[Emerging-updates] Live Commit Output

emerging@emergingthreats.net emerging at emergingthreats.net
Wed Jun 23 13:48:10 EDT 2010


[***] Results from Oinkmaster started Wed Jun 23 13:48:10 2010 [***]

[///]     Modified active rules:     [///]

 2000005 - ET EXPLOIT Cisco Telnet Buffer Overflow (emerging-exploit.rules)
 2000006 - ET DOS Cisco Router HTTP DoS (emerging-dos.rules)
 2000007 - ET EXPLOIT Catalyst SSH protocol mismatch (emerging-exploit.rules)
 2000009 - ET EXPLOIT Cisco IOS HTTP DoS (emerging-exploit.rules)
 2000010 - ET DOS Cisco 514 UDP flood DoS (emerging-dos.rules)
 2000011 - ET DOS Catalyst memory leak attack (emerging-dos.rules)
 2000012 - ET EXPLOIT Cisco %u IDS evasion (emerging-exploit.rules)
 2000013 - ET EXPLOIT Cisco IOS HTTP server DoS (emerging-exploit.rules)
 2000017 - ET EXPLOIT NII Microsoft ASN.1 Library Buffer Overflow Exploit (emerging-exploit.rules)
 2000024 - ET MALWARE rcprograms (emerging-malware.rules)
 2000025 - ET MALWARE Gator Cookie (emerging-malware.rules)
 2000031 - ET EXPLOIT CVS server heap overflow attempt (target BSD) (emerging-exploit.rules)
 2000032 - ET EXPLOIT LSA exploit (emerging-exploit.rules)
 2000048 - ET EXPLOIT CVS server heap overflow attempt (target Linux) (emerging-exploit.rules)
 2000049 - ET EXPLOIT CVS server heap overflow attempt (target Solaris) (emerging-exploit.rules)
 2000327 - ET MALWARE Spyware 2020 (emerging-malware.rules)
 2000342 - ET EXPLOIT Squid NTLM Auth Overflow Exploit (emerging-exploit.rules)
 2000345 - ET ATTACK_RESPONSE IRC - Nick change on non-std port (emerging-attack_response.rules)
 2000346 - ET ATTACK_RESPONSE IRC - Name response on non-std port (emerging-attack_response.rules)
 2000347 - ET ATTACK_RESPONSE IRC - Private message on non-std port (emerging-attack_response.rules)
 2000348 - ET ATTACK_RESPONSE IRC - Channel JOIN on non-std port (emerging-attack_response.rules)
 2000349 - ET ATTACK_RESPONSE IRC - DCC file transfer request on non-std port (emerging-attack_response.rules)
 2000350 - ET ATTACK_RESPONSE IRC - DCC chat request on non-std port (emerging-attack_response.rules)
 2000351 - ET ATTACK_RESPONSE IRC - channel join on non-std port (emerging-attack_response.rules)
 2000352 - ET ATTACK_RESPONSE IRC - dns request on non-std port (emerging-attack_response.rules)
 2000366 - ET MALWARE Binet (download complete) (emerging-malware.rules)
 2000367 - ET MALWARE Binet (set_pix) (emerging-malware.rules)
 2000371 - ET MALWARE Binet (randreco.exe) (emerging-malware.rules)
 2000372 - ET EXPLOIT MS-SQL SQL Injection running SQL statements line comment (emerging-exploit.rules)
 2000373 - ET EXPLOIT MS-SQL SQL Injection line comment (emerging-exploit.rules)
 2000377 - ET EXPLOIT MS-SQL heap overflow attempt (emerging-exploit.rules)
 2000378 - ET EXPLOIT MS-SQL DOS attempt (08) (emerging-exploit.rules)
 2000379 - ET EXPLOIT MS-SQL DOS attempt (08) 1 byte (emerging-exploit.rules)
 2000380 - ET EXPLOIT MS-SQL Spike buffer overflow (emerging-exploit.rules)
 2000381 - ET EXPLOIT MS-SQL DOS bouncing packets (emerging-exploit.rules)
 2000488 - ET EXPLOIT MS-SQL SQL Injection closing string plus line comment (emerging-exploit.rules)
 2000499 - ET ATTACK_RESPONSE FTP inaccessible directory access COM1 (emerging-attack_response.rules)
 2000500 - ET ATTACK_RESPONSE FTP inaccessible directory access COM2 (emerging-attack_response.rules)
 2000501 - ET ATTACK_RESPONSE FTP inaccessible directory access COM3 (emerging-attack_response.rules)
 2000502 - ET ATTACK_RESPONSE FTP inaccessible directory access COM4 (emerging-attack_response.rules)
 2000503 - ET ATTACK_RESPONSE FTP inaccessible directory access LPT1 (emerging-attack_response.rules)
 2000504 - ET ATTACK_RESPONSE FTP inaccessible directory access LPT2 (emerging-attack_response.rules)
 2000505 - ET ATTACK_RESPONSE FTP inaccessible directory access LPT3 (emerging-attack_response.rules)
 2000506 - ET ATTACK_RESPONSE FTP inaccessible directory access LPT4 (emerging-attack_response.rules)
 2000507 - ET ATTACK_RESPONSE FTP inaccessible directory access AUX (emerging-attack_response.rules)
 2000508 - ET ATTACK_RESPONSE FTP inaccessible directory access NULL (emerging-attack_response.rules)
