Snort :: Changes 2007-06-19

Sourcefire VRT Rules Update

Date: 2007-06-19

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2.4.
The format of the file is:
sid - Message (rule group)
New rules:
11948 <-> SPYWARE-PUT Hijacker snap toolbar runtime detection - cookie (spyware-put.rules)
11949 <-> BACKDOOR lame rat v1.0 runtime detection (backdoor.rules)
11950 <-> BACKDOOR killav_gj (backdoor.rules)
11951 <-> BACKDOOR winshadow runtime detection - init connection request (backdoor.rules)
11952 <-> BACKDOOR winshadow runtime detection - udp response (backdoor.rules)
11953 <-> BACKDOOR supervisor plus runtime detection (backdoor.rules)
11954 <-> BACKDOOR supervisor plus runtime detection (backdoor.rules)
11955 <-> NETBIOS SMB-DS Trans2 OPEN2 maximum param count overflow attempt (netbios.rules)
11956 <-> NETBIOS SMB-DS Trans2 OPEN2 unicode maximum param count overflow attempt (netbios.rules)
11957 <-> NETBIOS-DG SMB Trans2 OPEN2 maximum param count overflow attempt (netbios.rules)
11958 <-> NETBIOS-DG SMB Trans2 OPEN2 unicode maximum param count overflow attempt (netbios.rules)
11959 <-> NETBIOS SMB Trans2 OPEN2 andx maximum param count overflow attempt (netbios.rules)
11960 <-> NETBIOS SMB Trans2 OPEN2 unicode andx maximum param count overflow attempt (netbios.rules)
11961 <-> NETBIOS SMB-DS Trans2 OPEN2 andx maximum param count overflow attempt (netbios.rules)
11962 <-> NETBIOS SMB-DS Trans2 OPEN2 unicode andx maximum param count overflow attempt (netbios.rules)
11963 <-> NETBIOS-DG SMB Trans2 OPEN2 andx maximum param count overflow attempt (netbios.rules)
11964 <-> NETBIOS-DG SMB Trans2 OPEN2 unicode andx maximum param count overflow attempt (netbios.rules)
11965 <-> WEB-MISC SSLv2 Server_Hello request from TLSv1 Client_Hello request (web-misc.rules)

Updated rules:
 104 <-> DELETED BACKDOOR - Dagger_1.4.0_client_connect (deleted.rules)
 120 <-> DELETED BACKDOOR Infector 1.6 Server to Client (deleted.rules)
 153 <-> DELETED BACKDOOR DonaldDick 1.53 Traffic (deleted.rules)
 155 <-> DELETED BACKDOOR NetSphere 1.31.337 access (deleted.rules)
 159 <-> DELETED BACKDOOR NetMetro File List (deleted.rules)
 282 <-> DELETED DOS arkiea backup (deleted.rules)
 537 <-> DELETED NETBIOS SMB IPC$ share access (deleted.rules)
 538 <-> DELETED NETBIOS SMB IPC$ unicode share access (deleted.rules)
 674 <-> DELETED MS-SQL xp_displayparamstmt possible buffer overflow (deleted.rules)
 675 <-> DELETED MS-SQL xp_setsqlsecurity possible buffer overflow (deleted.rules)
 682 <-> DELETED MS-SQL xp_enumresultset possible buffer overflow (deleted.rules)
 690 <-> DELETED MS-SQL/SMB xp_printstatements possible buffer overflow (deleted.rules)
 696 <-> DELETED MS-SQL/SMB xp_showcolv possible buffer overflow (deleted.rules)
 697 <-> DELETED MS-SQL/SMB xp_peekqueue possible buffer overflow (deleted.rules)
 698 <-> DELETED MS-SQL/SMB xp_proxiedmetadata possible buffer overflow (deleted.rules)
 699 <-> DELETED MS-SQL xp_printstatements possible buffer overflow (deleted.rules)
 700 <-> DELETED MS-SQL/SMB xp_updatecolvbm possible buffer overflow (deleted.rules)
 701 <-> DELETED MS-SQL xp_updatecolvbm possible buffer overflow (deleted.rules)
 702 <-> DELETED MS-SQL/SMB xp_displayparamstmt possible buffer overflow (deleted.rules)
 703 <-> DELETED MS-SQL/SMB xp_setsqlsecurity possible buffer overflow (deleted.rules)
 705 <-> DELETED MS-SQL xp_showcolv possible buffer overflow (deleted.rules)
 706 <-> DELETED MS-SQL xp_peekqueue possible buffer overflow (deleted.rules)
 707 <-> DELETED MS-SQL xp_proxiedmetadata possible buffer overflow (deleted.rules)
 708 <-> DELETED MS-SQL/SMB xp_enumresultset possible buffer overflow (deleted.rules)
 830 <-> DELETED WEB-CGI NPH-publish access (deleted.rules)
 841 <-> DELETED WEB-CGI pfdisplay.cgi access (deleted.rules)
 873 <-> WEB-CGI scriptalias access (web-cgi.rules)
 915 <-> WEB-COLDFUSION evaluate.cfm access (web-coldfusion.rules)
 972 <-> DELETED WEB-IIS %2E-asp access (deleted.rules)
1029 <-> WEB-IIS scripts-browse access (web-iis.rules)
1104 <-> DELETED WEB-MISC whisker space splice attack (deleted.rules)
1143 <-> DELETED WEB-MISC ///cgi-bin access (deleted.rules)
1144 <-> DELETED WEB-MISC /cgi-bin/// access (deleted.rules)
1288 <-> WEB-FRONTPAGE /_vti_bin/ access (web-frontpage.rules)
1479 <-> WEB-CGI ttawebtop.cgi arbitrary file attempt (web-cgi.rules)
1524 <-> WEB-MISC AxisStorpoint CD attempt (web-misc.rules)
1632 <-> DELETED CHAT AIM send message (deleted.rules)
1748 <-> DELETED FTP command overflow attempt (deleted.rules)
1801 <-> DELETED WEB-IIS .asp HTTP header buffer overflow attempt (deleted.rules)
2101 <-> NETBIOS SMB Trans Max Param/Count DOS attempt (netbios.rules)
2103 <-> NETBIOS SMB Trans2 OPEN2 unicode maximum param count overflow attempt (netbios.rules)
2251 <-> DELETED NETBIOS DCERPC Remote Activation bind attempt (deleted.rules)
2308 <-> DELETED NETBIOS SMB DCERPC Workstation Service unicode bind attempt (deleted.rules)
2309 <-> DELETED NETBIOS SMB DCERPC Workstation Service bind attempt (deleted.rules)
2310 <-> DELETED NETBIOS SMB-DS DCERPC Workstation Service unicode bind attempt (deleted.rules)
2311 <-> DELETED NETBIOS SMB-DS DCERPC Workstation Service bind attempt (deleted.rules)
2315 <-> DELETED NETBIOS DCERPC Workstation Service direct service bind attempt (deleted.rules)
2316 <-> DELETED NETBIOS DCERPC Workstation Service direct service access attempt (deleted.rules)
2465 <-> DELETED NETBIOS-DG SMB IPC$ share access (deleted.rules)
2466 <-> DELETED NETBIOS-DG SMB IPC$ unicode share access (deleted.rules)
2500 <-> DELETED POP3 SSLv3 invalid data version attempt (deleted.rules)
2532 <-> DELETED POP3 SSLv3 Client_Hello request (deleted.rules)
2533 <-> DELETED POP3 SSLv3 Server_Hello request (deleted.rules)
2534 <-> DELETED POP3 SSLv3 invalid Client_Hello attempt (deleted.rules)
2622 <-> DELETED ORACLE dbms_repcat_utl.drop_an_object buffer overflow attempt (deleted.rules)
2623 <-> DELETED ORACLE dbms_repcat_sna_utl.create_snapshot_repgroup buffer overflow attempt (deleted.rules)
2631 <-> DELETED ORACLE dbms_repcat.refresh_mview_repgroup buffer overflow attempt (deleted.rules)
2635 <-> DELETED ORACLE dbms_offline_snapshot.end_load buffer overflow attempt (deleted.rules)
2647 <-> DELETED ORACLE dbms_repcat_instantiate.instantiate_online buffer overflow attempt (deleted.rules)
2676 <-> DELETED ORACLE dbms_repcat_rgt.drop_site_instantiation buffer overflow attempt (deleted.rules)
