[Emerging-Sigs] ET Open Weekly Ruleset Changes

emerging@emergingthreats.net emerging at emergingthreats.net
Sat Oct 30 16:01:42 EDT 2010


*********************** suricata open ***********************

[***] Results from Oinkmaster started Sat Oct 30 16:00:14 2010 [***]

[+++]          Added rules:          [+++]

 2011828 - ETPRO WEB_SPECIFIC_APPS 724CMS section.php Module Parameter Local File inclusion Attempt (emerging-web_specific_apps.rules)
 2011829 - ETPRO WEB_SPECIFIC_APPS MyOWNspace getfeed.php file Parameter Local File Inclusion Attempt(1) (emerging-web_specific_apps.rules)
 2011830 - ETPRO WEB_SPECIFIC_APPS MyOWNspace getfeed.php file Parameter Local File Inclusion Attempt(2) (emerging-web_specific_apps.rules)
 2011831 - ETPRO WEB_SPECIFIC_APPS CMS Board site_path Parameter Remote File Inclusion Attempt (emerging-web_specific_apps.rules)
 2011832 - ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter SELECT FROM SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011833 - ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter DELETE FROM SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011834 - ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter UNION SELECT SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011835 - ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter UPDATE SET SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011836 - ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter INSERT INTO SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011837 - ETPRO WEB_SPECIFIC_APPS A6MamboHelpDesk Admin.a6mambohelpdesk.php Remote File inclusion Attempt (emerging-web_specific_apps.rules)
 2011838 - ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter SELECT FROM SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011839 - ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter DELETE FROM SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011840 - ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter UNION SELECT SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011841 - ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter UPDATE SET SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011842 - ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter INSERT INTO SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011843 - ETPRO WEB_SPECIFIC_APPS BaconMap updatelist.php filepath Local File Inclusion Attempt (emerging-web_specific_apps.rules)
 2011844 - ETPRO WEB_SPECIFIC_APPS Joomla com_rwcards mosConfig_absolute_path Remote File Inclusion Attempt (emerging-web_specific_apps.rules)
 2011845 - ETPRO WEB_SPECIFIC_APPS Lantern CMS intPassedLocationID Parameter Cross Site Scripting Attempt (emerging-web_specific_apps.rules)
 2011846 - ETPRO WEB_SPECIFIC_APPS OrangeHRM uri Parameter Local File Inclusion Attempt (emerging-web_specific_apps.rules)
 2011847 - ETPRO WEB_SPECIFIC_APPS Joomla com_jomestate Parameter Remote File Inclusion Attempt (emerging-web_specific_apps.rules)
 2011848 - ET TROJAN Win32/Comotor.A!dll Reporting 1 (emerging-trojan.rules)
 2011849 - ET TROJAN Win32/Comotor.A!dll Reporting 2 (emerging-trojan.rules)
 2011850 - ET TROJAN Carberp file download (emerging-trojan.rules)
 2011851 - ET TROJAN Carberp CnC request - POST id=imp (emerging-trojan.rules)
 2011852 - ET WEB_SPECIFIC_APPS W-Agora search.php bn Parameter Cross Site Scripting Attempt (emerging-web_specific_apps.rules)
 2011853 - ET WEB_SPECIFIC_APPS W-Agora search.php bn Parameter Local File Inclusion Attempt (emerging-web_specific_apps.rules)
 2011854 - ET POLICY Java JAR file download (emerging-policy.rules)
 2011855 - ET POLICY Java JAR Download Attempt (emerging-policy.rules)
 2011856 - ET MALWARE HTML.Psyme.Gen Reporting (emerging-malware.rules)
 2011857 - ET TROJAN SpyEye C&C Check-in URI (emerging-trojan.rules)
 2011858 - ET TROJAN SpyEye style HTTP Header GET structure (emerging-trojan.rules)
 2011860 - ET WEB_SPECIFIC_APPS Oracle Fusion Middleware BPEL Console Cross Site Scripting (emerging-web_specific_apps.rules)
 2011861 - ET CURRENT_EVENTS Bredolab CnC URL Detected (emerging-current_events.rules)
 2011862 - ET TROJAN Feodo Banking Trojan Account Details Post (emerging-trojan.rules)
 2011863 - ET TROJAN Feodo Banking Trojan Receiving Configuration File (emerging-trojan.rules)
 2011864 - ET WEB_CLIENT Possible Oracle Java APPLET Tag Children Property Memory Corruption Attempt (emerging-web_client.rules)
 2011865 - ET WEB_CLIENT Embedded Executable File in PDF - This Program Cannot Be Run in DOS Mode (emerging-web_client.rules)
 2011866 - ET WEB_CLIENT Suspicious Embedded Shockwave Flash In PDF (emerging-web_client.rules)
 2011867 - ET ACTIVEX Trend Micro Internet Security Pro 2010 ActiveX extSetOwner Remote Code Execution Attempt (emerging-activex.rules)
 2011868 - ET WEB_CLIENT Possible Javascript obfuscation using app.setTimeOut in PDF in Order to Run Code (emerging-web_client.rules)
 2011869 - ET ACTIVEX Softek Barcode Reader Toolkit ActiveX Control Buffer Overflow Attempt (emerging-activex.rules)
 2011870 - ET ACTIVEX Softek Barcode Reader Toolkit ActiveX Control Format String Function Call (emerging-activex.rules)
 2011871 - ET POLICY SubmitToTDWTF.asmx DailyWTF Potential Source Code Leakage (emerging-policy.rules)
 2011872 - ET USER_AGENTS Suspicious Gbot UA Detected (emerging-user_agents.rules)
 2011873 - ET CURRENT_EVENTS Suspicious HTTP GET to JPG with query string (emerging-current_events.rules)
 2011874 - ET POLICY NSPlayer User-Agent Windows Media Player streaming detected (emerging-policy.rules)
 2011875 - ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter SELECT FROM SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011876 - ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter DELETE FROM SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011877 - ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter UNION SELECT SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011878 - ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter INSERT INTO SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011879 - ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter UPDATE SET SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011880 - ET WEB_SPECIFIC_APPS phpBazar picturelib.php Remote File inclusion Attempt (emerging-web_specific_apps.rules)
 2011881 - ET WEB_SPECIFIC_APPS Open Web Analytics mw_plugin.php IP Parameter Remote File inclusion Attempt (emerging-web_specific_apps.rules)
 2011882 - ET WEB_SPECIFIC_APPS Open Web Analytics owa_action Parameter Local File inclusion Attempt (emerging-web_specific_apps.rules)
 2011883 - ET WEB_SPECIFIC_APPS Open Web Analytics owa_do Parameter Local File inclusion Attempt (emerging-web_specific_apps.rules)
 2011884 - ET WEB_SPECIFIC_APPS iGaming CMS loadplugin.php load Parameter Local File inclusion Attempt (emerging-web_specific_apps.rules)


[///]     Modified active rules:     [///]

     884 - GPL EXPLOIT formmail access (emerging-exploit.rules)
    1334 - GPL EXPLOIT echo command attempt (emerging-exploit.rules)
    1340 - GPL EXPLOIT tftp command attempt (emerging-exploit.rules)
    1372 - GPL EXPLOIT /etc/shadow access (emerging-exploit.rules)
    2318 - GPL EXPLOIT CVS non-relative path access attempt (emerging-exploit.rules)
 2001901 - ET TROJAN Possible Bobax trojan infection (emerging-trojan.rules)
 2002995 - ET SCAN Rapid IMAPS Connections - Possible Brute Force Attack (emerging-scan.rules)
 2003085 - ET WEB_SPECIFIC_APPS TWiki Configure Script TYPEOF Remote Command Execution Attempt (emerging-web_specific_apps.rules)
 2003182 - ET TROJAN Prg Trojan v0.1-v0.3 Data Upload (emerging-trojan.rules)
 2003190 - ET TROJAN Win32.Lager Trojan Reporting Spam (emerging-trojan.rules)
 2003679 - ET WEB_SPECIFIC_APPS DynamicPAD Remote Inclusion Attempt -- dp_logs.php HomeDir (emerging-web_specific_apps.rules)
 2003682 - ET WEB_SPECIFIC_APPS E-Gads Remote Inclusion Attempt -- common.php locale (emerging-web_specific_apps.rules)
 2003770 - ET WEB_SPECIFIC_APPS E-Annu SQL Injection Attempt -- home.php a SELECT (emerging-web_specific_apps.rules)
 2003771 - ET WEB_SPECIFIC_APPS E-Annu SQL Injection Attempt -- home.php a UNION SELECT (emerging-web_specific_apps.rules)
 2003772 - ET WEB_SPECIFIC_APPS E-Annu SQL Injection Attempt -- home.php a INSERT (emerging-web_specific_apps.rules)
 2003773 - ET WEB_SPECIFIC_APPS E-Annu SQL Injection Attempt -- home.php a DELETE (emerging-web_specific_apps.rules)
 2003774 - ET WEB_SPECIFIC_APPS E-Annu SQL Injection Attempt -- home.php a ASCII (emerging-web_specific_apps.rules)
 2003775 - ET WEB_SPECIFIC_APPS E-Annu SQL Injection Attempt -- home.php a UPDATE (emerging-web_specific_apps.rules)
 2003876 - ET WEB_SPECIFIC_APPS EQdkp XSS Attempt -- listmembers.php show (emerging-web_specific_apps.rules)
 2003877 - ET WEB_SPECIFIC_APPS EQdkp XSS Attempt -- stats.php show (emerging-web_specific_apps.rules)
 2003920 - ET WEB_SPECIFIC_APPS DVDdb XSS Attempt -- loan.php movieid (emerging-web_specific_apps.rules)
 2003921 - ET WEB_SPECIFIC_APPS DVDdb XSS Attempt -- listmovies.php s (emerging-web_specific_apps.rules)
 2004047 - ET WEB_SPECIFIC_APPS Dokeos SQL Injection Attempt -- courseLog.php scormcontopen SELECT (emerging-web_specific_apps.rules)
 2004048 - ET WEB_SPECIFIC_APPS Dokeos SQL Injection Attempt -- courseLog.php scormcontopen UNION SELECT (emerging-web_specific_apps.rules)
 2004049 - ET WEB_SPECIFIC_APPS Dokeos SQL Injection Attempt -- courseLog.php scormcontopen INSERT (emerging-web_specific_apps.rules)
 2004050 - ET WEB_SPECIFIC_APPS Dokeos SQL Injection Attempt -- courseLog.php scormcontopen DELETE (emerging-web_specific_apps.rules)
 2004051 - ET WEB_SPECIFIC_APPS Dokeos SQL Injection Attempt -- courseLog.php scormcontopen ASCII (emerging-web_specific_apps.rules)
 2004052 - ET WEB_SPECIFIC_APPS Dokeos SQL Injection Attempt -- courseLog.php scormcontopen UPDATE (emerging-web_specific_apps.rules)
 2004065 - ET WEB_SPECIFIC_APPS Dokeos SQL Injection Attempt -- my_progress.php course SELECT (emerging-web_specific_apps.rules)
 2004066 - ET WEB_SPECIFIC_APPS Dokeos SQL Injection Attempt -- my_progress.php course UNION SELECT (emerging-web_specific_apps.rules)
 2004067 - ET WEB_SPECIFIC_APPS Dokeos SQL Injection Attempt -- my_progress.php course INSERT (emerging-web_specific_apps.rules)
 2004068 - ET WEB_SPECIFIC_APPS Dokeos SQL Injection Attempt -- my_progress.php course DELETE (emerging-web_specific_apps.rules)
 2004069 - ET WEB_SPECIFIC_APPS Dokeos SQL Injection Attempt -- my_progress.php course ASCII (emerging-web_specific_apps.rules)
 2004070 - ET WEB_SPECIFIC_APPS Dokeos SQL Injection Attempt -- my_progress.php course UPDATE (emerging-web_specific_apps.rules)
 2004385 - ET WEB_SPECIFIC_APPS fystyq Duyuru Scripti SQL Injection Attempt -- goster.asp id SELECT (emerging-web_specific_apps.rules)
 2004386 - ET WEB_SPECIFIC_APPS fystyq Duyuru Scripti SQL Injection Attempt -- goster.asp id UNION SELECT (emerging-web_specific_apps.rules)
 2004387 - ET WEB_SPECIFIC_APPS fystyq Duyuru Scripti SQL Injection Attempt -- goster.asp id INSERT (emerging-web_specific_apps.rules)
 2004388 - ET WEB_SPECIFIC_APPS fystyq Duyuru Scripti SQL Injection Attempt -- goster.asp id DELETE (emerging-web_specific_apps.rules)
 2004389 - ET WEB_SPECIFIC_APPS fystyq Duyuru Scripti SQL Injection Attempt -- goster.asp id ASCII (emerging-web_specific_apps.rules)
 2004390 - ET WEB_SPECIFIC_APPS fystyq Duyuru Scripti SQL Injection Attempt -- goster.asp id UPDATE (emerging-web_specific_apps.rules)
 2004593 - ET WEB_SPECIFIC_APPS Dokeos XSS Attempt -- editor.php img (emerging-web_specific_apps.rules)
 2004595 - ET WEB_SPECIFIC_APPS Digirez XSS Attempt -- info_book.asp Room_name (emerging-web_specific_apps.rules)
 2004596 - ET WEB_SPECIFIC_APPS Digirez XSS Attempt -- week.asp curYear (emerging-web_specific_apps.rules)
 2004624 - ET WEB_SPECIFIC_APPS EQdkp SQL Injection Attempt -- listmembers.php rank SELECT (emerging-web_specific_apps.rules)
 2004625 - ET WEB_SPECIFIC_APPS EQdkp SQL Injection Attempt -- listmembers.php rank UNION SELECT (emerging-web_specific_apps.rules)
 2004626 - ET WEB_SPECIFIC_APPS EQdkp SQL Injection Attempt -- listmembers.php rank INSERT (emerging-web_specific_apps.rules)
 2004627 - ET WEB_SPECIFIC_APPS EQdkp SQL Injection Attempt -- listmembers.php rank DELETE (emerging-web_specific_apps.rules)
 2004628 - ET WEB_SPECIFIC_APPS EQdkp SQL Injection Attempt -- listmembers.php rank ASCII (emerging-web_specific_apps.rules)
 2004629 - ET WEB_SPECIFIC_APPS EQdkp SQL Injection Attempt -- listmembers.php rank UPDATE (emerging-web_specific_apps.rules)
 2004834 - ET WEB_SPECIFIC_APPS Design4Online UserPages2 SQL Injection Attempt -- page.asp art_id SELECT (emerging-web_specific_apps.rules)
 2004835 - ET WEB_SPECIFIC_APPS Design4Online UserPages2 SQL Injection Attempt -- page.asp art_id UNION SELECT (emerging-web_specific_apps.rules)
 2004836 - ET WEB_SPECIFIC_APPS Design4Online UserPages2 SQL Injection Attempt -- page.asp art_id INSERT (emerging-web_specific_apps.rules)
 2004837 - ET WEB_SPECIFIC_APPS Design4Online UserPages2 SQL Injection Attempt -- page.asp art_id DELETE (emerging-web_specific_apps.rules)
 2004838 - ET WEB_SPECIFIC_APPS Design4Online UserPages2 SQL Injection Attempt -- page.asp art_id ASCII (emerging-web_specific_apps.rules)
 2004839 - ET WEB_SPECIFIC_APPS Design4Online UserPages2 SQL Injection Attempt -- page.asp art_id UPDATE (emerging-web_specific_apps.rules)
 2005039 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- add_comment.php i SELECT (emerging-web_specific_apps.rules)
 2005040 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- add_comment.php i UNION SELECT (emerging-web_specific_apps.rules)
 2005041 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- add_comment.php i INSERT (emerging-web_specific_apps.rules)
 2005042 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- add_comment.php i DELETE (emerging-web_specific_apps.rules)
 2005043 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- add_comment.php i ASCII (emerging-web_specific_apps.rules)
 2005044 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- add_comment.php post_id SELECT (emerging-web_specific_apps.rules)
 2005045 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- add_comment.php i UPDATE (emerging-web_specific_apps.rules)
 2005046 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- add_comment.php post_id UNION SELECT (emerging-web_specific_apps.rules)
 2005047 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- add_comment.php post_id INSERT (emerging-web_specific_apps.rules)
 2005048 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- add_comment.php post_id DELETE (emerging-web_specific_apps.rules)
 2005049 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- add_comment.php post_id ASCII (emerging-web_specific_apps.rules)
 2005050 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- add_comment.php post_id UPDATE (emerging-web_specific_apps.rules)
 2005051 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- list_comments.php i SELECT (emerging-web_specific_apps.rules)
 2005052 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- list_comments.php i UNION SELECT (emerging-web_specific_apps.rules)
 2005053 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- list_comments.php i INSERT (emerging-web_specific_apps.rules)
 2005054 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- list_comments.php i DELETE (emerging-web_specific_apps.rules)
 2005055 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- list_comments.php i ASCII (emerging-web_specific_apps.rules)
 2005056 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- list_comments.php i UPDATE (emerging-web_specific_apps.rules)
 2005268 - ET WEB_SPECIFIC_APPS Easebay Resources Paypal Subscription Manager SQL Injection Attempt -- memberlist.php keyword SELECT (emerging-web_specific_apps.rules)
 2005269 - ET WEB_SPECIFIC_APPS Easebay Resources Paypal Subscription Manager SQL Injection Attempt -- memberlist.php keyword UNION SELECT (emerging-web_specific_apps.rules)
 2005270 - ET WEB_SPECIFIC_APPS Easebay Resources Paypal Subscription Manager SQL Injection Attempt -- memberlist.php keyword INSERT (emerging-web_specific_apps.rules)
 2005271 - ET WEB_SPECIFIC_APPS Easebay Resources Paypal Subscription Manager SQL Injection Attempt -- memberlist.php keyword DELETE (emerging-web_specific_apps.rules)
 2005272 - ET WEB_SPECIFIC_APPS Easebay Resources Paypal Subscription Manager SQL Injection Attempt -- memberlist.php keyword ASCII (emerging-web_specific_apps.rules)
 2005273 - ET WEB_SPECIFIC_APPS Easebay Resources Paypal Subscription Manager SQL Injection Attempt -- memberlist.php keyword UPDATE (emerging-web_specific_apps.rules)
 2005274 - ET WEB_SPECIFIC_APPS Easebay Resources Login Manager SQL Injection Attempt -- memberlist.php init_row SELECT (emerging-web_specific_apps.rules)
 2005275 - ET WEB_SPECIFIC_APPS Easebay Resources Login Manager SQL Injection Attempt -- memberlist.php init_row UNION SELECT (emerging-web_specific_apps.rules)
 2005276 - ET WEB_SPECIFIC_APPS Easebay Resources Login Manager SQL Injection Attempt -- memberlist.php init_row INSERT (emerging-web_specific_apps.rules)
 2005277 - ET WEB_SPECIFIC_APPS Easebay Resources Login Manager SQL Injection Attempt -- memberlist.php init_row DELETE (emerging-web_specific_apps.rules)
 2005278 - ET WEB_SPECIFIC_APPS Easebay Resources Login Manager SQL Injection Attempt -- memberlist.php init_row ASCII (emerging-web_specific_apps.rules)
 2005279 - ET WEB_SPECIFIC_APPS Easebay Resources Login Manager SQL Injection Attempt -- memberlist.php init_row UPDATE (emerging-web_specific_apps.rules)
 2005591 - ET WEB_SPECIFIC_APPS Digiappz DigiAffiliate SQL Injection Attempt -- visu_user.asp id SELECT (emerging-web_specific_apps.rules)
 2005592 - ET WEB_SPECIFIC_APPS Digiappz DigiAffiliate SQL Injection Attempt -- visu_user.asp id UNION SELECT (emerging-web_specific_apps.rules)
 2005593 - ET WEB_SPECIFIC_APPS Digiappz DigiAffiliate SQL Injection Attempt -- visu_user.asp id INSERT (emerging-web_specific_apps.rules)
 2005594 - ET WEB_SPECIFIC_APPS Digiappz DigiAffiliate SQL Injection Attempt -- visu_user.asp id DELETE (emerging-web_specific_apps.rules)
 2005595 - ET WEB_SPECIFIC_APPS Digiappz DigiAffiliate SQL Injection Attempt -- visu_user.asp id ASCII (emerging-web_specific_apps.rules)
 2005596 - ET WEB_SPECIFIC_APPS Digiappz DigiAffiliate SQL Injection Attempt -- visu_user.asp id UPDATE (emerging-web_specific_apps.rules)
 2005835 - ET WEB_SPECIFIC_APPS Digirez SQL Injection Attempt -- info_book.asp book_id SELECT (emerging-web_specific_apps.rules)
 2005836 - ET WEB_SPECIFIC_APPS Digirez SQL Injection Attempt -- info_book.asp book_id UNION SELECT (emerging-web_specific_apps.rules)
 2005837 - ET WEB_SPECIFIC_APPS Digirez SQL Injection Attempt -- info_book.asp book_id INSERT (emerging-web_specific_apps.rules)
 2005838 - ET WEB_SPECIFIC_APPS Digirez SQL Injection Attempt -- info_book.asp book_id DELETE (emerging-web_specific_apps.rules)
 2005839 - ET WEB_SPECIFIC_APPS Digirez SQL Injection Attempt -- info_book.asp book_id ASCII (emerging-web_specific_apps.rules)
 2005840 - ET WEB_SPECIFIC_APPS Digirez SQL Injection Attempt -- info_book.asp book_id UPDATE (emerging-web_specific_apps.rules)
 2005895 - ET WEB_SPECIFIC_APPS Digitizing Quote And Ordering System SQL Injection Attempt -- search.asp ordernum SELECT (emerging-web_specific_apps.rules)
 2005896 - ET WEB_SPECIFIC_APPS Digitizing Quote And Ordering System SQL Injection Attempt -- search.asp ordernum UNION SELECT (emerging-web_specific_apps.rules)
 2005897 - ET WEB_SPECIFIC_APPS Digitizing Quote And Ordering System SQL Injection Attempt -- search.asp ordernum INSERT (emerging-web_specific_apps.rules)
 2005898 - ET WEB_SPECIFIC_APPS Digitizing Quote And Ordering System SQL Injection Attempt -- search.asp ordernum DELETE (emerging-web_specific_apps.rules)
 2005899 - ET WEB_SPECIFIC_APPS Digitizing Quote And Ordering System SQL Injection Attempt -- search.asp ordernum ASCII (emerging-web_specific_apps.rules)
 2005900 - ET WEB_SPECIFIC_APPS Digitizing Quote And Ordering System SQL Injection Attempt -- search.asp ordernum UPDATE (emerging-web_specific_apps.rules)
 2005985 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- admin.asp grup SELECT (emerging-web_specific_apps.rules)
 2005986 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- admin.asp grup UNION SELECT (emerging-web_specific_apps.rules)
 2005987 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- admin.asp grup INSERT (emerging-web_specific_apps.rules)
 2005988 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- admin.asp grup DELETE (emerging-web_specific_apps.rules)
 2005989 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- admin.asp grup ASCII (emerging-web_specific_apps.rules)
 2005990 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- admin.asp grup UPDATE (emerging-web_specific_apps.rules)
 2005991 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- default.asp id SELECT (emerging-web_specific_apps.rules)
 2005992 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- default.asp id UNION SELECT (emerging-web_specific_apps.rules)
 2005993 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- default.asp id INSERT (emerging-web_specific_apps.rules)
 2005994 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- default.asp id DELETE (emerging-web_specific_apps.rules)
 2005995 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- default.asp id ASCII (emerging-web_specific_apps.rules)
 2005996 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- default.asp id UPDATE (emerging-web_specific_apps.rules)
 2005997 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- admin.asp id SELECT (emerging-web_specific_apps.rules)
 2005998 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- admin.asp id UNION SELECT (emerging-web_specific_apps.rules)
 2005999 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- admin.asp id INSERT (emerging-web_specific_apps.rules)
 2006000 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- admin.asp id DELETE (emerging-web_specific_apps.rules)
 2006001 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- admin.asp id ASCII (emerging-web_specific_apps.rules)
 2006002 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- admin.asp id UPDATE (emerging-web_specific_apps.rules)
 2006135 - ET WEB_SPECIFIC_APPS Enthrallweb eMates SQL Injection Attempt -- newsdetail.asp ID SELECT (emerging-web_specific_apps.rules)
 2006136 - ET WEB_SPECIFIC_APPS Enthrallweb eMates SQL Injection Attempt -- newsdetail.asp ID UNION SELECT (emerging-web_specific_apps.rules)
 2006137 - ET WEB_SPECIFIC_APPS Enthrallweb eMates SQL Injection Attempt -- newsdetail.asp ID INSERT (emerging-web_specific_apps.rules)
 2006138 - ET WEB_SPECIFIC_APPS Enthrallweb eMates SQL Injection Attempt -- newsdetail.asp ID DELETE (emerging-web_specific_apps.rules)
 2006139 - ET WEB_SPECIFIC_APPS Enthrallweb eMates SQL Injection Attempt -- newsdetail.asp ID ASCII (emerging-web_specific_apps.rules)
 2006140 - ET WEB_SPECIFIC_APPS Enthrallweb eMates SQL Injection Attempt -- newsdetail.asp ID UPDATE (emerging-web_specific_apps.rules)
 2006141 - ET WEB_SPECIFIC_APPS Dragon Business Directory SQL Injection Attempt -- bus_details.asp ID SELECT (emerging-web_specific_apps.rules)
 2006142 - ET WEB_SPECIFIC_APPS Dragon Business Directory SQL Injection Attempt -- bus_details.asp ID UNION SELECT (emerging-web_specific_apps.rules)
 2006143 - ET WEB_SPECIFIC_APPS Dragon Business Directory SQL Injection Attempt -- bus_details.asp ID INSERT (emerging-web_specific_apps.rules)
 2006144 - ET WEB_SPECIFIC_APPS Dragon Business Directory SQL Injection Attempt -- bus_details.asp ID DELETE (emerging-web_specific_apps.rules)
 2006145 - ET WEB_SPECIFIC_APPS Dragon Business Directory SQL Injection Attempt -- bus_details.asp ID ASCII (emerging-web_specific_apps.rules)
 2006146 - ET WEB_SPECIFIC_APPS Dragon Business Directory SQL Injection Attempt -- bus_details.asp ID UPDATE (emerging-web_specific_apps.rules)
 2006147 - ET WEB_SPECIFIC_APPS Enthrallweb eCars SQL Injection Attempt -- Types.asp Type_id SELECT (emerging-web_specific_apps.rules)
 2006148 - ET WEB_SPECIFIC_APPS Enthrallweb eCars SQL Injection Attempt -- Types.asp Type_id UNION SELECT (emerging-web_specific_apps.rules)
 2006149 - ET WEB_SPECIFIC_APPS Enthrallweb eCars SQL Injection Attempt -- Types.asp Type_id INSERT (emerging-web_specific_apps.rules)
 2006150 - ET WEB_SPECIFIC_APPS Enthrallweb eCars SQL Injection Attempt -- Types.asp Type_id DELETE (emerging-web_specific_apps.rules)
 2006151 - ET WEB_SPECIFIC_APPS Enthrallweb eCars SQL Injection Attempt -- Types.asp Type_id ASCII (emerging-web_specific_apps.rules)
 2006152 - ET WEB_SPECIFIC_APPS Enthrallweb eCars SQL Injection Attempt -- Types.asp Type_id UPDATE (emerging-web_specific_apps.rules)
 2006153 - ET WEB_SPECIFIC_APPS Enthrallweb ePages SQL Injection Attempt -- actualpic.asp Biz_ID SELECT (emerging-web_specific_apps.rules)
 2006154 - ET WEB_SPECIFIC_APPS Enthrallweb ePages SQL Injection Attempt -- actualpic.asp Biz_ID UNION SELECT (emerging-web_specific_apps.rules)
 2006155 - ET WEB_SPECIFIC_APPS Enthrallweb ePages SQL Injection Attempt -- actualpic.asp Biz_ID INSERT (emerging-web_specific_apps.rules)
 2006156 - ET WEB_SPECIFIC_APPS Enthrallweb ePages SQL Injection Attempt -- actualpic.asp Biz_ID DELETE (emerging-web_specific_apps.rules)
 2006157 - ET WEB_SPECIFIC_APPS Enthrallweb ePages SQL Injection Attempt -- actualpic.asp Biz_ID ASCII (emerging-web_specific_apps.rules)
 2006158 - ET WEB_SPECIFIC_APPS Enthrallweb ePages SQL Injection Attempt -- actualpic.asp Biz_ID UPDATE (emerging-web_specific_apps.rules)
 2006159 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- default.asp grup SELECT (emerging-web_specific_apps.rules)
 2006160 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- default.asp grup UNION SELECT (emerging-web_specific_apps.rules)
 2006161 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- default.asp grup INSERT (emerging-web_specific_apps.rules)
 2006162 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- default.asp grup DELETE (emerging-web_specific_apps.rules)
 2006163 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- default.asp grup ASCII (emerging-web_specific_apps.rules)
 2006164 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- default.asp grup UPDATE (emerging-web_specific_apps.rules)
 2006449 - ET WEB_SPECIFIC_APPS Elxis CMS SQL Injection Attempt -- mod_banners.php SELECT (emerging-web_specific_apps.rules)
 2006450 - ET WEB_SPECIFIC_APPS Elxis CMS SQL Injection Attempt -- mod_banners.php UNION SELECT (emerging-web_specific_apps.rules)
 2006451 - ET WEB_SPECIFIC_APPS Elxis CMS SQL Injection Attempt -- mod_banners.php INSERT (emerging-web_specific_apps.rules)
 2006452 - ET WEB_SPECIFIC_APPS Elxis CMS SQL Injection Attempt -- mod_banners.php DELETE (emerging-web_specific_apps.rules)
 2006453 - ET WEB_SPECIFIC_APPS Elxis CMS SQL Injection Attempt -- mod_banners.php ASCII (emerging-web_specific_apps.rules)
 2006454 - ET WEB_SPECIFIC_APPS Elxis CMS SQL Injection Attempt -- mod_banners.php UPDATE (emerging-web_specific_apps.rules)
 2006554 - ET WEB_SPECIFIC_APPS EasyPage SQL Injection Attempt -- default.aspx docId SELECT (emerging-web_specific_apps.rules)
 2006555 - ET WEB_SPECIFIC_APPS EasyPage SQL Injection Attempt -- default.aspx docId UNION SELECT (emerging-web_specific_apps.rules)
 2006556 - ET WEB_SPECIFIC_APPS EasyPage SQL Injection Attempt -- default.aspx docId INSERT (emerging-web_specific_apps.rules)
 2006557 - ET WEB_SPECIFIC_APPS EasyPage SQL Injection Attempt -- default.aspx docId DELETE (emerging-web_specific_apps.rules)
 2006558 - ET WEB_SPECIFIC_APPS EasyPage SQL Injection Attempt -- default.aspx docId ASCII (emerging-web_specific_apps.rules)
 2006559 - ET WEB_SPECIFIC_APPS EasyPage SQL Injection Attempt -- default.aspx docId UPDATE (emerging-web_specific_apps.rules)
 2006687 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp iFile SELECT (emerging-web_specific_apps.rules)
 2006688 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp iFile UNION SELECT (emerging-web_specific_apps.rules)
 2006689 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp iFile INSERT (emerging-web_specific_apps.rules)
 2006690 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp iFile DELETE (emerging-web_specific_apps.rules)
 2006691 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp iFile ASCII (emerging-web_specific_apps.rules)
 2006692 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp iFile UPDATE (emerging-web_specific_apps.rules)
 2006694 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp action SELECT (emerging-web_specific_apps.rules)
 2006695 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp action UNION SELECT (emerging-web_specific_apps.rules)
 2006696 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp action INSERT (emerging-web_specific_apps.rules)
 2006697 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp action DELETE (emerging-web_specific_apps.rules)
 2006698 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp action ASCII (emerging-web_specific_apps.rules)
 2006699 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp action UPDATE (emerging-web_specific_apps.rules)
 2006700 - ET WEB_SPECIFIC_APPS DUware DUpaypal SQL Injection Attempt -- detail.asp iType SELECT (emerging-web_specific_apps.rules)
 2006701 - ET WEB_SPECIFIC_APPS DUware DUpaypal SQL Injection Attempt -- detail.asp iType UNION SELECT (emerging-web_specific_apps.rules)
 2006702 - ET WEB_SPECIFIC_APPS DUware DUpaypal SQL Injection Attempt -- detail.asp iType INSERT (emerging-web_specific_apps.rules)
 2006703 - ET WEB_SPECIFIC_APPS DUware DUpaypal SQL Injection Attempt -- detail.asp iType DELETE (emerging-web_specific_apps.rules)
 2006704 - ET WEB_SPECIFIC_APPS DUware DUpaypal SQL Injection Attempt -- detail.asp iType ASCII (emerging-web_specific_apps.rules)
 2006705 - ET WEB_SPECIFIC_APPS DUware DUpaypal SQL Injection Attempt -- detail.asp iType UPDATE (emerging-web_specific_apps.rules)
 2006706 - ET WEB_SPECIFIC_APPS DuWare DuClassmate SQL Injection Attempt -- default.asp iCity SELECT (emerging-web_specific_apps.rules)
 2006707 - ET WEB_SPECIFIC_APPS DuWare DuClassmate SQL Injection Attempt -- default.asp iCity UNION SELECT (emerging-web_specific_apps.rules)
 2006708 - ET WEB_SPECIFIC_APPS DuWare DuClassmate SQL Injection Attempt -- default.asp iCity INSERT (emerging-web_specific_apps.rules)
 2006709 - ET WEB_SPECIFIC_APPS DuWare DuClassmate SQL Injection Attempt -- default.asp iCity DELETE (emerging-web_specific_apps.rules)
 2006710 - ET WEB_SPECIFIC_APPS DuWare DuClassmate SQL Injection Attempt -- default.asp iCity ASCII (emerging-web_specific_apps.rules)
 2006711 - ET WEB_SPECIFIC_APPS DuWare DuClassmate SQL Injection Attempt -- default.asp iCity UPDATE (emerging-web_specific_apps.rules)
 2006712 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews SELECT (emerging-web_specific_apps.rules)
 2006713 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews UNION SELECT (emerging-web_specific_apps.rules)
 2006714 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews INSERT (emerging-web_specific_apps.rules)
 2006715 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews DELETE (emerging-web_specific_apps.rules)
 2006716 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews ASCII (emerging-web_specific_apps.rules)
 2006717 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews UPDATE (emerging-web_specific_apps.rules)
 2006718 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iType SELECT (emerging-web_specific_apps.rules)
 2006719 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iType UNION SELECT (emerging-web_specific_apps.rules)
 2006720 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iType INSERT (emerging-web_specific_apps.rules)
 2006721 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iType DELETE (emerging-web_specific_apps.rules)
 2006722 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iType ASCII (emerging-web_specific_apps.rules)
 2006723 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iType UPDATE (emerging-web_specific_apps.rules)
 2006724 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp Action SELECT (emerging-web_specific_apps.rules)
 2006725 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp Action UNION SELECT (emerging-web_specific_apps.rules)
 2006726 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp Action INSERT (emerging-web_specific_apps.rules)
 2006727 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp Action DELETE (emerging-web_specific_apps.rules)
 2006728 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp Action ASCII (emerging-web_specific_apps.rules)
 2006729 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp Action UPDATE (emerging-web_specific_apps.rules)
 2007024 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp ad_id SELECT (emerging-web_specific_apps.rules)
 2007025 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp ad_id UNION SELECT (emerging-web_specific_apps.rules)
 2007026 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp ad_id INSERT (emerging-web_specific_apps.rules)
 2007027 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp ad_id DELETE (emerging-web_specific_apps.rules)
 2007028 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp ad_id ASCII (emerging-web_specific_apps.rules)
 2007029 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp ad_id UPDATE (emerging-web_specific_apps.rules)
 2007030 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dircat.asp cid SELECT (emerging-web_specific_apps.rules)
 2007031 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dircat.asp cid UNION SELECT (emerging-web_specific_apps.rules)
 2007032 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dircat.asp cid INSERT (emerging-web_specific_apps.rules)
 2007033 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dircat.asp cid DELETE (emerging-web_specific_apps.rules)
 2007034 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dircat.asp cid ASCII (emerging-web_specific_apps.rules)
 2007035 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dircat.asp cid UPDATE (emerging-web_specific_apps.rules)
 2007036 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dirSub.asp sid SELECT (emerging-web_specific_apps.rules)
 2007037 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dirSub.asp sid UNION SELECT (emerging-web_specific_apps.rules)
 2007038 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dirSub.asp sid INSERT (emerging-web_specific_apps.rules)
 2007039 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dirSub.asp sid DELETE (emerging-web_specific_apps.rules)
 2007040 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dirSub.asp sid ASCII (emerging-web_specific_apps.rules)
 2007041 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dirSub.asp sid UPDATE (emerging-web_specific_apps.rules)
 2007042 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp AD_ID SELECT (emerging-web_specific_apps.rules)
 2007043 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp AD_ID UNION SELECT (emerging-web_specific_apps.rules)
 2007044 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp AD_ID INSERT (emerging-web_specific_apps.rules)
 2007045 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp AD_ID DELETE (emerging-web_specific_apps.rules)
 2007046 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp AD_ID ASCII (emerging-web_specific_apps.rules)
 2007047 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp AD_ID UPDATE (emerging-web_specific_apps.rules)
 2007048 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp cat_id SELECT (emerging-web_specific_apps.rules)
 2007049 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp sub_id UPDATE (emerging-web_specific_apps.rules)
 2007050 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp cat_id INSERT (emerging-web_specific_apps.rules)
 2007051 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp cat_id DELETE (emerging-web_specific_apps.rules)
 2007052 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp cat_id ASCII (emerging-web_specific_apps.rules)
 2007053 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp cat_id UPDATE (emerging-web_specific_apps.rules)
 2007054 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp sub_id SELECT (emerging-web_specific_apps.rules)
 2007055 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp sub_id UNION SELECT (emerging-web_specific_apps.rules)
 2007056 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp sub_id INSERT (emerging-web_specific_apps.rules)
 2007057 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp sub_id DELETE (emerging-web_specific_apps.rules)
 2007058 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp sub_id ASCII (emerging-web_specific_apps.rules)
 2007059 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp cat_id UNION SELECT (emerging-web_specific_apps.rules)
 2007076 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dircat.asp cid SELECT (emerging-web_specific_apps.rules)
 2007077 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dircat.asp cid UNION SELECT (emerging-web_specific_apps.rules)
 2007078 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dircat.asp cid INSERT (emerging-web_specific_apps.rules)
 2007079 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dircat.asp cid DELETE (emerging-web_specific_apps.rules)
 2007080 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dircat.asp cid ASCII (emerging-web_specific_apps.rules)
 2007081 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dircat.asp cid UPDATE (emerging-web_specific_apps.rules)
 2007082 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dirSub.asp sid SELECT (emerging-web_specific_apps.rules)
 2007083 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dirSub.asp sid UNION SELECT (emerging-web_specific_apps.rules)
 2007084 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dirSub.asp sid INSERT (emerging-web_specific_apps.rules)
 2007085 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dirSub.asp sid DELETE (emerging-web_specific_apps.rules)
 2007086 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dirSub.asp sid ASCII (emerging-web_specific_apps.rules)
 2007087 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dirSub.asp sid UPDATE (emerging-web_specific_apps.rules)
 2007088 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- types.asp TYPE_ID SELECT (emerging-web_specific_apps.rules)
 2007089 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- types.asp TYPE_ID UNION SELECT (emerging-web_specific_apps.rules)
 2007090 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- types.asp TYPE_ID INSERT (emerging-web_specific_apps.rules)
 2007091 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- types.asp TYPE_ID DELETE (emerging-web_specific_apps.rules)
 2007092 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- types.asp TYPE_ID ASCII (emerging-web_specific_apps.rules)
 2007093 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- types.asp TYPE_ID UPDATE (emerging-web_specific_apps.rules)
 2007094 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- homeDetail.asp AD_ID SELECT (emerging-web_specific_apps.rules)
 2007095 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- homeDetail.asp AD_ID UNION SELECT (emerging-web_specific_apps.rules)
 2007096 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- homeDetail.asp AD_ID INSERT (emerging-web_specific_apps.rules)
 2007097 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- homeDetail.asp AD_ID DELETE (emerging-web_specific_apps.rules)
 2007098 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- homeDetail.asp AD_ID ASCII (emerging-web_specific_apps.rules)
 2007099 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- homeDetail.asp AD_ID UPDATE (emerging-web_specific_apps.rules)
 2007100 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- result.asp cat SELECT (emerging-web_specific_apps.rules)
 2007101 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- result.asp cat UNION SELECT (emerging-web_specific_apps.rules)
 2007102 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- result.asp cat INSERT (emerging-web_specific_apps.rules)
 2007103 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- result.asp cat DELETE (emerging-web_specific_apps.rules)
 2007104 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- result.asp cat ASCII (emerging-web_specific_apps.rules)
 2007105 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- result.asp cat UPDATE (emerging-web_specific_apps.rules)
 2007106 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- compareHomes.asp compare SELECT (emerging-web_specific_apps.rules)
 2007107 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- compareHomes.asp compare UNION SELECT (emerging-web_specific_apps.rules)
 2007108 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- compareHomes.asp compare INSERT (emerging-web_specific_apps.rules)
 2007109 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- compareHomes.asp compare DELETE (emerging-web_specific_apps.rules)
 2007110 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- compareHomes.asp compare ASCII (emerging-web_specific_apps.rules)
 2007111 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- compareHomes.asp compare UPDATE (emerging-web_specific_apps.rules)
 2007566 - ET TROJAN Downloader.MisleadApp Fake Security Product Install (emerging-trojan.rules)
 2007683 - ET TROJAN E-Jihad 3.0 HTTP Activity 1 (emerging-trojan.rules)
 2007684 - ET TROJAN E-Jihad 3.0 HTTP Activity 2 (emerging-trojan.rules)
 2007685 - ET TROJAN E-Jihad 3.0 HTTP Activity 3 (emerging-trojan.rules)
 2007686 - ET TROJAN E-Jihad 3.0 DDoS HTTP Activity OUTBOUND (emerging-trojan.rules)
 2007687 - ET TROJAN E-Jihad 3.0 DDoS HTTP Activity INBOUND (emerging-trojan.rules)
 2007688 - ET TROJAN Prg Trojan HTTP POST v1 (emerging-trojan.rules)
 2007724 - ET TROJAN Prg Trojan HTTP POST version 2 (emerging-trojan.rules)
 2007747 - ET TROJAN MBR Trojan (Sinowal/Mebroot/) Phoning Home (emerging-trojan.rules)
 2007748 - ET TROJAN NPRC Malicious POST Request Possible DOJ or DOT Malware (emerging-trojan.rules)
 2007758 - ET TROJAN Eldorado.BHO User-Agent Detected (netcfg) (emerging-trojan.rules)
 2007774 - ET TROJAN Lop.gfr/Swizzor HTTP Update/Checkin (emerging-trojan.rules)
 2007775 - ET TROJAN Krunchy/BZub HTTP Checkin/Update (emerging-trojan.rules)
 2007776 - ET TROJAN Krunchy/BZub HTTP POST Update (emerging-trojan.rules)
 2007823 - ET TROJAN Banker.OT Checkin (emerging-trojan.rules)
 2007828 - ET TROJAN LDPinch Checkin (2) (emerging-trojan.rules)
 2007829 - ET TROJAN Illusion Bot (Lussilon) Checkin (emerging-trojan.rules)
 2007831 - ET TROJAN Downloader General Bot Checking In via HTTP Post (bot_id push) (emerging-trojan.rules)
 2007833 - ET TROJAN Eldorado.BHO User-Agent Detected (MSIE 5.5) (emerging-trojan.rules)
 2007836 - ET TROJAN Downloader General Bot Checking In - Possible Win32.Small.htz related (emerging-trojan.rules)
 2007874 - ET EXPLOIT Now SMS/MMS Gateway HTTP BOF Vulnerability (emerging-exploit.rules)
 2008100 - ET TROJAN PRG/wnspoem/Zeus InfoStealer Trojan Config Download (emerging-trojan.rules)
 2008195 - ET TROJAN Dropper mdodo.com Related Trojan (emerging-trojan.rules)
 2008196 - ET TROJAN Dropper 6dzone.com Related Trojan (emerging-trojan.rules)
 2008218 - ET TROJAN Optix Pro Trojan/Keylogger Reporting Installation via HTTP-Email Post (emerging-trojan.rules)
 2008317 - ET TROJAN Hitpop.AG/Pophot.az HTTP Checkin (emerging-trojan.rules)
 2008322 - ET TROJAN FraudLoad.aww HTTP CnC Post (emerging-trojan.rules)
 2008338 - ET TROJAN KLog Nick Keylogger Checkin (emerging-trojan.rules)
 2008340 - ET TROJAN Lost Door Checkin (emerging-trojan.rules)
 2008346 - ET TROJAN Mitglieder Checkin (emerging-trojan.rules)
 2008347 - ET TROJAN Swizzor Checkin (emerging-trojan.rules)
 2008369 - ET TROJAN Keylogger Crack by bahman (emerging-trojan.rules)
 2008431 - ET TROJAN PWS.Gamania Checkin (emerging-trojan.rules)
 2008452 - ET TROJAN Emo/Downloader.uxk checkin (emerging-trojan.rules)
 2008515 - ET TROJAN Hupigon.AZG Checkin (emerging-trojan.rules)
 2008684 - ET WEB_SPECIFIC_APPS E-Shop Shopping Cart Script search_results.php SQL Injection (emerging-web_specific_apps.rules)
 2008740 - ET TROJAN Ligats/DR.Ilomo Agent Post (emerging-trojan.rules)
 2008760 - ET TROJAN Insidebar.co.kr Related Infection Checkin (emerging-trojan.rules)
 2008830 - ET WEB_SPECIFIC_APPS DevelopItEasy Photo Gallery cat_id paramter SQL Injection (emerging-web_specific_apps.rules)
 2008831 - ET WEB_SPECIFIC_APPS DevelopItEasy Photo Gallery photo_id paramter SQL Injection (emerging-web_specific_apps.rules)
 2008834 - ET WEB_SPECIFIC_APPS DevelopItEasy News And Article aid parameter SQL Injection (emerging-web_specific_apps.rules)
 2008838 - ET WEB_SPECIFIC_APPS DeltaScripts PHP Classifieds siteid parameter Remote SQL Injection (emerging-web_specific_apps.rules)
 2008864 - ET TROJAN Koobface Trojan HTTP Post Checkin (emerging-trojan.rules)
 2008883 - ET WEB_SPECIFIC_APPS Easyedit CMS page.php intpageID parameter sql injection (emerging-web_specific_apps.rules)
 2008884 - ET WEB_SPECIFIC_APPS Easyedit CMS subcategory.php intSubCategoryID parameter sql injection (emerging-web_specific_apps.rules)
 2008885 - ET WEB_SPECIFIC_APPS Easyedit CMS news.php intPageID parameter sql injection (emerging-web_specific_apps.rules)
 2008891 - ET TROJAN MEREDROP/micr0s0fts.cn Related Checkin (emerging-trojan.rules)
 2008943 - ET TROJAN Lop_com or variant Checkin (9kgen_up) (emerging-trojan.rules)
 2008984 - ET TROJAN Trojan-GameThief.Win32.OnLineGames infection report (emerging-trojan.rules)
 2009003 - ET TROJAN Win32/Korklic.A (emerging-trojan.rules)
 2009117 - ET WEB_SPECIFIC_APPS Easynet4u Link Host directory.php cat_id parameter SQL Injection (emerging-web_specific_apps.rules)
 2009317 - ET WEB_SPECIFIC_APPS DesktopOnNet don3_requiem.php app_path Parameter Remote File Inclusion (emerging-web_specific_apps.rules)
 2009318 - ET WEB_SPECIFIC_APPS DesktopOnNet frontpage.php app_path Parameter Remote File Inclusion (emerging-web_specific_apps.rules)
 2009319 - ET WEB_SPECIFIC_APPS DeZine DZcms products.php pcat parameter SQL injection (emerging-web_specific_apps.rules)
 2009323 - ET WEB_SPECIFIC_APPS Demium CMS tracking.php follow_kat Parameter SQL Injection (emerging-web_specific_apps.rules)
 2009324 - ET WEB_SPECIFIC_APPS Demium CMS urheber.php name Parameter Local File Inclusion (emerging-web_specific_apps.rules)
 2009366 - ET WEB_SPECIFIC_APPS EasySiteNetwork Riddles Complete Website riddle.php riddleid Parameter SQL Injection (emerging-web_specific_apps.rules)
 2009368 - ET WEB_SPECIFIC_APPS DeluxeBB misc.php qorder Parameter SQL Injection (emerging-web_specific_apps.rules)
 2009380 - ET WEB_SPECIFIC_APPS Acute Control Panel header.php theme_directory parameter local file inclusion (emerging-web_specific_apps.rules)
 2009412 - ET TROJAN Generic Trojan Checkin (emerging-trojan.rules)
 2009442 - ET TROJAN Generic Trojan Checkin (2) (emerging-trojan.rules)
 2009443 - ET TROJAN NoBo Downloader Dropper GET (emerging-trojan.rules)
 2009455 - ET TROJAN FAKE AV HTTP CnC Post (emerging-trojan.rules)
 2009472 - ET TROJAN Fasec/FakeAV Alert/Keylogger/Dropper/DNSChanger Possible Rootkit - HTTP GET (emerging-trojan.rules)
 2009514 - ET TROJAN FAKE/ROGUE AV HTTP Post (emerging-trojan.rules)
 2009519 - ET TROJAN Gaboc Trojan Check-in (emerging-trojan.rules)
 2009526 - ET TROJAN Downloader Checkin - Downloads Rogue Adware  (emerging-trojan.rules)
 2009527 - ET TROJAN Generic Downloader Checkin - HTTP GET  (emerging-trojan.rules)
 2009531 - ET TROJAN Gamania Trojan Check-in (emerging-trojan.rules)
 2009541 - ET TROJAN Suspicious User-Agent filled with System Details - GET Request (emerging-trojan.rules)
 2009549 - ET TROJAN Generic Downloader - HTTP POST (emerging-trojan.rules)
 2009553 - ET TROJAN FAKE/ROGUE AV - Encoded (data=) HTTP POST (emerging-trojan.rules)
 2009554 - ET TROJAN FAKE/ROGUE AV/Security Application Checkin (emerging-trojan.rules)
 2009704 - ET TROJAN Generic Downloader Check-in (emerging-trojan.rules)
 2009751 - ET TROJAN Fraudload/FakeAlert/FakeVimes Downloader - POST (emerging-trojan.rules)
 2009776 - ET TROJAN Oficla Downloader Activity Observed (emerging-trojan.rules)
 2009795 - ET WEB_SPECIFIC_APPS Dog Pedigree Online Database managePerson.php personId Parameter SQL Injection (emerging-web_specific_apps.rules)
 2009804 - ET TROJAN Screenblaze SCR Related Backdoor - GET (emerging-trojan.rules)
 2009805 - ET TROJAN Luder.B User-Agent (Mozilla/4.0 (SPGK)) - GET (emerging-trojan.rules)
 2009810 - ET TROJAN Swizzor-based Downloader - Invalid User-Agent (Mozilla/4.0 (compatible MSIE 7.0 na .NET CLR 2.0.50727 .NET CLR 3.0.4506.2152 .NET CLR 3.5.30729)) (emerging-trojan.rules)
 2009811 - ET TROJAN KillAV/Dropper/Mdrop/Hupigon - HTTP GET (emerging-trojan.rules)
 2009813 - ET TROJAN Trojan.MyDNS DNSChanger - HTTP POST (emerging-trojan.rules)
 2009826 - ET TROJAN Generic Backdoor Retrieve Instructions/Configs - HTTP GET (emerging-trojan.rules)
 2009832 - ET SCAN DCERPC rpcmgmt ifids Unauthenticated BIND (emerging-scan.rules)
 2009848 - ET WEB_SPECIFIC_APPS Dragoon header.inc.php root Parameter Remote File Inclusion (emerging-web_specific_apps.rules)
 2009876 - ET WEB_SPECIFIC_APPS Dokuwiki doku.php config_cascade Local File Inclusion (emerging-web_specific_apps.rules)
 2009904 - ET WEB_SPECIFIC_APPS AdaptBB latestposts.php forumspath Parameter Local File Inclusion (emerging-web_specific_apps.rules)
 2010007 - ET TROJAN Potential Gemini Malware Download (emerging-trojan.rules)
 2010073 - ET WEB_SPECIFIC_APPS Possible Docebo UPDATE SET SQL Injection Attempt (emerging-web_specific_apps.rules)
 2010074 - ET WEB_SPECIFIC_APPS Possible Docebo UNION SELECT SQL Injection Attempt (emerging-web_specific_apps.rules)
 2010075 - ET WEB_SPECIFIC_APPS Possible Docebo SELECT FROM SQL Injection Attempt (emerging-web_specific_apps.rules)
 2010076 - ET WEB_SPECIFIC_APPS Possible Docebo DELETE FROM SQL Injection Attempt (emerging-web_specific_apps.rules)
 2010077 - ET WEB_SPECIFIC_APPS Possible Docebo INSERT INTO Injection Attempt (emerging-web_specific_apps.rules)
 2010078 - ET WEB_SPECIFIC_APPS Possible Docebo UPDATE SET SQL Injection Attempt (emerging-web_specific_apps.rules)
 2010151 - ET TROJAN Koobface C&C availability check (emerging-trojan.rules)
 2010158 - ET TROJAN Nanspy Bot Checkin (emerging-trojan.rules)
 2010194 - ET WEB_SPECIFIC_APPS Adobe JRun Directory Traversal (emerging-web_specific_apps.rules)
 2010195 - ET WEB_SPECIFIC_APPS DS CMS DetailFile.php nFileId Parameter SQL Injection (emerging-web_specific_apps.rules)
 2010252 - ET WEB_SPECIFIC_APPS Datalife Engine api.class.php dle_config_api Parameter Remote File Inclusion (emerging-web_specific_apps.rules)
 2010259 - ET WEB_SPECIFIC_APPS DvBBS boardrule.php groupboardid Parameter SQL Injection (emerging-web_specific_apps.rules)
 2010282 - ET TROJAN Generic Trojan Checkin (double Content-Type headers) (emerging-trojan.rules)
 2010337 - ET TROJAN FakeAV Reporting - POST often to [resolution|borders].php (emerging-trojan.rules)
 2010439 - ET TROJAN Generic Trojan Checkin (UA VBTagEdit) (emerging-trojan.rules)
 2010512 - ET TROJAN FakeAV FakeSmoke HTTP POST check-in (emerging-trojan.rules)
 2010594 - ET TROJAN Potential FakeAV HTTP POST Check-IN (?r=) (emerging-trojan.rules)
 2010625 - ET TROJAN FakeAV Landing Page (aid,sid) (emerging-trojan.rules)
 2010626 - ET TROJAN Likely FakeAV/Fakeinit/FraudLoad Checkin (emerging-trojan.rules)
 2010627 - ET TROJAN Likely FakeAV/Fakeinit/FraudLoad Checkin (emerging-trojan.rules)
 2010628 - ET TROJAN Likely FakeAV/Fakeinit/FraudLoad Checkin (emerging-trojan.rules)
 2010700 - ET TROJAN Likely Koobface Beaconing (getexe) (emerging-trojan.rules)
 2010707 - ET WEB_SPECIFIC_APPS Dros core.write_compiled_include.php smarty Remote File Inclusion Attempt (emerging-web_specific_apps.rules)
 2010708 - ET WEB_SPECIFIC_APPS Dros core.process_compiled_include.php smarty Remote File Inclusion Attempt (emerging-web_specific_apps.rules)
 2010709 - ET WEB_SPECIFIC_APPS Dros function.config_load.php _compile_file Remote File Inclusion Attempt (emerging-web_specific_apps.rules)
 2010715 - ET SCAN ZmEu exploit scanner (emerging-scan.rules)
 2010743 - ET TROJAN Oficla Checkin (1) (emerging-trojan.rules)
 2011072 - ET TROJAN Fruspam polling for IP likely infected (emerging-trojan.rules)
 2011099 - ET WEB_SPECIFIC_APPS DaFun Spirit lgsl_players.php lgsl_path Parameter Remote File Inclusion (emerging-web_specific_apps.rules)
 2011100 - ET WEB_SPECIFIC_APPS DaFun Spirit lgsl_settings.php lgsl_path Parameter Remote File Inclusion (emerging-web_specific_apps.rules)
 2011104 - ET TROJAN Exploit kit attack activity likely hostile (emerging-trojan.rules)
 2011153 - ET WEB_SPECIFIC_APPS Ektron CMS400.NET reterror.aspx info Parameter Cross Site Scripting Attempt (emerging-web_specific_apps.rules)
 2011154 - ET WEB_SPECIFIC_APPS Ektron CMS400.NET medialist.aspx selectids Parameter Cross Site Scripting Attempt (emerging-web_specific_apps.rules)
 2011179 - ET TROJAN Generic Checkin - MSCommonInfoEx (emerging-trojan.rules)
 2011269 - ET TROJAN Downloader.Win32.Small (emerging-trojan.rules)
 2011277 - ET TROJAN Generic Trojan HTTP Get (emerging-trojan.rules)
 2011414 - ET TROJAN Win32/Small.gen!AQ Communication with Controller (emerging-trojan.rules)
 2011465 - ET WEB_SERVER /bin/sh In URI, Possible Shell Command Execution Attempt Within Web Exploit (emerging-web_server.rules)
 2011489 - ET TROJAN Meredrop or similar Checkin (emerging-trojan.rules)
 2011544 - ET TROJAN JAR Download From Crimepack Exploit Kit (emerging-trojan.rules)
 2011576 - ET TROJAN nte Binary Download Attempt (multiple malware variants served) (emerging-trojan.rules)
 2011577 - ET TROJAN DNSTrojan FakeAV Dropper Activity Observed (1) (emerging-trojan.rules)
 2011578 - ET TROJAN DNSTrojan FakeAV Dropper Activity Observed (2) (emerging-trojan.rules)
 2011589 - ET ACTIVEX Microsoft DirectX 9 msvidctl.dll ActiveX Control Code Execution Attempt (emerging-activex.rules)
 2011590 - ET ACTIVEX Microsoft DirectX 9 ActiveX Control Format String Function Call (emerging-activex.rules)
 2011725 - ET WEB_SPECIFIC_APPS EZPX photoblog tpl_base_dir Parameter Remote File Inclusion Attempt (emerging-web_specific_apps.rules)
 2011801 - ET ACTIVEX AoA Audio Extractor ActiveX Control Buffer Overflow Attempt (emerging-activex.rules)
 2011806 - ET WEB_SERVER ScriptResource.axd access without t (time) parameter - possible ASP padding-oracle exploit (emerging-web_server.rules)
 2011807 - ET WEB_SERVER WebResource.axd access without t (time) parameter - possible ASP padding-oracle exploit (emerging-web_server.rules)
 2011816 - ET TROJAN Zeus POST Request to CnC (emerging-trojan.rules)
 2011820 - ET TROJAN Fake AV CnC Checkin cycle_report (emerging-trojan.rules)
 2011827 - ET TROJAN Xilcter/Zeus related malware dropper reporting in (emerging-trojan.rules)
 2400000 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400001 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400002 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400003 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400004 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400005 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400006 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400007 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400008 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400009 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400010 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400011 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400012 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2401000 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401001 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401002 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401003 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401004 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401005 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401006 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401007 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401008 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401009 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401010 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401011 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401012 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2402000 - ET DROP Dshield Block Listed Source (emerging-dshield.rules)
 2402001 - ET DROP Dshield Block Listed Source (emerging-dshield.rules)
 2403000 - ET DROP Dshield Block Listed Source - BLOCKING (emerging-dshield-BLOCK.rules)
 2403001 - ET DROP Dshield Block Listed Source - BLOCKING (emerging-dshield-BLOCK.rules)


[///]    Modified inactive rules:    [///]

 2009441 - ET TROJAN Swizzor Family GET (emerging-trojan.rules)
 2011103 - ET TROJAN Exploit kit download payload likely Hiloti Gozi FakeAV etc (emerging-trojan.rules)
 2011346 - ET WEB_CLIENT Possible Unescape Javascript Obfuscation Attempt (emerging-web_client.rules)


[---]         Disabled rules:        [---]

     405 - GPL ICMP_INFO Destination Unreachable Source Host Isolated (emerging-icmp_info.rules)
    1610 - GPL EXPLOIT formmail arbitrary command execution attempt (emerging-exploit.rules)
    3023 - GPL NETBIOS SMB-DS NT Trans NT CREATE andx oversized Security Descriptor attempt (emerging-netbios.rules)
    3025 - GPL NETBIOS SMB-DS NT Trans NT CREATE unicode andx oversized Security Descriptor attempt (emerging-netbios.rules)
    3031 - GPL NETBIOS SMB-DS NT Trans NT CREATE andx SACL overflow attempt (emerging-netbios.rules)
    3033 - GPL NETBIOS SMB-DS NT Trans NT CREATE unicode andx SACL overflow attempt (emerging-netbios.rules)
    3039 - GPL NETBIOS SMB-DS NT Trans NT CREATE andx DACL overflow attempt (emerging-netbios.rules)
    3041 - GPL NETBIOS SMB-DS NT Trans NT CREATE unicode andx DACL overflow attempt (emerging-netbios.rules)
 2001929 - ET WEB_SPECIFIC_APPS XSS Possible Arbitrary Scripting Code Attack in phpBB (signature) (emerging-web_specific_apps.rules)
 2008127 - ET ACTIVEX Data Dynamics ActiveBar ActiveX Control (Actbar3.ocx 3.2) Multiple Insecure Methods (emerging-activex.rules)
 2008314 - ET CURRENT_EVENTS Iframe in Purported Image Download (gif) - Likely SQL Injection Attacks Related (emerging-current_events.rules)
 2011819 - ET MALWARE Zero Content-Length HTTP POST with data (outbound) (emerging-malware.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to emerging-drop-BLOCK.rules (2):
        #  VERSION 2068
        #  Generated 2010-10-24 00:03:02 EDT

     -> Added to emerging-drop.rules (2):
        #  VERSION 2068
        #  Generated 2010-10-24 00:03:02 EDT

     -> Added to emerging.conf (37):
        #var SSH_PORTS 22
        #include $RULE_PATH/emerging-ftp.rules
        #include $RULE_PATH/emerging-policy.rules
        #include $RULE_PATH/emerging-trojan.rules
        #include $RULE_PATH/emerging-games.rules
        #include $RULE_PATH/emerging-pop3.rules
        #include $RULE_PATH/emerging-user_agents.rules
        ##include $RULE_PATH/emerging-activex.rules
        #include $RULE_PATH/emerging-rpc.rules
        #include $RULE_PATH/emerging-virus.rules
        #include $RULE_PATH/emerging-attack_response.rules
        #include $RULE_PATH/emerging-icmp.rules
        #include $RULE_PATH/emerging-scan.rules
        #include $RULE_PATH/emerging-voip.rules
        #include $RULE_PATH/emerging-chat.rules
        ##include $RULE_PATH/emerging-icmp_info.rules
        ##include $RULE_PATH/emerging-shellcode.rules
        ##include $RULE_PATH/emerging-web_client.rules
        #include $RULE_PATH/emerging-imap.rules
        #include $RULE_PATH/emerging-web_server.rules
        #include $RULE_PATH/emerging-current_events.rules
        ##include $RULE_PATH/emerging-inappropriate.rules
        #include $RULE_PATH/emerging-smtp.rules
        ##include $RULE_PATH/emerging-web_specific_apps.rules
        ##include $RULE_PATH/emerging-deleted.rules
        #include $RULE_PATH/emerging-malware.rules
        #include $RULE_PATH/emerging-snmp.rules
        #include $RULE_PATH/emerging-worm.rules
        #include $RULE_PATH/emerging-dns.rules
        #include $RULE_PATH/emerging-misc.rules
        #include $RULE_PATH/emerging-sql.rules
        #include $RULE_PATH/emerging-dos.rules
        #include $RULE_PATH/emerging-netbios.rules
        #include $RULE_PATH/emerging-telnet.rules
        #include $RULE_PATH/emerging-exploit.rules
        #include $RULE_PATH/emerging-p2p.rules
        #include $RULE_PATH/emerging-tftp.rules

     -> Added to sid-msg.map (77):
        2011827 || ET TROJAN Xilcter/Zeus related malware dropper reporting in
        2011828 || ETPRO WEB_SPECIFIC_APPS 724CMS section.php Module Parameter Local File inclusion Attempt || url,packetstormsecurity.org/1005-exploits/724cms459-lfi.txt
        2011829 || ETPRO WEB_SPECIFIC_APPS MyOWNspace getfeed.php file Parameter Local File Inclusion Attempt(1) || url,inj3ct0r.com/exploits/12674
        2011830 || ETPRO WEB_SPECIFIC_APPS MyOWNspace getfeed.php file Parameter Local File Inclusion Attempt(2) || url,inj3ct0r.com/exploits/12674
        2011831 || ETPRO WEB_SPECIFIC_APPS CMS Board site_path Parameter Remote File Inclusion Attempt || url,packetstormsecurity.org/1010-exploits/cmsboard-rfi.txt
        2011832 || ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter SELECT FROM SQL Injection Attempt || url,inj3ct0r.com/exploits/14205
        2011833 || ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter DELETE FROM SQL Injection Attempt || url,inj3ct0r.com/exploits/14205
        2011834 || ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter UNION SELECT SQL Injection Attempt || url,inj3ct0r.com/exploits/14205
        2011835 || ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter UPDATE SET SQL Injection Attempt || url,inj3ct0r.com/exploits/14205
        2011836 || ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter INSERT INTO SQL Injection Attempt || url,inj3ct0r.com/exploits/14205
        2011837 || ETPRO WEB_SPECIFIC_APPS A6MamboHelpDesk Admin.a6mambohelpdesk.php Remote File inclusion Attempt || cve,CVE-2006-3930 || bugtraq,19198
        2011838 || ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter SELECT FROM SQL Injection Attempt || url,packetstormsecurity.com/1010-exploits/phpfusionmguser-sql.txt
        2011839 || ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter DELETE FROM SQL Injection Attempt || url,packetstormsecurity.com/1010-exploits/phpfusionmguser-sql.txt
        2011840 || ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter UNION SELECT SQL Injection Attempt || url,packetstormsecurity.com/1010-exploits/phpfusionmguser-sql.txt
        2011841 || ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter UPDATE SET SQL Injection Attempt || url,packetstormsecurity.com/1010-exploits/phpfusionmguser-sql.txt
        2011842 || ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter INSERT INTO SQL Injection Attempt || url,packetstormsecurity.com/1010-exploits/phpfusionmguser-sql.txt
        2011843 || ETPRO WEB_SPECIFIC_APPS BaconMap updatelist.php filepath Local File Inclusion Attempt || url,packetstormsecurity.com/1010-exploits/baconmap10-lfi.txt
        2011844 || ETPRO WEB_SPECIFIC_APPS Joomla com_rwcards mosConfig_absolute_path Remote File Inclusion Attempt || url,packetstormsecurity.com/1010-exploits/joomlarwcards-rfi.txt
        2011845 || ETPRO WEB_SPECIFIC_APPS Lantern CMS intPassedLocationID Parameter Cross Site Scripting Attempt || bugtraq,43865
        2011846 || ETPRO WEB_SPECIFIC_APPS OrangeHRM uri Parameter Local File Inclusion Attempt || url,exploit-db.com/exploits/15232
        2011847 || ETPRO WEB_SPECIFIC_APPS Joomla com_jomestate Parameter Remote File Inclusion Attempt || url,inj3ct0r.com/exploits/12835
        2011848 || ET TROJAN Win32/Comotor.A!dll Reporting 1 || url,microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Trojan%3AWin32%2FComotor.A!dll&ThreatID=-2147346593 || url,threatexpert.com/report.aspx?md5=5e1c680e70e423dd02e31ab9d689e40b
        2011849 || ET TROJAN Win32/Comotor.A!dll Reporting 2 || url,microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Trojan%3AWin32%2FComotor.A!dll&ThreatID=-2147346593 || url,threatexpert.com/report.aspx?md5=5e1c680e70e423dd02e31ab9d689e40b
        2011850 || ET TROJAN Carberp file download
        2011851 || ET TROJAN Carberp CnC request - POST id=imp
        2011852 || ET WEB_SPECIFIC_APPS W-Agora search.php bn Parameter Cross Site Scripting Attempt || bugtraq,44370
        2011853 || ET WEB_SPECIFIC_APPS W-Agora search.php bn Parameter Local File Inclusion Attempt || bugtraq,44370
        2011854 || ET POLICY Java JAR file download
        2011855 || ET POLICY Java JAR Download Attempt || url,blogs.technet.com/b/mmpc/archive/2010/10/18/have-you-checked-the-java.aspx
        2011856 || ET MALWARE HTML.Psyme.Gen Reporting || url,threatexpert.com/report.aspx?md5=de1adb1df396863e7e3967271e7db734
        2011857 || ET TROJAN SpyEye C&C Check-in URI || url,krebsonsecurity.com/2010/10/spyeye-v-zeus-rivalry-ends-in-quiet-merger/ || url,www.symantec.com/connect/blogs/spyeye-bot-versus-zeus-bot
        2011858 || ET TROJAN SpyEye style HTTP Header GET structure || url,krebsonsecurity.com/2010/10/spyeye-v-zeus-rivalry-ends-in-quiet-merger/ || url,www.symantec.com/connect/blogs/spyeye-bot-versus-zeus-bot
        2011860 || ET WEB_SPECIFIC_APPS Oracle Fusion Middleware BPEL Console Cross Site Scripting || cve,2010-3581 || bid,43954
        2011861 || ET CURRENT_EVENTS Bredolab CnC URL Detected || url,blog.fireeye.com/.a/6a00d835018afd53ef013488839529970c-pi
        2011862 || ET TROJAN Feodo Banking Trojan Account Details Post || url,blog.fireeye.com/research/2010/10/feodosoff-a-new-botnet-on-the-rise.html#more
        2011863 || ET TROJAN Feodo Banking Trojan Receiving Configuration File || url,blog.fireeye.com/research/2010/10/feodosoff-a-new-botnet-on-the-rise.html
        2011864 || ET WEB_CLIENT Possible Oracle Java APPLET Tag Children Property Memory Corruption Attempt || url,www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html || url,code.google.com/p/skylined/issues/detail?id=18
        2011865 || ET WEB_CLIENT Embedded Executable File in PDF - This Program Cannot Be Run in DOS Mode
        2011866 || ET WEB_CLIENT Suspicious Embedded Shockwave Flash In PDF
        2011867 || ET ACTIVEX Trend Micro Internet Security Pro 2010 ActiveX extSetOwner Remote Code Execution Attempt || url,www.exploit-db.com/trend-micro-internet-security-pro-2010-activex-extsetowner-remote-code-execution/
        2011868 || ET WEB_CLIENT Possible Javascript obfuscation using app.setTimeOut in PDF in Order to Run Code || url,www.vicheck.ca/md5query.php?hash=6932d141916cd95e3acaa3952c7596e4 || url,www.h-online.com/security/features/CSI-Internet-PDF-timebomb-1038864.html?page=4
        2011869 || ET ACTIVEX Softek Barcode Reader Toolkit ActiveX Control Buffer Overflow Attempt || url,exploit-db.com/exploits/15071
        2011870 || ET ACTIVEX Softek Barcode Reader Toolkit ActiveX Control Format String Function Call || url,exploit-db.com/exploits/15071/
        2011871 || ET POLICY SubmitToTDWTF.asmx DailyWTF Potential Source Code Leakage || url,code.google.com/p/submittotdwtf/source/browse/trunk/ || url,thedailywtf.com/Articles/Submit-WTF-Code-Directly-From-Your-IDE.aspx
        2011872 || ET USER_AGENTS Suspicious Gbot UA Detected
        2011873 || ET CURRENT_EVENTS Suspicious HTTP GET to JPG with query string
        2011874 || ET POLICY NSPlayer User-Agent Windows Media Player streaming detected || url,msdn.microsoft.com/en-us/library/cc234851
        2011875 || ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter SELECT FROM SQL Injection Attempt || url,exploit-db.com/exploits/15309/
        2011876 || ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter DELETE FROM SQL Injection Attempt || url,exploit-db.com/exploits/15309/
        2011877 || ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter UNION SELECT SQL Injection Attempt || url,exploit-db.com/exploits/15309/
        2011878 || ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter INSERT INTO SQL Injection Attempt || url,exploit-db.com/exploits/15309/
        2011879 || ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter UPDATE SET SQL Injection Attempt || url,exploit-db.com/exploits/15309/
        2011880 || ET WEB_SPECIFIC_APPS phpBazar picturelib.php Remote File inclusion Attempt || url,exploit-db.com/exploits/12855/ || cve,CVE-2010-2315
        2011881 || ET WEB_SPECIFIC_APPS Open Web Analytics mw_plugin.php IP Parameter Remote File inclusion Attempt || url,exploit-db.com/exploits/11903/
        2011882 || ET WEB_SPECIFIC_APPS Open Web Analytics owa_action Parameter Local File inclusion Attempt || url,exploit-db.com/exploits/11903/
        2011883 || ET WEB_SPECIFIC_APPS Open Web Analytics owa_do Parameter Local File inclusion Attempt || url,exploit-db.com/exploits/11903/
        2011884 || ET WEB_SPECIFIC_APPS iGaming CMS loadplugin.php load Parameter Local File inclusion Attempt || url,packetstormsecurity.org/1010-exploits/igamingcms-lfi.txt
        2500538 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (270) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500539 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (270) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500540 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (271) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500541 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (271) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500542 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (272) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500543 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (272) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500544 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (273) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500545 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (273) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500546 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (274) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500547 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (274) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510538 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (270) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510539 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (270) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510540 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (271) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510541 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (271) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510542 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (272) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510543 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (272) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510544 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (273) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510545 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (273) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510546 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (274) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510547 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (274) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts

[---]     Removed non-rule lines:    [---]

     -> Removed from emerging-drop-BLOCK.rules (2):
        #  VERSION 2067
        #  Generated 2010-10-23 00:03:02 EDT

     -> Removed from emerging-drop.rules (2):
        #  VERSION 2067
        #  Generated 2010-10-23 00:03:02 EDT

     -> Removed from emerging.conf (37):
        var SSH_PORTS 22
        include $RULE_PATH/emerging-ftp.rules
        include $RULE_PATH/emerging-policy.rules
        include $RULE_PATH/emerging-trojan.rules
        include $RULE_PATH/emerging-games.rules
        include $RULE_PATH/emerging-pop3.rules
        include $RULE_PATH/emerging-user_agents.rules
        #include $RULE_PATH/emerging-activex.rules
        include $RULE_PATH/emerging-rpc.rules
        include $RULE_PATH/emerging-virus.rules
        include $RULE_PATH/emerging-attack_response.rules
        include $RULE_PATH/emerging-icmp.rules
        include $RULE_PATH/emerging-scan.rules
        include $RULE_PATH/emerging-voip.rules
        include $RULE_PATH/emerging-chat.rules
        #include $RULE_PATH/emerging-icmp_info.rules
        #include $RULE_PATH/emerging-shellcode.rules
        #include $RULE_PATH/emerging-web_client.rules
        include $RULE_PATH/emerging-imap.rules
        include $RULE_PATH/emerging-web_server.rules
        include $RULE_PATH/emerging-current_events.rules
        #include $RULE_PATH/emerging-inappropriate.rules
        include $RULE_PATH/emerging-smtp.rules
        #include $RULE_PATH/emerging-web_specific_apps.rules
        #include $RULE_PATH/emerging-deleted.rules
        include $RULE_PATH/emerging-malware.rules
        include $RULE_PATH/emerging-snmp.rules
        include $RULE_PATH/emerging-worm.rules
        include $RULE_PATH/emerging-dns.rules
        include $RULE_PATH/emerging-misc.rules
        include $RULE_PATH/emerging-sql.rules
        include $RULE_PATH/emerging-dos.rules
        include $RULE_PATH/emerging-netbios.rules
        include $RULE_PATH/emerging-telnet.rules
        include $RULE_PATH/emerging-exploit.rules
        include $RULE_PATH/emerging-p2p.rules
        include $RULE_PATH/emerging-tftp.rules

     -> Removed from sid-msg.map (17):
        2011827 || ET TROJAN Zeus related malware dropper reporting in
        2404298 || ET DROP Known Bot C&C Server Traffic TCP (group 150)  || url,www.shadowserver.org
        2404299 || ET DROP Known Bot C&C Server Traffic UDP (group 150)  || url,www.shadowserver.org
        2404300 || ET DROP Known Bot C&C Server Traffic TCP (group 151)  || url,www.shadowserver.org
        2404301 || ET DROP Known Bot C&C Server Traffic UDP (group 151)  || url,www.shadowserver.org
        2404302 || ET DROP Known Bot C&C Server Traffic TCP (group 152)  || url,www.shadowserver.org
        2404303 || ET DROP Known Bot C&C Server Traffic UDP (group 152)  || url,www.shadowserver.org
        2404304 || ET DROP Known Bot C&C Server Traffic TCP (group 153)  || url,www.shadowserver.org
        2404305 || ET DROP Known Bot C&C Server Traffic UDP (group 153)  || url,www.shadowserver.org
        2405298 || ET DROP Known Bot C&C Traffic TCP (group 150) - BLOCKING SOURCE || url,www.shadowserver.org
        2405299 || ET DROP Known Bot C&C Traffic UDP (group 150) - BLOCKING SOURCE || url,www.shadowserver.org
        2405300 || ET DROP Known Bot C&C Traffic TCP (group 151) - BLOCKING SOURCE || url,www.shadowserver.org
        2405301 || ET DROP Known Bot C&C Traffic UDP (group 151) - BLOCKING SOURCE || url,www.shadowserver.org
        2405302 || ET DROP Known Bot C&C Traffic TCP (group 152) - BLOCKING SOURCE || url,www.shadowserver.org
        2405303 || ET DROP Known Bot C&C Traffic UDP (group 152) - BLOCKING SOURCE || url,www.shadowserver.org
        2405304 || ET DROP Known Bot C&C Traffic TCP (group 153) - BLOCKING SOURCE || url,www.shadowserver.org
        2405305 || ET DROP Known Bot C&C Traffic UDP (group 153) - BLOCKING SOURCE || url,www.shadowserver.org

*********************** suricata open-nogpl ***********************

[***] Results from Oinkmaster started Sat Oct 30 16:00:25 2010 [***]

[+++]          Added rules:          [+++]

 2011828 - ETPRO WEB_SPECIFIC_APPS 724CMS section.php Module Parameter Local File inclusion Attempt (emerging-web_specific_apps.rules)
 2011829 - ETPRO WEB_SPECIFIC_APPS MyOWNspace getfeed.php file Parameter Local File Inclusion Attempt(1) (emerging-web_specific_apps.rules)
 2011830 - ETPRO WEB_SPECIFIC_APPS MyOWNspace getfeed.php file Parameter Local File Inclusion Attempt(2) (emerging-web_specific_apps.rules)
 2011831 - ETPRO WEB_SPECIFIC_APPS CMS Board site_path Parameter Remote File Inclusion Attempt (emerging-web_specific_apps.rules)
 2011832 - ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter SELECT FROM SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011833 - ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter DELETE FROM SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011834 - ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter UNION SELECT SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011835 - ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter UPDATE SET SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011836 - ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter INSERT INTO SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011837 - ETPRO WEB_SPECIFIC_APPS A6MamboHelpDesk Admin.a6mambohelpdesk.php Remote File inclusion Attempt (emerging-web_specific_apps.rules)
 2011838 - ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter SELECT FROM SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011839 - ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter DELETE FROM SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011840 - ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter UNION SELECT SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011841 - ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter UPDATE SET SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011842 - ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter INSERT INTO SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011843 - ETPRO WEB_SPECIFIC_APPS BaconMap updatelist.php filepath Local File Inclusion Attempt (emerging-web_specific_apps.rules)
 2011844 - ETPRO WEB_SPECIFIC_APPS Joomla com_rwcards mosConfig_absolute_path Remote File Inclusion Attempt (emerging-web_specific_apps.rules)
 2011845 - ETPRO WEB_SPECIFIC_APPS Lantern CMS intPassedLocationID Parameter Cross Site Scripting Attempt (emerging-web_specific_apps.rules)
 2011846 - ETPRO WEB_SPECIFIC_APPS OrangeHRM uri Parameter Local File Inclusion Attempt (emerging-web_specific_apps.rules)
 2011847 - ETPRO WEB_SPECIFIC_APPS Joomla com_jomestate Parameter Remote File Inclusion Attempt (emerging-web_specific_apps.rules)
 2011848 - ET TROJAN Win32/Comotor.A!dll Reporting 1 (emerging-trojan.rules)
 2011849 - ET TROJAN Win32/Comotor.A!dll Reporting 2 (emerging-trojan.rules)
 2011850 - ET TROJAN Carberp file download (emerging-trojan.rules)
 2011851 - ET TROJAN Carberp CnC request - POST id=imp (emerging-trojan.rules)
 2011852 - ET WEB_SPECIFIC_APPS W-Agora search.php bn Parameter Cross Site Scripting Attempt (emerging-web_specific_apps.rules)
 2011853 - ET WEB_SPECIFIC_APPS W-Agora search.php bn Parameter Local File Inclusion Attempt (emerging-web_specific_apps.rules)
 2011854 - ET POLICY Java JAR file download (emerging-policy.rules)
 2011855 - ET POLICY Java JAR Download Attempt (emerging-policy.rules)
 2011856 - ET MALWARE HTML.Psyme.Gen Reporting (emerging-malware.rules)
 2011857 - ET TROJAN SpyEye C&C Check-in URI (emerging-trojan.rules)
 2011858 - ET TROJAN SpyEye style HTTP Header GET structure (emerging-trojan.rules)
 2011860 - ET WEB_SPECIFIC_APPS Oracle Fusion Middleware BPEL Console Cross Site Scripting (emerging-web_specific_apps.rules)
 2011861 - ET CURRENT_EVENTS Bredolab CnC URL Detected (emerging-current_events.rules)
 2011862 - ET TROJAN Feodo Banking Trojan Account Details Post (emerging-trojan.rules)
 2011863 - ET TROJAN Feodo Banking Trojan Receiving Configuration File (emerging-trojan.rules)
 2011864 - ET WEB_CLIENT Possible Oracle Java APPLET Tag Children Property Memory Corruption Attempt (emerging-web_client.rules)
 2011865 - ET WEB_CLIENT Embedded Executable File in PDF - This Program Cannot Be Run in DOS Mode (emerging-web_client.rules)
 2011866 - ET WEB_CLIENT Suspicious Embedded Shockwave Flash In PDF (emerging-web_client.rules)
 2011867 - ET ACTIVEX Trend Micro Internet Security Pro 2010 ActiveX extSetOwner Remote Code Execution Attempt (emerging-activex.rules)
 2011868 - ET WEB_CLIENT Possible Javascript obfuscation using app.setTimeOut in PDF in Order to Run Code (emerging-web_client.rules)
 2011869 - ET ACTIVEX Softek Barcode Reader Toolkit ActiveX Control Buffer Overflow Attempt (emerging-activex.rules)
 2011870 - ET ACTIVEX Softek Barcode Reader Toolkit ActiveX Control Format String Function Call (emerging-activex.rules)
 2011871 - ET POLICY SubmitToTDWTF.asmx DailyWTF Potential Source Code Leakage (emerging-policy.rules)
 2011872 - ET USER_AGENTS Suspicious Gbot UA Detected (emerging-user_agents.rules)
 2011873 - ET CURRENT_EVENTS Suspicious HTTP GET to JPG with query string (emerging-current_events.rules)
 2011874 - ET POLICY NSPlayer User-Agent Windows Media Player streaming detected (emerging-policy.rules)
 2011875 - ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter SELECT FROM SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011876 - ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter DELETE FROM SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011877 - ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter UNION SELECT SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011878 - ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter INSERT INTO SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011879 - ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter UPDATE SET SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011880 - ET WEB_SPECIFIC_APPS phpBazar picturelib.php Remote File inclusion Attempt (emerging-web_specific_apps.rules)
 2011881 - ET WEB_SPECIFIC_APPS Open Web Analytics mw_plugin.php IP Parameter Remote File inclusion Attempt (emerging-web_specific_apps.rules)
 2011882 - ET WEB_SPECIFIC_APPS Open Web Analytics owa_action Parameter Local File inclusion Attempt (emerging-web_specific_apps.rules)
 2011883 - ET WEB_SPECIFIC_APPS Open Web Analytics owa_do Parameter Local File inclusion Attempt (emerging-web_specific_apps.rules)
 2011884 - ET WEB_SPECIFIC_APPS iGaming CMS loadplugin.php load Parameter Local File inclusion Attempt (emerging-web_specific_apps.rules)


[///]     Modified active rules:     [///]

