[Emerging-updates] Live Commit Output

emerging@emergingthreats.net emerging at emergingthreats.net
Thu Jul 8 21:17:50 EDT 2010


[***] Results from Oinkmaster started Thu Jul  8 21:17:50 2010 [***]

[+++]          Added rules:          [+++]

 2011177 - ET SCAN Behavioral Unusually fast Terminal Server Traffic, Potential Brute Force Attack (emerging-scan.rules)


[///]     Modified active rules:     [///]

 2011759 - ET WEB_SERVER TIEHTTP User-Agent (emerging-web_server.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to emerging-scan.rules (1):
        # Extended 2010-07-08 per suggestion from Russell Fulton

     -> Added to emerging-sid-msg.map (2):
        2011177 || ET SCAN Behavioral Unusually fast Terminal Server Traffic, Potential Brute Force Attack || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Term_Server || url,doc.emergingthreats.net/2011177
        2011759 || ET WEB_SERVER TIEHTTP User-Agent || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_Tiehttp || url,doc.emergingthreats.net/2011759 || url,www.torry.net/authorsmore.php?id=4292

     -> Added to emerging-sid-msg.map.txt (2):
        2011177 || ET SCAN Behavioral Unusually fast Terminal Server Traffic, Potential Brute Force Attack || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Term_Server || url,doc.emergingthreats.net/2011177
        2011759 || ET WEB_SERVER TIEHTTP User-Agent || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_Tiehttp || url,doc.emergingthreats.net/2011759 || url,www.torry.net/authorsmore.php?id=4292

[---]     Removed non-rule lines:    [---]

     -> Removed from emerging-sid-msg.map (1):
        2011759 || ET WEB_SERVER TIEHTTP User-Agent || url,www.torry.net/authorsmore.php?id=4292

     -> Removed from emerging-sid-msg.map.txt (1):
        2011759 || ET WEB_SERVER TIEHTTP User-Agent || url,www.torry.net/authorsmore.php?id=4292



More information about the Emerging-updates mailing list