alert ip $HOME_NET any -> [74.33.169.126,193.19.223.71,64.149.139.223,69.249.37.23,70.242.254.143,82.236.51.34,24.242.38.222,216.105.179.121,24.36.94.194,12.207.207.148,24.218.47.27,68.83.138.62,76.29.107.157,24.208.95.87,24.208.199.47,68.52.154.96,74.72.123.248,12.214.224.116,130.13.64.70,70.237.231.150] any (msg:"BLEEDING-EDGE CURRENT_EVENTS Known Storm Worm download site activity"; classtype:trojan-activity; threshold: type both, count 1, seconds 60, track by_dst; sid:2006389; rev:3;)

Added 2007-07-20 00:45:42 UTC


alert ip $HOME_NET any -> [193.19.223.71,64.149.139.223,69.249.37.23,70.242.254.143,82.236.51.34,24.242.38.222,216.105.179.121,24.36.94.194,12.207.207.148,24.218.47.27,68.83.138.62,76.29.107.157,24.208.95.87,24.208.199.47,68.52.154.96,74.72.123.248,12.214.224.116,130.13.64.70,70.237.231.150] any (msg:"BLEEDING-EDGE CURRENT_EVENTS Known Storm Worm download site activity"; classtype:trojan-activity; threshold: type both, count 1, seconds 60, track by_dst; sid:2006389; rev:2;)

Added 2007-07-19 04:03:32 UTC


alert ip $HOME_NET any -> [24.218.47.27,68.83.138.62,76.29.107.157,24.208.95.87,24.208.199.47,68.52.154.96,74.72.123.248,12.214.224.116,130.13.64.70,70.237.231.150] any (msg:"BLEEDING-EDGE CURRENT_EVENTS Known Storm Worm download site activity"; classtype:trojan-activity; threshold: type both, count 1, seconds 60, track by_dst; sid:2006389; rev:1;)

Added 2007-07-11 02:45:54 UTC


Topic revision: r1 - 2008-01-08 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats