[Emerging-updates] Live Commit Output

emerging@emergingthreats.net emerging at emergingthreats.net
Thu Jul 29 22:06:41 EDT 2010


[***] Results from Oinkmaster started Thu Jul 29 22:06:41 2010 [***]

[+++]          Added rules:          [+++]

 2002667 - ET WEB_SERVER sumthin scan (emerging-web_server.rules)
 2003466 - ET WEB_SERVER PHP Attack Tool Morfeus F Scanner (emerging-web_server.rules)
 2003616 - ET WEB_SERVER DataCha0s Web Scanner/Robot (emerging-web_server.rules)
 2009288 - ET WEB_SERVER Attack Tool Revolt Scanner (emerging-web_server.rules)
 2009799 - ET WEB_SERVER PHP Attack Tool Morfeus F Scanner - M (emerging-web_server.rules)
 2010720 - ET WEB_SERVER PHP Scan Precursor (emerging-web_server.rules)
 2010794 - ET WEB_SERVER DFind w00tw00t GET-Requests (emerging-web_server.rules)
 2011175 - ET WEB_SERVER Casper Bot Search RFI Scan (emerging-web_server.rules)
 2011176 - ET WEB_SERVER MaMa CaSpEr RFI Scan (emerging-web_server.rules)
 2011243 - ET WEB_SERVER Bot Search RFI Scan (ByroeNet/Casper-Like, planetwork) (emerging-web_server.rules)
 2011244 - ET WEB_SERVER Bot Search RFI Scan (ByroeNet/Casper-Like, sun4u) (emerging-web_server.rules)
 2011285 - ET WEB_SERVER Bot Search RFI Scan (Casper-Like, Jcomers Bot scan) (emerging-web_server.rules)
 2011286 - ET WEB_SERVER Bot Search RFI Scan (Casper-Like, MaMa Cyber/ebes) (emerging-web_server.rules)


[///]     Modified active rules:     [///]