2700 <-> DELETED ORACLE numtoyminterval buffer overflow attempt (deleted.rules)
2710 <-> DELETED ORACLE dbms_offline_og.begin_load buffer overflow attempt (deleted.rules)
2952 <-> DELETED NETBIOS SMB-DS IPC$ share access (deleted.rules)
2953 <-> DELETED NETBIOS SMB-DS IPC$ unicode share access (deleted.rules)
2954 <-> DELETED NETBIOS SMB IPC$ andx share access (deleted.rules)
2955 <-> DELETED NETBIOS SMB IPC$ unicode andx share access (deleted.rules)
3017 <-> EXPLOIT WINS overflow attempt (exploit.rules)
3272 <-> DELETED BACKDOOR mydoom.a backdoor upload/execute attempt (deleted.rules)
3505 <-> DELETED POP3 SSLv2 Client_Hello request (deleted.rules)
3506 <-> DELETED POP3 SSLv2 Client_Hello with pad request (deleted.rules)
3507 <-> DELETED POP3 TLSv1 Client_Hello request (deleted.rules)
3508 <-> DELETED POP3 TLSv1 Client_Hello via SSLv2 handshake request (deleted.rules)
3509 <-> DELETED POP3 SSLv2 Server_Hello request (deleted.rules)
3510 <-> DELETED POP3 TLSv1 Server_Hello request (deleted.rules)
3684 <-> DELETED WEB-CLIENT Bitmap Transfer (deleted.rules)
3697 <-> NETBIOS DCERPC DIRECT veritas alter context attempt (netbios.rules)
3698 <-> NETBIOS DCERPC DIRECT veritas little endian alter context attempt (netbios.rules)
3699 <-> NETBIOS DCERPC DIRECT veritas bind attempt (netbios.rules)
3700 <-> NETBIOS DCERPC DIRECT veritas little endian bind attempt (netbios.rules)
5716 <-> NETBIOS SMB Trans unicode Max Param/Count DOS attempt (netbios.rules)
5717 <-> NETBIOS SMB-DS Trans Max Param/Count DOS attempt (netbios.rules)
5718 <-> NETBIOS SMB-DS Trans unicode Max Param/Count DOS attempt (netbios.rules)
5719 <-> NETBIOS-DG SMB Trans Max Param/Count DOS attempt (netbios.rules)
5720 <-> NETBIOS-DG SMB Trans unicode Max Param/Count DOS attempt (netbios.rules)
5721 <-> NETBIOS SMB Trans andx Max Param/Count DOS attempt (netbios.rules)
5722 <-> NETBIOS SMB Trans unicode andx Max Param/Count DOS attempt (netbios.rules)
5723 <-> NETBIOS SMB-DS Trans andx Max Param/Count DOS attempt (netbios.rules)
5724 <-> NETBIOS SMB-DS Trans unicode andx Max Param/Count DOS attempt (netbios.rules)
5725 <-> NETBIOS-DG SMB Trans andx Max Param/Count DOS attempt (netbios.rules)
5726 <-> NETBIOS-DG SMB Trans unicode andx Max Param/Count DOS attempt (netbios.rules)
5727 <-> NETBIOS SMB Trans unicode Max Param DOS attempt (netbios.rules)
5728 <-> NETBIOS-DG SMB Trans Max Param DOS attempt (netbios.rules)
5729 <-> NETBIOS SMB Trans Max Param DOS attempt (netbios.rules)
5730 <-> NETBIOS SMB-DS Trans Max Param DOS attempt (netbios.rules)
5731 <-> NETBIOS SMB-DS Trans unicode Max Param DOS attempt (netbios.rules)
5732 <-> NETBIOS-DG SMB Trans unicode Max Param DOS attempt (netbios.rules)
5733 <-> NETBIOS SMB Trans unicode andx Max Param DOS attempt (netbios.rules)
5734 <-> NETBIOS-DG SMB Trans andx Max Param DOS attempt (netbios.rules)
5735 <-> NETBIOS SMB Trans andx Max Param DOS attempt (netbios.rules)
5736 <-> NETBIOS SMB-DS Trans andx Max Param DOS attempt (netbios.rules)
5737 <-> NETBIOS SMB-DS Trans unicode andx Max Param DOS attempt (netbios.rules)
5738 <-> NETBIOS-DG SMB Trans unicode andx Max Param DOS attempt (netbios.rules)
5856 <-> DELETED SPYWARE-PUT Hijacker funbuddyicons runtime detection - funwebproducts user-agent string (deleted.rules)
5869 <-> DELETED SPYWARE-PUT Trickler VX2/ABetterInternet transponder thinstaller runtime detection - download request 1 (deleted.rules)
5870 <-> DELETED SPYWARE-PUT Trickler VX2/ABetterInternet transponder thinstaller runtime detection - download request 2 (deleted.rules)
5912 <-> DELETED SPYWARE-PUT Hijacker webcrawler runtime detection (deleted.rules)
6032 <-> DELETED BACKDOOR fkwp 2.0 runtime detection - conn success-cts (deleted.rules)
6038 <-> DELETED BACKDOOR netbus 1.7 runtime detection - initial connection (deleted.rules)
6067 <-> DELETED BACKDOOR optixlite 1.0 runtime detection - conn failure-cts (deleted.rules)
6135 <-> DELETED BACKDOOR clindestine 1.0 icq notification of server installation (deleted.rules)
6158 <-> DELETED BACKDOOR satanz Backdoor runtime detection (deleted.rules)
6162 <-> DELETED BACKDOOR netsphere v1.31.337 final runtime detection (deleted.rules)
6163 <-> DELETED BACKDOOR gate crahser v1.2 runtime detection (deleted.rules)
6210 <-> DELETED SPYWARE-PUT Adware deskwizz runtime detection - ad banner (deleted.rules)
6229 <-> DELETED SPYWARE-PUT Adware exact.bargainbuddy runtime detection - adp ads (deleted.rules)
6231 <-> DELETED SPYWARE-PUT Adware mirar runtime detection - search (deleted.rules)
6235 <-> DELETED SPYWARE-PUT Adware spoton runtime detection (deleted.rules)
6262 <-> DELETED SPYWARE-PUT Hijacker gigatech superbar runtime detection - hijack ie auto search (deleted.rules)
6272 <-> DELETED SPYWARE-PUT Adware bundleware ds3 runtime detection - initial connection (deleted.rules)
6273 <-> DELETED SPYWARE-PUT Adware bundleware ds3 runtime detection - pop-up retreival (deleted.rules)
6277 <-> DELETED SPYWARE-PUT Hijacker navexcel runtime detection (deleted.rules)
6369 <-> DELETED SPYWARE-PUT Adware flashtrack media runtime detection - download .dll (deleted.rules)
6370 <-> DELETED SPYWARE-PUT Adware flashtrack media runtime detection - download .exe (deleted.rules)
6393 <-> DELETED SPYWARE-PUT Hijacker zeropopup runtime detection - button search (deleted.rules)
6519 <-> DELETED WEB-CLIENT DXImageTransform.Microsoft.Light ActiveX function call access (deleted.rules)
7056 <-> DELETED BACKDOOR amanda 2.0 runtime detection - initial connection (deleted.rules)
7062 <-> DELETED BACKDOOR charon runtime detection - download log flowbit 2 (deleted.rules)
7063 <-> DELETED BACKDOOR charon runtime detection - download log (deleted.rules)
7092 <-> DELETED BACKDOOR uprising screen control 1.0 runtime detection (deleted.rules)
7093 <-> DELETED BACKDOOR uprising screen control 1.0 runtime detection - init connectiion (deleted.rules)
7094 <-> DELETED BACKDOOR uprising screen control 1.0 runtime detection (deleted.rules)
7095 <-> DELETED BACKDOOR uprising screen control 1.0 runtime detection - begin capture (deleted.rules)
7100 <-> DELETED BACKDOOR mass connect 1.1 runtime detection - http (deleted.rules)
7109 <-> DELETED BACKDOOR vampire runtime detection (deleted.rules)
7110 <-> DELETED BACKDOOR vampire runtime detection (deleted.rules)
7117 <-> DELETED BACKDOOR y3k 1.2 runtime detection - icq notification (deleted.rules)
7131 <-> DELETED SPYWARE-PUT Hijacker wowok mp3 bar runtime detection - tracking (deleted.rules)
