[Emerging-updates] Live Commit Output

emerging@emergingthreats.net emerging at emergingthreats.net
Thu Jul 29 19:47:56 EDT 2010


[***] Results from Oinkmaster started Thu Jul 29 19:47:56 2010 [***]

[+++]          Added rules:          [+++]

 2003925 - ET USER_AGENTS WebHack Control Center User-Agent Outbound (WHCC/) (emerging-user_agents.rules)
 2010715 - ET SCAN ZmEu exploit scanner (emerging-scan.rules)
 2010768 - ET SCAN Open-Proxy ScannerBot (webcollage-UA)  (emerging-scan.rules)
 2010794 - ET SCAN DFind w00tw00t GET-Request (emerging-scan.rules)


[///]     Modified active rules:     [///]

 2003924 - ET SCAN WebHack Control Center User-Agent Inbound (WHCC/) (emerging-scan.rules)


[---]         Removed rules:         [---]

 2003925 - ET SCAN WebHack Control Center User-Agent Outbound (WHCC/) (emerging-scan.rules)
 2010715 - ET USER_AGENTS ZmEu exploit scanner (emerging-user_agents.rules)
 2010768 - ET WEB_SERVER Open-Proxy ScannerBot (webcollage-UA)  (emerging-user_agents.rules)
 2010794 - ET WEB_SERVER DFind w00tw00t GET-Requests (emerging-web_server.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to emerging-scan.rules (3):
        #by markus manzke
        # Proxy-Scanner - 2
        #by jack pepper

     -> Added to emerging-sid-msg.map (4):
        2003925 || ET USER_AGENTS WebHack Control Center User-Agent Outbound (WHCC/) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/USER_AGENTS/USER_AGENTS_WebHack || url,doc.emergingthreats.net/2003925 || url,www.governmentsecurity.org/forum/index.php?showtopic=5112&pid=28561&mode=threaded&start=
        2010715 || ET SCAN ZmEu exploit scanner || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_ZmEu || url,doc.emergingthreats.net/2010705
        2010768 || ET SCAN Open-Proxy ScannerBot (webcollage-UA)  || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Webcollage || url,doc.emergingthreats.net/2010768 || url,www.botsvsbrowsers.com/details/214715/index.html || url, stateofsecurity.com/?p=526
        2010794 || ET SCAN DFind w00tw00t GET-Request || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_wootwoot || url,doc.emergingthreats.net/2010794

     -> Added to emerging-sid-msg.map.txt (4):
        2003925 || ET USER_AGENTS WebHack Control Center User-Agent Outbound (WHCC/) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/USER_AGENTS/USER_AGENTS_WebHack || url,doc.emergingthreats.net/2003925 || url,www.governmentsecurity.org/forum/index.php?showtopic=5112&pid=28561&mode=threaded&start=
        2010715 || ET SCAN ZmEu exploit scanner || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_ZmEu || url,doc.emergingthreats.net/2010705
        2010768 || ET SCAN Open-Proxy ScannerBot (webcollage-UA)  || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Webcollage || url,doc.emergingthreats.net/2010768 || url,www.botsvsbrowsers.com/details/214715/index.html || url, stateofsecurity.com/?p=526
        2010794 || ET SCAN DFind w00tw00t GET-Request || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_wootwoot || url,doc.emergingthreats.net/2010794

     -> Added to emerging-user_agents.rules (1):
        #by Axn Jxn

[---]     Removed non-rule lines:    [---]

     -> Removed from emerging-sid-msg.map (4):
        2003925 || ET SCAN WebHack Control Center User-Agent Outbound (WHCC/) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_WebHack || url,doc.emergingthreats.net/2003925 || url,www.governmentsecurity.org/forum/index.php?showtopic=5112&pid=28561&mode=threaded&start=
        2010715 || ET USER_AGENTS ZmEu exploit scanner || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/USER_AGENTS/USER_AGENTS_ZmEu || url,doc.emergingthreats.net/2010705
        2010768 || ET WEB_SERVER Open-Proxy ScannerBot (webcollage-UA)  || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/USER_AGENTS/USER_AGENTS_Webcollage || url,doc.emergingthreats.net/2010768 || url,www.botsvsbrowsers.com/details/214715/index.html || url, stateofsecurity.com/?p=526
        2010794 || ET WEB_SERVER DFind w00tw00t GET-Requests || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_wootwoot || url,doc.emergingthreats.net/2010794

     -> Removed from emerging-sid-msg.map.txt (4):
        2003925 || ET SCAN WebHack Control Center User-Agent Outbound (WHCC/) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_WebHack || url,doc.emergingthreats.net/2003925 || url,www.governmentsecurity.org/forum/index.php?showtopic=5112&pid=28561&mode=threaded&start=
        2010715 || ET USER_AGENTS ZmEu exploit scanner || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/USER_AGENTS/USER_AGENTS_ZmEu || url,doc.emergingthreats.net/2010705
        2010768 || ET WEB_SERVER Open-Proxy ScannerBot (webcollage-UA)  || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/USER_AGENTS/USER_AGENTS_Webcollage || url,doc.emergingthreats.net/2010768 || url,www.botsvsbrowsers.com/details/214715/index.html || url, stateofsecurity.com/?p=526
        2010794 || ET WEB_SERVER DFind w00tw00t GET-Requests || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_wootwoot || url,doc.emergingthreats.net/2010794

     -> Removed from emerging-user_agents.rules (3):
        #by markus manzke
        # Proxy-Scanner - 2
        #by jack pepper

     -> Removed from emerging-web_server.rules (1):
        #by mareadmin



More information about the Emerging-updates mailing list