[Emerging-updates] Live Commit Output

emerging@emergingthreats.net emerging at emergingthreats.net
Thu Jun 10 16:18:41 EDT 2010


[***] Results from Oinkmaster started Thu Jun 10 16:18:41 2010 [***]

[+++]          Added rules:          [+++]

 2011670 - ET CURRENT_EVENTS Fake AV Related CSS Download (emerging-current_events.rules)


[---]         Disabled rules:        [---]

 2008103 - ET TROJAN Bobax/Kraken/Oderoor TCP 447 CnC Channel Initial Packet Outbound (emerging-virus.rules)
 2008104 - ET TROJAN Bobax/Kraken/Oderoor UDP 447 CnC Channel Initial Packet Outbound (emerging-virus.rules)
 2008105 - ET TROJAN Bobax/Kraken/Oderoor UDP 447 CnC Channel Initial Packet Inbound (emerging-virus.rules)
 2008106 - ET TROJAN Bobax/Kraken/Oderoor TCP 447 CnC Channel Initial Packet Inbound (emerging-virus.rules)
 2008107 - ET TROJAN Possible Bobax/Kraken/Oderoor UDP 447 CnC Channel Inbound (emerging-virus.rules)
 2008108 - ET TROJAN Possible Bobax/Kraken/Oderoor TCP 447 CnC Channel Inbound (emerging-virus.rules)
 2008109 - ET TROJAN Possible Bobax/Kraken/Oderoor UDP 447 CnC Channel Outbound (emerging-virus.rules)
 2008110 - ET TROJAN Possible Bobax/Kraken/Oderoor TCP 447 CnC Channel Outbound (emerging-virus.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to emerging-sid-msg.map (1):
        2011670 || ET CURRENT_EVENTS Fake AV Related CSS Download

     -> Added to emerging-sid-msg.map.txt (1):
        2011670 || ET CURRENT_EVENTS Fake AV Related CSS Download

     -> Added to emerging-virus.rules (2):
        #disabling, we should delete these soon, like in july 2010
        #matt



More information about the Emerging-updates mailing list