[Emerging-updates] Live Commit Output

emerging@emergingthreats.net emerging at emergingthreats.net
Thu Dec 10 12:50:31 EST 2009


[***] Results from Oinkmaster started Thu Dec 10 12:50:31 2009 [***]

[+++]          Added rules:          [+++]

 2010456 - ET WEB_CLIENT ACTIVEX SonicWALL SSL VPN Client Remote ActiveX AddRouteEntry Attempt (emerging-web_client.rules)
 2010457 - ET WEB_SERVER Possible Cisco Adaptive Security Appliance Web VPN FTP or CIFS Authentication Form Phishing Attempt (emerging-web_server.rules)
 2010458 - ET TROJAN Dropper Checkin - Likely Yahlover Worm (emerging-virus.rules)


[///]     Modified active rules:     [///]

 2008416 - ET SCAN Httprint Web Server Fingerprint Scan (emerging-scan.rules)
 2010012 - ET WEB_CLIENT ACTIVEX Possible EMC Captiva QuickScan Pro KeyWorks KeyHelp Module keyhelp.ocx ActiveX Control Remote Buffer Overflow Attempt (emerging-web_client.rules)
 2400000 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400001 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400002 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400003 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400004 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400005 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400006 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2400007 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
 2401000 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401001 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401002 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401003 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401004 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401005 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401006 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2401007 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE (emerging-drop-BLOCK.rules)
 2402000 - ET DROP Dshield Block Listed Source (emerging-dshield.rules)
 2403000 - ET DROP Dshield Block Listed Source - BLOCKING (emerging-dshield-BLOCK.rules)
 2404000 - ET DROP Known Bot C&C Server Traffic (group 1)  (emerging-botcc.rules)
 2404001 - ET DROP Known Bot C&C Server Traffic (group 2)  (emerging-botcc.rules)
 2404002 - ET DROP Known Bot C&C Server Traffic (group 3)  (emerging-botcc.rules)
 2404003 - ET DROP Known Bot C&C Server Traffic (group 4)  (emerging-botcc.rules)
 2404004 - ET DROP Known Bot C&C Server Traffic (group 5)  (emerging-botcc.rules)
 2404005 - ET DROP Known Bot C&C Server Traffic (group 6)  (emerging-botcc.rules)
 2404006 - ET DROP Known Bot C&C Server Traffic (group 7)  (emerging-botcc.rules)
 2404007 - ET DROP Known Bot C&C Server Traffic (group 8)  (emerging-botcc.rules)
 2404008 - ET DROP Known Bot C&C Server Traffic (group 9)  (emerging-botcc.rules)
 2404009 - ET DROP Known Bot C&C Server Traffic (group 10)  (emerging-botcc.rules)
 2404010 - ET DROP Known Bot C&C Server Traffic (group 11)  (emerging-botcc.rules)
 2404011 - ET DROP Known Bot C&C Server Traffic (group 12)  (emerging-botcc.rules)
 2404012 - ET DROP Known Bot C&C Server Traffic (group 13)  (emerging-botcc.rules)
 2404013 - ET DROP Known Bot C&C Server Traffic (group 14)  (emerging-botcc.rules)
 2404014 - ET DROP Known Bot C&C Server Traffic (group 15)  (emerging-botcc.rules)
 2404015 - ET DROP Known Bot C&C Server Traffic (group 16)  (emerging-botcc.rules)
 2404016 - ET DROP Known Bot C&C Server Traffic (group 17)  (emerging-botcc.rules)
 2404017 - ET DROP Known Bot C&C Server Traffic (group 18)  (emerging-botcc.rules)
 2404018 - ET DROP Known Bot C&C Server Traffic (group 19)  (emerging-botcc.rules)
 2404019 - ET DROP Known Bot C&C Server Traffic (group 20)  (emerging-botcc.rules)
 2404020 - ET DROP Known Bot C&C Server Traffic (group 21)  (emerging-botcc.rules)
 2404021 - ET DROP Known Bot C&C Server Traffic (group 22)  (emerging-botcc.rules)
 2404022 - ET DROP Known Bot C&C Server Traffic (group 23)  (emerging-botcc.rules)
 2404023 - ET DROP Known Bot C&C Server Traffic (group 24)  (emerging-botcc.rules)
 2404024 - ET DROP Known Bot C&C Server Traffic (group 25)  (emerging-botcc.rules)
 2404025 - ET DROP Known Bot C&C Server Traffic (group 26)  (emerging-botcc.rules)
 2404026 - ET DROP Known Bot C&C Server Traffic (group 27)  (emerging-botcc.rules)
 2404027 - ET DROP Known Bot C&C Server Traffic (group 28)  (emerging-botcc.rules)
 2405000 - ET DROP Known Bot C&C Traffic (group 1) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules)
 2405001 - ET DROP Known Bot C&C Traffic (group 2) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules)
 2405002 - ET DROP Known Bot C&C Traffic (group 3) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules)
 2405003 - ET DROP Known Bot C&C Traffic (group 4) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules)
 2405004 - ET DROP Known Bot C&C Traffic (group 5) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules)
 2405005 - ET DROP Known Bot C&C Traffic (group 6) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules)
 2405006 - ET DROP Known Bot C&C Traffic (group 7) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules)
 2405007 - ET DROP Known Bot C&C Traffic (group 8) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules)
 2405008 - ET DROP Known Bot C&C Traffic (group 9) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules)
 2405009 - ET DROP Known Bot C&C Traffic (group 10) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules)
 2405010 - ET DROP Known Bot C&C Traffic (group 11) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules)
 2405011 - ET DROP Known Bot C&C Traffic (group 12) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules)
 2405012 - ET DROP Known Bot C&C Traffic (group 13) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules)
 2405013 - ET DROP Known Bot C&C Traffic (group 14) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules)
 2405014 - ET DROP Known Bot C&C Traffic (group 15) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules)
 2405015 - ET DROP Known Bot C&C Traffic (group 16) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules)
 2405016 - ET DROP Known Bot C&C Traffic (group 17) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules)
 2405017 - ET DROP Known Bot C&C Traffic (group 18) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules)
 2405018 - ET DROP Known Bot C&C Traffic (group 19) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules)
 2405019 - ET DROP Known Bot C&C Traffic (group 20) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules)
 2405020 - ET DROP Known Bot C&C Traffic (group 21) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules)
 2405021 - ET DROP Known Bot C&C Traffic (group 22) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules)
 2405022 - ET DROP Known Bot C&C Traffic (group 23) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules)
 2405023 - ET DROP Known Bot C&C Traffic (group 24) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules)
 2405024 - ET DROP Known Bot C&C Traffic (group 25) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules)
 2405025 - ET DROP Known Bot C&C Traffic (group 26) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules)
 2405026 - ET DROP Known Bot C&C Traffic (group 27) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules)
 2405027 - ET DROP Known Bot C&C Traffic (group 28) - BLOCKING SOURCE (emerging-botcc-BLOCK.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to emerging-drop-BLOCK.rules (2):
        #  VERSION 1743
        #  Generated 2009-12-10 00:03:03 EDT