 2001901 - ET TROJAN Possible Bobax trojan infection (emerging-trojan.rules)
 2002995 - ET SCAN Rapid IMAPS Connections - Possible Brute Force Attack (emerging-scan.rules)
 2003085 - ET WEB_SPECIFIC_APPS TWiki Configure Script TYPEOF Remote Command Execution Attempt (emerging-web_specific_apps.rules)
 2003182 - ET TROJAN Prg Trojan v0.1-v0.3 Data Upload (emerging-trojan.rules)
 2003190 - ET TROJAN Win32.Lager Trojan Reporting Spam (emerging-trojan.rules)
 2003679 - ET WEB_SPECIFIC_APPS DynamicPAD Remote Inclusion Attempt -- dp_logs.php HomeDir (emerging-web_specific_apps.rules)
 2003682 - ET WEB_SPECIFIC_APPS E-Gads Remote Inclusion Attempt -- common.php locale (emerging-web_specific_apps.rules)
 2003770 - ET WEB_SPECIFIC_APPS E-Annu SQL Injection Attempt -- home.php a SELECT (emerging-web_specific_apps.rules)
 2003771 - ET WEB_SPECIFIC_APPS E-Annu SQL Injection Attempt -- home.php a UNION SELECT (emerging-web_specific_apps.rules)
 2003772 - ET WEB_SPECIFIC_APPS E-Annu SQL Injection Attempt -- home.php a INSERT (emerging-web_specific_apps.rules)
 2003773 - ET WEB_SPECIFIC_APPS E-Annu SQL Injection Attempt -- home.php a DELETE (emerging-web_specific_apps.rules)
 2003774 - ET WEB_SPECIFIC_APPS E-Annu SQL Injection Attempt -- home.php a ASCII (emerging-web_specific_apps.rules)
 2003775 - ET WEB_SPECIFIC_APPS E-Annu SQL Injection Attempt -- home.php a UPDATE (emerging-web_specific_apps.rules)
 2003876 - ET WEB_SPECIFIC_APPS EQdkp XSS Attempt -- listmembers.php show (emerging-web_specific_apps.rules)
 2003877 - ET WEB_SPECIFIC_APPS EQdkp XSS Attempt -- stats.php show (emerging-web_specific_apps.rules)
 2003920 - ET WEB_SPECIFIC_APPS DVDdb XSS Attempt -- loan.php movieid (emerging-web_specific_apps.rules)
 2003921 - ET WEB_SPECIFIC_APPS DVDdb XSS Attempt -- listmovies.php s (emerging-web_specific_apps.rules)
 2004047 - ET WEB_SPECIFIC_APPS Dokeos SQL Injection Attempt -- courseLog.php scormcontopen SELECT (emerging-web_specific_apps.rules)
 2004048 - ET WEB_SPECIFIC_APPS Dokeos SQL Injection Attempt -- courseLog.php scormcontopen UNION SELECT (emerging-web_specific_apps.rules)
 2004049 - ET WEB_SPECIFIC_APPS Dokeos SQL Injection Attempt -- courseLog.php scormcontopen INSERT (emerging-web_specific_apps.rules)
 2004050 - ET WEB_SPECIFIC_APPS Dokeos SQL Injection Attempt -- courseLog.php scormcontopen DELETE (emerging-web_specific_apps.rules)
 2004051 - ET WEB_SPECIFIC_APPS Dokeos SQL Injection Attempt -- courseLog.php scormcontopen ASCII (emerging-web_specific_apps.rules)
 2004052 - ET WEB_SPECIFIC_APPS Dokeos SQL Injection Attempt -- courseLog.php scormcontopen UPDATE (emerging-web_specific_apps.rules)
 2004065 - ET WEB_SPECIFIC_APPS Dokeos SQL Injection Attempt -- my_progress.php course SELECT (emerging-web_specific_apps.rules)
 2004066 - ET WEB_SPECIFIC_APPS Dokeos SQL Injection Attempt -- my_progress.php course UNION SELECT (emerging-web_specific_apps.rules)
 2004067 - ET WEB_SPECIFIC_APPS Dokeos SQL Injection Attempt -- my_progress.php course INSERT (emerging-web_specific_apps.rules)
 2004068 - ET WEB_SPECIFIC_APPS Dokeos SQL Injection Attempt -- my_progress.php course DELETE (emerging-web_specific_apps.rules)
 2004069 - ET WEB_SPECIFIC_APPS Dokeos SQL Injection Attempt -- my_progress.php course ASCII (emerging-web_specific_apps.rules)
 2004070 - ET WEB_SPECIFIC_APPS Dokeos SQL Injection Attempt -- my_progress.php course UPDATE (emerging-web_specific_apps.rules)
 2004385 - ET WEB_SPECIFIC_APPS fystyq Duyuru Scripti SQL Injection Attempt -- goster.asp id SELECT (emerging-web_specific_apps.rules)
 2004386 - ET WEB_SPECIFIC_APPS fystyq Duyuru Scripti SQL Injection Attempt -- goster.asp id UNION SELECT (emerging-web_specific_apps.rules)
 2004387 - ET WEB_SPECIFIC_APPS fystyq Duyuru Scripti SQL Injection Attempt -- goster.asp id INSERT (emerging-web_specific_apps.rules)
 2004388 - ET WEB_SPECIFIC_APPS fystyq Duyuru Scripti SQL Injection Attempt -- goster.asp id DELETE (emerging-web_specific_apps.rules)
 2004389 - ET WEB_SPECIFIC_APPS fystyq Duyuru Scripti SQL Injection Attempt -- goster.asp id ASCII (emerging-web_specific_apps.rules)
 2004390 - ET WEB_SPECIFIC_APPS fystyq Duyuru Scripti SQL Injection Attempt -- goster.asp id UPDATE (emerging-web_specific_apps.rules)
 2004593 - ET WEB_SPECIFIC_APPS Dokeos XSS Attempt -- editor.php img (emerging-web_specific_apps.rules)
 2004595 - ET WEB_SPECIFIC_APPS Digirez XSS Attempt -- info_book.asp Room_name (emerging-web_specific_apps.rules)
 2004596 - ET WEB_SPECIFIC_APPS Digirez XSS Attempt -- week.asp curYear (emerging-web_specific_apps.rules)
 2004624 - ET WEB_SPECIFIC_APPS EQdkp SQL Injection Attempt -- listmembers.php rank SELECT (emerging-web_specific_apps.rules)
 2004625 - ET WEB_SPECIFIC_APPS EQdkp SQL Injection Attempt -- listmembers.php rank UNION SELECT (emerging-web_specific_apps.rules)
 2004626 - ET WEB_SPECIFIC_APPS EQdkp SQL Injection Attempt -- listmembers.php rank INSERT (emerging-web_specific_apps.rules)
 2004627 - ET WEB_SPECIFIC_APPS EQdkp SQL Injection Attempt -- listmembers.php rank DELETE (emerging-web_specific_apps.rules)
 2004628 - ET WEB_SPECIFIC_APPS EQdkp SQL Injection Attempt -- listmembers.php rank ASCII (emerging-web_specific_apps.rules)
 2004629 - ET WEB_SPECIFIC_APPS EQdkp SQL Injection Attempt -- listmembers.php rank UPDATE (emerging-web_specific_apps.rules)
 2004834 - ET WEB_SPECIFIC_APPS Design4Online UserPages2 SQL Injection Attempt -- page.asp art_id SELECT (emerging-web_specific_apps.rules)
 2004835 - ET WEB_SPECIFIC_APPS Design4Online UserPages2 SQL Injection Attempt -- page.asp art_id UNION SELECT (emerging-web_specific_apps.rules)
 2004836 - ET WEB_SPECIFIC_APPS Design4Online UserPages2 SQL Injection Attempt -- page.asp art_id INSERT (emerging-web_specific_apps.rules)
 2004837 - ET WEB_SPECIFIC_APPS Design4Online UserPages2 SQL Injection Attempt -- page.asp art_id DELETE (emerging-web_specific_apps.rules)
 2004838 - ET WEB_SPECIFIC_APPS Design4Online UserPages2 SQL Injection Attempt -- page.asp art_id ASCII (emerging-web_specific_apps.rules)
 2004839 - ET WEB_SPECIFIC_APPS Design4Online UserPages2 SQL Injection Attempt -- page.asp art_id UPDATE (emerging-web_specific_apps.rules)
 2005039 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- add_comment.php i SELECT (emerging-web_specific_apps.rules)
 2005040 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- add_comment.php i UNION SELECT (emerging-web_specific_apps.rules)
 2005041 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- add_comment.php i INSERT (emerging-web_specific_apps.rules)
 2005042 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- add_comment.php i DELETE (emerging-web_specific_apps.rules)
 2005043 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- add_comment.php i ASCII (emerging-web_specific_apps.rules)
 2005044 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- add_comment.php post_id SELECT (emerging-web_specific_apps.rules)
 2005045 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- add_comment.php i UPDATE (emerging-web_specific_apps.rules)
 2005046 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- add_comment.php post_id UNION SELECT (emerging-web_specific_apps.rules)
 2005047 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- add_comment.php post_id INSERT (emerging-web_specific_apps.rules)
 2005048 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- add_comment.php post_id DELETE (emerging-web_specific_apps.rules)
 2005049 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- add_comment.php post_id ASCII (emerging-web_specific_apps.rules)
 2005050 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- add_comment.php post_id UPDATE (emerging-web_specific_apps.rules)
 2005051 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- list_comments.php i SELECT (emerging-web_specific_apps.rules)
 2005052 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- list_comments.php i UNION SELECT (emerging-web_specific_apps.rules)
 2005053 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- list_comments.php i INSERT (emerging-web_specific_apps.rules)
 2005054 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- list_comments.php i DELETE (emerging-web_specific_apps.rules)
 2005055 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- list_comments.php i ASCII (emerging-web_specific_apps.rules)
 2005056 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- list_comments.php i UPDATE (emerging-web_specific_apps.rules)
 2005268 - ET WEB_SPECIFIC_APPS Easebay Resources Paypal Subscription Manager SQL Injection Attempt -- memberlist.php keyword SELECT (emerging-web_specific_apps.rules)
 2005269 - ET WEB_SPECIFIC_APPS Easebay Resources Paypal Subscription Manager SQL Injection Attempt -- memberlist.php keyword UNION SELECT (emerging-web_specific_apps.rules)
 2005270 - ET WEB_SPECIFIC_APPS Easebay Resources Paypal Subscription Manager SQL Injection Attempt -- memberlist.php keyword INSERT (emerging-web_specific_apps.rules)
 2005271 - ET WEB_SPECIFIC_APPS Easebay Resources Paypal Subscription Manager SQL Injection Attempt -- memberlist.php keyword DELETE (emerging-web_specific_apps.rules)
 2005272 - ET WEB_SPECIFIC_APPS Easebay Resources Paypal Subscription Manager SQL Injection Attempt -- memberlist.php keyword ASCII (emerging-web_specific_apps.rules)
 2005273 - ET WEB_SPECIFIC_APPS Easebay Resources Paypal Subscription Manager SQL Injection Attempt -- memberlist.php keyword UPDATE (emerging-web_specific_apps.rules)
 2005274 - ET WEB_SPECIFIC_APPS Easebay Resources Login Manager SQL Injection Attempt -- memberlist.php init_row SELECT (emerging-web_specific_apps.rules)
 2005275 - ET WEB_SPECIFIC_APPS Easebay Resources Login Manager SQL Injection Attempt -- memberlist.php init_row UNION SELECT (emerging-web_specific_apps.rules)
 2005276 - ET WEB_SPECIFIC_APPS Easebay Resources Login Manager SQL Injection Attempt -- memberlist.php init_row INSERT (emerging-web_specific_apps.rules)
 2005277 - ET WEB_SPECIFIC_APPS Easebay Resources Login Manager SQL Injection Attempt -- memberlist.php init_row DELETE (emerging-web_specific_apps.rules)
 2005278 - ET WEB_SPECIFIC_APPS Easebay Resources Login Manager SQL Injection Attempt -- memberlist.php init_row ASCII (emerging-web_specific_apps.rules)
 2005279 - ET WEB_SPECIFIC_APPS Easebay Resources Login Manager SQL Injection Attempt -- memberlist.php init_row UPDATE (emerging-web_specific_apps.rules)
 2005591 - ET WEB_SPECIFIC_APPS Digiappz DigiAffiliate SQL Injection Attempt -- visu_user.asp id SELECT (emerging-web_specific_apps.rules)
 2005592 - ET WEB_SPECIFIC_APPS Digiappz DigiAffiliate SQL Injection Attempt -- visu_user.asp id UNION SELECT (emerging-web_specific_apps.rules)
 2005593 - ET WEB_SPECIFIC_APPS Digiappz DigiAffiliate SQL Injection Attempt -- visu_user.asp id INSERT (emerging-web_specific_apps.rules)
 2005594 - ET WEB_SPECIFIC_APPS Digiappz DigiAffiliate SQL Injection Attempt -- visu_user.asp id DELETE (emerging-web_specific_apps.rules)
 2005595 - ET WEB_SPECIFIC_APPS Digiappz DigiAffiliate SQL Injection Attempt -- visu_user.asp id ASCII (emerging-web_specific_apps.rules)
 2005596 - ET WEB_SPECIFIC_APPS Digiappz DigiAffiliate SQL Injection Attempt -- visu_user.asp id UPDATE (emerging-web_specific_apps.rules)
 2005835 - ET WEB_SPECIFIC_APPS Digirez SQL Injection Attempt -- info_book.asp book_id SELECT (emerging-web_specific_apps.rules)
 2005836 - ET WEB_SPECIFIC_APPS Digirez SQL Injection Attempt -- info_book.asp book_id UNION SELECT (emerging-web_specific_apps.rules)
 2005837 - ET WEB_SPECIFIC_APPS Digirez SQL Injection Attempt -- info_book.asp book_id INSERT (emerging-web_specific_apps.rules)
 2005838 - ET WEB_SPECIFIC_APPS Digirez SQL Injection Attempt -- info_book.asp book_id DELETE (emerging-web_specific_apps.rules)
 2005839 - ET WEB_SPECIFIC_APPS Digirez SQL Injection Attempt -- info_book.asp book_id ASCII (emerging-web_specific_apps.rules)
 2005840 - ET WEB_SPECIFIC_APPS Digirez SQL Injection Attempt -- info_book.asp book_id UPDATE (emerging-web_specific_apps.rules)
 2005895 - ET WEB_SPECIFIC_APPS Digitizing Quote And Ordering System SQL Injection Attempt -- search.asp ordernum SELECT (emerging-web_specific_apps.rules)
 2005896 - ET WEB_SPECIFIC_APPS Digitizing Quote And Ordering System SQL Injection Attempt -- search.asp ordernum UNION SELECT (emerging-web_specific_apps.rules)
 2005897 - ET WEB_SPECIFIC_APPS Digitizing Quote And Ordering System SQL Injection Attempt -- search.asp ordernum INSERT (emerging-web_specific_apps.rules)
 2005898 - ET WEB_SPECIFIC_APPS Digitizing Quote And Ordering System SQL Injection Attempt -- search.asp ordernum DELETE (emerging-web_specific_apps.rules)
 2005899 - ET WEB_SPECIFIC_APPS Digitizing Quote And Ordering System SQL Injection Attempt -- search.asp ordernum ASCII (emerging-web_specific_apps.rules)
 2005900 - ET WEB_SPECIFIC_APPS Digitizing Quote And Ordering System SQL Injection Attempt -- search.asp ordernum UPDATE (emerging-web_specific_apps.rules)
 2005985 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- admin.asp grup SELECT (emerging-web_specific_apps.rules)
 2005986 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- admin.asp grup UNION SELECT (emerging-web_specific_apps.rules)
 2005987 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- admin.asp grup INSERT (emerging-web_specific_apps.rules)
 2005988 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- admin.asp grup DELETE (emerging-web_specific_apps.rules)
 2005989 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- admin.asp grup ASCII (emerging-web_specific_apps.rules)
 2005990 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- admin.asp grup UPDATE (emerging-web_specific_apps.rules)
 2005991 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- default.asp id SELECT (emerging-web_specific_apps.rules)
 2005992 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- default.asp id UNION SELECT (emerging-web_specific_apps.rules)
 2005993 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- default.asp id INSERT (emerging-web_specific_apps.rules)
 2005994 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- default.asp id DELETE (emerging-web_specific_apps.rules)
 2005995 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- default.asp id ASCII (emerging-web_specific_apps.rules)
 2005996 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- default.asp id UPDATE (emerging-web_specific_apps.rules)
 2005997 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- admin.asp id SELECT (emerging-web_specific_apps.rules)
 2005998 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- admin.asp id UNION SELECT (emerging-web_specific_apps.rules)
 2005999 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- admin.asp id INSERT (emerging-web_specific_apps.rules)
 2006000 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- admin.asp id DELETE (emerging-web_specific_apps.rules)
 2006001 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- admin.asp id ASCII (emerging-web_specific_apps.rules)
 2006002 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- admin.asp id UPDATE (emerging-web_specific_apps.rules)
 2006135 - ET WEB_SPECIFIC_APPS Enthrallweb eMates SQL Injection Attempt -- newsdetail.asp ID SELECT (emerging-web_specific_apps.rules)
 2006136 - ET WEB_SPECIFIC_APPS Enthrallweb eMates SQL Injection Attempt -- newsdetail.asp ID UNION SELECT (emerging-web_specific_apps.rules)
 2006137 - ET WEB_SPECIFIC_APPS Enthrallweb eMates SQL Injection Attempt -- newsdetail.asp ID INSERT (emerging-web_specific_apps.rules)
 2006138 - ET WEB_SPECIFIC_APPS Enthrallweb eMates SQL Injection Attempt -- newsdetail.asp ID DELETE (emerging-web_specific_apps.rules)
 2006139 - ET WEB_SPECIFIC_APPS Enthrallweb eMates SQL Injection Attempt -- newsdetail.asp ID ASCII (emerging-web_specific_apps.rules)
 2006140 - ET WEB_SPECIFIC_APPS Enthrallweb eMates SQL Injection Attempt -- newsdetail.asp ID UPDATE (emerging-web_specific_apps.rules)
 2006141 - ET WEB_SPECIFIC_APPS Dragon Business Directory SQL Injection Attempt -- bus_details.asp ID SELECT (emerging-web_specific_apps.rules)
 2006142 - ET WEB_SPECIFIC_APPS Dragon Business Directory SQL Injection Attempt -- bus_details.asp ID UNION SELECT (emerging-web_specific_apps.rules)
 2006143 - ET WEB_SPECIFIC_APPS Dragon Business Directory SQL Injection Attempt -- bus_details.asp ID INSERT (emerging-web_specific_apps.rules)
 2006144 - ET WEB_SPECIFIC_APPS Dragon Business Directory SQL Injection Attempt -- bus_details.asp ID DELETE (emerging-web_specific_apps.rules)
 2006145 - ET WEB_SPECIFIC_APPS Dragon Business Directory SQL Injection Attempt -- bus_details.asp ID ASCII (emerging-web_specific_apps.rules)
 2006146 - ET WEB_SPECIFIC_APPS Dragon Business Directory SQL Injection Attempt -- bus_details.asp ID UPDATE (emerging-web_specific_apps.rules)
 2006147 - ET WEB_SPECIFIC_APPS Enthrallweb eCars SQL Injection Attempt -- Types.asp Type_id SELECT (emerging-web_specific_apps.rules)
 2006148 - ET WEB_SPECIFIC_APPS Enthrallweb eCars SQL Injection Attempt -- Types.asp Type_id UNION SELECT (emerging-web_specific_apps.rules)
 2006149 - ET WEB_SPECIFIC_APPS Enthrallweb eCars SQL Injection Attempt -- Types.asp Type_id INSERT (emerging-web_specific_apps.rules)
 2006150 - ET WEB_SPECIFIC_APPS Enthrallweb eCars SQL Injection Attempt -- Types.asp Type_id DELETE (emerging-web_specific_apps.rules)
 2006151 - ET WEB_SPECIFIC_APPS Enthrallweb eCars SQL Injection Attempt -- Types.asp Type_id ASCII (emerging-web_specific_apps.rules)
 2006152 - ET WEB_SPECIFIC_APPS Enthrallweb eCars SQL Injection Attempt -- Types.asp Type_id UPDATE (emerging-web_specific_apps.rules)
 2006153 - ET WEB_SPECIFIC_APPS Enthrallweb ePages SQL Injection Attempt -- actualpic.asp Biz_ID SELECT (emerging-web_specific_apps.rules)
 2006154 - ET WEB_SPECIFIC_APPS Enthrallweb ePages SQL Injection Attempt -- actualpic.asp Biz_ID UNION SELECT (emerging-web_specific_apps.rules)
 2006155 - ET WEB_SPECIFIC_APPS Enthrallweb ePages SQL Injection Attempt -- actualpic.asp Biz_ID INSERT (emerging-web_specific_apps.rules)
 2006156 - ET WEB_SPECIFIC_APPS Enthrallweb ePages SQL Injection Attempt -- actualpic.asp Biz_ID DELETE (emerging-web_specific_apps.rules)
 2006157 - ET WEB_SPECIFIC_APPS Enthrallweb ePages SQL Injection Attempt -- actualpic.asp Biz_ID ASCII (emerging-web_specific_apps.rules)
 2006158 - ET WEB_SPECIFIC_APPS Enthrallweb ePages SQL Injection Attempt -- actualpic.asp Biz_ID UPDATE (emerging-web_specific_apps.rules)
 2006159 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- default.asp grup SELECT (emerging-web_specific_apps.rules)
 2006160 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- default.asp grup UNION SELECT (emerging-web_specific_apps.rules)
 2006161 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- default.asp grup INSERT (emerging-web_specific_apps.rules)
 2006162 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- default.asp grup DELETE (emerging-web_specific_apps.rules)
 2006163 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- default.asp grup ASCII (emerging-web_specific_apps.rules)
 2006164 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- default.asp grup UPDATE (emerging-web_specific_apps.rules)
 2006449 - ET WEB_SPECIFIC_APPS Elxis CMS SQL Injection Attempt -- mod_banners.php SELECT (emerging-web_specific_apps.rules)
 2006450 - ET WEB_SPECIFIC_APPS Elxis CMS SQL Injection Attempt -- mod_banners.php UNION SELECT (emerging-web_specific_apps.rules)
 2006451 - ET WEB_SPECIFIC_APPS Elxis CMS SQL Injection Attempt -- mod_banners.php INSERT (emerging-web_specific_apps.rules)
 2006452 - ET WEB_SPECIFIC_APPS Elxis CMS SQL Injection Attempt -- mod_banners.php DELETE (emerging-web_specific_apps.rules)
 2006453 - ET WEB_SPECIFIC_APPS Elxis CMS SQL Injection Attempt -- mod_banners.php ASCII (emerging-web_specific_apps.rules)
 2006454 - ET WEB_SPECIFIC_APPS Elxis CMS SQL Injection Attempt -- mod_banners.php UPDATE (emerging-web_specific_apps.rules)
 2006554 - ET WEB_SPECIFIC_APPS EasyPage SQL Injection Attempt -- default.aspx docId SELECT (emerging-web_specific_apps.rules)
 2006555 - ET WEB_SPECIFIC_APPS EasyPage SQL Injection Attempt -- default.aspx docId UNION SELECT (emerging-web_specific_apps.rules)
 2006556 - ET WEB_SPECIFIC_APPS EasyPage SQL Injection Attempt -- default.aspx docId INSERT (emerging-web_specific_apps.rules)
 2006557 - ET WEB_SPECIFIC_APPS EasyPage SQL Injection Attempt -- default.aspx docId DELETE (emerging-web_specific_apps.rules)
 2006558 - ET WEB_SPECIFIC_APPS EasyPage SQL Injection Attempt -- default.aspx docId ASCII (emerging-web_specific_apps.rules)
 2006559 - ET WEB_SPECIFIC_APPS EasyPage SQL Injection Attempt -- default.aspx docId UPDATE (emerging-web_specific_apps.rules)
 2006687 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp iFile SELECT (emerging-web_specific_apps.rules)
 2006688 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp iFile UNION SELECT (emerging-web_specific_apps.rules)
 2006689 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp iFile INSERT (emerging-web_specific_apps.rules)
 2006690 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp iFile DELETE (emerging-web_specific_apps.rules)
 2006691 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp iFile ASCII (emerging-web_specific_apps.rules)
 2006692 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp iFile UPDATE (emerging-web_specific_apps.rules)
 2006694 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp action SELECT (emerging-web_specific_apps.rules)
 2006695 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp action UNION SELECT (emerging-web_specific_apps.rules)
 2006696 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp action INSERT (emerging-web_specific_apps.rules)
 2006697 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp action DELETE (emerging-web_specific_apps.rules)
 2006698 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp action ASCII (emerging-web_specific_apps.rules)
 2006699 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp action UPDATE (emerging-web_specific_apps.rules)
 2006700 - ET WEB_SPECIFIC_APPS DUware DUpaypal SQL Injection Attempt -- detail.asp iType SELECT (emerging-web_specific_apps.rules)
 2006701 - ET WEB_SPECIFIC_APPS DUware DUpaypal SQL Injection Attempt -- detail.asp iType UNION SELECT (emerging-web_specific_apps.rules)
 2006702 - ET WEB_SPECIFIC_APPS DUware DUpaypal SQL Injection Attempt -- detail.asp iType INSERT (emerging-web_specific_apps.rules)
 2006703 - ET WEB_SPECIFIC_APPS DUware DUpaypal SQL Injection Attempt -- detail.asp iType DELETE (emerging-web_specific_apps.rules)
 2006704 - ET WEB_SPECIFIC_APPS DUware DUpaypal SQL Injection Attempt -- detail.asp iType ASCII (emerging-web_specific_apps.rules)
 2006705 - ET WEB_SPECIFIC_APPS DUware DUpaypal SQL Injection Attempt -- detail.asp iType UPDATE (emerging-web_specific_apps.rules)
 2006706 - ET WEB_SPECIFIC_APPS DuWare DuClassmate SQL Injection Attempt -- default.asp iCity SELECT (emerging-web_specific_apps.rules)
 2006707 - ET WEB_SPECIFIC_APPS DuWare DuClassmate SQL Injection Attempt -- default.asp iCity UNION SELECT (emerging-web_specific_apps.rules)
 2006708 - ET WEB_SPECIFIC_APPS DuWare DuClassmate SQL Injection Attempt -- default.asp iCity INSERT (emerging-web_specific_apps.rules)
 2006709 - ET WEB_SPECIFIC_APPS DuWare DuClassmate SQL Injection Attempt -- default.asp iCity DELETE (emerging-web_specific_apps.rules)
 2006710 - ET WEB_SPECIFIC_APPS DuWare DuClassmate SQL Injection Attempt -- default.asp iCity ASCII (emerging-web_specific_apps.rules)
 2006711 - ET WEB_SPECIFIC_APPS DuWare DuClassmate SQL Injection Attempt -- default.asp iCity UPDATE (emerging-web_specific_apps.rules)
 2006712 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews SELECT (emerging-web_specific_apps.rules)
 2006713 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews UNION SELECT (emerging-web_specific_apps.rules)
 2006714 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews INSERT (emerging-web_specific_apps.rules)
 2006715 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews DELETE (emerging-web_specific_apps.rules)
 2006716 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews ASCII (emerging-web_specific_apps.rules)
 2006717 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews UPDATE (emerging-web_specific_apps.rules)
 2006718 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iType SELECT (emerging-web_specific_apps.rules)
 2006719 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iType UNION SELECT (emerging-web_specific_apps.rules)
 2006720 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iType INSERT (emerging-web_specific_apps.rules)
 2006721 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iType DELETE (emerging-web_specific_apps.rules)
 2006722 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iType ASCII (emerging-web_specific_apps.rules)
 2006723 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iType UPDATE (emerging-web_specific_apps.rules)
 2006724 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp Action SELECT (emerging-web_specific_apps.rules)
 2006725 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp Action UNION SELECT (emerging-web_specific_apps.rules)
 2006726 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp Action INSERT (emerging-web_specific_apps.rules)
 2006727 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp Action DELETE (emerging-web_specific_apps.rules)
 2006728 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp Action ASCII (emerging-web_specific_apps.rules)
 2006729 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp Action UPDATE (emerging-web_specific_apps.rules)
 2007024 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp ad_id SELECT (emerging-web_specific_apps.rules)
 2007025 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp ad_id UNION SELECT (emerging-web_specific_apps.rules)
 2007026 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp ad_id INSERT (emerging-web_specific_apps.rules)
 2007027 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp ad_id DELETE (emerging-web_specific_apps.rules)
 2007028 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp ad_id ASCII (emerging-web_specific_apps.rules)
 2007029 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp ad_id UPDATE (emerging-web_specific_apps.rules)
 2007030 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dircat.asp cid SELECT (emerging-web_specific_apps.rules)
 2007031 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dircat.asp cid UNION SELECT (emerging-web_specific_apps.rules)
 2007032 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dircat.asp cid INSERT (emerging-web_specific_apps.rules)
 2007033 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dircat.asp cid DELETE (emerging-web_specific_apps.rules)
 2007034 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dircat.asp cid ASCII (emerging-web_specific_apps.rules)
 2007035 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dircat.asp cid UPDATE (emerging-web_specific_apps.rules)
 2007036 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dirSub.asp sid SELECT (emerging-web_specific_apps.rules)
 2007037 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dirSub.asp sid UNION SELECT (emerging-web_specific_apps.rules)
 2007038 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dirSub.asp sid INSERT (emerging-web_specific_apps.rules)
 2007039 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dirSub.asp sid DELETE (emerging-web_specific_apps.rules)
 2007040 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dirSub.asp sid ASCII (emerging-web_specific_apps.rules)
 2007041 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dirSub.asp sid UPDATE (emerging-web_specific_apps.rules)
 2007042 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp AD_ID SELECT (emerging-web_specific_apps.rules)
 2007043 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp AD_ID UNION SELECT (emerging-web_specific_apps.rules)
 2007044 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp AD_ID INSERT (emerging-web_specific_apps.rules)
 2007045 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp AD_ID DELETE (emerging-web_specific_apps.rules)
 2007046 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp AD_ID ASCII (emerging-web_specific_apps.rules)
 2007047 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp AD_ID UPDATE (emerging-web_specific_apps.rules)
 2007048 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp cat_id SELECT (emerging-web_specific_apps.rules)
 2007049 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp sub_id UPDATE (emerging-web_specific_apps.rules)
 2007050 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp cat_id INSERT (emerging-web_specific_apps.rules)
 2007051 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp cat_id DELETE (emerging-web_specific_apps.rules)
 2007052 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp cat_id ASCII (emerging-web_specific_apps.rules)
 2007053 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp cat_id UPDATE (emerging-web_specific_apps.rules)
 2007054 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp sub_id SELECT (emerging-web_specific_apps.rules)
 2007055 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp sub_id UNION SELECT (emerging-web_specific_apps.rules)
 2007056 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp sub_id INSERT (emerging-web_specific_apps.rules)
 2007057 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp sub_id DELETE (emerging-web_specific_apps.rules)
 2007058 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp sub_id ASCII (emerging-web_specific_apps.rules)
 2007059 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp cat_id UNION SELECT (emerging-web_specific_apps.rules)
 2007076 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dircat.asp cid SELECT (emerging-web_specific_apps.rules)
 2007077 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dircat.asp cid UNION SELECT (emerging-web_specific_apps.rules)
 2007078 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dircat.asp cid INSERT (emerging-web_specific_apps.rules)
 2007079 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dircat.asp cid DELETE (emerging-web_specific_apps.rules)
 2007080 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dircat.asp cid ASCII (emerging-web_specific_apps.rules)
 2007081 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dircat.asp cid UPDATE (emerging-web_specific_apps.rules)
 2007082 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dirSub.asp sid SELECT (emerging-web_specific_apps.rules)
 2007083 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dirSub.asp sid UNION SELECT (emerging-web_specific_apps.rules)
 2007084 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dirSub.asp sid INSERT (emerging-web_specific_apps.rules)
 2007085 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dirSub.asp sid DELETE (emerging-web_specific_apps.rules)
 2007086 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dirSub.asp sid ASCII (emerging-web_specific_apps.rules)
 2007087 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dirSub.asp sid UPDATE (emerging-web_specific_apps.rules)
 2007088 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- types.asp TYPE_ID SELECT (emerging-web_specific_apps.rules)
 2007089 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- types.asp TYPE_ID UNION SELECT (emerging-web_specific_apps.rules)
 2007090 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- types.asp TYPE_ID INSERT (emerging-web_specific_apps.rules)
 2007091 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- types.asp TYPE_ID DELETE (emerging-web_specific_apps.rules)
 2007092 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- types.asp TYPE_ID ASCII (emerging-web_specific_apps.rules)
 2007093 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- types.asp TYPE_ID UPDATE (emerging-web_specific_apps.rules)
 2007094 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- homeDetail.asp AD_ID SELECT (emerging-web_specific_apps.rules)
 2007095 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- homeDetail.asp AD_ID UNION SELECT (emerging-web_specific_apps.rules)
 2007096 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- homeDetail.asp AD_ID INSERT (emerging-web_specific_apps.rules)
 2007097 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- homeDetail.asp AD_ID DELETE (emerging-web_specific_apps.rules)
 2007098 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- homeDetail.asp AD_ID ASCII (emerging-web_specific_apps.rules)
 2007099 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- homeDetail.asp AD_ID UPDATE (emerging-web_specific_apps.rules)
 2007100 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- result.asp cat SELECT (emerging-web_specific_apps.rules)
 2007101 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- result.asp cat UNION SELECT (emerging-web_specific_apps.rules)
 2007102 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- result.asp cat INSERT (emerging-web_specific_apps.rules)
 2007103 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- result.asp cat DELETE (emerging-web_specific_apps.rules)
 2007104 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- result.asp cat ASCII (emerging-web_specific_apps.rules)
 2007105 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- result.asp cat UPDATE (emerging-web_specific_apps.rules)
 2007106 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- compareHomes.asp compare SELECT (emerging-web_specific_apps.rules)
 2007107 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- compareHomes.asp compare UNION SELECT (emerging-web_specific_apps.rules)
 2007108 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- compareHomes.asp compare INSERT (emerging-web_specific_apps.rules)
 2007109 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- compareHomes.asp compare DELETE (emerging-web_specific_apps.rules)
 2007110 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- compareHomes.asp compare ASCII (emerging-web_specific_apps.rules)
 2007111 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- compareHomes.asp compare UPDATE (emerging-web_specific_apps.rules)
 2007566 - ET TROJAN Downloader.MisleadApp Fake Security Product Install (emerging-trojan.rules)
 2007683 - ET TROJAN E-Jihad 3.0 HTTP Activity 1 (emerging-trojan.rules)
 2007684 - ET TROJAN E-Jihad 3.0 HTTP Activity 2 (emerging-trojan.rules)
 2007685 - ET TROJAN E-Jihad 3.0 HTTP Activity 3 (emerging-trojan.rules)
 2007686 - ET TROJAN E-Jihad 3.0 DDoS HTTP Activity OUTBOUND (emerging-trojan.rules)
 2007687 - ET TROJAN E-Jihad 3.0 DDoS HTTP Activity INBOUND (emerging-trojan.rules)
 2007688 - ET TROJAN Prg Trojan HTTP POST v1 (emerging-trojan.rules)
 2007724 - ET TROJAN Prg Trojan HTTP POST version 2 (emerging-trojan.rules)
 2007747 - ET TROJAN MBR Trojan (Sinowal/Mebroot/) Phoning Home (emerging-trojan.rules)
 2007748 - ET TROJAN NPRC Malicious POST Request Possible DOJ or DOT Malware (emerging-trojan.rules)
 2007758 - ET TROJAN Eldorado.BHO User-Agent Detected (netcfg) (emerging-trojan.rules)
 2007774 - ET TROJAN Lop.gfr/Swizzor HTTP Update/Checkin (emerging-trojan.rules)
 2007775 - ET TROJAN Krunchy/BZub HTTP Checkin/Update (emerging-trojan.rules)
 2007776 - ET TROJAN Krunchy/BZub HTTP POST Update (emerging-trojan.rules)
 2007823 - ET TROJAN Banker.OT Checkin (emerging-trojan.rules)
 2007828 - ET TROJAN LDPinch Checkin (2) (emerging-trojan.rules)
 2007829 - ET TROJAN Illusion Bot (Lussilon) Checkin (emerging-trojan.rules)
 2007831 - ET TROJAN Downloader General Bot Checking In via HTTP Post (bot_id push) (emerging-trojan.rules)
 2007833 - ET TROJAN Eldorado.BHO User-Agent Detected (MSIE 5.5) (emerging-trojan.rules)
 2007836 - ET TROJAN Downloader General Bot Checking In - Possible Win32.Small.htz related (emerging-trojan.rules)
 2007874 - ET EXPLOIT Now SMS/MMS Gateway HTTP BOF Vulnerability (emerging-exploit.rules)
 2008100 - ET TROJAN PRG/wnspoem/Zeus InfoStealer Trojan Config Download (emerging-trojan.rules)
 2008195 - ET TROJAN Dropper mdodo.com Related Trojan (emerging-trojan.rules)
 2008196 - ET TROJAN Dropper 6dzone.com Related Trojan (emerging-trojan.rules)
 2008218 - ET TROJAN Optix Pro Trojan/Keylogger Reporting Installation via HTTP-Email Post (emerging-trojan.rules)
 2008317 - ET TROJAN Hitpop.AG/Pophot.az HTTP Checkin (emerging-trojan.rules)
 2008322 - ET TROJAN FraudLoad.aww HTTP CnC Post (emerging-trojan.rules)
 2008338 - ET TROJAN KLog Nick Keylogger Checkin (emerging-trojan.rules)
 2008340 - ET TROJAN Lost Door Checkin (emerging-trojan.rules)
 2008346 - ET TROJAN Mitglieder Checkin (emerging-trojan.rules)
 2008347 - ET TROJAN Swizzor Checkin (emerging-trojan.rules)
 2008369 - ET TROJAN Keylogger Crack by bahman (emerging-trojan.rules)
 2008431 - ET TROJAN PWS.Gamania Checkin (emerging-trojan.rules)
 2008452 - ET TROJAN Emo/Downloader.uxk checkin (emerging-trojan.rules)
 2008515 - ET TROJAN Hupigon.AZG Checkin (emerging-trojan.rules)
 2008684 - ET WEB_SPECIFIC_APPS E-Shop Shopping Cart Script search_results.php SQL Injection (emerging-web_specific_apps.rules)
 2008740 - ET TROJAN Ligats/DR.Ilomo Agent Post (emerging-trojan.rules)
 2008760 - ET TROJAN Insidebar.co.kr Related Infection Checkin (emerging-trojan.rules)
 2008830 - ET WEB_SPECIFIC_APPS DevelopItEasy Photo Gallery cat_id paramter SQL Injection (emerging-web_specific_apps.rules)
 2008831 - ET WEB_SPECIFIC_APPS DevelopItEasy Photo Gallery photo_id paramter SQL Injection (emerging-web_specific_apps.rules)
 2008834 - ET WEB_SPECIFIC_APPS DevelopItEasy News And Article aid parameter SQL Injection (emerging-web_specific_apps.rules)
 2008838 - ET WEB_SPECIFIC_APPS DeltaScripts PHP Classifieds siteid parameter Remote SQL Injection (emerging-web_specific_apps.rules)
 2008864 - ET TROJAN Koobface Trojan HTTP Post Checkin (emerging-trojan.rules)
 2008883 - ET WEB_SPECIFIC_APPS Easyedit CMS page.php intpageID parameter sql injection (emerging-web_specific_apps.rules)
 2008884 - ET WEB_SPECIFIC_APPS Easyedit CMS subcategory.php intSubCategoryID parameter sql injection (emerging-web_specific_apps.rules)
 2008885 - ET WEB_SPECIFIC_APPS Easyedit CMS news.php intPageID parameter sql injection (emerging-web_specific_apps.rules)
 2008891 - ET TROJAN MEREDROP/micr0s0fts.cn Related Checkin (emerging-trojan.rules)
 2008943 - ET TROJAN Lop_com or variant Checkin (9kgen_up) (emerging-trojan.rules)
 2008984 - ET TROJAN Trojan-GameThief.Win32.OnLineGames infection report (emerging-trojan.rules)
 2009003 - ET TROJAN Win32/Korklic.A (emerging-trojan.rules)
 2009117 - ET WEB_SPECIFIC_APPS Easynet4u Link Host directory.php cat_id parameter SQL Injection (emerging-web_specific_apps.rules)
 2009317 - ET WEB_SPECIFIC_APPS DesktopOnNet don3_requiem.php app_path Parameter Remote File Inclusion (emerging-web_specific_apps.rules)
 2009318 - ET WEB_SPECIFIC_APPS DesktopOnNet frontpage.php app_path Parameter Remote File Inclusion (emerging-web_specific_apps.rules)
 2009319 - ET WEB_SPECIFIC_APPS DeZine DZcms products.php pcat parameter SQL injection (emerging-web_specific_apps.rules)
 2009323 - ET WEB_SPECIFIC_APPS Demium CMS tracking.php follow_kat Parameter SQL Injection (emerging-web_specific_apps.rules)
 2009324 - ET WEB_SPECIFIC_APPS Demium CMS urheber.php name Parameter Local File Inclusion (emerging-web_specific_apps.rules)
 2009366 - ET WEB_SPECIFIC_APPS EasySiteNetwork Riddles Complete Website riddle.php riddleid Parameter SQL Injection (emerging-web_specific_apps.rules)
 2009368 - ET WEB_SPECIFIC_APPS DeluxeBB misc.php qorder Parameter SQL Injection (emerging-web_specific_apps.rules)
 2009380 - ET WEB_SPECIFIC_APPS Acute Control Panel header.php theme_directory parameter local file inclusion (emerging-web_specific_apps.rules)
 2009412 - ET TROJAN Generic Trojan Checkin (emerging-trojan.rules)
 2009442 - ET TROJAN Generic Trojan Checkin (2) (emerging-trojan.rules)
 2009443 - ET TROJAN NoBo Downloader Dropper GET (emerging-trojan.rules)
 2009455 - ET TROJAN FAKE AV HTTP CnC Post (emerging-trojan.rules)
 2009472 - ET TROJAN Fasec/FakeAV Alert/Keylogger/Dropper/DNSChanger Possible Rootkit - HTTP GET (emerging-trojan.rules)
 2009514 - ET TROJAN FAKE/ROGUE AV HTTP Post (emerging-trojan.rules)
 2009519 - ET TROJAN Gaboc Trojan Check-in (emerging-trojan.rules)
 2009526 - ET TROJAN Downloader Checkin - Downloads Rogue Adware  (emerging-trojan.rules)
 2009527 - ET TROJAN Generic Downloader Checkin - HTTP GET  (emerging-trojan.rules)
 2009531 - ET TROJAN Gamania Trojan Check-in (emerging-trojan.rules)
 2009541 - ET TROJAN Suspicious User-Agent filled with System Details - GET Request (emerging-trojan.rules)
 2009549 - ET TROJAN Generic Downloader - HTTP POST (emerging-trojan.rules)
 2009553 - ET TROJAN FAKE/ROGUE AV - Encoded (data=) HTTP POST (emerging-trojan.rules)
 2009554 - ET TROJAN FAKE/ROGUE AV/Security Application Checkin (emerging-trojan.rules)
 2009704 - ET TROJAN Generic Downloader Check-in (emerging-trojan.rules)
 2009751 - ET TROJAN Fraudload/FakeAlert/FakeVimes Downloader - POST (emerging-trojan.rules)
 2009776 - ET TROJAN Oficla Downloader Activity Observed (emerging-trojan.rules)
 2009795 - ET WEB_SPECIFIC_APPS Dog Pedigree Online Database managePerson.php personId Parameter SQL Injection (emerging-web_specific_apps.rules)
 2009804 - ET TROJAN Screenblaze SCR Related Backdoor - GET (emerging-trojan.rules)
 2009805 - ET TROJAN Luder.B User-Agent (Mozilla/4.0 (SPGK)) - GET (emerging-trojan.rules)
 2009810 - ET TROJAN Swizzor-based Downloader - Invalid User-Agent (Mozilla/4.0 (compatible MSIE 7.0 na .NET CLR 2.0.50727 .NET CLR 3.0.4506.2152 .NET CLR 3.5.30729)) (emerging-trojan.rules)
 2009811 - ET TROJAN KillAV/Dropper/Mdrop/Hupigon - HTTP GET (emerging-trojan.rules)
 2009813 - ET TROJAN Trojan.MyDNS DNSChanger - HTTP POST (emerging-trojan.rules)
 2009826 - ET TROJAN Generic Backdoor Retrieve Instructions/Configs - HTTP GET (emerging-trojan.rules)
 2009832 - ET SCAN DCERPC rpcmgmt ifids Unauthenticated BIND (emerging-scan.rules)
 2009848 - ET WEB_SPECIFIC_APPS Dragoon header.inc.php root Parameter Remote File Inclusion (emerging-web_specific_apps.rules)
 2009876 - ET WEB_SPECIFIC_APPS Dokuwiki doku.php config_cascade Local File Inclusion (emerging-web_specific_apps.rules)
 2009904 - ET WEB_SPECIFIC_APPS AdaptBB latestposts.php forumspath Parameter Local File Inclusion (emerging-web_specific_apps.rules)
 2010007 - ET TROJAN Potential Gemini Malware Download (emerging-trojan.rules)
 2010073 - ET WEB_SPECIFIC_APPS Possible Docebo UPDATE SET SQL Injection Attempt (emerging-web_specific_apps.rules)
 2010074 - ET WEB_SPECIFIC_APPS Possible Docebo UNION SELECT SQL Injection Attempt (emerging-web_specific_apps.rules)
 2010075 - ET WEB_SPECIFIC_APPS Possible Docebo SELECT FROM SQL Injection Attempt (emerging-web_specific_apps.rules)
 2010076 - ET WEB_SPECIFIC_APPS Possible Docebo DELETE FROM SQL Injection Attempt (emerging-web_specific_apps.rules)
 2010077 - ET WEB_SPECIFIC_APPS Possible Docebo INSERT INTO Injection Attempt (emerging-web_specific_apps.rules)
 2010078 - ET WEB_SPECIFIC_APPS Possible Docebo UPDATE SET SQL Injection Attempt (emerging-web_specific_apps.rules)
 2010151 - ET TROJAN Koobface C&C availability check (emerging-trojan.rules)
 2010158 - ET TROJAN Nanspy Bot Checkin (emerging-trojan.rules)
 2010194 - ET WEB_SPECIFIC_APPS Adobe JRun Directory Traversal (emerging-web_specific_apps.rules)
 2010195 - ET WEB_SPECIFIC_APPS DS CMS DetailFile.php nFileId Parameter SQL Injection (emerging-web_specific_apps.rules)
 2010252 - ET WEB_SPECIFIC_APPS Datalife Engine api.class.php dle_config_api Parameter Remote File Inclusion (emerging-web_specific_apps.rules)
 2010259 - ET WEB_SPECIFIC_APPS DvBBS boardrule.php groupboardid Parameter SQL Injection (emerging-web_specific_apps.rules)
 2010282 - ET TROJAN Generic Trojan Checkin (double Content-Type headers) (emerging-trojan.rules)
 2010337 - ET TROJAN FakeAV Reporting - POST often to [resolution|borders].php (emerging-trojan.rules)
 2010439 - ET TROJAN Generic Trojan Checkin (UA VBTagEdit) (emerging-trojan.rules)
 2010512 - ET TROJAN FakeAV FakeSmoke HTTP POST check-in (emerging-trojan.rules)
 2010594 - ET TROJAN Potential FakeAV HTTP POST Check-IN (?r=) (emerging-trojan.rules)
 2010625 - ET TROJAN FakeAV Landing Page (aid,sid) (emerging-trojan.rules)
 2010626 - ET TROJAN Likely FakeAV/Fakeinit/FraudLoad Checkin (emerging-trojan.rules)
 2010627 - ET TROJAN Likely FakeAV/Fakeinit/FraudLoad Checkin (emerging-trojan.rules)
 2010628 - ET TROJAN Likely FakeAV/Fakeinit/FraudLoad Checkin (emerging-trojan.rules)
 2010700 - ET TROJAN Likely Koobface Beaconing (getexe) (emerging-trojan.rules)
 2010707 - ET WEB_SPECIFIC_APPS Dros core.write_compiled_include.php smarty Remote File Inclusion Attempt (emerging-web_specific_apps.rules)
 2010708 - ET WEB_SPECIFIC_APPS Dros core.process_compiled_include.php smarty Remote File Inclusion Attempt (emerging-web_specific_apps.rules)
 2010709 - ET WEB_SPECIFIC_APPS Dros function.config_load.php _compile_file Remote File Inclusion Attempt (emerging-web_specific_apps.rules)
 2010715 - ET SCAN ZmEu exploit scanner (emerging-scan.rules)
 2010743 - ET TROJAN Oficla Checkin (1) (emerging-trojan.rules)
 2011072 - ET TROJAN Fruspam polling for IP likely infected (emerging-trojan.rules)
 2011099 - ET WEB_SPECIFIC_APPS DaFun Spirit lgsl_players.php lgsl_path Parameter Remote File Inclusion (emerging-web_specific_apps.rules)
 2011100 - ET WEB_SPECIFIC_APPS DaFun Spirit lgsl_settings.php lgsl_path Parameter Remote File Inclusion (emerging-web_specific_apps.rules)
 2011104 - ET TROJAN Exploit kit attack activity likely hostile (emerging-trojan.rules)
 2011153 - ET WEB_SPECIFIC_APPS Ektron CMS400.NET reterror.aspx info Parameter Cross Site Scripting Attempt (emerging-web_specific_apps.rules)
 2011154 - ET WEB_SPECIFIC_APPS Ektron CMS400.NET medialist.aspx selectids Parameter Cross Site Scripting Attempt (emerging-web_specific_apps.rules)
 2011179 - ET TROJAN Generic Checkin - MSCommonInfoEx (emerging-trojan.rules)
 2011269 - ET TROJAN Downloader.Win32.Small (emerging-trojan.rules)
 2011277 - ET TROJAN Generic Trojan HTTP Get (emerging-trojan.rules)
 2011414 - ET TROJAN Win32/Small.gen!AQ Communication with Controller (emerging-trojan.rules)
 2011465 - ET WEB_SERVER /bin/sh In URI, Possible Shell Command Execution Attempt Within Web Exploit (emerging-web_server.rules)
 2011489 - ET TROJAN Meredrop or similar Checkin (emerging-trojan.rules)
 2011544 - ET TROJAN JAR Download From Crimepack Exploit Kit (emerging-trojan.rules)
 2011576 - ET TROJAN nte Binary Download Attempt (multiple malware variants served) (emerging-trojan.rules)
 2011577 - ET TROJAN DNSTrojan FakeAV Dropper Activity Observed (1) (emerging-trojan.rules)
 2011578 - ET TROJAN DNSTrojan FakeAV Dropper Activity Observed (2) (emerging-trojan.rules)
 2011589 - ET ACTIVEX Microsoft DirectX 9 msvidctl.dll ActiveX Control Code Execution Attempt (emerging-activex.rules)
 2011590 - ET ACTIVEX Microsoft DirectX 9 ActiveX Control Format String Function Call (emerging-activex.rules)
 2011725 - ET WEB_SPECIFIC_APPS EZPX photoblog tpl_base_dir Parameter Remote File Inclusion Attempt (emerging-web_specific_apps.rules)
 2011801 - ET ACTIVEX AoA Audio Extractor ActiveX Control Buffer Overflow Attempt (emerging-activex.rules)
 2011806 - ET WEB_SERVER ScriptResource.axd access without t (time) parameter - possible ASP padding-oracle exploit (emerging-web_server.rules)
 2011807 - ET WEB_SERVER WebResource.axd access without t (time) parameter - possible ASP padding-oracle exploit (emerging-web_server.rules)
 2011816 - ET TROJAN Zeus POST Request to CnC (emerging-trojan.rules)
 2011820 - ET TROJAN Fake AV CnC Checkin cycle_report (emerging-trojan.rules)
 2011827 - ET TROJAN Xilcter/Zeus related malware dropper reporting in (emerging-trojan.rules)
 2400000 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400001 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400002 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400003 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400004 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400005 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400006 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400007 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400008 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400009 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400010 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400011 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400012 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2401000 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401001 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401002 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401003 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401004 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401005 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401006 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401007 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401008 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401009 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401010 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401011 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401012 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2402000 - ET DROP Dshield Block Listed Source (emerging-dshield.rules)
 2402001 - ET DROP Dshield Block Listed Source (emerging-dshield.rules)
 2403000 - ET DROP Dshield Block Listed Source - BLOCKING (emerging-dshield-BLOCK.rules)
 2403001 - ET DROP Dshield Block Listed Source - BLOCKING (emerging-dshield-BLOCK.rules)


[///]    Modified inactive rules:    [///]

 2009441 - ET TROJAN Swizzor Family GET (emerging-trojan.rules)
 2011103 - ET TROJAN Exploit kit download payload likely Hiloti Gozi FakeAV etc (emerging-trojan.rules)
 2011346 - ET WEB_CLIENT Possible Unescape Javascript Obfuscation Attempt (emerging-web_client.rules)


[---]         Disabled rules:        [---]

 2001929 - ET WEB_SPECIFIC_APPS XSS Possible Arbitrary Scripting Code Attack in phpBB (signature) (emerging-web_specific_apps.rules)
 2008127 - ET ACTIVEX Data Dynamics ActiveBar ActiveX Control (Actbar3.ocx 3.2) Multiple Insecure Methods (emerging-activex.rules)
 2008314 - ET CURRENT_EVENTS Iframe in Purported Image Download (gif) - Likely SQL Injection Attacks Related (emerging-current_events.rules)
 2011819 - ET MALWARE Zero Content-Length HTTP POST with data (outbound) (emerging-malware.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to emerging-drop-BLOCK.rules (2):
        #  VERSION 2068
        #  Generated 2010-10-24 00:03:02 EDT

     -> Added to emerging-drop.rules (2):
        #  VERSION 2068
        #  Generated 2010-10-24 00:03:02 EDT

     -> Added to emerging.conf (37):
        #var SSH_PORTS 22
        #include $RULE_PATH/emerging-ftp.rules
        #include $RULE_PATH/emerging-policy.rules
        #include $RULE_PATH/emerging-trojan.rules
        #include $RULE_PATH/emerging-games.rules
        #include $RULE_PATH/emerging-pop3.rules
        #include $RULE_PATH/emerging-user_agents.rules
        ##include $RULE_PATH/emerging-activex.rules
        #include $RULE_PATH/emerging-rpc.rules
        #include $RULE_PATH/emerging-virus.rules
        #include $RULE_PATH/emerging-attack_response.rules
        #include $RULE_PATH/emerging-icmp.rules
        #include $RULE_PATH/emerging-scan.rules
        #include $RULE_PATH/emerging-voip.rules
        #include $RULE_PATH/emerging-chat.rules
        ##include $RULE_PATH/emerging-icmp_info.rules
        ##include $RULE_PATH/emerging-shellcode.rules
        ##include $RULE_PATH/emerging-web_client.rules
        #include $RULE_PATH/emerging-imap.rules
        #include $RULE_PATH/emerging-web_server.rules
        #include $RULE_PATH/emerging-current_events.rules
        ##include $RULE_PATH/emerging-inappropriate.rules
        #include $RULE_PATH/emerging-smtp.rules
        ##include $RULE_PATH/emerging-web_specific_apps.rules
        ##include $RULE_PATH/emerging-deleted.rules
        #include $RULE_PATH/emerging-malware.rules
        #include $RULE_PATH/emerging-snmp.rules
        #include $RULE_PATH/emerging-worm.rules
        #include $RULE_PATH/emerging-dns.rules
        #include $RULE_PATH/emerging-misc.rules
        #include $RULE_PATH/emerging-sql.rules
        #include $RULE_PATH/emerging-dos.rules
        #include $RULE_PATH/emerging-netbios.rules
        #include $RULE_PATH/emerging-telnet.rules
        #include $RULE_PATH/emerging-exploit.rules
        #include $RULE_PATH/emerging-p2p.rules
        #include $RULE_PATH/emerging-tftp.rules

     -> Added to sid-msg.map (77):
        2011827 || ET TROJAN Xilcter/Zeus related malware dropper reporting in
        2011828 || ETPRO WEB_SPECIFIC_APPS 724CMS section.php Module Parameter Local File inclusion Attempt || url,packetstormsecurity.org/1005-exploits/724cms459-lfi.txt
        2011829 || ETPRO WEB_SPECIFIC_APPS MyOWNspace getfeed.php file Parameter Local File Inclusion Attempt(1) || url,inj3ct0r.com/exploits/12674
        2011830 || ETPRO WEB_SPECIFIC_APPS MyOWNspace getfeed.php file Parameter Local File Inclusion Attempt(2) || url,inj3ct0r.com/exploits/12674
        2011831 || ETPRO WEB_SPECIFIC_APPS CMS Board site_path Parameter Remote File Inclusion Attempt || url,packetstormsecurity.org/1010-exploits/cmsboard-rfi.txt
        2011832 || ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter SELECT FROM SQL Injection Attempt || url,inj3ct0r.com/exploits/14205
        2011833 || ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter DELETE FROM SQL Injection Attempt || url,inj3ct0r.com/exploits/14205
        2011834 || ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter UNION SELECT SQL Injection Attempt || url,inj3ct0r.com/exploits/14205
        2011835 || ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter UPDATE SET SQL Injection Attempt || url,inj3ct0r.com/exploits/14205
        2011836 || ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter INSERT INTO SQL Injection Attempt || url,inj3ct0r.com/exploits/14205
        2011837 || ETPRO WEB_SPECIFIC_APPS A6MamboHelpDesk Admin.a6mambohelpdesk.php Remote File inclusion Attempt || cve,CVE-2006-3930 || bugtraq,19198
        2011838 || ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter SELECT FROM SQL Injection Attempt || url,packetstormsecurity.com/1010-exploits/phpfusionmguser-sql.txt
        2011839 || ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter DELETE FROM SQL Injection Attempt || url,packetstormsecurity.com/1010-exploits/phpfusionmguser-sql.txt
        2011840 || ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter UNION SELECT SQL Injection Attempt || url,packetstormsecurity.com/1010-exploits/phpfusionmguser-sql.txt
        2011841 || ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter UPDATE SET SQL Injection Attempt || url,packetstormsecurity.com/1010-exploits/phpfusionmguser-sql.txt
        2011842 || ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter INSERT INTO SQL Injection Attempt || url,packetstormsecurity.com/1010-exploits/phpfusionmguser-sql.txt
        2011843 || ETPRO WEB_SPECIFIC_APPS BaconMap updatelist.php filepath Local File Inclusion Attempt || url,packetstormsecurity.com/1010-exploits/baconmap10-lfi.txt
        2011844 || ETPRO WEB_SPECIFIC_APPS Joomla com_rwcards mosConfig_absolute_path Remote File Inclusion Attempt || url,packetstormsecurity.com/1010-exploits/joomlarwcards-rfi.txt
        2011845 || ETPRO WEB_SPECIFIC_APPS Lantern CMS intPassedLocationID Parameter Cross Site Scripting Attempt || bugtraq,43865
        2011846 || ETPRO WEB_SPECIFIC_APPS OrangeHRM uri Parameter Local File Inclusion Attempt || url,exploit-db.com/exploits/15232
        2011847 || ETPRO WEB_SPECIFIC_APPS Joomla com_jomestate Parameter Remote File Inclusion Attempt || url,inj3ct0r.com/exploits/12835
        2011848 || ET TROJAN Win32/Comotor.A!dll Reporting 1 || url,microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Trojan%3AWin32%2FComotor.A!dll&ThreatID=-2147346593 || url,threatexpert.com/report.aspx?md5=5e1c680e70e423dd02e31ab9d689e40b
        2011849 || ET TROJAN Win32/Comotor.A!dll Reporting 2 || url,microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Trojan%3AWin32%2FComotor.A!dll&ThreatID=-2147346593 || url,threatexpert.com/report.aspx?md5=5e1c680e70e423dd02e31ab9d689e40b
        2011850 || ET TROJAN Carberp file download
        2011851 || ET TROJAN Carberp CnC request - POST id=imp
        2011852 || ET WEB_SPECIFIC_APPS W-Agora search.php bn Parameter Cross Site Scripting Attempt || bugtraq,44370
        2011853 || ET WEB_SPECIFIC_APPS W-Agora search.php bn Parameter Local File Inclusion Attempt || bugtraq,44370
        2011854 || ET POLICY Java JAR file download
        2011855 || ET POLICY Java JAR Download Attempt || url,blogs.technet.com/b/mmpc/archive/2010/10/18/have-you-checked-the-java.aspx
        2011856 || ET MALWARE HTML.Psyme.Gen Reporting || url,threatexpert.com/report.aspx?md5=de1adb1df396863e7e3967271e7db734
        2011857 || ET TROJAN SpyEye C&C Check-in URI || url,krebsonsecurity.com/2010/10/spyeye-v-zeus-rivalry-ends-in-quiet-merger/ || url,www.symantec.com/connect/blogs/spyeye-bot-versus-zeus-bot
        2011858 || ET TROJAN SpyEye style HTTP Header GET structure || url,krebsonsecurity.com/2010/10/spyeye-v-zeus-rivalry-ends-in-quiet-merger/ || url,www.symantec.com/connect/blogs/spyeye-bot-versus-zeus-bot
        2011860 || ET WEB_SPECIFIC_APPS Oracle Fusion Middleware BPEL Console Cross Site Scripting || cve,2010-3581 || bid,43954
        2011861 || ET CURRENT_EVENTS Bredolab CnC URL Detected || url,blog.fireeye.com/.a/6a00d835018afd53ef013488839529970c-pi
        2011862 || ET TROJAN Feodo Banking Trojan Account Details Post || url,blog.fireeye.com/research/2010/10/feodosoff-a-new-botnet-on-the-rise.html#more
        2011863 || ET TROJAN Feodo Banking Trojan Receiving Configuration File || url,blog.fireeye.com/research/2010/10/feodosoff-a-new-botnet-on-the-rise.html
        2011864 || ET WEB_CLIENT Possible Oracle Java APPLET Tag Children Property Memory Corruption Attempt || url,www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html || url,code.google.com/p/skylined/issues/detail?id=18
        2011865 || ET WEB_CLIENT Embedded Executable File in PDF - This Program Cannot Be Run in DOS Mode
        2011866 || ET WEB_CLIENT Suspicious Embedded Shockwave Flash In PDF
        2011867 || ET ACTIVEX Trend Micro Internet Security Pro 2010 ActiveX extSetOwner Remote Code Execution Attempt || url,www.exploit-db.com/trend-micro-internet-security-pro-2010-activex-extsetowner-remote-code-execution/
        2011868 || ET WEB_CLIENT Possible Javascript obfuscation using app.setTimeOut in PDF in Order to Run Code || url,www.vicheck.ca/md5query.php?hash=6932d141916cd95e3acaa3952c7596e4 || url,www.h-online.com/security/features/CSI-Internet-PDF-timebomb-1038864.html?page=4
        2011869 || ET ACTIVEX Softek Barcode Reader Toolkit ActiveX Control Buffer Overflow Attempt || url,exploit-db.com/exploits/15071
        2011870 || ET ACTIVEX Softek Barcode Reader Toolkit ActiveX Control Format String Function Call || url,exploit-db.com/exploits/15071/
        2011871 || ET POLICY SubmitToTDWTF.asmx DailyWTF Potential Source Code Leakage || url,code.google.com/p/submittotdwtf/source/browse/trunk/ || url,thedailywtf.com/Articles/Submit-WTF-Code-Directly-From-Your-IDE.aspx
        2011872 || ET USER_AGENTS Suspicious Gbot UA Detected
        2011873 || ET CURRENT_EVENTS Suspicious HTTP GET to JPG with query string
        2011874 || ET POLICY NSPlayer User-Agent Windows Media Player streaming detected || url,msdn.microsoft.com/en-us/library/cc234851
        2011875 || ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter SELECT FROM SQL Injection Attempt || url,exploit-db.com/exploits/15309/
        2011876 || ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter DELETE FROM SQL Injection Attempt || url,exploit-db.com/exploits/15309/
        2011877 || ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter UNION SELECT SQL Injection Attempt || url,exploit-db.com/exploits/15309/
        2011878 || ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter INSERT INTO SQL Injection Attempt || url,exploit-db.com/exploits/15309/
        2011879 || ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter UPDATE SET SQL Injection Attempt || url,exploit-db.com/exploits/15309/
        2011880 || ET WEB_SPECIFIC_APPS phpBazar picturelib.php Remote File inclusion Attempt || url,exploit-db.com/exploits/12855/ || cve,CVE-2010-2315
        2011881 || ET WEB_SPECIFIC_APPS Open Web Analytics mw_plugin.php IP Parameter Remote File inclusion Attempt || url,exploit-db.com/exploits/11903/
        2011882 || ET WEB_SPECIFIC_APPS Open Web Analytics owa_action Parameter Local File inclusion Attempt || url,exploit-db.com/exploits/11903/
        2011883 || ET WEB_SPECIFIC_APPS Open Web Analytics owa_do Parameter Local File inclusion Attempt || url,exploit-db.com/exploits/11903/
        2011884 || ET WEB_SPECIFIC_APPS iGaming CMS loadplugin.php load Parameter Local File inclusion Attempt || url,packetstormsecurity.org/1010-exploits/igamingcms-lfi.txt
        2500538 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (270) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500539 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (270) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500540 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (271) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500541 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (271) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500542 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (272) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500543 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (272) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500544 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (273) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500545 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (273) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500546 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (274) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500547 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (274) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510538 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (270) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510539 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (270) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510540 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (271) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510541 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (271) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510542 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (272) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510543 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (272) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510544 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (273) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510545 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (273) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510546 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (274) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510547 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (274) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts

[---]     Removed non-rule lines:    [---]

     -> Removed from emerging-drop-BLOCK.rules (2):
        #  VERSION 2067
        #  Generated 2010-10-23 00:03:02 EDT

     -> Removed from emerging-drop.rules (2):
        #  VERSION 2067
        #  Generated 2010-10-23 00:03:02 EDT

     -> Removed from emerging.conf (37):
        var SSH_PORTS 22
        include $RULE_PATH/emerging-ftp.rules
        include $RULE_PATH/emerging-policy.rules
        include $RULE_PATH/emerging-trojan.rules
        include $RULE_PATH/emerging-games.rules
        include $RULE_PATH/emerging-pop3.rules
        include $RULE_PATH/emerging-user_agents.rules
        #include $RULE_PATH/emerging-activex.rules
        include $RULE_PATH/emerging-rpc.rules
        include $RULE_PATH/emerging-virus.rules
        include $RULE_PATH/emerging-attack_response.rules
        include $RULE_PATH/emerging-icmp.rules
        include $RULE_PATH/emerging-scan.rules
        include $RULE_PATH/emerging-voip.rules
        include $RULE_PATH/emerging-chat.rules
        #include $RULE_PATH/emerging-icmp_info.rules
        #include $RULE_PATH/emerging-shellcode.rules
        #include $RULE_PATH/emerging-web_client.rules
        include $RULE_PATH/emerging-imap.rules
        include $RULE_PATH/emerging-web_server.rules
        include $RULE_PATH/emerging-current_events.rules
        #include $RULE_PATH/emerging-inappropriate.rules
        include $RULE_PATH/emerging-smtp.rules
        #include $RULE_PATH/emerging-web_specific_apps.rules
        #include $RULE_PATH/emerging-deleted.rules
        include $RULE_PATH/emerging-malware.rules
        include $RULE_PATH/emerging-snmp.rules
        include $RULE_PATH/emerging-worm.rules
        include $RULE_PATH/emerging-dns.rules
        include $RULE_PATH/emerging-misc.rules
        include $RULE_PATH/emerging-sql.rules
        include $RULE_PATH/emerging-dos.rules
        include $RULE_PATH/emerging-netbios.rules
        include $RULE_PATH/emerging-telnet.rules
        include $RULE_PATH/emerging-exploit.rules
        include $RULE_PATH/emerging-p2p.rules
        include $RULE_PATH/emerging-tftp.rules

     -> Removed from sid-msg.map (17):
        2011827 || ET TROJAN Zeus related malware dropper reporting in
        2404298 || ET DROP Known Bot C&C Server Traffic TCP (group 150)  || url,www.shadowserver.org
        2404299 || ET DROP Known Bot C&C Server Traffic UDP (group 150)  || url,www.shadowserver.org
        2404300 || ET DROP Known Bot C&C Server Traffic TCP (group 151)  || url,www.shadowserver.org
        2404301 || ET DROP Known Bot C&C Server Traffic UDP (group 151)  || url,www.shadowserver.org
        2404302 || ET DROP Known Bot C&C Server Traffic TCP (group 152)  || url,www.shadowserver.org
        2404303 || ET DROP Known Bot C&C Server Traffic UDP (group 152)  || url,www.shadowserver.org
        2404304 || ET DROP Known Bot C&C Server Traffic TCP (group 153)  || url,www.shadowserver.org
        2404305 || ET DROP Known Bot C&C Server Traffic UDP (group 153)  || url,www.shadowserver.org
        2405298 || ET DROP Known Bot C&C Traffic TCP (group 150) - BLOCKING SOURCE || url,www.shadowserver.org
        2405299 || ET DROP Known Bot C&C Traffic UDP (group 150) - BLOCKING SOURCE || url,www.shadowserver.org
        2405300 || ET DROP Known Bot C&C Traffic TCP (group 151) - BLOCKING SOURCE || url,www.shadowserver.org
        2405301 || ET DROP Known Bot C&C Traffic UDP (group 151) - BLOCKING SOURCE || url,www.shadowserver.org
        2405302 || ET DROP Known Bot C&C Traffic TCP (group 152) - BLOCKING SOURCE || url,www.shadowserver.org
        2405303 || ET DROP Known Bot C&C Traffic UDP (group 152) - BLOCKING SOURCE || url,www.shadowserver.org
        2405304 || ET DROP Known Bot C&C Traffic TCP (group 153) - BLOCKING SOURCE || url,www.shadowserver.org
        2405305 || ET DROP Known Bot C&C Traffic UDP (group 153) - BLOCKING SOURCE || url,www.shadowserver.org

*********************** snort-2.8.4 open ***********************

[***] Results from Oinkmaster started Sat Oct 30 16:00:47 2010 [***]

[+++]          Added rules:          [+++]

 2011828 - ETPRO WEB_SPECIFIC_APPS 724CMS section.php Module Parameter Local File inclusion Attempt (emerging-web_specific_apps.rules)
 2011829 - ETPRO WEB_SPECIFIC_APPS MyOWNspace getfeed.php file Parameter Local File Inclusion Attempt(1) (emerging-web_specific_apps.rules)
 2011830 - ETPRO WEB_SPECIFIC_APPS MyOWNspace getfeed.php file Parameter Local File Inclusion Attempt(2) (emerging-web_specific_apps.rules)
 2011831 - ETPRO WEB_SPECIFIC_APPS CMS Board site_path Parameter Remote File Inclusion Attempt (emerging-web_specific_apps.rules)
 2011832 - ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter SELECT FROM SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011833 - ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter DELETE FROM SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011834 - ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter UNION SELECT SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011835 - ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter UPDATE SET SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011836 - ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter INSERT INTO SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011837 - ETPRO WEB_SPECIFIC_APPS A6MamboHelpDesk Admin.a6mambohelpdesk.php Remote File inclusion Attempt (emerging-web_specific_apps.rules)
 2011838 - ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter SELECT FROM SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011839 - ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter DELETE FROM SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011840 - ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter UNION SELECT SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011841 - ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter UPDATE SET SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011842 - ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter INSERT INTO SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011843 - ETPRO WEB_SPECIFIC_APPS BaconMap updatelist.php filepath Local File Inclusion Attempt (emerging-web_specific_apps.rules)
 2011844 - ETPRO WEB_SPECIFIC_APPS Joomla com_rwcards mosConfig_absolute_path Remote File Inclusion Attempt (emerging-web_specific_apps.rules)
 2011845 - ETPRO WEB_SPECIFIC_APPS Lantern CMS intPassedLocationID Parameter Cross Site Scripting Attempt (emerging-web_specific_apps.rules)
 2011846 - ETPRO WEB_SPECIFIC_APPS OrangeHRM uri Parameter Local File Inclusion Attempt (emerging-web_specific_apps.rules)
 2011847 - ETPRO WEB_SPECIFIC_APPS Joomla com_jomestate Parameter Remote File Inclusion Attempt (emerging-web_specific_apps.rules)
 2011848 - ET TROJAN Win32/Comotor.A!dll Reporting 1 (emerging-trojan.rules)
 2011849 - ET TROJAN Win32/Comotor.A!dll Reporting 2 (emerging-trojan.rules)
 2011850 - ET TROJAN Carberp file download (emerging-trojan.rules)
 2011851 - ET TROJAN Carberp CnC request - POST id=imp (emerging-trojan.rules)
 2011852 - ET WEB_SPECIFIC_APPS W-Agora search.php bn Parameter Cross Site Scripting Attempt (emerging-web_specific_apps.rules)
 2011853 - ET WEB_SPECIFIC_APPS W-Agora search.php bn Parameter Local File Inclusion Attempt (emerging-web_specific_apps.rules)
 2011854 - ET POLICY Java JAR file download (emerging-policy.rules)
 2011855 - ET POLICY Java JAR Download Attempt (emerging-policy.rules)
 2011856 - ET MALWARE HTML.Psyme.Gen Reporting (emerging-malware.rules)
 2011857 - ET TROJAN SpyEye C&C Check-in URI (emerging-trojan.rules)
 2011858 - ET TROJAN SpyEye style HTTP Header GET structure (emerging-trojan.rules)
 2011860 - ET WEB_SPECIFIC_APPS Oracle Fusion Middleware BPEL Console Cross Site Scripting (emerging-web_specific_apps.rules)
 2011861 - ET CURRENT_EVENTS Bredolab CnC URL Detected (emerging-current_events.rules)
 2011862 - ET TROJAN Feodo Banking Trojan Account Details Post (emerging-trojan.rules)
 2011863 - ET TROJAN Feodo Banking Trojan Receiving Configuration File (emerging-trojan.rules)
 2011864 - ET WEB_CLIENT Possible Oracle Java APPLET Tag Children Property Memory Corruption Attempt (emerging-web_client.rules)
 2011865 - ET WEB_CLIENT Embedded Executable File in PDF - This Program Cannot Be Run in DOS Mode (emerging-web_client.rules)
 2011866 - ET WEB_CLIENT Suspicious Embedded Shockwave Flash In PDF (emerging-web_client.rules)
 2011867 - ET ACTIVEX Trend Micro Internet Security Pro 2010 ActiveX extSetOwner Remote Code Execution Attempt (emerging-activex.rules)
 2011868 - ET WEB_CLIENT Possible Javascript obfuscation using app.setTimeOut in PDF in Order to Run Code (emerging-web_client.rules)
 2011869 - ET ACTIVEX Softek Barcode Reader Toolkit ActiveX Control Buffer Overflow Attempt (emerging-activex.rules)
 2011870 - ET ACTIVEX Softek Barcode Reader Toolkit ActiveX Control Format String Function Call (emerging-activex.rules)
 2011871 - ET POLICY SubmitToTDWTF.asmx DailyWTF Potential Source Code Leakage (emerging-policy.rules)
 2011872 - ET USER_AGENTS Suspicious Gbot UA Detected (emerging-user_agents.rules)
 2011873 - ET CURRENT_EVENTS Suspicious HTTP GET to JPG with query string (emerging-current_events.rules)
 2011874 - ET POLICY NSPlayer User-Agent Windows Media Player streaming detected (emerging-policy.rules)
 2011875 - ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter SELECT FROM SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011876 - ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter DELETE FROM SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011877 - ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter UNION SELECT SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011878 - ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter INSERT INTO SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011879 - ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter UPDATE SET SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011880 - ET WEB_SPECIFIC_APPS phpBazar picturelib.php Remote File inclusion Attempt (emerging-web_specific_apps.rules)
 2011881 - ET WEB_SPECIFIC_APPS Open Web Analytics mw_plugin.php IP Parameter Remote File inclusion Attempt (emerging-web_specific_apps.rules)
 2011882 - ET WEB_SPECIFIC_APPS Open Web Analytics owa_action Parameter Local File inclusion Attempt (emerging-web_specific_apps.rules)
 2011883 - ET WEB_SPECIFIC_APPS Open Web Analytics owa_do Parameter Local File inclusion Attempt (emerging-web_specific_apps.rules)
 2011884 - ET WEB_SPECIFIC_APPS iGaming CMS loadplugin.php load Parameter Local File inclusion Attempt (emerging-web_specific_apps.rules)


[///]     Modified active rules:     [///]

    1334 - GPL EXPLOIT echo command attempt (emerging-exploit.rules)
    2318 - GPL EXPLOIT CVS non-relative path access attempt (emerging-exploit.rules)
 2002995 - ET SCAN Rapid IMAPS Connections - Possible Brute Force Attack (emerging-scan.rules)
 2003085 - ET WEB_SPECIFIC_APPS TWiki Configure Script TYPEOF Remote Command Execution Attempt (emerging-web_specific_apps.rules)
 2003182 - ET TROJAN Prg Trojan v0.1-v0.3 Data Upload (emerging-trojan.rules)
 2003190 - ET TROJAN Win32.Lager Trojan Reporting Spam (emerging-trojan.rules)
 2003770 - ET WEB_SPECIFIC_APPS E-Annu SQL Injection Attempt -- home.php a SELECT (emerging-web_specific_apps.rules)
 2003771 - ET WEB_SPECIFIC_APPS E-Annu SQL Injection Attempt -- home.php a UNION SELECT (emerging-web_specific_apps.rules)
 2003772 - ET WEB_SPECIFIC_APPS E-Annu SQL Injection Attempt -- home.php a INSERT (emerging-web_specific_apps.rules)
 2003773 - ET WEB_SPECIFIC_APPS E-Annu SQL Injection Attempt -- home.php a DELETE (emerging-web_specific_apps.rules)
 2003774 - ET WEB_SPECIFIC_APPS E-Annu SQL Injection Attempt -- home.php a ASCII (emerging-web_specific_apps.rules)
 2003775 - ET WEB_SPECIFIC_APPS E-Annu SQL Injection Attempt -- home.php a UPDATE (emerging-web_specific_apps.rules)
 2003876 - ET WEB_SPECIFIC_APPS EQdkp XSS Attempt -- listmembers.php show (emerging-web_specific_apps.rules)
 2003877 - ET WEB_SPECIFIC_APPS EQdkp XSS Attempt -- stats.php show (emerging-web_specific_apps.rules)
 2003920 - ET WEB_SPECIFIC_APPS DVDdb XSS Attempt -- loan.php movieid (emerging-web_specific_apps.rules)
 2003921 - ET WEB_SPECIFIC_APPS DVDdb XSS Attempt -- listmovies.php s (emerging-web_specific_apps.rules)
 2003924 - ET SCAN WebHack Control Center User-Agent Inbound (WHCC/) (emerging-scan.rules)
 2004595 - ET WEB_SPECIFIC_APPS Digirez XSS Attempt -- info_book.asp Room_name (emerging-web_specific_apps.rules)
 2006449 - ET WEB_SPECIFIC_APPS Elxis CMS SQL Injection Attempt -- mod_banners.php SELECT (emerging-web_specific_apps.rules)
 2006450 - ET WEB_SPECIFIC_APPS Elxis CMS SQL Injection Attempt -- mod_banners.php UNION SELECT (emerging-web_specific_apps.rules)
 2006451 - ET WEB_SPECIFIC_APPS Elxis CMS SQL Injection Attempt -- mod_banners.php INSERT (emerging-web_specific_apps.rules)
 2006452 - ET WEB_SPECIFIC_APPS Elxis CMS SQL Injection Attempt -- mod_banners.php DELETE (emerging-web_specific_apps.rules)
 2006453 - ET WEB_SPECIFIC_APPS Elxis CMS SQL Injection Attempt -- mod_banners.php ASCII (emerging-web_specific_apps.rules)
 2006454 - ET WEB_SPECIFIC_APPS Elxis CMS SQL Injection Attempt -- mod_banners.php UPDATE (emerging-web_specific_apps.rules)
 2006554 - ET WEB_SPECIFIC_APPS EasyPage SQL Injection Attempt -- default.aspx docId SELECT (emerging-web_specific_apps.rules)
 2006555 - ET WEB_SPECIFIC_APPS EasyPage SQL Injection Attempt -- default.aspx docId UNION SELECT (emerging-web_specific_apps.rules)
 2006556 - ET WEB_SPECIFIC_APPS EasyPage SQL Injection Attempt -- default.aspx docId INSERT (emerging-web_specific_apps.rules)
 2006557 - ET WEB_SPECIFIC_APPS EasyPage SQL Injection Attempt -- default.aspx docId DELETE (emerging-web_specific_apps.rules)
 2006558 - ET WEB_SPECIFIC_APPS EasyPage SQL Injection Attempt -- default.aspx docId ASCII (emerging-web_specific_apps.rules)
 2006559 - ET WEB_SPECIFIC_APPS EasyPage SQL Injection Attempt -- default.aspx docId UPDATE (emerging-web_specific_apps.rules)
 2006689 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp iFile INSERT (emerging-web_specific_apps.rules)
 2006690 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp iFile DELETE (emerging-web_specific_apps.rules)
 2006691 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp iFile ASCII (emerging-web_specific_apps.rules)
 2006692 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp iFile UPDATE (emerging-web_specific_apps.rules)
 2006694 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp action SELECT (emerging-web_specific_apps.rules)
 2006695 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp action UNION SELECT (emerging-web_specific_apps.rules)
 2006696 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp action INSERT (emerging-web_specific_apps.rules)
 2006697 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp action DELETE (emerging-web_specific_apps.rules)
 2006698 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp action ASCII (emerging-web_specific_apps.rules)
 2006699 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp action UPDATE (emerging-web_specific_apps.rules)
 2006700 - ET WEB_SPECIFIC_APPS DUware DUpaypal SQL Injection Attempt -- detail.asp iType SELECT (emerging-web_specific_apps.rules)
 2006701 - ET WEB_SPECIFIC_APPS DUware DUpaypal SQL Injection Attempt -- detail.asp iType UNION SELECT (emerging-web_specific_apps.rules)
 2006702 - ET WEB_SPECIFIC_APPS DUware DUpaypal SQL Injection Attempt -- detail.asp iType INSERT (emerging-web_specific_apps.rules)
 2006703 - ET WEB_SPECIFIC_APPS DUware DUpaypal SQL Injection Attempt -- detail.asp iType DELETE (emerging-web_specific_apps.rules)
 2006704 - ET WEB_SPECIFIC_APPS DUware DUpaypal SQL Injection Attempt -- detail.asp iType ASCII (emerging-web_specific_apps.rules)
 2006705 - ET WEB_SPECIFIC_APPS DUware DUpaypal SQL Injection Attempt -- detail.asp iType UPDATE (emerging-web_specific_apps.rules)
 2006706 - ET WEB_SPECIFIC_APPS DuWare DuClassmate SQL Injection Attempt -- default.asp iCity SELECT (emerging-web_specific_apps.rules)
 2006707 - ET WEB_SPECIFIC_APPS DuWare DuClassmate SQL Injection Attempt -- default.asp iCity UNION SELECT (emerging-web_specific_apps.rules)
 2006708 - ET WEB_SPECIFIC_APPS DuWare DuClassmate SQL Injection Attempt -- default.asp iCity INSERT (emerging-web_specific_apps.rules)
 2006709 - ET WEB_SPECIFIC_APPS DuWare DuClassmate SQL Injection Attempt -- default.asp iCity DELETE (emerging-web_specific_apps.rules)
 2006710 - ET WEB_SPECIFIC_APPS DuWare DuClassmate SQL Injection Attempt -- default.asp iCity ASCII (emerging-web_specific_apps.rules)
 2006711 - ET WEB_SPECIFIC_APPS DuWare DuClassmate SQL Injection Attempt -- default.asp iCity UPDATE (emerging-web_specific_apps.rules)
 2006712 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews SELECT (emerging-web_specific_apps.rules)
 2006713 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews UNION SELECT (emerging-web_specific_apps.rules)
 2006714 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews INSERT (emerging-web_specific_apps.rules)
 2006715 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews DELETE (emerging-web_specific_apps.rules)
 2006716 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews ASCII (emerging-web_specific_apps.rules)
 2006717 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews UPDATE (emerging-web_specific_apps.rules)
 2006718 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iType SELECT (emerging-web_specific_apps.rules)
 2006719 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iType UNION SELECT (emerging-web_specific_apps.rules)
 2006720 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iType INSERT (emerging-web_specific_apps.rules)
 2006721 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iType DELETE (emerging-web_specific_apps.rules)
 2006722 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iType ASCII (emerging-web_specific_apps.rules)
 2006723 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iType UPDATE (emerging-web_specific_apps.rules)
 2006724 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp Action SELECT (emerging-web_specific_apps.rules)
 2006725 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp Action UNION SELECT (emerging-web_specific_apps.rules)
 2006726 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp Action INSERT (emerging-web_specific_apps.rules)
 2006727 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp Action DELETE (emerging-web_specific_apps.rules)
 2006728 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp Action ASCII (emerging-web_specific_apps.rules)
 2006729 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp Action UPDATE (emerging-web_specific_apps.rules)
 2007024 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp ad_id SELECT (emerging-web_specific_apps.rules)
 2007025 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp ad_id UNION SELECT (emerging-web_specific_apps.rules)
 2007026 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp ad_id INSERT (emerging-web_specific_apps.rules)
 2007027 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp ad_id DELETE (emerging-web_specific_apps.rules)
 2007028 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp ad_id ASCII (emerging-web_specific_apps.rules)
 2007029 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp ad_id UPDATE (emerging-web_specific_apps.rules)
 2007030 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dircat.asp cid SELECT (emerging-web_specific_apps.rules)
 2007031 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dircat.asp cid UNION SELECT (emerging-web_specific_apps.rules)
 2007032 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dircat.asp cid INSERT (emerging-web_specific_apps.rules)
 2007033 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dircat.asp cid DELETE (emerging-web_specific_apps.rules)
 2007034 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dircat.asp cid ASCII (emerging-web_specific_apps.rules)
 2007035 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dircat.asp cid UPDATE (emerging-web_specific_apps.rules)
 2007036 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dirSub.asp sid SELECT (emerging-web_specific_apps.rules)
 2007037 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dirSub.asp sid UNION SELECT (emerging-web_specific_apps.rules)
 2007038 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dirSub.asp sid INSERT (emerging-web_specific_apps.rules)
 2007039 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dirSub.asp sid DELETE (emerging-web_specific_apps.rules)
 2007040 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dirSub.asp sid ASCII (emerging-web_specific_apps.rules)
 2007041 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dirSub.asp sid UPDATE (emerging-web_specific_apps.rules)
 2007042 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp AD_ID SELECT (emerging-web_specific_apps.rules)
 2007043 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp AD_ID UNION SELECT (emerging-web_specific_apps.rules)
 2007044 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp AD_ID INSERT (emerging-web_specific_apps.rules)
 2007045 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp AD_ID DELETE (emerging-web_specific_apps.rules)
 2007046 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp AD_ID ASCII (emerging-web_specific_apps.rules)
 2007047 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp AD_ID UPDATE (emerging-web_specific_apps.rules)
 2007048 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp cat_id SELECT (emerging-web_specific_apps.rules)
 2007049 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp sub_id UPDATE (emerging-web_specific_apps.rules)
 2007050 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp cat_id INSERT (emerging-web_specific_apps.rules)
 2007051 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp cat_id DELETE (emerging-web_specific_apps.rules)
 2007052 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp cat_id ASCII (emerging-web_specific_apps.rules)
 2007053 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp cat_id UPDATE (emerging-web_specific_apps.rules)
 2007054 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp sub_id SELECT (emerging-web_specific_apps.rules)
 2007055 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp sub_id UNION SELECT (emerging-web_specific_apps.rules)
 2007056 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp sub_id INSERT (emerging-web_specific_apps.rules)
 2007057 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp sub_id DELETE (emerging-web_specific_apps.rules)
 2007058 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp sub_id ASCII (emerging-web_specific_apps.rules)
 2007059 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp cat_id UNION SELECT (emerging-web_specific_apps.rules)
 2007076 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dircat.asp cid SELECT (emerging-web_specific_apps.rules)
 2007077 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dircat.asp cid UNION SELECT (emerging-web_specific_apps.rules)
 2007078 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dircat.asp cid INSERT (emerging-web_specific_apps.rules)
 2007079 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dircat.asp cid DELETE (emerging-web_specific_apps.rules)
 2007080 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dircat.asp cid ASCII (emerging-web_specific_apps.rules)
 2007081 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dircat.asp cid UPDATE (emerging-web_specific_apps.rules)
 2007082 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dirSub.asp sid SELECT (emerging-web_specific_apps.rules)
 2007083 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dirSub.asp sid UNION SELECT (emerging-web_specific_apps.rules)
 2007084 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dirSub.asp sid INSERT (emerging-web_specific_apps.rules)
 2007085 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dirSub.asp sid DELETE (emerging-web_specific_apps.rules)
 2007086 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dirSub.asp sid ASCII (emerging-web_specific_apps.rules)
 2007087 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dirSub.asp sid UPDATE (emerging-web_specific_apps.rules)
 2007088 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- types.asp TYPE_ID SELECT (emerging-web_specific_apps.rules)
 2007090 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- types.asp TYPE_ID INSERT (emerging-web_specific_apps.rules)
 2007091 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- types.asp TYPE_ID DELETE (emerging-web_specific_apps.rules)
 2007092 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- types.asp TYPE_ID ASCII (emerging-web_specific_apps.rules)
 2007093 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- types.asp TYPE_ID UPDATE (emerging-web_specific_apps.rules)
 2007094 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- homeDetail.asp AD_ID SELECT (emerging-web_specific_apps.rules)
 2007095 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- homeDetail.asp AD_ID UNION SELECT (emerging-web_specific_apps.rules)
 2007096 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- homeDetail.asp AD_ID INSERT (emerging-web_specific_apps.rules)
 2007097 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- homeDetail.asp AD_ID DELETE (emerging-web_specific_apps.rules)
 2007098 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- homeDetail.asp AD_ID ASCII (emerging-web_specific_apps.rules)
 2007099 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- homeDetail.asp AD_ID UPDATE (emerging-web_specific_apps.rules)
 2007100 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- result.asp cat SELECT (emerging-web_specific_apps.rules)
 2007101 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- result.asp cat UNION SELECT (emerging-web_specific_apps.rules)
 2007102 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- result.asp cat INSERT (emerging-web_specific_apps.rules)
 2007103 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- result.asp cat DELETE (emerging-web_specific_apps.rules)
 2007104 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- result.asp cat ASCII (emerging-web_specific_apps.rules)
 2007105 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- result.asp cat UPDATE (emerging-web_specific_apps.rules)
 2007106 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- compareHomes.asp compare SELECT (emerging-web_specific_apps.rules)
 2007107 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- compareHomes.asp compare UNION SELECT (emerging-web_specific_apps.rules)
 2007108 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- compareHomes.asp compare INSERT (emerging-web_specific_apps.rules)
 2007109 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- compareHomes.asp compare DELETE (emerging-web_specific_apps.rules)
 2007110 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- compareHomes.asp compare ASCII (emerging-web_specific_apps.rules)
 2007111 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- compareHomes.asp compare UPDATE (emerging-web_specific_apps.rules)
 2007566 - ET TROJAN Downloader.MisleadApp Fake Security Product Install (emerging-trojan.rules)
 2007687 - ET TROJAN E-Jihad 3.0 DDoS HTTP Activity INBOUND (emerging-trojan.rules)
 2007688 - ET TROJAN Prg Trojan HTTP POST v1 (emerging-trojan.rules)
 2007724 - ET TROJAN Prg Trojan HTTP POST version 2 (emerging-trojan.rules)
 2007747 - ET TROJAN MBR Trojan (Sinowal/Mebroot/) Phoning Home (emerging-trojan.rules)
 2007748 - ET TROJAN NPRC Malicious POST Request Possible DOJ or DOT Malware (emerging-trojan.rules)
 2007774 - ET TROJAN Lop.gfr/Swizzor HTTP Update/Checkin (emerging-trojan.rules)
 2007775 - ET TROJAN Krunchy/BZub HTTP Checkin/Update (emerging-trojan.rules)
 2007776 - ET TROJAN Krunchy/BZub HTTP POST Update (emerging-trojan.rules)
 2007828 - ET TROJAN LDPinch Checkin (2) (emerging-trojan.rules)
 2007829 - ET TROJAN Illusion Bot (Lussilon) Checkin (emerging-trojan.rules)
 2007874 - ET EXPLOIT Now SMS/MMS Gateway HTTP BOF Vulnerability (emerging-exploit.rules)
 2008218 - ET TROJAN Optix Pro Trojan/Keylogger Reporting Installation via HTTP-Email Post (emerging-trojan.rules)
 2008317 - ET TROJAN Hitpop.AG/Pophot.az HTTP Checkin (emerging-trojan.rules)
 2008338 - ET TROJAN KLog Nick Keylogger Checkin (emerging-trojan.rules)
 2008346 - ET TROJAN Mitglieder Checkin (emerging-trojan.rules)
 2008347 - ET TROJAN Swizzor Checkin (emerging-trojan.rules)
 2008369 - ET TROJAN Keylogger Crack by bahman (emerging-trojan.rules)
 2008740 - ET TROJAN Ligats/DR.Ilomo Agent Post (emerging-trojan.rules)
 2008760 - ET TROJAN Insidebar.co.kr Related Infection Checkin (emerging-trojan.rules)
 2008864 - ET TROJAN Koobface Trojan HTTP Post Checkin (emerging-trojan.rules)
 2008891 - ET TROJAN MEREDROP/micr0s0fts.cn Related Checkin (emerging-trojan.rules)
 2008943 - ET TROJAN Lop_com or variant Checkin (9kgen_up) (emerging-trojan.rules)
 2009003 - ET TROJAN Win32/Korklic.A (emerging-trojan.rules)
 2009412 - ET TROJAN Generic Trojan Checkin (emerging-trojan.rules)
 2009442 - ET TROJAN Generic Trojan Checkin (2) (emerging-trojan.rules)
 2009443 - ET TROJAN NoBo Downloader Dropper GET (emerging-trojan.rules)
 2009776 - ET TROJAN Oficla Downloader Activity Observed (emerging-trojan.rules)
 2009805 - ET TROJAN Luder.B User-Agent (Mozilla/4.0 (SPGK)) - GET (emerging-trojan.rules)
 2009810 - ET TROJAN Swizzor-based Downloader - Invalid User-Agent (Mozilla/4.0 (compatible MSIE 7.0 na .NET CLR 2.0.50727 .NET CLR 3.0.4506.2152 .NET CLR 3.5.30729)) (emerging-trojan.rules)
 2009811 - ET TROJAN KillAV/Dropper/Mdrop/Hupigon - HTTP GET (emerging-trojan.rules)
 2009813 - ET TROJAN Trojan.MyDNS DNSChanger - HTTP POST (emerging-trojan.rules)
 2009826 - ET TROJAN Generic Backdoor Retrieve Instructions/Configs - HTTP GET (emerging-trojan.rules)
 2009832 - ET SCAN DCERPC rpcmgmt ifids Unauthenticated BIND (emerging-scan.rules)
 2010151 - ET TROJAN Koobface C&C availability check (emerging-trojan.rules)
 2010158 - ET TROJAN Nanspy Bot Checkin (emerging-trojan.rules)
 2010282 - ET TROJAN Generic Trojan Checkin (double Content-Type headers) (emerging-trojan.rules)
 2010439 - ET TROJAN Generic Trojan Checkin (UA VBTagEdit) (emerging-trojan.rules)
 2010700 - ET TROJAN Likely Koobface Beaconing (getexe) (emerging-trojan.rules)
 2010715 - ET SCAN ZmEu exploit scanner (emerging-scan.rules)
 2011173 - ET ACTIVEX Windows Help Center Arbitrary Command Execution Exploit Attempt (emerging-activex.rules)
 2011277 - ET TROJAN Generic Trojan HTTP Get (emerging-trojan.rules)
 2011816 - ET TROJAN Zeus POST Request to CnC (emerging-trojan.rules)
 2011827 - ET TROJAN Xilcter/Zeus related malware dropper reporting in (emerging-trojan.rules)
 2400000 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400001 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400002 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400003 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400004 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400005 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400006 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400007 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400008 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400009 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400010 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400011 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400012 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2401000 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401001 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401002 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401003 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401004 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401005 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401006 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401007 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401008 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401009 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401010 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401011 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401012 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2402000 - ET DROP Dshield Block Listed Source (emerging-dshield.rules)
 2402001 - ET DROP Dshield Block Listed Source (emerging-dshield.rules)
 2403000 - ET DROP Dshield Block Listed Source - BLOCKING (emerging-dshield-BLOCK.rules)
 2403001 - ET DROP Dshield Block Listed Source - BLOCKING (emerging-dshield-BLOCK.rules)


[///]    Modified inactive rules:    [///]

 2009441 - ET TROJAN Swizzor Family GET (emerging-trojan.rules)
 2011346 - ET WEB_CLIENT Possible Unescape Javascript Obfuscation Attempt (emerging-web_client.rules)


[---]         Disabled rules:        [---]

     405 - GPL ICMP_INFO Destination Unreachable Source Host Isolated (emerging-icmp_info.rules)
    1610 - GPL EXPLOIT formmail arbitrary command execution attempt (emerging-exploit.rules)
    3023 - GPL NETBIOS SMB-DS NT Trans NT CREATE andx oversized Security Descriptor attempt (emerging-netbios.rules)
    3025 - GPL NETBIOS SMB-DS NT Trans NT CREATE unicode andx oversized Security Descriptor attempt (emerging-netbios.rules)
    3031 - GPL NETBIOS SMB-DS NT Trans NT CREATE andx SACL overflow attempt (emerging-netbios.rules)
    3033 - GPL NETBIOS SMB-DS NT Trans NT CREATE unicode andx SACL overflow attempt (emerging-netbios.rules)
    3039 - GPL NETBIOS SMB-DS NT Trans NT CREATE andx DACL overflow attempt (emerging-netbios.rules)
    3041 - GPL NETBIOS SMB-DS NT Trans NT CREATE unicode andx DACL overflow attempt (emerging-netbios.rules)
 2001929 - ET WEB_SPECIFIC_APPS XSS Possible Arbitrary Scripting Code Attack in phpBB (signature) (emerging-web_specific_apps.rules)
 2008127 - ET ACTIVEX Data Dynamics ActiveBar ActiveX Control (Actbar3.ocx 3.2) Multiple Insecure Methods (emerging-activex.rules)
 2008314 - ET CURRENT_EVENTS Iframe in Purported Image Download (gif) - Likely SQL Injection Attacks Related (emerging-current_events.rules)
 2011819 - ET MALWARE Zero Content-Length HTTP POST with data (outbound) (emerging-malware.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to emerging-drop-BLOCK.rules (2):
        #  VERSION 2068
        #  Generated 2010-10-24 00:03:02 EDT

     -> Added to emerging-drop.rules (2):
        #  VERSION 2068
        #  Generated 2010-10-24 00:03:02 EDT

     -> Added to emerging.conf (37):
        #var SSH_PORTS 22
        #include $RULE_PATH/emerging-ftp.rules
        #include $RULE_PATH/emerging-policy.rules
        #include $RULE_PATH/emerging-trojan.rules
        #include $RULE_PATH/emerging-games.rules
        #include $RULE_PATH/emerging-pop3.rules
        #include $RULE_PATH/emerging-user_agents.rules
        ##include $RULE_PATH/emerging-activex.rules
        #include $RULE_PATH/emerging-rpc.rules
        #include $RULE_PATH/emerging-virus.rules
        #include $RULE_PATH/emerging-attack_response.rules
        #include $RULE_PATH/emerging-icmp.rules
        #include $RULE_PATH/emerging-scan.rules
        #include $RULE_PATH/emerging-voip.rules
        #include $RULE_PATH/emerging-chat.rules
        ##include $RULE_PATH/emerging-icmp_info.rules
        ##include $RULE_PATH/emerging-shellcode.rules
        ##include $RULE_PATH/emerging-web_client.rules
        #include $RULE_PATH/emerging-imap.rules
        #include $RULE_PATH/emerging-web_server.rules
        #include $RULE_PATH/emerging-current_events.rules
        ##include $RULE_PATH/emerging-inappropriate.rules
        #include $RULE_PATH/emerging-smtp.rules
        ##include $RULE_PATH/emerging-web_specific_apps.rules
        ##include $RULE_PATH/emerging-deleted.rules
        #include $RULE_PATH/emerging-malware.rules
        #include $RULE_PATH/emerging-snmp.rules
        #include $RULE_PATH/emerging-worm.rules
        #include $RULE_PATH/emerging-dns.rules
        #include $RULE_PATH/emerging-misc.rules
        #include $RULE_PATH/emerging-sql.rules
        #include $RULE_PATH/emerging-dos.rules
        #include $RULE_PATH/emerging-netbios.rules
        #include $RULE_PATH/emerging-telnet.rules
        #include $RULE_PATH/emerging-exploit.rules
        #include $RULE_PATH/emerging-p2p.rules
        #include $RULE_PATH/emerging-tftp.rules

     -> Added to sid-msg.map (77):
        2011827 || ET TROJAN Xilcter/Zeus related malware dropper reporting in
        2011828 || ETPRO WEB_SPECIFIC_APPS 724CMS section.php Module Parameter Local File inclusion Attempt || url,packetstormsecurity.org/1005-exploits/724cms459-lfi.txt
        2011829 || ETPRO WEB_SPECIFIC_APPS MyOWNspace getfeed.php file Parameter Local File Inclusion Attempt(1) || url,inj3ct0r.com/exploits/12674
        2011830 || ETPRO WEB_SPECIFIC_APPS MyOWNspace getfeed.php file Parameter Local File Inclusion Attempt(2) || url,inj3ct0r.com/exploits/12674
        2011831 || ETPRO WEB_SPECIFIC_APPS CMS Board site_path Parameter Remote File Inclusion Attempt || url,packetstormsecurity.org/1010-exploits/cmsboard-rfi.txt
        2011832 || ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter SELECT FROM SQL Injection Attempt || url,inj3ct0r.com/exploits/14205
        2011833 || ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter DELETE FROM SQL Injection Attempt || url,inj3ct0r.com/exploits/14205
        2011834 || ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter UNION SELECT SQL Injection Attempt || url,inj3ct0r.com/exploits/14205
        2011835 || ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter UPDATE SET SQL Injection Attempt || url,inj3ct0r.com/exploits/14205
        2011836 || ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter INSERT INTO SQL Injection Attempt || url,inj3ct0r.com/exploits/14205
        2011837 || ETPRO WEB_SPECIFIC_APPS A6MamboHelpDesk Admin.a6mambohelpdesk.php Remote File inclusion Attempt || cve,CVE-2006-3930 || bugtraq,19198
        2011838 || ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter SELECT FROM SQL Injection Attempt || url,packetstormsecurity.com/1010-exploits/phpfusionmguser-sql.txt
        2011839 || ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter DELETE FROM SQL Injection Attempt || url,packetstormsecurity.com/1010-exploits/phpfusionmguser-sql.txt
        2011840 || ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter UNION SELECT SQL Injection Attempt || url,packetstormsecurity.com/1010-exploits/phpfusionmguser-sql.txt
        2011841 || ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter UPDATE SET SQL Injection Attempt || url,packetstormsecurity.com/1010-exploits/phpfusionmguser-sql.txt
        2011842 || ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter INSERT INTO SQL Injection Attempt || url,packetstormsecurity.com/1010-exploits/phpfusionmguser-sql.txt
        2011843 || ETPRO WEB_SPECIFIC_APPS BaconMap updatelist.php filepath Local File Inclusion Attempt || url,packetstormsecurity.com/1010-exploits/baconmap10-lfi.txt
        2011844 || ETPRO WEB_SPECIFIC_APPS Joomla com_rwcards mosConfig_absolute_path Remote File Inclusion Attempt || url,packetstormsecurity.com/1010-exploits/joomlarwcards-rfi.txt
        2011845 || ETPRO WEB_SPECIFIC_APPS Lantern CMS intPassedLocationID Parameter Cross Site Scripting Attempt || bugtraq,43865
        2011846 || ETPRO WEB_SPECIFIC_APPS OrangeHRM uri Parameter Local File Inclusion Attempt || url,exploit-db.com/exploits/15232
        2011847 || ETPRO WEB_SPECIFIC_APPS Joomla com_jomestate Parameter Remote File Inclusion Attempt || url,inj3ct0r.com/exploits/12835
        2011848 || ET TROJAN Win32/Comotor.A!dll Reporting 1 || url,microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Trojan%3AWin32%2FComotor.A!dll&ThreatID=-2147346593 || url,threatexpert.com/report.aspx?md5=5e1c680e70e423dd02e31ab9d689e40b
        2011849 || ET TROJAN Win32/Comotor.A!dll Reporting 2 || url,microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Trojan%3AWin32%2FComotor.A!dll&ThreatID=-2147346593 || url,threatexpert.com/report.aspx?md5=5e1c680e70e423dd02e31ab9d689e40b
        2011850 || ET TROJAN Carberp file download
        2011851 || ET TROJAN Carberp CnC request - POST id=imp
        2011852 || ET WEB_SPECIFIC_APPS W-Agora search.php bn Parameter Cross Site Scripting Attempt || bugtraq,44370
        2011853 || ET WEB_SPECIFIC_APPS W-Agora search.php bn Parameter Local File Inclusion Attempt || bugtraq,44370
        2011854 || ET POLICY Java JAR file download
        2011855 || ET POLICY Java JAR Download Attempt || url,blogs.technet.com/b/mmpc/archive/2010/10/18/have-you-checked-the-java.aspx
        2011856 || ET MALWARE HTML.Psyme.Gen Reporting || url,threatexpert.com/report.aspx?md5=de1adb1df396863e7e3967271e7db734
        2011857 || ET TROJAN SpyEye C&C Check-in URI || url,krebsonsecurity.com/2010/10/spyeye-v-zeus-rivalry-ends-in-quiet-merger/ || url,www.symantec.com/connect/blogs/spyeye-bot-versus-zeus-bot
        2011858 || ET TROJAN SpyEye style HTTP Header GET structure || url,krebsonsecurity.com/2010/10/spyeye-v-zeus-rivalry-ends-in-quiet-merger/ || url,www.symantec.com/connect/blogs/spyeye-bot-versus-zeus-bot
        2011860 || ET WEB_SPECIFIC_APPS Oracle Fusion Middleware BPEL Console Cross Site Scripting || cve,2010-3581 || bid,43954
        2011861 || ET CURRENT_EVENTS Bredolab CnC URL Detected || url,blog.fireeye.com/.a/6a00d835018afd53ef013488839529970c-pi
        2011862 || ET TROJAN Feodo Banking Trojan Account Details Post || url,blog.fireeye.com/research/2010/10/feodosoff-a-new-botnet-on-the-rise.html#more
        2011863 || ET TROJAN Feodo Banking Trojan Receiving Configuration File || url,blog.fireeye.com/research/2010/10/feodosoff-a-new-botnet-on-the-rise.html
        2011864 || ET WEB_CLIENT Possible Oracle Java APPLET Tag Children Property Memory Corruption Attempt || url,www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html || url,code.google.com/p/skylined/issues/detail?id=18
        2011865 || ET WEB_CLIENT Embedded Executable File in PDF - This Program Cannot Be Run in DOS Mode
        2011866 || ET WEB_CLIENT Suspicious Embedded Shockwave Flash In PDF
        2011867 || ET ACTIVEX Trend Micro Internet Security Pro 2010 ActiveX extSetOwner Remote Code Execution Attempt || url,www.exploit-db.com/trend-micro-internet-security-pro-2010-activex-extsetowner-remote-code-execution/
        2011868 || ET WEB_CLIENT Possible Javascript obfuscation using app.setTimeOut in PDF in Order to Run Code || url,www.vicheck.ca/md5query.php?hash=6932d141916cd95e3acaa3952c7596e4 || url,www.h-online.com/security/features/CSI-Internet-PDF-timebomb-1038864.html?page=4
        2011869 || ET ACTIVEX Softek Barcode Reader Toolkit ActiveX Control Buffer Overflow Attempt || url,exploit-db.com/exploits/15071
        2011870 || ET ACTIVEX Softek Barcode Reader Toolkit ActiveX Control Format String Function Call || url,exploit-db.com/exploits/15071/
        2011871 || ET POLICY SubmitToTDWTF.asmx DailyWTF Potential Source Code Leakage || url,code.google.com/p/submittotdwtf/source/browse/trunk/ || url,thedailywtf.com/Articles/Submit-WTF-Code-Directly-From-Your-IDE.aspx
        2011872 || ET USER_AGENTS Suspicious Gbot UA Detected
        2011873 || ET CURRENT_EVENTS Suspicious HTTP GET to JPG with query string
        2011874 || ET POLICY NSPlayer User-Agent Windows Media Player streaming detected || url,msdn.microsoft.com/en-us/library/cc234851
        2011875 || ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter SELECT FROM SQL Injection Attempt || url,exploit-db.com/exploits/15309/
        2011876 || ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter DELETE FROM SQL Injection Attempt || url,exploit-db.com/exploits/15309/
        2011877 || ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter UNION SELECT SQL Injection Attempt || url,exploit-db.com/exploits/15309/
        2011878 || ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter INSERT INTO SQL Injection Attempt || url,exploit-db.com/exploits/15309/
        2011879 || ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter UPDATE SET SQL Injection Attempt || url,exploit-db.com/exploits/15309/
        2011880 || ET WEB_SPECIFIC_APPS phpBazar picturelib.php Remote File inclusion Attempt || url,exploit-db.com/exploits/12855/ || cve,CVE-2010-2315
        2011881 || ET WEB_SPECIFIC_APPS Open Web Analytics mw_plugin.php IP Parameter Remote File inclusion Attempt || url,exploit-db.com/exploits/11903/
        2011882 || ET WEB_SPECIFIC_APPS Open Web Analytics owa_action Parameter Local File inclusion Attempt || url,exploit-db.com/exploits/11903/
        2011883 || ET WEB_SPECIFIC_APPS Open Web Analytics owa_do Parameter Local File inclusion Attempt || url,exploit-db.com/exploits/11903/
        2011884 || ET WEB_SPECIFIC_APPS iGaming CMS loadplugin.php load Parameter Local File inclusion Attempt || url,packetstormsecurity.org/1010-exploits/igamingcms-lfi.txt
        2500538 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (270) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500539 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (270) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500540 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (271) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500541 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (271) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500542 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (272) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500543 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (272) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500544 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (273) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500545 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (273) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500546 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (274) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500547 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (274) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510538 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (270) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510539 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (270) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510540 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (271) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510541 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (271) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510542 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (272) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510543 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (272) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510544 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (273) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510545 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (273) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510546 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (274) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510547 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (274) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts

[---]     Removed non-rule lines:    [---]

     -> Removed from emerging-drop-BLOCK.rules (2):
        #  VERSION 2067
        #  Generated 2010-10-23 00:03:02 EDT

     -> Removed from emerging-drop.rules (2):
        #  VERSION 2067
        #  Generated 2010-10-23 00:03:02 EDT

     -> Removed from emerging.conf (37):
        var SSH_PORTS 22
        include $RULE_PATH/emerging-ftp.rules
        include $RULE_PATH/emerging-policy.rules
        include $RULE_PATH/emerging-trojan.rules
        include $RULE_PATH/emerging-games.rules
        include $RULE_PATH/emerging-pop3.rules
        include $RULE_PATH/emerging-user_agents.rules
        #include $RULE_PATH/emerging-activex.rules
        include $RULE_PATH/emerging-rpc.rules
        include $RULE_PATH/emerging-virus.rules
        include $RULE_PATH/emerging-attack_response.rules
        include $RULE_PATH/emerging-icmp.rules
        include $RULE_PATH/emerging-scan.rules
        include $RULE_PATH/emerging-voip.rules
        include $RULE_PATH/emerging-chat.rules
        #include $RULE_PATH/emerging-icmp_info.rules
        #include $RULE_PATH/emerging-shellcode.rules
        #include $RULE_PATH/emerging-web_client.rules
        include $RULE_PATH/emerging-imap.rules
        include $RULE_PATH/emerging-web_server.rules
        include $RULE_PATH/emerging-current_events.rules
        #include $RULE_PATH/emerging-inappropriate.rules
        include $RULE_PATH/emerging-smtp.rules
        #include $RULE_PATH/emerging-web_specific_apps.rules
        #include $RULE_PATH/emerging-deleted.rules
        include $RULE_PATH/emerging-malware.rules
        include $RULE_PATH/emerging-snmp.rules
        include $RULE_PATH/emerging-worm.rules
        include $RULE_PATH/emerging-dns.rules
        include $RULE_PATH/emerging-misc.rules
        include $RULE_PATH/emerging-sql.rules
        include $RULE_PATH/emerging-dos.rules
        include $RULE_PATH/emerging-netbios.rules
        include $RULE_PATH/emerging-telnet.rules
        include $RULE_PATH/emerging-exploit.rules
        include $RULE_PATH/emerging-p2p.rules
        include $RULE_PATH/emerging-tftp.rules

     -> Removed from sid-msg.map (17):
        2011827 || ET TROJAN Zeus related malware dropper reporting in
        2404298 || ET DROP Known Bot C&C Server Traffic TCP (group 150)  || url,www.shadowserver.org
        2404299 || ET DROP Known Bot C&C Server Traffic UDP (group 150)  || url,www.shadowserver.org
        2404300 || ET DROP Known Bot C&C Server Traffic TCP (group 151)  || url,www.shadowserver.org
        2404301 || ET DROP Known Bot C&C Server Traffic UDP (group 151)  || url,www.shadowserver.org
        2404302 || ET DROP Known Bot C&C Server Traffic TCP (group 152)  || url,www.shadowserver.org
        2404303 || ET DROP Known Bot C&C Server Traffic UDP (group 152)  || url,www.shadowserver.org
        2404304 || ET DROP Known Bot C&C Server Traffic TCP (group 153)  || url,www.shadowserver.org
        2404305 || ET DROP Known Bot C&C Server Traffic UDP (group 153)  || url,www.shadowserver.org
        2405298 || ET DROP Known Bot C&C Traffic TCP (group 150) - BLOCKING SOURCE || url,www.shadowserver.org
        2405299 || ET DROP Known Bot C&C Traffic UDP (group 150) - BLOCKING SOURCE || url,www.shadowserver.org
        2405300 || ET DROP Known Bot C&C Traffic TCP (group 151) - BLOCKING SOURCE || url,www.shadowserver.org
        2405301 || ET DROP Known Bot C&C Traffic UDP (group 151) - BLOCKING SOURCE || url,www.shadowserver.org
        2405302 || ET DROP Known Bot C&C Traffic TCP (group 152) - BLOCKING SOURCE || url,www.shadowserver.org
        2405303 || ET DROP Known Bot C&C Traffic UDP (group 152) - BLOCKING SOURCE || url,www.shadowserver.org
        2405304 || ET DROP Known Bot C&C Traffic TCP (group 153) - BLOCKING SOURCE || url,www.shadowserver.org
        2405305 || ET DROP Known Bot C&C Traffic UDP (group 153) - BLOCKING SOURCE || url,www.shadowserver.org

*********************** snort-2.8.4 open-nogpl ***********************

[***] Results from Oinkmaster started Sat Oct 30 16:00:58 2010 [***]

[+++]          Added rules:          [+++]

 2011828 - ETPRO WEB_SPECIFIC_APPS 724CMS section.php Module Parameter Local File inclusion Attempt (emerging-web_specific_apps.rules)
 2011829 - ETPRO WEB_SPECIFIC_APPS MyOWNspace getfeed.php file Parameter Local File Inclusion Attempt(1) (emerging-web_specific_apps.rules)
 2011830 - ETPRO WEB_SPECIFIC_APPS MyOWNspace getfeed.php file Parameter Local File Inclusion Attempt(2) (emerging-web_specific_apps.rules)
 2011831 - ETPRO WEB_SPECIFIC_APPS CMS Board site_path Parameter Remote File Inclusion Attempt (emerging-web_specific_apps.rules)
 2011832 - ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter SELECT FROM SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011833 - ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter DELETE FROM SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011834 - ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter UNION SELECT SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011835 - ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter UPDATE SET SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011836 - ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter INSERT INTO SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011837 - ETPRO WEB_SPECIFIC_APPS A6MamboHelpDesk Admin.a6mambohelpdesk.php Remote File inclusion Attempt (emerging-web_specific_apps.rules)
 2011838 - ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter SELECT FROM SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011839 - ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter DELETE FROM SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011840 - ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter UNION SELECT SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011841 - ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter UPDATE SET SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011842 - ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter INSERT INTO SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011843 - ETPRO WEB_SPECIFIC_APPS BaconMap updatelist.php filepath Local File Inclusion Attempt (emerging-web_specific_apps.rules)
 2011844 - ETPRO WEB_SPECIFIC_APPS Joomla com_rwcards mosConfig_absolute_path Remote File Inclusion Attempt (emerging-web_specific_apps.rules)
 2011845 - ETPRO WEB_SPECIFIC_APPS Lantern CMS intPassedLocationID Parameter Cross Site Scripting Attempt (emerging-web_specific_apps.rules)
 2011846 - ETPRO WEB_SPECIFIC_APPS OrangeHRM uri Parameter Local File Inclusion Attempt (emerging-web_specific_apps.rules)
 2011847 - ETPRO WEB_SPECIFIC_APPS Joomla com_jomestate Parameter Remote File Inclusion Attempt (emerging-web_specific_apps.rules)
 2011848 - ET TROJAN Win32/Comotor.A!dll Reporting 1 (emerging-trojan.rules)
 2011849 - ET TROJAN Win32/Comotor.A!dll Reporting 2 (emerging-trojan.rules)
 2011850 - ET TROJAN Carberp file download (emerging-trojan.rules)
 2011851 - ET TROJAN Carberp CnC request - POST id=imp (emerging-trojan.rules)
 2011852 - ET WEB_SPECIFIC_APPS W-Agora search.php bn Parameter Cross Site Scripting Attempt (emerging-web_specific_apps.rules)
 2011853 - ET WEB_SPECIFIC_APPS W-Agora search.php bn Parameter Local File Inclusion Attempt (emerging-web_specific_apps.rules)
 2011854 - ET POLICY Java JAR file download (emerging-policy.rules)
 2011855 - ET POLICY Java JAR Download Attempt (emerging-policy.rules)
 2011856 - ET MALWARE HTML.Psyme.Gen Reporting (emerging-malware.rules)
 2011857 - ET TROJAN SpyEye C&C Check-in URI (emerging-trojan.rules)
 2011858 - ET TROJAN SpyEye style HTTP Header GET structure (emerging-trojan.rules)
 2011860 - ET WEB_SPECIFIC_APPS Oracle Fusion Middleware BPEL Console Cross Site Scripting (emerging-web_specific_apps.rules)
 2011861 - ET CURRENT_EVENTS Bredolab CnC URL Detected (emerging-current_events.rules)
 2011862 - ET TROJAN Feodo Banking Trojan Account Details Post (emerging-trojan.rules)
 2011863 - ET TROJAN Feodo Banking Trojan Receiving Configuration File (emerging-trojan.rules)
 2011864 - ET WEB_CLIENT Possible Oracle Java APPLET Tag Children Property Memory Corruption Attempt (emerging-web_client.rules)
 2011865 - ET WEB_CLIENT Embedded Executable File in PDF - This Program Cannot Be Run in DOS Mode (emerging-web_client.rules)
 2011866 - ET WEB_CLIENT Suspicious Embedded Shockwave Flash In PDF (emerging-web_client.rules)
 2011867 - ET ACTIVEX Trend Micro Internet Security Pro 2010 ActiveX extSetOwner Remote Code Execution Attempt (emerging-activex.rules)
 2011868 - ET WEB_CLIENT Possible Javascript obfuscation using app.setTimeOut in PDF in Order to Run Code (emerging-web_client.rules)
 2011869 - ET ACTIVEX Softek Barcode Reader Toolkit ActiveX Control Buffer Overflow Attempt (emerging-activex.rules)
 2011870 - ET ACTIVEX Softek Barcode Reader Toolkit ActiveX Control Format String Function Call (emerging-activex.rules)
 2011871 - ET POLICY SubmitToTDWTF.asmx DailyWTF Potential Source Code Leakage (emerging-policy.rules)
 2011872 - ET USER_AGENTS Suspicious Gbot UA Detected (emerging-user_agents.rules)
 2011873 - ET CURRENT_EVENTS Suspicious HTTP GET to JPG with query string (emerging-current_events.rules)
 2011874 - ET POLICY NSPlayer User-Agent Windows Media Player streaming detected (emerging-policy.rules)
 2011875 - ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter SELECT FROM SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011876 - ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter DELETE FROM SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011877 - ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter UNION SELECT SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011878 - ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter INSERT INTO SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011879 - ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter UPDATE SET SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011880 - ET WEB_SPECIFIC_APPS phpBazar picturelib.php Remote File inclusion Attempt (emerging-web_specific_apps.rules)
 2011881 - ET WEB_SPECIFIC_APPS Open Web Analytics mw_plugin.php IP Parameter Remote File inclusion Attempt (emerging-web_specific_apps.rules)
 2011882 - ET WEB_SPECIFIC_APPS Open Web Analytics owa_action Parameter Local File inclusion Attempt (emerging-web_specific_apps.rules)
 2011883 - ET WEB_SPECIFIC_APPS Open Web Analytics owa_do Parameter Local File inclusion Attempt (emerging-web_specific_apps.rules)
 2011884 - ET WEB_SPECIFIC_APPS iGaming CMS loadplugin.php load Parameter Local File inclusion Attempt (emerging-web_specific_apps.rules)


[///]     Modified active rules:     [///]

 2002995 - ET SCAN Rapid IMAPS Connections - Possible Brute Force Attack (emerging-scan.rules)
 2003085 - ET WEB_SPECIFIC_APPS TWiki Configure Script TYPEOF Remote Command Execution Attempt (emerging-web_specific_apps.rules)
 2003182 - ET TROJAN Prg Trojan v0.1-v0.3 Data Upload (emerging-trojan.rules)
 2003190 - ET TROJAN Win32.Lager Trojan Reporting Spam (emerging-trojan.rules)
 2003770 - ET WEB_SPECIFIC_APPS E-Annu SQL Injection Attempt -- home.php a SELECT (emerging-web_specific_apps.rules)
 2003771 - ET WEB_SPECIFIC_APPS E-Annu SQL Injection Attempt -- home.php a UNION SELECT (emerging-web_specific_apps.rules)
 2003772 - ET WEB_SPECIFIC_APPS E-Annu SQL Injection Attempt -- home.php a INSERT (emerging-web_specific_apps.rules)
 2003773 - ET WEB_SPECIFIC_APPS E-Annu SQL Injection Attempt -- home.php a DELETE (emerging-web_specific_apps.rules)
 2003774 - ET WEB_SPECIFIC_APPS E-Annu SQL Injection Attempt -- home.php a ASCII (emerging-web_specific_apps.rules)
 2003775 - ET WEB_SPECIFIC_APPS E-Annu SQL Injection Attempt -- home.php a UPDATE (emerging-web_specific_apps.rules)
 2003876 - ET WEB_SPECIFIC_APPS EQdkp XSS Attempt -- listmembers.php show (emerging-web_specific_apps.rules)
 2003877 - ET WEB_SPECIFIC_APPS EQdkp XSS Attempt -- stats.php show (emerging-web_specific_apps.rules)
 2003920 - ET WEB_SPECIFIC_APPS DVDdb XSS Attempt -- loan.php movieid (emerging-web_specific_apps.rules)
 2003921 - ET WEB_SPECIFIC_APPS DVDdb XSS Attempt -- listmovies.php s (emerging-web_specific_apps.rules)
 2003924 - ET SCAN WebHack Control Center User-Agent Inbound (WHCC/) (emerging-scan.rules)
 2004595 - ET WEB_SPECIFIC_APPS Digirez XSS Attempt -- info_book.asp Room_name (emerging-web_specific_apps.rules)
 2006449 - ET WEB_SPECIFIC_APPS Elxis CMS SQL Injection Attempt -- mod_banners.php SELECT (emerging-web_specific_apps.rules)
 2006450 - ET WEB_SPECIFIC_APPS Elxis CMS SQL Injection Attempt -- mod_banners.php UNION SELECT (emerging-web_specific_apps.rules)
 2006451 - ET WEB_SPECIFIC_APPS Elxis CMS SQL Injection Attempt -- mod_banners.php INSERT (emerging-web_specific_apps.rules)
 2006452 - ET WEB_SPECIFIC_APPS Elxis CMS SQL Injection Attempt -- mod_banners.php DELETE (emerging-web_specific_apps.rules)
 2006453 - ET WEB_SPECIFIC_APPS Elxis CMS SQL Injection Attempt -- mod_banners.php ASCII (emerging-web_specific_apps.rules)
 2006454 - ET WEB_SPECIFIC_APPS Elxis CMS SQL Injection Attempt -- mod_banners.php UPDATE (emerging-web_specific_apps.rules)
 2006554 - ET WEB_SPECIFIC_APPS EasyPage SQL Injection Attempt -- default.aspx docId SELECT (emerging-web_specific_apps.rules)
 2006555 - ET WEB_SPECIFIC_APPS EasyPage SQL Injection Attempt -- default.aspx docId UNION SELECT (emerging-web_specific_apps.rules)
 2006556 - ET WEB_SPECIFIC_APPS EasyPage SQL Injection Attempt -- default.aspx docId INSERT (emerging-web_specific_apps.rules)
 2006557 - ET WEB_SPECIFIC_APPS EasyPage SQL Injection Attempt -- default.aspx docId DELETE (emerging-web_specific_apps.rules)
 2006558 - ET WEB_SPECIFIC_APPS EasyPage SQL Injection Attempt -- default.aspx docId ASCII (emerging-web_specific_apps.rules)
 2006559 - ET WEB_SPECIFIC_APPS EasyPage SQL Injection Attempt -- default.aspx docId UPDATE (emerging-web_specific_apps.rules)
 2006689 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp iFile INSERT (emerging-web_specific_apps.rules)
 2006690 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp iFile DELETE (emerging-web_specific_apps.rules)
 2006691 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp iFile ASCII (emerging-web_specific_apps.rules)
 2006692 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp iFile UPDATE (emerging-web_specific_apps.rules)
 2006694 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp action SELECT (emerging-web_specific_apps.rules)
 2006695 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp action UNION SELECT (emerging-web_specific_apps.rules)
 2006696 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp action INSERT (emerging-web_specific_apps.rules)
 2006697 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp action DELETE (emerging-web_specific_apps.rules)
 2006698 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp action ASCII (emerging-web_specific_apps.rules)
 2006699 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp action UPDATE (emerging-web_specific_apps.rules)
 2006700 - ET WEB_SPECIFIC_APPS DUware DUpaypal SQL Injection Attempt -- detail.asp iType SELECT (emerging-web_specific_apps.rules)
 2006701 - ET WEB_SPECIFIC_APPS DUware DUpaypal SQL Injection Attempt -- detail.asp iType UNION SELECT (emerging-web_specific_apps.rules)
 2006702 - ET WEB_SPECIFIC_APPS DUware DUpaypal SQL Injection Attempt -- detail.asp iType INSERT (emerging-web_specific_apps.rules)
 2006703 - ET WEB_SPECIFIC_APPS DUware DUpaypal SQL Injection Attempt -- detail.asp iType DELETE (emerging-web_specific_apps.rules)
 2006704 - ET WEB_SPECIFIC_APPS DUware DUpaypal SQL Injection Attempt -- detail.asp iType ASCII (emerging-web_specific_apps.rules)
 2006705 - ET WEB_SPECIFIC_APPS DUware DUpaypal SQL Injection Attempt -- detail.asp iType UPDATE (emerging-web_specific_apps.rules)
 2006706 - ET WEB_SPECIFIC_APPS DuWare DuClassmate SQL Injection Attempt -- default.asp iCity SELECT (emerging-web_specific_apps.rules)
 2006707 - ET WEB_SPECIFIC_APPS DuWare DuClassmate SQL Injection Attempt -- default.asp iCity UNION SELECT (emerging-web_specific_apps.rules)
 2006708 - ET WEB_SPECIFIC_APPS DuWare DuClassmate SQL Injection Attempt -- default.asp iCity INSERT (emerging-web_specific_apps.rules)
 2006709 - ET WEB_SPECIFIC_APPS DuWare DuClassmate SQL Injection Attempt -- default.asp iCity DELETE (emerging-web_specific_apps.rules)
 2006710 - ET WEB_SPECIFIC_APPS DuWare DuClassmate SQL Injection Attempt -- default.asp iCity ASCII (emerging-web_specific_apps.rules)
 2006711 - ET WEB_SPECIFIC_APPS DuWare DuClassmate SQL Injection Attempt -- default.asp iCity UPDATE (emerging-web_specific_apps.rules)
 2006712 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews SELECT (emerging-web_specific_apps.rules)
 2006713 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews UNION SELECT (emerging-web_specific_apps.rules)
 2006714 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews INSERT (emerging-web_specific_apps.rules)
 2006715 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews DELETE (emerging-web_specific_apps.rules)
 2006716 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews ASCII (emerging-web_specific_apps.rules)
 2006717 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews UPDATE (emerging-web_specific_apps.rules)
 2006718 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iType SELECT (emerging-web_specific_apps.rules)
 2006719 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iType UNION SELECT (emerging-web_specific_apps.rules)
 2006720 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iType INSERT (emerging-web_specific_apps.rules)
 2006721 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iType DELETE (emerging-web_specific_apps.rules)
 2006722 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iType ASCII (emerging-web_specific_apps.rules)
 2006723 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iType UPDATE (emerging-web_specific_apps.rules)
 2006724 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp Action SELECT (emerging-web_specific_apps.rules)
 2006725 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp Action UNION SELECT (emerging-web_specific_apps.rules)
 2006726 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp Action INSERT (emerging-web_specific_apps.rules)
 2006727 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp Action DELETE (emerging-web_specific_apps.rules)
 2006728 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp Action ASCII (emerging-web_specific_apps.rules)
 2006729 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp Action UPDATE (emerging-web_specific_apps.rules)
 2007024 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp ad_id SELECT (emerging-web_specific_apps.rules)
 2007025 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp ad_id UNION SELECT (emerging-web_specific_apps.rules)
 2007026 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp ad_id INSERT (emerging-web_specific_apps.rules)
 2007027 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp ad_id DELETE (emerging-web_specific_apps.rules)
 2007028 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp ad_id ASCII (emerging-web_specific_apps.rules)
 2007029 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp ad_id UPDATE (emerging-web_specific_apps.rules)
 2007030 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dircat.asp cid SELECT (emerging-web_specific_apps.rules)
 2007031 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dircat.asp cid UNION SELECT (emerging-web_specific_apps.rules)
 2007032 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dircat.asp cid INSERT (emerging-web_specific_apps.rules)
 2007033 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dircat.asp cid DELETE (emerging-web_specific_apps.rules)
 2007034 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dircat.asp cid ASCII (emerging-web_specific_apps.rules)
 2007035 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dircat.asp cid UPDATE (emerging-web_specific_apps.rules)
 2007036 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dirSub.asp sid SELECT (emerging-web_specific_apps.rules)
 2007037 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dirSub.asp sid UNION SELECT (emerging-web_specific_apps.rules)
 2007038 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dirSub.asp sid INSERT (emerging-web_specific_apps.rules)
 2007039 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dirSub.asp sid DELETE (emerging-web_specific_apps.rules)
 2007040 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dirSub.asp sid ASCII (emerging-web_specific_apps.rules)
 2007041 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dirSub.asp sid UPDATE (emerging-web_specific_apps.rules)
 2007042 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp AD_ID SELECT (emerging-web_specific_apps.rules)
 2007043 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp AD_ID UNION SELECT (emerging-web_specific_apps.rules)
 2007044 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp AD_ID INSERT (emerging-web_specific_apps.rules)
 2007045 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp AD_ID DELETE (emerging-web_specific_apps.rules)
 2007046 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp AD_ID ASCII (emerging-web_specific_apps.rules)
 2007047 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp AD_ID UPDATE (emerging-web_specific_apps.rules)
 2007048 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp cat_id SELECT (emerging-web_specific_apps.rules)
 2007049 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp sub_id UPDATE (emerging-web_specific_apps.rules)
 2007050 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp cat_id INSERT (emerging-web_specific_apps.rules)
 2007051 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp cat_id DELETE (emerging-web_specific_apps.rules)
 2007052 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp cat_id ASCII (emerging-web_specific_apps.rules)
 2007053 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp cat_id UPDATE (emerging-web_specific_apps.rules)
 2007054 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp sub_id SELECT (emerging-web_specific_apps.rules)
 2007055 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp sub_id UNION SELECT (emerging-web_specific_apps.rules)
 2007056 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp sub_id INSERT (emerging-web_specific_apps.rules)
 2007057 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp sub_id DELETE (emerging-web_specific_apps.rules)
 2007058 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp sub_id ASCII (emerging-web_specific_apps.rules)
 2007059 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp cat_id UNION SELECT (emerging-web_specific_apps.rules)
 2007076 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dircat.asp cid SELECT (emerging-web_specific_apps.rules)
 2007077 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dircat.asp cid UNION SELECT (emerging-web_specific_apps.rules)
 2007078 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dircat.asp cid INSERT (emerging-web_specific_apps.rules)
 2007079 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dircat.asp cid DELETE (emerging-web_specific_apps.rules)
 2007080 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dircat.asp cid ASCII (emerging-web_specific_apps.rules)
 2007081 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dircat.asp cid UPDATE (emerging-web_specific_apps.rules)
 2007082 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dirSub.asp sid SELECT (emerging-web_specific_apps.rules)
 2007083 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dirSub.asp sid UNION SELECT (emerging-web_specific_apps.rules)
 2007084 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dirSub.asp sid INSERT (emerging-web_specific_apps.rules)
 2007085 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dirSub.asp sid DELETE (emerging-web_specific_apps.rules)
 2007086 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dirSub.asp sid ASCII (emerging-web_specific_apps.rules)
 2007087 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dirSub.asp sid UPDATE (emerging-web_specific_apps.rules)
 2007088 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- types.asp TYPE_ID SELECT (emerging-web_specific_apps.rules)
 2007090 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- types.asp TYPE_ID INSERT (emerging-web_specific_apps.rules)
 2007091 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- types.asp TYPE_ID DELETE (emerging-web_specific_apps.rules)
 2007092 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- types.asp TYPE_ID ASCII (emerging-web_specific_apps.rules)
 2007093 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- types.asp TYPE_ID UPDATE (emerging-web_specific_apps.rules)
 2007094 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- homeDetail.asp AD_ID SELECT (emerging-web_specific_apps.rules)
 2007095 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- homeDetail.asp AD_ID UNION SELECT (emerging-web_specific_apps.rules)
 2007096 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- homeDetail.asp AD_ID INSERT (emerging-web_specific_apps.rules)
 2007097 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- homeDetail.asp AD_ID DELETE (emerging-web_specific_apps.rules)
 2007098 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- homeDetail.asp AD_ID ASCII (emerging-web_specific_apps.rules)
 2007099 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- homeDetail.asp AD_ID UPDATE (emerging-web_specific_apps.rules)
 2007100 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- result.asp cat SELECT (emerging-web_specific_apps.rules)
 2007101 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- result.asp cat UNION SELECT (emerging-web_specific_apps.rules)
 2007102 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- result.asp cat INSERT (emerging-web_specific_apps.rules)
 2007103 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- result.asp cat DELETE (emerging-web_specific_apps.rules)
 2007104 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- result.asp cat ASCII (emerging-web_specific_apps.rules)
 2007105 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- result.asp cat UPDATE (emerging-web_specific_apps.rules)
 2007106 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- compareHomes.asp compare SELECT (emerging-web_specific_apps.rules)
 2007107 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- compareHomes.asp compare UNION SELECT (emerging-web_specific_apps.rules)
 2007108 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- compareHomes.asp compare INSERT (emerging-web_specific_apps.rules)
 2007109 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- compareHomes.asp compare DELETE (emerging-web_specific_apps.rules)
 2007110 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- compareHomes.asp compare ASCII (emerging-web_specific_apps.rules)
 2007111 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- compareHomes.asp compare UPDATE (emerging-web_specific_apps.rules)
 2007566 - ET TROJAN Downloader.MisleadApp Fake Security Product Install (emerging-trojan.rules)
 2007687 - ET TROJAN E-Jihad 3.0 DDoS HTTP Activity INBOUND (emerging-trojan.rules)
 2007688 - ET TROJAN Prg Trojan HTTP POST v1 (emerging-trojan.rules)
 2007724 - ET TROJAN Prg Trojan HTTP POST version 2 (emerging-trojan.rules)
 2007747 - ET TROJAN MBR Trojan (Sinowal/Mebroot/) Phoning Home (emerging-trojan.rules)
 2007748 - ET TROJAN NPRC Malicious POST Request Possible DOJ or DOT Malware (emerging-trojan.rules)
 2007774 - ET TROJAN Lop.gfr/Swizzor HTTP Update/Checkin (emerging-trojan.rules)
 2007775 - ET TROJAN Krunchy/BZub HTTP Checkin/Update (emerging-trojan.rules)
 2007776 - ET TROJAN Krunchy/BZub HTTP POST Update (emerging-trojan.rules)
 2007828 - ET TROJAN LDPinch Checkin (2) (emerging-trojan.rules)
 2007829 - ET TROJAN Illusion Bot (Lussilon) Checkin (emerging-trojan.rules)
 2007874 - ET EXPLOIT Now SMS/MMS Gateway HTTP BOF Vulnerability (emerging-exploit.rules)
 2008218 - ET TROJAN Optix Pro Trojan/Keylogger Reporting Installation via HTTP-Email Post (emerging-trojan.rules)
 2008317 - ET TROJAN Hitpop.AG/Pophot.az HTTP Checkin (emerging-trojan.rules)
 2008338 - ET TROJAN KLog Nick Keylogger Checkin (emerging-trojan.rules)
 2008346 - ET TROJAN Mitglieder Checkin (emerging-trojan.rules)
 2008347 - ET TROJAN Swizzor Checkin (emerging-trojan.rules)
 2008369 - ET TROJAN Keylogger Crack by bahman (emerging-trojan.rules)
 2008740 - ET TROJAN Ligats/DR.Ilomo Agent Post (emerging-trojan.rules)
 2008760 - ET TROJAN Insidebar.co.kr Related Infection Checkin (emerging-trojan.rules)
 2008864 - ET TROJAN Koobface Trojan HTTP Post Checkin (emerging-trojan.rules)
 2008891 - ET TROJAN MEREDROP/micr0s0fts.cn Related Checkin (emerging-trojan.rules)
 2008943 - ET TROJAN Lop_com or variant Checkin (9kgen_up) (emerging-trojan.rules)
 2009003 - ET TROJAN Win32/Korklic.A (emerging-trojan.rules)
 2009412 - ET TROJAN Generic Trojan Checkin (emerging-trojan.rules)
 2009442 - ET TROJAN Generic Trojan Checkin (2) (emerging-trojan.rules)
 2009443 - ET TROJAN NoBo Downloader Dropper GET (emerging-trojan.rules)
 2009776 - ET TROJAN Oficla Downloader Activity Observed (emerging-trojan.rules)
 2009805 - ET TROJAN Luder.B User-Agent (Mozilla/4.0 (SPGK)) - GET (emerging-trojan.rules)
 2009810 - ET TROJAN Swizzor-based Downloader - Invalid User-Agent (Mozilla/4.0 (compatible MSIE 7.0 na .NET CLR 2.0.50727 .NET CLR 3.0.4506.2152 .NET CLR 3.5.30729)) (emerging-trojan.rules)
 2009811 - ET TROJAN KillAV/Dropper/Mdrop/Hupigon - HTTP GET (emerging-trojan.rules)
 2009813 - ET TROJAN Trojan.MyDNS DNSChanger - HTTP POST (emerging-trojan.rules)
 2009826 - ET TROJAN Generic Backdoor Retrieve Instructions/Configs - HTTP GET (emerging-trojan.rules)
 2009832 - ET SCAN DCERPC rpcmgmt ifids Unauthenticated BIND (emerging-scan.rules)
 2010151 - ET TROJAN Koobface C&C availability check (emerging-trojan.rules)
 2010158 - ET TROJAN Nanspy Bot Checkin (emerging-trojan.rules)
 2010282 - ET TROJAN Generic Trojan Checkin (double Content-Type headers) (emerging-trojan.rules)
 2010439 - ET TROJAN Generic Trojan Checkin (UA VBTagEdit) (emerging-trojan.rules)
 2010700 - ET TROJAN Likely Koobface Beaconing (getexe) (emerging-trojan.rules)
 2010715 - ET SCAN ZmEu exploit scanner (emerging-scan.rules)
 2011173 - ET ACTIVEX Windows Help Center Arbitrary Command Execution Exploit Attempt (emerging-activex.rules)
 2011277 - ET TROJAN Generic Trojan HTTP Get (emerging-trojan.rules)
 2011816 - ET TROJAN Zeus POST Request to CnC (emerging-trojan.rules)
 2011827 - ET TROJAN Xilcter/Zeus related malware dropper reporting in (emerging-trojan.rules)
 2400000 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400001 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400002 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400003 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400004 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400005 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400006 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400007 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400008 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400009 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400010 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400011 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400012 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2401000 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401001 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401002 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401003 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401004 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401005 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401006 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401007 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401008 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401009 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401010 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401011 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401012 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2402000 - ET DROP Dshield Block Listed Source (emerging-dshield.rules)
 2402001 - ET DROP Dshield Block Listed Source (emerging-dshield.rules)
 2403000 - ET DROP Dshield Block Listed Source - BLOCKING (emerging-dshield-BLOCK.rules)
 2403001 - ET DROP Dshield Block Listed Source - BLOCKING (emerging-dshield-BLOCK.rules)


[///]    Modified inactive rules:    [///]

 2009441 - ET TROJAN Swizzor Family GET (emerging-trojan.rules)
 2011346 - ET WEB_CLIENT Possible Unescape Javascript Obfuscation Attempt (emerging-web_client.rules)


[---]         Disabled rules:        [---]

 2001929 - ET WEB_SPECIFIC_APPS XSS Possible Arbitrary Scripting Code Attack in phpBB (signature) (emerging-web_specific_apps.rules)
 2008127 - ET ACTIVEX Data Dynamics ActiveBar ActiveX Control (Actbar3.ocx 3.2) Multiple Insecure Methods (emerging-activex.rules)
 2008314 - ET CURRENT_EVENTS Iframe in Purported Image Download (gif) - Likely SQL Injection Attacks Related (emerging-current_events.rules)
 2011819 - ET MALWARE Zero Content-Length HTTP POST with data (outbound) (emerging-malware.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to emerging-drop-BLOCK.rules (2):
        #  VERSION 2068
        #  Generated 2010-10-24 00:03:02 EDT

     -> Added to emerging-drop.rules (2):
        #  VERSION 2068
        #  Generated 2010-10-24 00:03:02 EDT

     -> Added to emerging.conf (37):
        #var SSH_PORTS 22
        #include $RULE_PATH/emerging-ftp.rules
        #include $RULE_PATH/emerging-policy.rules
        #include $RULE_PATH/emerging-trojan.rules
        #include $RULE_PATH/emerging-games.rules
        #include $RULE_PATH/emerging-pop3.rules
        #include $RULE_PATH/emerging-user_agents.rules
        ##include $RULE_PATH/emerging-activex.rules
        #include $RULE_PATH/emerging-rpc.rules
        #include $RULE_PATH/emerging-virus.rules
        #include $RULE_PATH/emerging-attack_response.rules
        #include $RULE_PATH/emerging-icmp.rules
        #include $RULE_PATH/emerging-scan.rules
        #include $RULE_PATH/emerging-voip.rules
        #include $RULE_PATH/emerging-chat.rules
        ##include $RULE_PATH/emerging-icmp_info.rules
        ##include $RULE_PATH/emerging-shellcode.rules
        ##include $RULE_PATH/emerging-web_client.rules
        #include $RULE_PATH/emerging-imap.rules
        #include $RULE_PATH/emerging-web_server.rules
        #include $RULE_PATH/emerging-current_events.rules
        ##include $RULE_PATH/emerging-inappropriate.rules
        #include $RULE_PATH/emerging-smtp.rules
        ##include $RULE_PATH/emerging-web_specific_apps.rules
        ##include $RULE_PATH/emerging-deleted.rules
        #include $RULE_PATH/emerging-malware.rules
        #include $RULE_PATH/emerging-snmp.rules
        #include $RULE_PATH/emerging-worm.rules
        #include $RULE_PATH/emerging-dns.rules
        #include $RULE_PATH/emerging-misc.rules
        #include $RULE_PATH/emerging-sql.rules
        #include $RULE_PATH/emerging-dos.rules
        #include $RULE_PATH/emerging-netbios.rules
        #include $RULE_PATH/emerging-telnet.rules
        #include $RULE_PATH/emerging-exploit.rules
        #include $RULE_PATH/emerging-p2p.rules
        #include $RULE_PATH/emerging-tftp.rules

     -> Added to sid-msg.map (77):
        2011827 || ET TROJAN Xilcter/Zeus related malware dropper reporting in
        2011828 || ETPRO WEB_SPECIFIC_APPS 724CMS section.php Module Parameter Local File inclusion Attempt || url,packetstormsecurity.org/1005-exploits/724cms459-lfi.txt
        2011829 || ETPRO WEB_SPECIFIC_APPS MyOWNspace getfeed.php file Parameter Local File Inclusion Attempt(1) || url,inj3ct0r.com/exploits/12674
        2011830 || ETPRO WEB_SPECIFIC_APPS MyOWNspace getfeed.php file Parameter Local File Inclusion Attempt(2) || url,inj3ct0r.com/exploits/12674
        2011831 || ETPRO WEB_SPECIFIC_APPS CMS Board site_path Parameter Remote File Inclusion Attempt || url,packetstormsecurity.org/1010-exploits/cmsboard-rfi.txt
        2011832 || ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter SELECT FROM SQL Injection Attempt || url,inj3ct0r.com/exploits/14205
        2011833 || ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter DELETE FROM SQL Injection Attempt || url,inj3ct0r.com/exploits/14205
        2011834 || ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter UNION SELECT SQL Injection Attempt || url,inj3ct0r.com/exploits/14205
        2011835 || ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter UPDATE SET SQL Injection Attempt || url,inj3ct0r.com/exploits/14205
        2011836 || ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter INSERT INTO SQL Injection Attempt || url,inj3ct0r.com/exploits/14205
        2011837 || ETPRO WEB_SPECIFIC_APPS A6MamboHelpDesk Admin.a6mambohelpdesk.php Remote File inclusion Attempt || cve,CVE-2006-3930 || bugtraq,19198
        2011838 || ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter SELECT FROM SQL Injection Attempt || url,packetstormsecurity.com/1010-exploits/phpfusionmguser-sql.txt
        2011839 || ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter DELETE FROM SQL Injection Attempt || url,packetstormsecurity.com/1010-exploits/phpfusionmguser-sql.txt
        2011840 || ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter UNION SELECT SQL Injection Attempt || url,packetstormsecurity.com/1010-exploits/phpfusionmguser-sql.txt
        2011841 || ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter UPDATE SET SQL Injection Attempt || url,packetstormsecurity.com/1010-exploits/phpfusionmguser-sql.txt
        2011842 || ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter INSERT INTO SQL Injection Attempt || url,packetstormsecurity.com/1010-exploits/phpfusionmguser-sql.txt
        2011843 || ETPRO WEB_SPECIFIC_APPS BaconMap updatelist.php filepath Local File Inclusion Attempt || url,packetstormsecurity.com/1010-exploits/baconmap10-lfi.txt
        2011844 || ETPRO WEB_SPECIFIC_APPS Joomla com_rwcards mosConfig_absolute_path Remote File Inclusion Attempt || url,packetstormsecurity.com/1010-exploits/joomlarwcards-rfi.txt
        2011845 || ETPRO WEB_SPECIFIC_APPS Lantern CMS intPassedLocationID Parameter Cross Site Scripting Attempt || bugtraq,43865
        2011846 || ETPRO WEB_SPECIFIC_APPS OrangeHRM uri Parameter Local File Inclusion Attempt || url,exploit-db.com/exploits/15232
        2011847 || ETPRO WEB_SPECIFIC_APPS Joomla com_jomestate Parameter Remote File Inclusion Attempt || url,inj3ct0r.com/exploits/12835
        2011848 || ET TROJAN Win32/Comotor.A!dll Reporting 1 || url,microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Trojan%3AWin32%2FComotor.A!dll&ThreatID=-2147346593 || url,threatexpert.com/report.aspx?md5=5e1c680e70e423dd02e31ab9d689e40b
        2011849 || ET TROJAN Win32/Comotor.A!dll Reporting 2 || url,microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Trojan%3AWin32%2FComotor.A!dll&ThreatID=-2147346593 || url,threatexpert.com/report.aspx?md5=5e1c680e70e423dd02e31ab9d689e40b
        2011850 || ET TROJAN Carberp file download
        2011851 || ET TROJAN Carberp CnC request - POST id=imp
        2011852 || ET WEB_SPECIFIC_APPS W-Agora search.php bn Parameter Cross Site Scripting Attempt || bugtraq,44370
        2011853 || ET WEB_SPECIFIC_APPS W-Agora search.php bn Parameter Local File Inclusion Attempt || bugtraq,44370
        2011854 || ET POLICY Java JAR file download
        2011855 || ET POLICY Java JAR Download Attempt || url,blogs.technet.com/b/mmpc/archive/2010/10/18/have-you-checked-the-java.aspx
        2011856 || ET MALWARE HTML.Psyme.Gen Reporting || url,threatexpert.com/report.aspx?md5=de1adb1df396863e7e3967271e7db734
        2011857 || ET TROJAN SpyEye C&C Check-in URI || url,krebsonsecurity.com/2010/10/spyeye-v-zeus-rivalry-ends-in-quiet-merger/ || url,www.symantec.com/connect/blogs/spyeye-bot-versus-zeus-bot
        2011858 || ET TROJAN SpyEye style HTTP Header GET structure || url,krebsonsecurity.com/2010/10/spyeye-v-zeus-rivalry-ends-in-quiet-merger/ || url,www.symantec.com/connect/blogs/spyeye-bot-versus-zeus-bot
        2011860 || ET WEB_SPECIFIC_APPS Oracle Fusion Middleware BPEL Console Cross Site Scripting || cve,2010-3581 || bid,43954
        2011861 || ET CURRENT_EVENTS Bredolab CnC URL Detected || url,blog.fireeye.com/.a/6a00d835018afd53ef013488839529970c-pi
        2011862 || ET TROJAN Feodo Banking Trojan Account Details Post || url,blog.fireeye.com/research/2010/10/feodosoff-a-new-botnet-on-the-rise.html#more
        2011863 || ET TROJAN Feodo Banking Trojan Receiving Configuration File || url,blog.fireeye.com/research/2010/10/feodosoff-a-new-botnet-on-the-rise.html
        2011864 || ET WEB_CLIENT Possible Oracle Java APPLET Tag Children Property Memory Corruption Attempt || url,www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html || url,code.google.com/p/skylined/issues/detail?id=18
        2011865 || ET WEB_CLIENT Embedded Executable File in PDF - This Program Cannot Be Run in DOS Mode
        2011866 || ET WEB_CLIENT Suspicious Embedded Shockwave Flash In PDF
        2011867 || ET ACTIVEX Trend Micro Internet Security Pro 2010 ActiveX extSetOwner Remote Code Execution Attempt || url,www.exploit-db.com/trend-micro-internet-security-pro-2010-activex-extsetowner-remote-code-execution/
        2011868 || ET WEB_CLIENT Possible Javascript obfuscation using app.setTimeOut in PDF in Order to Run Code || url,www.vicheck.ca/md5query.php?hash=6932d141916cd95e3acaa3952c7596e4 || url,www.h-online.com/security/features/CSI-Internet-PDF-timebomb-1038864.html?page=4
        2011869 || ET ACTIVEX Softek Barcode Reader Toolkit ActiveX Control Buffer Overflow Attempt || url,exploit-db.com/exploits/15071
        2011870 || ET ACTIVEX Softek Barcode Reader Toolkit ActiveX Control Format String Function Call || url,exploit-db.com/exploits/15071/
        2011871 || ET POLICY SubmitToTDWTF.asmx DailyWTF Potential Source Code Leakage || url,code.google.com/p/submittotdwtf/source/browse/trunk/ || url,thedailywtf.com/Articles/Submit-WTF-Code-Directly-From-Your-IDE.aspx
        2011872 || ET USER_AGENTS Suspicious Gbot UA Detected
        2011873 || ET CURRENT_EVENTS Suspicious HTTP GET to JPG with query string
        2011874 || ET POLICY NSPlayer User-Agent Windows Media Player streaming detected || url,msdn.microsoft.com/en-us/library/cc234851
        2011875 || ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter SELECT FROM SQL Injection Attempt || url,exploit-db.com/exploits/15309/
        2011876 || ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter DELETE FROM SQL Injection Attempt || url,exploit-db.com/exploits/15309/
        2011877 || ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter UNION SELECT SQL Injection Attempt || url,exploit-db.com/exploits/15309/
        2011878 || ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter INSERT INTO SQL Injection Attempt || url,exploit-db.com/exploits/15309/
        2011879 || ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter UPDATE SET SQL Injection Attempt || url,exploit-db.com/exploits/15309/
        2011880 || ET WEB_SPECIFIC_APPS phpBazar picturelib.php Remote File inclusion Attempt || url,exploit-db.com/exploits/12855/ || cve,CVE-2010-2315
        2011881 || ET WEB_SPECIFIC_APPS Open Web Analytics mw_plugin.php IP Parameter Remote File inclusion Attempt || url,exploit-db.com/exploits/11903/
        2011882 || ET WEB_SPECIFIC_APPS Open Web Analytics owa_action Parameter Local File inclusion Attempt || url,exploit-db.com/exploits/11903/
        2011883 || ET WEB_SPECIFIC_APPS Open Web Analytics owa_do Parameter Local File inclusion Attempt || url,exploit-db.com/exploits/11903/
        2011884 || ET WEB_SPECIFIC_APPS iGaming CMS loadplugin.php load Parameter Local File inclusion Attempt || url,packetstormsecurity.org/1010-exploits/igamingcms-lfi.txt
        2500538 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (270) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500539 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (270) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500540 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (271) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500541 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (271) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500542 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (272) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500543 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (272) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500544 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (273) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500545 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (273) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500546 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (274) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500547 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (274) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510538 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (270) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510539 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (270) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510540 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (271) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510541 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (271) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510542 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (272) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510543 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (272) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510544 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (273) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510545 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (273) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510546 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (274) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510547 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (274) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts

[---]     Removed non-rule lines:    [---]

     -> Removed from emerging-drop-BLOCK.rules (2):
        #  VERSION 2067
        #  Generated 2010-10-23 00:03:02 EDT

     -> Removed from emerging-drop.rules (2):
        #  VERSION 2067
        #  Generated 2010-10-23 00:03:02 EDT

     -> Removed from emerging.conf (37):
        var SSH_PORTS 22
        include $RULE_PATH/emerging-ftp.rules
        include $RULE_PATH/emerging-policy.rules
        include $RULE_PATH/emerging-trojan.rules
        include $RULE_PATH/emerging-games.rules
        include $RULE_PATH/emerging-pop3.rules
        include $RULE_PATH/emerging-user_agents.rules
        #include $RULE_PATH/emerging-activex.rules
        include $RULE_PATH/emerging-rpc.rules
        include $RULE_PATH/emerging-virus.rules
        include $RULE_PATH/emerging-attack_response.rules
        include $RULE_PATH/emerging-icmp.rules
        include $RULE_PATH/emerging-scan.rules
        include $RULE_PATH/emerging-voip.rules
        include $RULE_PATH/emerging-chat.rules
        #include $RULE_PATH/emerging-icmp_info.rules
        #include $RULE_PATH/emerging-shellcode.rules
        #include $RULE_PATH/emerging-web_client.rules
        include $RULE_PATH/emerging-imap.rules
        include $RULE_PATH/emerging-web_server.rules
        include $RULE_PATH/emerging-current_events.rules
        #include $RULE_PATH/emerging-inappropriate.rules
        include $RULE_PATH/emerging-smtp.rules
        #include $RULE_PATH/emerging-web_specific_apps.rules
        #include $RULE_PATH/emerging-deleted.rules
        include $RULE_PATH/emerging-malware.rules
        include $RULE_PATH/emerging-snmp.rules
        include $RULE_PATH/emerging-worm.rules
        include $RULE_PATH/emerging-dns.rules
        include $RULE_PATH/emerging-misc.rules
        include $RULE_PATH/emerging-sql.rules
        include $RULE_PATH/emerging-dos.rules
        include $RULE_PATH/emerging-netbios.rules
        include $RULE_PATH/emerging-telnet.rules
        include $RULE_PATH/emerging-exploit.rules
        include $RULE_PATH/emerging-p2p.rules
        include $RULE_PATH/emerging-tftp.rules

     -> Removed from sid-msg.map (17):
        2011827 || ET TROJAN Zeus related malware dropper reporting in
        2404298 || ET DROP Known Bot C&C Server Traffic TCP (group 150)  || url,www.shadowserver.org
        2404299 || ET DROP Known Bot C&C Server Traffic UDP (group 150)  || url,www.shadowserver.org
        2404300 || ET DROP Known Bot C&C Server Traffic TCP (group 151)  || url,www.shadowserver.org
        2404301 || ET DROP Known Bot C&C Server Traffic UDP (group 151)  || url,www.shadowserver.org
        2404302 || ET DROP Known Bot C&C Server Traffic TCP (group 152)  || url,www.shadowserver.org
        2404303 || ET DROP Known Bot C&C Server Traffic UDP (group 152)  || url,www.shadowserver.org
        2404304 || ET DROP Known Bot C&C Server Traffic TCP (group 153)  || url,www.shadowserver.org
        2404305 || ET DROP Known Bot C&C Server Traffic UDP (group 153)  || url,www.shadowserver.org
        2405298 || ET DROP Known Bot C&C Traffic TCP (group 150) - BLOCKING SOURCE || url,www.shadowserver.org
        2405299 || ET DROP Known Bot C&C Traffic UDP (group 150) - BLOCKING SOURCE || url,www.shadowserver.org
        2405300 || ET DROP Known Bot C&C Traffic TCP (group 151) - BLOCKING SOURCE || url,www.shadowserver.org
        2405301 || ET DROP Known Bot C&C Traffic UDP (group 151) - BLOCKING SOURCE || url,www.shadowserver.org
        2405302 || ET DROP Known Bot C&C Traffic TCP (group 152) - BLOCKING SOURCE || url,www.shadowserver.org
        2405303 || ET DROP Known Bot C&C Traffic UDP (group 152) - BLOCKING SOURCE || url,www.shadowserver.org
        2405304 || ET DROP Known Bot C&C Traffic TCP (group 153) - BLOCKING SOURCE || url,www.shadowserver.org
        2405305 || ET DROP Known Bot C&C Traffic UDP (group 153) - BLOCKING SOURCE || url,www.shadowserver.org

*********************** snort-2.8.6 open ***********************

[***] Results from Oinkmaster started Sat Oct 30 16:01:20 2010 [***]

[+++]          Added rules:          [+++]

 2011828 - ETPRO WEB_SPECIFIC_APPS 724CMS section.php Module Parameter Local File inclusion Attempt (emerging-web_specific_apps.rules)
 2011829 - ETPRO WEB_SPECIFIC_APPS MyOWNspace getfeed.php file Parameter Local File Inclusion Attempt(1) (emerging-web_specific_apps.rules)
 2011830 - ETPRO WEB_SPECIFIC_APPS MyOWNspace getfeed.php file Parameter Local File Inclusion Attempt(2) (emerging-web_specific_apps.rules)
 2011831 - ETPRO WEB_SPECIFIC_APPS CMS Board site_path Parameter Remote File Inclusion Attempt (emerging-web_specific_apps.rules)
 2011832 - ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter SELECT FROM SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011833 - ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter DELETE FROM SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011834 - ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter UNION SELECT SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011835 - ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter UPDATE SET SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011836 - ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter INSERT INTO SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011837 - ETPRO WEB_SPECIFIC_APPS A6MamboHelpDesk Admin.a6mambohelpdesk.php Remote File inclusion Attempt (emerging-web_specific_apps.rules)
 2011838 - ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter SELECT FROM SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011839 - ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter DELETE FROM SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011840 - ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter UNION SELECT SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011841 - ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter UPDATE SET SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011842 - ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter INSERT INTO SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011843 - ETPRO WEB_SPECIFIC_APPS BaconMap updatelist.php filepath Local File Inclusion Attempt (emerging-web_specific_apps.rules)
 2011844 - ETPRO WEB_SPECIFIC_APPS Joomla com_rwcards mosConfig_absolute_path Remote File Inclusion Attempt (emerging-web_specific_apps.rules)
 2011845 - ETPRO WEB_SPECIFIC_APPS Lantern CMS intPassedLocationID Parameter Cross Site Scripting Attempt (emerging-web_specific_apps.rules)
 2011846 - ETPRO WEB_SPECIFIC_APPS OrangeHRM uri Parameter Local File Inclusion Attempt (emerging-web_specific_apps.rules)
 2011847 - ETPRO WEB_SPECIFIC_APPS Joomla com_jomestate Parameter Remote File Inclusion Attempt (emerging-web_specific_apps.rules)
 2011848 - ET TROJAN Win32/Comotor.A!dll Reporting 1 (emerging-trojan.rules)
 2011849 - ET TROJAN Win32/Comotor.A!dll Reporting 2 (emerging-trojan.rules)
 2011850 - ET TROJAN Carberp file download (emerging-trojan.rules)
 2011851 - ET TROJAN Carberp CnC request - POST id=imp (emerging-trojan.rules)
 2011852 - ET WEB_SPECIFIC_APPS W-Agora search.php bn Parameter Cross Site Scripting Attempt (emerging-web_specific_apps.rules)
 2011853 - ET WEB_SPECIFIC_APPS W-Agora search.php bn Parameter Local File Inclusion Attempt (emerging-web_specific_apps.rules)
 2011854 - ET POLICY Java JAR file download (emerging-policy.rules)
 2011855 - ET POLICY Java JAR Download Attempt (emerging-policy.rules)
 2011856 - ET MALWARE HTML.Psyme.Gen Reporting (emerging-malware.rules)
 2011857 - ET TROJAN SpyEye C&C Check-in URI (emerging-trojan.rules)
 2011858 - ET TROJAN SpyEye style HTTP Header GET structure (emerging-trojan.rules)
 2011860 - ET WEB_SPECIFIC_APPS Oracle Fusion Middleware BPEL Console Cross Site Scripting (emerging-web_specific_apps.rules)
 2011861 - ET CURRENT_EVENTS Bredolab CnC URL Detected (emerging-current_events.rules)
 2011862 - ET TROJAN Feodo Banking Trojan Account Details Post (emerging-trojan.rules)
 2011863 - ET TROJAN Feodo Banking Trojan Receiving Configuration File (emerging-trojan.rules)
 2011864 - ET WEB_CLIENT Possible Oracle Java APPLET Tag Children Property Memory Corruption Attempt (emerging-web_client.rules)
 2011865 - ET WEB_CLIENT Embedded Executable File in PDF - This Program Cannot Be Run in DOS Mode (emerging-web_client.rules)
 2011866 - ET WEB_CLIENT Suspicious Embedded Shockwave Flash In PDF (emerging-web_client.rules)
 2011867 - ET ACTIVEX Trend Micro Internet Security Pro 2010 ActiveX extSetOwner Remote Code Execution Attempt (emerging-activex.rules)
 2011868 - ET WEB_CLIENT Possible Javascript obfuscation using app.setTimeOut in PDF in Order to Run Code (emerging-web_client.rules)
 2011869 - ET ACTIVEX Softek Barcode Reader Toolkit ActiveX Control Buffer Overflow Attempt (emerging-activex.rules)
 2011870 - ET ACTIVEX Softek Barcode Reader Toolkit ActiveX Control Format String Function Call (emerging-activex.rules)
 2011871 - ET POLICY SubmitToTDWTF.asmx DailyWTF Potential Source Code Leakage (emerging-policy.rules)
 2011872 - ET USER_AGENTS Suspicious Gbot UA Detected (emerging-user_agents.rules)
 2011873 - ET CURRENT_EVENTS Suspicious HTTP GET to JPG with query string (emerging-current_events.rules)
 2011874 - ET POLICY NSPlayer User-Agent Windows Media Player streaming detected (emerging-policy.rules)
 2011875 - ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter SELECT FROM SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011876 - ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter DELETE FROM SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011877 - ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter UNION SELECT SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011878 - ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter INSERT INTO SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011879 - ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter UPDATE SET SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011880 - ET WEB_SPECIFIC_APPS phpBazar picturelib.php Remote File inclusion Attempt (emerging-web_specific_apps.rules)
 2011881 - ET WEB_SPECIFIC_APPS Open Web Analytics mw_plugin.php IP Parameter Remote File inclusion Attempt (emerging-web_specific_apps.rules)
 2011882 - ET WEB_SPECIFIC_APPS Open Web Analytics owa_action Parameter Local File inclusion Attempt (emerging-web_specific_apps.rules)
 2011883 - ET WEB_SPECIFIC_APPS Open Web Analytics owa_do Parameter Local File inclusion Attempt (emerging-web_specific_apps.rules)
 2011884 - ET WEB_SPECIFIC_APPS iGaming CMS loadplugin.php load Parameter Local File inclusion Attempt (emerging-web_specific_apps.rules)


