[Emerging-updates] Daily Ruleset Update Summary 4/12/2012

Will Metcalf wmetcalf at emergingthreatspro.com
Thu Apr 12 17:12:59 EDT 2012


11 new Open rules 2 new Pro rules.  TDS Sutra coverage on the open side. Enjoy!

[***] Results from Oinkmaster started Thu Apr 12 17:05:04 2012 [***]

 [+++]          Added rules:          [+++]

 Open
 2014539 - ET CURRENT_EVENTS Malicious TDS /indigo? (current_events.rules)
 2014540 - ET CURRENT_EVENTS Blackhole Landing for purported LinkedIn
Campaign (current_events.rules)
 2014541 - ET SCAN FHScan core User-Agent Detect (scan.rules)
 2014542 - ET CURRENT_EVENTS TDS Sutra - redirect received
(current_events.rules)
 2014543 - ET CURRENT_EVENTS TDS Sutra - request in.cgi (current_events.rules)
 2014544 - ET CURRENT_EVENTS TDS Sutra - cookie set (current_events.rules)
 2014545 - ET CURRENT_EVENTS TDS Sutra - page redirecting to a
SutraTDS (current_events.rules)
 2014546 - ET CURRENT_EVENTS TDS Sutra - HTTP header redirecting to a
SutraTDS (current_events.rules)
 2014547 - ET CURRENT_EVENTS TDS Sutra - redirect received
(current_events.rules)
 2014548 - ET CURRENT_EVENTS TDS Sutra - cookie set (current_events.rules)
 2014549 - ET CURRENT_EVENTS TDS Sutra - page redirecting to a
SutraTDS (current_events.rules)

 Pro
 2804801 - ETPRO TROJAN Win32/Bancos.AGP Checkin (trojan.rules)
 2804802 - ETPRO MALWARE Adware.Ircfast/Win32.FakeInstaller.aev
Checkin (malware.rules)


 [///]     Modified active rules:     [///]

 2007646 - ET TROJAN Farfli User Agent Detected (trojan.rules)
 2014445 - ET CURRENT_EVENTS Possible Dynamic DNS Exploit Pack Payload
(current_events.rules)
 2402000 - ET DROP Dshield Block Listed Source (dshield.rules)
 2800578 - ETPRO SMTP Ipswitch IMail Server List Mailer Reply-To
Address Buffer Overflow (smtp.rules)
 2803418 - ETPRO TROJAN Suspicious user agent(MERONG) (trojan.rules)


 [---]         Disabled rules:        [---]

 2800469 - ETPRO SMTP Novell GroupWise Internet Agent SMTP AUTH LOGIN
Command Buffer Overflow (smtp.rules)


More information about the Emerging-updates mailing list