulldetails/id_vir/1724/tr_dldr.orderjack.a.html || url,www.secureworks.com/research/threats/gozi 2003509 || ET TROJAN Gozi Certificate Information Leakage || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/VIRUS/TROJAN_Gozi || url,doc.emergingthreats.net/2003509 || url,www.secureworks.com/research/threats/gozi 2003510 || ET TROJAN Gozi Registration || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/VIRUS/TROJAN_Gozi || url,doc.emergingthreats.net/2003510 || url,www.secureworks.com/research/threats/gozi 2003511 || ET TROJAN Gozi Form Data Information Leakage || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/VIRUS/TROJAN_Gozi || url,doc.emergingthreats.net/2003511 || url,www.secureworks.com/research/threats/gozi 2404024 || ET DROP Known Bot C&C Server Traffic (group 25) || url,www.shadowserver.org 2405024 || ET DROP Known Bot C&C Traffic (group 25) - BLOCKING SOURCE || url,www.shadowserver.org 2500290 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (146) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500291 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (146) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500292 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (147) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500293 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (147) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510290 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (146) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510291 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (146) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510292 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (147) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510293 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (147) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts -> Removed from emerging-sid-msg.map.txt (14): 2002854 || ET TROJAN Gozi/Orderjack Reporting User Activity || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/VIRUS/TROJAN_Orderjack || url,doc.emergingthreats.net/2002854 || url,www.avira.com/en/threats/section/fulldetails/id_vir/1724/tr_dldr.orderjack.a.html || url,www.secureworks.com/research/threats/gozi 2003509 || ET TROJAN Gozi Certificate Information Leakage || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/VIRUS/TROJAN_Gozi || url,doc.emergingthreats.net/2003509 || url,www.secureworks.com/research/threats/gozi 2003510 || ET TROJAN Gozi Registration || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/VIRUS/TROJAN_Gozi || url,doc.emergingthreats.net/2003510 || url,www.secureworks.com/research/threats/gozi 2003511 || ET TROJAN Gozi Form Data Information Leakage || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/VIRUS/TROJAN_Gozi || url,doc.emergingthreats.net/2003511 || url,www.secureworks.com/research/threats/gozi 2404024 || ET DROP Known Bot C&C Server Traffic (group 25) || url,www.shadowserver.org 2405024 || ET DROP Known Bot C&C Traffic (group 25) - BLOCKING SOURCE || url,www.shadowserver.org 2500290 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (146) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500291 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (146) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500292 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (147) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500293 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (147) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510290 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (146) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510291 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (146) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510292 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (147) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2510293 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (147) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts -> Removed from emerging-virus.rules (3): #by Secureworks # Paper here: www.secureworks.com/research/threats/gozi/?threat=gozi # Submitted 2006-03-05 by Tom Fisher From pepperjack at afferentsecurity.com Wed Jun 17 08:14:27 2009 From: pepperjack at afferentsecurity.com (Jack Pepper) Date: Wed, 17 Jun 2009 07:14:27 -0500 Subject: [Emerging-Sigs] asprox rule misfires Message-ID: <20090617071427.yzw53yx540gsg8co@mail.afferentsecurity.com> 2008373 looks for the ngg.js download from a distribution site. Unfortunately, the new "Next Gen Gallery" from wordpress uses ngg.js for one of its scripts. do we drop this rule or add an exception for the wordpress path? Here are some samples: GET /wp-content/plugins/nextgen-gallery/js/ngg.js?ver=2.7.1 HTTP/1.1 Accept: */* Referer: http://legaltalknetwork.com/tag/keithley-v-homestore/ Accept-Language: en-us UA-CPU: x86 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.04506.648; InfoPath.2; MS-RTC LM 8) Host: legaltalknetwork.com Connection: Keep-Alive GET /wp-content/plugins/nextgen-gallery/js/ngg.js?ver=2.7.1 HTTP/1.1 Host: www.vanguardngr.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.11) Gecko/2009060215 Firefox/3.0.11 (.NET CLR 3.5.30729) Accept: */* Accept-Language: en-us Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive -- Framework? I don't need no stinking framework! ---------------------------------------------------------------- @fferent Security Labs: Isolate/Insulate/Innovate http://www.afferentsecurity.com From gregm at econet.com Wed Jun 17 08:45:22 2009 From: gregm at econet.com (Greg Martin) Date: Wed, 17 Jun 2009 07:45:22 -0500 Subject: [Emerging-Sigs] asprox rule misfires In-Reply-To: <20090617071427.yzw53yx540gsg8co@mail.afferentsecurity.com> References: <20090617071427.yzw53yx540gsg8co@mail.afferentsecurity.com> Message-ID: <23B3F59E-F32B-4793-90A3-8FC8C6199809@econet.com> This one was current event anyway, safe to remove. Sent from my iPhone On Jun 17, 2009, at 7:14 AM, Jack Pepper wrote: > 2008373 looks for the ngg.js download from a distribution site. > Unfortunately, the new "Next Gen Gallery" from wordpress uses ngg.js > for one of its scripts. > > do we drop this rule or add an exception for the wordpress path? > > Here are some samples: > > GET /wp-content/plugins/nextgen-gallery/js/ngg.js?ver=2.7.1 HTTP/1.1 > Accept: */* > Referer: http://legaltalknetwork.com/tag/keithley-v-homestore/ > Accept-Language: en-us > UA-CPU: x86 > Accept-Encoding: gzip, deflate > User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET > CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR > 3.0.04506.648; InfoPath.2; MS-RTC LM 8) > Host: legaltalknetwork.com > Connection: Keep-Alive > > GET /wp-content/plugins/nextgen-gallery/js/ngg.js?ver=2.7.1 HTTP/1.1 > Host: www.vanguardngr.com > User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; > rv:1.9.0.11) Gecko/2009060215 Firefox/3.0.11 (.NET CLR 3.5.30729) > Accept: */* > Accept-Language: en-us > Accept-Encoding: gzip,deflate > Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 > Keep-Alive: 300 > Connection: keep-alive > > > -- > > Framework? I don't need no stinking framework! > > ---------------------------------------------------------------- > @fferent Security Labs: Isolate/Insulate/Innovate > http://www.afferentsecurity.com > > _______________________________________________ > Emerging-sigs mailing list > Emerging-sigs at emergingthreats.net > http://lists.emergingthreats.net/mailman/listinfo/emerging-sigs From emerging at emergingthreats.net Wed Jun 17 16:00:12 2009 From: emerging at emergingthreats.net (emerging@emergingthreats.net) Date: Wed, 17 Jun 2009 16:00:12 -0400 (EDT) Subject: [Emerging-Sigs] Emerging Threats Daily Signature Changes Message-ID: <20090617200012.11C8A4504B@goliath.jonkmans.com> [***] Results from Oinkmaster started Wed Jun 17 16:00:11 2009 [***] [///] Modified active rules: [///] 2406000 - ET RBN Known Russian Business Network IP TCP (1) (emerging-rbn.rules) 2406001 - ET RBN Known Russian Business Network IP UDP (1) (emerging-rbn.rules) 2406002 - ET RBN Known Russian Business Network IP TCP (2) (emerging-rbn.rules) 2406003 - ET RBN Known Russian Business Network IP UDP (2) (emerging-rbn.rules) 2406004 - ET RBN Known Russian Business Network IP TCP (3) (emerging-rbn.rules) 2406005 - ET RBN Known Russian Business Network IP UDP (3) (emerging-rbn.rules) 2406006 - ET RBN Known Russian Business Network IP TCP (4) (emerging-rbn.rules) 2406007 - ET RBN Known Russian Business Network IP UDP (4) (emerging-rbn.rules) 2406008 - ET RBN Known Russian Business Network IP TCP (5) (emerging-rbn.rules) 2406009 - ET RBN Known Russian Business Network IP UDP (5) (emerging-rbn.rules) 2406010 - ET RBN Known Russian Business Network IP TCP (6) (emerging-rbn.rules) 2406011 - ET RBN Known Russian Business Network IP UDP (6) (emerging-rbn.rules) 2406012 - ET RBN Known Russian Business Network IP TCP (7) (emerging-rbn.rules) 2406013 - ET RBN Known Russian Business Network IP UDP (7) (emerging-rbn.rules) 2406014 - ET RBN Known Russian Business Network IP TCP (8) (emerging-rbn.rules) 2406015 - ET RBN Known Russian Business Network IP UDP (8) (emerging-rbn.rules) 2406016 - ET RBN Known Russian Business Network IP TCP (9) (emerging-rbn.rules) 2406017 - ET RBN Known Russian Business Network IP UDP (9) (emerging-rbn.rules) 2406018 - ET RBN Known Russian Business Network IP TCP (10) (emerging-rbn.rules) 2406019 - ET RBN Known Russian Business Network IP UDP (10) (emerging-rbn.rules) 2406020 - ET RBN Known Russian Business Network IP TCP (11) (emerging-rbn.rules) 2406021 - ET RBN Known Russian Business Network IP UDP (11) (emerging-rbn.rules) 2406022 - ET RBN Known Russian Business Network IP TCP (12) (emerging-rbn.rules) 2406023 - ET RBN Known Russian Business Network IP UDP (12) (emerging-rbn.rules) 2406024 - ET RBN Known Russian Business Network IP TCP (13) (emerging-rbn.rules) 2406025 - ET RBN Known Russian Business Network IP UDP (13) (emerging-rbn.rules) 2406026 - ET RBN Known Russian Business Network IP TCP (14) (emerging-rbn.rules) 2406027 - ET RBN Known Russian Business Network IP UDP (14) (emerging-rbn.rules) 2406028 - ET RBN Known Russian Business Network IP TCP (15) (emerging-rbn.rules) 2406029 - ET RBN Known Russian Business Network IP UDP (15) (emerging-rbn.rules) 2406030 - ET RBN Known Russian Business Network IP TCP (16) (emerging-rbn.rules) 2406031 - ET RBN Known Russian Business Network IP UDP (16) (emerging-rbn.rules) 2406032 - ET RBN Known Russian Business Network IP TCP (17) (emerging-rbn.rules) 2406033 - ET RBN Known Russian Business Network IP UDP (17) (emerging-rbn.rules) 2406034 - ET RBN Known Russian Business Network IP TCP (18) (emerging-rbn.rules) 2406035 - ET RBN Known Russian Business Network IP UDP (18) (emerging-rbn.rules) 2406036 - ET RBN Known Russian Business Network IP TCP (19) (emerging-rbn.rules) 2406037 - ET RBN Known Russian Business Network IP UDP (19) (emerging-rbn.rules) 2406038 - ET RBN Known Russian Business Network IP TCP (20) (emerging-rbn.rules) 2406039 - ET RBN Known Russian Business Network IP UDP (20) (emerging-rbn.rules) 2406040 - ET RBN Known Russian Business Network IP TCP (21) (emerging-rbn.rules) 2406041 - ET RBN Known Russian Business Network IP UDP (21) (emerging-rbn.rules) 2406042 - ET RBN Known Russian Business Network IP TCP (22) (emerging-rbn.rules) 2406043 - ET RBN Known Russian Business Network IP UDP (22) (emerging-rbn.rules) 2406044 - ET RBN Known Russian Business Network IP TCP (23) (emerging-rbn.rules) 2406045 - ET RBN Known Russian Business Network IP UDP (23) (emerging-rbn.rules) 2406046 - ET RBN Known Russian Business Network IP TCP (24) (emerging-rbn.rules) 2406047 - ET RBN Known Russian Business Network IP UDP (24) (emerging-rbn.rules) 2406048 - ET RBN Known Russian Business Network IP TCP (25) (emerging-rbn.rules) 2406049 - ET RBN Known Russian Business Network IP UDP (25) (emerging-rbn.rules) 2406050 - ET RBN Known Russian Business Network IP TCP (26) (emerging-rbn.rules) 2406051 - ET RBN Known Russian Business Network IP UDP (26) (emerging-rbn.rules) 2406052 - ET RBN Known Russian Business Network IP TCP (27) (emerging-rbn.rules) 2406053 - ET RBN Known Russian Business Network IP UDP (27) (emerging-rbn.rules) 2406054 - ET RBN Known Russian Business Network IP TCP (28) (emerging-rbn.rules) 2406055 - ET RBN Known Russian Business Network IP UDP (28) (emerging-rbn.rules) 2406056 - ET RBN Known Russian Business Network IP TCP (29) (emerging-rbn.rules) 2406057 - ET RBN Known Russian Business Network IP UDP (29) (emerging-rbn.rules) 2406058 - ET RBN Known Russian