[///]     Modified active rules:     [///]

    2318 - GPL EXPLOIT CVS non-relative path access attempt (emerging-exploit.rules)
 2001901 - ET TROJAN Possible Bobax trojan infection (emerging-trojan.rules)
 2002995 - ET SCAN Rapid IMAPS Connections - Possible Brute Force Attack (emerging-scan.rules)
 2003085 - ET WEB_SPECIFIC_APPS TWiki Configure Script TYPEOF Remote Command Execution Attempt (emerging-web_specific_apps.rules)
 2003182 - ET TROJAN Prg Trojan v0.1-v0.3 Data Upload (emerging-trojan.rules)
 2003190 - ET TROJAN Win32.Lager Trojan Reporting Spam (emerging-trojan.rules)
 2003679 - ET WEB_SPECIFIC_APPS DynamicPAD Remote Inclusion Attempt -- dp_logs.php HomeDir (emerging-web_specific_apps.rules)
 2003682 - ET WEB_SPECIFIC_APPS E-Gads Remote Inclusion Attempt -- common.php locale (emerging-web_specific_apps.rules)
 2003770 - ET WEB_SPECIFIC_APPS E-Annu SQL Injection Attempt -- home.php a SELECT (emerging-web_specific_apps.rules)
 2003771 - ET WEB_SPECIFIC_APPS E-Annu SQL Injection Attempt -- home.php a UNION SELECT (emerging-web_specific_apps.rules)
 2003772 - ET WEB_SPECIFIC_APPS E-Annu SQL Injection Attempt -- home.php a INSERT (emerging-web_specific_apps.rules)
 2003773 - ET WEB_SPECIFIC_APPS E-Annu SQL Injection Attempt -- home.php a DELETE (emerging-web_specific_apps.rules)
 2003774 - ET WEB_SPECIFIC_APPS E-Annu SQL Injection Attempt -- home.php a ASCII (emerging-web_specific_apps.rules)
 2003775 - ET WEB_SPECIFIC_APPS E-Annu SQL Injection Attempt -- home.php a UPDATE (emerging-web_specific_apps.rules)
 2003876 - ET WEB_SPECIFIC_APPS EQdkp XSS Attempt -- listmembers.php show (emerging-web_specific_apps.rules)
 2003877 - ET WEB_SPECIFIC_APPS EQdkp XSS Attempt -- stats.php show (emerging-web_specific_apps.rules)
 2003920 - ET WEB_SPECIFIC_APPS DVDdb XSS Attempt -- loan.php movieid (emerging-web_specific_apps.rules)
 2003921 - ET WEB_SPECIFIC_APPS DVDdb XSS Attempt -- listmovies.php s (emerging-web_specific_apps.rules)
 2003924 - ET SCAN WebHack Control Center User-Agent Inbound (WHCC/) (emerging-scan.rules)
 2004047 - ET WEB_SPECIFIC_APPS Dokeos SQL Injection Attempt -- courseLog.php scormcontopen SELECT (emerging-web_specific_apps.rules)
 2004048 - ET WEB_SPECIFIC_APPS Dokeos SQL Injection Attempt -- courseLog.php scormcontopen UNION SELECT (emerging-web_specific_apps.rules)
 2004049 - ET WEB_SPECIFIC_APPS Dokeos SQL Injection Attempt -- courseLog.php scormcontopen INSERT (emerging-web_specific_apps.rules)
 2004050 - ET WEB_SPECIFIC_APPS Dokeos SQL Injection Attempt -- courseLog.php scormcontopen DELETE (emerging-web_specific_apps.rules)
 2004051 - ET WEB_SPECIFIC_APPS Dokeos SQL Injection Attempt -- courseLog.php scormcontopen ASCII (emerging-web_specific_apps.rules)
 2004052 - ET WEB_SPECIFIC_APPS Dokeos SQL Injection Attempt -- courseLog.php scormcontopen UPDATE (emerging-web_specific_apps.rules)
 2004065 - ET WEB_SPECIFIC_APPS Dokeos SQL Injection Attempt -- my_progress.php course SELECT (emerging-web_specific_apps.rules)
 2004066 - ET WEB_SPECIFIC_APPS Dokeos SQL Injection Attempt -- my_progress.php course UNION SELECT (emerging-web_specific_apps.rules)
 2004067 - ET WEB_SPECIFIC_APPS Dokeos SQL Injection Attempt -- my_progress.php course INSERT (emerging-web_specific_apps.rules)
 2004068 - ET WEB_SPECIFIC_APPS Dokeos SQL Injection Attempt -- my_progress.php course DELETE (emerging-web_specific_apps.rules)
 2004069 - ET WEB_SPECIFIC_APPS Dokeos SQL Injection Attempt -- my_progress.php course ASCII (emerging-web_specific_apps.rules)
 2004070 - ET WEB_SPECIFIC_APPS Dokeos SQL Injection Attempt -- my_progress.php course UPDATE (emerging-web_specific_apps.rules)
 2004385 - ET WEB_SPECIFIC_APPS fystyq Duyuru Scripti SQL Injection Attempt -- goster.asp id SELECT (emerging-web_specific_apps.rules)
 2004386 - ET WEB_SPECIFIC_APPS fystyq Duyuru Scripti SQL Injection Attempt -- goster.asp id UNION SELECT (emerging-web_specific_apps.rules)
 2004387 - ET WEB_SPECIFIC_APPS fystyq Duyuru Scripti SQL Injection Attempt -- goster.asp id INSERT (emerging-web_specific_apps.rules)
 2004388 - ET WEB_SPECIFIC_APPS fystyq Duyuru Scripti SQL Injection Attempt -- goster.asp id DELETE (emerging-web_specific_apps.rules)
 2004389 - ET WEB_SPECIFIC_APPS fystyq Duyuru Scripti SQL Injection Attempt -- goster.asp id ASCII (emerging-web_specific_apps.rules)
 2004390 - ET WEB_SPECIFIC_APPS fystyq Duyuru Scripti SQL Injection Attempt -- goster.asp id UPDATE (emerging-web_specific_apps.rules)
 2004593 - ET WEB_SPECIFIC_APPS Dokeos XSS Attempt -- editor.php img (emerging-web_specific_apps.rules)
 2004595 - ET WEB_SPECIFIC_APPS Digirez XSS Attempt -- info_book.asp Room_name (emerging-web_specific_apps.rules)
 2004596 - ET WEB_SPECIFIC_APPS Digirez XSS Attempt -- week.asp curYear (emerging-web_specific_apps.rules)
 2004624 - ET WEB_SPECIFIC_APPS EQdkp SQL Injection Attempt -- listmembers.php rank SELECT (emerging-web_specific_apps.rules)
 2004625 - ET WEB_SPECIFIC_APPS EQdkp SQL Injection Attempt -- listmembers.php rank UNION SELECT (emerging-web_specific_apps.rules)
 2004626 - ET WEB_SPECIFIC_APPS EQdkp SQL Injection Attempt -- listmembers.php rank INSERT (emerging-web_specific_apps.rules)
 2004627 - ET WEB_SPECIFIC_APPS EQdkp SQL Injection Attempt -- listmembers.php rank DELETE (emerging-web_specific_apps.rules)
 2004628 - ET WEB_SPECIFIC_APPS EQdkp SQL Injection Attempt -- listmembers.php rank ASCII (emerging-web_specific_apps.rules)
 2004629 - ET WEB_SPECIFIC_APPS EQdkp SQL Injection Attempt -- listmembers.php rank UPDATE (emerging-web_specific_apps.rules)
 2004834 - ET WEB_SPECIFIC_APPS Design4Online UserPages2 SQL Injection Attempt -- page.asp art_id SELECT (emerging-web_specific_apps.rules)
 2004835 - ET WEB_SPECIFIC_APPS Design4Online UserPages2 SQL Injection Attempt -- page.asp art_id UNION SELECT (emerging-web_specific_apps.rules)
 2004836 - ET WEB_SPECIFIC_APPS Design4Online UserPages2 SQL Injection Attempt -- page.asp art_id INSERT (emerging-web_specific_apps.rules)
 2004837 - ET WEB_SPECIFIC_APPS Design4Online UserPages2 SQL Injection Attempt -- page.asp art_id DELETE (emerging-web_specific_apps.rules)
 2004838 - ET WEB_SPECIFIC_APPS Design4Online UserPages2 SQL Injection Attempt -- page.asp art_id ASCII (emerging-web_specific_apps.rules)
 2004839 - ET WEB_SPECIFIC_APPS Design4Online UserPages2 SQL Injection Attempt -- page.asp art_id UPDATE (emerging-web_specific_apps.rules)
 2005039 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- add_comment.php i SELECT (emerging-web_specific_apps.rules)
 2005040 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- add_comment.php i UNION SELECT (emerging-web_specific_apps.rules)
 2005041 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- add_comment.php i INSERT (emerging-web_specific_apps.rules)
 2005042 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- add_comment.php i DELETE (emerging-web_specific_apps.rules)
 2005043 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- add_comment.php i ASCII (emerging-web_specific_apps.rules)
 2005044 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- add_comment.php post_id SELECT (emerging-web_specific_apps.rules)
 2005045 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- add_comment.php i UPDATE (emerging-web_specific_apps.rules)
 2005046 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- add_comment.php post_id UNION SELECT (emerging-web_specific_apps.rules)
 2005047 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- add_comment.php post_id INSERT (emerging-web_specific_apps.rules)
 2005048 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- add_comment.php post_id DELETE (emerging-web_specific_apps.rules)
 2005049 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- add_comment.php post_id ASCII (emerging-web_specific_apps.rules)
 2005050 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- add_comment.php post_id UPDATE (emerging-web_specific_apps.rules)
 2005051 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- list_comments.php i SELECT (emerging-web_specific_apps.rules)
 2005052 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- list_comments.php i UNION SELECT (emerging-web_specific_apps.rules)
 2005053 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- list_comments.php i INSERT (emerging-web_specific_apps.rules)
 2005054 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- list_comments.php i DELETE (emerging-web_specific_apps.rules)
 2005055 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- list_comments.php i ASCII (emerging-web_specific_apps.rules)
 2005056 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- list_comments.php i UPDATE (emerging-web_specific_apps.rules)
 2005268 - ET WEB_SPECIFIC_APPS Easebay Resources Paypal Subscription Manager SQL Injection Attempt -- memberlist.php keyword SELECT (emerging-web_specific_apps.rules)
 2005269 - ET WEB_SPECIFIC_APPS Easebay Resources Paypal Subscription Manager SQL Injection Attempt -- memberlist.php keyword UNION SELECT (emerging-web_specific_apps.rules)
 2005270 - ET WEB_SPECIFIC_APPS Easebay Resources Paypal Subscription Manager SQL Injection Attempt -- memberlist.php keyword INSERT (emerging-web_specific_apps.rules)
 2005271 - ET WEB_SPECIFIC_APPS Easebay Resources Paypal Subscription Manager SQL Injection Attempt -- memberlist.php keyword DELETE (emerging-web_specific_apps.rules)
 2005272 - ET WEB_SPECIFIC_APPS Easebay Resources Paypal Subscription Manager SQL Injection Attempt -- memberlist.php keyword ASCII (emerging-web_specific_apps.rules)
 2005273 - ET WEB_SPECIFIC_APPS Easebay Resources Paypal Subscription Manager SQL Injection Attempt -- memberlist.php keyword UPDATE (emerging-web_specific_apps.rules)
 2005274 - ET WEB_SPECIFIC_APPS Easebay Resources Login Manager SQL Injection Attempt -- memberlist.php init_row SELECT (emerging-web_specific_apps.rules)
 2005275 - ET WEB_SPECIFIC_APPS Easebay Resources Login Manager SQL Injection Attempt -- memberlist.php init_row UNION SELECT (emerging-web_specific_apps.rules)
 2005276 - ET WEB_SPECIFIC_APPS Easebay Resources Login Manager SQL Injection Attempt -- memberlist.php init_row INSERT (emerging-web_specific_apps.rules)
 2005277 - ET WEB_SPECIFIC_APPS Easebay Resources Login Manager SQL Injection Attempt -- memberlist.php init_row DELETE (emerging-web_specific_apps.rules)
 2005278 - ET WEB_SPECIFIC_APPS Easebay Resources Login Manager SQL Injection Attempt -- memberlist.php init_row ASCII (emerging-web_specific_apps.rules)
 2005279 - ET WEB_SPECIFIC_APPS Easebay Resources Login Manager SQL Injection Attempt -- memberlist.php init_row UPDATE (emerging-web_specific_apps.rules)
 2005591 - ET WEB_SPECIFIC_APPS Digiappz DigiAffiliate SQL Injection Attempt -- visu_user.asp id SELECT (emerging-web_specific_apps.rules)
 2005592 - ET WEB_SPECIFIC_APPS Digiappz DigiAffiliate SQL Injection Attempt -- visu_user.asp id UNION SELECT (emerging-web_specific_apps.rules)
 2005593 - ET WEB_SPECIFIC_APPS Digiappz DigiAffiliate SQL Injection Attempt -- visu_user.asp id INSERT (emerging-web_specific_apps.rules)
 2005594 - ET WEB_SPECIFIC_APPS Digiappz DigiAffiliate SQL Injection Attempt -- visu_user.asp id DELETE (emerging-web_specific_apps.rules)
 2005595 - ET WEB_SPECIFIC_APPS Digiappz DigiAffiliate SQL Injection Attempt -- visu_user.asp id ASCII (emerging-web_specific_apps.rules)
 2005596 - ET WEB_SPECIFIC_APPS Digiappz DigiAffiliate SQL Injection Attempt -- visu_user.asp id UPDATE (emerging-web_specific_apps.rules)
 2005835 - ET WEB_SPECIFIC_APPS Digirez SQL Injection Attempt -- info_book.asp book_id SELECT (emerging-web_specific_apps.rules)
 2005836 - ET WEB_SPECIFIC_APPS Digirez SQL Injection Attempt -- info_book.asp book_id UNION SELECT (emerging-web_specific_apps.rules)
 2005837 - ET WEB_SPECIFIC_APPS Digirez SQL Injection Attempt -- info_book.asp book_id INSERT (emerging-web_specific_apps.rules)
 2005838 - ET WEB_SPECIFIC_APPS Digirez SQL Injection Attempt -- info_book.asp book_id DELETE (emerging-web_specific_apps.rules)
 2005839 - ET WEB_SPECIFIC_APPS Digirez SQL Injection Attempt -- info_book.asp book_id ASCII (emerging-web_specific_apps.rules)
 2005840 - ET WEB_SPECIFIC_APPS Digirez SQL Injection Attempt -- info_book.asp book_id UPDATE (emerging-web_specific_apps.rules)
 2005895 - ET WEB_SPECIFIC_APPS Digitizing Quote And Ordering System SQL Injection Attempt -- search.asp ordernum SELECT (emerging-web_specific_apps.rules)
 2005896 - ET WEB_SPECIFIC_APPS Digitizing Quote And Ordering System SQL Injection Attempt -- search.asp ordernum UNION SELECT (emerging-web_specific_apps.rules)
 2005897 - ET WEB_SPECIFIC_APPS Digitizing Quote And Ordering System SQL Injection Attempt -- search.asp ordernum INSERT (emerging-web_specific_apps.rules)
 2005898 - ET WEB_SPECIFIC_APPS Digitizing Quote And Ordering System SQL Injection Attempt -- search.asp ordernum DELETE (emerging-web_specific_apps.rules)
 2005899 - ET WEB_SPECIFIC_APPS Digitizing Quote And Ordering System SQL Injection Attempt -- search.asp ordernum ASCII (emerging-web_specific_apps.rules)
 2005900 - ET WEB_SPECIFIC_APPS Digitizing Quote And Ordering System SQL Injection Attempt -- search.asp ordernum UPDATE (emerging-web_specific_apps.rules)
 2005985 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- admin.asp grup SELECT (emerging-web_specific_apps.rules)
 2005986 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- admin.asp grup UNION SELECT (emerging-web_specific_apps.rules)
 2005987 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- admin.asp grup INSERT (emerging-web_specific_apps.rules)
 2005988 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- admin.asp grup DELETE (emerging-web_specific_apps.rules)
 2005989 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- admin.asp grup ASCII (emerging-web_specific_apps.rules)
 2005990 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- admin.asp grup UPDATE (emerging-web_specific_apps.rules)
 2005991 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- default.asp id SELECT (emerging-web_specific_apps.rules)
 2005992 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- default.asp id UNION SELECT (emerging-web_specific_apps.rules)
 2005993 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- default.asp id INSERT (emerging-web_specific_apps.rules)
 2005994 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- default.asp id DELETE (emerging-web_specific_apps.rules)
 2005995 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- default.asp id ASCII (emerging-web_specific_apps.rules)
 2005996 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- default.asp id UPDATE (emerging-web_specific_apps.rules)
 2005997 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- admin.asp id SELECT (emerging-web_specific_apps.rules)
 2005998 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- admin.asp id UNION SELECT (emerging-web_specific_apps.rules)
 2005999 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- admin.asp id INSERT (emerging-web_specific_apps.rules)
 2006000 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- admin.asp id DELETE (emerging-web_specific_apps.rules)
 2006001 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- admin.asp id ASCII (emerging-web_specific_apps.rules)
 2006002 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- admin.asp id UPDATE (emerging-web_specific_apps.rules)
 2006135 - ET WEB_SPECIFIC_APPS Enthrallweb eMates SQL Injection Attempt -- newsdetail.asp ID SELECT (emerging-web_specific_apps.rules)
 2006136 - ET WEB_SPECIFIC_APPS Enthrallweb eMates SQL Injection Attempt -- newsdetail.asp ID UNION SELECT (emerging-web_specific_apps.rules)
 2006137 - ET WEB_SPECIFIC_APPS Enthrallweb eMates SQL Injection Attempt -- newsdetail.asp ID INSERT (emerging-web_specific_apps.rules)
 2006138 - ET WEB_SPECIFIC_APPS Enthrallweb eMates SQL Injection Attempt -- newsdetail.asp ID DELETE (emerging-web_specific_apps.rules)
 2006139 - ET WEB_SPECIFIC_APPS Enthrallweb eMates SQL Injection Attempt -- newsdetail.asp ID ASCII (emerging-web_specific_apps.rules)
 2006140 - ET WEB_SPECIFIC_APPS Enthrallweb eMates SQL Injection Attempt -- newsdetail.asp ID UPDATE (emerging-web_specific_apps.rules)
 2006141 - ET WEB_SPECIFIC_APPS Dragon Business Directory SQL Injection Attempt -- bus_details.asp ID SELECT (emerging-web_specific_apps.rules)
 2006142 - ET WEB_SPECIFIC_APPS Dragon Business Directory SQL Injection Attempt -- bus_details.asp ID UNION SELECT (emerging-web_specific_apps.rules)
 2006143 - ET WEB_SPECIFIC_APPS Dragon Business Directory SQL Injection Attempt -- bus_details.asp ID INSERT (emerging-web_specific_apps.rules)
 2006144 - ET WEB_SPECIFIC_APPS Dragon Business Directory SQL Injection Attempt -- bus_details.asp ID DELETE (emerging-web_specific_apps.rules)
 2006145 - ET WEB_SPECIFIC_APPS Dragon Business Directory SQL Injection Attempt -- bus_details.asp ID ASCII (emerging-web_specific_apps.rules)
 2006146 - ET WEB_SPECIFIC_APPS Dragon Business Directory SQL Injection Attempt -- bus_details.asp ID UPDATE (emerging-web_specific_apps.rules)
 2006147 - ET WEB_SPECIFIC_APPS Enthrallweb eCars SQL Injection Attempt -- Types.asp Type_id SELECT (emerging-web_specific_apps.rules)
 2006148 - ET WEB_SPECIFIC_APPS Enthrallweb eCars SQL Injection Attempt -- Types.asp Type_id UNION SELECT (emerging-web_specific_apps.rules)
 2006149 - ET WEB_SPECIFIC_APPS Enthrallweb eCars SQL Injection Attempt -- Types.asp Type_id INSERT (emerging-web_specific_apps.rules)
 2006150 - ET WEB_SPECIFIC_APPS Enthrallweb eCars SQL Injection Attempt -- Types.asp Type_id DELETE (emerging-web_specific_apps.rules)
 2006151 - ET WEB_SPECIFIC_APPS Enthrallweb eCars SQL Injection Attempt -- Types.asp Type_id ASCII (emerging-web_specific_apps.rules)
 2006152 - ET WEB_SPECIFIC_APPS Enthrallweb eCars SQL Injection Attempt -- Types.asp Type_id UPDATE (emerging-web_specific_apps.rules)
 2006153 - ET WEB_SPECIFIC_APPS Enthrallweb ePages SQL Injection Attempt -- actualpic.asp Biz_ID SELECT (emerging-web_specific_apps.rules)
 2006154 - ET WEB_SPECIFIC_APPS Enthrallweb ePages SQL Injection Attempt -- actualpic.asp Biz_ID UNION SELECT (emerging-web_specific_apps.rules)
 2006155 - ET WEB_SPECIFIC_APPS Enthrallweb ePages SQL Injection Attempt -- actualpic.asp Biz_ID INSERT (emerging-web_specific_apps.rules)
 2006156 - ET WEB_SPECIFIC_APPS Enthrallweb ePages SQL Injection Attempt -- actualpic.asp Biz_ID DELETE (emerging-web_specific_apps.rules)
 2006157 - ET WEB_SPECIFIC_APPS Enthrallweb ePages SQL Injection Attempt -- actualpic.asp Biz_ID ASCII (emerging-web_specific_apps.rules)
 2006158 - ET WEB_SPECIFIC_APPS Enthrallweb ePages SQL Injection Attempt -- actualpic.asp Biz_ID UPDATE (emerging-web_specific_apps.rules)
 2006159 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- default.asp grup SELECT (emerging-web_specific_apps.rules)
 2006160 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- default.asp grup UNION SELECT (emerging-web_specific_apps.rules)
 2006161 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- default.asp grup INSERT (emerging-web_specific_apps.rules)
 2006162 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- default.asp grup DELETE (emerging-web_specific_apps.rules)
 2006163 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- default.asp grup ASCII (emerging-web_specific_apps.rules)
 2006164 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- default.asp grup UPDATE (emerging-web_specific_apps.rules)
 2006449 - ET WEB_SPECIFIC_APPS Elxis CMS SQL Injection Attempt -- mod_banners.php SELECT (emerging-web_specific_apps.rules)
 2006450 - ET WEB_SPECIFIC_APPS Elxis CMS SQL Injection Attempt -- mod_banners.php UNION SELECT (emerging-web_specific_apps.rules)
 2006451 - ET WEB_SPECIFIC_APPS Elxis CMS SQL Injection Attempt -- mod_banners.php INSERT (emerging-web_specific_apps.rules)
 2006452 - ET WEB_SPECIFIC_APPS Elxis CMS SQL Injection Attempt -- mod_banners.php DELETE (emerging-web_specific_apps.rules)
 2006453 - ET WEB_SPECIFIC_APPS Elxis CMS SQL Injection Attempt -- mod_banners.php ASCII (emerging-web_specific_apps.rules)
 2006454 - ET WEB_SPECIFIC_APPS Elxis CMS SQL Injection Attempt -- mod_banners.php UPDATE (emerging-web_specific_apps.rules)
 2006554 - ET WEB_SPECIFIC_APPS EasyPage SQL Injection Attempt -- default.aspx docId SELECT (emerging-web_specific_apps.rules)
 2006555 - ET WEB_SPECIFIC_APPS EasyPage SQL Injection Attempt -- default.aspx docId UNION SELECT (emerging-web_specific_apps.rules)
 2006556 - ET WEB_SPECIFIC_APPS EasyPage SQL Injection Attempt -- default.aspx docId INSERT (emerging-web_specific_apps.rules)
 2006557 - ET WEB_SPECIFIC_APPS EasyPage SQL Injection Attempt -- default.aspx docId DELETE (emerging-web_specific_apps.rules)
 2006558 - ET WEB_SPECIFIC_APPS EasyPage SQL Injection Attempt -- default.aspx docId ASCII (emerging-web_specific_apps.rules)
 2006559 - ET WEB_SPECIFIC_APPS EasyPage SQL Injection Attempt -- default.aspx docId UPDATE (emerging-web_specific_apps.rules)
 2006687 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp iFile SELECT (emerging-web_specific_apps.rules)
 2006688 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp iFile UNION SELECT (emerging-web_specific_apps.rules)
 2006689 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp iFile INSERT (emerging-web_specific_apps.rules)
 2006690 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp iFile DELETE (emerging-web_specific_apps.rules)
 2006691 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp iFile ASCII (emerging-web_specific_apps.rules)
 2006692 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp iFile UPDATE (emerging-web_specific_apps.rules)
 2006694 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp action SELECT (emerging-web_specific_apps.rules)
 2006695 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp action UNION SELECT (emerging-web_specific_apps.rules)
 2006696 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp action INSERT (emerging-web_specific_apps.rules)
 2006697 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp action DELETE (emerging-web_specific_apps.rules)
 2006698 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp action ASCII (emerging-web_specific_apps.rules)
 2006699 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp action UPDATE (emerging-web_specific_apps.rules)
 2006700 - ET WEB_SPECIFIC_APPS DUware DUpaypal SQL Injection Attempt -- detail.asp iType SELECT (emerging-web_specific_apps.rules)
 2006701 - ET WEB_SPECIFIC_APPS DUware DUpaypal SQL Injection Attempt -- detail.asp iType UNION SELECT (emerging-web_specific_apps.rules)
 2006702 - ET WEB_SPECIFIC_APPS DUware DUpaypal SQL Injection Attempt -- detail.asp iType INSERT (emerging-web_specific_apps.rules)
 2006703 - ET WEB_SPECIFIC_APPS DUware DUpaypal SQL Injection Attempt -- detail.asp iType DELETE (emerging-web_specific_apps.rules)
 2006704 - ET WEB_SPECIFIC_APPS DUware DUpaypal SQL Injection Attempt -- detail.asp iType ASCII (emerging-web_specific_apps.rules)
 2006705 - ET WEB_SPECIFIC_APPS DUware DUpaypal SQL Injection Attempt -- detail.asp iType UPDATE (emerging-web_specific_apps.rules)
 2006706 - ET WEB_SPECIFIC_APPS DuWare DuClassmate SQL Injection Attempt -- default.asp iCity SELECT (emerging-web_specific_apps.rules)
 2006707 - ET WEB_SPECIFIC_APPS DuWare DuClassmate SQL Injection Attempt -- default.asp iCity UNION SELECT (emerging-web_specific_apps.rules)
 2006708 - ET WEB_SPECIFIC_APPS DuWare DuClassmate SQL Injection Attempt -- default.asp iCity INSERT (emerging-web_specific_apps.rules)
 2006709 - ET WEB_SPECIFIC_APPS DuWare DuClassmate SQL Injection Attempt -- default.asp iCity DELETE (emerging-web_specific_apps.rules)
 2006710 - ET WEB_SPECIFIC_APPS DuWare DuClassmate SQL Injection Attempt -- default.asp iCity ASCII (emerging-web_specific_apps.rules)
 2006711 - ET WEB_SPECIFIC_APPS DuWare DuClassmate SQL Injection Attempt -- default.asp iCity UPDATE (emerging-web_specific_apps.rules)
 2006712 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews SELECT (emerging-web_specific_apps.rules)
 2006713 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews UNION SELECT (emerging-web_specific_apps.rules)
 2006714 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews INSERT (emerging-web_specific_apps.rules)
 2006715 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews DELETE (emerging-web_specific_apps.rules)
 2006716 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews ASCII (emerging-web_specific_apps.rules)
 2006717 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews UPDATE (emerging-web_specific_apps.rules)
 2006718 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iType SELECT (emerging-web_specific_apps.rules)
 2006719 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iType UNION SELECT (emerging-web_specific_apps.rules)
 2006720 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iType INSERT (emerging-web_specific_apps.rules)
 2006721 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iType DELETE (emerging-web_specific_apps.rules)
 2006722 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iType ASCII (emerging-web_specific_apps.rules)
 2006723 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iType UPDATE (emerging-web_specific_apps.rules)
 2006724 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp Action SELECT (emerging-web_specific_apps.rules)
 2006725 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp Action UNION SELECT (emerging-web_specific_apps.rules)
 2006726 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp Action INSERT (emerging-web_specific_apps.rules)
 2006727 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp Action DELETE (emerging-web_specific_apps.rules)
 2006728 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp Action ASCII (emerging-web_specific_apps.rules)
 2006729 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp Action UPDATE (emerging-web_specific_apps.rules)
 2007024 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp ad_id SELECT (emerging-web_specific_apps.rules)
 2007025 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp ad_id UNION SELECT (emerging-web_specific_apps.rules)
 2007026 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp ad_id INSERT (emerging-web_specific_apps.rules)
 2007027 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp ad_id DELETE (emerging-web_specific_apps.rules)
 2007028 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp ad_id ASCII (emerging-web_specific_apps.rules)
 2007029 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp ad_id UPDATE (emerging-web_specific_apps.rules)
 2007030 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dircat.asp cid SELECT (emerging-web_specific_apps.rules)
 2007031 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dircat.asp cid UNION SELECT (emerging-web_specific_apps.rules)
 2007032 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dircat.asp cid INSERT (emerging-web_specific_apps.rules)
 2007033 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dircat.asp cid DELETE (emerging-web_specific_apps.rules)
 2007034 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dircat.asp cid ASCII (emerging-web_specific_apps.rules)
 2007035 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dircat.asp cid UPDATE (emerging-web_specific_apps.rules)
 2007036 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dirSub.asp sid SELECT (emerging-web_specific_apps.rules)
 2007037 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dirSub.asp sid UNION SELECT (emerging-web_specific_apps.rules)
 2007038 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dirSub.asp sid INSERT (emerging-web_specific_apps.rules)
 2007039 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dirSub.asp sid DELETE (emerging-web_specific_apps.rules)
 2007040 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dirSub.asp sid ASCII (emerging-web_specific_apps.rules)
 2007041 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dirSub.asp sid UPDATE (emerging-web_specific_apps.rules)
 2007042 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp AD_ID SELECT (emerging-web_specific_apps.rules)
 2007043 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp AD_ID UNION SELECT (emerging-web_specific_apps.rules)
 2007044 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp AD_ID INSERT (emerging-web_specific_apps.rules)
 2007045 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp AD_ID DELETE (emerging-web_specific_apps.rules)
 2007046 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp AD_ID ASCII (emerging-web_specific_apps.rules)
 2007047 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp AD_ID UPDATE (emerging-web_specific_apps.rules)
 2007048 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp cat_id SELECT (emerging-web_specific_apps.rules)
 2007049 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp sub_id UPDATE (emerging-web_specific_apps.rules)
 2007050 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp cat_id INSERT (emerging-web_specific_apps.rules)
 2007051 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp cat_id DELETE (emerging-web_specific_apps.rules)
 2007052 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp cat_id ASCII (emerging-web_specific_apps.rules)
 2007053 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp cat_id UPDATE (emerging-web_specific_apps.rules)
 2007054 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp sub_id SELECT (emerging-web_specific_apps.rules)
 2007055 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp sub_id UNION SELECT (emerging-web_specific_apps.rules)
 2007056 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp sub_id INSERT (emerging-web_specific_apps.rules)
 2007057 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp sub_id DELETE (emerging-web_specific_apps.rules)
 2007058 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp sub_id ASCII (emerging-web_specific_apps.rules)
 2007059 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp cat_id UNION SELECT (emerging-web_specific_apps.rules)
 2007076 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dircat.asp cid SELECT (emerging-web_specific_apps.rules)
 2007077 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dircat.asp cid UNION SELECT (emerging-web_specific_apps.rules)
 2007078 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dircat.asp cid INSERT (emerging-web_specific_apps.rules)
 2007079 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dircat.asp cid DELETE (emerging-web_specific_apps.rules)
 2007080 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dircat.asp cid ASCII (emerging-web_specific_apps.rules)
 2007081 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dircat.asp cid UPDATE (emerging-web_specific_apps.rules)
 2007082 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dirSub.asp sid SELECT (emerging-web_specific_apps.rules)
 2007083 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dirSub.asp sid UNION SELECT (emerging-web_specific_apps.rules)
 2007084 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dirSub.asp sid INSERT (emerging-web_specific_apps.rules)
 2007085 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dirSub.asp sid DELETE (emerging-web_specific_apps.rules)
 2007086 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dirSub.asp sid ASCII (emerging-web_specific_apps.rules)
 2007087 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dirSub.asp sid UPDATE (emerging-web_specific_apps.rules)
 2007088 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- types.asp TYPE_ID SELECT (emerging-web_specific_apps.rules)
 2007089 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- types.asp TYPE_ID UNION SELECT (emerging-web_specific_apps.rules)
 2007090 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- types.asp TYPE_ID INSERT (emerging-web_specific_apps.rules)
 2007091 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- types.asp TYPE_ID DELETE (emerging-web_specific_apps.rules)
 2007092 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- types.asp TYPE_ID ASCII (emerging-web_specific_apps.rules)
 2007093 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- types.asp TYPE_ID UPDATE (emerging-web_specific_apps.rules)
 2007094 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- homeDetail.asp AD_ID SELECT (emerging-web_specific_apps.rules)
 2007095 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- homeDetail.asp AD_ID UNION SELECT (emerging-web_specific_apps.rules)
 2007096 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- homeDetail.asp AD_ID INSERT (emerging-web_specific_apps.rules)
 2007097 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- homeDetail.asp AD_ID DELETE (emerging-web_specific_apps.rules)
 2007098 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- homeDetail.asp AD_ID ASCII (emerging-web_specific_apps.rules)
 2007099 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- homeDetail.asp AD_ID UPDATE (emerging-web_specific_apps.rules)
 2007100 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- result.asp cat SELECT (emerging-web_specific_apps.rules)
 2007101 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- result.asp cat UNION SELECT (emerging-web_specific_apps.rules)
 2007102 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- result.asp cat INSERT (emerging-web_specific_apps.rules)
 2007103 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- result.asp cat DELETE (emerging-web_specific_apps.rules)
 2007104 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- result.asp cat ASCII (emerging-web_specific_apps.rules)
 2007105 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- result.asp cat UPDATE (emerging-web_specific_apps.rules)
 2007106 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- compareHomes.asp compare SELECT (emerging-web_specific_apps.rules)
 2007107 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- compareHomes.asp compare UNION SELECT (emerging-web_specific_apps.rules)
 2007108 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- compareHomes.asp compare INSERT (emerging-web_specific_apps.rules)
 2007109 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- compareHomes.asp compare DELETE (emerging-web_specific_apps.rules)
 2007110 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- compareHomes.asp compare ASCII (emerging-web_specific_apps.rules)
 2007111 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- compareHomes.asp compare UPDATE (emerging-web_specific_apps.rules)
 2007566 - ET TROJAN Downloader.MisleadApp Fake Security Product Install (emerging-trojan.rules)
 2007683 - ET TROJAN E-Jihad 3.0 HTTP Activity 1 (emerging-trojan.rules)
 2007684 - ET TROJAN E-Jihad 3.0 HTTP Activity 2 (emerging-trojan.rules)
 2007685 - ET TROJAN E-Jihad 3.0 HTTP Activity 3 (emerging-trojan.rules)
 2007686 - ET TROJAN E-Jihad 3.0 DDoS HTTP Activity OUTBOUND (emerging-trojan.rules)
 2007687 - ET TROJAN E-Jihad 3.0 DDoS HTTP Activity INBOUND (emerging-trojan.rules)
 2007688 - ET TROJAN Prg Trojan HTTP POST v1 (emerging-trojan.rules)
 2007724 - ET TROJAN Prg Trojan HTTP POST version 2 (emerging-trojan.rules)
 2007747 - ET TROJAN MBR Trojan (Sinowal/Mebroot/) Phoning Home (emerging-trojan.rules)
 2007748 - ET TROJAN NPRC Malicious POST Request Possible DOJ or DOT Malware (emerging-trojan.rules)
 2007758 - ET TROJAN Eldorado.BHO User-Agent Detected (netcfg) (emerging-trojan.rules)
 2007774 - ET TROJAN Lop.gfr/Swizzor HTTP Update/Checkin (emerging-trojan.rules)
 2007775 - ET TROJAN Krunchy/BZub HTTP Checkin/Update (emerging-trojan.rules)
 2007776 - ET TROJAN Krunchy/BZub HTTP POST Update (emerging-trojan.rules)
 2007823 - ET TROJAN Banker.OT Checkin (emerging-trojan.rules)
 2007828 - ET TROJAN LDPinch Checkin (2) (emerging-trojan.rules)
 2007829 - ET TROJAN Illusion Bot (Lussilon) Checkin (emerging-trojan.rules)
 2007831 - ET TROJAN Downloader General Bot Checking In via HTTP Post (bot_id push) (emerging-trojan.rules)
 2007833 - ET TROJAN Eldorado.BHO User-Agent Detected (MSIE 5.5) (emerging-trojan.rules)
 2007836 - ET TROJAN Downloader General Bot Checking In - Possible Win32.Small.htz related (emerging-trojan.rules)
 2007874 - ET EXPLOIT Now SMS/MMS Gateway HTTP BOF Vulnerability (emerging-exploit.rules)
 2008100 - ET TROJAN PRG/wnspoem/Zeus InfoStealer Trojan Config Download (emerging-trojan.rules)
 2008171 - ET WEB_SERVER HP OpenView Network Node Manager CGI Directory Traversal (emerging-web_server.rules)
 2008195 - ET TROJAN Dropper mdodo.com Related Trojan (emerging-trojan.rules)
 2008196 - ET TROJAN Dropper 6dzone.com Related Trojan (emerging-trojan.rules)
 2008218 - ET TROJAN Optix Pro Trojan/Keylogger Reporting Installation via HTTP-Email Post (emerging-trojan.rules)
 2008317 - ET TROJAN Hitpop.AG/Pophot.az HTTP Checkin (emerging-trojan.rules)
 2008322 - ET TROJAN FraudLoad.aww HTTP CnC Post (emerging-trojan.rules)
 2008338 - ET TROJAN KLog Nick Keylogger Checkin (emerging-trojan.rules)
 2008340 - ET TROJAN Lost Door Checkin (emerging-trojan.rules)
 2008346 - ET TROJAN Mitglieder Checkin (emerging-trojan.rules)
 2008347 - ET TROJAN Swizzor Checkin (emerging-trojan.rules)
 2008369 - ET TROJAN Keylogger Crack by bahman (emerging-trojan.rules)
 2008431 - ET TROJAN PWS.Gamania Checkin (emerging-trojan.rules)
 2008452 - ET TROJAN Emo/Downloader.uxk checkin (emerging-trojan.rules)
 2008515 - ET TROJAN Hupigon.AZG Checkin (emerging-trojan.rules)
 2008684 - ET WEB_SPECIFIC_APPS E-Shop Shopping Cart Script search_results.php SQL Injection (emerging-web_specific_apps.rules)
 2008740 - ET TROJAN Ligats/DR.Ilomo Agent Post (emerging-trojan.rules)
 2008760 - ET TROJAN Insidebar.co.kr Related Infection Checkin (emerging-trojan.rules)
 2008830 - ET WEB_SPECIFIC_APPS DevelopItEasy Photo Gallery cat_id paramter SQL Injection (emerging-web_specific_apps.rules)
 2008831 - ET WEB_SPECIFIC_APPS DevelopItEasy Photo Gallery photo_id paramter SQL Injection (emerging-web_specific_apps.rules)
 2008834 - ET WEB_SPECIFIC_APPS DevelopItEasy News And Article aid parameter SQL Injection (emerging-web_specific_apps.rules)
 2008838 - ET WEB_SPECIFIC_APPS DeltaScripts PHP Classifieds siteid parameter Remote SQL Injection (emerging-web_specific_apps.rules)
 2008864 - ET TROJAN Koobface Trojan HTTP Post Checkin (emerging-trojan.rules)
 2008883 - ET WEB_SPECIFIC_APPS Easyedit CMS page.php intpageID parameter sql injection (emerging-web_specific_apps.rules)
 2008884 - ET WEB_SPECIFIC_APPS Easyedit CMS subcategory.php intSubCategoryID parameter sql injection (emerging-web_specific_apps.rules)
 2008885 - ET WEB_SPECIFIC_APPS Easyedit CMS news.php intPageID parameter sql injection (emerging-web_specific_apps.rules)
 2008891 - ET TROJAN MEREDROP/micr0s0fts.cn Related Checkin (emerging-trojan.rules)
 2008943 - ET TROJAN Lop_com or variant Checkin (9kgen_up) (emerging-trojan.rules)
 2008984 - ET TROJAN Trojan-GameThief.Win32.OnLineGames infection report (emerging-trojan.rules)
 2009003 - ET TROJAN Win32/Korklic.A (emerging-trojan.rules)
 2009117 - ET WEB_SPECIFIC_APPS Easynet4u Link Host directory.php cat_id parameter SQL Injection (emerging-web_specific_apps.rules)
 2009317 - ET WEB_SPECIFIC_APPS DesktopOnNet don3_requiem.php app_path Parameter Remote File Inclusion (emerging-web_specific_apps.rules)
 2009318 - ET WEB_SPECIFIC_APPS DesktopOnNet frontpage.php app_path Parameter Remote File Inclusion (emerging-web_specific_apps.rules)
 2009319 - ET WEB_SPECIFIC_APPS DeZine DZcms products.php pcat parameter SQL injection (emerging-web_specific_apps.rules)
 2009323 - ET WEB_SPECIFIC_APPS Demium CMS tracking.php follow_kat Parameter SQL Injection (emerging-web_specific_apps.rules)
 2009324 - ET WEB_SPECIFIC_APPS Demium CMS urheber.php name Parameter Local File Inclusion (emerging-web_specific_apps.rules)
 2009366 - ET WEB_SPECIFIC_APPS EasySiteNetwork Riddles Complete Website riddle.php riddleid Parameter SQL Injection (emerging-web_specific_apps.rules)
 2009368 - ET WEB_SPECIFIC_APPS DeluxeBB misc.php qorder Parameter SQL Injection (emerging-web_specific_apps.rules)
 2009380 - ET WEB_SPECIFIC_APPS Acute Control Panel header.php theme_directory parameter local file inclusion (emerging-web_specific_apps.rules)
 2009412 - ET TROJAN Generic Trojan Checkin (emerging-trojan.rules)
 2009442 - ET TROJAN Generic Trojan Checkin (2) (emerging-trojan.rules)
 2009443 - ET TROJAN NoBo Downloader Dropper GET (emerging-trojan.rules)
 2009455 - ET TROJAN FAKE AV HTTP CnC Post (emerging-trojan.rules)
 2009472 - ET TROJAN Fasec/FakeAV Alert/Keylogger/Dropper/DNSChanger Possible Rootkit - HTTP GET (emerging-trojan.rules)
 2009484 - ET WEB_SERVER Cpanel lastvisit.html Arbitary file disclosure (emerging-web_server.rules)
 2009514 - ET TROJAN FAKE/ROGUE AV HTTP Post (emerging-trojan.rules)
 2009519 - ET TROJAN Gaboc Trojan Check-in (emerging-trojan.rules)
 2009526 - ET TROJAN Downloader Checkin - Downloads Rogue Adware  (emerging-trojan.rules)
 2009527 - ET TROJAN Generic Downloader Checkin - HTTP GET  (emerging-trojan.rules)
 2009531 - ET TROJAN Gamania Trojan Check-in (emerging-trojan.rules)
 2009541 - ET TROJAN Suspicious User-Agent filled with System Details - GET Request (emerging-trojan.rules)
 2009549 - ET TROJAN Generic Downloader - HTTP POST (emerging-trojan.rules)
 2009553 - ET TROJAN FAKE/ROGUE AV - Encoded (data=) HTTP POST (emerging-trojan.rules)
 2009554 - ET TROJAN FAKE/ROGUE AV/Security Application Checkin (emerging-trojan.rules)
 2009704 - ET TROJAN Generic Downloader Check-in (emerging-trojan.rules)
 2009751 - ET TROJAN Fraudload/FakeAlert/FakeVimes Downloader - POST (emerging-trojan.rules)
 2009776 - ET TROJAN Oficla Downloader Activity Observed (emerging-trojan.rules)
 2009795 - ET WEB_SPECIFIC_APPS Dog Pedigree Online Database managePerson.php personId Parameter SQL Injection (emerging-web_specific_apps.rules)
 2009804 - ET TROJAN Screenblaze SCR Related Backdoor - GET (emerging-trojan.rules)
 2009805 - ET TROJAN Luder.B User-Agent (Mozilla/4.0 (SPGK)) - GET (emerging-trojan.rules)
 2009810 - ET TROJAN Swizzor-based Downloader - Invalid User-Agent (Mozilla/4.0 (compatible MSIE 7.0 na .NET CLR 2.0.50727 .NET CLR 3.0.4506.2152 .NET CLR 3.5.30729)) (emerging-trojan.rules)
 2009811 - ET TROJAN KillAV/Dropper/Mdrop/Hupigon - HTTP GET (emerging-trojan.rules)
 2009813 - ET TROJAN Trojan.MyDNS DNSChanger - HTTP POST (emerging-trojan.rules)
 2009826 - ET TROJAN Generic Backdoor Retrieve Instructions/Configs - HTTP GET (emerging-trojan.rules)
 2009832 - ET SCAN DCERPC rpcmgmt ifids Unauthenticated BIND (emerging-scan.rules)
 2009848 - ET WEB_SPECIFIC_APPS Dragoon header.inc.php root Parameter Remote File Inclusion (emerging-web_specific_apps.rules)
 2009876 - ET WEB_SPECIFIC_APPS Dokuwiki doku.php config_cascade Local File Inclusion (emerging-web_specific_apps.rules)
 2009904 - ET WEB_SPECIFIC_APPS AdaptBB latestposts.php forumspath Parameter Local File Inclusion (emerging-web_specific_apps.rules)
 2010007 - ET TROJAN Potential Gemini Malware Download (emerging-trojan.rules)
 2010073 - ET WEB_SPECIFIC_APPS Possible Docebo UPDATE SET SQL Injection Attempt (emerging-web_specific_apps.rules)
 2010074 - ET WEB_SPECIFIC_APPS Possible Docebo UNION SELECT SQL Injection Attempt (emerging-web_specific_apps.rules)
 2010075 - ET WEB_SPECIFIC_APPS Possible Docebo SELECT FROM SQL Injection Attempt (emerging-web_specific_apps.rules)
 2010076 - ET WEB_SPECIFIC_APPS Possible Docebo DELETE FROM SQL Injection Attempt (emerging-web_specific_apps.rules)
 2010077 - ET WEB_SPECIFIC_APPS Possible Docebo INSERT INTO Injection Attempt (emerging-web_specific_apps.rules)
 2010078 - ET WEB_SPECIFIC_APPS Possible Docebo UPDATE SET SQL Injection Attempt (emerging-web_specific_apps.rules)
 2010151 - ET TROJAN Koobface C&C availability check (emerging-trojan.rules)
 2010158 - ET TROJAN Nanspy Bot Checkin (emerging-trojan.rules)
 2010194 - ET WEB_SPECIFIC_APPS Adobe JRun Directory Traversal (emerging-web_specific_apps.rules)
 2010195 - ET WEB_SPECIFIC_APPS DS CMS DetailFile.php nFileId Parameter SQL Injection (emerging-web_specific_apps.rules)
 2010252 - ET WEB_SPECIFIC_APPS Datalife Engine api.class.php dle_config_api Parameter Remote File Inclusion (emerging-web_specific_apps.rules)
 2010259 - ET WEB_SPECIFIC_APPS DvBBS boardrule.php groupboardid Parameter SQL Injection (emerging-web_specific_apps.rules)
 2010282 - ET TROJAN Generic Trojan Checkin (double Content-Type headers) (emerging-trojan.rules)
 2010337 - ET TROJAN FakeAV Reporting - POST often to [resolution|borders].php (emerging-trojan.rules)
 2010439 - ET TROJAN Generic Trojan Checkin (UA VBTagEdit) (emerging-trojan.rules)
 2010512 - ET TROJAN FakeAV FakeSmoke HTTP POST check-in (emerging-trojan.rules)
 2010594 - ET TROJAN Potential FakeAV HTTP POST Check-IN (?r=) (emerging-trojan.rules)
 2010625 - ET TROJAN FakeAV Landing Page (aid,sid) (emerging-trojan.rules)
 2010626 - ET TROJAN Likely FakeAV/Fakeinit/FraudLoad Checkin (emerging-trojan.rules)
 2010627 - ET TROJAN Likely FakeAV/Fakeinit/FraudLoad Checkin (emerging-trojan.rules)
 2010628 - ET TROJAN Likely FakeAV/Fakeinit/FraudLoad Checkin (emerging-trojan.rules)
 2010700 - ET TROJAN Likely Koobface Beaconing (getexe) (emerging-trojan.rules)
 2010707 - ET WEB_SPECIFIC_APPS Dros core.write_compiled_include.php smarty Remote File Inclusion Attempt (emerging-web_specific_apps.rules)
 2010708 - ET WEB_SPECIFIC_APPS Dros core.process_compiled_include.php smarty Remote File Inclusion Attempt (emerging-web_specific_apps.rules)
 2010709 - ET WEB_SPECIFIC_APPS Dros function.config_load.php _compile_file Remote File Inclusion Attempt (emerging-web_specific_apps.rules)
 2010715 - ET SCAN ZmEu exploit scanner (emerging-scan.rules)
 2010743 - ET TROJAN Oficla Checkin (1) (emerging-trojan.rules)
 2011072 - ET TROJAN Fruspam polling for IP likely infected (emerging-trojan.rules)
 2011099 - ET WEB_SPECIFIC_APPS DaFun Spirit lgsl_players.php lgsl_path Parameter Remote File Inclusion (emerging-web_specific_apps.rules)
 2011100 - ET WEB_SPECIFIC_APPS DaFun Spirit lgsl_settings.php lgsl_path Parameter Remote File Inclusion (emerging-web_specific_apps.rules)
 2011104 - ET TROJAN Exploit kit attack activity likely hostile (emerging-trojan.rules)
 2011153 - ET WEB_SPECIFIC_APPS Ektron CMS400.NET reterror.aspx info Parameter Cross Site Scripting Attempt (emerging-web_specific_apps.rules)
 2011154 - ET WEB_SPECIFIC_APPS Ektron CMS400.NET medialist.aspx selectids Parameter Cross Site Scripting Attempt (emerging-web_specific_apps.rules)
 2011173 - ET ACTIVEX Windows Help Center Arbitrary Command Execution Exploit Attempt (emerging-activex.rules)
 2011179 - ET TROJAN Generic Checkin - MSCommonInfoEx (emerging-trojan.rules)
 2011269 - ET TROJAN Downloader.Win32.Small (emerging-trojan.rules)
 2011277 - ET TROJAN Generic Trojan HTTP Get (emerging-trojan.rules)
 2011539 - ET POLICY OpenSSL Demo CA - Internet Widgits Pty (CN) (emerging-policy.rules)
 2011540 - ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O) (emerging-policy.rules)
 2011725 - ET WEB_SPECIFIC_APPS EZPX photoblog tpl_base_dir Parameter Remote File Inclusion Attempt (emerging-web_specific_apps.rules)
 2011816 - ET TROJAN Zeus POST Request to CnC (emerging-trojan.rules)
 2011827 - ET TROJAN Xilcter/Zeus related malware dropper reporting in (emerging-trojan.rules)
 2400000 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400001 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400002 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400003 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400004 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400005 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400006 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400007 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400008 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400009 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400010 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400011 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400012 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2401000 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401001 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401002 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401003 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401004 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401005 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401006 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401007 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401008 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401009 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401010 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401011 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401012 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2402000 - ET DROP Dshield Block Listed Source (emerging-dshield.rules)
 2402001 - ET DROP Dshield Block Listed Source (emerging-dshield.rules)
 2403000 - ET DROP Dshield Block Listed Source - BLOCKING (emerging-dshield-BLOCK.rules)
 2403001 - ET DROP Dshield Block Listed Source - BLOCKING (emerging-dshield-BLOCK.rules)