 2000514 - ET MALWARE IE homepage hijacking (emerging-malware.rules)
 2000519 - ET MALWARE shell browser vulnerability W9x/XP (emerging-malware.rules)
 2000520 - ET MALWARE shell browser vulnerability NT/2K (emerging-malware.rules)
 2000563 - ET EXPLOIT Pwdump3e Password Hash Retrieval port 445 (emerging-exploit.rules)
 2000564 - ET EXPLOIT Pwdump3e pwservice.exe Access port 445 (emerging-exploit.rules)
 2000565 - ET EXPLOIT Pwdump3e Session Established Reg-Entry port 139 (emerging-exploit.rules)
 2000566 - ET EXPLOIT Pwdump3e Session Established Reg-Entry port 445 (emerging-exploit.rules)
 2000567 - ET EXPLOIT Pwdump3e pwservice.exe Access port 139 (emerging-exploit.rules)
 2000568 - ET EXPLOIT Pwdump3e Password Hash Retrieval port 139 (emerging-exploit.rules)
 2000574 - ET MALWARE Bargain Buddy (emerging-malware.rules)
 2000577 - ET MALWARE Popuptraffic.com Bot Reporting (emerging-malware.rules)
 2000580 - ET MALWARE Shop At Home Select.com Install Attempt (emerging-malware.rules)
 2000581 - ET MALWARE Shop At Home Select.com Install Download (emerging-malware.rules)
 2000582 - ET MALWARE F1Organizer Reporting (emerging-malware.rules)
 2000583 - ET MALWARE Mindset Interactive Install (1) (emerging-malware.rules)
 2000584 - ET MALWARE Mindset Interactive Install (2) (emerging-malware.rules)
 2000585 - ET MALWARE F1Organizer Install Attempt (emerging-malware.rules)
 2000587 - ET MALWARE SpywareLabs VirtualBouncer Seeking Instructions (emerging-malware.rules)
 2000593 - ET MALWARE Binet Ad Retrieval (emerging-malware.rules)
 2000594 - ET MALWARE Mindset Interactive Ad Retrieval (emerging-malware.rules)
 2000595 - ET MALWARE Gator Checkin (emerging-malware.rules)
 2000596 - ET MALWARE Gator/Claria Data Submission (emerging-malware.rules)
 2000597 - ET MALWARE Gator New Code Download (emerging-malware.rules)
 2000598 - ET MALWARE Altnet PeerPoints Manager Data Submission (emerging-malware.rules)
 2000599 - ET MALWARE Fun Web Products Install (emerging-malware.rules)
 2000600 - ET MALWARE MyWebSearch Toolbar Receiving Configuration (emerging-malware.rules)
 2000601 - ET MALWARE Salongas Infection (emerging-malware.rules)
 2000900 - ET MALWARE JoltID Agent Probing or Announcing UDP (emerging-malware.rules)
 2000902 - ET MALWARE MarketScore.com Spyware Configuration Access (emerging-malware.rules)
 2000903 - ET MALWARE Avres Agent Receiving Instructions (emerging-malware.rules)
 2000905 - ET MALWARE FlashPoint Agent Retrieving New Code (emerging-malware.rules)
 2000906 - ET MALWARE Altnet PeerPoints Manager Start (emerging-malware.rules)
 2000907 - ET MALWARE Altnet PeerPoints Manager Settings Download (emerging-malware.rules)
 2000920 - ET MALWARE Hotbar Install (1) (emerging-malware.rules)
 2000921 - ET MALWARE Hotbar Install (2) (emerging-malware.rules)
 2000922 - ET MALWARE Hotbar Install (3) (emerging-malware.rules)
 2000923 - ET MALWARE Hotbar Agent Reporting Information (emerging-malware.rules)
 2000924 - ET MALWARE Hotbar Agent Upgrading (emerging-malware.rules)
 2000925 - ET MALWARE Hotbar Agent Partner Checkin (emerging-malware.rules)
 2000927 - ET MALWARE ISearchTech.com XXXPornToolbar Reporting (emerging-malware.rules)
 2000928 - ET MALWARE ISearchTech.com XXXPornToolbar Activity (1) (emerging-malware.rules)
 2000929 - ET MALWARE Hotbar Agent Activity (emerging-malware.rules)
 2000930 - ET MALWARE 180solutions Update Engine (emerging-malware.rules)
 2000931 - ET MALWARE Comet Systems Spyware Traffic (emerging-malware.rules)
 2000932 - ET MALWARE Keenvalue Update Engine (emerging-malware.rules)
 2000934 - ET MALWARE 2020search Update Engine (emerging-malware.rules)
 2000936 - ET MALWARE FlashTrack Agent Retrieving New App Code (emerging-malware.rules)
 2001013 - ET MALWARE Fun Web Products SmileyCentral (emerging-malware.rules)
 2001015 - ET MALWARE JoltID Agent Keep-Alive (emerging-malware.rules)
 2001016 - ET MALWARE SideStep Bar Install (emerging-malware.rules)
 2001017 - ET MALWARE SideStep Bar Reporting Data (emerging-malware.rules)
 2001022 - ET EXPLOIT Invalid non-fragmented packet with fragment offset>0 (emerging-exploit.rules)
 2001023 - ET EXPLOIT Invalid fragment - ACK reset (emerging-exploit.rules)