Business Network IP TCP (30) (emerging-rbn.rules) 2406059 - ET RBN Known Russian Business Network IP UDP (30) (emerging-rbn.rules) 2406060 - ET RBN Known Russian Business Network IP TCP (31) (emerging-rbn.rules) 2406061 - ET RBN Known Russian Business Network IP UDP (31) (emerging-rbn.rules) 2406062 - ET RBN Known Russian Business Network IP TCP (32) (emerging-rbn.rules) 2406063 - ET RBN Known Russian Business Network IP UDP (32) (emerging-rbn.rules) 2406064 - ET RBN Known Russian Business Network IP TCP (33) (emerging-rbn.rules) 2406065 - ET RBN Known Russian Business Network IP UDP (33) (emerging-rbn.rules) 2406066 - ET RBN Known Russian Business Network IP TCP (34) (emerging-rbn.rules) 2406067 - ET RBN Known Russian Business Network IP UDP (34) (emerging-rbn.rules) 2406068 - ET RBN Known Russian Business Network IP TCP (35) (emerging-rbn.rules) 2406069 - ET RBN Known Russian Business Network IP UDP (35) (emerging-rbn.rules) 2406070 - ET RBN Known Russian Business Network IP TCP (36) (emerging-rbn.rules) 2406071 - ET RBN Known Russian Business Network IP UDP (36) (emerging-rbn.rules) 2406072 - ET RBN Known Russian Business Network IP TCP (37) (emerging-rbn.rules) 2406073 - ET RBN Known Russian Business Network IP UDP (37) (emerging-rbn.rules) 2406074 - ET RBN Known Russian Business Network IP TCP (38) (emerging-rbn.rules) 2406075 - ET RBN Known Russian Business Network IP UDP (38) (emerging-rbn.rules) 2406076 - ET RBN Known Russian Business Network IP TCP (39) (emerging-rbn.rules) 2406077 - ET RBN Known Russian Business Network IP UDP (39) (emerging-rbn.rules) 2406078 - ET RBN Known Russian Business Network IP TCP (40) (emerging-rbn.rules) 2406079 - ET RBN Known Russian Business Network IP UDP (40) (emerging-rbn.rules) 2406080 - ET RBN Known Russian Business Network IP TCP (41) (emerging-rbn.rules) 2406081 - ET RBN Known Russian Business Network IP UDP (41) (emerging-rbn.rules) 2406082 - ET RBN Known Russian Business Network IP TCP (42) (emerging-rbn.rules) 2406083 - ET RBN Known Russian Business Network IP UDP (42) (emerging-rbn.rules) 2406084 - ET RBN Known Russian Business Network IP TCP (43) (emerging-rbn.rules) 2406085 - ET RBN Known Russian Business Network IP UDP (43) (emerging-rbn.rules) 2406086 - ET RBN Known Russian Business Network IP TCP (44) (emerging-rbn.rules) 2406087 - ET RBN Known Russian Business Network IP UDP (44) (emerging-rbn.rules) 2406088 - ET RBN Known Russian Business Network IP TCP (45) (emerging-rbn.rules) 2406089 - ET RBN Known Russian Business Network IP UDP (45) (emerging-rbn.rules) 2406090 - ET RBN Known Russian Business Network IP TCP (46) (emerging-rbn.rules) 2406091 - ET RBN Known Russian Business Network IP UDP (46) (emerging-rbn.rules) 2406092 - ET RBN Known Russian Business Network IP TCP (47) (emerging-rbn.rules) 2406093 - ET RBN Known Russian Business Network IP UDP (47) (emerging-rbn.rules) 2406094 - ET RBN Known Russian Business Network IP TCP (48) (emerging-rbn.rules) 2406095 - ET RBN Known Russian Business Network IP UDP (48) (emerging-rbn.rules) 2406096 - ET RBN Known Russian Business Network IP TCP (49) (emerging-rbn.rules) 2406097 - ET RBN Known Russian Business Network IP UDP (49) (emerging-rbn.rules) 2406098 - ET RBN Known Russian Business Network IP TCP (50) (emerging-rbn.rules) 2406099 - ET RBN Known Russian Business Network IP UDP (50) (emerging-rbn.rules) 2406100 - ET RBN Known Russian Business Network IP TCP (51) (emerging-rbn.rules) 2406101 - ET RBN Known Russian Business Network IP UDP (51) (emerging-rbn.rules) 2406102 - ET RBN Known Russian Business Network IP TCP (52) (emerging-rbn.rules) 2406103 - ET RBN Known Russian Business Network IP UDP (52) (emerging-rbn.rules) 2406104 - ET RBN Known Russian Business Network IP TCP (53) (emerging-rbn.rules) 2406105 - ET RBN Known Russian Business Network IP UDP (53) (emerging-rbn.rules) 2406106 - ET RBN Known Russian Business Network IP TCP (54) (emerging-rbn.rules) 2406107 - ET RBN Known Russian Business Network IP UDP (54) (emerging-rbn.rules) 2406108 - ET RBN Known Russian Business Network IP TCP (55) (emerging-rbn.rules) 2406109 - ET RBN Known Russian Business Network IP UDP (55) (emerging-rbn.rules) 2406110 - ET RBN Known Russian Business Network IP TCP (56) (emerging-rbn.rules) 2406111 - ET RBN Known Russian Business Network IP UDP (56) (emerging-rbn.rules) 2406112 - ET RBN Known Russian Business Network IP TCP (57) (emerging-rbn.rules) 2406113 - ET RBN Known Russian Business Network IP UDP (57) (emerging-rbn.rules) 2406114 - ET RBN Known Russian Business Network IP TCP (58) (emerging-rbn.rules) 2406115 - ET RBN Known Russian Business Network IP UDP (58) (emerging-rbn.rules) 2406116 - ET RBN Known Russian Business Network IP TCP (59) (emerging-rbn.rules) 2406117 - ET RBN Known Russian Business Network IP UDP (59) (emerging-rbn.rules) 2406118 - ET RBN Known Russian Business Network IP TCP (60) (emerging-rbn.rules) 2406119 - ET RBN Known Russian Business Network IP UDP (60) (emerging-rbn.rules) 2406120 - ET RBN Known Russian Business Network IP TCP (61) (emerging-rbn.rules) 2406121 - ET RBN Known Russian Business Network IP UDP (61) (emerging-rbn.rules) 2406122 - ET RBN Known Russian Business Network IP TCP (62) (emerging-rbn.rules) 2406123 - ET RBN Known Russian Business Network IP UDP (62) (emerging-rbn.rules) 2406124 - ET RBN Known Russian Business Network IP TCP (63) (emerging-rbn.rules) 2406125 - ET RBN Known Russian Business Network IP UDP (63) (emerging-rbn.rules) 2406126 - ET RBN Known Russian Business Network IP TCP (64) (emerging-rbn.rules) 2406127 - ET RBN Known Russian Business Network IP UDP (64) (emerging-rbn.rules) 2406128 - ET RBN Known Russian Business Network IP TCP (65) (emerging-rbn.rules) 2406129 - ET RBN Known Russian Business Network IP UDP (65) (emerging-rbn.rules) 2406130 - ET RBN Known Russian Business Network IP TCP (66) (emerging-rbn.rules) 2406131 - ET RBN Known Russian Business Network IP UDP (66) (emerging-rbn.rules) 2406132 - ET RBN Known Russian Business Network IP TCP (67) (emerging-rbn.rules) 2406133 - ET RBN Known Russian Business Network IP UDP (67) (emerging-rbn.rules) 2406134 - ET RBN Known Russian Business Network IP TCP (68) (emerging-rbn.rules) 2406135 - ET RBN Known Russian Business Network IP UDP (68) (emerging-rbn.rules) 2406136 - ET RBN Known Russian Business Network IP TCP (69) (emerging-rbn.rules) 2406137 - ET RBN Known Russian Business Network IP UDP (69) (emerging-rbn.rules) 2406138 - ET RBN Known Russian Business Network IP TCP (70) (emerging-rbn.rules) 2406139 - ET RBN Known Russian Business Network IP UDP (70) (emerging-rbn.rules) 2406140 - ET RBN Known Russian Business Network IP TCP (71) (emerging-rbn.rules) 2406141 - ET RBN Known Russian Business Network IP UDP (71) (emerging-rbn.rules) 2406142 - ET RBN Known Russian Business Network IP TCP (72) (emerging-rbn.rules) 2406143 - ET RBN Known Russian Business Network IP UDP (72) (emerging-rbn.rules) 2406144 - ET RBN Known Russian Business Network IP TCP (73) (emerging-rbn.rules) 2406145 - ET RBN Known Russian Business Network IP UDP (73) (emerging-rbn.rules) 2406146 - ET RBN Known Russian Business Network IP TCP (74) (emerging-rbn.rules) 2406147 - ET RBN Known Russian Business Network IP UDP (74) (emerging-rbn.rules) 2406148 - ET RBN Known Russian Business Network IP TCP (75) (emerging-rbn.rules) 2406149 - ET RBN Known Russian Business Network IP UDP (75) (emerging-rbn.rules) 2406150 - ET RBN Known Russian Business Network IP TCP (76) (emerging-rbn.rules) 2406151 - ET RBN Known Russian Business Network IP UDP (76) (emerging-rbn.rules) 2406152 - ET RBN Known Russian Business Network IP TCP (77) (emerging-rbn.rules) 2406153 - ET RBN Known Russian Business Network IP UDP (77) (emerging-rbn.rules) 2406154 - ET RBN Known Russian Business Network IP TCP (78) (emerging-rbn.rules) 2406155 - ET RBN Known Russian Business Network IP UDP (78) (emerging-rbn.rules) 2406156 - ET RBN Known Russian Business Network IP TCP (79) (emerging-rbn.rules) 2406157 - ET RBN Known Russian Business Network IP UDP (79) (emerging-rbn.rules) 2406158 - ET RBN Known Russian Business Network IP TCP (80) (emerging-rbn.rules) 2406159 - ET RBN Known Russian Business Network IP UDP (80) (emerging-rbn.rules) 2406160 - ET RBN Known Russian Business Network IP TCP (81) (emerging-rbn.rules) 2406161 - ET RBN Known Russian Business Network IP UDP (81) (emerging-rbn.rules) 2406162 - ET RBN Known Russian Business Network IP TCP (82) (emerging-rbn.rules) 2406163 - ET RBN Known Russian Business Network IP UDP (82) (emerging-rbn.rules) 2406164 - ET RBN Known Russian Business Network IP TCP (83) (emerging-rbn.rules) 2406165 - ET RBN Known Russian Business Network IP UDP (83) (emerging-rbn.rules) 2406166 - ET RBN Known Russian Business Network IP TCP (84) (emerging-rbn.rules) 2406167 - ET RBN Known Russian Business Network IP UDP (84) (emerging-rbn.rules) 2406168 - ET RBN Known Russian Business Network IP TCP (85) (emerging-rbn.rules) 2406169 - ET RBN Known Russian Business Network IP UDP (85) (emerging-rbn.rules) 2406170 - ET RBN Known Russian Business Network IP TCP (86) (emerging-rbn.rules) 2406171 - ET RBN Known Russian Business Network IP UDP (86) (emerging-rbn.rules) 2406172 - ET RBN Known Russian Business Network IP TCP (87) (emerging-rbn.rules) 2406173 - ET RBN Known Russian Business Network IP UDP (87) (emerging-rbn.rules) 2406174 - ET RBN Known Russian Business Network IP TCP (88) (emerging-rbn.rules) 2406175 - ET RBN Known Russian Business Network IP UDP (88) (emerging-rbn.rules) 2406176 - ET RBN Known Russian Business Network IP TCP (89) (emerging-rbn.rules) 2406177 - ET RBN Known Russian Business Network IP UDP (89) (emerging-rbn.rules) 2406178 - ET RBN Known Russian Business Network IP TCP (90) (emerging-rbn.rules) 2406179 - ET RBN Known Russian Business Network IP UDP (90) (emerging-rbn.rules) 2406180 - ET RBN Known Russian Business Network IP TCP (91) (emerging-rbn.rules) 2406181 - ET RBN Known Russian Business Network IP UDP (91) (emerging-rbn.rules) 2406182 - ET RBN Known Russian Business Network IP TCP (92) (emerging-rbn.rules) 2406183 - ET RBN Known Russian Business Network IP UDP (92) (emerging-rbn.rules) 2406184 - ET RBN Known Russian Business Network IP TCP (93) (emerging-rbn.rules) 2406185 - ET RBN Known Russian Business Network IP UDP (93) (emerging-rbn.rules) 2406186 - ET RBN Known Russian Business Network IP TCP (94) (emerging-rbn.rules) 2406187 - ET RBN Known Russian Business Network IP UDP (94) (emerging-rbn.rules) 2406188 - ET RBN Known Russian Business Network IP TCP (95) (emerging-rbn.rules) 2406189 - ET RBN Known Russian Business Network IP UDP (95) (emerging-rbn.rules) 2406190 - ET RBN Known Russian Business Network IP TCP (96) (emerging-rbn.rules) 2406191 - ET RBN Known Russian Business Network IP UDP (96) (emerging-rbn.rules) 2406192 - ET RBN Known Russian Business Network IP TCP (97) (emerging-rbn.rules) 2406193 - ET RBN Known Russian Business Network IP UDP (97) (emerging-rbn.rules) 2406194 - ET RBN Known Russian Business Network IP TCP (98) (emerging-rbn.rules) 2406195 - ET RBN Known Russian Business Network IP UDP (98) (emerging-rbn.rules) 2406196 - ET RBN Known Russian Business Network IP TCP (99) (emerging-rbn.rules) 2406197 - ET RBN Known Russian Business Network IP UDP (99) (emerging-rbn.rules) 2406198 - ET RBN Known Russian Business Network IP TCP (100) (emerging-rbn.rules) 2406199 - ET RBN Known Russian Business Network IP UDP (100) (emerging-rbn.rules) 2406200 - ET RBN Known Russian Business Network IP TCP (101) (emerging-rbn.rules) 2406201 - ET RBN Known Russian Business Network IP UDP (101) (emerging-rbn.rules) 2406202 - ET RBN Known Russian Business Network IP TCP (102) (emerging-rbn.rules) 2406203 - ET RBN Known Russian Business Network IP UDP (102) (emerging-rbn.rules) 2406204 - ET RBN Known Russian Business Network IP TCP (103) (emerging-rbn.rules) 2406205 - ET RBN Known Russian Business Network IP UDP (103) (emerging-rbn.rules) 2406206 - ET RBN Known Russian Business Network IP TCP (104) (emerging-rbn.rules) 2406207 - ET RBN Known Russian Business Network IP UDP (104) (emerging-rbn.rules) 2406208 - ET RBN Known Russian Business Network IP TCP (105) (emerging-rbn.rules) 2406209 - ET RBN Known Russian Business Network IP UDP (105) (emerging-rbn.rules) 2406210 - ET RBN Known Russian Business Network IP TCP (106) (emerging-rbn.rules) 2406211 - ET RBN Known Russian Business Network IP UDP (106) (emerging-rbn.rules) 2406212 - ET RBN Known Russian Business Network IP TCP (107) (emerging-rbn.rules) 2406213 - ET RBN Known Russian Business Network IP UDP (107) (emerging-rbn.rules) 