7132 <-> DELETED SPYWARE-PUT Hijacker wowok mp3 bar runtime detection - advertising 1 (deleted.rules)
7133 <-> DELETED SPYWARE-PUT Hijacker wowok mp3 bar runtime detection - advertising 2 (deleted.rules)
7134 <-> DELETED SPYWARE-PUT Hijacker wowok mp3 bar runtime detection - search assissant hijacking (deleted.rules)
7170 <-> DELETED SPYWARE-PUT Keylogger ab system spy runtime detection - info update (deleted.rules)
7171 <-> DELETED SPYWARE-PUT Keylogger ab system spy runtime detection - info update (deleted.rules)
7172 <-> DELETED SPYWARE-PUT Keylogger ab system spy runtime detection - info update (deleted.rules)
7173 <-> DELETED SPYWARE-PUT Keylogger ab system spy runtime detection - info update (deleted.rules)
7174 <-> DELETED SPYWARE-PUT Keylogger ab system spy runtime detection - info update (deleted.rules)
7181 <-> DELETED SPYWARE-PUT Keylogger desktop detective 2000 runtime detection - info request (deleted.rules)
7182 <-> DELETED SPYWARE-PUT Keylogger desktop detective 2000 runtime detection - info request (deleted.rules)
7555 <-> DELETED SPYWARE-PUT Adware hxdl runtime detection - crypt user-agent (deleted.rules)
7666 <-> DELETED BACKDOOR screen control 1.0 runtime detection - capture on port 2208 - flowbit set (deleted.rules)
7779 <-> DELETED BACKDOOR net devil 1.4 runtime detection - initial connection - flowbit set 1 (deleted.rules)
7780 <-> DELETED BACKDOOR net devil 1.4 runtime detection - initial connection - flowbit set 2 (deleted.rules)
7781 <-> DELETED BACKDOOR net devil 1.4 runtime detection - initial connection (deleted.rules)
7960 <-> DELETED WEB-CLIENT mk Asychronous Pluggable Protocol Handler ActiveX CLSID access (deleted.rules)
7961 <-> DELETED WEB-CLIENT mk Asychronous Pluggable Protocol Handler ActiveX CLSID unicode access (deleted.rules)
7962 <-> DELETED WEB-CLIENT mk Asychronous Pluggable Protocol Handler ActiveX CLSID access (deleted.rules)
7963 <-> DELETED WEB-CLIENT mk Asychronous Pluggable Protocol Handler ActiveX CLSID unicode access (deleted.rules)
7964 <-> DELETED WEB-CLIENT mk Asychronous Pluggable Protocol Handler ActiveX CLSID access (deleted.rules)
7965 <-> DELETED WEB-CLIENT mk Asychronous Pluggable Protocol Handler ActiveX CLSID unicode access (deleted.rules)
7966 <-> DELETED WEB-CLIENT mk Asychronous Pluggable Protocol Handler ActiveX CLSID access (deleted.rules)
7967 <-> DELETED WEB-CLIENT mk Asychronous Pluggable Protocol Handler ActiveX CLSID unicode access (deleted.rules)
7968 <-> DELETED WEB-CLIENT mk Asychronous Pluggable Protocol Handler ActiveX CLSID access (deleted.rules)
7969 <-> DELETED WEB-CLIENT mk Asychronous Pluggable Protocol Handler ActiveX CLSID unicode access (deleted.rules)
8447 <-> DELETED WEB-CLIENT Open document file transfer attempt (deleted.rules)
10106 <-> DELETED BACKDOOR icmp cmd 1.0 runtime detection - download file (deleted.rules)
10524 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs2 WriteAndX overflow attempt (deleted.rules)
10525 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 WriteAndX object call overflow attempt (deleted.rules)
10526 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 object call overflow attempt (deleted.rules)
10527 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs2 little endian overflow attempt (deleted.rules)
10528 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 unicode object call overflow attempt (deleted.rules)
10532 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 WriteAndX overflow attempt (deleted.rules)
10533 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 WriteAndX little endian overflow attempt (deleted.rules)
10534 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 little endian overflow attempt (deleted.rules)
10535 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 overflow attempt (deleted.rules)
10538 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 object call overflow attempt (deleted.rules)
10539 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 little endian object call overflow attempt (deleted.rules)
10540 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 WriteAndX little endian object call overflow attempt (deleted.rules)
10541 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 unicode object call overflow attempt (deleted.rules)
10543 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 WriteAndX unicode object call overflow attempt (deleted.rules)
10544 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 WriteAndX unicode little endian object call overflow attempt (deleted.rules)
10546 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 little endian object call overflow attempt (deleted.rules)
10547 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 unicode little endian object call overflow attempt (deleted.rules)
10548 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 WriteAndX unicode little endian object call overflow attempt (deleted.rules)
10549 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 unicode little endian overflow attempt (deleted.rules)
10551 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs2 WriteAndX unicode little endian overflow attempt (deleted.rules)
10553 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 unicode overflow attempt (deleted.rules)
10554 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs2 little endian overflow attempt (deleted.rules)
10556 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 WriteAndX little endian overflow attempt (deleted.rules)
10557 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs2 WriteAndX little endian overflow attempt (deleted.rules)
10559 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs2 WriteAndX unicode overflow attempt (deleted.rules)
10561 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs2 overflow attempt (deleted.rules)
10562 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs2 WriteAndX overflow attempt (deleted.rules)
10563 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs2 overflow attempt (deleted.rules)
10564 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs2 WriteAndX little endian overflow attempt (deleted.rules)
10565 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs2 unicode overflow attempt (deleted.rules)
10567 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs2 WriteAndX unicode overflow attempt (deleted.rules)
10569 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs2 unicode overflow attempt (deleted.rules)
10570 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs2 WriteAndX unicode little endian overflow attempt (deleted.rules)
10571 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs2 unicode little endian overflow attempt (deleted.rules)
10575 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs2 unicode little endian overflow attempt (deleted.rules)
10576 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 WriteAndX overflow attempt (deleted.rules)
10578 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 WriteAndX unicode overflow attempt (deleted.rules)
10579 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 overflow attempt (deleted.rules)
10582 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 unicode overflow attempt (deleted.rules)
10583 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 WriteAndX unicode overflow attempt (deleted.rules)
10584 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 WriteAndX unicode little endian overflow attempt (deleted.rules)
10585 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 little endian overflow attempt (deleted.rules)
10588 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 WriteAndX unicode little endian overflow attempt (deleted.rules)
10590 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 unicode little endian overflow attempt (deleted.rules)
10591 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 WriteAndX little endian object call overflow attempt (deleted.rules)
10593 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 unicode little endian object call overflow attempt (deleted.rules)
10594 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 WriteAndX unicode object call overflow attempt (deleted.rules)
10595 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 WriteAndX object call overflow attempt (deleted.rules)
10596 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs2 WriteAndX andx overflow attempt (deleted.rules)
10597 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 WriteAndX andx object call overflow attempt (deleted.rules)
10598 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 andx object call overflow attempt (deleted.rules)
10599 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs2 little endian andx overflow attempt (deleted.rules)
10600 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 unicode andx object call overflow attempt (deleted.rules)
10604 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 WriteAndX andx overflow attempt (deleted.rules)
10605 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 WriteAndX little endian andx overflow attempt (deleted.rules)
10606 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 little endian andx overflow attempt (deleted.rules)
10607 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 andx overflow attempt (deleted.rules)
10610 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 andx object call overflow attempt (deleted.rules)
10611 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 little endian andx object call overflow attempt (deleted.rules)
10612 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 WriteAndX little endian andx object call overflow attempt (deleted.rules)
10613 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 unicode andx object call overflow attempt (deleted.rules)
10615 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 WriteAndX unicode andx object call overflow attempt (deleted.rules)
10616 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 WriteAndX unicode little endian andx object call overflow attempt (deleted.rules)
10618 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 little endian andx object call overflow attempt (deleted.rules)
10619 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 unicode little endian andx object call overflow attempt (deleted.rules)
10620 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 WriteAndX unicode little endian andx object call overflow attempt (deleted.rules)
10621 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 unicode little endian andx overflow attempt (deleted.rules)
10623 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs2 WriteAndX unicode little endian andx overflow attempt (deleted.rules)
10625 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 unicode andx overflow attempt (deleted.rules)
10626 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs2 little endian andx overflow attempt (deleted.rules)
10628 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 WriteAndX little endian andx overflow attempt (deleted.rules)
10629 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs2 WriteAndX little endian andx overflow attempt (deleted.rules)
10631 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs2 WriteAndX unicode andx overflow attempt (deleted.rules)
10633 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs2 andx overflow attempt (deleted.rules)
10634 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs2 WriteAndX andx overflow attempt (deleted.rules)
10635 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs2 andx overflow attempt (deleted.rules)
10636 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs2 WriteAndX little endian andx overflow attempt (deleted.rules)
10637 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs2 unicode andx overflow attempt (deleted.rules)
10639 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs2 WriteAndX unicode andx overflow attempt (deleted.rules)
10641 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs2 unicode andx overflow attempt (deleted.rules)
10642 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs2 WriteAndX unicode little endian andx overflow attempt (deleted.rules)
10643 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs2 unicode little endian andx overflow attempt (deleted.rules)
10647 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs2 unicode little endian andx overflow attempt (deleted.rules)
10648 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 WriteAndX andx overflow attempt (deleted.rules)
10650 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 WriteAndX unicode andx overflow attempt (deleted.rules)
10651 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 andx overflow attempt (deleted.rules)
10654 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 unicode andx overflow attempt (deleted.rules)
10655 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 WriteAndX unicode andx overflow attempt (deleted.rules)
10656 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 WriteAndX unicode little endian andx overflow attempt (deleted.rules)
10657 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 little endian andx overflow attempt (deleted.rules)
10660 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 WriteAndX unicode little endian andx overflow attempt (deleted.rules)
10662 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 unicode little endian andx overflow attempt (deleted.rules)
10663 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 WriteAndX little endian andx object call overflow attempt (deleted.rules)
10665 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 unicode little endian andx object call overflow attempt (deleted.rules)
10666 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 WriteAndX unicode andx object call overflow attempt (deleted.rules)
10667 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 WriteAndX andx object call overflow attempt (deleted.rules)
10668 <-> DELETED NETBIOS DCERPC DIRECT-UDP v4 dns R_Dnssrv funcs2 little endian overflow attempt (deleted.rules)
10670 <-> DELETED NETBIOS DCERPC NCACN-IP-TCP v4 dns R_Dnssrv funcs2 overflow attempt (deleted.rules)
10671 <-> DELETED NETBIOS DCERPC NCACN-HTTP v4 dns R_Dnssrv funcs2 little endian overflow attempt (deleted.rules)
10673 <-> DELETED NETBIOS DCERPC NCACN-IP-TCP dns R_Dnssrv funcs2 little endian overflow attempt (deleted.rules)
10674 <-> DELETED NETBIOS DCERPC NCACN-HTTP v4 dns R_Dnssrv funcs2 overflow attempt (deleted.rules)
10675 <-> DELETED NETBIOS DCERPC NCADG-IP-UDP v4 dns R_Dnssrv funcs2 little endian overflow attempt (deleted.rules)
10676 <-> DELETED NETBIOS DCERPC NCADG-IP-UDP v4 dns R_Dnssrv funcs2 overflow attempt (deleted.rules)
10677 <-> DELETED NETBIOS DCERPC NCACN-IP-TCP v4 dns R_Dnssrv funcs2 little endian overflow attempt (deleted.rules)
10678 <-> DELETED NETBIOS DCERPC DIRECT-UDP v4 dns R_Dnssrv funcs2 overflow attempt (deleted.rules)
10680 <-> DELETED NETBIOS DCERPC NCACN-IP-TCP dns R_Dnssrv funcs2 overflow attempt (deleted.rules)
10681 <-> DELETED NETBIOS DCERPC DIRECT-UDP dns R_Dnssrv funcs2 little endian overflow attempt (deleted.rules)
10682 <-> DELETED NETBIOS DCERPC NCACN-HTTP dns R_Dnssrv funcs2 little endian overflow attempt (deleted.rules)
10683 <-> DELETED NETBIOS DCERPC NCADG-IP-UDP dns R_Dnssrv funcs2 overflow attempt (deleted.rules)
10684 <-> DELETED NETBIOS DCERPC NCADG-IP-UDP dns R_Dnssrv funcs2 little endian overflow attempt (deleted.rules)
10685 <-> DELETED NETBIOS DCERPC NCACN-HTTP dns R_Dnssrv funcs2 overflow attempt (deleted.rules)
10687 <-> DELETED NETBIOS DCERPC DIRECT-UDP dns R_Dnssrv funcs2 overflow attempt (deleted.rules)
10689 <-> DELETED NETBIOS DCERPC NCACN-IP-TCP dns R_Dnssrv funcs2 little endian object call overflow attempt (deleted.rules)
10691 <-> DELETED NETBIOS DCERPC NCACN-IP-TCP dns R_Dnssrv funcs2 object call overflow attempt (deleted.rules)
10692 <-> DELETED NETBIOS DCERPC DIRECT-UDP dns R_Dnssrv funcs2 little endian object call overflow attempt (deleted.rules)
10693 <-> DELETED NETBIOS DCERPC NCACN-HTTP dns R_Dnssrv funcs2 little endian object call overflow attempt (deleted.rules)
10694 <-> DELETED NETBIOS DCERPC NCADG-IP-UDP dns R_Dnssrv funcs2 object call overflow attempt (deleted.rules)
10695 <-> DELETED NETBIOS DCERPC NCADG-IP-UDP dns R_Dnssrv funcs2 little endian object call overflow attempt (deleted.rules)
10696 <-> DELETED NETBIOS DCERPC NCACN-HTTP dns R_Dnssrv funcs2 object call overflow attempt (deleted.rules)
10697 <-> DELETED NETBIOS DCERPC DIRECT-UDP dns R_Dnssrv funcs2 object call overflow attempt (deleted.rules)
10698 <-> DELETED NETBIOS SMB dns alter context attempt (deleted.rules)
10701 <-> DELETED NETBIOS SMB dns WriteAndX alter context attempt (deleted.rules)
10703 <-> DELETED NETBIOS-DG SMB dns alter context attempt (deleted.rules)
10704 <-> DELETED NETBIOS-DG SMB dns WriteAndX alter context attempt (deleted.rules)
10705 <-> DELETED NETBIOS-DG SMB dns unicode alter context attempt (deleted.rules)
10706 <-> DELETED NETBIOS SMB dns unicode alter context attempt (deleted.rules)
10707 <-> DELETED NETBIOS SMB dns WriteAndX unicode alter context attempt (deleted.rules)
10709 <-> DELETED NETBIOS-DG SMB dns WriteAndX unicode alter context attempt (deleted.rules)
10710 <-> DELETED NETBIOS SMB dns little endian alter context attempt (deleted.rules)
10711 <-> DELETED NETBIOS SMB dns WriteAndX little endian alter context attempt (deleted.rules)
10712 <-> DELETED NETBIOS SMB dns unicode little endian alter context attempt (deleted.rules)
10713 <-> DELETED NETBIOS SMB dns WriteAndX unicode little endian alter context attempt (deleted.rules)
10718 <-> DELETED NETBIOS-DG SMB dns little endian alter context attempt (deleted.rules)
10719 <-> DELETED NETBIOS-DG SMB dns WriteAndX little endian alter context attempt (deleted.rules)
10720 <-> DELETED NETBIOS-DG SMB dns unicode little endian alter context attempt (deleted.rules)
10721 <-> DELETED NETBIOS-DG SMB dns WriteAndX unicode little endian alter context attempt (deleted.rules)
10722 <-> DELETED NETBIOS SMB dns bind attempt (deleted.rules)
10723 <-> DELETED NETBIOS SMB dns WriteAndX bind attempt (deleted.rules)
10724 <-> DELETED NETBIOS SMB dns unicode bind attempt (deleted.rules)
10725 <-> DELETED NETBIOS SMB dns WriteAndX unicode bind attempt (deleted.rules)
10730 <-> DELETED NETBIOS-DG SMB dns bind attempt (deleted.rules)
10731 <-> DELETED NETBIOS-DG SMB dns WriteAndX bind attempt (deleted.rules)
10732 <-> DELETED NETBIOS-DG SMB dns unicode bind attempt (deleted.rules)
10733 <-> DELETED NETBIOS-DG SMB dns WriteAndX unicode bind attempt (deleted.rules)
10734 <-> DELETED NETBIOS SMB dns little endian bind attempt (deleted.rules)
10735 <-> DELETED NETBIOS SMB dns WriteAndX little endian bind attempt (deleted.rules)
10736 <-> DELETED NETBIOS SMB dns unicode little endian bind attempt (deleted.rules)
10737 <-> DELETED NETBIOS SMB dns WriteAndX unicode little endian bind attempt (deleted.rules)
10742 <-> DELETED NETBIOS-DG SMB dns little endian bind attempt (deleted.rules)
10743 <-> DELETED NETBIOS-DG SMB dns WriteAndX little endian bind attempt (deleted.rules)
10744 <-> DELETED NETBIOS-DG SMB dns unicode little endian bind attempt (deleted.rules)
10745 <-> DELETED NETBIOS-DG SMB dns WriteAndX unicode little endian bind attempt (deleted.rules)
10746 <-> DELETED NETBIOS SMB dns andx alter context attempt (deleted.rules)
10749 <-> DELETED NETBIOS SMB dns WriteAndX andx alter context attempt (deleted.rules)
10751 <-> DELETED NETBIOS-DG SMB dns andx alter context attempt (deleted.rules)
10752 <-> DELETED NETBIOS-DG SMB dns WriteAndX andx alter context attempt (deleted.rules)
10753 <-> DELETED NETBIOS-DG SMB dns unicode andx alter context attempt (deleted.rules)
10754 <-> DELETED NETBIOS SMB dns unicode andx alter context attempt (deleted.rules)
10755 <-> DELETED NETBIOS SMB dns WriteAndX unicode andx alter context attempt (deleted.rules)
10757 <-> DELETED NETBIOS-DG SMB dns WriteAndX unicode andx alter context attempt (deleted.rules)
10758 <-> DELETED NETBIOS SMB dns little endian andx alter context attempt (deleted.rules)
10759 <-> DELETED NETBIOS SMB dns WriteAndX little endian andx alter context attempt (deleted.rules)
10760 <-> DELETED NETBIOS SMB dns unicode little endian andx alter context attempt (deleted.rules)
10761 <-> DELETED NETBIOS SMB dns WriteAndX unicode little endian andx alter context attempt (deleted.rules)
10766 <-> DELETED NETBIOS-DG SMB dns little endian andx alter context attempt (deleted.rules)
10767 <-> DELETED NETBIOS-DG SMB dns WriteAndX little endian andx alter context attempt (deleted.rules)
10768 <-> DELETED NETBIOS-DG SMB dns unicode little endian andx alter context attempt (deleted.rules)
10769 <-> DELETED NETBIOS-DG SMB dns WriteAndX unicode little endian andx alter context attempt (deleted.rules)
10770 <-> DELETED NETBIOS SMB dns andx bind attempt (deleted.rules)
10771 <-> DELETED NETBIOS SMB dns WriteAndX andx bind attempt (deleted.rules)
10772 <-> DELETED NETBIOS SMB dns unicode andx bind attempt (deleted.rules)
10773 <-> DELETED NETBIOS SMB dns WriteAndX unicode andx bind attempt (deleted.rules)
10778 <-> DELETED NETBIOS-DG SMB dns andx bind attempt (deleted.rules)
10779 <-> DELETED NETBIOS-DG SMB dns WriteAndX andx bind attempt (deleted.rules)
10780 <-> DELETED NETBIOS-DG SMB dns unicode andx bind attempt (deleted.rules)
10781 <-> DELETED NETBIOS-DG SMB dns WriteAndX unicode andx bind attempt (deleted.rules)
10782 <-> DELETED NETBIOS SMB dns little endian andx bind attempt (deleted.rules)
10783 <-> DELETED NETBIOS SMB dns WriteAndX little endian andx bind attempt (deleted.rules)
10784 <-> DELETED NETBIOS SMB dns unicode little endian andx bind attempt (deleted.rules)
10785 <-> DELETED NETBIOS SMB dns WriteAndX unicode little endian andx bind attempt (deleted.rules)
10790 <-> DELETED NETBIOS-DG SMB dns little endian andx bind attempt (deleted.rules)
10791 <-> DELETED NETBIOS-DG SMB dns WriteAndX little endian andx bind attempt (deleted.rules)
10792 <-> DELETED NETBIOS-DG SMB dns unicode little endian andx bind attempt (deleted.rules)
10793 <-> DELETED NETBIOS-DG SMB dns WriteAndX unicode little endian andx bind attempt (deleted.rules)
10794 <-> DELETED NETBIOS DCERPC NCACN-IP-TCP dns alter context attempt (deleted.rules)
10795 <-> DELETED NETBIOS DCERPC DIRECT-UDP dns alter context attempt (deleted.rules)
10796 <-> DELETED NETBIOS DCERPC NCACN-HTTP dns little endian alter context attempt (deleted.rules)
10797 <-> DELETED NETBIOS DCERPC NCADG-IP-UDP dns alter context attempt (deleted.rules)
10798 <-> DELETED NETBIOS DCERPC NCADG-IP-UDP dns little endian alter context attempt (deleted.rules)
10799 <-> DELETED NETBIOS DCERPC DIRECT-UDP dns little endian alter context attempt (deleted.rules)
10800 <-> DELETED NETBIOS DCERPC NCACN-IP-TCP dns little endian alter context attempt (deleted.rules)
10801 <-> DELETED NETBIOS DCERPC NCACN-HTTP dns alter context attempt (deleted.rules)
10802 <-> DELETED NETBIOS DCERPC NCACN-IP-TCP dns bind attempt (deleted.rules)
10803 <-> DELETED NETBIOS DCERPC DIRECT-UDP dns bind attempt (deleted.rules)
10804 <-> DELETED NETBIOS DCERPC NCACN-HTTP dns little endian bind attempt (deleted.rules)
10805 <-> DELETED NETBIOS DCERPC NCADG-IP-UDP dns bind attempt (deleted.rules)
10806 <-> DELETED NETBIOS DCERPC NCADG-IP-UDP dns little endian bind attempt (deleted.rules)
10807 <-> DELETED NETBIOS DCERPC DIRECT-UDP dns little endian bind attempt (deleted.rules)
10808 <-> DELETED NETBIOS DCERPC NCACN-IP-TCP dns little endian bind attempt (deleted.rules)
10809 <-> DELETED NETBIOS DCERPC NCACN-HTTP dns bind attempt (deleted.rules)
10811 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs1 WriteAndX overflow attempt (deleted.rules)
10813 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs1 little endian overflow attempt (deleted.rules)
10814 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs1 unicode little endian overflow attempt (deleted.rules)
10816 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs1 WriteAndX unicode little endian overflow attempt (deleted.rules)
10817 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs1 unicode overflow attempt (deleted.rules)
10818 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs1 WriteAndX unicode overflow attempt (deleted.rules)
10819 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs1 WriteAndX little endian overflow attempt (deleted.rules)
10820 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs1 overflow attempt (deleted.rules)
10821 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs1 WriteAndX unicode little endian overflow attempt (deleted.rules)
10822 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs1 unicode little endian overflow attempt (deleted.rules)
10824 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 overflow attempt (deleted.rules)
10830 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 WriteAndX object call overflow attempt (deleted.rules)
10831 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 WriteAndX unicode object call overflow attempt (deleted.rules)
10832 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 unicode object call overflow attempt (deleted.rules)
10833 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 WriteAndX little endian object call overflow attempt (deleted.rules)
10834 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 little endian object call overflow attempt (deleted.rules)
10835 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 little endian object call overflow attempt (deleted.rules)
10836 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 WriteAndX object call overflow attempt (deleted.rules)
10838 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 unicode little endian object call overflow attempt (deleted.rules)
10840 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 WriteAndX unicode little endian object call overflow attempt (deleted.rules)
10841 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 unicode object call overflow attempt (deleted.rules)
10842 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 WriteAndX unicode object call overflow attempt (deleted.rules)
10843 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 WriteAndX little endian object call overflow attempt (deleted.rules)
10844 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 object call overflow attempt (deleted.rules)
10845 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 WriteAndX unicode little endian object call overflow attempt (deleted.rules)
10846 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 unicode little endian object call overflow attempt (deleted.rules)
10848 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 WriteAndX unicode overflow attempt (deleted.rules)
10849 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 unicode overflow attempt (deleted.rules)
10850 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 WriteAndX little endian overflow attempt (deleted.rules)
10852 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs1 overflow attempt (deleted.rules)
10855 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs1 WriteAndX overflow attempt (deleted.rules)
10856 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs1 WriteAndX unicode overflow attempt (deleted.rules)
10857 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs1 unicode overflow attempt (deleted.rules)
10858 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs1 WriteAndX little endian overflow attempt (deleted.rules)
10860 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 little endian overflow attempt (deleted.rules)
10861 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 little endian overflow attempt (deleted.rules)
10862 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs1 little endian overflow attempt (deleted.rules)
10863 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 WriteAndX overflow attempt (deleted.rules)
10865 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 unicode little endian overflow attempt (deleted.rules)
10867 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 WriteAndX unicode little endian overflow attempt (deleted.rules)
10868 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 unicode overflow attempt (deleted.rules)
10869 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 WriteAndX unicode overflow attempt (deleted.rules)
10870 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 WriteAndX little endian overflow attempt (deleted.rules)
10871 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 overflow attempt (deleted.rules)
10872 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 WriteAndX unicode little endian overflow attempt (deleted.rules)
10873 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 unicode little endian overflow attempt (deleted.rules)
10875 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 object call overflow attempt (deleted.rules)
10881 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 WriteAndX overflow attempt (deleted.rules)
10883 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs1 WriteAndX andx overflow attempt (deleted.rules)
10885 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs1 little endian andx overflow attempt (deleted.rules)
10886 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs1 unicode little endian andx overflow attempt (deleted.rules)
10888 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs1 WriteAndX unicode little endian andx overflow attempt (deleted.rules)
10889 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs1 unicode andx overflow attempt (deleted.rules)
10890 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs1 WriteAndX unicode andx overflow attempt (deleted.rules)
10891 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs1 WriteAndX little endian andx overflow attempt (deleted.rules)
10892 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs1 andx overflow attempt (deleted.rules)
10893 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs1 WriteAndX unicode little endian andx overflow attempt (deleted.rules)
10894 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs1 unicode little endian andx overflow attempt (deleted.rules)
10896 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 andx overflow attempt (deleted.rules)
10902 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 WriteAndX andx object call overflow attempt (deleted.rules)
10903 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 WriteAndX unicode andx object call overflow attempt (deleted.rules)
10904 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 unicode andx object call overflow attempt (deleted.rules)
10905 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 WriteAndX little endian andx object call overflow attempt (deleted.rules)
10906 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 little endian andx object call overflow attempt (deleted.rules)
10907 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 little endian andx object call overflow attempt (deleted.rules)
10908 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 WriteAndX andx object call overflow attempt (deleted.rules)
10910 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 unicode little endian andx object call overflow attempt (deleted.rules)
10912 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 WriteAndX unicode little endian andx object call overflow attempt (deleted.rules)
10913 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 unicode andx object call overflow attempt (deleted.rules)
10914 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 WriteAndX unicode andx object call overflow attempt (deleted.rules)
10915 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 WriteAndX little endian andx object call overflow attempt (deleted.rules)
10916 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 andx object call overflow attempt (deleted.rules)
10917 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 WriteAndX unicode little endian andx object call overflow attempt (deleted.rules)
10918 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 unicode little endian andx object call overflow attempt (deleted.rules)
10920 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 WriteAndX unicode andx overflow attempt (deleted.rules)
10921 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 unicode andx overflow attempt (deleted.rules)
10922 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 WriteAndX little endian andx overflow attempt (deleted.rules)
10924 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs1 andx overflow attempt (deleted.rules)
10927 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs1 WriteAndX andx overflow attempt (deleted.rules)
10928 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs1 WriteAndX unicode andx overflow attempt (deleted.rules)
10929 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs1 unicode andx overflow attempt (deleted.rules)
10930 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs1 WriteAndX little endian andx overflow attempt (deleted.rules)
10932 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 little endian andx overflow attempt (deleted.rules)
10933 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 little endian andx overflow attempt (deleted.rules)
10934 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs1 little endian andx overflow attempt (deleted.rules)
10935 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 WriteAndX andx overflow attempt (deleted.rules)
10937 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 unicode little endian andx overflow attempt (deleted.rules)
10939 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 WriteAndX unicode little endian andx overflow attempt (deleted.rules)
10940 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 unicode andx overflow attempt (deleted.rules)
10941 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 WriteAndX unicode andx overflow attempt (deleted.rules)
10942 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 WriteAndX little endian andx overflow attempt (deleted.rules)
10943 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 andx overflow attempt (deleted.rules)
10944 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 WriteAndX unicode little endian andx overflow attempt (deleted.rules)
10945 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 unicode little endian andx overflow attempt (deleted.rules)
10947 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 andx object call overflow attempt (deleted.rules)
10953 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 WriteAndX andx overflow attempt (deleted.rules)
10954 <-> DELETED NETBIOS DCERPC NCACN-IP-TCP dns R_Dnssrv funcs1 overflow attempt (deleted.rules)
10955 <-> DELETED NETBIOS DCERPC NCADG-IP-UDP dns R_Dnssrv funcs1 little endian overflow attempt (deleted.rules)
10956 <-> DELETED NETBIOS DCERPC NCADG-IP-UDP dns R_Dnssrv funcs1 overflow attempt (deleted.rules)
10957 <-> DELETED NETBIOS DCERPC NCACN-IP-TCP dns R_Dnssrv funcs1 little endian overflow attempt (deleted.rules)
10958 <-> DELETED NETBIOS DCERPC DIRECT-UDP dns R_Dnssrv funcs1 little endian overflow attempt (deleted.rules)
10959 <-> DELETED NETBIOS DCERPC NCACN-IP-TCP v4 dns R_Dnssrv funcs1 little endian overflow attempt (deleted.rules)
10960 <-> DELETED NETBIOS DCERPC DIRECT-UDP dns R_Dnssrv funcs1 overflow attempt (deleted.rules)
10961 <-> DELETED NETBIOS DCERPC DIRECT-UDP v4 dns R_Dnssrv funcs1 little endian overflow attempt (deleted.rules)
10962 <-> DELETED NETBIOS DCERPC NCACN-HTTP dns R_Dnssrv funcs1 overflow attempt (deleted.rules)
10963 <-> DELETED NETBIOS DCERPC NCACN-HTTP dns R_Dnssrv funcs1 little endian overflow attempt (deleted.rules)
10964 <-> DELETED NETBIOS DCERPC NCADG-IP-UDP v4 dns R_Dnssrv funcs1 little endian overflow attempt (deleted.rules)
10965 <-> DELETED NETBIOS DCERPC DIRECT-UDP v4 dns R_Dnssrv funcs1 overflow attempt (deleted.rules)
10966 <-> DELETED NETBIOS DCERPC NCACN-IP-TCP v4 dns R_Dnssrv funcs1 overflow attempt (deleted.rules)
10967 <-> DELETED NETBIOS DCERPC NCADG-IP-UDP v4 dns R_Dnssrv funcs1 overflow attempt (deleted.rules)
10968 <-> DELETED NETBIOS DCERPC NCACN-HTTP v4 dns R_Dnssrv funcs1 little endian overflow attempt (deleted.rules)
10969 <-> DELETED NETBIOS DCERPC NCACN-HTTP v4 dns R_Dnssrv funcs1 overflow attempt (deleted.rules)
10970 <-> DELETED NETBIOS DCERPC NCACN-IP-TCP dns R_Dnssrv funcs1 object call overflow attempt (deleted.rules)
10971 <-> DELETED NETBIOS DCERPC NCADG-IP-UDP dns R_Dnssrv funcs1 little endian object call overflow attempt (deleted.rules)
10972 <-> DELETED NETBIOS DCERPC NCADG-IP-UDP dns R_Dnssrv funcs1 object call overflow attempt (deleted.rules)
10973 <-> DELETED NETBIOS DCERPC NCACN-IP-TCP dns R_Dnssrv funcs1 little endian object call overflow attempt (deleted.rules)
10974 <-> DELETED NETBIOS DCERPC DIRECT-UDP dns R_Dnssrv funcs1 little endian object call overflow attempt (deleted.rules)
10975 <-> DELETED NETBIOS DCERPC DIRECT-UDP dns R_Dnssrv funcs1 object call overflow attempt (deleted.rules)
10976 <-> DELETED NETBIOS DCERPC NCACN-HTTP dns R_Dnssrv funcs1 object call overflow attempt (deleted.rules)
10977 <-> DELETED NETBIOS DCERPC NCACN-HTTP dns R_Dnssrv funcs1 little endian object call overflow attempt (deleted.rules)
11315 <-> DELETED BACKDOOR ykw v375 runtime detection (deleted.rules)
11622 <-> WEB-CLIENT Microsoft Office 2000 OUACTR ActiveX clsid access (web-client.rules)
11623 <-> WEB-CLIENT Microsoft Office 2000 OUACTR ActiveX clsid unicode access (web-client.rules)
11818 <-> WEB-CLIENT Yahoo Webcam Viewer Wrapper ActiveX clsid access (web-client.rules)
11819 <-> WEB-CLIENT Yahoo Webcam Viewer Wrapper ActiveX clsid unicode access (web-client.rules)
11820 <-> WEB-CLIENT Yahoo Webcam Viewer Wrapper ActiveX function call access (web-client.rules)
11821 <-> WEB-CLIENT Yahoo Webcam Viewer Wrapper ActiveX function call unicode access (web-client.rules)
11822 <-> WEB-CLIENT Yahoo Webcam Upload ActiveX clsid access (web-client.rules)
11823 <-> WEB-CLIENT Yahoo Webcam Upload ActiveX clsid unicode access (web-client.rules)
11824 <-> WEB-CLIENT Yahoo Webcam Upload ActiveX function call access (web-client.rules)
11825 <-> WEB-CLIENT Yahoo Webcam Upload ActiveX function call unicode access (web-client.rules)
11945 <-> NETBIOS SMB Trans2 OPEN2 maximum param count overflow attempt (netbios.rules)
Snort

Sourcefire VRT Rules Update

Date: 2007-06-19

Snort Links

Community

Sourcefire