 2001024 - ET EXPLOIT Invalid fragment - illegal flags (emerging-exploit.rules)
 2001031 - ET MALWARE Casino on Net Reporting Data (emerging-malware.rules)
 2001032 - ET MALWARE Casino on Net Ping Hit (emerging-malware.rules)
 2001033 - ET MALWARE Casino on Net Data Download (emerging-malware.rules)
 2001034 - ET MALWARE Fun Web Products Agent Traffic (emerging-malware.rules)
 2001038 - ET MALWARE Ebates Install (emerging-malware.rules)
 2001040 - ET MALWARE My Search Bar Install (emerging-malware.rules)
 2001041 - ET MALWARE Casino on Net Install (emerging-malware.rules)
 2001043 - ET MALWARE Fun Web Products MyWay Agent Traffic (emerging-malware.rules)
 2001050 - ET MALWARE CometSystems Spyware (emerging-malware.rules)
 2001052 - ET EXPLOIT NTDump Session Established Reg-Entry port 139 (emerging-exploit.rules)
 2001053 - ET EXPLOIT NTDump.exe Service Started port 139 (emerging-exploit.rules)
 2001058 - ET EXPLOIT libpng tRNS overflow attempt (emerging-exploit.rules)
 2001191 - ET EXPLOIT libPNG - Width exceeds limit (emerging-exploit.rules)
 2001192 - ET EXPLOIT libPNG - Height exceeds limit (emerging-exploit.rules)
 2001195 - ET EXPLOIT libPNG - Possible integer overflow in allocation in png_handle_sPLT (emerging-exploit.rules)
 2001198 - ET MALWARE Twaintec Download Attempt (emerging-malware.rules)
 2001199 - ET MALWARE Twaintec Ad Retrieval (emerging-malware.rules)
 2001216 - ET MALWARE Twaintec Reporting Data (emerging-malware.rules)
 2001221 - ET MALWARE F1Organizer Config Download (emerging-malware.rules)
 2001222 - ET MALWARE Default-homepage-network.com Access (emerging-malware.rules)
 2001223 - ET MALWARE Regnow.com Access (emerging-malware.rules)
 2001224 - ET MALWARE Regnow.com Gamehouse.com Access (emerging-malware.rules)
 2001225 - ET MALWARE Statblaster Receiving New configuration (update) (emerging-malware.rules)
 2001228 - ET MALWARE Advertising.com Data Post (villains) (emerging-malware.rules)
 2001230 - ET MALWARE Advertising.com Data Post (cakedeal) (emerging-malware.rules)
 2001266 - ET MALWARE Browseraid.com Agent Reporting Data (emerging-malware.rules)
 2001293 - ET MALWARE Featured-Results.com Agent Reporting Data (emerging-malware.rules)
 2001304 - ET MALWARE Browseraid.com Agent Updating (emerging-malware.rules)
 2001308 - ET MALWARE Internet Optomizer Reporting Data (emerging-malware.rules)
 2001311 - ET MALWARE Rdxrp.com Traffic (emerging-malware.rules)
 2001312 - ET MALWARE Rdxrp.com Traffic (Generic) (emerging-malware.rules)
 2001318 - ET MALWARE Adwave Agent Access (emerging-malware.rules)
 2001320 - ET MALWARE Speedera Agent (emerging-malware.rules)
 2001321 - ET MALWARE Speedera Agent (Specific) (emerging-malware.rules)
 2001339 - ET MALWARE BInet Information Upload (emerging-malware.rules)
 2001340 - ET MALWARE LocalNRD Spyware Checkin (emerging-malware.rules)
 2001341 - ET MALWARE OfferOptimizer.com Spyware (emerging-malware.rules)
 2001345 - ET MALWARE Bonziportal Traffic (emerging-malware.rules)
 2001349 - ET INAPPROPRIATE free XXX (emerging-inappropriate.rules)
 2001350 - ET INAPPROPRIATE hardcore anal (emerging-inappropriate.rules)
 2001359 - ET MALWARE MarketScore.com Spyware Access (emerging-malware.rules)
 2001366 - ET DOS Possible Microsoft SQL Server Remote Denial Of Service Attempt (emerging-dos.rules)
 2001385 - ET EXPLOIT Possible ShixxNote buffer-overflow + remote shell attempt (emerging-exploit.rules)
 2001392 - ET INAPPROPRIATE Sextracker Tracking Code Detected (1) (emerging-inappropriate.rules)
 2001393 - ET INAPPROPRIATE Sextracker Tracking Code Detected (2) (emerging-inappropriate.rules)
 2001395 - ET MALWARE ISearchTech.com XXXPornToolbar Activity (2) (emerging-malware.rules)
 2001396 - ET MALWARE Internet Optimizer Spyware Install (emerging-malware.rules)
 2001397 - ET MALWARE 180solutions Spyware (tracked event reported) (emerging-malware.rules)
 2001399 - ET MALWARE 180solutions Spyware (action url reported) (emerging-malware.rules)
 2001400 - ET MALWARE 180solutions Spyware Reporting (emerging-malware.rules)
 2001409 - ET MALWARE Mastermind Related Reporting (emerging-malware.rules)
 2001410 - ET MALWARE Mastermind Related Reporting 8081 (emerging-malware.rules)
 2001411 - ET MALWARE Mastermind Related Downloading mm20.ocx (emerging-malware.rules)
 2001413 - ET MALWARE Medis-Motor Related Downloading ast_4_mm.exe (emerging-malware.rules)
 2001414 - ET MALWARE Media-Motor Related Downloading MediaMotor25.exe (emerging-malware.rules)
 2001419 - ET MALWARE Avres.net Downloading cpr_mm2.exe (emerging-malware.rules)
 2001420 - ET MALWARE Avres.net Downloading ab1.exe (emerging-malware.rules)
 2001421 - ET MALWARE Avres.net Downloading tvm_bundle.exe (emerging-malware.rules)
 2001422 - ET MALWARE Avres.net Reporting Data (emerging-malware.rules)
 2001440 - ET MALWARE Abox Download (emerging-malware.rules)
 2001441 - ET MALWARE Abox Install Report (emerging-malware.rules)
 2001442 - ET MALWARE Statblaster.MemoryWatcher Download (emerging-malware.rules)
 2001444 - ET MALWARE Overpro Spyware Bundle Install (emerging-malware.rules)
 2001445 - ET MALWARE PeopleOnPage Install (emerging-malware.rules)
 2001446 - ET MALWARE PeopleOnPage Ping (emerging-malware.rules)
 2001447 - ET MALWARE 2nd-thought (W32.Daqa.C) Download (emerging-malware.rules)
 2001448 - ET MALWARE MediaTickets Download (emerging-malware.rules)
 2001450 - ET MALWARE Wintools Download/Configure (emerging-malware.rules)
 2001451 - ET MALWARE Bundleware Spyware Download (emerging-malware.rules)
 2001452 - ET MALWARE Bundleware Spyware CHM Download (emerging-malware.rules)
 2001453 - ET MALWARE Couponage Download (emerging-malware.rules)
 2001454 - ET MALWARE Couponage Configure (emerging-malware.rules)
 2001455 - ET MALWARE Couponage Reporting (emerging-malware.rules)
 2001456 - ET MALWARE ContextPanel Reporting (emerging-malware.rules)
 2001458 - ET MALWARE Bundleware Spyware cab Download (emerging-malware.rules)
 2001459 - ET MALWARE Overpro Spyware Games (emerging-malware.rules)
 2001460 - ET MALWARE Sexmaniack Install Tracking (emerging-malware.rules)
 2001473 - ET MALWARE Searchmeup Spyware Install (toolbar) (emerging-malware.rules)
 2001474 - ET MALWARE Searchmeup Spyware Install (prog) (emerging-malware.rules)
 2001475 - ET MALWARE Searchmeup Spyware Receiving Commands (emerging-malware.rules)
 2001479 - ET MALWARE Coolsearch Spyware Install (emerging-malware.rules)
 2001480 - ET MALWARE Searchmeup Spyware Install (systime) (emerging-malware.rules)
 2001481 - ET MALWARE MediaTickets Spyware Install (emerging-malware.rules)
 2001482 - ET MALWARE thebestsoft4u.com Spyware Install (1) (emerging-malware.rules)
 2001483 - ET MALWARE Searchmeup Spyware Install (mstask) (emerging-malware.rules)
 2001484 - ET MALWARE Searchmeup Spyware Install (d.exe) (emerging-malware.rules)
 2001485 - ET MALWARE thebestsoft4u.com Spyware Install (2) (emerging-malware.rules)
 2001486 - ET MALWARE thebestsoft4u.com Spyware Install (3) (emerging-malware.rules)
 2001488 - ET MALWARE Tibsystems Spyware Download (emerging-malware.rules)
 2001489 - ET MALWARE Spygalaxy.ws Activity (emerging-malware.rules)
 2001490 - ET MALWARE ICQ-Update.biz Reporting Install (emerging-malware.rules)
 2001494 - ET MALWARE Clickspring.net Spyware Reporting Successful Install (emerging-malware.rules)
 2001495 - ET MALWARE Outerinfo.com Spyware Install (emerging-malware.rules)
 2001496 - ET MALWARE Outerinfo.com Spyware Advertising Campaign Download (emerging-malware.rules)
 2001497 - ET MALWARE Outerinfo.com Spyware Activity (emerging-malware.rules)
 2001499 - ET MALWARE Look2me Spyware Activity (1) (emerging-malware.rules)
 2001500 - ET MALWARE Clickspring.net Spyware Reporting (emerging-malware.rules)
 2001501 - ET MALWARE Clickspring.net Spyware Reporting (emerging-malware.rules)
 2001503 - ET MALWARE Medialoads.com Spyware Config (emerging-malware.rules)
 2001505 - ET MALWARE Smartpops.com Spyware Install rh.exe (emerging-malware.rules)
 2001507 - ET MALWARE Medialoads.com Spyware Identifying Country of Origin (emerging-malware.rules)
 2001508 - ET MALWARE Medialoads.com Spyware Reporting (download.cgi) (emerging-malware.rules)
 2001509 - ET MALWARE Medialoads.com Spyware Reporting (register.cgi) (emerging-malware.rules)
 2001510 - ET MALWARE SurfAssistant.com Spyware Install (emerging-malware.rules)