2406214 - ET RBN Known Russian Business Network IP TCP (108) (emerging-rbn.rules) 2406215 - ET RBN Known Russian Business Network IP UDP (108) (emerging-rbn.rules) 2406216 - ET RBN Known Russian Business Network IP TCP (109) (emerging-rbn.rules) 2406217 - ET RBN Known Russian Business Network IP UDP (109) (emerging-rbn.rules) 2406218 - ET RBN Known Russian Business Network IP TCP (110) (emerging-rbn.rules) 2406219 - ET RBN Known Russian Business Network IP UDP (110) (emerging-rbn.rules) 2406220 - ET RBN Known Russian Business Network IP TCP (111) (emerging-rbn.rules) 2406221 - ET RBN Known Russian Business Network IP UDP (111) (emerging-rbn.rules) 2406222 - ET RBN Known Russian Business Network IP TCP (112) (emerging-rbn.rules) 2406223 - ET RBN Known Russian Business Network IP UDP (112) (emerging-rbn.rules) 2406224 - ET RBN Known Russian Business Network IP TCP (113) (emerging-rbn.rules) 2406225 - ET RBN Known Russian Business Network IP UDP (113) (emerging-rbn.rules) 2406226 - ET RBN Known Russian Business Network IP TCP (114) (emerging-rbn.rules) 2406227 - ET RBN Known Russian Business Network IP UDP (114) (emerging-rbn.rules) 2406228 - ET RBN Known Russian Business Network IP TCP (115) (emerging-rbn.rules) 2406229 - ET RBN Known Russian Business Network IP UDP (115) (emerging-rbn.rules) 2406230 - ET RBN Known Russian Business Network IP TCP (116) (emerging-rbn.rules) 2406231 - ET RBN Known Russian Business Network IP UDP (116) (emerging-rbn.rules) 2406232 - ET RBN Known Russian Business Network IP TCP (117) (emerging-rbn.rules) 2406233 - ET RBN Known Russian Business Network IP UDP (117) (emerging-rbn.rules) 2406234 - ET RBN Known Russian Business Network IP TCP (118) (emerging-rbn.rules) 2406235 - ET RBN Known Russian Business Network IP UDP (118) (emerging-rbn.rules) 2406236 - ET RBN Known Russian Business Network IP TCP (119) (emerging-rbn.rules) 2406237 - ET RBN Known Russian Business Network IP UDP (119) (emerging-rbn.rules) 2406238 - ET RBN Known Russian Business Network IP TCP (120) (emerging-rbn.rules) 2406239 - ET RBN Known Russian Business Network IP UDP (120) (emerging-rbn.rules) 2406240 - ET RBN Known Russian Business Network IP TCP (121) (emerging-rbn.rules) 2406241 - ET RBN Known Russian Business Network IP UDP (121) (emerging-rbn.rules) 2406242 - ET RBN Known Russian Business Network IP TCP (122) (emerging-rbn.rules) 2406243 - ET RBN Known Russian Business Network IP UDP (122) (emerging-rbn.rules) 2406244 - ET RBN Known Russian Business Network IP TCP (123) (emerging-rbn.rules) 2406245 - ET RBN Known Russian Business Network IP UDP (123) (emerging-rbn.rules) 2406246 - ET RBN Known Russian Business Network IP TCP (124) (emerging-rbn.rules) 2406247 - ET RBN Known Russian Business Network IP UDP (124) (emerging-rbn.rules) 2406248 - ET RBN Known Russian Business Network IP TCP (125) (emerging-rbn.rules) 2406249 - ET RBN Known Russian Business Network IP UDP (125) (emerging-rbn.rules) 2406250 - ET RBN Known Russian Business Network IP TCP (126) (emerging-rbn.rules) 2406251 - ET RBN Known Russian Business Network IP UDP (126) (emerging-rbn.rules) 2406252 - ET RBN Known Russian Business Network IP TCP (127) (emerging-rbn.rules) 2406253 - ET RBN Known Russian Business Network IP UDP (127) (emerging-rbn.rules) 2406254 - ET RBN Known Russian Business Network IP TCP (128) (emerging-rbn.rules) 2406255 - ET RBN Known Russian Business Network IP UDP (128) (emerging-rbn.rules) 2406256 - ET RBN Known Russian Business Network IP TCP (129) (emerging-rbn.rules) 2406257 - ET RBN Known Russian Business Network IP UDP (129) (emerging-rbn.rules) 2406258 - ET RBN Known Russian Business Network IP TCP (130) (emerging-rbn.rules) 2406259 - ET RBN Known Russian Business Network IP UDP (130) (emerging-rbn.rules) 2406260 - ET RBN Known Russian Business Network IP TCP (131) (emerging-rbn.rules) 2406261 - ET RBN Known Russian Business Network IP UDP (131) (emerging-rbn.rules) 2406262 - ET RBN Known Russian Business Network IP TCP (132) (emerging-rbn.rules) 2406263 - ET RBN Known Russian Business Network IP UDP (132) (emerging-rbn.rules) 2406264 - ET RBN Known Russian Business Network IP TCP (133) (emerging-rbn.rules) 2406265 - ET RBN Known Russian Business Network IP UDP (133) (emerging-rbn.rules) 2406266 - ET RBN Known Russian Business Network IP TCP (134) (emerging-rbn.rules) 2406267 - ET RBN Known Russian Business Network IP UDP (134) (emerging-rbn.rules) 2406268 - ET RBN Known Russian Business Network IP TCP (135) (emerging-rbn.rules) 2406269 - ET RBN Known Russian Business Network IP UDP (135) (emerging-rbn.rules) 2406270 - ET RBN Known Russian Business Network IP TCP (136) (emerging-rbn.rules) 2406271 - ET RBN Known Russian Business Network IP UDP (136) (emerging-rbn.rules) 2406272 - ET RBN Known Russian Business Network IP TCP (137) (emerging-rbn.rules) 2406273 - ET RBN Known Russian Business Network IP UDP (137) (emerging-rbn.rules) 2406274 - ET RBN Known Russian Business Network IP TCP (138) (emerging-rbn.rules) 2406275 - ET RBN Known Russian Business Network IP UDP (138) (emerging-rbn.rules) 2406276 - ET RBN Known Russian Business Network IP TCP (139) (emerging-rbn.rules) 2406277 - ET RBN Known Russian Business Network IP UDP (139) (emerging-rbn.rules) 2406278 - ET RBN Known Russian Business Network IP TCP (140) (emerging-rbn.rules) 2406279 - ET RBN Known Russian Business Network IP UDP (140) (emerging-rbn.rules) 2406280 - ET RBN Known Russian Business Network IP TCP (141) (emerging-rbn.rules) 2406281 - ET RBN Known Russian Business Network IP UDP (141) (emerging-rbn.rules) 2406282 - ET RBN Known Russian Business Network IP TCP (142) (emerging-rbn.rules) 2406283 - ET RBN Known Russian Business Network IP UDP (142) (emerging-rbn.rules) 2406284 - ET RBN Known Russian Business Network IP TCP (143) (emerging-rbn.rules) 2406285 - ET RBN Known Russian Business Network IP UDP (143) (emerging-rbn.rules) 2406286 - ET RBN Known Russian Business Network IP TCP (144) (emerging-rbn.rules) 2406287 - ET RBN Known Russian Business Network IP UDP (144) (emerging-rbn.rules) 2406288 - ET RBN Known Russian Business Network IP TCP (145) (emerging-rbn.rules) 2406289 - ET RBN Known Russian Business Network IP UDP (145) (emerging-rbn.rules) 2406290 - ET RBN Known Russian Business Network IP TCP (146) (emerging-rbn.rules) 2406291 - ET RBN Known Russian Business Network IP UDP (146) (emerging-rbn.rules) 2406292 - ET RBN Known Russian Business Network IP TCP (147) (emerging-rbn.rules) 2406293 - ET RBN Known Russian Business Network IP UDP (147) (emerging-rbn.rules) 2406294 - ET RBN Known Russian Business Network IP TCP (148) (emerging-rbn.rules) 2406295 - ET RBN Known Russian Business Network IP UDP (148) (emerging-rbn.rules) 2406296 - ET RBN Known Russian Business Network IP TCP (149) (emerging-rbn.rules) 2406297 - ET RBN Known Russian Business Network IP UDP (149) (emerging-rbn.rules) 2406298 - ET RBN Known Russian Business Network IP TCP (150) (emerging-rbn.rules) 2406299 - ET RBN Known Russian Business Network IP UDP (150) (emerging-rbn.rules) 2406300 - ET RBN Known Russian Business Network IP TCP (151) (emerging-rbn.rules) 2406301 - ET RBN Known Russian Business Network IP UDP (151) (emerging-rbn.rules) 2406302 - ET RBN Known Russian Business Network IP TCP (152) (emerging-rbn.rules) 2406303 - ET RBN Known Russian Business Network IP UDP (152) (emerging-rbn.rules) 2406304 - ET RBN Known Russian Business Network IP TCP (153) (emerging-rbn.rules) 2406305 - ET RBN Known Russian Business Network IP UDP (153) (emerging-rbn.rules) 2406306 - ET RBN Known Russian Business Network IP TCP (154) (emerging-rbn.rules) 2406307 - ET RBN Known Russian Business Network IP UDP (154) (emerging-rbn.rules) 2406308 - ET RBN Known Russian Business Network IP TCP (155) (emerging-rbn.rules) 2406309 - ET RBN Known Russian Business Network IP UDP (155) (emerging-rbn.rules) 2406310 - ET RBN Known Russian Business Network IP TCP (156) (emerging-rbn.rules) 2406311 - ET RBN Known Russian Business Network IP UDP (156) (emerging-rbn.rules) 2406312 - ET RBN Known Russian Business Network IP TCP (157) (emerging-rbn.rules) 2406313 - ET RBN Known Russian Business Network IP UDP (157) (emerging-rbn.rules) 2406314 - ET RBN Known Russian Business Network IP TCP (158) (emerging-rbn.rules) 2406315 - ET RBN Known Russian Business Network IP UDP (158) (emerging-rbn.rules) 2406316 - ET RBN Known Russian Business Network IP TCP (159) (emerging-rbn.rules) 2406317 - ET RBN Known Russian Business Network IP UDP (159) (emerging-rbn.rules) 2406318 - ET RBN Known Russian Business Network IP TCP (160) (emerging-rbn.rules) 2406319 - ET RBN Known Russian Business Network IP UDP (160) (emerging-rbn.rules) 2406320 - ET RBN Known Russian Business Network IP TCP (161) (emerging-rbn.rules) 2406321 - ET RBN Known Russian Business Network IP UDP (161) (emerging-rbn.rules) 2406322 - ET RBN Known Russian Business Network IP TCP (162) (emerging-rbn.rules) 2406323 - ET RBN Known Russian Business Network IP UDP (162) (emerging-rbn.rules) 2406324 - ET RBN Known Russian Business Network IP TCP (163) (emerging-rbn.rules) 2406325 - ET RBN Known Russian Business Network IP UDP (163) (emerging-rbn.rules) 2406326 - ET RBN Known Russian Business Network IP TCP (164) (emerging-rbn.rules) 2406327 - ET RBN Known Russian Business Network IP UDP (164) (emerging-rbn.rules) 2406328 - ET RBN Known Russian Business Network IP TCP (165) (emerging-rbn.rules) 2406329 - ET RBN Known Russian Business Network IP UDP (165) (emerging-rbn.rules) 2406330 - ET RBN Known Russian Business Network IP TCP (166) (emerging-rbn.rules) 2406331 - ET RBN Known Russian Business Network IP UDP (166) (emerging-rbn.rules) 2406332 - ET RBN Known Russian Business Network IP TCP (167) (emerging-rbn.rules) 2406333 - ET RBN Known Russian Business Network IP UDP (167) (emerging-rbn.rules) 2406334 - ET RBN Known Russian Business Network IP TCP (168) (emerging-rbn.rules) 2406335 - ET RBN Known Russian Business Network IP UDP (168) (emerging-rbn.rules) 2406336 - ET RBN Known Russian Business Network IP TCP (169) (emerging-rbn.rules) 2406337 - ET RBN Known Russian Business Network IP UDP (169) (emerging-rbn.rules) 2406338 - ET RBN Known Russian Business Network IP TCP (170) (emerging-rbn.rules) 2406339 - ET RBN Known Russian Business Network IP UDP (170) (emerging-rbn.rules) 2406340 - ET RBN Known Russian Business Network IP TCP (171) (emerging-rbn.rules) 2406341 - ET RBN Known Russian Business Network IP UDP (171) (emerging-rbn.rules) 2406342 - ET RBN Known Russian Business Network IP TCP (172) (emerging-rbn.rules) 2406343 - ET RBN Known Russian Business Network IP UDP (172) (emerging-rbn.rules) 2406344 - ET RBN Known Russian Business Network IP TCP (173) (emerging-rbn.rules) 2406345 - ET RBN Known Russian Business Network IP UDP (173) (emerging-rbn.rules) 2406346 - ET RBN Known Russian Business Network IP TCP (174) (emerging-rbn.rules) 2406347 - ET RBN Known Russian Business Network IP UDP (174) (emerging-rbn.rules) 2406348 - ET RBN Known Russian Business Network IP TCP (175) (emerging-rbn.rules) 2406349 - ET RBN Known Russian Business Network IP UDP (175) (emerging-rbn.rules) 2406350 - ET RBN Known Russian Business Network IP TCP (176) (emerging-rbn.rules) 2406351 - ET RBN Known Russian Business Network IP UDP (176) (emerging-rbn.rules) 2406352 - ET RBN Known Russian Business Network IP TCP (177) (emerging-rbn.rules) 2406353 - ET RBN Known Russian Business Network IP UDP (177) (emerging-rbn.rules) 2406354 - ET RBN Known Russian Business Network IP TCP (178) (emerging-rbn.rules) 2406355 - ET RBN Known Russian Business Network IP UDP (178) (emerging-rbn.rules) 2406356 - ET RBN Known Russian Business Network IP TCP (179) (emerging-rbn.rules) 2406357 - ET RBN Known Russian Business Network IP UDP (179) (emerging-rbn.rules) 2406358 - ET RBN Known Russian Business Network IP TCP (180) (emerging-rbn.rules) 2406359 - ET RBN Known Russian Business Network IP UDP (180) (emerging-rbn.rules) 2406360 - ET RBN Known Russian Business Network IP TCP (181) (emerging-rbn.rules) 2406361 - ET RBN Known Russian Business Network IP UDP (181) (emerging-rbn.rules) 2406362 - ET RBN Known Russian Business Network IP TCP (182) (emerging-rbn.rules) 2406363 - ET RBN Known Russian Business Network IP UDP (182) (emerging-rbn.rules) 2406364 - ET RBN Known Russian Business Network IP TCP (183) (emerging-rbn.rules) 2406365 - ET RBN Known Russian Business Network IP UDP (183) (emerging-rbn.rules) 2406366 - ET RBN Known Russian Business Network IP TCP (184) (emerging-rbn.rules) 2406367 - ET RBN Known Russian Business Network IP UDP (184) (emerging-rbn.rules) 2406368 - ET RBN Known Russian Business Network IP TCP (185) (emerging-rbn.rules) 2406369 - ET RBN Known Russian Business Network IP UDP (185) (emerging-rbn.rules) 2406370 - ET RBN Known Russian Business Network IP TCP (186) (emerging-rbn.rules) 2406371 - ET RBN Known Russian Business Network IP UDP (186) (emerging-rbn.rules) 2406372 - ET RBN Known Russian Business Network IP TCP (187) (emerging-rbn.rules) 2406373 - ET RBN Known Russian Business Network IP UDP (187) (emerging-rbn.rules) 2406374 - ET RBN Known Russian Business Network IP TCP (188) (emerging-rbn.rules) 2406375 - ET RBN Known Russian Business Network IP UDP (188) (emerging-rbn.rules) 2406376 - ET RBN Known Russian Business Network IP TCP (189) (emerging-rbn.rules) 2406377 - ET RBN Known Russian Business Network IP UDP (189) (emerging-rbn.rules) 2406378 - ET RBN Known Russian Business Network IP TCP (190) (emerging-rbn.rules) 2406379 - ET RBN Known Russian Business Network IP UDP (190) (emerging-rbn.rules) 2406380 - ET RBN Known Russian Business Network IP TCP (191) (emerging-rbn.rules) 2406381 - ET RBN Known Russian Business Network IP UDP (191) (emerging-rbn.rules) 2406382 - ET RBN Known Russian Business Network IP TCP (192) (emerging-rbn.rules) 2406383 - ET RBN Known Russian Business Network IP UDP (192) (emerging-rbn.rules) 2406384 - ET RBN Known Russian Business Network IP TCP (193) (emerging-rbn.rules) 2406385 - ET RBN Known Russian Business Network IP UDP (193) (emerging-rbn.rules) 2406386 - ET RBN Known Russian Business Network IP TCP (194) (emerging-rbn.rules) 2406387 - ET RBN Known Russian Business Network IP UDP (194) (emerging-rbn.rules) 2406388 - ET RBN Known Russian Business Network IP TCP (195) (emerging-rbn.rules) 2406389 - ET RBN Known Russian Business Network IP UDP (195) (emerging-rbn.rules) 2406390 - ET RBN Known Russian Business Network IP TCP (196) (emerging-rbn.rules) 2406391 - ET RBN Known Russian Business Network IP UDP (196) (emerging-rbn.rules) 2406392 - ET RBN Known Russian Business Network IP TCP (197) (emerging-rbn.rules) 2406393 - ET RBN Known Russian Business Network IP UDP (197) (emerging-rbn.rules) 2406394 - ET RBN Known Russian Business Network IP TCP (198) (emerging-rbn.rules) 2406395 - ET RBN Known Russian Business Network IP UDP (198) (emerging-rbn.rules) 2406396 - ET RBN Known Russian Business Network IP TCP (199) (emerging-rbn.rules) 2406397 - ET RBN Known Russian Business Network IP UDP (199) (emerging-rbn.rules) 2406398 - ET RBN Known Russian Business Network IP TCP (200) (emerging-rbn.rules) 2406399 - ET RBN Known Russian Business Network IP UDP (200) (emerging-rbn.rules) 2406400 - ET RBN Known Russian Business Network IP TCP (201) (emerging-rbn.rules) 2406401 - ET RBN Known Russian Business Network IP UDP (201) (emerging-rbn.rules) 2406402 - ET RBN Known Russian Business Network IP TCP (202) (emerging-rbn.rules) 2406403 - ET RBN Known Russian Business Network IP UDP (202) (emerging-rbn.rules) 2406404 - ET RBN Known Russian Business Network IP TCP (203) (emerging-rbn.rules) 2406405 - ET RBN Known Russian Business Network IP UDP (203) (emerging-rbn.rules) 2406406 - ET RBN Known Russian Business Network IP TCP (204) (emerging-rbn.rules) 2406407 - ET RBN Known Russian Business Network IP UDP (204) (emerging-rbn.rules) 2406408 - ET RBN Known Russian Business Network IP TCP (205) (emerging-rbn.rules) 2406409 - ET RBN Known Russian Business Network IP UDP (205) (emerging-rbn.rules) 2406410 - ET RBN Known Russian Business Network IP TCP (206) (emerging-rbn.rules) 2406411 - ET RBN Known Russian Business Network IP UDP (206) (emerging-rbn.rules) 2406412 - ET RBN Known Russian Business Network IP TCP (207) (emerging-rbn.rules) 2406413 - ET RBN Known Russian Business Network IP UDP (207) (emerging-rbn.rules) 2406414 - ET RBN Known Russian Business Network IP TCP (208) (emerging-rbn.rules) 2406415 - ET RBN Known Russian Business Network IP UDP (208) (emerging-rbn.rules) 2406416 - ET RBN Known Russian Business Network IP TCP (209) (emerging-rbn.rules) 2406417 - ET RBN Known Russian Business Network IP UDP (209) (emerging-rbn.rules) 2406418 - ET RBN Known Russian Business Network IP TCP (210) (emerging-rbn.rules) 2406419 - ET RBN Known Russian Business Network IP UDP (210) (emerging-rbn.rules) 2406420 - ET RBN Known Russian Business Network IP TCP (211) (emerging-rbn.rules) 2406421 - ET RBN Known Russian Business Network IP UDP (211) (emerging-rbn.rules) 2406422 - ET RBN Known Russian Business Network IP TCP (212) (emerging-rbn.rules) 2406423 - ET RBN Known Russian Business Network IP UDP (212) (emerging-rbn.rules) 2406424 - ET RBN Known Russian Business Network IP TCP (213) (emerging-rbn.rules) 2406425 - ET RBN Known Russian Business Network IP UDP (213) (emerging-rbn.rules) 2406426 - ET RBN Known Russian Business Network IP TCP (214) (emerging-rbn.rules) 2406427 - ET RBN Known Russian Business Network IP UDP (214) (emerging-rbn.rules) 2406428 - ET RBN Known Russian Business Network IP TCP (215) (emerging-rbn.rules) 2406429 - ET RBN Known Russian Business Network IP UDP (215) (emerging-rbn.rules) 2406430 - ET RBN Known Russian Business Network IP TCP (216) (emerging-rbn.rules) 2406431 - ET RBN Known Russian Business Network IP UDP (216) (emerging-rbn.rules) 2406432 - ET RBN Known Russian Business Network IP TCP (217) (emerging-rbn.rules) 2406433 - ET RBN Known Russian Business Network IP UDP (217) (emerging-rbn.rules) 2406434 - ET RBN Known Russian Business Network IP TCP (218) (emerging-rbn.rules) 2406435 - ET RBN Known Russian Business Network IP UDP (218) (emerging-rbn.rules) 2406436 - ET RBN Known Russian Business Network IP TCP (219) (emerging-rbn.rules) 2406437 - ET RBN Known Russian Business Network IP UDP (219) (emerging-rbn.rules) 2406438 - ET RBN Known Russian Business Network IP TCP (220) (emerging-rbn.rules) 2406439 - ET RBN Known Russian Business Network IP UDP (220) (emerging-rbn.rules) 2406440 - ET RBN Known Russian Business Network IP TCP (221) (emerging-rbn.rules) 2406441 - ET RBN Known Russian Business Network IP UDP (221) (emerging-rbn.rules) 2406442 - ET RBN Known Russian Business Network IP TCP (222) (emerging-rbn.rules) 2406443 - ET RBN Known Russian Business Network IP UDP (222) (emerging-rbn.rules) 2406444 - ET RBN Known Russian Business Network IP TCP (223) (emerging-rbn.rules) 2406445 - ET RBN Known Russian Business Network IP UDP (223) (emerging-rbn.rules) 2406446 - ET RBN Known Russian Business Network IP TCP (224) (emerging-rbn.rules) 2406447 - ET RBN Known Russian Business Network IP UDP (224) (emerging-rbn.rules) 2406448 - ET RBN Known Russian Business Network IP TCP (225) (emerging-rbn.rules) 2406449 - ET RBN Known Russian Business Network IP UDP (225) (emerging-rbn.rules) 2406450 - ET RBN Known Russian Business Network IP TCP (226) (emerging-rbn.rules) 2406451 - ET RBN Known Russian Business Network IP UDP (226) (emerging-rbn.rules) 2406452 - ET RBN Known Russian Business Network IP TCP (227) (emerging-rbn.rules) 2406453 - ET RBN Known Russian Business Network IP UDP (227) (emerging-rbn.rules) 2406454 - ET RBN Known Russian Business Network IP TCP (228) (emerging-rbn.rules) 2406455 - ET RBN Known Russian Business Network IP UDP (228) (emerging-rbn.rules) 2406456 - ET RBN Known Russian Business Network IP TCP (229) (emerging-rbn.rules) 2406457 - ET RBN Known Russian Business Network IP UDP (229) (emerging-rbn.rules) 2406458 - ET RBN Known Russian Business Network IP TCP (230) (emerging-rbn.rules) 2406459 - ET RBN Known Russian Business Network IP UDP (230) (emerging-rbn.rules) 2406460 - ET RBN Known Russian Business Network IP TCP (231) (emerging-rbn.rules) 2406461 - ET RBN Known Russian Business Network IP UDP (231) (emerging-rbn.rules) 2406462 - ET RBN Known Russian Business Network IP TCP (232) (emerging-rbn.rules) 2406463 - ET RBN Known Russian Business Network IP UDP (232) (emerging-rbn.rules) 2406464 - ET RBN Known Russian Business Network IP TCP (233) (emerging-rbn.rules) 2406465 - ET RBN Known Russian Business Network IP UDP (233) (emerging-rbn.rules) 2406466 - ET RBN Known Russian Business Network IP TCP (234) (emerging-rbn.rules) 2406467 - ET RBN Known Russian Business Network IP UDP (234) (emerging-rbn.rules) 2406468 - ET RBN Known Russian Business Network IP TCP (235) (emerging-rbn.rules) 2406469 - ET RBN Known Russian Business Network IP UDP (235) (emerging-rbn.rules) 2406470 - ET RBN Known Russian Business Network IP TCP (236) (emerging-rbn.rules) 2406471 - ET RBN Known Russian Business Network IP UDP (236) (emerging-rbn.rules) 2406472 - ET RBN Known Russian Business Network IP TCP (237) (emerging-rbn.rules) 2406473 - ET RBN Known Russian Business Network IP UDP (237) (emerging-rbn.rules) 2406474 - ET RBN Known Russian Business Network IP TCP (238) (emerging-rbn.rules) 2406475 - ET RBN Known Russian Business Network IP UDP (238) (emerging-rbn.rules) 2406476 - ET RBN Known Russian Business Network IP TCP (239) (emerging-rbn.rules) 2406477 - ET RBN Known Russian Business Network IP UDP (239) (emerging-rbn.rules) 2406478 - ET RBN Known Russian Business Network IP TCP (240) (emerging-rbn.rules) 2406479 - ET RBN Known Russian Business Network IP UDP (240) (emerging-rbn.rules) 2406480 - ET RBN Known Russian Business Network IP TCP (241) (emerging-rbn.rules) 2406481 - ET RBN Known Russian Business Network IP UDP (241) (emerging-rbn.rules) 2406482 - ET RBN Known Russian Business Network IP TCP (242) (emerging-rbn.rules) 2406483 - ET RBN Known Russian Business Network IP UDP (242) (emerging-rbn.rules) 2406484 - ET RBN Known Russian Business Network IP TCP (243) (emerging-rbn.rules) 2406485 - ET RBN Known Russian Business Network IP UDP (243) (emerging-rbn.rules) 2406486 - ET RBN Known Russian Business Network IP TCP (244) (emerging-rbn.rules) 2406487 - ET RBN Known Russian Business Network IP UDP (244) (emerging-rbn.rules) 2406488 - ET RBN Known Russian Business Network IP TCP (245) (emerging-rbn.rules) 2406489 - ET RBN Known Russian Business Network IP UDP (245) (emerging-rbn.rules) 2406490 - ET RBN Known Russian Business Network IP TCP (246) (emerging-rbn.rules) 2406491 - ET RBN Known Russian Business Network IP UDP (246) (emerging-rbn.rules) 2406492 - ET RBN Known Russian Business Network IP TCP (247) (emerging-rbn.rules) 2406493 - ET RBN Known Russian Business Network IP UDP (247) (emerging-rbn.rules) 2406494 - ET RBN Known Russian Business Network IP TCP (248) (emerging-rbn.rules) 2406495 - ET RBN Known Russian Business Network IP UDP (248) (emerging-rbn.rules) 2406496 - ET RBN Known Russian Business Network IP TCP (249) (emerging-rbn.rules) 2406497 - ET RBN Known Russian Business Network IP UDP (249) (emerging-rbn.rules) 2406498 - ET RBN Known Russian Business Network IP TCP (250) (emerging-rbn.rules) 2406499 - ET RBN Known Russian Business Network IP UDP (250) (emerging-rbn.rules) 2406500 - ET RBN Known Russian Business Network IP TCP (251) (emerging-rbn.rules) 2406501 - ET RBN Known Russian Business Network IP UDP (251) (emerging-rbn.rules) 2406502 - ET RBN Known Russian Business Network IP TCP (252) (emerging-rbn.rules) 2406503 - ET RBN Known Russian Business Network IP UDP (252) (emerging-rbn.rules) 2406504 - ET RBN Known Russian Business Network IP TCP (253) (emerging-rbn.rules) 2406505 - ET RBN Known Russian Business Network IP UDP (253) (emerging-rbn.rules) 2406506 - ET RBN Known Russian Business Network IP TCP (254) (emerging-rbn.rules) 2406507 - ET RBN Known Russian Business Network IP UDP (254) (emerging-rbn.rules) 2406508 - ET RBN Known Russian Business Network IP TCP (255) (emerging-rbn.rules) 2406509 - ET RBN Known Russian Business Network IP UDP (255) (emerging-rbn.rules) 2406510 - ET RBN Known Russian Business Network IP TCP (256) (emerging-rbn.rules) 2406511 - ET RBN Known Russian Business Network IP UDP (256) (emerging-rbn.rules) 2406512 - ET RBN Known Russian Business Network IP TCP (257) (emerging-rbn.rules) 2406513 - ET RBN Known Russian Business Network IP UDP (257) (emerging-rbn.rules) 2406514 - ET RBN Known Russian Business Network IP TCP (258) (emerging-rbn.rules) 2406515 - ET RBN Known Russian Business Network IP UDP (258) (emerging-rbn.rules) 2406516 - ET RBN Known Russian Business Network IP TCP (259) (emerging-rbn.rules) 2406517 - ET RBN Known Russian Business Network IP UDP (259) (emerging-rbn.rules) 2406518 - ET RBN Known Russian Business Network IP TCP (260) (emerging-rbn.rules) 2406519 - ET RBN Known Russian Business Network IP UDP (260) (emerging-rbn.rules) 2406520 - ET RBN Known Russian Business Network IP TCP (261) (emerging-rbn.rules) 2406521 - ET RBN Known Russian Business Network IP UDP (261) (emerging-rbn.rules) 2406522 - ET RBN Known Russian Business Network IP TCP (262) (emerging-rbn.rules) 2406523 - ET RBN Known Russian Business Network IP UDP (262) (emerging-rbn.rules) 2406524 - ET RBN Known Russian Business Network IP TCP (263) (emerging-rbn.rules) 2406525 - ET RBN Known Russian Business Network IP UDP (263) (emerging-rbn.rules) 2406526 - ET RBN Known Russian Business Network IP TCP (264) (emerging-rbn.rules) 2406527 - ET RBN Known Russian Business Network IP UDP (264) (emerging-rbn.rules) 2406528 - ET RBN Known Russian Business Network IP TCP (265) (emerging-rbn.rules) 2406529 - ET RBN Known Russian Business Network IP UDP (265) (emerging-rbn.rules) 2406530 - ET RBN Known Russian Business Network IP TCP (266) (emerging-rbn.rules) 2406531 - ET RBN Known Russian Business Network IP UDP (266) (emerging-rbn.rules) 2406532 - ET RBN Known Russian Business Network IP TCP (267) (emerging-rbn.rules) 2406533 - ET RBN Known Russian Business Network IP UDP (267) (emerging-rbn.rules) 2406534 - ET RBN Known Russian Business Network IP TCP (268) (emerging-rbn.rules) 2406535 - ET RBN Known Russian Business Network IP UDP (268) (emerging-rbn.rules) 2406536 - ET RBN Known Russian Business Network IP TCP (269) (emerging-rbn.rules) 2406537 - ET RBN Known Russian Business Network IP UDP (269) (emerging-rbn.rules) 2406538 - ET RBN Known Russian Business Network IP TCP (270) (emerging-rbn.rules) 2406539 - ET RBN Known Russian Business Network IP UDP (270) (emerging-rbn.rules) 2406540 - ET RBN Known Russian Business Network IP TCP (271) (emerging-rbn.rules) 2406541 - ET RBN Known Russian Business Network IP UDP (271) (emerging-rbn.rules) 2406542 - ET RBN Known Russian Business Network IP TCP (272) (emerging-rbn.rules) 2406543 - ET RBN Known Russian Business Network IP UDP (272) (emerging-rbn.rules) 2406544 - ET RBN Known Russian Business Network IP TCP (273) (emerging-rbn.rules) 2406545 - ET RBN Known Russian Business Network IP UDP (273) (emerging-rbn.rules) 2406546 - ET RBN Known Russian Business Network IP TCP (274) (emerging-rbn.rules) 2406547 - ET RBN Known Russian Business Network IP UDP (274) (emerging-rbn.rules) 2406548 - ET RBN Known Russian Business Network IP TCP (275) (emerging-rbn.rules) 2406549 - ET RBN Known Russian Business Network IP UDP (275) (emerging-rbn.rules) 2406550 - ET RBN Known Russian Business Network IP TCP (276) (emerging-rbn.rules) 2406551 - ET RBN Known Russian Business Network IP UDP (276) (emerging-rbn.rules) 2406552 - ET RBN Known Russian Business Network IP TCP (277) (emerging-rbn.rules) 2406553 - ET RBN Known Russian Business Network IP UDP (277) (emerging-rbn.rules) 2406554 - ET RBN Known Russian Business Network IP TCP (278) (emerging-rbn.rules) 2406555 - ET RBN Known Russian Business Network IP UDP (278) (emerging-rbn.rules) 2406556 - ET RBN Known Russian Business Network IP TCP (279) (emerging-rbn.rules) 2406557 - ET RBN Known Russian Business Network IP UDP (279) (emerging-rbn.rules) 2406558 - ET RBN Known Russian Business Network IP TCP (280) (emerging-rbn.rules) 2406559 - ET RBN Known Russian Business Network IP UDP (280) (emerging-rbn.rules) 2406560 - ET RBN Known Russian Business Network IP TCP (281) (emerging-rbn.rules) 2406561 - ET RBN Known Russian Business Network IP UDP (281) (emerging-rbn.rules) 2406562 - ET RBN Known Russian Business Network IP TCP (282) (emerging-rbn.rules) 2406563 - ET RBN Known Russian Business Network IP UDP (282) (emerging-rbn.rules) 2406564 - ET RBN Known Russian Business Network IP TCP (283) (emerging-rbn.rules) 2406565 - ET RBN Known Russian Business Network IP UDP (283) (emerging-rbn.rules) 2406566 - ET RBN Known Russian Business Network IP TCP (284) (emerging-rbn.rules) 2406567 - ET RBN Known Russian Business Network IP UDP (284) (emerging-rbn.rules) 2406568 - ET RBN Known Russian Business Network IP TCP (285) (emerging-rbn.rules) 2406569 - ET RBN Known Russian Business Network IP UDP (285) (emerging-rbn.rules) 2406570 - ET RBN Known Russian Business Network IP TCP (286) (emerging-rbn.rules) 2406571 - ET RBN Known Russian Business Network IP UDP (286) (emerging-rbn.rules) 2406572 - ET RBN Known Russian Business Network IP TCP (287) (emerging-rbn.rules) 2406573 - ET RBN Known Russian Business Network IP UDP (287) (emerging-rbn.rules) 2406574 - ET RBN Known Russian Business Network IP TCP (288) (emerging-rbn.rules) 2406575 - ET RBN Known Russian Business Network IP UDP (288) (emerging-rbn.rules) 2406576 - ET RBN Known Russian Business Network IP TCP (289) (emerging-rbn.rules) 2406577 - ET RBN Known Russian Business Network IP UDP (289) (emerging-rbn.rules) 2406578 - ET RBN Known Russian Business Network IP TCP (290) (emerging-rbn.rules) 2406579 - ET RBN Known Russian Business Network IP UDP (290) (emerging-rbn.rules) 2406580 - ET RBN Known Russian Business Network IP TCP (291) (emerging-rbn.rules) 2406581 - ET RBN Known Russian Business Network IP UDP (291) (emerging-rbn.rules) 2406582 - ET RBN Known Russian Business Network IP TCP (292) (emerging-rbn.rules) 2406583 - ET RBN Known Russian Business Network IP UDP (292) (emerging-rbn.rules) 2406584 - ET RBN Known Russian Business Network IP TCP (293) (emerging-rbn.rules) 2406585 - ET RBN Known Russian Business Network IP UDP (293) (emerging-rbn.rules) 2406586 - ET RBN Known Russian Business Network IP TCP (294) (emerging-rbn.rules) 2406587 - ET RBN Known Russian Business Network IP UDP (294) (emerging-rbn.rules) 2406588 - ET RBN Known Russian Business Network IP TCP (295) (emerging-rbn.rules) 2406589 - ET RBN Known Russian Business Network IP UDP (295) (emerging-rbn.rules) 2406590 - ET RBN Known Russian Business Network IP TCP (296) (emerging-rbn.rules) 2406591 - ET RBN Known Russian Business Network IP UDP (296) (emerging-rbn.rules) 2406592 - ET RBN Known Russian Business Network IP TCP (297) (emerging-rbn.rules) 2406593 - ET RBN Known Russian Business Network IP UDP (297) (emerging-rbn.rules) 2406594 - ET RBN Known Russian Business Network IP TCP (298) (emerging-rbn.rules) 2406595 - ET RBN Known Russian Business Network IP UDP (298) (emerging-rbn.rules) 2406596 - ET RBN Known Russian Business Network IP TCP (299) (emerging-rbn.rules) 2406597 - ET RBN Known Russian Business Network IP UDP (299) (emerging-rbn.rules) 2406598 - ET RBN Known Russian Business Network IP TCP (300) (emerging-rbn.rules) 2406599 - ET RBN Known Russian Business Network IP UDP (300) (emerging-rbn.rules) 2406600 - ET RBN Known Russian Business Network IP TCP (301) (emerging-rbn.rules) 2406601 - ET RBN Known Russian Business Network IP UDP (301) (emerging-rbn.rules) 2406602 - ET RBN Known Russian Business Network IP TCP (302) (emerging-rbn.rules) 2406603 - ET RBN Known Russian Business Network IP UDP (302) (emerging-rbn.rules) 2406604 - ET RBN Known Russian Business Network IP TCP (303) (emerging-rbn.rules) 2406605 - ET RBN Known Russian Business Network IP UDP (303) (emerging-rbn.rules) 2406606 - ET RBN Known Russian Business Network IP TCP (304) (emerging-rbn.rules) 2406607 - ET RBN Known Russian Business Network IP UDP (304) (emerging-rbn.rules) 2406608 - ET RBN Known Russian Business Network IP TCP (305) (emerging-rbn.rules) 2406609 - ET RBN Known Russian Business Network IP UDP (305) (emerging-rbn.rules) 2406610 - ET RBN Known Russian Business Network IP TCP (306) (emerging-rbn.rules) 2406611 - ET RBN Known Russian Business Network IP UDP (306) (emerging-rbn.rules) 2406612 - ET RBN Known Russian Business Network IP TCP (307) (emerging-rbn.rules) 2406613 - ET RBN Known Russian Business Network IP UDP (307) (emerging-rbn.rules) 2406614 - ET RBN Known Russian Business Network IP TCP (308) (emerging-rbn.rules) 2406615 - ET RBN Known Russian Business Network IP UDP (308) (emerging-rbn.rules) 2406616 - ET RBN Known Russian Business Network IP TCP (309) (emerging-rbn.rules) 2406617 - ET RBN Known Russian Business Network IP UDP (309) (emerging-rbn.rules) 2406618 - ET RBN Known Russian Business Network IP TCP (310) (emerging-rbn.rules) 2406619 - ET RBN Known Russian Business Network IP UDP (310) (emerging-rbn.rules) 2406620 - ET RBN Known Russian Business Network IP TCP (311) (emerging-rbn.rules) 2406621 - ET RBN Known Russian Business Network IP UDP (311) (emerging-rbn.rules) 2406622 - ET RBN Known Russian Business Network IP TCP (312) (emerging-rbn.rules) 2406623 - ET RBN Known Russian Business Network IP UDP (312) (emerging-rbn.rules) 2406624 - ET RBN Known Russian Business Network IP TCP (313) (emerging-rbn.rules) 2406625 - ET RBN Known Russian Business Network IP UDP (313) (emerging-rbn.rules) 2406626 - ET RBN Known Russian Business Network IP TCP (314) (emerging-rbn.rules) 2406627 - ET RBN Known Russian Business Network IP UDP (314) (emerging-rbn.rules) 2406628 - ET RBN Known Russian Business Network IP TCP (315) (emerging-rbn.rules) 2406629 - ET RBN Known Russian Business Network IP UDP (315) (emerging-rbn.rules) 2406630 - ET RBN Known Russian Business Network IP TCP (316) (emerging-rbn.rules) 2406631 - ET RBN Known Russian Business Network IP UDP (316) (emerging-rbn.rules) 2406632 - ET RBN Known Russian Business Network IP TCP (317) (emerging-rbn.rules) 2406633 - ET RBN Known Russian Business Network IP UDP (317) (emerging-rbn.rules) 2406634 - ET RBN Known Russian Business Network IP TCP (318) (emerging-rbn.rules) 2406635 - ET RBN Known Russian Business Network IP UDP (318) (emerging-rbn.rules) 2406636 - ET RBN Known Russian Business Network IP TCP (319) (emerging-rbn.rules) 2406637 - ET RBN Known Russian Business Network IP UDP (319) (emerging-rbn.rules) 2406638 - ET RBN Known Russian Business Network IP TCP (320) (emerging-rbn.rules) 2406639 - ET RBN Known Russian Business Network IP UDP (320) (emerging-rbn.rules) 2406640 - ET RBN Known Russian Business Network IP TCP (321) (emerging-rbn.rules) 2406641 - ET RBN Known Russian Business Network IP UDP (321) (emerging-rbn.rules) 2406642 - ET RBN Known Russian Business Network IP TCP (322) (emerging-rbn.rules) 2406643 - ET RBN Known Russian Business Network IP UDP (322) (emerging-rbn.rules) 2406644 - ET RBN Known Russian Business Network IP TCP (323) (emerging-rbn.rules) 2406645 - ET RBN Known Russian Business Network IP UDP (323) (emerging-rbn.rules) 2406646 - ET RBN Known Russian Business Network IP TCP (324) (emerging-rbn.rules) 2406647 - ET RBN Known Russian Business Network IP UDP (324) (emerging-rbn.rules) 2406648 - ET RBN Known Russian Business Network IP TCP (325) (emerging-rbn.rules) 2406649 - ET RBN Known Russian Business Network IP UDP (325) (emerging-rbn.rules) 2406650 - ET RBN Known Russian Business Network IP TCP (326) (emerging-rbn.rules) 2406651 - ET RBN Known Russian Business Network IP UDP (326) (emerging-rbn.rules) 2406652 - ET RBN Known Russian Business Network IP TCP (327) (emerging-rbn.rules) 2406653 - ET RBN Known Russian Business Network IP UDP (327) (emerging-rbn.rules) 2406654 - ET RBN Known Russian Business Network IP TCP (328) (emerging-rbn.rules) 2406655 - ET RBN Known Russian Business Network IP UDP (328) (emerging-rbn.rules) 2406656 - ET RBN Known Russian Business Network IP TCP (329) (emerging-rbn.rules) 2406657 - ET RBN Known Russian Business Network IP UDP (329) (emerging-rbn.rules) 2406658 - ET RBN Known Russian Business Network IP TCP (330) (emerging-rbn.rules) 2406659 - ET RBN Known Russian Business Network IP UDP (330) (emerging-rbn.rules) 2406660 - ET RBN Known Russian Business Network IP TCP (331) (emerging-rbn.rules) 2406661 - ET RBN Known Russian Business Network IP UDP (331) (emerging-rbn.rules) 2406662 - ET RBN Known Russian Business Network IP TCP (332) (emerging-rbn.rules) 2406663 - ET RBN Known Russian Business Network IP UDP (332) (emerging-rbn.rules) 2406664 - ET RBN Known Russian Business Network IP TCP (333) (emerging-rbn.rules) 2406665 - ET RBN Known Russian Business Network IP UDP (333) (emerging-rbn.rules) 2406666 - ET RBN Known Russian Business Network IP TCP (334) (emerging-rbn.rules) 2406667 - ET RBN Known Russian Business Network IP UDP (334) (emerging-rbn.rules) 2406668 - ET RBN Known Russian Business Network IP TCP (335) (emerging-rbn.rules) 2406669 - ET RBN Known Russian Business Network IP UDP (335) (emerging-rbn.rules) 2406670 - ET RBN Known Russian Business Network IP TCP (336) (emerging-rbn.rules) 2406671 - ET RBN Known Russian Business Network IP UDP (336) (emerging-rbn.rules) 2406672 - ET RBN Known Russian Business Network IP TCP (337) (emerging-rbn.rules) 2406673 - ET RBN Known Russian Business Network IP UDP (337) (emerging-rbn.rules) 2406674 - ET RBN Known Russian Business Network IP TCP (338) (emerging-rbn.rules) 2406675 - ET RBN Known Russian Business Network IP UDP (338) (emerging-rbn.rules) 2406676 - ET RBN Known Russian Business Network IP TCP (339) (emerging-rbn.rules) 2406677 - ET RBN Known Russian Business Network IP UDP (339) (emerging-rbn.rules) 2406678 - ET RBN Known Russian Business Network IP TCP (340) (emerging-rbn.rules) 2406679 - ET RBN Known Russian Business Network IP UDP (340) (emerging-rbn.rules) 2406680 - ET RBN Known Russian Business Network IP TCP (341) (emerging-rbn.rules) 2406681 - ET RBN Known Russian Business Network IP UDP (341) (emerging-rbn.rules) 2406682 - ET RBN Known Russian Business Network IP TCP (342) (emerging-rbn.rules) 2406683 - ET RBN Known Russian Business Network IP UDP (342) (emerging-rbn.rules) 2406684 - ET RBN Known Russian Business Network IP TCP (343) (emerging-rbn.rules) 2406685 - ET RBN Known Russian Business Network IP UDP (343) (emerging-rbn.rules) 2406686 - ET RBN Known Russian Business Network IP TCP (344) (emerging-rbn.rules) 2406687 - ET RBN Known Russian Business Network IP UDP (344) (emerging-rbn.rules) 2406688 - ET RBN Known Russian Business Network IP TCP (345) (emerging-rbn.rules) 2406689 - ET RBN Known Russian Business Network IP UDP (345) (emerging-rbn.rules) 2407000 - ET RBN Known Russian Business Network IP TCP - BLOCKING (1) (emerging-rbn-BLOCK.rules) 2407001 - ET RBN Known Russian Business Network IP UDP - BLOCKING (1) (emerging-rbn-BLOCK.rules) 2407002 - ET RBN Known Russian Business Network IP TCP - BLOCKING (2) (emerging-rbn-BLOCK.rules) 2407003 - ET RBN Known Russian Business Network IP UDP - BLOCKING (2) (emerging-rbn-BLOCK.rules) 2407004 - ET RBN Known Russian Business Network IP TCP - BLOCKING (3) (emerging-rbn-BLOCK.rules) 2407005 - ET RBN Known Russian Business Network IP UDP - BLOCKING (3) (emerging-rbn-BLOCK.rules) 2407006 - ET RBN Known Russian Business Network IP TCP - BLOCKING (4) (emerging-rbn-BLOCK.rules) 2407007 - ET RBN Known Russian Business Network IP UDP - BLOCKING (4) (emerging-rbn-BLOCK.rules) 2407008 - ET RBN Known Russian Business Network IP TCP - BLOCKING (5) (emerging-rbn-BLOCK.rules) 2407009 - ET RBN Known Russian Business Network IP UDP - BLOCKING (5) (emerging-rbn-BLOCK.rules) 2407010 - ET RBN Known Russian Business Network IP TCP - BLOCKING (6) (emerging-rbn-BLOCK.rules) 2407011 - ET RBN Known Russian Business Network IP UDP - BLOCKING (6) (emerging-rbn-BLOCK.rules) 2407012 - ET RBN Known Russian Business Network IP TCP - BLOCKING (7) (emerging-rbn-BLOCK.rules) 2407013 - ET RBN Known Russian Business Network IP UDP - BLOCKING (7) (emerging-rbn-BLOCK.rules) 2407014 - ET RBN Known Russian Business Network IP TCP - BLOCKING (8) (emerging-rbn-BLOCK.rules) 2407015 - ET RBN Known Russian Business Network IP UDP - BLOCKING (8) (emerging-rbn-BLOCK.rules) 2407016 - ET RBN Known Russian Business Network IP TCP - BLOCKING (9) (emerging-rbn-BLOCK.rules) 2407017 - ET RBN Known Russian Business Network IP UDP - BLOCKING (9) (emerging-rbn-BLOCK.rules) 2407018 - ET RBN Known Russian Business Network IP TCP - BLOCKING (10) (emerging-rbn-BLOCK.rules) 2407019 - ET RBN Known Russian Business Network IP UDP - BLOCKING (10) (emerging-rbn-BLOCK.rules) 2407020 - ET RBN Known Russian Business Network IP TCP - BLOCKING (11) (emerging-rbn-BLOCK.rules) 2407021 - ET RBN Known Russian Business Network IP UDP - BLOCKING (11) (emerging-rbn-BLOCK.rules) 2407022 - ET RBN Known Russian Business Network IP TCP - BLOCKING (12) (emerging-rbn-BLOCK.rules) 2407023 - ET RBN Known Russian Business Network IP UDP - BLOCKING (12) (emerging-rbn-BLOCK.rules) 2407024 - ET RBN Known Russian Business Network IP TCP - BLOCKING (13) (emerging-rbn-BLOCK.rules) 2407025 - ET RBN Known Russian Business Network IP UDP - BLOCKING (13) (emerging-rbn-BLOCK.rules) 2407026 - ET RBN Known Russian Business Network IP TCP - BLOCKING (14) (emerging-rbn-BLOCK.rules) 2407027 - ET RBN Known Russian Business Network IP UDP - BLOCKING (14) (emerging-rbn-BLOCK.rules) 2407028 - ET RBN Known Russian Business Network IP TCP - BLOCKING (15) (emerging-rbn-BLOCK.rules) 2407029 - ET RBN Known Russian Business Network IP UDP - BLOCKING (15) (emerging-rbn-BLOCK.rules) 2407030 - ET RBN Known Russian Business Network IP TCP - BLOCKING (16) (emerging-rbn-BLOCK.rules) 2407031 - ET RBN Known Russian Business Network IP UDP - BLOCKING (16) (emerging-rbn-BLOCK.rules) 2407032 - ET RBN Known Russian Business Network IP TCP - BLOCKING (17) (emerging-rbn-BLOCK.rules) 2407033 - ET RBN Known Russian Business Network IP UDP - BLOCKING (17) (emerging-rbn-BLOCK.rules) 2407034 - ET RBN Known Russian Business Network IP TCP - BLOCKING (18) (emerging-rbn-BLOCK.rules) 2407035 - ET RBN Known Russian Business Network IP UDP - BLOCKING (18) (emerging-rbn-BLOCK.rules) 2407036 - ET RBN Known Russian Business Network IP TCP - BLOCKING (19) (emerging-rbn-BLOCK.rules) 2407037 - ET RBN Known Russian Business Network IP UDP - BLOCKING (19) (emerging-rbn-BLOCK.rules) 2407038 - ET RBN Known Russian Business Network IP TCP - BLOCKING (20) (emerging-rbn-BLOCK.rules) 2407039 - ET RBN Known Russian Business Network IP UDP - BLOCKING (20) (emerging-rbn-BLOCK.rules) 2407040 - ET RBN Known Russian Business Network IP TCP - BLOCKING (21) (emerging-rbn-BLOCK.rules) 2407041 - ET RBN Known Russian Business Network IP UDP - BLOCKING (21) (emerging-rbn-BLOCK.rules) 2407042 - ET RBN Known Russian Business Network IP TCP - BLOCKING (22) (emerging-rbn-BLOCK.rules) 2407043 - ET RBN Known Russian Business Network IP UDP - BLOCKING (22) (emerging-rbn-BLOCK.rules) 2407044 - ET RBN Known Russian Business Network IP TCP - BLOCKING (23) (emerging-rbn-BLOCK.rules) 2407045 - ET RBN Known Russian Business Network IP UDP - BLOCKING (23) (emerging-rbn-BLOCK.rules) 2407046 - ET RBN Known Russian Business Network IP TCP - BLOCKING (24) (emerging-rbn-BLOCK.rules) 2407047 - ET RBN Known Russian Business Network IP UDP - BLOCKING (24) (emerging-rbn-BLOCK.rules) 2407048 - ET RBN Known Russian Business Network IP TCP - BLOCKING (25) (emerging-rbn-BLOCK.rules) 2407049 - ET RBN Known Russian Business Network IP UDP - BLOCKING (25) (emerging-rbn-BLOCK.rules) 2407050 - ET RBN Known Russian Business Network IP TCP - BLOCKING (26) (emerging-rbn-BLOCK.rules) 2407051 - ET RBN Known Russian Business Network IP UDP - BLOCKING (26) (emerging-rbn-BLOCK.rules) 2407052 - ET RBN Known Russian Business Network IP TCP - BLOCKING (27) (emerging-rbn-BLOCK.rules) 2407053 - ET RBN Known Russian Business Network IP UDP - BLOCKING (27) (emerging-rbn-BLOCK.rules) 2407054 - ET RBN Known Russian Business Network IP TCP - BLOCKING (28) (emerging-rbn-BLOCK.rules) 2407055 - ET RBN Known Russian Business Network IP UDP - BLOCKING (28) (emerging-rbn-BLOCK.rules) 2407056 - ET RBN Known Russian Business Network IP TCP - BLOCKING (29) (emerging-rbn-BLOCK.rules) 2407057 - ET RBN Known Russian Business Network IP UDP - BLOCKING (29) (emerging-rbn-BLOCK.rules) 2407058 - ET RBN Known Russian Business Network IP TCP - BLOCKING (30) (emerging-rbn-BLOCK.rules) 2407059 - ET RBN Known Russian Business Network IP UDP - BLOCKING (30) (emerging-rbn-BLOCK.rules) 2407060 - ET RBN Known Russian Business Network IP TCP - BLOCKING (31) (emerging-rbn-BLOCK.rules) 2407061 - ET RBN Known Russian Business Network IP UDP - BLOCKING (31) (emerging-rbn-BLOCK.rules) 2407062 - ET RBN Known Russian Business Network IP TCP - BLOCKING (32) (emerging-rbn-BLOCK.rules) 2407063 - ET RBN Known Russian Business Network IP UDP - BLOCKING (32) (emerging-rbn-BLOCK.rules) 2407064 - ET RBN Known Russian Business Network IP TCP - BLOCKING (33) (emerging-rbn-BLOCK.rules) 2407065 - ET RBN Known Russian Business Network IP UDP - BLOCKING (33) (emerging-rbn-BLOCK.rules) 2407066 - ET RBN Known Russian Business Network IP TCP - BLOCKING (34) (emerging-rbn-BLOCK.rules) 2407067 - ET RBN Known Russian Business Network IP UDP - BLOCKING (34) (emerging-rbn-BLOCK.rules) 2407068 - ET RBN Known Russian Business Network IP TCP - BLOCKING (35) (emerging-rbn-BLOCK.rules) 2407069 - ET RBN Known Russian Business Network IP UDP - BLOCKING (35) (emerging-rbn-BLOCK.rules) 2407070 - ET RBN Known Russian Business Network IP TCP - BLOCKING (36) (emerging-rbn-BLOCK.rules) 2407071 - ET RBN Known Russian Business Network IP UDP - BLOCKING (36) (emerging-rbn-BLOCK.rules) 2407072 - ET RBN Known Russian Business Network IP TCP - BLOCKING (37) (emerging-rbn-BLOCK.rules) 2407073 - ET RBN Known Russian Business Network IP UDP - BLOCKING (37) (emerging-rbn-BLOCK.rules) 2407074 - ET RBN Known Russian Business Network IP TCP - BLOCKING (38) (emerging-rbn-BLOCK.rules) 2407075 - ET RBN Known Russian Business Network IP UDP - BLOCKING (38) (emerging-rbn-BLOCK.rules) 2407076 - ET RBN Known Russian Business Network IP TCP - BLOCKING (39) (emerging-rbn-BLOCK.rules) 2407077 - ET RBN Known Russian Business Network IP UDP - BLOCKING (39) (emerging-rbn-BLOCK.rules) 2407078 - ET RBN Known Russian Business Network IP TCP - BLOCKING (40) (emerging-rbn-BLOCK.rules) 2407079 - ET RBN Known Russian Business Network IP UDP - BLOCKING (40) (emerging-rbn-BLOCK.rules) 2407080 - ET RBN Known Russian Business Network IP TCP - BLOCKING (41) (emerging-rbn-BLOCK.rules) 2407081 - ET RBN Known Russian Business Network IP UDP - BLOCKING (41) (emerging-rbn-BLOCK.rules) 2407082 - ET RBN Known Russian Business Network IP TCP - BLOCKING (42) (emerging-rbn-BLOCK.rules) 2407083 - ET RBN Known Russian Business Network IP UDP - BLOCKING (42) (emerging-rbn-BLOCK.rules) 2407084 - ET RBN Known Russian Business Network IP TCP - BLOCKING (43) (emerging-rbn-BLOCK.rules) 2407085 - ET RBN Known Russian Business Network IP UDP - BLOCKING (43) (emerging-rbn-BLOCK.rules) 2407086 - ET RBN Known Russian Business Network IP TCP - BLOCKING (44) (emerging-rbn-BLOCK.rules) 2407087 - ET RBN Known Russian Business Network IP UDP - BLOCKING (44) (emerging-rbn-BLOCK.rules) 2407088 - ET RBN Known Russian Business Network IP TCP - BLOCKING (45) (emerging-rbn-BLOCK.rules) 2407089 - ET RBN Known Russian Business Network IP UDP - BLOCKING (45) (emerging-rbn-BLOCK.rules) 2407090 - ET RBN Known Russian Business Network IP TCP - BLOCKING (46) (emerging-rbn-BLOCK.rules) 2407091 - ET RBN Known Russian Business Network IP UDP - BLOCKING (46) (emerging-rbn-BLOCK.rules) 2407092 - ET RBN Known Russian Business Network IP TCP - BLOCKING (47) (emerging-rbn-BLOCK.rules) 2407093 - ET RBN Known Russian Business Network IP UDP - BLOCKING (47) (emerging-rbn-BLOCK.rules) 2407094 - ET RBN Known Russian Business Network IP TCP - BLOCKING (48) (emerging-rbn-BLOCK.rules) 2407095 - ET RBN Known Russian Business Network IP UDP - BLOCKING (48) (emerging-rbn-BLOCK.rules) 2407096 - ET RBN Known Russian Business Network IP TCP - BLOCKING (49) (emerging-rbn-BLOCK.rules) 2407097 - ET RBN Known Russian Business Network IP UDP - BLOCKING (49) (emerging-rbn-BLOCK.rules) 2407098 - ET RBN Known Russian Business Network IP TCP - BLOCKING (50) (emerging-rbn-BLOCK.rules) 2407099 - ET RBN Known Russian Business Network IP UDP - BLOCKING (50) (emerging-rbn-BLOCK.rules) 2407100 - ET RBN Known Russian Business Network IP TCP - BLOCKING (51) (emerging-rbn-BLOCK.rules) 2407101 - ET RBN Known Russian Business Network IP UDP - BLOCKING (51) (emerging-rbn-BLOCK.rules) 2407102 - ET RBN Known Russian Business Network IP TCP - BLOCKING (52) (emerging-rbn-BLOCK.rules) 2407103 - ET RBN Known Russian Business Network IP UDP - BLOCKING (52) (emerging-rbn-BLOCK.rules) 2407104 - ET RBN Known Russian Business Network IP TCP - BLOCKING (53) (emerging-rbn-BLOCK.rules) 2407105 - ET RBN Known Russian Business Network IP UDP - BLOCKING (53) (emerging-rbn-BLOCK.rules) 2407106 - ET RBN Known Russian Business Network IP TCP - BLOCKING (54) (emerging-rbn-BLOCK.rules) 2407107 - ET RBN Known Russian Business Network IP UDP - BLOCKING (54) (emerging-rbn-BLOCK.rules) 2407108 - ET RBN Known Russian Business Network IP TCP - BLOCKING (55) (emerging-rbn-BLOCK.rules) 2407109 - ET RBN Known Russian Business Network IP UDP - BLOCKING (55) (emerging-rbn-BLOCK.rules) 2407110 - ET RBN Known Russian Business Network IP TCP - BLOCKING (56) (emerging-rbn-BLOCK.rules) 2407111 - ET RBN Known Russian Business Network IP UDP - BLOCKING (56) (emerging-rbn-BLOCK.rules) 2407112 - ET RBN Known Russian Business Network IP TCP - BLOCKING (57) (emerging-rbn-BLOCK.rules) 2407113 - ET RBN Known Russian Business Network IP UDP - BLOCKING (57) (emerging-rbn-BLOCK.rules) 2407114 - ET RBN Known Russian Business Network IP TCP - BLOCKING (58) (emerging-rbn-BLOCK.rules) 2407115 - ET RBN Known Russian Business Network IP UDP - BLOCKING (58) (emerging-rbn-BLOCK.rules) 2407116 - ET RBN Known Russian Business Network IP TCP - BLOCKING (59) (emerging-rbn-BLOCK.rules) 