 2000586 - ET USER_AGENTS Ezula Related Calling Home (emerging-user_agents.rules)
 2001295 - ET USER_AGENTS Browseraid.com Agent (emerging-user_agents.rules)
 2001492 - ET USER_AGENTS ISearchTech.com XXXPornToolbar Activity (MyApp) (emerging-user_agents.rules)
 2001493 - ET USER_AGENTS ISearchTech.com XXXPornToolbar Activity (IST) (emerging-user_agents.rules)
 2001498 - ET USER_AGENTS Internet Optimizer Activity (emerging-user_agents.rules)
 2001562 - ET USER_AGENTS MarketScore.com Spyware User Configuration and Setup Access (emerging-user_agents.rules)
 2001640 - ET USER_AGENTS Altnet PeerPoints Manager Traffic (emerging-user_agents.rules)
 2001652 - ET USER_AGENTS JoltID Agent New Code Download (emerging-user_agents.rules)
 2001699 - ET USER_AGENTS YourSiteBar Activity (emerging-user_agents.rules)
 2001703 - ET USER_AGENTS Context Plus Spyware Activity (1) (emerging-user_agents.rules)
 2001706 - ET USER_AGENTS Context Plus Spyware Activity (2) (emerging-user_agents.rules)
 2001746 - ET USER_AGENTS Enhance My Search Spyware Activity (emerging-user_agents.rules)
 2001852 - ET USER_AGENTS 404Search Spyware User Agent (emerging-user_agents.rules)
 2001853 - ET USER_AGENTS Easy Search Bar Spyware User Agent (emerging-user_agents.rules)
 2001854 - ET MALWARE EZULA Spyware User Agent (emerging-user_agents.rules)
 2001855 - ET USER_AGENTS Fun Web Products Spyware User Agent (1) (emerging-user_agents.rules)
 2001864 - ET USER_AGENTS Fun Web Products Spyware User Agent (3) (emerging-user_agents.rules)
 2001865 - ET USER_AGENTS MyWebSearch Spyware User Agent (emerging-user_agents.rules)
 2002002 - ET USER_AGENTS Better Internet Spyware User Agent Activity (thnall) (emerging-user_agents.rules)
 2002005 - ET USER_AGENTS Better Internet Spyware User Agent Activity (poller) (emerging-user_agents.rules)
 2002021 - ET USER_AGENTS Grandstreet Interactive Spyware User Agent Activity (1) (emerging-user_agents.rules)
 2002079 - ET USER_AGENTS MyWaySearch Products Spyware User Agent (emerging-user_agents.rules)
 2002080 - ET USER_AGENTS MySearch Products Spyware User Agent (emerging-user_agents.rules)
 2002160 - ET USER_AGENTS CoolWebSearch Spyware (Feat) (emerging-user_agents.rules)
 2002166 - ET USER_AGENTS Alexa Search Toolbar User-Agent (Alexa Toolbar) (emerging-user_agents.rules)
 2002394 - ET USER_AGENTS Adwave/MarketScore User Agent (WTA) (emerging-user_agents.rules)
 2002395 - ET USER_AGENTS Miva User Agent (TPSystem) (emerging-user_agents.rules)
 2002396 - ET USER_AGENTS Miva Spyware User Agent (Travel Update) (emerging-user_agents.rules)
 2002403 - ET USER_AGENTS Context Plus User Agent (PTS) (emerging-user_agents.rules)
 2002404 - ET USER_AGENTS Movies etc User Agent (IOInstall) (emerging-user_agents.rules)
 2002405 - ET USER_AGENTS Internet Optimizer User Agent (ROGUE) (emerging-user_agents.rules)
 2002874 - ET USER_AGENTS TROJAN Metafisher/Goldun z User Agent (emerging-user_agents.rules)
 2002877 - ET USER_AGENTS TROJAN BankSnif/Nethelper User Agent (emerging-user_agents.rules)
 2003200 - ET USER_AGENTS Suspicious User Agent (MSIE XPSP2) (emerging-user_agents.rules)
 2003224 - ET USER_AGENTS Megaupload Spyware User Agent (emerging-user_agents.rules)
 2003335 - ET USER_AGENTS 2search.org User Agent (2search) (emerging-user_agents.rules)
 2003336 - ET USER_AGENTS AntiVermins.com Fake Antispyware Package User Agent (emerging-user_agents.rules)
 2003346 - ET USER_AGENTS Errorsafe.com Fake antispyware User Agent (ErrorSafe Updater) (emerging-user_agents.rules)
 2003347 - ET USER_AGENTS Gamehouse.com User Agent (GAMEHOUSE.NET.URL) (emerging-user_agents.rules)
 2003355 - ET USER_AGENTS Yourscreen.com Spyware User Agent (FreezeInet) (emerging-user_agents.rules)
 2003385 - ET USER_AGENTS sgrunt Dialer User Agent (sgrunt) (emerging-user_agents.rules)
 2003387 - ET USER_AGENTS dialno Dialer User Agent (dialno) (emerging-user_agents.rules)
 2003396 - ET USER_AGENTS Mysearch.com/Morpheus Bar Spyware User-Agent (emerging-user_agents.rules)
 2003398 - ET USER_AGENTS Morpheus Spyware Install User-Agent (SmartInstaller) (emerging-user_agents.rules)
 2003405 - ET USER_AGENTS Freeze.com Spyware User-Agent (YourScreen123) (emerging-user_agents.rules)
 2003406 - ET USER_AGENTS Mysearch.com Spyware User-Agent (iMeshBar) (emerging-user_agents.rules)
 2003407 - ET USER_AGENTS searchenginebar.com Spyware User-Agent (RX Bar) (emerging-user_agents.rules)
 2003425 - ET USER_AGENTS clickspring.com Spyware Install User-Agent (CS Fingerprint Module) (emerging-user_agents.rules)
 2003428 - ET USER_AGENTS Surfaccuracy.com Spyware Install User-Agent (SF Installer) (emerging-user_agents.rules)
