[Emerging-updates] Live Commit Output

emerging@emergingthreats.net emerging at emergingthreats.net
Wed Mar 26 14:01:44 EST 2008


[***] Results from Oinkmaster started Wed Mar 26 15:01:44 2008 [***]

[+++]          Added rules:          [+++]

 2008053 - ET MALWARE InternetSpeedMonitor Related Spyware User-Agent (parchmnt loader v1.8) (bleeding-malware.rules)
 2008054 - ET POLICY Nginx Server in use - Often Hostile Traffic (bleeding-policy.rules)


[///]     Modified active rules:     [///]

 2002030 - ET TROJAN BOT - potential scan/exploit command (bleeding-virus.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-policy.rules (3):
        #by matt jonkman
        #nginx is an open http server. It's quite good, but seems an extremely high number of it's
        # installs are malicious. Storm, rbn, etc. Use this rule if you are interested

     -> Added to bleeding-sid-msg.map (2):
        2008053 || ET MALWARE InternetSpeedMonitor Related Spyware User-Agent (parchmnt loader v1.8)
        2008054 || ET POLICY Nginx Server in use - Often Hostile Traffic

     -> Added to bleeding-sid-msg.map.txt (2):
        2008053 || ET MALWARE InternetSpeedMonitor Related Spyware User-Agent (parchmnt loader v1.8)
        2008054 || ET POLICY Nginx Server in use - Often Hostile Traffic



More information about the Emerging-updates mailing list