2407117 - ET RBN Known Russian Business Network IP UDP - BLOCKING (59) (emerging-rbn-BLOCK.rules) 2407118 - ET RBN Known Russian Business Network IP TCP - BLOCKING (60) (emerging-rbn-BLOCK.rules) 2407119 - ET RBN Known Russian Business Network IP UDP - BLOCKING (60) (emerging-rbn-BLOCK.rules) 2407120 - ET RBN Known Russian Business Network IP TCP - BLOCKING (61) (emerging-rbn-BLOCK.rules) 2407121 - ET RBN Known Russian Business Network IP UDP - BLOCKING (61) (emerging-rbn-BLOCK.rules) 2407122 - ET RBN Known Russian Business Network IP TCP - BLOCKING (62) (emerging-rbn-BLOCK.rules) 2407123 - ET RBN Known Russian Business Network IP UDP - BLOCKING (62) (emerging-rbn-BLOCK.rules) 2407124 - ET RBN Known Russian Business Network IP TCP - BLOCKING (63) (emerging-rbn-BLOCK.rules) 2407125 - ET RBN Known Russian Business Network IP UDP - BLOCKING (63) (emerging-rbn-BLOCK.rules) 2407126 - ET RBN Known Russian Business Network IP TCP - BLOCKING (64) (emerging-rbn-BLOCK.rules) 2407127 - ET RBN Known Russian Business Network IP UDP - BLOCKING (64) (emerging-rbn-BLOCK.rules) 2407128 - ET RBN Known Russian Business Network IP TCP - BLOCKING (65) (emerging-rbn-BLOCK.rules) 2407129 - ET RBN Known Russian Business Network IP UDP - BLOCKING (65) (emerging-rbn-BLOCK.rules) 2407130 - ET RBN Known Russian Business Network IP TCP - BLOCKING (66) (emerging-rbn-BLOCK.rules) 2407131 - ET RBN Known Russian Business Network IP UDP - BLOCKING (66) (emerging-rbn-BLOCK.rules) 2407132 - ET RBN Known Russian Business Network IP TCP - BLOCKING (67) (emerging-rbn-BLOCK.rules) 2407133 - ET RBN Known Russian Business Network IP UDP - BLOCKING (67) (emerging-rbn-BLOCK.rules) 2407134 - ET RBN Known Russian Business Network IP TCP - BLOCKING (68) (emerging-rbn-BLOCK.rules) 2407135 - ET RBN Known Russian Business Network IP UDP - BLOCKING (68) (emerging-rbn-BLOCK.rules) 2407136 - ET RBN Known Russian Business Network IP TCP - BLOCKING (69) (emerging-rbn-BLOCK.rules) 2407137 - ET RBN Known Russian Business Network IP UDP - BLOCKING (69) (emerging-rbn-BLOCK.rules) 2407138 - ET RBN Known Russian Business Network IP TCP - BLOCKING (70) (emerging-rbn-BLOCK.rules) 2407139 - ET RBN Known Russian Business Network IP UDP - BLOCKING (70) (emerging-rbn-BLOCK.rules) 2407140 - ET RBN Known Russian Business Network IP TCP - BLOCKING (71) (emerging-rbn-BLOCK.rules) 2407141 - ET RBN Known Russian Business Network IP UDP - BLOCKING (71) (emerging-rbn-BLOCK.rules) 2407142 - ET RBN Known Russian Business Network IP TCP - BLOCKING (72) (emerging-rbn-BLOCK.rules) 2407143 - ET RBN Known Russian Business Network IP UDP - BLOCKING (72) (emerging-rbn-BLOCK.rules) 2407144 - ET RBN Known Russian Business Network IP TCP - BLOCKING (73) (emerging-rbn-BLOCK.rules) 2407145 - ET RBN Known Russian Business Network IP UDP - BLOCKING (73) (emerging-rbn-BLOCK.rules) 2407146 - ET RBN Known Russian Business Network IP TCP - BLOCKING (74) (emerging-rbn-BLOCK.rules) 2407147 - ET RBN Known Russian Business Network IP UDP - BLOCKING (74) (emerging-rbn-BLOCK.rules) 2407148 - ET RBN Known Russian Business Network IP TCP - BLOCKING (75) (emerging-rbn-BLOCK.rules) 2407149 - ET RBN Known Russian Business Network IP UDP - BLOCKING (75) (emerging-rbn-BLOCK.rules) 2407150 - ET RBN Known Russian Business Network IP TCP - BLOCKING (76) (emerging-rbn-BLOCK.rules) 2407151 - ET RBN Known Russian Business Network IP UDP - BLOCKING (76) (emerging-rbn-BLOCK.rules) 2407152 - ET RBN Known Russian Business Network IP TCP - BLOCKING (77) (emerging-rbn-BLOCK.rules) 2407153 - ET RBN Known Russian Business Network IP UDP - BLOCKING (77) (emerging-rbn-BLOCK.rules) 2407154 - ET RBN Known Russian Business Network IP TCP - BLOCKING (78) (emerging-rbn-BLOCK.rules) 2407155 - ET RBN Known Russian Business Network IP UDP - BLOCKING (78) (emerging-rbn-BLOCK.rules) 2407156 - ET RBN Known Russian Business Network IP TCP - BLOCKING (79) (emerging-rbn-BLOCK.rules) 2407157 - ET RBN Known Russian Business Network IP UDP - BLOCKING (79) (emerging-rbn-BLOCK.rules) 2407158 - ET RBN Known Russian Business Network IP TCP - BLOCKING (80) (emerging-rbn-BLOCK.rules) 2407159 - ET RBN Known Russian Business Network IP UDP - BLOCKING (80) (emerging-rbn-BLOCK.rules) 2407160 - ET RBN Known Russian Business Network IP TCP - BLOCKING (81) (emerging-rbn-BLOCK.rules) 2407161 - ET RBN Known Russian Business Network IP UDP - BLOCKING (81) (emerging-rbn-BLOCK.rules) 2407162 - ET RBN Known Russian Business Network IP TCP - BLOCKING (82) (emerging-rbn-BLOCK.rules) 2407163 - ET RBN Known Russian Business Network IP UDP - BLOCKING (82) (emerging-rbn-BLOCK.rules) 2407164 - ET RBN Known Russian Business Network IP TCP - BLOCKING (83) (emerging-rbn-BLOCK.rules) 2407165 - ET RBN Known Russian Business Network IP UDP - BLOCKING (83) (emerging-rbn-BLOCK.rules) 2407166 - ET RBN Known Russian Business Network IP TCP - BLOCKING (84) (emerging-rbn-BLOCK.rules) 2407167 - ET RBN Known Russian Business Network IP UDP - BLOCKING (84) (emerging-rbn-BLOCK.rules) 2407168 - ET RBN Known Russian Business Network IP TCP - BLOCKING (85) (emerging-rbn-BLOCK.rules) 2407169 - ET RBN Known Russian Business Network IP UDP - BLOCKING (85) (emerging-rbn-BLOCK.rules) 2407170 - ET RBN Known Russian Business Network IP TCP - BLOCKING (86) (emerging-rbn-BLOCK.rules) 2407171 - ET RBN Known Russian Business Network IP UDP - BLOCKING (86) (emerging-rbn-BLOCK.rules) 2407172 - ET RBN Known Russian Business Network IP TCP - BLOCKING (87) (emerging-rbn-BLOCK.rules) 2407173 - ET RBN Known Russian Business Network IP UDP - BLOCKING (87) (emerging-rbn-BLOCK.rules) 2407174 - ET RBN Known Russian Business Network IP TCP - BLOCKING (88) (emerging-rbn-BLOCK.rules) 2407175 - ET RBN Known Russian Business Network IP UDP - BLOCKING (88) (emerging-rbn-BLOCK.rules) 2407176 - ET RBN Known Russian Business Network IP TCP - BLOCKING (89) (emerging-rbn-BLOCK.rules) 2407177 - ET RBN Known Russian Business Network IP UDP - BLOCKING (89) (emerging-rbn-BLOCK.rules) 2407178 - ET RBN Known Russian Business Network IP TCP - BLOCKING (90) (emerging-rbn-BLOCK.rules) 2407179 - ET RBN Known Russian Business Network IP UDP - BLOCKING (90) (emerging-rbn-BLOCK.rules) 2407180 - ET RBN Known Russian Business Network IP TCP - BLOCKING (91) (emerging-rbn-BLOCK.rules) 2407181 - ET RBN Known Russian Business Network IP UDP - BLOCKING (91) (emerging-rbn-BLOCK.rules) 2407182 - ET RBN Known Russian Business Network IP TCP - BLOCKING (92) (emerging-rbn-BLOCK.rules) 2407183 - ET RBN Known Russian Business Network IP UDP - BLOCKING (92) (emerging-rbn-BLOCK.rules) 2407184 - ET RBN Known Russian Business Network IP TCP - BLOCKING (93) (emerging-rbn-BLOCK.rules) 2407185 - ET RBN Known Russian Business Network IP UDP - BLOCKING (93) (emerging-rbn-BLOCK.rules) 2407186 - ET RBN Known Russian Business Network IP TCP - BLOCKING (94) (emerging-rbn-BLOCK.rules) 2407187 - ET RBN Known Russian Business Network IP UDP - BLOCKING (94) (emerging-rbn-BLOCK.rules) 2407188 - ET RBN Known Russian Business Network IP TCP - BLOCKING (95) (emerging-rbn-BLOCK.rules) 2407189 - ET RBN Known Russian Business Network IP UDP - BLOCKING (95) (emerging-rbn-BLOCK.rules) 2407190 - ET RBN Known Russian Business Network IP TCP - BLOCKING (96) (emerging-rbn-BLOCK.rules) 2407191 - ET RBN Known Russian Business Network IP UDP - BLOCKING (96) (emerging-rbn-BLOCK.rules) 2407192 - ET RBN Known Russian Business Network IP TCP - BLOCKING (97) (emerging-rbn-BLOCK.rules) 2407193 - ET RBN Known Russian Business Network IP UDP - BLOCKING (97) (emerging-rbn-BLOCK.rules) 2407194 - ET RBN Known Russian Business Network IP TCP - BLOCKING (98) (emerging-rbn-BLOCK.rules) 2407195 - ET RBN Known Russian Business Network IP UDP - BLOCKING (98) (emerging-rbn-BLOCK.rules) 2407196 - ET RBN Known Russian Business Network IP TCP - BLOCKING (99) (emerging-rbn-BLOCK.rules) 2407197 - ET RBN Known Russian Business Network IP UDP - BLOCKING (99) (emerging-rbn-BLOCK.rules) 2407198 - ET RBN Known Russian Business Network IP TCP - BLOCKING (100) (emerging-rbn-BLOCK.rules) 2407199 - ET RBN Known Russian Business Network IP UDP - BLOCKING (100) (emerging-rbn-BLOCK.rules) 2407200 - ET RBN Known Russian Business Network IP TCP - BLOCKING (101) (emerging-rbn-BLOCK.rules) 2407201 - ET RBN Known Russian Business Network IP UDP - BLOCKING (101) (emerging-rbn-BLOCK.rules) 2407202 - ET RBN Known Russian Business Network IP TCP - BLOCKING (102) (emerging-rbn-BLOCK.rules) 2407203 - ET RBN Known Russian Business Network IP UDP - BLOCKING (102) (emerging-rbn-BLOCK.rules) 2407204 - ET RBN Known Russian Business Network IP TCP - BLOCKING (103) (emerging-rbn-BLOCK.rules) 2407205 - ET RBN Known Russian Business Network IP UDP - BLOCKING (103) (emerging-rbn-BLOCK.rules) 2407206 - ET RBN Known Russian Business Network IP TCP - BLOCKING (104) (emerging-rbn-BLOCK.rules) 2407207 - ET RBN Known Russian Business Network IP UDP - BLOCKING (104) (emerging-rbn-BLOCK.rules) 2407208 - ET RBN Known Russian Business Network IP TCP - BLOCKING (105) (emerging-rbn-BLOCK.rules) 2407209 - ET RBN Known Russian Business Network IP UDP - BLOCKING (105) (emerging-rbn-BLOCK.rules) 2407210 - ET RBN Known Russian Business Network IP TCP - BLOCKING (106) (emerging-rbn-BLOCK.rules) 2407211 - ET RBN Known Russian Business Network IP UDP - BLOCKING (106) (emerging-rbn-BLOCK.rules) 2407212 - ET RBN Known Russian Business Network IP TCP - BLOCKING (107) (emerging-rbn-BLOCK.rules) 2407213 - ET RBN Known Russian Business Network IP UDP - BLOCKING (107) (emerging-rbn-BLOCK.rules) 2407214 - ET RBN Known Russian Business Network IP TCP - BLOCKING (108) (emerging-rbn-BLOCK.rules) 2407215 - ET RBN Known Russian Business Network IP UDP - BLOCKING (108) (emerging-rbn-BLOCK.rules) 2407216 - ET RBN Known Russian Business Network IP TCP - BLOCKING (109) (emerging-rbn-BLOCK.rules) 2407217 - ET RBN Known Russian Business Network IP UDP - BLOCKING (109) (emerging-rbn-BLOCK.rules) 2407218 - ET RBN Known Russian Business Network IP TCP - BLOCKING (110) (emerging-rbn-BLOCK.rules) 2407219 - ET RBN Known Russian Business Network IP UDP - BLOCKING (110) (emerging-rbn-BLOCK.rules) 2407220 - ET RBN Known Russian Business Network IP TCP - BLOCKING (111) (emerging-rbn-BLOCK.rules) 2407221 - ET RBN Known Russian Business Network IP UDP - BLOCKING (111) (emerging-rbn-BLOCK.rules) 2407222 - ET RBN Known Russian Business Network IP TCP - BLOCKING (112) (emerging-rbn-BLOCK.rules) 2407223 - ET RBN Known Russian Business Network IP UDP - BLOCKING (112) (emerging-rbn-BLOCK.rules) 2407224 - ET RBN Known Russian Business Network IP TCP - BLOCKING (113) (emerging-rbn-BLOCK.rules) 2407225 - ET RBN Known Russian Business Network IP UDP - BLOCKING (113) (emerging-rbn-BLOCK.rules) 2407226 - ET RBN Known Russian Business Network IP TCP - BLOCKING (114) (emerging-rbn-BLOCK.rules) 2407227 - ET RBN Known Russian Business Network IP UDP - BLOCKING (114) (emerging-rbn-BLOCK.rules) 2407228 - ET RBN Known Russian Business Network IP TCP - BLOCKING (115) (emerging-rbn-BLOCK.rules) 2407229 - ET RBN Known Russian Business Network IP UDP - BLOCKING (115) (emerging-rbn-BLOCK.rules) 2407230 - ET RBN Known Russian Business Network IP TCP - BLOCKING (116) (emerging-rbn-BLOCK.rules) 2407231 - ET RBN Known Russian Business Network IP UDP - BLOCKING (116) (emerging-rbn-BLOCK.rules) 2407232 - ET RBN Known Russian Business Network IP TCP - BLOCKING (117) (emerging-rbn-BLOCK.rules) 2407233 - ET RBN Known Russian Business Network IP UDP - BLOCKING (117) (emerging-rbn-BLOCK.rules) 2407234 - ET RBN Known Russian Business Network IP TCP - BLOCKING (118) (emerging-rbn-BLOCK.rules) 2407235 - ET RBN Known Russian Business Network IP UDP - BLOCKING (118) (emerging-rbn-BLOCK.rules) 2407236 - ET RBN Known Russian Business Network IP TCP - BLOCKING (119) (emerging-rbn-BLOCK.rules) 2407237 - ET RBN Known Russian Business Network IP UDP - BLOCKING (119) (emerging-rbn-BLOCK.rules) 2407238 - ET RBN Known Russian Business Network IP TCP - BLOCKING (120) (emerging-rbn-BLOCK.rules) 2407239 - ET RBN Known Russian Business Network IP UDP - BLOCKING (120) (emerging-rbn-BLOCK.rules) 2407240 - ET RBN Known Russian Business Network IP TCP - BLOCKING (121) (emerging-rbn-BLOCK.rules) 2407241 - ET RBN Known Russian Business Network IP UDP - BLOCKING (121) (emerging-rbn-BLOCK.rules) 2407242 - ET RBN Known Russian Business Network IP TCP - BLOCKING (122) (emerging-rbn-BLOCK.rules) 2407243 - ET RBN Known Russian Business Network IP UDP - BLOCKING (122) (emerging-rbn-BLOCK.rules) 2407244 - ET RBN Known Russian Business Network IP TCP - BLOCKING (123) (emerging-rbn-BLOCK.rules) 2407245 - ET RBN