Main Web50 Recent Changes in Main Web retrieved at 06:11 (GMT)
Emerging Threats Russian Business Network (RBN) Snort Intrusion Detection Rules : http://www.emergingthreats.net/rules/emerging rbn.rules http://www.emergingthreats ...
alert tcp $EXTERNAL NET 3000:8000 $HOME NET any (msg:"ET POLICY Unknown Trojan P2P Initial Checkin Response"; flow:established,from server; dsize: Added 2008 11 ...
alert tcp $HOME NET any $EXTERNAL NET 3000:8000 (msg:"ET POLICY Unknown Trojan P2P Initial Checkin"; flow:established,to server; dsize: Added 2008 11 19 17:45:22 ...
alert tcp $HOME NET any $EXTERNAL NET 3000:8000 (msg:"ET POLICY Unknown Trojan P2P Request"; flow:established,to server; dsize: Added 2008 11 19 17:45:22 UTC ...
alert tcp $EXTERNAL NET 3000:8000 $HOME NET any (msg:"ET POLICY Unknown Trojan P2P Data Download"; flow:established,from server; dsize: 1000; content:" 00 00 00 ...
alert tcp $HOME NET any $EXTERNAL NET 3000:8000 (msg:"ET POLICY Unknown Trojan P2P Download Request"; flow:established,to server; dsize: Added 2008 11 19 17:45 ...
alert tcp $EXTERNAL NET 1024: $HOME NET any (msg:"ET CURRENT EVENTS Unknown Keepalive in"; flow:established,to client; dsize:5; content:" 17 24 1B 00 00 "; flowbits ...
alert tcp $HOME NET any $EXTERNAL NET 1024: (msg:"ET CURRENT EVENTS Unknown Keepalive out"; flow:established,to server; dsize:5; content:" 17 24 1B 00 00 "; flowbits ...
alert tcp $EXTERNAL NET 5938 $HOME NET any (msg:"ET POLICY TeamViewier Keep alive inbound"; flow:established,to client; dsize:5; content:" 17 24 1B 00 00 "; flowbits ...
alert tcp $HOME NET any $EXTERNAL NET 5938 (msg:"ET POLICY TeamViewier Keep alive outbound"; flow:established,to server; dsize:5; content:" 17 24 1B 00 00 "; flowbits ...
My Links .ATasteOfTWiki view a short introductory presentation on TWiki for beginners .WelcomeGuest starting points on TWiki .TWikiUsersGuide ...
alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET POLICY Set flow on rar file get"; flow:established,to server; content:"GET "; depth:4; uricontent:".rar ...
alert tcp $EXTERNAL NET $HTTP PORTS $HOME NET any (msg:"ET WEB SPECIFIC Visagesoft eXPert PDF Viewer ActiveX Control Arbitrary File Overwrite"; flow:to client,established ...
alert tcp $EXTERNAL NET $HTTP PORTS $HOME NET any (msg:"ET EXPLOIT Microsoft DebugDiag CrashHangExt.dll ActiveX Control Remote Denial of Service"; flow:to client ...
alert tcp $EXTERNAL NET any $HTTP SERVERS $HTTP PORTS (msg:"ET WEB SPECIFIC Aj Square RSS Reader url SQL Injection"; flow:established,to server; content:"GET " ...
alert tcp $EXTERNAL NET any $HTTP SERVERS $HTTP PORTS (msg:"ET WEB SPECIFIC All In One Control Panel poll id parameter SQL Injection"; flow:to server,established ...
alert tcp $EXTERNAL NET any $HTTP SERVERS $HTTP PORTS (msg:"ET WEB SPECIFIC PozScripts Classified Auctions id parameter SQL Injection"; flow:to server,established ...
alert tcp $EXTERNAL NET $HTTP PORTS $HOME NET any (msg:"ET WEB SPECIFIC DB Software Laboratory VImpX.ocx ActiveX Control Multiple Insecure Methods"; flow:to client ...
alert tcp $EXTERNAL NET any $HTTP SERVERS $HTTP PORTS (msg:"ET WEB SPECIFIC e107 BLOG Engine macgurublog.php uid Parameter SQL Injection"; flow:established,to server ...
alert tcp $EXTERNAL NET any $HTTP SERVERS $HTTP PORTS (msg:"ET WEB SPECIFIC SFS EZ BIZ PRO track.php id Parameter Remote SQL Injection"; flow:established,to server ...
alert tcp $EXTERNAL NET $HTTP PORTS $HOME NET any (msg:"ET WEB SCPECIFIC DjVu DjVu ActiveX MSOffice.dll ActiveX Component Heap Buffer Overflow"; flow:to client ...
alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET TROJAN Lighty Variant or UltimateDefender POST)"; flow:established,to server; content:"POST "; depth ...
alert ip 50.0.0.0/8,100.0.0.0/6,104.0.0.0/6,108.0.0.0/7,175.0.0.0/8,175.0.0.0/8,176.0.0.0/5,184.0.0.0/7 any $HOME NET any (msg:"ET POLICY Reserved IP Space Traffic ...
alert ip 192.0.2.0/24,198.18.0.0/15,223.0.0.0/8 any $HOME NET any (msg:"ET POLICY Reserved IP Space Traffic Bogon Nets 3"; classtype:bad unknown; reference ...