[///]    Modified inactive rules:    [///]

 2009441 - ET TROJAN Swizzor Family GET (emerging-trojan.rules)
 2011103 - ET TROJAN Exploit kit download payload likely Hiloti Gozi FakeAV etc (emerging-trojan.rules)
 2011160 - ET WEB_SERVER Apache Axis2 xsd Parameter Directory Traversal Attempt (emerging-web_server.rules)
 2011346 - ET WEB_CLIENT Possible Unescape Javascript Obfuscation Attempt (emerging-web_client.rules)
 2011541 - ET POLICY OpenSSL Demo CA - Cryptsoft Pty (CN) (emerging-policy.rules)
 2011542 - ET POLICY OpenSSL Demo CA - Cryptsoft Pty (O) (emerging-policy.rules)


[---]         Disabled rules:        [---]

     405 - GPL ICMP_INFO Destination Unreachable Source Host Isolated (emerging-icmp_info.rules)
    1610 - GPL EXPLOIT formmail arbitrary command execution attempt (emerging-exploit.rules)
    3023 - GPL NETBIOS SMB-DS NT Trans NT CREATE andx oversized Security Descriptor attempt (emerging-netbios.rules)
    3025 - GPL NETBIOS SMB-DS NT Trans NT CREATE unicode andx oversized Security Descriptor attempt (emerging-netbios.rules)
    3031 - GPL NETBIOS SMB-DS NT Trans NT CREATE andx SACL overflow attempt (emerging-netbios.rules)
    3033 - GPL NETBIOS SMB-DS NT Trans NT CREATE unicode andx SACL overflow attempt (emerging-netbios.rules)
    3039 - GPL NETBIOS SMB-DS NT Trans NT CREATE andx DACL overflow attempt (emerging-netbios.rules)
    3041 - GPL NETBIOS SMB-DS NT Trans NT CREATE unicode andx DACL overflow attempt (emerging-netbios.rules)
 2001929 - ET WEB_SPECIFIC_APPS XSS Possible Arbitrary Scripting Code Attack in phpBB (signature) (emerging-web_specific_apps.rules)
 2008127 - ET ACTIVEX Data Dynamics ActiveBar ActiveX Control (Actbar3.ocx 3.2) Multiple Insecure Methods (emerging-activex.rules)
 2008314 - ET CURRENT_EVENTS Iframe in Purported Image Download (gif) - Likely SQL Injection Attacks Related (emerging-current_events.rules)
 2011819 - ET MALWARE Zero Content-Length HTTP POST with data (outbound) (emerging-malware.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to emerging-drop-BLOCK.rules (2):
        #  VERSION 2068
        #  Generated 2010-10-24 00:03:02 EDT

     -> Added to emerging-drop.rules (2):
        #  VERSION 2068
        #  Generated 2010-10-24 00:03:02 EDT

     -> Added to emerging.conf (37):
        #var SSH_PORTS 22
        #include $RULE_PATH/emerging-ftp.rules
        #include $RULE_PATH/emerging-policy.rules
        #include $RULE_PATH/emerging-trojan.rules
        #include $RULE_PATH/emerging-games.rules
        #include $RULE_PATH/emerging-pop3.rules
        #include $RULE_PATH/emerging-user_agents.rules
        ##include $RULE_PATH/emerging-activex.rules
        #include $RULE_PATH/emerging-rpc.rules
        #include $RULE_PATH/emerging-virus.rules
        #include $RULE_PATH/emerging-attack_response.rules
        #include $RULE_PATH/emerging-icmp.rules
        #include $RULE_PATH/emerging-scan.rules
        #include $RULE_PATH/emerging-voip.rules
        #include $RULE_PATH/emerging-chat.rules
        ##include $RULE_PATH/emerging-icmp_info.rules
        ##include $RULE_PATH/emerging-shellcode.rules
        ##include $RULE_PATH/emerging-web_client.rules
        #include $RULE_PATH/emerging-imap.rules
        #include $RULE_PATH/emerging-web_server.rules
        #include $RULE_PATH/emerging-current_events.rules
        ##include $RULE_PATH/emerging-inappropriate.rules
        #include $RULE_PATH/emerging-smtp.rules
        ##include $RULE_PATH/emerging-web_specific_apps.rules
        ##include $RULE_PATH/emerging-deleted.rules
        #include $RULE_PATH/emerging-malware.rules
        #include $RULE_PATH/emerging-snmp.rules
        #include $RULE_PATH/emerging-worm.rules
        #include $RULE_PATH/emerging-dns.rules
        #include $RULE_PATH/emerging-misc.rules
        #include $RULE_PATH/emerging-sql.rules
        #include $RULE_PATH/emerging-dos.rules
        #include $RULE_PATH/emerging-netbios.rules
        #include $RULE_PATH/emerging-telnet.rules
        #include $RULE_PATH/emerging-exploit.rules
        #include $RULE_PATH/emerging-p2p.rules
        #include $RULE_PATH/emerging-tftp.rules

     -> Added to sid-msg.map (77):
        2011827 || ET TROJAN Xilcter/Zeus related malware dropper reporting in
        2011828 || ETPRO WEB_SPECIFIC_APPS 724CMS section.php Module Parameter Local File inclusion Attempt || url,packetstormsecurity.org/1005-exploits/724cms459-lfi.txt
        2011829 || ETPRO WEB_SPECIFIC_APPS MyOWNspace getfeed.php file Parameter Local File Inclusion Attempt(1) || url,inj3ct0r.com/exploits/12674
        2011830 || ETPRO WEB_SPECIFIC_APPS MyOWNspace getfeed.php file Parameter Local File Inclusion Attempt(2) || url,inj3ct0r.com/exploits/12674
        2011831 || ETPRO WEB_SPECIFIC_APPS CMS Board site_path Parameter Remote File Inclusion Attempt || url,packetstormsecurity.org/1010-exploits/cmsboard-rfi.txt
        2011832 || ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter SELECT FROM SQL Injection Attempt || url,inj3ct0r.com/exploits/14205
        2011833 || ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter DELETE FROM SQL Injection Attempt || url,inj3ct0r.com/exploits/14205
        2011834 || ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter UNION SELECT SQL Injection Attempt || url,inj3ct0r.com/exploits/14205
        2011835 || ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter UPDATE SET SQL Injection Attempt || url,inj3ct0r.com/exploits/14205
        2011836 || ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter INSERT INTO SQL Injection Attempt || url,inj3ct0r.com/exploits/14205
        2011837 || ETPRO WEB_SPECIFIC_APPS A6MamboHelpDesk Admin.a6mambohelpdesk.php Remote File inclusion Attempt || cve,CVE-2006-3930 || bugtraq,19198
        2011838 || ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter SELECT FROM SQL Injection Attempt || url,packetstormsecurity.com/1010-exploits/phpfusionmguser-sql.txt
        2011839 || ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter DELETE FROM SQL Injection Attempt || url,packetstormsecurity.com/1010-exploits/phpfusionmguser-sql.txt
        2011840 || ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter UNION SELECT SQL Injection Attempt || url,packetstormsecurity.com/1010-exploits/phpfusionmguser-sql.txt
        2011841 || ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter UPDATE SET SQL Injection Attempt || url,packetstormsecurity.com/1010-exploits/phpfusionmguser-sql.txt
        2011842 || ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter INSERT INTO SQL Injection Attempt || url,packetstormsecurity.com/1010-exploits/phpfusionmguser-sql.txt
        2011843 || ETPRO WEB_SPECIFIC_APPS BaconMap updatelist.php filepath Local File Inclusion Attempt || url,packetstormsecurity.com/1010-exploits/baconmap10-lfi.txt
        2011844 || ETPRO WEB_SPECIFIC_APPS Joomla com_rwcards mosConfig_absolute_path Remote File Inclusion Attempt || url,packetstormsecurity.com/1010-exploits/joomlarwcards-rfi.txt
        2011845 || ETPRO WEB_SPECIFIC_APPS Lantern CMS intPassedLocationID Parameter Cross Site Scripting Attempt || bugtraq,43865
        2011846 || ETPRO WEB_SPECIFIC_APPS OrangeHRM uri Parameter Local File Inclusion Attempt || url,exploit-db.com/exploits/15232
        2011847 || ETPRO WEB_SPECIFIC_APPS Joomla com_jomestate Parameter Remote File Inclusion Attempt || url,inj3ct0r.com/exploits/12835
        2011848 || ET TROJAN Win32/Comotor.A!dll Reporting 1 || url,microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Trojan%3AWin32%2FComotor.A!dll&ThreatID=-2147346593 || url,threatexpert.com/report.aspx?md5=5e1c680e70e423dd02e31ab9d689e40b
        2011849 || ET TROJAN Win32/Comotor.A!dll Reporting 2 || url,microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Trojan%3AWin32%2FComotor.A!dll&ThreatID=-2147346593 || url,threatexpert.com/report.aspx?md5=5e1c680e70e423dd02e31ab9d689e40b
        2011850 || ET TROJAN Carberp file download
        2011851 || ET TROJAN Carberp CnC request - POST id=imp
        2011852 || ET WEB_SPECIFIC_APPS W-Agora search.php bn Parameter Cross Site Scripting Attempt || bugtraq,44370
        2011853 || ET WEB_SPECIFIC_APPS W-Agora search.php bn Parameter Local File Inclusion Attempt || bugtraq,44370
        2011854 || ET POLICY Java JAR file download
        2011855 || ET POLICY Java JAR Download Attempt || url,blogs.technet.com/b/mmpc/archive/2010/10/18/have-you-checked-the-java.aspx
        2011856 || ET MALWARE HTML.Psyme.Gen Reporting || url,threatexpert.com/report.aspx?md5=de1adb1df396863e7e3967271e7db734
        2011857 || ET TROJAN SpyEye C&C Check-in URI || url,krebsonsecurity.com/2010/10/spyeye-v-zeus-rivalry-ends-in-quiet-merger/ || url,www.symantec.com/connect/blogs/spyeye-bot-versus-zeus-bot
        2011858 || ET TROJAN SpyEye style HTTP Header GET structure || url,krebsonsecurity.com/2010/10/spyeye-v-zeus-rivalry-ends-in-quiet-merger/ || url,www.symantec.com/connect/blogs/spyeye-bot-versus-zeus-bot
        2011860 || ET WEB_SPECIFIC_APPS Oracle Fusion Middleware BPEL Console Cross Site Scripting || cve,2010-3581 || bid,43954
        2011861 || ET CURRENT_EVENTS Bredolab CnC URL Detected || url,blog.fireeye.com/.a/6a00d835018afd53ef013488839529970c-pi
        2011862 || ET TROJAN Feodo Banking Trojan Account Details Post || url,blog.fireeye.com/research/2010/10/feodosoff-a-new-botnet-on-the-rise.html#more
        2011863 || ET TROJAN Feodo Banking Trojan Receiving Configuration File || url,blog.fireeye.com/research/2010/10/feodosoff-a-new-botnet-on-the-rise.html
        2011864 || ET WEB_CLIENT Possible Oracle Java APPLET Tag Children Property Memory Corruption Attempt || url,www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html || url,code.google.com/p/skylined/issues/detail?id=18
        2011865 || ET WEB_CLIENT Embedded Executable File in PDF - This Program Cannot Be Run in DOS Mode
        2011866 || ET WEB_CLIENT Suspicious Embedded Shockwave Flash In PDF
        2011867 || ET ACTIVEX Trend Micro Internet Security Pro 2010 ActiveX extSetOwner Remote Code Execution Attempt || url,www.exploit-db.com/trend-micro-internet-security-pro-2010-activex-extsetowner-remote-code-execution/
        2011868 || ET WEB_CLIENT Possible Javascript obfuscation using app.setTimeOut in PDF in Order to Run Code || url,www.vicheck.ca/md5query.php?hash=6932d141916cd95e3acaa3952c7596e4 || url,www.h-online.com/security/features/CSI-Internet-PDF-timebomb-1038864.html?page=4
        2011869 || ET ACTIVEX Softek Barcode Reader Toolkit ActiveX Control Buffer Overflow Attempt || url,exploit-db.com/exploits/15071
        2011870 || ET ACTIVEX Softek Barcode Reader Toolkit ActiveX Control Format String Function Call || url,exploit-db.com/exploits/15071/
        2011871 || ET POLICY SubmitToTDWTF.asmx DailyWTF Potential Source Code Leakage || url,code.google.com/p/submittotdwtf/source/browse/trunk/ || url,thedailywtf.com/Articles/Submit-WTF-Code-Directly-From-Your-IDE.aspx
        2011872 || ET USER_AGENTS Suspicious Gbot UA Detected
        2011873 || ET CURRENT_EVENTS Suspicious HTTP GET to JPG with query string
        2011874 || ET POLICY NSPlayer User-Agent Windows Media Player streaming detected || url,msdn.microsoft.com/en-us/library/cc234851
        2011875 || ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter SELECT FROM SQL Injection Attempt || url,exploit-db.com/exploits/15309/
        2011876 || ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter DELETE FROM SQL Injection Attempt || url,exploit-db.com/exploits/15309/
        2011877 || ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter UNION SELECT SQL Injection Attempt || url,exploit-db.com/exploits/15309/
        2011878 || ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter INSERT INTO SQL Injection Attempt || url,exploit-db.com/exploits/15309/
        2011879 || ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter UPDATE SET SQL Injection Attempt || url,exploit-db.com/exploits/15309/
        2011880 || ET WEB_SPECIFIC_APPS phpBazar picturelib.php Remote File inclusion Attempt || url,exploit-db.com/exploits/12855/ || cve,CVE-2010-2315
        2011881 || ET WEB_SPECIFIC_APPS Open Web Analytics mw_plugin.php IP Parameter Remote File inclusion Attempt || url,exploit-db.com/exploits/11903/
        2011882 || ET WEB_SPECIFIC_APPS Open Web Analytics owa_action Parameter Local File inclusion Attempt || url,exploit-db.com/exploits/11903/
        2011883 || ET WEB_SPECIFIC_APPS Open Web Analytics owa_do Parameter Local File inclusion Attempt || url,exploit-db.com/exploits/11903/
        2011884 || ET WEB_SPECIFIC_APPS iGaming CMS loadplugin.php load Parameter Local File inclusion Attempt || url,packetstormsecurity.org/1010-exploits/igamingcms-lfi.txt
        2500538 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (270) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500539 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (270) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500540 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (271) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500541 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (271) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500542 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (272) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500543 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (272) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500544 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (273) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500545 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (273) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500546 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (274) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500547 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (274) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510538 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (270) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510539 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (270) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510540 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (271) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510541 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (271) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510542 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (272) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510543 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (272) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510544 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (273) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510545 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (273) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510546 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (274) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510547 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (274) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts

[---]     Removed non-rule lines:    [---]

     -> Removed from emerging-drop-BLOCK.rules (2):
        #  VERSION 2067
        #  Generated 2010-10-23 00:03:02 EDT

     -> Removed from emerging-drop.rules (2):
        #  VERSION 2067
        #  Generated 2010-10-23 00:03:02 EDT

     -> Removed from emerging.conf (37):
        var SSH_PORTS 22
        include $RULE_PATH/emerging-ftp.rules
        include $RULE_PATH/emerging-policy.rules
        include $RULE_PATH/emerging-trojan.rules
        include $RULE_PATH/emerging-games.rules
        include $RULE_PATH/emerging-pop3.rules
        include $RULE_PATH/emerging-user_agents.rules
        #include $RULE_PATH/emerging-activex.rules
        include $RULE_PATH/emerging-rpc.rules
        include $RULE_PATH/emerging-virus.rules
        include $RULE_PATH/emerging-attack_response.rules
        include $RULE_PATH/emerging-icmp.rules
        include $RULE_PATH/emerging-scan.rules
        include $RULE_PATH/emerging-voip.rules
        include $RULE_PATH/emerging-chat.rules
        #include $RULE_PATH/emerging-icmp_info.rules
        #include $RULE_PATH/emerging-shellcode.rules
        #include $RULE_PATH/emerging-web_client.rules
        include $RULE_PATH/emerging-imap.rules
        include $RULE_PATH/emerging-web_server.rules
        include $RULE_PATH/emerging-current_events.rules
        #include $RULE_PATH/emerging-inappropriate.rules
        include $RULE_PATH/emerging-smtp.rules
        #include $RULE_PATH/emerging-web_specific_apps.rules
        #include $RULE_PATH/emerging-deleted.rules
        include $RULE_PATH/emerging-malware.rules
        include $RULE_PATH/emerging-snmp.rules
        include $RULE_PATH/emerging-worm.rules
        include $RULE_PATH/emerging-dns.rules
        include $RULE_PATH/emerging-misc.rules
        include $RULE_PATH/emerging-sql.rules
        include $RULE_PATH/emerging-dos.rules
        include $RULE_PATH/emerging-netbios.rules
        include $RULE_PATH/emerging-telnet.rules
        include $RULE_PATH/emerging-exploit.rules
        include $RULE_PATH/emerging-p2p.rules
        include $RULE_PATH/emerging-tftp.rules

     -> Removed from sid-msg.map (17):
        2011827 || ET TROJAN Zeus related malware dropper reporting in
        2404298 || ET DROP Known Bot C&C Server Traffic TCP (group 150)  || url,www.shadowserver.org
        2404299 || ET DROP Known Bot C&C Server Traffic UDP (group 150)  || url,www.shadowserver.org
        2404300 || ET DROP Known Bot C&C Server Traffic TCP (group 151)  || url,www.shadowserver.org
        2404301 || ET DROP Known Bot C&C Server Traffic UDP (group 151)  || url,www.shadowserver.org
        2404302 || ET DROP Known Bot C&C Server Traffic TCP (group 152)  || url,www.shadowserver.org
        2404303 || ET DROP Known Bot C&C Server Traffic UDP (group 152)  || url,www.shadowserver.org
        2404304 || ET DROP Known Bot C&C Server Traffic TCP (group 153)  || url,www.shadowserver.org
        2404305 || ET DROP Known Bot C&C Server Traffic UDP (group 153)  || url,www.shadowserver.org
        2405298 || ET DROP Known Bot C&C Traffic TCP (group 150) - BLOCKING SOURCE || url,www.shadowserver.org
        2405299 || ET DROP Known Bot C&C Traffic UDP (group 150) - BLOCKING SOURCE || url,www.shadowserver.org
        2405300 || ET DROP Known Bot C&C Traffic TCP (group 151) - BLOCKING SOURCE || url,www.shadowserver.org
        2405301 || ET DROP Known Bot C&C Traffic UDP (group 151) - BLOCKING SOURCE || url,www.shadowserver.org
        2405302 || ET DROP Known Bot C&C Traffic TCP (group 152) - BLOCKING SOURCE || url,www.shadowserver.org
        2405303 || ET DROP Known Bot C&C Traffic UDP (group 152) - BLOCKING SOURCE || url,www.shadowserver.org
        2405304 || ET DROP Known Bot C&C Traffic TCP (group 153) - BLOCKING SOURCE || url,www.shadowserver.org
        2405305 || ET DROP Known Bot C&C Traffic UDP (group 153) - BLOCKING SOURCE || url,www.shadowserver.org

*********************** snort-2.8.6 open-nogpl ***********************

[***] Results from Oinkmaster started Sat Oct 30 16:01:31 2010 [***]

[+++]          Added rules:          [+++]

 2011828 - ETPRO WEB_SPECIFIC_APPS 724CMS section.php Module Parameter Local File inclusion Attempt (emerging-web_specific_apps.rules)
 2011829 - ETPRO WEB_SPECIFIC_APPS MyOWNspace getfeed.php file Parameter Local File Inclusion Attempt(1) (emerging-web_specific_apps.rules)
 2011830 - ETPRO WEB_SPECIFIC_APPS MyOWNspace getfeed.php file Parameter Local File Inclusion Attempt(2) (emerging-web_specific_apps.rules)
 2011831 - ETPRO WEB_SPECIFIC_APPS CMS Board site_path Parameter Remote File Inclusion Attempt (emerging-web_specific_apps.rules)
 2011832 - ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter SELECT FROM SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011833 - ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter DELETE FROM SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011834 - ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter UNION SELECT SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011835 - ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter UPDATE SET SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011836 - ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter INSERT INTO SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011837 - ETPRO WEB_SPECIFIC_APPS A6MamboHelpDesk Admin.a6mambohelpdesk.php Remote File inclusion Attempt (emerging-web_specific_apps.rules)
 2011838 - ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter SELECT FROM SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011839 - ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter DELETE FROM SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011840 - ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter UNION SELECT SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011841 - ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter UPDATE SET SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011842 - ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter INSERT INTO SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011843 - ETPRO WEB_SPECIFIC_APPS BaconMap updatelist.php filepath Local File Inclusion Attempt (emerging-web_specific_apps.rules)
 2011844 - ETPRO WEB_SPECIFIC_APPS Joomla com_rwcards mosConfig_absolute_path Remote File Inclusion Attempt (emerging-web_specific_apps.rules)
 2011845 - ETPRO WEB_SPECIFIC_APPS Lantern CMS intPassedLocationID Parameter Cross Site Scripting Attempt (emerging-web_specific_apps.rules)
 2011846 - ETPRO WEB_SPECIFIC_APPS OrangeHRM uri Parameter Local File Inclusion Attempt (emerging-web_specific_apps.rules)
 2011847 - ETPRO WEB_SPECIFIC_APPS Joomla com_jomestate Parameter Remote File Inclusion Attempt (emerging-web_specific_apps.rules)
 2011848 - ET TROJAN Win32/Comotor.A!dll Reporting 1 (emerging-trojan.rules)
 2011849 - ET TROJAN Win32/Comotor.A!dll Reporting 2 (emerging-trojan.rules)
 2011850 - ET TROJAN Carberp file download (emerging-trojan.rules)
 2011851 - ET TROJAN Carberp CnC request - POST id=imp (emerging-trojan.rules)
 2011852 - ET WEB_SPECIFIC_APPS W-Agora search.php bn Parameter Cross Site Scripting Attempt (emerging-web_specific_apps.rules)
 2011853 - ET WEB_SPECIFIC_APPS W-Agora search.php bn Parameter Local File Inclusion Attempt (emerging-web_specific_apps.rules)
 2011854 - ET POLICY Java JAR file download (emerging-policy.rules)
 2011855 - ET POLICY Java JAR Download Attempt (emerging-policy.rules)
 2011856 - ET MALWARE HTML.Psyme.Gen Reporting (emerging-malware.rules)
 2011857 - ET TROJAN SpyEye C&C Check-in URI (emerging-trojan.rules)
 2011858 - ET TROJAN SpyEye style HTTP Header GET structure (emerging-trojan.rules)
 2011860 - ET WEB_SPECIFIC_APPS Oracle Fusion Middleware BPEL Console Cross Site Scripting (emerging-web_specific_apps.rules)
 2011861 - ET CURRENT_EVENTS Bredolab CnC URL Detected (emerging-current_events.rules)
 2011862 - ET TROJAN Feodo Banking Trojan Account Details Post (emerging-trojan.rules)
 2011863 - ET TROJAN Feodo Banking Trojan Receiving Configuration File (emerging-trojan.rules)
 2011864 - ET WEB_CLIENT Possible Oracle Java APPLET Tag Children Property Memory Corruption Attempt (emerging-web_client.rules)
 2011865 - ET WEB_CLIENT Embedded Executable File in PDF - This Program Cannot Be Run in DOS Mode (emerging-web_client.rules)
 2011866 - ET WEB_CLIENT Suspicious Embedded Shockwave Flash In PDF (emerging-web_client.rules)
 2011867 - ET ACTIVEX Trend Micro Internet Security Pro 2010 ActiveX extSetOwner Remote Code Execution Attempt (emerging-activex.rules)
 2011868 - ET WEB_CLIENT Possible Javascript obfuscation using app.setTimeOut in PDF in Order to Run Code (emerging-web_client.rules)
 2011869 - ET ACTIVEX Softek Barcode Reader Toolkit ActiveX Control Buffer Overflow Attempt (emerging-activex.rules)
 2011870 - ET ACTIVEX Softek Barcode Reader Toolkit ActiveX Control Format String Function Call (emerging-activex.rules)
 2011871 - ET POLICY SubmitToTDWTF.asmx DailyWTF Potential Source Code Leakage (emerging-policy.rules)
 2011872 - ET USER_AGENTS Suspicious Gbot UA Detected (emerging-user_agents.rules)
 2011873 - ET CURRENT_EVENTS Suspicious HTTP GET to JPG with query string (emerging-current_events.rules)
 2011874 - ET POLICY NSPlayer User-Agent Windows Media Player streaming detected (emerging-policy.rules)
 2011875 - ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter SELECT FROM SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011876 - ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter DELETE FROM SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011877 - ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter UNION SELECT SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011878 - ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter INSERT INTO SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011879 - ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter UPDATE SET SQL Injection Attempt (emerging-web_specific_apps.rules)
 2011880 - ET WEB_SPECIFIC_APPS phpBazar picturelib.php Remote File inclusion Attempt (emerging-web_specific_apps.rules)
 2011881 - ET WEB_SPECIFIC_APPS Open Web Analytics mw_plugin.php IP Parameter Remote File inclusion Attempt (emerging-web_specific_apps.rules)
 2011882 - ET WEB_SPECIFIC_APPS Open Web Analytics owa_action Parameter Local File inclusion Attempt (emerging-web_specific_apps.rules)
 2011883 - ET WEB_SPECIFIC_APPS Open Web Analytics owa_do Parameter Local File inclusion Attempt (emerging-web_specific_apps.rules)
 2011884 - ET WEB_SPECIFIC_APPS iGaming CMS loadplugin.php load Parameter Local File inclusion Attempt (emerging-web_specific_apps.rules)


[///]     Modified active rules:     [///]