 2001513 - ET MALWARE Smartpops.com Spyware Update (emerging-malware.rules)
 2001514 - ET MALWARE SurfAssistant.com Spyware Reporting (emerging-malware.rules)
 2001516 - ET MALWARE Smartpops.com Spyware Install (emerging-malware.rules)
 2001521 - ET MALWARE Spywaremover Activity (emerging-malware.rules)
 2001522 - ET MALWARE SpywareLabs Application Install (emerging-malware.rules)
 2001523 - ET MALWARE Statblaster Receiving New configuration (allfiles) (emerging-malware.rules)
 2001524 - ET MALWARE Statblaster Code Download (emerging-malware.rules)
 2001529 - ET MALWARE Casalemedia Access, Likely Spyware (emerging-malware.rules)
 2001530 - ET MALWARE ak-networks.com Spyware Code Download (emerging-malware.rules)
 2001531 - ET MALWARE C4tdownload.com Access, Likely Spyware (emerging-malware.rules)
 2001532 - ET MALWARE Searchmiracle.com Access, Likely Spyware (emerging-malware.rules)
 2001533 - ET MALWARE Searchmiracle.com Spyware Installer silent.exe Download (emerging-malware.rules)
 2001534 - ET MALWARE Searchmiracle.com Spyware Install (silent_install) (emerging-malware.rules)
 2001535 - ET MALWARE Searchmiracle.com Spyware Install (protector.exe) (emerging-malware.rules)
 2001536 - ET MALWARE Spyspotter.com Install (emerging-malware.rules)
 2001537 - ET MALWARE Spyspotter.com Access (emerging-malware.rules)
 2001538 - ET MALWARE Oenji.com Install (emerging-malware.rules)
 2001539 - ET MALWARE Spyspotter.com Access, Likely Spyware (emerging-malware.rules)
 2001540 - ET MALWARE Searchmiracle.com Spyware Install (v3cab) (emerging-malware.rules)
 2001543 - ET EXPLOIT NTDump Session Established Reg-Entry port 445 (emerging-exploit.rules)
 2001544 - ET EXPLOIT NTDump.exe Service Started port 445 (emerging-exploit.rules)
 2001563 - ET MALWARE MarketScore.com Spyware SSL Access (emerging-malware.rules)
 2001564 - ET MALWARE MarketScore.com Spyware Proxied Traffic (emerging-malware.rules)
 2001570 - ET MALWARE Spyware Stormer Reporting Data (emerging-malware.rules)
 2001571 - ET MALWARE Spyware Stormer/Error Guard Activity (emerging-malware.rules)
 2001576 - ET MALWARE BInet Information Install Report (emerging-malware.rules)
 2001586 - ET MALWARE MarketScore.com Spyware Proxied Traffic (mitmproxy agent) (emerging-malware.rules)
 2001587 - ET MALWARE MarketScore.com Spyware Upgrading (emerging-malware.rules)
 2001588 - ET MALWARE MarketScore.com Spyware Activity (1) (emerging-malware.rules)
 2001589 - ET MALWARE MarketScore.com Spyware Activity (2) (emerging-malware.rules)
 2001616 - ET ATTACK_RESPONSE Zone-H.org defacement notification (emerging-attack_response.rules)
 2001620 - ET ATTACK_RESPONSE Likely Botnet Activity (emerging-attack_response.rules)
 2001628 - ET ATTACK_RESPONSE Outbound PHP Connection (emerging-attack_response.rules)
 2001641 - ET MALWARE Microgaming.com Spyware Installation (dlhelper) (emerging-malware.rules)
 2001643 - ET MALWARE Microgaming.com Spyware Installation (2) (emerging-malware.rules)
 2001644 - ET MALWARE Microgaming.com Spyware Reporting Installation (emerging-malware.rules)
 2001645 - ET MALWARE Microgaming.com Spyware Casino App Install (emerging-malware.rules)
 2001650 - ET MALWARE Search Scout Related Spyware (content) (emerging-malware.rules)
 2001653 - ET MALWARE Search Scout Related Spyware (results) (emerging-malware.rules)
 2001654 - ET MALWARE JoltID Agent Requesting File (emerging-malware.rules)
 2001655 - ET MALWARE Comet Systems Spyware Traffic (context.xml) (emerging-malware.rules)
 2001656 - ET MALWARE GlobalPhon.com Dialer (emerging-malware.rules)
 2001657 - ET MALWARE GlobalPhon.com Dialer Download (emerging-malware.rules)
 2001658 - ET MALWARE Comet Systems Spyware Reporting (emerging-malware.rules)
 2001659 - ET MALWARE GlobalPhon.com Dialer (no_pop) (emerging-malware.rules)
 2001660 - ET MALWARE GlobalPhon.com Dialer (add_ocx) (emerging-malware.rules)
 2001666 - ET MALWARE Metarewards Spyware Activity (emerging-malware.rules)
 2001668 - ET EXPLOIT Exploit MS05-002 Malformed .ANI stack overflow attack (emerging-exploit.rules)
 2001679 - ET MALWARE JoltID Agent P2P via Proxy Server (emerging-malware.rules)
 2001696 - ET MALWARE Search Relevancy Spyware (emerging-malware.rules)
