[Emerging-updates] Live Commit Output

emerging@emergingthreats.net emerging at emergingthreats.net
Mon Jun 28 23:47:55 EDT 2010


[***] Results from Oinkmaster started Mon Jun 28 23:47:55 2010 [***]

[+++]          Added rules:          [+++]

 2011715 - ET CURRENT_EVENTS MALVERTISING Adobe Exploited Check-In (emerging-current_events.rules)
 2011716 - ET SCAN Sipvicious User-Agent Detected (friendly-scanner) (emerging-scan.rules)
 2011717 - ET SCAN Sipvicious Svmap or Svlearnfp Scan Detected (emerging-scan.rules)


[///]     Modified active rules:     [///]

 2011714 - ET CURRENT_EVENTS Hidden iframe Served by nginx - Likely Hostile Code (emerging-current_events.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to emerging-scan.rules (1):
        # These Detect the Latest Sipvious Scanner Version (0.2.6)

     -> Added to emerging-sid-msg.map (4):
        2011714 || ET CURRENT_EVENTS Hidden iframe Served by nginx - Likely Hostile Code || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Malvertising || url,doc.emergingthreats.net/2011714
        2011715 || ET CURRENT_EVENTS MALVERTISING Adobe Exploited Check-In || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Malvertising || url,doc.emergingthreats.net/2011715
        2011716 || ET SCAN Sipvicious User-Agent Detected (friendly-scanner) || url,blog.sipvicious.org/ || url,code.google.com/p/sipvicious/
        2011717 || ET SCAN Sipvicious Svmap or Svlearnfp Scan Detected || url,blog.sipvicious.org/ || url,code.google.com/p/sipvicious/

     -> Added to emerging-sid-msg.map.txt (4):
        2011714 || ET CURRENT_EVENTS Hidden iframe Served by nginx - Likely Hostile Code || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Malvertising || url,doc.emergingthreats.net/2011714
        2011715 || ET CURRENT_EVENTS MALVERTISING Adobe Exploited Check-In || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Malvertising || url,doc.emergingthreats.net/2011715
        2011716 || ET SCAN Sipvicious User-Agent Detected (friendly-scanner) || url,blog.sipvicious.org/ || url,code.google.com/p/sipvicious/
        2011717 || ET SCAN Sipvicious Svmap or Svlearnfp Scan Detected || url,blog.sipvicious.org/ || url,code.google.com/p/sipvicious/

[---]     Removed non-rule lines:    [---]

     -> Removed from emerging-sid-msg.map (1):
        2011714 || ET CURRENT_EVENTS Hidden iframe Served by nginx - Likely Hostile Code

     -> Removed from emerging-sid-msg.map.txt (1):
        2011714 || ET CURRENT_EVENTS Hidden iframe Served by nginx - Likely Hostile Code



More information about the Emerging-updates mailing list