 2001901 - ET TROJAN Possible Bobax trojan infection (emerging-trojan.rules)
 2002995 - ET SCAN Rapid IMAPS Connections - Possible Brute Force Attack (emerging-scan.rules)
 2003085 - ET WEB_SPECIFIC_APPS TWiki Configure Script TYPEOF Remote Command Execution Attempt (emerging-web_specific_apps.rules)
 2003182 - ET TROJAN Prg Trojan v0.1-v0.3 Data Upload (emerging-trojan.rules)
 2003190 - ET TROJAN Win32.Lager Trojan Reporting Spam (emerging-trojan.rules)
 2003679 - ET WEB_SPECIFIC_APPS DynamicPAD Remote Inclusion Attempt -- dp_logs.php HomeDir (emerging-web_specific_apps.rules)
 2003682 - ET WEB_SPECIFIC_APPS E-Gads Remote Inclusion Attempt -- common.php locale (emerging-web_specific_apps.rules)
 2003770 - ET WEB_SPECIFIC_APPS E-Annu SQL Injection Attempt -- home.php a SELECT (emerging-web_specific_apps.rules)
 2003771 - ET WEB_SPECIFIC_APPS E-Annu SQL Injection Attempt -- home.php a UNION SELECT (emerging-web_specific_apps.rules)
 2003772 - ET WEB_SPECIFIC_APPS E-Annu SQL Injection Attempt -- home.php a INSERT (emerging-web_specific_apps.rules)
 2003773 - ET WEB_SPECIFIC_APPS E-Annu SQL Injection Attempt -- home.php a DELETE (emerging-web_specific_apps.rules)
 2003774 - ET WEB_SPECIFIC_APPS E-Annu SQL Injection Attempt -- home.php a ASCII (emerging-web_specific_apps.rules)
 2003775 - ET WEB_SPECIFIC_APPS E-Annu SQL Injection Attempt -- home.php a UPDATE (emerging-web_specific_apps.rules)
 2003876 - ET WEB_SPECIFIC_APPS EQdkp XSS Attempt -- listmembers.php show (emerging-web_specific_apps.rules)
 2003877 - ET WEB_SPECIFIC_APPS EQdkp XSS Attempt -- stats.php show (emerging-web_specific_apps.rules)
 2003920 - ET WEB_SPECIFIC_APPS DVDdb XSS Attempt -- loan.php movieid (emerging-web_specific_apps.rules)
 2003921 - ET WEB_SPECIFIC_APPS DVDdb XSS Attempt -- listmovies.php s (emerging-web_specific_apps.rules)
 2003924 - ET SCAN WebHack Control Center User-Agent Inbound (WHCC/) (emerging-scan.rules)
 2004047 - ET WEB_SPECIFIC_APPS Dokeos SQL Injection Attempt -- courseLog.php scormcontopen SELECT (emerging-web_specific_apps.rules)
 2004048 - ET WEB_SPECIFIC_APPS Dokeos SQL Injection Attempt -- courseLog.php scormcontopen UNION SELECT (emerging-web_specific_apps.rules)
 2004049 - ET WEB_SPECIFIC_APPS Dokeos SQL Injection Attempt -- courseLog.php scormcontopen INSERT (emerging-web_specific_apps.rules)
 2004050 - ET WEB_SPECIFIC_APPS Dokeos SQL Injection Attempt -- courseLog.php scormcontopen DELETE (emerging-web_specific_apps.rules)
 2004051 - ET WEB_SPECIFIC_APPS Dokeos SQL Injection Attempt -- courseLog.php scormcontopen ASCII (emerging-web_specific_apps.rules)
 2004052 - ET WEB_SPECIFIC_APPS Dokeos SQL Injection Attempt -- courseLog.php scormcontopen UPDATE (emerging-web_specific_apps.rules)
 2004065 - ET WEB_SPECIFIC_APPS Dokeos SQL Injection Attempt -- my_progress.php course SELECT (emerging-web_specific_apps.rules)
 2004066 - ET WEB_SPECIFIC_APPS Dokeos SQL Injection Attempt -- my_progress.php course UNION SELECT (emerging-web_specific_apps.rules)
 2004067 - ET WEB_SPECIFIC_APPS Dokeos SQL Injection Attempt -- my_progress.php course INSERT (emerging-web_specific_apps.rules)
 2004068 - ET WEB_SPECIFIC_APPS Dokeos SQL Injection Attempt -- my_progress.php course DELETE (emerging-web_specific_apps.rules)
 2004069 - ET WEB_SPECIFIC_APPS Dokeos SQL Injection Attempt -- my_progress.php course ASCII (emerging-web_specific_apps.rules)
 2004070 - ET WEB_SPECIFIC_APPS Dokeos SQL Injection Attempt -- my_progress.php course UPDATE (emerging-web_specific_apps.rules)
 2004385 - ET WEB_SPECIFIC_APPS fystyq Duyuru Scripti SQL Injection Attempt -- goster.asp id SELECT (emerging-web_specific_apps.rules)
 2004386 - ET WEB_SPECIFIC_APPS fystyq Duyuru Scripti SQL Injection Attempt -- goster.asp id UNION SELECT (emerging-web_specific_apps.rules)
 2004387 - ET WEB_SPECIFIC_APPS fystyq Duyuru Scripti SQL Injection Attempt -- goster.asp id INSERT (emerging-web_specific_apps.rules)
 2004388 - ET WEB_SPECIFIC_APPS fystyq Duyuru Scripti SQL Injection Attempt -- goster.asp id DELETE (emerging-web_specific_apps.rules)
 2004389 - ET WEB_SPECIFIC_APPS fystyq Duyuru Scripti SQL Injection Attempt -- goster.asp id ASCII (emerging-web_specific_apps.rules)
 2004390 - ET WEB_SPECIFIC_APPS fystyq Duyuru Scripti SQL Injection Attempt -- goster.asp id UPDATE (emerging-web_specific_apps.rules)
 2004593 - ET WEB_SPECIFIC_APPS Dokeos XSS Attempt -- editor.php img (emerging-web_specific_apps.rules)
 2004595 - ET WEB_SPECIFIC_APPS Digirez XSS Attempt -- info_book.asp Room_name (emerging-web_specific_apps.rules)
 2004596 - ET WEB_SPECIFIC_APPS Digirez XSS Attempt -- week.asp curYear (emerging-web_specific_apps.rules)
 2004624 - ET WEB_SPECIFIC_APPS EQdkp SQL Injection Attempt -- listmembers.php rank SELECT (emerging-web_specific_apps.rules)
 2004625 - ET WEB_SPECIFIC_APPS EQdkp SQL Injection Attempt -- listmembers.php rank UNION SELECT (emerging-web_specific_apps.rules)
 2004626 - ET WEB_SPECIFIC_APPS EQdkp SQL Injection Attempt -- listmembers.php rank INSERT (emerging-web_specific_apps.rules)
 2004627 - ET WEB_SPECIFIC_APPS EQdkp SQL Injection Attempt -- listmembers.php rank DELETE (emerging-web_specific_apps.rules)
 2004628 - ET WEB_SPECIFIC_APPS EQdkp SQL Injection Attempt -- listmembers.php rank ASCII (emerging-web_specific_apps.rules)
 2004629 - ET WEB_SPECIFIC_APPS EQdkp SQL Injection Attempt -- listmembers.php rank UPDATE (emerging-web_specific_apps.rules)
 2004834 - ET WEB_SPECIFIC_APPS Design4Online UserPages2 SQL Injection Attempt -- page.asp art_id SELECT (emerging-web_specific_apps.rules)
 2004835 - ET WEB_SPECIFIC_APPS Design4Online UserPages2 SQL Injection Attempt -- page.asp art_id UNION SELECT (emerging-web_specific_apps.rules)
 2004836 - ET WEB_SPECIFIC_APPS Design4Online UserPages2 SQL Injection Attempt -- page.asp art_id INSERT (emerging-web_specific_apps.rules)
 2004837 - ET WEB_SPECIFIC_APPS Design4Online UserPages2 SQL Injection Attempt -- page.asp art_id DELETE (emerging-web_specific_apps.rules)
 2004838 - ET WEB_SPECIFIC_APPS Design4Online UserPages2 SQL Injection Attempt -- page.asp art_id ASCII (emerging-web_specific_apps.rules)
 2004839 - ET WEB_SPECIFIC_APPS Design4Online UserPages2 SQL Injection Attempt -- page.asp art_id UPDATE (emerging-web_specific_apps.rules)
 2005039 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- add_comment.php i SELECT (emerging-web_specific_apps.rules)
 2005040 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- add_comment.php i UNION SELECT (emerging-web_specific_apps.rules)
 2005041 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- add_comment.php i INSERT (emerging-web_specific_apps.rules)
 2005042 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- add_comment.php i DELETE (emerging-web_specific_apps.rules)
 2005043 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- add_comment.php i ASCII (emerging-web_specific_apps.rules)
 2005044 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- add_comment.php post_id SELECT (emerging-web_specific_apps.rules)
 2005045 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- add_comment.php i UPDATE (emerging-web_specific_apps.rules)
 2005046 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- add_comment.php post_id UNION SELECT (emerging-web_specific_apps.rules)
 2005047 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- add_comment.php post_id INSERT (emerging-web_specific_apps.rules)
 2005048 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- add_comment.php post_id DELETE (emerging-web_specific_apps.rules)
 2005049 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- add_comment.php post_id ASCII (emerging-web_specific_apps.rules)
 2005050 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- add_comment.php post_id UPDATE (emerging-web_specific_apps.rules)
 2005051 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- list_comments.php i SELECT (emerging-web_specific_apps.rules)
 2005052 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- list_comments.php i UNION SELECT (emerging-web_specific_apps.rules)
 2005053 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- list_comments.php i INSERT (emerging-web_specific_apps.rules)
 2005054 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- list_comments.php i DELETE (emerging-web_specific_apps.rules)
 2005055 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- list_comments.php i ASCII (emerging-web_specific_apps.rules)
 2005056 - ET WEB_SPECIFIC_APPS EasyMoblog SQL Injection Attempt -- list_comments.php i UPDATE (emerging-web_specific_apps.rules)
 2005268 - ET WEB_SPECIFIC_APPS Easebay Resources Paypal Subscription Manager SQL Injection Attempt -- memberlist.php keyword SELECT (emerging-web_specific_apps.rules)
 2005269 - ET WEB_SPECIFIC_APPS Easebay Resources Paypal Subscription Manager SQL Injection Attempt -- memberlist.php keyword UNION SELECT (emerging-web_specific_apps.rules)
 2005270 - ET WEB_SPECIFIC_APPS Easebay Resources Paypal Subscription Manager SQL Injection Attempt -- memberlist.php keyword INSERT (emerging-web_specific_apps.rules)
 2005271 - ET WEB_SPECIFIC_APPS Easebay Resources Paypal Subscription Manager SQL Injection Attempt -- memberlist.php keyword DELETE (emerging-web_specific_apps.rules)
 2005272 - ET WEB_SPECIFIC_APPS Easebay Resources Paypal Subscription Manager SQL Injection Attempt -- memberlist.php keyword ASCII (emerging-web_specific_apps.rules)
 2005273 - ET WEB_SPECIFIC_APPS Easebay Resources Paypal Subscription Manager SQL Injection Attempt -- memberlist.php keyword UPDATE (emerging-web_specific_apps.rules)
 2005274 - ET WEB_SPECIFIC_APPS Easebay Resources Login Manager SQL Injection Attempt -- memberlist.php init_row SELECT (emerging-web_specific_apps.rules)
 2005275 - ET WEB_SPECIFIC_APPS Easebay Resources Login Manager SQL Injection Attempt -- memberlist.php init_row UNION SELECT (emerging-web_specific_apps.rules)
 2005276 - ET WEB_SPECIFIC_APPS Easebay Resources Login Manager SQL Injection Attempt -- memberlist.php init_row INSERT (emerging-web_specific_apps.rules)
 2005277 - ET WEB_SPECIFIC_APPS Easebay Resources Login Manager SQL Injection Attempt -- memberlist.php init_row DELETE (emerging-web_specific_apps.rules)
 2005278 - ET WEB_SPECIFIC_APPS Easebay Resources Login Manager SQL Injection Attempt -- memberlist.php init_row ASCII (emerging-web_specific_apps.rules)
 2005279 - ET WEB_SPECIFIC_APPS Easebay Resources Login Manager SQL Injection Attempt -- memberlist.php init_row UPDATE (emerging-web_specific_apps.rules)
 2005591 - ET WEB_SPECIFIC_APPS Digiappz DigiAffiliate SQL Injection Attempt -- visu_user.asp id SELECT (emerging-web_specific_apps.rules)
 2005592 - ET WEB_SPECIFIC_APPS Digiappz DigiAffiliate SQL Injection Attempt -- visu_user.asp id UNION SELECT (emerging-web_specific_apps.rules)
 2005593 - ET WEB_SPECIFIC_APPS Digiappz DigiAffiliate SQL Injection Attempt -- visu_user.asp id INSERT (emerging-web_specific_apps.rules)
 2005594 - ET WEB_SPECIFIC_APPS Digiappz DigiAffiliate SQL Injection Attempt -- visu_user.asp id DELETE (emerging-web_specific_apps.rules)
 2005595 - ET WEB_SPECIFIC_APPS Digiappz DigiAffiliate SQL Injection Attempt -- visu_user.asp id ASCII (emerging-web_specific_apps.rules)
 2005596 - ET WEB_SPECIFIC_APPS Digiappz DigiAffiliate SQL Injection Attempt -- visu_user.asp id UPDATE (emerging-web_specific_apps.rules)
 2005835 - ET WEB_SPECIFIC_APPS Digirez SQL Injection Attempt -- info_book.asp book_id SELECT (emerging-web_specific_apps.rules)
 2005836 - ET WEB_SPECIFIC_APPS Digirez SQL Injection Attempt -- info_book.asp book_id UNION SELECT (emerging-web_specific_apps.rules)
 2005837 - ET WEB_SPECIFIC_APPS Digirez SQL Injection Attempt -- info_book.asp book_id INSERT (emerging-web_specific_apps.rules)
 2005838 - ET WEB_SPECIFIC_APPS Digirez SQL Injection Attempt -- info_book.asp book_id DELETE (emerging-web_specific_apps.rules)
 2005839 - ET WEB_SPECIFIC_APPS Digirez SQL Injection Attempt -- info_book.asp book_id ASCII (emerging-web_specific_apps.rules)
 2005840 - ET WEB_SPECIFIC_APPS Digirez SQL Injection Attempt -- info_book.asp book_id UPDATE (emerging-web_specific_apps.rules)
 2005895 - ET WEB_SPECIFIC_APPS Digitizing Quote And Ordering System SQL Injection Attempt -- search.asp ordernum SELECT (emerging-web_specific_apps.rules)
 2005896 - ET WEB_SPECIFIC_APPS Digitizing Quote And Ordering System SQL Injection Attempt -- search.asp ordernum UNION SELECT (emerging-web_specific_apps.rules)
 2005897 - ET WEB_SPECIFIC_APPS Digitizing Quote And Ordering System SQL Injection Attempt -- search.asp ordernum INSERT (emerging-web_specific_apps.rules)
 2005898 - ET WEB_SPECIFIC_APPS Digitizing Quote And Ordering System SQL Injection Attempt -- search.asp ordernum DELETE (emerging-web_specific_apps.rules)
 2005899 - ET WEB_SPECIFIC_APPS Digitizing Quote And Ordering System SQL Injection Attempt -- search.asp ordernum ASCII (emerging-web_specific_apps.rules)
 2005900 - ET WEB_SPECIFIC_APPS Digitizing Quote And Ordering System SQL Injection Attempt -- search.asp ordernum UPDATE (emerging-web_specific_apps.rules)
 2005985 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- admin.asp grup SELECT (emerging-web_specific_apps.rules)
 2005986 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- admin.asp grup UNION SELECT (emerging-web_specific_apps.rules)
 2005987 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- admin.asp grup INSERT (emerging-web_specific_apps.rules)
 2005988 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- admin.asp grup DELETE (emerging-web_specific_apps.rules)
 2005989 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- admin.asp grup ASCII (emerging-web_specific_apps.rules)
 2005990 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- admin.asp grup UPDATE (emerging-web_specific_apps.rules)
 2005991 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- default.asp id SELECT (emerging-web_specific_apps.rules)
 2005992 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- default.asp id UNION SELECT (emerging-web_specific_apps.rules)
 2005993 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- default.asp id INSERT (emerging-web_specific_apps.rules)
 2005994 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- default.asp id DELETE (emerging-web_specific_apps.rules)
 2005995 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- default.asp id ASCII (emerging-web_specific_apps.rules)
 2005996 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- default.asp id UPDATE (emerging-web_specific_apps.rules)
 2005997 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- admin.asp id SELECT (emerging-web_specific_apps.rules)
 2005998 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- admin.asp id UNION SELECT (emerging-web_specific_apps.rules)
 2005999 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- admin.asp id INSERT (emerging-web_specific_apps.rules)
 2006000 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- admin.asp id DELETE (emerging-web_specific_apps.rules)
 2006001 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- admin.asp id ASCII (emerging-web_specific_apps.rules)
 2006002 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- admin.asp id UPDATE (emerging-web_specific_apps.rules)
 2006135 - ET WEB_SPECIFIC_APPS Enthrallweb eMates SQL Injection Attempt -- newsdetail.asp ID SELECT (emerging-web_specific_apps.rules)
 2006136 - ET WEB_SPECIFIC_APPS Enthrallweb eMates SQL Injection Attempt -- newsdetail.asp ID UNION SELECT (emerging-web_specific_apps.rules)
 2006137 - ET WEB_SPECIFIC_APPS Enthrallweb eMates SQL Injection Attempt -- newsdetail.asp ID INSERT (emerging-web_specific_apps.rules)
 2006138 - ET WEB_SPECIFIC_APPS Enthrallweb eMates SQL Injection Attempt -- newsdetail.asp ID DELETE (emerging-web_specific_apps.rules)
 2006139 - ET WEB_SPECIFIC_APPS Enthrallweb eMates SQL Injection Attempt -- newsdetail.asp ID ASCII (emerging-web_specific_apps.rules)
 2006140 - ET WEB_SPECIFIC_APPS Enthrallweb eMates SQL Injection Attempt -- newsdetail.asp ID UPDATE (emerging-web_specific_apps.rules)
 2006141 - ET WEB_SPECIFIC_APPS Dragon Business Directory SQL Injection Attempt -- bus_details.asp ID SELECT (emerging-web_specific_apps.rules)
 2006142 - ET WEB_SPECIFIC_APPS Dragon Business Directory SQL Injection Attempt -- bus_details.asp ID UNION SELECT (emerging-web_specific_apps.rules)
 2006143 - ET WEB_SPECIFIC_APPS Dragon Business Directory SQL Injection Attempt -- bus_details.asp ID INSERT (emerging-web_specific_apps.rules)
 2006144 - ET WEB_SPECIFIC_APPS Dragon Business Directory SQL Injection Attempt -- bus_details.asp ID DELETE (emerging-web_specific_apps.rules)
 2006145 - ET WEB_SPECIFIC_APPS Dragon Business Directory SQL Injection Attempt -- bus_details.asp ID ASCII (emerging-web_specific_apps.rules)
 2006146 - ET WEB_SPECIFIC_APPS Dragon Business Directory SQL Injection Attempt -- bus_details.asp ID UPDATE (emerging-web_specific_apps.rules)
 2006147 - ET WEB_SPECIFIC_APPS Enthrallweb eCars SQL Injection Attempt -- Types.asp Type_id SELECT (emerging-web_specific_apps.rules)
 2006148 - ET WEB_SPECIFIC_APPS Enthrallweb eCars SQL Injection Attempt -- Types.asp Type_id UNION SELECT (emerging-web_specific_apps.rules)
 2006149 - ET WEB_SPECIFIC_APPS Enthrallweb eCars SQL Injection Attempt -- Types.asp Type_id INSERT (emerging-web_specific_apps.rules)
 2006150 - ET WEB_SPECIFIC_APPS Enthrallweb eCars SQL Injection Attempt -- Types.asp Type_id DELETE (emerging-web_specific_apps.rules)
 2006151 - ET WEB_SPECIFIC_APPS Enthrallweb eCars SQL Injection Attempt -- Types.asp Type_id ASCII (emerging-web_specific_apps.rules)
 2006152 - ET WEB_SPECIFIC_APPS Enthrallweb eCars SQL Injection Attempt -- Types.asp Type_id UPDATE (emerging-web_specific_apps.rules)
 2006153 - ET WEB_SPECIFIC_APPS Enthrallweb ePages SQL Injection Attempt -- actualpic.asp Biz_ID SELECT (emerging-web_specific_apps.rules)
 2006154 - ET WEB_SPECIFIC_APPS Enthrallweb ePages SQL Injection Attempt -- actualpic.asp Biz_ID UNION SELECT (emerging-web_specific_apps.rules)
 2006155 - ET WEB_SPECIFIC_APPS Enthrallweb ePages SQL Injection Attempt -- actualpic.asp Biz_ID INSERT (emerging-web_specific_apps.rules)
 2006156 - ET WEB_SPECIFIC_APPS Enthrallweb ePages SQL Injection Attempt -- actualpic.asp Biz_ID DELETE (emerging-web_specific_apps.rules)
 2006157 - ET WEB_SPECIFIC_APPS Enthrallweb ePages SQL Injection Attempt -- actualpic.asp Biz_ID ASCII (emerging-web_specific_apps.rules)
 2006158 - ET WEB_SPECIFIC_APPS Enthrallweb ePages SQL Injection Attempt -- actualpic.asp Biz_ID UPDATE (emerging-web_specific_apps.rules)
 2006159 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- default.asp grup SELECT (emerging-web_specific_apps.rules)
 2006160 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- default.asp grup UNION SELECT (emerging-web_specific_apps.rules)
 2006161 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- default.asp grup INSERT (emerging-web_specific_apps.rules)
 2006162 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- default.asp grup DELETE (emerging-web_specific_apps.rules)
 2006163 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- default.asp grup ASCII (emerging-web_specific_apps.rules)
 2006164 - ET WEB_SPECIFIC_APPS Efkan Forum SQL Injection Attempt -- default.asp grup UPDATE (emerging-web_specific_apps.rules)
 2006449 - ET WEB_SPECIFIC_APPS Elxis CMS SQL Injection Attempt -- mod_banners.php SELECT (emerging-web_specific_apps.rules)
 2006450 - ET WEB_SPECIFIC_APPS Elxis CMS SQL Injection Attempt -- mod_banners.php UNION SELECT (emerging-web_specific_apps.rules)
 2006451 - ET WEB_SPECIFIC_APPS Elxis CMS SQL Injection Attempt -- mod_banners.php INSERT (emerging-web_specific_apps.rules)
 2006452 - ET WEB_SPECIFIC_APPS Elxis CMS SQL Injection Attempt -- mod_banners.php DELETE (emerging-web_specific_apps.rules)
 2006453 - ET WEB_SPECIFIC_APPS Elxis CMS SQL Injection Attempt -- mod_banners.php ASCII (emerging-web_specific_apps.rules)
 2006454 - ET WEB_SPECIFIC_APPS Elxis CMS SQL Injection Attempt -- mod_banners.php UPDATE (emerging-web_specific_apps.rules)
 2006554 - ET WEB_SPECIFIC_APPS EasyPage SQL Injection Attempt -- default.aspx docId SELECT (emerging-web_specific_apps.rules)
 2006555 - ET WEB_SPECIFIC_APPS EasyPage SQL Injection Attempt -- default.aspx docId UNION SELECT (emerging-web_specific_apps.rules)
 2006556 - ET WEB_SPECIFIC_APPS EasyPage SQL Injection Attempt -- default.aspx docId INSERT (emerging-web_specific_apps.rules)
 2006557 - ET WEB_SPECIFIC_APPS EasyPage SQL Injection Attempt -- default.aspx docId DELETE (emerging-web_specific_apps.rules)
 2006558 - ET WEB_SPECIFIC_APPS EasyPage SQL Injection Attempt -- default.aspx docId ASCII (emerging-web_specific_apps.rules)
 2006559 - ET WEB_SPECIFIC_APPS EasyPage SQL Injection Attempt -- default.aspx docId UPDATE (emerging-web_specific_apps.rules)
 2006687 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp iFile SELECT (emerging-web_specific_apps.rules)
 2006688 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp iFile UNION SELECT (emerging-web_specific_apps.rules)
 2006689 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp iFile INSERT (emerging-web_specific_apps.rules)
 2006690 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp iFile DELETE (emerging-web_specific_apps.rules)
 2006691 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp iFile ASCII (emerging-web_specific_apps.rules)
 2006692 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp iFile UPDATE (emerging-web_specific_apps.rules)
 2006694 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp action SELECT (emerging-web_specific_apps.rules)
 2006695 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp action UNION SELECT (emerging-web_specific_apps.rules)
 2006696 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp action INSERT (emerging-web_specific_apps.rules)
 2006697 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp action DELETE (emerging-web_specific_apps.rules)
 2006698 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp action ASCII (emerging-web_specific_apps.rules)
 2006699 - ET WEB_SPECIFIC_APPS DUware DUdownload SQL Injection Attempt -- detail.asp action UPDATE (emerging-web_specific_apps.rules)
 2006700 - ET WEB_SPECIFIC_APPS DUware DUpaypal SQL Injection Attempt -- detail.asp iType SELECT (emerging-web_specific_apps.rules)
 2006701 - ET WEB_SPECIFIC_APPS DUware DUpaypal SQL Injection Attempt -- detail.asp iType UNION SELECT (emerging-web_specific_apps.rules)
 2006702 - ET WEB_SPECIFIC_APPS DUware DUpaypal SQL Injection Attempt -- detail.asp iType INSERT (emerging-web_specific_apps.rules)
 2006703 - ET WEB_SPECIFIC_APPS DUware DUpaypal SQL Injection Attempt -- detail.asp iType DELETE (emerging-web_specific_apps.rules)
 2006704 - ET WEB_SPECIFIC_APPS DUware DUpaypal SQL Injection Attempt -- detail.asp iType ASCII (emerging-web_specific_apps.rules)
 2006705 - ET WEB_SPECIFIC_APPS DUware DUpaypal SQL Injection Attempt -- detail.asp iType UPDATE (emerging-web_specific_apps.rules)
 2006706 - ET WEB_SPECIFIC_APPS DuWare DuClassmate SQL Injection Attempt -- default.asp iCity SELECT (emerging-web_specific_apps.rules)
 2006707 - ET WEB_SPECIFIC_APPS DuWare DuClassmate SQL Injection Attempt -- default.asp iCity UNION SELECT (emerging-web_specific_apps.rules)
 2006708 - ET WEB_SPECIFIC_APPS DuWare DuClassmate SQL Injection Attempt -- default.asp iCity INSERT (emerging-web_specific_apps.rules)
 2006709 - ET WEB_SPECIFIC_APPS DuWare DuClassmate SQL Injection Attempt -- default.asp iCity DELETE (emerging-web_specific_apps.rules)
 2006710 - ET WEB_SPECIFIC_APPS DuWare DuClassmate SQL Injection Attempt -- default.asp iCity ASCII (emerging-web_specific_apps.rules)
 2006711 - ET WEB_SPECIFIC_APPS DuWare DuClassmate SQL Injection Attempt -- default.asp iCity UPDATE (emerging-web_specific_apps.rules)
 2006712 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews SELECT (emerging-web_specific_apps.rules)
 2006713 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews UNION SELECT (emerging-web_specific_apps.rules)
 2006714 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews INSERT (emerging-web_specific_apps.rules)
 2006715 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews DELETE (emerging-web_specific_apps.rules)
 2006716 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews ASCII (emerging-web_specific_apps.rules)
 2006717 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews UPDATE (emerging-web_specific_apps.rules)
 2006718 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iType SELECT (emerging-web_specific_apps.rules)
 2006719 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iType UNION SELECT (emerging-web_specific_apps.rules)
 2006720 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iType INSERT (emerging-web_specific_apps.rules)
 2006721 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iType DELETE (emerging-web_specific_apps.rules)
 2006722 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iType ASCII (emerging-web_specific_apps.rules)
 2006723 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iType UPDATE (emerging-web_specific_apps.rules)
 2006724 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp Action SELECT (emerging-web_specific_apps.rules)
 2006725 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp Action UNION SELECT (emerging-web_specific_apps.rules)
 2006726 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp Action INSERT (emerging-web_specific_apps.rules)
 2006727 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp Action DELETE (emerging-web_specific_apps.rules)
 2006728 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp Action ASCII (emerging-web_specific_apps.rules)
 2006729 - ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp Action UPDATE (emerging-web_specific_apps.rules)
 2007024 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp ad_id SELECT (emerging-web_specific_apps.rules)
 2007025 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp ad_id UNION SELECT (emerging-web_specific_apps.rules)
 2007026 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp ad_id INSERT (emerging-web_specific_apps.rules)
 2007027 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp ad_id DELETE (emerging-web_specific_apps.rules)
 2007028 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp ad_id ASCII (emerging-web_specific_apps.rules)
 2007029 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp ad_id UPDATE (emerging-web_specific_apps.rules)
 2007030 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dircat.asp cid SELECT (emerging-web_specific_apps.rules)
 2007031 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dircat.asp cid UNION SELECT (emerging-web_specific_apps.rules)
 2007032 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dircat.asp cid INSERT (emerging-web_specific_apps.rules)
 2007033 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dircat.asp cid DELETE (emerging-web_specific_apps.rules)
 2007034 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dircat.asp cid ASCII (emerging-web_specific_apps.rules)
 2007035 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dircat.asp cid UPDATE (emerging-web_specific_apps.rules)
 2007036 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dirSub.asp sid SELECT (emerging-web_specific_apps.rules)
 2007037 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dirSub.asp sid UNION SELECT (emerging-web_specific_apps.rules)
 2007038 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dirSub.asp sid INSERT (emerging-web_specific_apps.rules)
 2007039 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dirSub.asp sid DELETE (emerging-web_specific_apps.rules)
 2007040 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dirSub.asp sid ASCII (emerging-web_specific_apps.rules)
 2007041 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- dirSub.asp sid UPDATE (emerging-web_specific_apps.rules)
 2007042 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp AD_ID SELECT (emerging-web_specific_apps.rules)
 2007043 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp AD_ID UNION SELECT (emerging-web_specific_apps.rules)
 2007044 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp AD_ID INSERT (emerging-web_specific_apps.rules)
 2007045 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp AD_ID DELETE (emerging-web_specific_apps.rules)
 2007046 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp AD_ID ASCII (emerging-web_specific_apps.rules)
 2007047 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp AD_ID UPDATE (emerging-web_specific_apps.rules)
 2007048 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp cat_id SELECT (emerging-web_specific_apps.rules)
 2007049 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp sub_id UPDATE (emerging-web_specific_apps.rules)
 2007050 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp cat_id INSERT (emerging-web_specific_apps.rules)
 2007051 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp cat_id DELETE (emerging-web_specific_apps.rules)
 2007052 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp cat_id ASCII (emerging-web_specific_apps.rules)
 2007053 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp cat_id UPDATE (emerging-web_specific_apps.rules)
 2007054 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp sub_id SELECT (emerging-web_specific_apps.rules)
 2007055 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp sub_id UNION SELECT (emerging-web_specific_apps.rules)
 2007056 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp sub_id INSERT (emerging-web_specific_apps.rules)
 2007057 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp sub_id DELETE (emerging-web_specific_apps.rules)
 2007058 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp sub_id ASCII (emerging-web_specific_apps.rules)
 2007059 - ET WEB_SPECIFIC_APPS Enthrallweb eClassifieds SQL Injection Attempt -- ad.asp cat_id UNION SELECT (emerging-web_specific_apps.rules)
 2007076 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dircat.asp cid SELECT (emerging-web_specific_apps.rules)
 2007077 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dircat.asp cid UNION SELECT (emerging-web_specific_apps.rules)
 2007078 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dircat.asp cid INSERT (emerging-web_specific_apps.rules)
 2007079 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dircat.asp cid DELETE (emerging-web_specific_apps.rules)
 2007080 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dircat.asp cid ASCII (emerging-web_specific_apps.rules)
 2007081 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dircat.asp cid UPDATE (emerging-web_specific_apps.rules)
 2007082 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dirSub.asp sid SELECT (emerging-web_specific_apps.rules)
 2007083 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dirSub.asp sid UNION SELECT (emerging-web_specific_apps.rules)
 2007084 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dirSub.asp sid INSERT (emerging-web_specific_apps.rules)
 2007085 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dirSub.asp sid DELETE (emerging-web_specific_apps.rules)
 2007086 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dirSub.asp sid ASCII (emerging-web_specific_apps.rules)
 2007087 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- dirSub.asp sid UPDATE (emerging-web_specific_apps.rules)
 2007088 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- types.asp TYPE_ID SELECT (emerging-web_specific_apps.rules)
 2007089 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- types.asp TYPE_ID UNION SELECT (emerging-web_specific_apps.rules)
 2007090 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- types.asp TYPE_ID INSERT (emerging-web_specific_apps.rules)
 2007091 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- types.asp TYPE_ID DELETE (emerging-web_specific_apps.rules)
 2007092 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- types.asp TYPE_ID ASCII (emerging-web_specific_apps.rules)
 2007093 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- types.asp TYPE_ID UPDATE (emerging-web_specific_apps.rules)
 2007094 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- homeDetail.asp AD_ID SELECT (emerging-web_specific_apps.rules)
 2007095 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- homeDetail.asp AD_ID UNION SELECT (emerging-web_specific_apps.rules)
 2007096 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- homeDetail.asp AD_ID INSERT (emerging-web_specific_apps.rules)
 2007097 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- homeDetail.asp AD_ID DELETE (emerging-web_specific_apps.rules)
 2007098 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- homeDetail.asp AD_ID ASCII (emerging-web_specific_apps.rules)
 2007099 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- homeDetail.asp AD_ID UPDATE (emerging-web_specific_apps.rules)
 2007100 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- result.asp cat SELECT (emerging-web_specific_apps.rules)
 2007101 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- result.asp cat UNION SELECT (emerging-web_specific_apps.rules)
 2007102 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- result.asp cat INSERT (emerging-web_specific_apps.rules)
 2007103 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- result.asp cat DELETE (emerging-web_specific_apps.rules)
 2007104 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- result.asp cat ASCII (emerging-web_specific_apps.rules)
 2007105 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- result.asp cat UPDATE (emerging-web_specific_apps.rules)
 2007106 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- compareHomes.asp compare SELECT (emerging-web_specific_apps.rules)
 2007107 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- compareHomes.asp compare UNION SELECT (emerging-web_specific_apps.rules)
 2007108 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- compareHomes.asp compare INSERT (emerging-web_specific_apps.rules)
 2007109 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- compareHomes.asp compare DELETE (emerging-web_specific_apps.rules)
 2007110 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- compareHomes.asp compare ASCII (emerging-web_specific_apps.rules)
 2007111 - ET WEB_SPECIFIC_APPS Enthrallweb eHomes SQL Injection Attempt -- compareHomes.asp compare UPDATE (emerging-web_specific_apps.rules)
 2007566 - ET TROJAN Downloader.MisleadApp Fake Security Product Install (emerging-trojan.rules)
 2007683 - ET TROJAN E-Jihad 3.0 HTTP Activity 1 (emerging-trojan.rules)
 2007684 - ET TROJAN E-Jihad 3.0 HTTP Activity 2 (emerging-trojan.rules)
 2007685 - ET TROJAN E-Jihad 3.0 HTTP Activity 3 (emerging-trojan.rules)
 2007686 - ET TROJAN E-Jihad 3.0 DDoS HTTP Activity OUTBOUND (emerging-trojan.rules)
 2007687 - ET TROJAN E-Jihad 3.0 DDoS HTTP Activity INBOUND (emerging-trojan.rules)
 2007688 - ET TROJAN Prg Trojan HTTP POST v1 (emerging-trojan.rules)
 2007724 - ET TROJAN Prg Trojan HTTP POST version 2 (emerging-trojan.rules)
 2007747 - ET TROJAN MBR Trojan (Sinowal/Mebroot/) Phoning Home (emerging-trojan.rules)
 2007748 - ET TROJAN NPRC Malicious POST Request Possible DOJ or DOT Malware (emerging-trojan.rules)
 2007758 - ET TROJAN Eldorado.BHO User-Agent Detected (netcfg) (emerging-trojan.rules)
 2007774 - ET TROJAN Lop.gfr/Swizzor HTTP Update/Checkin (emerging-trojan.rules)
 2007775 - ET TROJAN Krunchy/BZub HTTP Checkin/Update (emerging-trojan.rules)
 2007776 - ET TROJAN Krunchy/BZub HTTP POST Update (emerging-trojan.rules)
 2007823 - ET TROJAN Banker.OT Checkin (emerging-trojan.rules)
 2007828 - ET TROJAN LDPinch Checkin (2) (emerging-trojan.rules)
 2007829 - ET TROJAN Illusion Bot (Lussilon) Checkin (emerging-trojan.rules)
 2007831 - ET TROJAN Downloader General Bot Checking In via HTTP Post (bot_id push) (emerging-trojan.rules)
 2007833 - ET TROJAN Eldorado.BHO User-Agent Detected (MSIE 5.5) (emerging-trojan.rules)
 2007836 - ET TROJAN Downloader General Bot Checking In - Possible Win32.Small.htz related (emerging-trojan.rules)
 2007874 - ET EXPLOIT Now SMS/MMS Gateway HTTP BOF Vulnerability (emerging-exploit.rules)
 2008100 - ET TROJAN PRG/wnspoem/Zeus InfoStealer Trojan Config Download (emerging-trojan.rules)
 2008171 - ET WEB_SERVER HP OpenView Network Node Manager CGI Directory Traversal (emerging-web_server.rules)
 2008195 - ET TROJAN Dropper mdodo.com Related Trojan (emerging-trojan.rules)
 2008196 - ET TROJAN Dropper 6dzone.com Related Trojan (emerging-trojan.rules)
 2008218 - ET TROJAN Optix Pro Trojan/Keylogger Reporting Installation via HTTP-Email Post (emerging-trojan.rules)
 2008317 - ET TROJAN Hitpop.AG/Pophot.az HTTP Checkin (emerging-trojan.rules)
 2008322 - ET TROJAN FraudLoad.aww HTTP CnC Post (emerging-trojan.rules)
 2008338 - ET TROJAN KLog Nick Keylogger Checkin (emerging-trojan.rules)
 2008340 - ET TROJAN Lost Door Checkin (emerging-trojan.rules)
 2008346 - ET TROJAN Mitglieder Checkin (emerging-trojan.rules)
 2008347 - ET TROJAN Swizzor Checkin (emerging-trojan.rules)
 2008369 - ET TROJAN Keylogger Crack by bahman (emerging-trojan.rules)
 2008431 - ET TROJAN PWS.Gamania Checkin (emerging-trojan.rules)
 2008452 - ET TROJAN Emo/Downloader.uxk checkin (emerging-trojan.rules)
 2008515 - ET TROJAN Hupigon.AZG Checkin (emerging-trojan.rules)
 2008684 - ET WEB_SPECIFIC_APPS E-Shop Shopping Cart Script search_results.php SQL Injection (emerging-web_specific_apps.rules)
 2008740 - ET TROJAN Ligats/DR.Ilomo Agent Post (emerging-trojan.rules)
 2008760 - ET TROJAN Insidebar.co.kr Related Infection Checkin (emerging-trojan.rules)
 2008830 - ET WEB_SPECIFIC_APPS DevelopItEasy Photo Gallery cat_id paramter SQL Injection (emerging-web_specific_apps.rules)
 2008831 - ET WEB_SPECIFIC_APPS DevelopItEasy Photo Gallery photo_id paramter SQL Injection (emerging-web_specific_apps.rules)
 2008834 - ET WEB_SPECIFIC_APPS DevelopItEasy News And Article aid parameter SQL Injection (emerging-web_specific_apps.rules)
 2008838 - ET WEB_SPECIFIC_APPS DeltaScripts PHP Classifieds siteid parameter Remote SQL Injection (emerging-web_specific_apps.rules)
 2008864 - ET TROJAN Koobface Trojan HTTP Post Checkin (emerging-trojan.rules)
 2008883 - ET WEB_SPECIFIC_APPS Easyedit CMS page.php intpageID parameter sql injection (emerging-web_specific_apps.rules)
 2008884 - ET WEB_SPECIFIC_APPS Easyedit CMS subcategory.php intSubCategoryID parameter sql injection (emerging-web_specific_apps.rules)
 2008885 - ET WEB_SPECIFIC_APPS Easyedit CMS news.php intPageID parameter sql injection (emerging-web_specific_apps.rules)
 2008891 - ET TROJAN MEREDROP/micr0s0fts.cn Related Checkin (emerging-trojan.rules)
 2008943 - ET TROJAN Lop_com or variant Checkin (9kgen_up) (emerging-trojan.rules)
 2008984 - ET TROJAN Trojan-GameThief.Win32.OnLineGames infection report (emerging-trojan.rules)
 2009003 - ET TROJAN Win32/Korklic.A (emerging-trojan.rules)
 2009117 - ET WEB_SPECIFIC_APPS Easynet4u Link Host directory.php cat_id parameter SQL Injection (emerging-web_specific_apps.rules)
 2009317 - ET WEB_SPECIFIC_APPS DesktopOnNet don3_requiem.php app_path Parameter Remote File Inclusion (emerging-web_specific_apps.rules)
 2009318 - ET WEB_SPECIFIC_APPS DesktopOnNet frontpage.php app_path Parameter Remote File Inclusion (emerging-web_specific_apps.rules)
 2009319 - ET WEB_SPECIFIC_APPS DeZine DZcms products.php pcat parameter SQL injection (emerging-web_specific_apps.rules)
 2009323 - ET WEB_SPECIFIC_APPS Demium CMS tracking.php follow_kat Parameter SQL Injection (emerging-web_specific_apps.rules)
 2009324 - ET WEB_SPECIFIC_APPS Demium CMS urheber.php name Parameter Local File Inclusion (emerging-web_specific_apps.rules)
 2009366 - ET WEB_SPECIFIC_APPS EasySiteNetwork Riddles Complete Website riddle.php riddleid Parameter SQL Injection (emerging-web_specific_apps.rules)
 2009368 - ET WEB_SPECIFIC_APPS DeluxeBB misc.php qorder Parameter SQL Injection (emerging-web_specific_apps.rules)
 2009380 - ET WEB_SPECIFIC_APPS Acute Control Panel header.php theme_directory parameter local file inclusion (emerging-web_specific_apps.rules)
 2009412 - ET TROJAN Generic Trojan Checkin (emerging-trojan.rules)
 2009442 - ET TROJAN Generic Trojan Checkin (2) (emerging-trojan.rules)
 2009443 - ET TROJAN NoBo Downloader Dropper GET (emerging-trojan.rules)
 2009455 - ET TROJAN FAKE AV HTTP CnC Post (emerging-trojan.rules)
 2009472 - ET TROJAN Fasec/FakeAV Alert/Keylogger/Dropper/DNSChanger Possible Rootkit - HTTP GET (emerging-trojan.rules)
 2009484 - ET WEB_SERVER Cpanel lastvisit.html Arbitary file disclosure (emerging-web_server.rules)
 2009514 - ET TROJAN FAKE/ROGUE AV HTTP Post (emerging-trojan.rules)
 2009519 - ET TROJAN Gaboc Trojan Check-in (emerging-trojan.rules)
 2009526 - ET TROJAN Downloader Checkin - Downloads Rogue Adware  (emerging-trojan.rules)
 2009527 - ET TROJAN Generic Downloader Checkin - HTTP GET  (emerging-trojan.rules)
 2009531 - ET TROJAN Gamania Trojan Check-in (emerging-trojan.rules)
 2009541 - ET TROJAN Suspicious User-Agent filled with System Details - GET Request (emerging-trojan.rules)
 2009549 - ET TROJAN Generic Downloader - HTTP POST (emerging-trojan.rules)
 2009553 - ET TROJAN FAKE/ROGUE AV - Encoded (data=) HTTP POST (emerging-trojan.rules)
 2009554 - ET TROJAN FAKE/ROGUE AV/Security Application Checkin (emerging-trojan.rules)
 2009704 - ET TROJAN Generic Downloader Check-in (emerging-trojan.rules)
 2009751 - ET TROJAN Fraudload/FakeAlert/FakeVimes Downloader - POST (emerging-trojan.rules)
 2009776 - ET TROJAN Oficla Downloader Activity Observed (emerging-trojan.rules)
 2009795 - ET WEB_SPECIFIC_APPS Dog Pedigree Online Database managePerson.php personId Parameter SQL Injection (emerging-web_specific_apps.rules)
 2009804 - ET TROJAN Screenblaze SCR Related Backdoor - GET (emerging-trojan.rules)
 2009805 - ET TROJAN Luder.B User-Agent (Mozilla/4.0 (SPGK)) - GET (emerging-trojan.rules)
 2009810 - ET TROJAN Swizzor-based Downloader - Invalid User-Agent (Mozilla/4.0 (compatible MSIE 7.0 na .NET CLR 2.0.50727 .NET CLR 3.0.4506.2152 .NET CLR 3.5.30729)) (emerging-trojan.rules)
 2009811 - ET TROJAN KillAV/Dropper/Mdrop/Hupigon - HTTP GET (emerging-trojan.rules)
 2009813 - ET TROJAN Trojan.MyDNS DNSChanger - HTTP POST (emerging-trojan.rules)
 2009826 - ET TROJAN Generic Backdoor Retrieve Instructions/Configs - HTTP GET (emerging-trojan.rules)
 2009832 - ET SCAN DCERPC rpcmgmt ifids Unauthenticated BIND (emerging-scan.rules)
 2009848 - ET WEB_SPECIFIC_APPS Dragoon header.inc.php root Parameter Remote File Inclusion (emerging-web_specific_apps.rules)
 2009876 - ET WEB_SPECIFIC_APPS Dokuwiki doku.php config_cascade Local File Inclusion (emerging-web_specific_apps.rules)
 2009904 - ET WEB_SPECIFIC_APPS AdaptBB latestposts.php forumspath Parameter Local File Inclusion (emerging-web_specific_apps.rules)
 2010007 - ET TROJAN Potential Gemini Malware Download (emerging-trojan.rules)
 2010073 - ET WEB_SPECIFIC_APPS Possible Docebo UPDATE SET SQL Injection Attempt (emerging-web_specific_apps.rules)
 2010074 - ET WEB_SPECIFIC_APPS Possible Docebo UNION SELECT SQL Injection Attempt (emerging-web_specific_apps.rules)
 2010075 - ET WEB_SPECIFIC_APPS Possible Docebo SELECT FROM SQL Injection Attempt (emerging-web_specific_apps.rules)
 2010076 - ET WEB_SPECIFIC_APPS Possible Docebo DELETE FROM SQL Injection Attempt (emerging-web_specific_apps.rules)
 2010077 - ET WEB_SPECIFIC_APPS Possible Docebo INSERT INTO Injection Attempt (emerging-web_specific_apps.rules)
 2010078 - ET WEB_SPECIFIC_APPS Possible Docebo UPDATE SET SQL Injection Attempt (emerging-web_specific_apps.rules)
 2010151 - ET TROJAN Koobface C&C availability check (emerging-trojan.rules)
 2010158 - ET TROJAN Nanspy Bot Checkin (emerging-trojan.rules)
 2010194 - ET WEB_SPECIFIC_APPS Adobe JRun Directory Traversal (emerging-web_specific_apps.rules)
 2010195 - ET WEB_SPECIFIC_APPS DS CMS DetailFile.php nFileId Parameter SQL Injection (emerging-web_specific_apps.rules)
 2010252 - ET WEB_SPECIFIC_APPS Datalife Engine api.class.php dle_config_api Parameter Remote File Inclusion (emerging-web_specific_apps.rules)
 2010259 - ET WEB_SPECIFIC_APPS DvBBS boardrule.php groupboardid Parameter SQL Injection (emerging-web_specific_apps.rules)
 2010282 - ET TROJAN Generic Trojan Checkin (double Content-Type headers) (emerging-trojan.rules)
 2010337 - ET TROJAN FakeAV Reporting - POST often to [resolution|borders].php (emerging-trojan.rules)
 2010439 - ET TROJAN Generic Trojan Checkin (UA VBTagEdit) (emerging-trojan.rules)
 2010512 - ET TROJAN FakeAV FakeSmoke HTTP POST check-in (emerging-trojan.rules)
 2010594 - ET TROJAN Potential FakeAV HTTP POST Check-IN (?r=) (emerging-trojan.rules)
 2010625 - ET TROJAN FakeAV Landing Page (aid,sid) (emerging-trojan.rules)
 2010626 - ET TROJAN Likely FakeAV/Fakeinit/FraudLoad Checkin (emerging-trojan.rules)
 2010627 - ET TROJAN Likely FakeAV/Fakeinit/FraudLoad Checkin (emerging-trojan.rules)
 2010628 - ET TROJAN Likely FakeAV/Fakeinit/FraudLoad Checkin (emerging-trojan.rules)
 2010700 - ET TROJAN Likely Koobface Beaconing (getexe) (emerging-trojan.rules)
 2010707 - ET WEB_SPECIFIC_APPS Dros core.write_compiled_include.php smarty Remote File Inclusion Attempt (emerging-web_specific_apps.rules)
 2010708 - ET WEB_SPECIFIC_APPS Dros core.process_compiled_include.php smarty Remote File Inclusion Attempt (emerging-web_specific_apps.rules)
 2010709 - ET WEB_SPECIFIC_APPS Dros function.config_load.php _compile_file Remote File Inclusion Attempt (emerging-web_specific_apps.rules)
 2010715 - ET SCAN ZmEu exploit scanner (emerging-scan.rules)
 2010743 - ET TROJAN Oficla Checkin (1) (emerging-trojan.rules)
 2011072 - ET TROJAN Fruspam polling for IP likely infected (emerging-trojan.rules)
 2011099 - ET WEB_SPECIFIC_APPS DaFun Spirit lgsl_players.php lgsl_path Parameter Remote File Inclusion (emerging-web_specific_apps.rules)
 2011100 - ET WEB_SPECIFIC_APPS DaFun Spirit lgsl_settings.php lgsl_path Parameter Remote File Inclusion (emerging-web_specific_apps.rules)
 2011104 - ET TROJAN Exploit kit attack activity likely hostile (emerging-trojan.rules)
 2011153 - ET WEB_SPECIFIC_APPS Ektron CMS400.NET reterror.aspx info Parameter Cross Site Scripting Attempt (emerging-web_specific_apps.rules)
 2011154 - ET WEB_SPECIFIC_APPS Ektron CMS400.NET medialist.aspx selectids Parameter Cross Site Scripting Attempt (emerging-web_specific_apps.rules)
 2011173 - ET ACTIVEX Windows Help Center Arbitrary Command Execution Exploit Attempt (emerging-activex.rules)
 2011179 - ET TROJAN Generic Checkin - MSCommonInfoEx (emerging-trojan.rules)
 2011269 - ET TROJAN Downloader.Win32.Small (emerging-trojan.rules)
 2011277 - ET TROJAN Generic Trojan HTTP Get (emerging-trojan.rules)
 2011539 - ET POLICY OpenSSL Demo CA - Internet Widgits Pty (CN) (emerging-policy.rules)
 2011540 - ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O) (emerging-policy.rules)
 2011725 - ET WEB_SPECIFIC_APPS EZPX photoblog tpl_base_dir Parameter Remote File Inclusion Attempt (emerging-web_specific_apps.rules)
 2011816 - ET TROJAN Zeus POST Request to CnC (emerging-trojan.rules)
 2011827 - ET TROJAN Xilcter/Zeus related malware dropper reporting in (emerging-trojan.rules)
 2400000 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400001 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400002 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400003 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400004 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400005 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400006 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400007 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400008 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400009 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400010 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400011 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400012 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2401000 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401001 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401002 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401003 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401004 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401005 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401006 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401007 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401008 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401009 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401010 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401011 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401012 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2402000 - ET DROP Dshield Block Listed Source (emerging-dshield.rules)
 2402001 - ET DROP Dshield Block Listed Source (emerging-dshield.rules)
 2403000 - ET DROP Dshield Block Listed Source - BLOCKING (emerging-dshield-BLOCK.rules)
 2403001 - ET DROP Dshield Block Listed Source - BLOCKING (emerging-dshield-BLOCK.rules)


[///]    Modified inactive rules:    [///]

 2009441 - ET TROJAN Swizzor Family GET (emerging-trojan.rules)
 2011103 - ET TROJAN Exploit kit download payload likely Hiloti Gozi FakeAV etc (emerging-trojan.rules)
 2011160 - ET WEB_SERVER Apache Axis2 xsd Parameter Directory Traversal Attempt (emerging-web_server.rules)
 2011346 - ET WEB_CLIENT Possible Unescape Javascript Obfuscation Attempt (emerging-web_client.rules)
 2011541 - ET POLICY OpenSSL Demo CA - Cryptsoft Pty (CN) (emerging-policy.rules)
 2011542 - ET POLICY OpenSSL Demo CA - Cryptsoft Pty (O) (emerging-policy.rules)


[---]         Disabled rules:        [---]

 2001929 - ET WEB_SPECIFIC_APPS XSS Possible Arbitrary Scripting Code Attack in phpBB (signature) (emerging-web_specific_apps.rules)
 2008127 - ET ACTIVEX Data Dynamics ActiveBar ActiveX Control (Actbar3.ocx 3.2) Multiple Insecure Methods (emerging-activex.rules)
 2008314 - ET CURRENT_EVENTS Iframe in Purported Image Download (gif) - Likely SQL Injection Attacks Related (emerging-current_events.rules)
 2011819 - ET MALWARE Zero Content-Length HTTP POST with data (outbound) (emerging-malware.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to emerging-drop-BLOCK.rules (2):
        #  VERSION 2068
        #  Generated 2010-10-24 00:03:02 EDT

     -> Added to emerging-drop.rules (2):
        #  VERSION 2068
        #  Generated 2010-10-24 00:03:02 EDT

     -> Added to emerging.conf (37):
        #var SSH_PORTS 22
        #include $RULE_PATH/emerging-ftp.rules
        #include $RULE_PATH/emerging-policy.rules
        #include $RULE_PATH/emerging-trojan.rules
        #include $RULE_PATH/emerging-games.rules
        #include $RULE_PATH/emerging-pop3.rules
        #include $RULE_PATH/emerging-user_agents.rules
        ##include $RULE_PATH/emerging-activex.rules
        #include $RULE_PATH/emerging-rpc.rules
        #include $RULE_PATH/emerging-virus.rules
        #include $RULE_PATH/emerging-attack_response.rules
        #include $RULE_PATH/emerging-icmp.rules
        #include $RULE_PATH/emerging-scan.rules
        #include $RULE_PATH/emerging-voip.rules
        #include $RULE_PATH/emerging-chat.rules
        ##include $RULE_PATH/emerging-icmp_info.rules
        ##include $RULE_PATH/emerging-shellcode.rules
        ##include $RULE_PATH/emerging-web_client.rules
        #include $RULE_PATH/emerging-imap.rules
        #include $RULE_PATH/emerging-web_server.rules
        #include $RULE_PATH/emerging-current_events.rules
        ##include $RULE_PATH/emerging-inappropriate.rules
        #include $RULE_PATH/emerging-smtp.rules
        ##include $RULE_PATH/emerging-web_specific_apps.rules
        ##include $RULE_PATH/emerging-deleted.rules
        #include $RULE_PATH/emerging-malware.rules
        #include $RULE_PATH/emerging-snmp.rules
        #include $RULE_PATH/emerging-worm.rules
        #include $RULE_PATH/emerging-dns.rules
        #include $RULE_PATH/emerging-misc.rules
        #include $RULE_PATH/emerging-sql.rules
        #include $RULE_PATH/emerging-dos.rules
        #include $RULE_PATH/emerging-netbios.rules
        #include $RULE_PATH/emerging-telnet.rules
        #include $RULE_PATH/emerging-exploit.rules
        #include $RULE_PATH/emerging-p2p.rules
        #include $RULE_PATH/emerging-tftp.rules

     -> Added to sid-msg.map (77):
        2011827 || ET TROJAN Xilcter/Zeus related malware dropper reporting in
        2011828 || ETPRO WEB_SPECIFIC_APPS 724CMS section.php Module Parameter Local File inclusion Attempt || url,packetstormsecurity.org/1005-exploits/724cms459-lfi.txt
        2011829 || ETPRO WEB_SPECIFIC_APPS MyOWNspace getfeed.php file Parameter Local File Inclusion Attempt(1) || url,inj3ct0r.com/exploits/12674
        2011830 || ETPRO WEB_SPECIFIC_APPS MyOWNspace getfeed.php file Parameter Local File Inclusion Attempt(2) || url,inj3ct0r.com/exploits/12674
        2011831 || ETPRO WEB_SPECIFIC_APPS CMS Board site_path Parameter Remote File Inclusion Attempt || url,packetstormsecurity.org/1010-exploits/cmsboard-rfi.txt
        2011832 || ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter SELECT FROM SQL Injection Attempt || url,inj3ct0r.com/exploits/14205
        2011833 || ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter DELETE FROM SQL Injection Attempt || url,inj3ct0r.com/exploits/14205
        2011834 || ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter UNION SELECT SQL Injection Attempt || url,inj3ct0r.com/exploits/14205
        2011835 || ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter UPDATE SET SQL Injection Attempt || url,inj3ct0r.com/exploits/14205
        2011836 || ETPRO WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter INSERT INTO SQL Injection Attempt || url,inj3ct0r.com/exploits/14205
        2011837 || ETPRO WEB_SPECIFIC_APPS A6MamboHelpDesk Admin.a6mambohelpdesk.php Remote File inclusion Attempt || cve,CVE-2006-3930 || bugtraq,19198
        2011838 || ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter SELECT FROM SQL Injection Attempt || url,packetstormsecurity.com/1010-exploits/phpfusionmguser-sql.txt
        2011839 || ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter DELETE FROM SQL Injection Attempt || url,packetstormsecurity.com/1010-exploits/phpfusionmguser-sql.txt
        2011840 || ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter UNION SELECT SQL Injection Attempt || url,packetstormsecurity.com/1010-exploits/phpfusionmguser-sql.txt
        2011841 || ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter UPDATE SET SQL Injection Attempt || url,packetstormsecurity.com/1010-exploits/phpfusionmguser-sql.txt
        2011842 || ETPRO WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter INSERT INTO SQL Injection Attempt || url,packetstormsecurity.com/1010-exploits/phpfusionmguser-sql.txt
        2011843 || ETPRO WEB_SPECIFIC_APPS BaconMap updatelist.php filepath Local File Inclusion Attempt || url,packetstormsecurity.com/1010-exploits/baconmap10-lfi.txt
        2011844 || ETPRO WEB_SPECIFIC_APPS Joomla com_rwcards mosConfig_absolute_path Remote File Inclusion Attempt || url,packetstormsecurity.com/1010-exploits/joomlarwcards-rfi.txt
        2011845 || ETPRO WEB_SPECIFIC_APPS Lantern CMS intPassedLocationID Parameter Cross Site Scripting Attempt || bugtraq,43865
        2011846 || ETPRO WEB_SPECIFIC_APPS OrangeHRM uri Parameter Local File Inclusion Attempt || url,exploit-db.com/exploits/15232
        2011847 || ETPRO WEB_SPECIFIC_APPS Joomla com_jomestate Parameter Remote File Inclusion Attempt || url,inj3ct0r.com/exploits/12835
        2011848 || ET TROJAN Win32/Comotor.A!dll Reporting 1 || url,microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Trojan%3AWin32%2FComotor.A!dll&ThreatID=-2147346593 || url,threatexpert.com/report.aspx?md5=5e1c680e70e423dd02e31ab9d689e40b
        2011849 || ET TROJAN Win32/Comotor.A!dll Reporting 2 || url,microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Trojan%3AWin32%2FComotor.A!dll&ThreatID=-2147346593 || url,threatexpert.com/report.aspx?md5=5e1c680e70e423dd02e31ab9d689e40b
        2011850 || ET TROJAN Carberp file download
        2011851 || ET TROJAN Carberp CnC request - POST id=imp
        2011852 || ET WEB_SPECIFIC_APPS W-Agora search.php bn Parameter Cross Site Scripting Attempt || bugtraq,44370
        2011853 || ET WEB_SPECIFIC_APPS W-Agora search.php bn Parameter Local File Inclusion Attempt || bugtraq,44370
        2011854 || ET POLICY Java JAR file download
        2011855 || ET POLICY Java JAR Download Attempt || url,blogs.technet.com/b/mmpc/archive/2010/10/18/have-you-checked-the-java.aspx
        2011856 || ET MALWARE HTML.Psyme.Gen Reporting || url,threatexpert.com/report.aspx?md5=de1adb1df396863e7e3967271e7db734
        2011857 || ET TROJAN SpyEye C&C Check-in URI || url,krebsonsecurity.com/2010/10/spyeye-v-zeus-rivalry-ends-in-quiet-merger/ || url,www.symantec.com/connect/blogs/spyeye-bot-versus-zeus-bot
        2011858 || ET TROJAN SpyEye style HTTP Header GET structure || url,krebsonsecurity.com/2010/10/spyeye-v-zeus-rivalry-ends-in-quiet-merger/ || url,www.symantec.com/connect/blogs/spyeye-bot-versus-zeus-bot
        2011860 || ET WEB_SPECIFIC_APPS Oracle Fusion Middleware BPEL Console Cross Site Scripting || cve,2010-3581 || bid,43954
        2011861 || ET CURRENT_EVENTS Bredolab CnC URL Detected || url,blog.fireeye.com/.a/6a00d835018afd53ef013488839529970c-pi
        2011862 || ET TROJAN Feodo Banking Trojan Account Details Post || url,blog.fireeye.com/research/2010/10/feodosoff-a-new-botnet-on-the-rise.html#more
        2011863 || ET TROJAN Feodo Banking Trojan Receiving Configuration File || url,blog.fireeye.com/research/2010/10/feodosoff-a-new-botnet-on-the-rise.html
        2011864 || ET WEB_CLIENT Possible Oracle Java APPLET Tag Children Property Memory Corruption Attempt || url,www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html || url,code.google.com/p/skylined/issues/detail?id=18
        2011865 || ET WEB_CLIENT Embedded Executable File in PDF - This Program Cannot Be Run in DOS Mode
        2011866 || ET WEB_CLIENT Suspicious Embedded Shockwave Flash In PDF
        2011867 || ET ACTIVEX Trend Micro Internet Security Pro 2010 ActiveX extSetOwner Remote Code Execution Attempt || url,www.exploit-db.com/trend-micro-internet-security-pro-2010-activex-extsetowner-remote-code-execution/
        2011868 || ET WEB_CLIENT Possible Javascript obfuscation using app.setTimeOut in PDF in Order to Run Code || url,www.vicheck.ca/md5query.php?hash=6932d141916cd95e3acaa3952c7596e4 || url,www.h-online.com/security/features/CSI-Internet-PDF-timebomb-1038864.html?page=4
        2011869 || ET ACTIVEX Softek Barcode Reader Toolkit ActiveX Control Buffer Overflow Attempt || url,exploit-db.com/exploits/15071
        2011870 || ET ACTIVEX Softek Barcode Reader Toolkit ActiveX Control Format String Function Call || url,exploit-db.com/exploits/15071/
        2011871 || ET POLICY SubmitToTDWTF.asmx DailyWTF Potential Source Code Leakage || url,code.google.com/p/submittotdwtf/source/browse/trunk/ || url,thedailywtf.com/Articles/Submit-WTF-Code-Directly-From-Your-IDE.aspx
        2011872 || ET USER_AGENTS Suspicious Gbot UA Detected
        2011873 || ET CURRENT_EVENTS Suspicious HTTP GET to JPG with query string
        2011874 || ET POLICY NSPlayer User-Agent Windows Media Player streaming detected || url,msdn.microsoft.com/en-us/library/cc234851
        2011875 || ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter SELECT FROM SQL Injection Attempt || url,exploit-db.com/exploits/15309/
        2011876 || ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter DELETE FROM SQL Injection Attempt || url,exploit-db.com/exploits/15309/
        2011877 || ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter UNION SELECT SQL Injection Attempt || url,exploit-db.com/exploits/15309/
        2011878 || ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter INSERT INTO SQL Injection Attempt || url,exploit-db.com/exploits/15309/
        2011879 || ET WEB_SPECIFIC_APPS DBHcms editmenu Parameter UPDATE SET SQL Injection Attempt || url,exploit-db.com/exploits/15309/
        2011880 || ET WEB_SPECIFIC_APPS phpBazar picturelib.php Remote File inclusion Attempt || url,exploit-db.com/exploits/12855/ || cve,CVE-2010-2315
        2011881 || ET WEB_SPECIFIC_APPS Open Web Analytics mw_plugin.php IP Parameter Remote File inclusion Attempt || url,exploit-db.com/exploits/11903/
        2011882 || ET WEB_SPECIFIC_APPS Open Web Analytics owa_action Parameter Local File inclusion Attempt || url,exploit-db.com/exploits/11903/
        2011883 || ET WEB_SPECIFIC_APPS Open Web Analytics owa_do Parameter Local File inclusion Attempt || url,exploit-db.com/exploits/11903/
        2011884 || ET WEB_SPECIFIC_APPS iGaming CMS loadplugin.php load Parameter Local File inclusion Attempt || url,packetstormsecurity.org/1010-exploits/igamingcms-lfi.txt
        2500538 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (270) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500539 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (270) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500540 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (271) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500541 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (271) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500542 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (272) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500543 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (272) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500544 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (273) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500545 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (273) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500546 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (274) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500547 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (274) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510538 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (270) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510539 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (270) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510540 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (271) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510541 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (271) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510542 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (272) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510543 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (272) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510544 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (273) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510545 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (273) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510546 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (274) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510547 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (274) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts

[---]     Removed non-rule lines:    [---]

     -> Removed from emerging-drop-BLOCK.rules (2):
        #  VERSION 2067
        #  Generated 2010-10-23 00:03:02 EDT

     -> Removed from emerging-drop.rules (2):
        #  VERSION 2067
        #  Generated 2010-10-23 00:03:02 EDT

     -> Removed from emerging.conf (37):
        var SSH_PORTS 22
        include $RULE_PATH/emerging-ftp.rules
        include $RULE_PATH/emerging-policy.rules
        include $RULE_PATH/emerging-trojan.rules
        include $RULE_PATH/emerging-games.rules
        include $RULE_PATH/emerging-pop3.rules
        include $RULE_PATH/emerging-user_agents.rules
        #include $RULE_PATH/emerging-activex.rules
        include $RULE_PATH/emerging-rpc.rules
        include $RULE_PATH/emerging-virus.rules
        include $RULE_PATH/emerging-attack_response.rules
        include $RULE_PATH/emerging-icmp.rules
        include $RULE_PATH/emerging-scan.rules
        include $RULE_PATH/emerging-voip.rules
        include $RULE_PATH/emerging-chat.rules
        #include $RULE_PATH/emerging-icmp_info.rules
        #include $RULE_PATH/emerging-shellcode.rules
        #include $RULE_PATH/emerging-web_client.rules
        include $RULE_PATH/emerging-imap.rules
        include $RULE_PATH/emerging-web_server.rules
        include $RULE_PATH/emerging-current_events.rules
        #include $RULE_PATH/emerging-inappropriate.rules
        include $RULE_PATH/emerging-smtp.rules
        #include $RULE_PATH/emerging-web_specific_apps.rules
        #include $RULE_PATH/emerging-deleted.rules
        include $RULE_PATH/emerging-malware.rules
        include $RULE_PATH/emerging-snmp.rules
        include $RULE_PATH/emerging-worm.rules
        include $RULE_PATH/emerging-dns.rules
        include $RULE_PATH/emerging-misc.rules
        include $RULE_PATH/emerging-sql.rules
        include $RULE_PATH/emerging-dos.rules
        include $RULE_PATH/emerging-netbios.rules
        include $RULE_PATH/emerging-telnet.rules
        include $RULE_PATH/emerging-exploit.rules
        include $RULE_PATH/emerging-p2p.rules
        include $RULE_PATH/emerging-tftp.rules

     -> Removed from sid-msg.map (17):
        2011827 || ET TROJAN Zeus related malware dropper reporting in
        2404298 || ET DROP Known Bot C&C Server Traffic TCP (group 150)  || url,www.shadowserver.org
        2404299 || ET DROP Known Bot C&C Server Traffic UDP (group 150)  || url,www.shadowserver.org
        2404300 || ET DROP Known Bot C&C Server Traffic TCP (group 151)  || url,www.shadowserver.org
        2404301 || ET DROP Known Bot C&C Server Traffic UDP (group 151)  || url,www.shadowserver.org
        2404302 || ET DROP Known Bot C&C Server Traffic TCP (group 152)  || url,www.shadowserver.org
        2404303 || ET DROP Known Bot C&C Server Traffic UDP (group 152)  || url,www.shadowserver.org
        2404304 || ET DROP Known Bot C&C Server Traffic TCP (group 153)  || url,www.shadowserver.org
        2404305 || ET DROP Known Bot C&C Server Traffic UDP (group 153)  || url,www.shadowserver.org
        2405298 || ET DROP Known Bot C&C Traffic TCP (group 150) - BLOCKING SOURCE || url,www.shadowserver.org
        2405299 || ET DROP Known Bot C&C Traffic UDP (group 150) - BLOCKING SOURCE || url,www.shadowserver.org
        2405300 || ET DROP Known Bot C&C Traffic TCP (group 151) - BLOCKING SOURCE || url,www.shadowserver.org
        2405301 || ET DROP Known Bot C&C Traffic UDP (group 151) - BLOCKING SOURCE || url,www.shadowserver.org
        2405302 || ET DROP Known Bot C&C Traffic TCP (group 152) - BLOCKING SOURCE || url,www.shadowserver.org
        2405303 || ET DROP Known Bot C&C Traffic UDP (group 152) - BLOCKING SOURCE || url,www.shadowserver.org
        2405304 || ET DROP Known Bot C&C Traffic TCP (group 153) - BLOCKING SOURCE || url,www.shadowserver.org
        2405305 || ET DROP Known Bot C&C Traffic UDP (group 153) - BLOCKING SOURCE || url,www.shadowserver.org



More information about the Emerging-sigs mailing list