Sourcefire VRT Rules Update
Date: 2008-01-23
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2.6.
The format of the file is:
sid - Message (rule group)
New rules: 13294 <-> WEB-CLIENT Microsoft Rich TextBox ActiveX clsid access (web-client.rules) 13295 <-> WEB-CLIENT Microsoft Rich TextBox ActiveX clsid unicode access (web-client.rules) 13296 <-> WEB-CLIENT Microsoft Rich TextBox ActiveX clsid access (web-client.rules) 13297 <-> WEB-CLIENT Microsoft Rich TextBox ActiveX clsid unicode access (web-client.rules) 13298 <-> WEB-CLIENT Microsoft Rich TextBox ActiveX function call access (web-client.rules) 13299 <-> WEB-CLIENT Microsoft Rich TextBox ActiveX function call unicode access (web-client.rules) 13300 <-> WEB-CLIENT Adobe Flash Player embedded JPG image height overflow attempt (web-client.rules) 13301 <-> WEB-CLIENT Adobe Flash Player embedded JPG image width overflow attempt (web-client.rules) 13302 <-> WEB-CLIENT Apache mod_imagemap cross site scripting attempt (web-client.rules) 13303 <-> WEB-CLIENT Microsoft Visual FoxPro 2 ActiveX clsid access (web-client.rules) 13304 <-> WEB-CLIENT Microsoft Visual FoxPro 2 ActiveX clsid unicode access (web-client.rules) 13305 <-> WEB-CLIENT Microsoft Visual FoxPro 2 ActiveX function call access (web-client.rules) 13306 <-> WEB-CLIENT Microsoft Visual FoxPro 2 ActiveX function call unicode access (web-client.rules) 13309 <-> WEB-MISC Apache http server mod_proxy http request crafted date handling denial of service attempt (web-misc.rules) 13310 <-> WEB-MISC Apache http server mod_proxy http response crafted date handling denial of service attempt (web-misc.rules) 13311 <-> WEB-MISC Apache http server mod_proxy http response crafted date handling denial of service attempt (web-misc.rules) 13312 <-> WEB-CLIENT StreamAudio ProxyManager ActiveX clsid access (web-client.rules) 13313 <-> WEB-CLIENT StreamAudio ProxyManager ActiveX clsid unicode access (web-client.rules) 13314 <-> WEB-CLIENT StreamAudio ProxyManager ActiveX function call access (web-client.rules) 13315 <-> WEB-CLIENT StreamAudio ProxyManager ActiveX function call unicode access (web-client.rules) 13316 <-> WEB-CLIENT 3ivx MP4 file parsing ART buffer overflow attempt (web-client.rules) 13317 <-> WEB-CLIENT 3ivx MP4 file parsing nam buffer overflow attempt (web-client.rules) 13318 <-> WEB-CLIENT 3ivx MP4 file parsing cmt buffer overflow attempt (web-client.rules) 13319 <-> WEB-CLIENT 3ivx MP4 file parsing des buffer overflow attempt (web-client.rules) 13320 <-> WEB-CLIENT 3ivx MP4 file parsing cpy buffer overflow attempt (web-client.rules) Updated rules: 549 <-> P2P napster login (p2p.rules) 550 <-> P2P napster new user login (p2p.rules) 551 <-> P2P napster download attempt (p2p.rules) 552 <-> P2P napster upload request (p2p.rules) 556 <-> P2P Outbound GNUTella client request (p2p.rules) 557 <-> P2P GNUTella client request (p2p.rules) 561 <-> P2P Napster Client Data (p2p.rules) 562 <-> P2P Napster Client Data (p2p.rules) 563 <-> P2P Napster Client Data (p2p.rules) 564 <-> P2P Napster Client Data (p2p.rules) 565 <-> P2P Napster Server Login (p2p.rules) 569 <-> RPC snmpXdmi overflow attempt TCP (rpc.rules) 588 <-> RPC portmap ttdbserv request UDP (rpc.rules) 593 <-> RPC portmap snmpXdmi request TCP (rpc.rules) 1274 <-> RPC portmap ttdbserv request TCP (rpc.rules) 1383 <-> P2P Fastrack kazaa/morpheus GET request (p2p.rules) 1432 <-> P2P GNUTella client request (p2p.rules) 1699 <-> P2P Fastrack kazaa/morpheus traffic (p2p.rules) 1891 <-> RPC status GHBN format string attack (rpc.rules) 1912 <-> RPC sadmind TCP NETMGT_PROC_SERVICE CLIENT_DOMAIN