 2001697 - ET MALWARE ISearchTech.com XXXPornToolbar Data Submission (emerging-malware.rules)
 2001704 - ET MALWARE Context Plus Spyware Install (emerging-malware.rules)
 2001705 - ET MALWARE Flingstone Spyware Install (sportsinteraction) (emerging-malware.rules)
 2001708 - ET MALWARE Shop at Home Select Spyware Heartbeat (emerging-malware.rules)
 2001710 - ET MALWARE Flingstone Spyware Install (cxtpls) (emerging-malware.rules)
 2001711 - ET MALWARE Likely Spambot Web-based Control Traffic (emerging-malware.rules)
 2001730 - ET MALWARE A-d-w-a-r-e.com Activity (popup) (emerging-malware.rules)
 2001731 - ET MALWARE SurfSidekick Activity (emerging-malware.rules)
 2001733 - ET MALWARE CrazyWinnings.com Activity (emerging-malware.rules)
 2001735 - ET MALWARE A-d-w-a-r-e.com Activity (cmd) (emerging-malware.rules)
 2001737 - ET MALWARE ak-networks.com Spyware Code Install (emerging-malware.rules)
 2001742 - ET EXPLOIT Arkeia full remote access without password or authentication (emerging-exploit.rules)
 2001744 - ET MALWARE Searchmiracle.com Spyware Install (install) (emerging-malware.rules)
 2001747 - ET MALWARE My-Stats.com Spyware Checkin (emerging-malware.rules)
 2001748 - ET MALWARE Pynix.dll BHO Activity (emerging-malware.rules)
 2001753 - ET EXPLOIT Pwdump4 Session Established GetHash port 139 (emerging-exploit.rules)
 2001754 - ET EXPLOIT Pwdump4 Session Established GetHash port 445 (emerging-exploit.rules)
 2001761 - ET MALWARE ABX Toolbar ActiveX Install (emerging-malware.rules)
 2001780 - ET EXPLOIT Solaris TTYPROMPT environment variable set (emerging-exploit.rules)
 2001783 - ET MALWARE Media Pass ActiveX Install (emerging-malware.rules)
 2001793 - ET MALWARE Incredisearch.com Spyware Ping (emerging-malware.rules)
 2001794 - ET MALWARE Incredisearch.com Spyware Activity (emerging-malware.rules)
 2001795 - ET DOS Excessive SMTP MAIL-FROM DDoS (emerging-dos.rules)
 2001807 - ET EXPLOIT CAN-2005-0399 Gif Vuln via http (emerging-exploit.rules)
 2001846 - ET DOS -ISC- ICMP blind TCP reset DoS guessing attempt (emerging-dos.rules)
 2001882 - ET DOS ICMP Path MTU lowered below acceptable threshold (emerging-dos.rules)
 2001884 - ET MALWARE DesktopTraffic Toolbar Spyware (emerging-malware.rules)
 2001885 - ET MALWARE Begin2Search.com Spyware (emerging-malware.rules)
 2001944 - ET EXPLOIT MS04-007 Kill-Bill ASN1 exploit attempt (emerging-exploit.rules)
 2001988 - ET EXPLOIT MySQL MaxDB Buffer Overflow (emerging-exploit.rules)
 2001990 - ET EXPLOIT JamMail Jammail.pl Remote Command Execution Attempt (emerging-exploit.rules)
 2001992 - ET MALWARE SurfSidekick Download (emerging-malware.rules)
 2001994 - ET MALWARE SurfSidekick Activity (ipixel) (emerging-malware.rules)
 2001997 - ET MALWARE TargetNetworks.net Spyware Reporting (req) (emerging-malware.rules)
 2001999 - ET MALWARE BTGrab.com Spyware Downloading Ads (emerging-malware.rules)
 2002000 - ET MALWARE Shopnav Spyware Install (emerging-malware.rules)
 2002001 - ET MALWARE 180solutions Spyware Keywords Download (emerging-malware.rules)
 2002003 - ET MALWARE 180solutions Spyware Install (emerging-malware.rules)
 2002009 - ET MALWARE ESyndicate Spyware Install (esyndicateinst.exe) (emerging-malware.rules)
 2002010 - ET MALWARE ESyndicate Spyware Install (sepinst.exe) (emerging-malware.rules)
 2002012 - ET MALWARE GrandstreetInteractive.com Install (emerging-malware.rules)
 2002013 - ET MALWARE GrandstreetInteractive.com Update (emerging-malware.rules)
 2002015 - ET MALWARE Internet Fuel.com Install (emerging-malware.rules)
 2002016 - ET MALWARE jmnad1.com Spyware Install (2) (emerging-malware.rules)
 2002017 - ET MALWARE Overpro Spyware Install Report (emerging-malware.rules)
 2002019 - ET MALWARE jmnad1.com Spyware Install (1) (emerging-malware.rules)
 2002034 - ET ATTACK_RESPONSE Possible /etc/passwd via HTTP (linux style) (emerging-attack_response.rules)
 2002037 - ET MALWARE Shop at Home Select Spyware Install (emerging-malware.rules)
 2002044 - ET MALWARE OutBlaze.com Spyware Activity (emerging-malware.rules)
 2002046 - ET MALWARE TargetNetworks.net Spyware Reporting (tn) (emerging-malware.rules)