     -> Added to emerging-drop.rules (2):
        #  VERSION 1743
        #  Generated 2009-12-10 00:03:03 EDT

     -> Added to emerging-sid-msg.map (4):
        2010012 || ET WEB_CLIENT ACTIVEX Possible EMC Captiva QuickScan Pro KeyWorks KeyHelp Module keyhelp.ocx ActiveX Control Remote Buffer Overflow Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_CLIENT/WEB_Keyworks || url,doc.emergingthreats.net/2010012 || url,downloads.securityfocus.com/vulnerabilities/exploits/36546.html || url,tools.cisco.com/security/center/viewAlert.x?alertId=19135 || url,www.securityfocus.com/bid/36546/info
        2010456 || ET WEB_CLIENT ACTIVEX SonicWALL SSL VPN Client Remote ActiveX AddRouteEntry Attempt || cve,2007-5603 || url,www.securityfocus.com/bid/26288/info
        2010457 || ET WEB_SERVER Possible Cisco Adaptive Security Appliance Web VPN FTP or CIFS Authentication Form Phishing Attempt || cve,2009-1203 || url,www.securityfocus.com/bid/35475/info
        2010458 || ET TROJAN Dropper Checkin - Likely Yahlover Worm

     -> Added to emerging-sid-msg.map.txt (4):
        2010012 || ET WEB_CLIENT ACTIVEX Possible EMC Captiva QuickScan Pro KeyWorks KeyHelp Module keyhelp.ocx ActiveX Control Remote Buffer Overflow Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_CLIENT/WEB_Keyworks || url,doc.emergingthreats.net/2010012 || url,downloads.securityfocus.com/vulnerabilities/exploits/36546.html || url,tools.cisco.com/security/center/viewAlert.x?alertId=19135 || url,www.securityfocus.com/bid/36546/info
        2010456 || ET WEB_CLIENT ACTIVEX SonicWALL SSL VPN Client Remote ActiveX AddRouteEntry Attempt || cve,2007-5603 || url,www.securityfocus.com/bid/26288/info
        2010457 || ET WEB_SERVER Possible Cisco Adaptive Security Appliance Web VPN FTP or CIFS Authentication Form Phishing Attempt || cve,2009-1203 || url,www.securityfocus.com/bid/35475/info
        2010458 || ET TROJAN Dropper Checkin - Likely Yahlover Worm

     -> Added to emerging-web_client.rules (1):
        # (I Thought this one might still be possible to all those devices which go out and aren't updated, happens all the time with Cisco anyway).