Known Russian Business Network IP UDP - BLOCKING (123) (emerging-rbn-BLOCK.rules) 2407246 - ET RBN Known Russian Business Network IP TCP - BLOCKING (124) (emerging-rbn-BLOCK.rules) 2407247 - ET RBN Known Russian Business Network IP UDP - BLOCKING (124) (emerging-rbn-BLOCK.rules) 2407248 - ET RBN Known Russian Business Network IP TCP - BLOCKING (125) (emerging-rbn-BLOCK.rules) 2407249 - ET RBN Known Russian Business Network IP UDP - BLOCKING (125) (emerging-rbn-BLOCK.rules) 2407250 - ET RBN Known Russian Business Network IP TCP - BLOCKING (126) (emerging-rbn-BLOCK.rules) 2407251 - ET RBN Known Russian Business Network IP UDP - BLOCKING (126) (emerging-rbn-BLOCK.rules) 2407252 - ET RBN Known Russian Business Network IP TCP - BLOCKING (127) (emerging-rbn-BLOCK.rules) 2407253 - ET RBN Known Russian Business Network IP UDP - BLOCKING (127) (emerging-rbn-BLOCK.rules) 2407254 - ET RBN Known Russian Business Network IP TCP - BLOCKING (128) (emerging-rbn-BLOCK.rules) 2407255 - ET RBN Known Russian Business Network IP UDP - BLOCKING (128) (emerging-rbn-BLOCK.rules) 2407256 - ET RBN Known Russian Business Network IP TCP - BLOCKING (129) (emerging-rbn-BLOCK.rules) 2407257 - ET RBN Known Russian Business Network IP UDP - BLOCKING (129) (emerging-rbn-BLOCK.rules) 2407258 - ET RBN Known Russian Business Network IP TCP - BLOCKING (130) (emerging-rbn-BLOCK.rules) 2407259 - ET RBN Known Russian Business Network IP UDP - BLOCKING (130) (emerging-rbn-BLOCK.rules) 2407260 - ET RBN Known Russian Business Network IP TCP - BLOCKING (131) (emerging-rbn-BLOCK.rules) 2407261 - ET RBN Known Russian Business Network IP UDP - BLOCKING (131) (emerging-rbn-BLOCK.rules) 2407262 - ET RBN Known Russian Business Network IP TCP - BLOCKING (132) (emerging-rbn-BLOCK.rules) 2407263 - ET RBN Known Russian Business Network IP UDP - BLOCKING (132) (emerging-rbn-BLOCK.rules) 2407264 - ET RBN Known Russian Business Network IP TCP - BLOCKING (133) (emerging-rbn-BLOCK.rules) 2407265 - ET RBN Known Russian Business Network IP UDP - BLOCKING (133) (emerging-rbn-BLOCK.rules) 2407266 - ET RBN Known Russian Business Network IP TCP - BLOCKING (134) (emerging-rbn-BLOCK.rules) 2407267 - ET RBN Known Russian Business Network IP UDP - BLOCKING (134) (emerging-rbn-BLOCK.rules) 2407268 - ET RBN Known Russian Business Network IP TCP - BLOCKING (135) (emerging-rbn-BLOCK.rules) 2407269 - ET RBN Known Russian Business Network IP UDP - BLOCKING (135) (emerging-rbn-BLOCK.rules) 2407270 - ET RBN Known Russian Business Network IP TCP - BLOCKING (136) (emerging-rbn-BLOCK.rules) 2407271 - ET RBN Known Russian Business Network IP UDP - BLOCKING (136) (emerging-rbn-BLOCK.rules) 2407272 - ET RBN Known Russian Business Network IP TCP - BLOCKING (137) (emerging-rbn-BLOCK.rules) 2407273 - ET RBN Known Russian Business Network IP UDP - BLOCKING (137) (emerging-rbn-BLOCK.rules) 2407274 - ET RBN Known Russian Business Network IP TCP - BLOCKING (138) (emerging-rbn-BLOCK.rules) 2407275 - ET RBN Known Russian Business Network IP UDP - BLOCKING (138) (emerging-rbn-BLOCK.rules) 2407276 - ET RBN Known Russian Business Network IP TCP - BLOCKING (139) (emerging-rbn-BLOCK.rules) 2407277 - ET RBN Known Russian Business Network IP UDP - BLOCKING (139) (emerging-rbn-BLOCK.rules) 2407278 - ET RBN Known Russian Business Network IP TCP - BLOCKING (140) (emerging-rbn-BLOCK.rules) 2407279 - ET RBN Known Russian Business Network IP UDP - BLOCKING (140) (emerging-rbn-BLOCK.rules) 2407280 - ET RBN Known Russian Business Network IP TCP - BLOCKING (141) (emerging-rbn-BLOCK.rules) 2407281 - ET RBN Known Russian Business Network IP UDP - BLOCKING (141) (emerging-rbn-BLOCK.rules) 2407282 - ET RBN Known Russian Business Network IP TCP - BLOCKING (142) (emerging-rbn-BLOCK.rules) 2407283 - ET RBN Known Russian Business Network IP UDP - BLOCKING (142) (emerging-rbn-BLOCK.rules) 2407284 - ET RBN Known Russian Business Network IP TCP - BLOCKING (143) (emerging-rbn-BLOCK.rules) 2407285 - ET RBN Known Russian Business Network IP UDP - BLOCKING (143) (emerging-rbn-BLOCK.rules) 2407286 - ET RBN Known Russian Business Network IP TCP - BLOCKING (144) (emerging-rbn-BLOCK.rules) 2407287 - ET RBN Known Russian Business Network IP UDP - BLOCKING (144) (emerging-rbn-BLOCK.rules) 2407288 - ET RBN Known Russian Business Network IP TCP - BLOCKING (145) (emerging-rbn-BLOCK.rules) 2407289 - ET RBN Known Russian Business Network IP UDP - BLOCKING (145) (emerging-rbn-BLOCK.rules) 2407290 - ET RBN Known Russian Business Network IP TCP - BLOCKING (146) (emerging-rbn-BLOCK.rules) 2407291 - ET RBN Known Russian Business Network IP UDP - BLOCKING (146) (emerging-rbn-BLOCK.rules) 2407292 - ET RBN Known Russian Business Network IP TCP - BLOCKING (147) (emerging-rbn-BLOCK.rules) 2407293 - ET RBN Known Russian Business Network IP UDP - BLOCKING (147) (emerging-rbn-BLOCK.rules) 2407294 - ET RBN Known Russian Business Network IP TCP - BLOCKING (148) (emerging-rbn-BLOCK.rules) 2407295 - ET RBN Known Russian Business Network IP UDP - BLOCKING (148) (emerging-rbn-BLOCK.rules) 2407296 - ET RBN Known Russian Business Network IP TCP - BLOCKING (149) (emerging-rbn-BLOCK.rules) 2407297 - ET RBN Known Russian Business Network IP UDP - BLOCKING (149) (emerging-rbn-BLOCK.rules) 2407298 - ET RBN Known Russian Business Network IP TCP - BLOCKING (150) (emerging-rbn-BLOCK.rules) 2407299 - ET RBN Known Russian Business Network IP UDP - BLOCKING (150) (emerging-rbn-BLOCK.rules) 2407300 - ET RBN Known Russian Business Network IP TCP - BLOCKING (151) (emerging-rbn-BLOCK.rules) 2407301 - ET RBN Known Russian Business Network IP UDP - BLOCKING (151) (emerging-rbn-BLOCK.rules) 2407302 - ET RBN Known Russian Business Network IP TCP - BLOCKING (152) (emerging-rbn-BLOCK.rules) 2407303 - ET RBN Known Russian Business Network IP UDP - BLOCKING (152) (emerging-rbn-BLOCK.rules) 2407304 - ET RBN Known Russian Business Network IP TCP - BLOCKING (153) (emerging-rbn-BLOCK.rules) 2407305 - ET RBN Known Russian Business Network IP UDP - BLOCKING (153) (emerging-rbn-BLOCK.rules) 2407306 - ET RBN Known Russian Business Network IP TCP - BLOCKING (154) (emerging-rbn-BLOCK.rules) 2407307 - ET RBN Known Russian Business Network IP UDP - BLOCKING (154) (emerging-rbn-BLOCK.rules) 2407308 - ET RBN Known Russian Business Network IP TCP - BLOCKING (155) (emerging-rbn-BLOCK.rules) 2407309 - ET RBN Known Russian Business Network IP UDP - BLOCKING (155) (emerging-rbn-BLOCK.rules) 2407310 - ET RBN Known Russian Business Network IP TCP - BLOCKING (156) (emerging-rbn-BLOCK.rules) 2407311 - ET RBN Known Russian Business Network IP UDP - BLOCKING (156) (emerging-rbn-BLOCK.rules) 2407312 - ET RBN Known Russian Business Network IP TCP - BLOCKING (157) (emerging-rbn-BLOCK.rules) 2407313 - ET RBN Known Russian Business Network IP UDP - BLOCKING (157) (emerging-rbn-BLOCK.rules) 2407314 - ET RBN Known Russian Business Network IP TCP - BLOCKING (158) (emerging-rbn-BLOCK.rules) 2407315 - ET RBN Known Russian Business Network IP UDP - BLOCKING (158) (emerging-rbn-BLOCK.rules) 2407316 - ET RBN Known Russian Business Network IP TCP - BLOCKING (159) (emerging-rbn-BLOCK.rules) 2407317 - ET RBN Known Russian Business Network IP UDP - BLOCKING (159) (emerging-rbn-BLOCK.rules) 2407318 - ET RBN Known Russian Business Network IP TCP - BLOCKING (160) (emerging-rbn-BLOCK.rules) 2407319 - ET RBN Known Russian Business Network IP UDP - BLOCKING (160) (emerging-rbn-BLOCK.rules) 2407320 - ET RBN Known Russian Business Network IP TCP - BLOCKING (161) (emerging-rbn-BLOCK.rules) 2407321 - ET RBN Known Russian Business Network IP UDP - BLOCKING (161) (emerging-rbn-BLOCK.rules) 2407322 - ET RBN Known Russian Business Network IP TCP - BLOCKING (162) (emerging-rbn-BLOCK.rules) 2407323 - ET RBN Known Russian Business Network IP UDP - BLOCKING (162) (emerging-rbn-BLOCK.rules) 2407324 - ET RBN Known Russian Business Network IP TCP - BLOCKING (163) (emerging-rbn-BLOCK.rules) 2407325 - ET RBN Known Russian Business Network IP UDP - BLOCKING (163) (emerging-rbn-BLOCK.rules) 2407326 - ET RBN Known Russian Business Network IP TCP - BLOCKING (164) (emerging-rbn-BLOCK.rules) 2407327 - ET RBN Known Russian Business Network IP UDP - BLOCKING (164) (emerging-rbn-BLOCK.rules) 2407328 - ET RBN Known Russian Business Network IP TCP - BLOCKING (165) (emerging-rbn-BLOCK.rules) 2407329 - ET RBN Known Russian Business Network IP UDP - BLOCKING (165) (emerging-rbn-BLOCK.rules) 2407330 - ET RBN Known Russian Business Network IP TCP - BLOCKING (166) (emerging-rbn-BLOCK.rules) 2407331 - ET RBN Known Russian Business Network IP UDP - BLOCKING (166) (emerging-rbn-BLOCK.rules) 2407332 - ET RBN Known Russian Business Network IP TCP - BLOCKING (167) (emerging-rbn-BLOCK.rules) 2407333 - ET RBN Known Russian Business Network IP UDP - BLOCKING (167) (emerging-rbn-BLOCK.rules) 2407334 - ET RBN Known Russian Business Network IP TCP - BLOCKING (168) (emerging-rbn-BLOCK.rules) 2407335 - ET RBN Known Russian Business Network IP UDP - BLOCKING (168) (emerging-rbn-BLOCK.rules) 2407336 - ET RBN Known Russian Business Network IP TCP - BLOCKING (169) (emerging-rbn-BLOCK.rules) 2407337 - ET RBN Known Russian Business Network IP UDP - BLOCKING (169) (emerging-rbn-BLOCK.rules) 2407338 - ET RBN Known Russian Business Network IP TCP - BLOCKING (170) (emerging-rbn-BLOCK.rules) 2407339 - ET RBN Known Russian Business Network IP UDP - BLOCKING (170) (emerging-rbn-BLOCK.rules) 2407340 - ET RBN Known Russian Business Network IP TCP - BLOCKING (171) (emerging-rbn-BLOCK.rules) 2407341 - ET RBN Known Russian Business Network IP UDP - BLOCKING (171) (emerging-rbn-BLOCK.rules) 2407342 - ET RBN Known Russian Business Network IP TCP - BLOCKING (172) (emerging-rbn-BLOCK.rules) 2407343 - ET RBN Known Russian Business Network IP UDP - BLOCKING (172) (emerging-rbn-BLOCK.rules) 2407344 - ET RBN Known Russian Business Network IP TCP - BLOCKING (173) (emerging-rbn-BLOCK.rules) 2407345 - ET RBN Known Russian Business Network IP UDP - BLOCKING (173) (emerging-rbn-BLOCK.rules) 2407346 - ET RBN Known Russian Business Network IP TCP - BLOCKING (174) (emerging-rbn-BLOCK.rules) 2407347 - ET RBN Known Russian Business Network IP UDP - BLOCKING (174) (emerging-rbn-BLOCK.rules) 2407348 - ET RBN Known Russian Business Network IP TCP - BLOCKING (175) (emerging-rbn-BLOCK.rules) 2407349 - ET RBN Known Russian Business Network IP UDP - BLOCKING (175) (emerging-rbn-BLOCK.rules) 2407350 - ET RBN Known Russian Business Network IP TCP - BLOCKING (176) (emerging-rbn-BLOCK.rules) 2407351 - ET RBN Known Russian Business Network IP UDP - BLOCKING (176) (emerging-rbn-BLOCK.rules) 2407352 - ET RBN Known Russian Business Network IP TCP - BLOCKING (177) (emerging-rbn-BLOCK.rules) 2407353 - ET RBN Known Russian Business Network IP UDP - BLOCKING (177) (emerging-rbn-BLOCK.rules) 2407354 - ET RBN Known Russian Business Network IP TCP - BLOCKING (178) (emerging-rbn-BLOCK.rules) 2407355 - ET RBN Known Russian Business Network IP UDP - BLOCKING (178) (emerging-rbn-BLOCK.rules) 2407356 - ET RBN Known Russian Business Network IP TCP - BLOCKING (179) (emerging-rbn-BLOCK.rules) 2407357 - ET RBN Known Russian Business Network IP UDP - BLOCKING (179) (emerging-rbn-BLOCK.rules) 2407358 - ET RBN Known Russian Business Network IP TCP - BLOCKING (180) (emerging-rbn-BLOCK.rules) 2407359 - ET RBN Known Russian Business Network IP UDP - BLOCKING (180) (emerging-rbn-BLOCK.rules) 2407360 - ET RBN Known Russian Business Network IP TCP - BLOCKING (181) (emerging-rbn-BLOCK.rules) 2407361 - ET RBN Known Russian Business Network IP UDP - BLOCKING (181) (emerging-rbn-BLOCK.rules) 2407362 - ET RBN Known Russian Business Network IP TCP - BLOCKING (182) (emerging-rbn-BLOCK.rules) 2407363 - ET RBN Known Russian Business Network IP UDP - BLOCKING (182) (emerging-rbn-BLOCK.rules) 2407364 - ET RBN Known Russian Business Network IP TCP - BLOCKING (183) (emerging-rbn-BLOCK.rules) 2407365 - ET RBN Known Russian Business Network IP UDP - BLOCKING (183) (emerging-rbn-BLOCK.rules) 2407366 - ET RBN Known Russian Business Network IP TCP - BLOCKING (184) (emerging-rbn-BLOCK.rules) 2407367 - ET RBN Known Russian Business Network IP UDP - BLOCKING (184) (emerging-rbn-BLOCK.rules) 2407368 - ET RBN Known Russian Business Network IP TCP - BLOCKING (185) (emerging-rbn-BLOCK.rules) 2407369 - ET RBN Known Russian Business Network IP UDP - BLOCKING (185) (emerging-rbn-BLOCK.rules) 2407370 - ET RBN Known Russian Business Network IP TCP - BLOCKING (186) (emerging-rbn-BLOCK.rules) 2407371 - ET RBN Known Russian Business Network IP UDP - BLOCKING (186) (emerging-rbn-BLOCK.rules) 2407372 - ET RBN Known Russian Business Network IP TCP - BLOC