 2002048 - ET MALWARE 180solutions Spyware Defs Download (emerging-malware.rules)
 2002088 - ET MALWARE C4tdownload.com Spyware Activity (emerging-malware.rules)
 2002091 - ET MALWARE Searchmiracle.com Spyware Install - silent.exe (emerging-malware.rules)
 2002099 - ET MALWARE 180solutions Spyware config Download (emerging-malware.rules)
 2002194 - ET MALWARE Pacimedia Spyware 2 (emerging-malware.rules)
 2002296 - ET MALWARE Searchfeed.com Spyware 1 (emerging-malware.rules)
 2002297 - ET MALWARE Searchfeed.com Spyware 2 (emerging-malware.rules)
 2002298 - ET MALWARE Searchfeed.com Spyware 3 (emerging-malware.rules)
 2002299 - ET MALWARE Searchfeed.com Spyware 4 (emerging-malware.rules)
 2002300 - ET MALWARE Searchfeed.com Spyware 5 (emerging-malware.rules)
 2002301 - ET MALWARE Searchfeed.com Spyware 6 (emerging-malware.rules)
 2002302 - ET MALWARE Searchfeed.com Spyware 7 (emerging-malware.rules)
 2002303 - ET MALWARE Searchfeed.com Spyware 8 (emerging-malware.rules)
 2002305 - ET MALWARE Fun Web Products Smileychooser Spyware (emerging-malware.rules)
 2002306 - ET MALWARE Fun Web Products Cursorchooser Spyware (emerging-malware.rules)
 2002307 - ET MALWARE Fun Web Products Stampchooser Spyware (emerging-malware.rules)
 2002309 - ET MALWARE Metarewards Disclaimer Access (emerging-malware.rules)
 2002351 - ET MALWARE Comet Systems Spyware Update Download (emerging-malware.rules)
 2002352 - ET MALWARE Comet Systems Spyware Context Report (emerging-malware.rules)
 2002354 - ET MALWARE 180solutions Spyware versionconfig POST (emerging-malware.rules)
 2002738 - ET MALWARE SurfSidekick Activity (rinfo) (emerging-malware.rules)
 2002804 - ET MALWARE Spyaxe Spyware DB Update (emerging-malware.rules)
 2002805 - ET MALWARE Spyaxe Spyware DB Version Check (emerging-malware.rules)
 2002806 - ET MALWARE Spyaxe Spyware Checkin (emerging-malware.rules)
 2002820 - ET MALWARE Hotbar Agent Subscription POST (emerging-malware.rules)
 2002821 - ET MALWARE SideStep Bar Reporting Data (sbstart) (emerging-malware.rules)
 2002836 - ET MALWARE MyWebSearch Toolbar Traffic (bar config download) (emerging-malware.rules)
 2002840 - ET MALWARE Freeze.com Spyware/Adware (Install) (emerging-malware.rules)
 2002841 - ET MALWARE Freeze.com Spyware/Adware (Install Registration) (emerging-malware.rules)
 2002858 - ET MALWARE Fun Web Products StationaryChooser Spyware (emerging-malware.rules)
 2002984 - ET MALWARE SpySherriff Spyware Activity (emerging-malware.rules)
 2002987 - ET MALWARE Jupitersatellites.biz Spyware Download (emerging-malware.rules)
 2002990 - ET MALWARE Possible Spambot Pulling IP List to Spam (emerging-malware.rules)
 2003057 - ET MALWARE 180solutions Spyware Actionlibs Download (emerging-malware.rules)
 2003058 - ET MALWARE 180solutions (Zango) Spyware Installer Download (emerging-malware.rules)
 2003059 - ET MALWARE 180solutions (Zango) Spyware TB Installer Download (emerging-malware.rules)
 2003060 - ET MALWARE 180solutions (Zango) Spyware Local Stats Post (emerging-malware.rules)
 2003061 - ET MALWARE 180solutions (Zango) Spyware Event Activity Post (emerging-malware.rules)
 2003071 - ET ATTACK_RESPONSE Possible /etc/passwd via HTTP (BSD style) (emerging-attack_response.rules)
 2003074 - ET MALWARE Content-loader.com Spyware Install (emerging-malware.rules)
 2003075 - ET MALWARE Content-loader.com Spyware Install 2 (emerging-malware.rules)
 2003076 - ET MALWARE Content-loader.com (ownusa.info) Spyware Install (emerging-malware.rules)
 2003149 - ET ATTACK_RESPONSE Possible /etc/passwd via SMTP (linux style) (emerging-attack_response.rules)
 2003150 - ET ATTACK_RESPONSE Possible /etc/passwd via SMTP (BSD style) (emerging-attack_response.rules)
 2003151 - ET MALWARE Fun Web Products SmileyCentral IEsp2 Install (emerging-malware.rules)
 2003170 - ET MALWARE Zango Spyware Activity (emerging-malware.rules)
 2003217 - ET MALWARE 180solutions (Zango) Spyware Installer Config 2 (emerging-malware.rules)
 2003218 - ET MALWARE Conduit Connect Toolbar Message Download(Many report to be benign) (emerging-malware.rules)
 2003221 - ET MALWARE MySearchNow.com Spyware (emerging-malware.rules)
 2003253 - ET MALWARE MarketScore Spyware Uploading Data (emerging-malware.rules)