[---]     Removed non-rule lines:    [---]

     -> Removed from emerging-drop-BLOCK.rules (2):
        #  VERSION 1742
        #  Generated 2009-12-09 00:03:03 EDT

     -> Removed from emerging-drop.rules (2):
        #  VERSION 1742
        #  Generated 2009-12-09 00:03:03 EDT

     -> Removed from emerging-sid-msg.map (97):
        2010012 || ET WEB_CLIENT ACTIVEX Possible KeyWorks KeyHelp Module keyhelp.ocx ActiveX Control Remote Buffer Overflow Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_CLIENT/WEB_Keyworks || url,doc.emergingthreats.net/2010012 || url,www.securityfocus.com/bid/36546/info
        2500422 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (212) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500423 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (212) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500424 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (213) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500425 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (213) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500426 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (214) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500427 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (214) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500428 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (215) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500429 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (215) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500430 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (216) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500431 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (216) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500432 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (217) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500433 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (217) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500434 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (218) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500435 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (218) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500436 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (219) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500437 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (219) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500438 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (220) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500439 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (220) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500440 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (221) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500441 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (221) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500442 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (222) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500443 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (222) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500444 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (223) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500445 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (223) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500446 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (224) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500447 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (224) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500448 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (225) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500449 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (225) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500450 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (226) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500451 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (226) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500452 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (227) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500453 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (227) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500454 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (228) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500455 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (228) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500456 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (229) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500457 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (229) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500458 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (230) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500459 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (230) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500460 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (231) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500461 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (231) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500462 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (232) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500463 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (232) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500464 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (233) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500465 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (233) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500466 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (234) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500467 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (234) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500468 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (235) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500469 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (235) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510422 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (212) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510423 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (212) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510424 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (213) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510425 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (213) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510426 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (214) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510427 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (214) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510428 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (215) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510429 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (215) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510430 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (216) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510431 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (216) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510432 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (217) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510433 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (217) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510434 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (218) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510435 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (218) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510436 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (219) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510437 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (219) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510438 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (220) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510439 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (220) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510440 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (221) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510441 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (221) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510442 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (222) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510443 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (222) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510444 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (223) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510445 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (223) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510446 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (224) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510447 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (224) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510448 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (225) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510449 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (225) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510450 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (226) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510451 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (226) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510452 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (227) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510453 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (227) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510454 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (228) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510455 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (228) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510456 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (229) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510457 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (229) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510458 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (230) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510459 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (230) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510460 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (231) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510461 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (231) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510462 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (232) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510463 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (232) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510464 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (233) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510465 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (233) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510466 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (234) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510467 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (234) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510468 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (235) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510469 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (235) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts

     -> Removed from emerging-sid-msg.map.txt (97):
        2010012 || ET WEB_CLIENT ACTIVEX Possible KeyWorks KeyHelp Module keyhelp.ocx ActiveX Control Remote Buffer Overflow Attempt || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_CLIENT/WEB_Keyworks || url,doc.emergingthreats.net/2010012 || url,www.securityfocus.com/bid/36546/info
        2500422 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (212) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500423 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (212) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500424 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (213) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500425 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (213) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500426 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (214) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500427 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (214) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500428 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (215) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500429 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (215) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500430 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (216) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500431 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (216) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500432 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (217) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500433 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (217) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500434 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (218) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500435 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (218) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500436 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (219) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500437 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (219) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500438 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (220) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500439 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (220) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500440 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (221) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500441 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (221) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500442 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (222) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500443 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (222) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500444 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (223) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500445 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (223) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500446 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (224) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500447 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (224) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500448 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (225) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500449 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (225) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500450 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (226) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500451 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (226) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500452 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (227) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500453 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (227) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500454 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (228) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500455 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (228) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500456 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (229) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500457 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (229) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500458 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (230) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500459 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (230) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500460 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (231) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500461 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (231) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500462 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (232) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500463 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (232) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500464 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (233) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500465 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (233) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500466 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (234) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500467 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (234) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500468 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP (235) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500469 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP (235) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510422 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (212) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510423 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (212) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510424 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (213) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510425 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (213) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510426 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (214) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510427 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (214) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510428 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (215) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510429 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (215) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510430 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (216) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510431 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (216) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510432 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (217) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510433 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (217) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510434 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (218) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510435 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (218) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510436 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (219) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510437 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (219) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510438 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (220) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510439 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (220) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510440 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (221) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510441 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (221) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510442 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (222) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510443 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (222) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510444 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (223) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510445 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (223) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510446 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (224) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510447 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (224) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510448 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (225) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510449 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (225) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510450 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (226) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510451 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (226) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510452 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (227) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510453 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (227) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510454 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (228) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510455 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (228) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510456 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (229) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510457 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (229) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510458 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (230) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510459 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (230) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510460 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (231) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510461 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (231) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510462 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (232) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510463 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (232) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510464 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (233) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510465 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (233) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510466 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (234) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510467 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (234) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510468 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP - BLOCKING (235) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510469 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP - BLOCKING (235) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts



More information about the Emerging-updates mailing list