My Links .ATasteOfTWiki view a short introductory presentation on TWiki for beginners .WelcomeGuest starting points on TWiki .TWikiUsersGuide ...
My Links .ATasteOfTWiki view a short introductory presentation on TWiki for beginners .WelcomeGuest starting points on TWiki .TWikiUsersGuide ...
My Links .ATasteOfTWiki view a short introductory presentation on TWiki for beginners .WelcomeGuest starting points on TWiki .TWikiUsersGuide ...
alert udp $HOME NET any $EXTERNAL NET 53 (msg:"ET POLICY Possible External FreeGate DNS Query"; content:" 03 77 36 35 0d 7a 69 79 6f 75 6c 6f 6e 67 6c 69 76 65 ...
alert tcp $EXTERNAL NET $HTTP PORTS $HOME NET any (msg:"ET POLICY Possible Trojan File Download bad rar file header (not a valid rar file)"; flow:established,from ...
alert tcp $EXTERNAL NET $HTTP PORTS $HOME NET any (msg:"ET POLICY Possible Trojan File Download Rar Requested but not received"; flow:established,from server ...
alert tcp $EXTERNAL NET any $HOME NET 25 (msg:"ET CURRENT EVENTS Recovery KEYS for your account Trojan Email Trojan Inbound (2)"; flow:established,to server; content ...
alert tcp $EXTERNAL NET any $HOME NET 25 (msg:"ET CURRENT EVENTS Recovery KEYS for your account Trojan Email Trojan Inbound (2)"; flow:established,to server; content ...
alert tcp $EXTERNAL NET any $HOME NET 25 (msg:"ET CURRENT EVENTS Recovery KEYS for your account Trojan Email Trojan Inbound"; flow:established,to server; content ...
alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET TROJAN Ligats/DR.Ilomo Agent Post (2)"; flow:established,to server; content:"POST /"; depth:6; content ...
alert tcp $EXTERNAL NET any $HOME NET 21 (msg:"ET EXPLOIT GuildFTPd CWD and LIST Command Heap Overflow POC 1"; content:"cwd"; depth:4; nocase; dsize: 74; pcre ...
alert tcp $EXTERNAL NET any $HOME NET 21 (msg:"ET EXPLOIT GuildFTPd CWD and LIST Command Heap Overflow POC 2"; content:"list"; depth:5; nocase; dsize: 74; pcre ...
alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET CURRENT EVENTS MS08 067 Worm Traffic Outbound"; flowbits:isset,ET.ms08067 header; flow:established,to ...
alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET TROJAN Kangkio User Agent (lsosss)"; flow:established,to server; content:" 0d 0a User Agent\: lsosss ...
alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET MALWARE Suspicious User Agent Possible Admoke Admware (bdsclk)"; flow: to server,established; content ...
alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET TROJAN Generic Downloader Checkin Url Detected"; flow:established,to server; content:"??IP\:"; depth ...
alert tcp $EXTERNAL NET $HTTP PORTS $HOME NET any (msg:"ET POLICY Rar Requested but Received Something Else (1)"; flow:established,from server; flowbits:isset,ET ...
alert tcp $EXTERNAL NET $HTTP PORTS $HOME NET any (msg:"ET POLICY Rar Requested but Received Something Else (2)"; flow:established,from server; flowbits:isset,ET ...
alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET TROJAN Brontok/Joseray User Agent Detected (Joseray.A3 Browser)"; flow:established,to server; content ...
alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET POLICY Rar File Requested (2)"; flow:established,to server; uricontent:".rar"; content:".rar HTTP/1.1 ...
alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET POLICY Rar File Requested (1)"; flow:established,to server; uricontent:".rar"; content:".rar HTTP/1.0 ...
alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET TROJAN Insidebar.co.kr Related Infection Checkin"; flow:established,to server; content:"POST "; depth ...
alert tcp $HOME NET any $EXTERNAL NET 8080 (msg:"ET MALWARE Matcash Trojan Related Spyware Code Download"; flow:established,to server; content:" 0d 0a User Agent ...
alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET TROJAN Mcboo.com/Bundlext.com related Trojan Checkin URL"; flow:established,to server; uricontent:"/ack ...
alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET MALWARE Suspicious User Agent (Kvadrlson 1.0)"; flow:established,to server; content:" 0d 0a User Agent ...
alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET MALWARE Zenosearch Malware Checkin HTTP POST"; flow:established,to server; content:"POST "; depth:5; ...
Number of topics: 50
See also:
RSS feed, recent changes with 50, 100, 200, 500, 1000 topics, all changes
Main Web
Create New Topic
Index
Search
Changes
Preferences- User Reference
- ATasteOfTWiki
- TextFormattingRules
- Signature Reference
- WebRss Feed
- EmergingFAQ
 |
|
Copyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors. Ideas, requests, problems regarding TWiki? Send feedback