 2003429 - ET USER_AGENTS xxxtoolbar.com Spyware Install User-Agent (emerging-user_agents.rules)
 2003439 - ET USER_AGENTS Dropspam.com Spyware Install User-Agent (DSInstall) (emerging-user_agents.rules)
 2003476 - ET USER_AGENTS Virusblast.com Fake AV/Anti-Spyware User-Agent (ad-protect) (emerging-user_agents.rules)
 2003477 - ET USER_AGENTS Terminexor.com Spyware User-Agent (DInstaller2) (emerging-user_agents.rules)
 2003478 - ET USER_AGENTS Errornuker.com Fake Anti-Spyware User-Agent (ERRORNUKER) (emerging-user_agents.rules)
 2003486 - ET USER_AGENTS Drivecleaner.com Spyware User-Agent (DriveCleaner Updater) (emerging-user_agents.rules)
 2003489 - ET USER_AGENTS malwarewipeupdate.com Spyware User-Agent (MalwareWipe) (emerging-user_agents.rules)
 2003490 - ET USER_AGENTS Mirar Spyware User-Agent (Mirar_KeywordContent) (emerging-user_agents.rules)
 2003493 - ET USER_AGENTS AskSearch Spyware User-Agent (AskSearchAssistant) (emerging-user_agents.rules)
 2003494 - ET USER_AGENTS AskSearch Toolbar Spyware User-Agent (AskTBar) (emerging-user_agents.rules)
 2003495 - ET USER_AGENTS HSN.com Toolbar Spyware User-Agent (HSN) (emerging-user_agents.rules)
 2003496 - ET USER_AGENTS AskSearch Toolbar Spyware User-Agent (AskBar) (emerging-user_agents.rules)
 2003498 - ET USER_AGENTS Gamehouse.com Related Spyware User-Agent (Sprout Game) (emerging-user_agents.rules)
 2003500 - ET USER_AGENTS Adwave.com Related Spyware User-Agent (STBHOGet) (emerging-user_agents.rules)
 2003501 - ET USER_AGENTS Bestoffersnetwork.com Related Spyware User-Agent (TBONAS) (emerging-user_agents.rules)
 2003505 - ET USER_AGENTS Toplist.cz Related Spyware User-Agent (BWL Toplist) (emerging-user_agents.rules)
 2003506 - ET USER_AGENTS Alawar Toolbar Spyware User-Agent (Alawar Toolbar) (emerging-user_agents.rules)
 2003529 - ET USER_AGENTS Msgplus.net Spyware/Adware User-Agent (MsgPlus3) (emerging-user_agents.rules)
 2003531 - ET USER_AGENTS Antivermins.com Spyware/Adware User-Agent (AntiVermeans) (emerging-user_agents.rules)
 2003532 - ET USER_AGENTS CommonName.com Spyware/Adware User-Agent (CommonName Agent) (emerging-user_agents.rules)
 2003569 - ET USER_AGENTS Evidencenuker.com Fake AV/Anti-Spyware User-Agent (EVNUKER) (emerging-user_agents.rules)
 2003570 - ET USER_AGENTS CoolWebSearch Spyware User-Agent (iefeatsl) (emerging-user_agents.rules)
 2003582 - ET USER_AGENTS MalwareWiped.com Spyware User-Agent (MalwareWiped) (emerging-user_agents.rules)
 2003604 - ET USER_AGENTS Baidu.com Agent User-Agent (Desktop Web System) (emerging-user_agents.rules)
 2003608 - ET USER_AGENTS Baidu.com Related Agent User-Agent (iexp) (emerging-user_agents.rules)
 2003613 - ET USER_AGENTS EELoader User-Agent - Unknown (multiple) Malware Packages (emerging-user_agents.rules)
 2003625 - ET USER_AGENTS dns-look-up.com Spyware User-Agent (KRSystem) (emerging-user_agents.rules)
 2003627 - ET USER_AGENTS Internet-optimizer.com Related Spyware User-Agent (SexTrackerWSI) (emerging-user_agents.rules)
 2003640 - ET USER_AGENTS Adload.Generic Spyware User-Agent (91castInstallKernel) (emerging-user_agents.rules)
 2003652 - ET USER_AGENTS CoolStreaming Toolbar (Conduit related) User-Agent (Coolstreaming Tool-Bar) (emerging-user_agents.rules)
 2003654 - ET USER_AGENTS Effectivebrands.com Spyware User-Agent (GTBank) (emerging-user_agents.rules)
 2003655 - ET USER_AGENTS Trafficadvance.net Spyware User-Agent (Internet 1.0) (emerging-user_agents.rules)
 2003656 - ET USER_AGENTS debelizombi.com (Rizo) related Spyware User-Agent (mc_v1.2.6) (emerging-user_agents.rules)
 2003925 - ET USER_AGENTS WebHack Control Center User-Agent Outbound (WHCC/) (emerging-user_agents.rules)
 2003928 - ET USER_AGENTS Mirar Bar Spyware User-Agent (Mbar) (emerging-user_agents.rules)
 2003929 - ET USER_AGENTS Mirar Bar Spyware User-Agent (Mirar_Toolbar) (emerging-user_agents.rules)
 2006362 - ET USER_AGENTS Qcbar/Adultlinks Spyware User-Agent (IBSBand) (emerging-user_agents.rules)
 2006370 - ET USER_AGENTS Effectivebrands.com Spyware User-Agent (atsu) (emerging-user_agents.rules)
 2006381 - ET USER_AGENTS Ask.com Toolbar/Spyware User Agent (emerging-user_agents.rules)
 2006386 - ET USER_AGENTS Deepdo.com Toolbar/Spyware User Agent (DeepdoUpdate) (emerging-user_agents.rules)
 2006413 - ET USER_AGENTS Mycashbank.co.kr Spyware User Agent (pint_agency) (emerging-user_agents.rules)
 2006418 - ET USER_AGENTS Vaccineprogram.co.kr Related Spyware User Agent (Museon) (emerging-user_agents.rules)
 2006419 - ET USER_AGENTS Vaccineprogram.co.kr Related Spyware User Agent (anycleaner) (emerging-user_agents.rules)
 2006420 - ET USER_AGENTS Vaccineprogram.co.kr Related Spyware User Agent (pcsafe) (emerging-user_agents.rules)
 2006421 - ET USER_AGENTS Doctorvaccine.co.kr Related Spyware User Agent (DoctorVaccine) (emerging-user_agents.rules)
 2006422 - ET USER_AGENTS Platinumreward.co.kr Spyware User Agent (WT_GET_COMM) (emerging-user_agents.rules)
 2006423 - ET USER_AGENTS Doctorpro.co.kr Related Spyware User Agent (doctorpro1) (emerging-user_agents.rules)
 2006429 - ET USER_AGENTS Karine.co.kr Related Spyware User Agent (chk Profile) (emerging-user_agents.rules)
 2006430 - ET USER_AGENTS Karine.co.kr Related Spyware User Agent (Access down) (emerging-user_agents.rules)
 2006553 - ET USER_AGENTS Cpushpop.com Spyware User Agent (CPUSH_UPDATER) (emerging-user_agents.rules)
 2006778 - ET USER_AGENTS Debelizombi.com Spyware User Agent (blahrx) (emerging-user_agents.rules)
 2006782 - ET USER_AGENTS Mirage.ru Related Spyware User Agent (szNotifyIdent) (emerging-user_agents.rules)
 2007582 - ET USER_AGENTS Vikiller.com Fake Antispyware User Agent (vikiller ctrl...) (emerging-user_agents.rules)
 2007583 - ET USER_AGENTS iebar Spyware User Agent (iebar) (emerging-user_agents.rules)
 2007615 - ET USER_AGENTS Unidentified Spyware User Agent (0\:0\:+ 128 chars) (emerging-user_agents.rules)
 2007616 - ET USER_AGENTS klm123.com Spyware User Agent (emerging-user_agents.rules)
 2007617 - ET USER_AGENTS VirusProtectPro Spyware User Agent (VirusProtectPro) (emerging-user_agents.rules)
 2007643 - ET USER_AGENTS Viruscheck.co.kr Fake Antispyware User Agent (viruscheck ctrl...) (emerging-user_agents.rules)
 2007645 - ET USER_AGENTS Ufixer.com Fake Antispyware User Agent (Ultimate Fixer) (emerging-user_agents.rules)
 2007647 - ET USER_AGENTS Casalemedia.com Related User Agent (0\:0\:...) (emerging-user_agents.rules)
 2007660 - ET USER_AGENTS Winxpperformance.com Related Spyware User Agent (Microsoft Internet Browser) (emerging-user_agents.rules)
 2007690 - ET USER_AGENTS IEDefender (iedefender.com) Fake Antispyware User Agent (IEDefender 2.1) (emerging-user_agents.rules)
 2007693 - ET USER_AGENTS Zredirector.com Related Spyware User Agent (BndDriveLoader) (emerging-user_agents.rules)
 2007694 - ET USER_AGENTS Popads123.com Related Spyware User Agent (LmaokaazLdr) (emerging-user_agents.rules)
 2007697 - ET USER_AGENTS Antivirgear.com Fake Anti-Spyware User Agent (AntiVirGear) (emerging-user_agents.rules)
 2007759 - ET USER_AGENTS Alfaantivirus.com Fake Anti-Virus User Agent (IM Download) (emerging-user_agents.rules)
 2007809 - ET USER_AGENTS Doctorvaccine.co.kr Related Spyware User Agent (ers) (emerging-user_agents.rules)
 2007839 - ET USER_AGENTS Drpcclean.com Related Spyware User Agent (DrPCClean Transmit) (emerging-user_agents.rules)
 2007845 - ET USER_AGENTS Errclean.com Related Spyware User Agent (Locus NetInstaller) (emerging-user_agents.rules)
 2007881 - ET USER_AGENTS Mycomclean.com Spyware User Agent (HTTP_GET_COMM) (emerging-user_agents.rules)
 2007882 - ET USER_AGENTS Mycomclean.com Spyware User Agent (SHINI) (emerging-user_agents.rules)
 2007883 - ET USER_AGENTS Virusheat.com Fake Anti-Spyware User Agent (VirusHeat 4.3) (emerging-user_agents.rules)
 2007900 - ET USER_AGENTS Kpang.com Spyware User Agent (auctionplusup) (emerging-user_agents.rules)
 2007908 - ET USER_AGENTS Searchspy.co.kr Spyware User Agent (HTTPGETDATA) (emerging-user_agents.rules)
 2007909 - ET USER_AGENTS Searchspy.co.kr Spyware User Agent (HTTPFILEDOWN) (emerging-user_agents.rules)
 2007910 - ET USER_AGENTS Searchspy.co.kr Spyware User Agent (HTTP_FILEDOWN) (emerging-user_agents.rules)
 2007927 - ET USER_AGENTS Donkeyhote.co.kr Spyware User Agent (UDonkey) (emerging-user_agents.rules)
 2007928 - ET USER_AGENTS Gcashback.co.kr Spyware User Agent (InvokeAd) (emerging-user_agents.rules)
 2007935 - ET USER_AGENTS Geopia.com Fake Anti-Spyware/AV User Agent (fs3update) (emerging-user_agents.rules)
 2007938 - ET USER_AGENTS Geopia.com Fake Anti-Spyware/AV User Agent (fian3manager) (emerging-user_agents.rules)
 2007947 - ET USER_AGENTS Nguide.co.kr Fake Security Tool User Agent (nguideup) (emerging-user_agents.rules)
 2007958 - ET USER_AGENTS Msconfig.co.kr Related User Agent (BACKMAN) (emerging-user_agents.rules)
 2007959 - ET USER_AGENTS Msconfig.co.kr Related User Agent (GLOBALx) (emerging-user_agents.rules)
 2007977 - ET USER_AGENTS Dokterfix.com Fake AV User Agent (Magic NetInstaller) (emerging-user_agents.rules)
 2008000 - ET USER_AGENTS Easydownloadsoft.com Fake Anti-Virus User Agent (IM Downloader) (emerging-user_agents.rules)
 2008085 - ET USER_AGENTS Alexa Search Toolbar User-Agent 2 (Alexa Toolbar) (emerging-user_agents.rules)
 2008150 - ET USER_AGENTS Avsystemcare.com Fake AV User Agent (LocusSoftware, NetInstaller) (emerging-user_agents.rules)
 2008198 - ET USER_AGENTS Pcclear.co.kr/Pcclear.com Fake AV User-Agent (PCClearPlus) (emerging-user_agents.rules)
 2008200 - ET USER_AGENTS vaccine-program.co.kr Related Spyware User Agent (vaccine) (emerging-user_agents.rules)
 2008202 - ET USER_AGENTS UbrenQuatroRusDldr Downloader User Agent (UbrenQuatroRusDldr 096044) (emerging-user_agents.rules)
 2008203 - ET USER_AGENTS BndVeano4GetDownldr Downloader User Agent (BndVeano4GetDownldr) (emerging-user_agents.rules)
 2008204 - ET USER_AGENTS yeps.co.kr Related User Agent (ISecu) (emerging-user_agents.rules)
 2008205 - ET USER_AGENTS yeps.co.kr Related User Agent (ISUpd) (emerging-user_agents.rules)
 2008294 - ET USER_AGENTS AntiSpywareMaster.com Fake AV User-Agent (emerging-user_agents.rules)
 2008372 - ET USER_AGENTS Adsincontext.com Related Spyware User-Agent (Connector v1.2) (emerging-user_agents.rules)
 2008457 - ET USER_AGENTS Deepdo Toolbar User-Agent (FavUpdate) (emerging-user_agents.rules)
 2008484 - ET USER_AGENTS Cleancop.co.kr Fake AV User-Agent (CleancopUpdate) (emerging-user_agents.rules)
 2008485 - ET USER_AGENTS Searchtool.co.kr Fake Product User-Agent (searchtoolup) (emerging-user_agents.rules)
 2008549 - ET USER_AGENTS Systemdoctor.com/Antivir2008 related Fake Anti-Virus User-Agent (AntivirXP) (emerging-user_agents.rules)
 2008586 - ET USER_AGENTS Casino Related Spyware User-Agent Detected (Viper 4.0) (emerging-user_agents.rules)
 2008594 - ET USER_AGENTS ezday.co.kr Related Spyware User-Agent Detected (Ezshop) (emerging-user_agents.rules)
 2008608 - ET USER_AGENTS WinFixer Trojan Related User-Agent Detected (ElectroSun NetInstaller) (emerging-user_agents.rules)
 2008647 - ET USER_AGENTS Internet-antivirus.com Related Fake AV User-Agent Detected (Update Internet Antivirus) (emerging-user_agents.rules)
 2009150 - ET USER_AGENTS Viruskill.co.kr Fake AV User-Agent Detected (virus_kill) (emerging-user_agents.rules)
 2009157 - ET USER_AGENTS N1 Fake AV User-Agent Detected (N1) (emerging-user_agents.rules)
 2009222 - ET USER_AGENTS NewWeb User Agent (Lobo Lunar) (emerging-user_agents.rules)
 2009223 - ET USER_AGENTS Fake AV User Agent av1-site.info Related (AV1) (emerging-user_agents.rules)
 2009236 - ET USER_AGENTS Pigeon.AYX/AVKill Related User-Agent (CTTBasic) (emerging-user_agents.rules)
 2009289 - ET USER_AGENTS No-ad.co.kr Fake AV Related User-Agent (U2Clean) (emerging-user_agents.rules)
 2009766 - ET USER_AGENTS IE Toolbar User-Agent (IEToolbar) (emerging-user_agents.rules)
 2009783 - ET USER_AGENTS RubyFortune Spyware Capabilities User-Agent (Microgaming Install Program) - GET (emerging-user_agents.rules)
 2009861 - ET USER_AGENTS ErrorNuker FakeAV User-Agent (ERRN2004 (Windows XP)) (emerging-user_agents.rules)
 2010218 - ET USER_AGENTS Win32/InternetAntivirus User Agent Detected (Internet Antivirus Pro) (emerging-user_agents.rules)
 2010220 - ET USER_AGENTS Suspicious User-Agent (ClickAdsByIE) (emerging-user_agents.rules)
 2010645 - ET USER_AGENTS Suspicious User Agent (Launcher) (emerging-user_agents.rules)
 2010676 - ET USER_AGENTS Suspicious User-Agent (Fast Browser Search) (emerging-user_agents.rules)
 2010677 - ET USER_AGENTS Spyware google-analitid181.com related user agent (My Session) (emerging-user_agents.rules)
 2010678 - ET USER_AGENTS Win32.OnLineGames User Agent Detected (BigFoot) (emerging-user_agents.rules)
 2010679 - ET USER_AGENTS Trojan.Win32.InternetAntivirus User Agent Detected (General Antivirus) (emerging-user_agents.rules)
 2010680 - ET USER_AGENTS chnsystem.com Spyware User-Agent (Update1.0) (emerging-user_agents.rules)
 2010717 - ET USER_AGENTS Suspicious User-Agent (FaceCooker) (emerging-user_agents.rules)
 2010718 - ET USER_AGENTS Suspicious User-Agent (Gootkit hldr) (emerging-user_agents.rules)
 2010721 - ET USER_AGENTS Suspicious Non-Escaping backslash in User-Agent Outbound (emerging-user_agents.rules)
 2010722 - ET USER_AGENTS Suspicious Non-Escaping backslash in User-Agent Inbound (emerging-user_agents.rules)
 2010727 - ET USER_AGENTS Suspicious User-Agent (Live Enterprise Suite) (emerging-user_agents.rules)
 2010934 - ET USER_AGENTS Infobox3 Spyware User-Agent (emerging-user_agents.rules)
 2011084 - ET USER_AGENTS Suspicious User Agent BlueSky (emerging-user_agents.rules)
 2011125 - ET USER_AGENTS Suspicious User-Agent (MxAgent) (emerging-user_agents.rules)
 2011127 - ET USER_AGENTS Suspicious User-Agent (InTeRNeT) (emerging-user_agents.rules)
 2011247 - ET USER_AGENTS Forthgoer User Agent - Likely Hostile (emerging-user_agents.rules)
 2011271 - ET USER_AGENTS Suspicious User-Agent (CustomSpy) (emerging-user_agents.rules)
 2011273 - ET USER_AGENTS Suspicious User-Agent (GM Login) (emerging-user_agents.rules)


[---]         Removed rules:         [---]

 2002667 - ET SCAN sumthin scan (emerging-scan.rules)
 2003466 - ET SCAN PHP Attack Tool Morfeus F Scanner (emerging-scan.rules)
 2003616 - ET SCAN DataCha0s Web Scanner/Robot (emerging-scan.rules)
 2009288 - ET SCAN Attack Tool Revolt Scanner (emerging-scan.rules)
 2009799 - ET SCAN PHP Attack Tool Morfeus F Scanner - M (emerging-scan.rules)
 2010720 - ET SCAN PHP Scan Precursor (emerging-scan.rules)
 2010794 - ET SCAN DFind w00tw00t GET-Request (emerging-scan.rules)
 2011175 - ET SCAN Casper Bot Search RFI Scan (emerging-scan.rules)
 2011176 - ET SCAN MaMa CaSpEr RFI Scan (emerging-scan.rules)
 2011243 - ET SCAN Bot Search RFI Scan (ByroeNet/Casper-Like, planetwork) (emerging-scan.rules)
 2011244 - ET SCAN Bot Search RFI Scan (ByroeNet/Casper-Like, sun4u) (emerging-scan.rules)
 2011285 - ET SCAN Bot Search RFI Scan (Casper-Like, Jcomers Bot scan) (emerging-scan.rules)
 2011286 - ET SCAN Bot Search RFI Scan (Casper-Like, MaMa Cyber/ebes) (emerging-scan.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to emerging-sid-msg.map (13):
        2002667 || ET WEB_SERVER sumthin scan || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_sumthin || url,doc.emergingthreats.net/2002667 || url,www.webmasterworld.com/forum11/2100.htm
        2003466 || ET WEB_SERVER PHP Attack Tool Morfeus F Scanner || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_Morfeus_Scan || url,doc.emergingthreats.net/2003466 || url,www.webmasterworld.com/search_engine_spiders/3227720.htm
        2003616 || ET WEB_SERVER DataCha0s Web Scanner/Robot || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_DataCha0s || url,doc.emergingthreats.net/2003616 || url,www.internetofficer.com/web-robot/datacha0s.html
        2009288 || ET WEB_SERVER Attack Tool Revolt Scanner || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_Revolt_Scanner || url,doc.emergingthreats.net/2009288 || url,www.Whitehatsecurityresponse.blogspot.com
        2009799 || ET WEB_SERVER PHP Attack Tool Morfeus F Scanner - M || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_Morfeus_Scan || url,doc.emergingthreats.net/2003466 || url,www.webmasterworld.com/search_engine_spiders/3227720.htm
        2010720 || ET WEB_SERVER PHP Scan Precursor || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_nonexist || url,doc.emergingthreats.net/2010720
        2010794 || ET WEB_SERVER DFind w00tw00t GET-Requests || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_wootwoot || url,doc.emergingthreats.net/2010794
        2011175 || ET WEB_SERVER Casper Bot Search RFI Scan || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_SERVER_Casper || url,doc.emergingthreats.net/2011175
        2011176 || ET WEB_SERVER MaMa CaSpEr RFI Scan || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_SERVER_Casper || url,doc.emergingthreats.net/2011176
        2011243 || ET WEB_SERVER Bot Search RFI Scan (ByroeNet/Casper-Like, planetwork) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_SERVER_Casper || url,doc.emergingthreats.net/2011243 || url,eromang.zataz.com/2010/07/13/byroenet-casper-bot-search-e107-rce-scanner/
        2011244 || ET WEB_SERVER Bot Search RFI Scan (ByroeNet/Casper-Like, sun4u) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_SERVER_Casper || url,doc.emergingthreats.net/2011244 || url,eromang.zataz.com/2010/07/13/byroenet-casper-bot-search-e107-rce-scanner/
        2011285 || ET WEB_SERVER Bot Search RFI Scan (Casper-Like, Jcomers Bot scan) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_SERVER_Casper || url,doc.emergingthreats.net/2011285 || url,eromang.zataz.com/2010/07/13/byroenet-casper-bot-search-e107-rce-scanner/
        2011286 || ET WEB_SERVER Bot Search RFI Scan (Casper-Like, MaMa Cyber/ebes) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_SERVER_Casper || url,doc.emergingthreats.net/2011286 || url,eromang.zataz.com/2010/07/13/byroenet-casper-bot-search-e107-rce-scanner/

     -> Added to emerging-sid-msg.map.txt (13):
        2002667 || ET WEB_SERVER sumthin scan || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_sumthin || url,doc.emergingthreats.net/2002667 || url,www.webmasterworld.com/forum11/2100.htm
        2003466 || ET WEB_SERVER PHP Attack Tool Morfeus F Scanner || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_Morfeus_Scan || url,doc.emergingthreats.net/2003466 || url,www.webmasterworld.com/search_engine_spiders/3227720.htm
        2003616 || ET WEB_SERVER DataCha0s Web Scanner/Robot || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_DataCha0s || url,doc.emergingthreats.net/2003616 || url,www.internetofficer.com/web-robot/datacha0s.html
        2009288 || ET WEB_SERVER Attack Tool Revolt Scanner || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_Revolt_Scanner || url,doc.emergingthreats.net/2009288 || url,www.Whitehatsecurityresponse.blogspot.com
        2009799 || ET WEB_SERVER PHP Attack Tool Morfeus F Scanner - M || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_Morfeus_Scan || url,doc.emergingthreats.net/2003466 || url,www.webmasterworld.com/search_engine_spiders/3227720.htm
        2010720 || ET WEB_SERVER PHP Scan Precursor || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_nonexist || url,doc.emergingthreats.net/2010720
        2010794 || ET WEB_SERVER DFind w00tw00t GET-Requests || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_wootwoot || url,doc.emergingthreats.net/2010794
        2011175 || ET WEB_SERVER Casper Bot Search RFI Scan || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_SERVER_Casper || url,doc.emergingthreats.net/2011175
        2011176 || ET WEB_SERVER MaMa CaSpEr RFI Scan || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_SERVER_Casper || url,doc.emergingthreats.net/2011176
        2011243 || ET WEB_SERVER Bot Search RFI Scan (ByroeNet/Casper-Like, planetwork) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_SERVER_Casper || url,doc.emergingthreats.net/2011243 || url,eromang.zataz.com/2010/07/13/byroenet-casper-bot-search-e107-rce-scanner/
        2011244 || ET WEB_SERVER Bot Search RFI Scan (ByroeNet/Casper-Like, sun4u) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_SERVER_Casper || url,doc.emergingthreats.net/2011244 || url,eromang.zataz.com/2010/07/13/byroenet-casper-bot-search-e107-rce-scanner/
        2011285 || ET WEB_SERVER Bot Search RFI Scan (Casper-Like, Jcomers Bot scan) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_SERVER_Casper || url,doc.emergingthreats.net/2011285 || url,eromang.zataz.com/2010/07/13/byroenet-casper-bot-search-e107-rce-scanner/
        2011286 || ET WEB_SERVER Bot Search RFI Scan (Casper-Like, MaMa Cyber/ebes) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_SERVER_Casper || url,doc.emergingthreats.net/2011286 || url,eromang.zataz.com/2010/07/13/byroenet-casper-bot-search-e107-rce-scanner/

     -> Added to emerging-web_server.rules (7):
        # 2010-07-08: Submitted by Mike Cox
        #by mareadmin
        #by eric romang
        #some kind of robot/scripted web scanner. Some reports that it's looking for awstats installs
        #by shirkdog
        # By Frank Knobbe, 2005-11-02
        #by mareadmin

[---]     Removed non-rule lines:    [---]

     -> Removed from emerging-scan.rules (7):
        # 2010-07-08: Submitted by Mike Cox
        #by eric romang
        #some kind of robot/scripted web scanner. Some reports that it's looking for awstats installs
        #by shirkdog
        #by Jared Braverman
        #by mike cox
        # By Frank Knobbe, 2005-11-02

     -> Removed from emerging-sid-msg.map (13):
        2002667 || ET SCAN sumthin scan || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_sumthin || url,doc.emergingthreats.net/2002667 || url,www.webmasterworld.com/forum11/2100.htm
        2003466 || ET SCAN PHP Attack Tool Morfeus F Scanner || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Morfeus_Scan || url,doc.emergingthreats.net/2003466 || url,www.webmasterworld.com/search_engine_spiders/3227720.htm
        2003616 || ET SCAN DataCha0s Web Scanner/Robot || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_DataCha0s || url,doc.emergingthreats.net/2003616 || url,www.internetofficer.com/web-robot/datacha0s.html
        2009288 || ET SCAN Attack Tool Revolt Scanner || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Revolt_Scanner || url,doc.emergingthreats.net/2009288 || url,www.Whitehatsecurityresponse.blogspot.com
        2009799 || ET SCAN PHP Attack Tool Morfeus F Scanner - M || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Morfeus_Scan || url,doc.emergingthreats.net/2003466 || url,www.webmasterworld.com/search_engine_spiders/3227720.htm
        2010720 || ET SCAN PHP Scan Precursor || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_nonexist || url,doc.emergingthreats.net/2010720
        2010794 || ET SCAN DFind w00tw00t GET-Request || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_wootwoot || url,doc.emergingthreats.net/2010794
        2011175 || ET SCAN Casper Bot Search RFI Scan || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Casper || url,doc.emergingthreats.net/2011175
        2011176 || ET SCAN MaMa CaSpEr RFI Scan || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Casper || url,doc.emergingthreats.net/2011176
        2011243 || ET SCAN Bot Search RFI Scan (ByroeNet/Casper-Like, planetwork) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Casper || url,doc.emergingthreats.net/2011243 || url,eromang.zataz.com/2010/07/13/byroenet-casper-bot-search-e107-rce-scanner/
        2011244 || ET SCAN Bot Search RFI Scan (ByroeNet/Casper-Like, sun4u) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Casper || url,doc.emergingthreats.net/2011244 || url,eromang.zataz.com/2010/07/13/byroenet-casper-bot-search-e107-rce-scanner/
        2011285 || ET SCAN Bot Search RFI Scan (Casper-Like, Jcomers Bot scan) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Casper || url,doc.emergingthreats.net/2011285 || url,eromang.zataz.com/2010/07/13/byroenet-casper-bot-search-e107-rce-scanner/
        2011286 || ET SCAN Bot Search RFI Scan (Casper-Like, MaMa Cyber/ebes) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Casper || url,doc.emergingthreats.net/2011286 || url,eromang.zataz.com/2010/07/13/byroenet-casper-bot-search-e107-rce-scanner/

     -> Removed from emerging-sid-msg.map.txt (13):
        2002667 || ET SCAN sumthin scan || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_sumthin || url,doc.emergingthreats.net/2002667 || url,www.webmasterworld.com/forum11/2100.htm
        2003466 || ET SCAN PHP Attack Tool Morfeus F Scanner || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Morfeus_Scan || url,doc.emergingthreats.net/2003466 || url,www.webmasterworld.com/search_engine_spiders/3227720.htm
        2003616 || ET SCAN DataCha0s Web Scanner/Robot || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_DataCha0s || url,doc.emergingthreats.net/2003616 || url,www.internetofficer.com/web-robot/datacha0s.html
        2009288 || ET SCAN Attack Tool Revolt Scanner || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Revolt_Scanner || url,doc.emergingthreats.net/2009288 || url,www.Whitehatsecurityresponse.blogspot.com
        2009799 || ET SCAN PHP Attack Tool Morfeus F Scanner - M || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Morfeus_Scan || url,doc.emergingthreats.net/2003466 || url,www.webmasterworld.com/search_engine_spiders/3227720.htm
        2010720 || ET SCAN PHP Scan Precursor || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_nonexist || url,doc.emergingthreats.net/2010720
        2010794 || ET SCAN DFind w00tw00t GET-Request || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_wootwoot || url,doc.emergingthreats.net/2010794
        2011175 || ET SCAN Casper Bot Search RFI Scan || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Casper || url,doc.emergingthreats.net/2011175
        2011176 || ET SCAN MaMa CaSpEr RFI Scan || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Casper || url,doc.emergingthreats.net/2011176
        2011243 || ET SCAN Bot Search RFI Scan (ByroeNet/Casper-Like, planetwork) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Casper || url,doc.emergingthreats.net/2011243 || url,eromang.zataz.com/2010/07/13/byroenet-casper-bot-search-e107-rce-scanner/
        2011244 || ET SCAN Bot Search RFI Scan (ByroeNet/Casper-Like, sun4u) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Casper || url,doc.emergingthreats.net/2011244 || url,eromang.zataz.com/2010/07/13/byroenet-casper-bot-search-e107-rce-scanner/
        2011285 || ET SCAN Bot Search RFI Scan (Casper-Like, Jcomers Bot scan) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Casper || url,doc.emergingthreats.net/2011285 || url,eromang.zataz.com/2010/07/13/byroenet-casper-bot-search-e107-rce-scanner/
        2011286 || ET SCAN Bot Search RFI Scan (Casper-Like, MaMa Cyber/ebes) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Casper || url,doc.emergingthreats.net/2011286 || url,eromang.zataz.com/2010/07/13/byroenet-casper-bot-search-e107-rce-scanner/



More information about the Emerging-updates mailing list