 2003306 - ET MALWARE 180solutions Spyware (tracked event 2 reporting) (emerging-malware.rules)
 2003307 - ET MALWARE Comet Systems Spyware Cursor DL (emerging-malware.rules)
 2003344 - ET MALWARE Trinityacquisitions.com and Maximumexperience.com Spyware Activity (emerging-malware.rules)
 2003348 - ET MALWARE Gamehouse.com Activity (emerging-malware.rules)
 2003362 - ET MALWARE Freeze.com Spyware/Adware (Pulling Ads) (emerging-malware.rules)
 2003376 - ET MALWARE Instafinder.com spyware (emerging-malware.rules)
 2003426 - ET MALWARE Outerinfo.com Spyware Checkin (emerging-malware.rules)
 2003444 - ET MALWARE Deskwizz.com Spyware Install Code Download (emerging-malware.rules)
 2003445 - ET MALWARE Deskwizz.com Spyware Install INI Download (emerging-malware.rules)
 2003446 - ET MALWARE Adware Command Client Checkin (emerging-malware.rules)
 2003450 - ET MALWARE Specificclick.net Spyware Activity (emerging-malware.rules)
 2003504 - ET MALWARE E2give Spyware Reporting (check url) (emerging-malware.rules)
 2003547 - ET MALWARE Privacyprotector.com Fake Anti-Spyware Install (emerging-malware.rules)
 2003548 - ET MALWARE Privacyprotector.com Fake Anti-Spyware Checkin (emerging-malware.rules)
 2003610 - ET MALWARE Zango Spyware (tbrequest data post) (emerging-malware.rules)


[///]    Modified inactive rules:    [///]

 2000329 - ET EXPLOIT mIRC <=6.12 DCC Buffer Overflow (emerging-exploit.rules)
 2000496 - ET DOS Microsoft SMS dos attempt (emerging-dos.rules)
 2000901 - ET MALWARE JoltID Agent Communicating TCP (emerging-malware.rules)
 2001205 - ET DOS Internet Explorer Memory Corruption Bug (emerging-dos.rules)
 2001346 - ET INAPPROPRIATE Kiddy Porn preteen (emerging-inappropriate.rules)
 2001347 - ET INAPPROPRIATE Kiddy Porn pre-teen (emerging-inappropriate.rules)
 2001348 - ET INAPPROPRIATE Kiddy Porn early teen (emerging-inappropriate.rules)
 2001351 - ET INAPPROPRIATE masturbation (emerging-inappropriate.rules)
 2001352 - ET INAPPROPRIATE ejaculation (emerging-inappropriate.rules)
 2001353 - ET INAPPROPRIATE BDSM (emerging-inappropriate.rules)
 2001362 - ET DOS MS04-030 Attempted DoS (emerging-dos.rules)
 2001363 - ET EXPLOIT Possible MS04-032 Windows Metafile (.emf) Heap Overflow Portbind Attempt (emerging-exploit.rules)
 2001364 - ET EXPLOIT MS04-032 Windows Metafile (.emf) Heap Overflow Connectback Attempt (emerging-exploit.rules)
 2001369 - ET EXPLOIT MS04-032 Windows Metafile (.emf) Heap Overflow Exploit (emerging-exploit.rules)
 2001374 - ET EXPLOIT MS04-032 Bad EMF file (emerging-exploit.rules)
 2001386 - ET INAPPROPRIATE Kiddy Porn pthc (emerging-inappropriate.rules)
 2001387 - ET INAPPROPRIATE Kiddy Porn zeps (emerging-inappropriate.rules)
 2001388 - ET INAPPROPRIATE Kiddy Porn r at ygold (emerging-inappropriate.rules)
 2001389 - ET INAPPROPRIATE Kiddy Porn childlover (emerging-inappropriate.rules)
 2001398 - ET MALWARE Bfast.com Spyware (emerging-malware.rules)
 2001608 - ET INAPPROPRIATE Likely Porn (emerging-inappropriate.rules)
 2001683 - ET MALWARE Windows executable sent when remote host claims to send an image (emerging-malware.rules)
 2001815 - ET MALWARE Spambot Suspicious 220 Banner on Local Port (emerging-malware.rules)
 2001848 - ET EXPLOIT MS05-021 Exchange Link State - Possible Attack (1) (emerging-exploit.rules)
 2001849 - ET EXPLOIT MS05-021 Exchange Link State - Possible Attack (2) (emerging-exploit.rules)
 2001850 - ET MALWARE Likely Trojan/Spyware Installer Requested (1) (emerging-malware.rules)
 2001873 - ET EXPLOIT MS Exchange Link State Routing Chunk (maybe MS05-021) (emerging-exploit.rules)
 2001874 - ET EXPLOIT TCP Reset from MS Exchange after chunked data, probably crashed it (MS05-021) (emerging-exploit.rules)
 2001875 - ET EXPLOIT MS Exchange chunks accepted (emerging-exploit.rules)
 2001876 - ET EXPLOIT MS Exchange disliked link state chunk, but didn't die (MS05-021) (emerging-exploit.rules)
 2002093 - ET MALWARE Likely Trojan/Spyware Installer Requested (2) (emerging-malware.rules)
 2002304 - ET MALWARE Advertising.com Reporting Data (emerging-malware.rules)


[*] Non-rule line modifications: [*]
    None.



More information about the Emerging-updates mailing list