overflow attempt (rpc.rules) 1914 <-> RPC STATD TCP stat mon_name format string exploit attempt (rpc.rules) 1916 <-> RPC STATD TCP monitor mon_name format string exploit attempt (rpc.rules) 1957 <-> RPC sadmind UDP PING (rpc.rules) 1958 <-> RPC sadmind TCP PING (rpc.rules) 1965 <-> RPC tooltalk TCP overflow attempt (rpc.rules) 2006 <-> RPC portmap kcms_server request TCP (rpc.rules) 2007 <-> RPC kcms_server directory traversal attempt (rpc.rules) 2095 <-> RPC CMSD TCP CMSD_CREATE array buffer overflow attempt (rpc.rules) 2103 <-> NETBIOS SMB Trans2 OPEN2 unicode maximum param count overflow attempt (netbios.rules) 2180 <-> P2P BitTorrent announce request (p2p.rules) 2181 <-> P2P BitTorrent transfer (p2p.rules) 2184 <-> RPC mountd TCP mount path overflow attempt (rpc.rules) 2255 <-> RPC sadmind query with root credentials attempt TCP (rpc.rules) 2350 <-> NETBIOS SMB-DS ISystemActivator alter context attempt (netbios.rules) 2351 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance unicode little endian attempt (netbios.rules) 2409 <-> POP3 APOP USER overflow attempt (pop3.rules) 2430 <-> NNTP newgroup overflow attempt (nntp.rules) 2431 <-> NNTP rmgroup overflow attempt (nntp.rules) 2491 <-> NETBIOS SMB-DS ISystemActivator WriteAndX alter context attempt (netbios.rules) 2492 <-> NETBIOS SMB-DS ISystemActivator unicode alter context attempt (netbios.rules) 2493 <-> NETBIOS SMB-DS ISystemActivator WriteAndX unicode little endian alter context attempt (netbios.rules) 2502 <-> POP3 SSLv3 invalid data version attempt (pop3.rules) 2518 <-> POP3 PCT Client_Hello overflow attempt (pop3.rules) 2535 <-> POP3 SSLv3 Client_Hello request (pop3.rules) 2536 <-> POP3 SSLv3 Server_Hello request (pop3.rules) 2537 <-> POP3 SSLv3 invalid Client_Hello attempt (pop3.rules) 2586 <-> P2P eDonkey transfer (p2p.rules) 2587 <-> P2P eDonkey server response (p2p.rules) 2599 <-> ORACLE dbms_repcat.add_grouped_column buffer overflow attempt (oracle.rules) 2601 <-> ORACLE dbms_repcat.drop_master_repgroup buffer overflow attempt (oracle.rules) 2603 <-> ORACLE dbms_repcat.create_mview_repgroup buffer overflow attempt (oracle.rules) 2605 <-> ORACLE dbms_repcat.compare_old_values buffer overflow attempt (oracle.rules) 2606 <-> ORACLE dbms_repcat.comment_on_repobject buffer overflow attempt (oracle.rules) 2608 <-> ORACLE sysdbms_repcat_rgt.check_ddl_text buffer overflow attempt (oracle.rules) 2609 <-> ORACLE dbms_repcat.cancel_statistics buffer overflow attempt (oracle.rules) 2740 <-> ORACLE dbms_repcat.alter_priority_raw buffer overflow attempt (oracle.rules) 2741 <-> ORACLE dbms_repcat.alter_priority buffer overflow attempt (oracle.rules) 2742 <-> ORACLE dbms_repcat.alter_priority_varchar2 buffer overflow attempt (oracle.rules) 2743 <-> ORACLE dbms_repcat.alter_site_priority_site buffer overflow attempt (oracle.rules) 2744 <-> ORACLE dbms_repcat.alter_site_priority buffer overflow attempt (oracle.rules) 2745 <-> ORACLE dbms_repcat.alter_snapshot_propagation buffer overflow attempt (oracle.rules) 2746 <-> ORACLE dbms_repcat_auth.revoke_surrogate_repcat buffer overflow attempt (oracle.rules) 2747 <-> ORACLE dbms_repcat.begin_flavor_definition buffer overflow attempt (oracle.rules) 2748 <-> ORACLE dbms_repcat.comment_on_column_group buffer overflow attempt (oracle.rules) 2749 <-> ORACLE dbms_repcat.comment_on_delete_resolution buffer overflow attempt (oracle.rules) 2770 <-> ORACLE dbms_repcat.drop_object_from_flavor buffer overflow attempt (oracle.rules) 2771 <-> ORACLE dbms_repcat.drop_priority_char buffer overflow attempt (oracle.rules) 2772 <-> ORACLE dbms_repcat.drop_priority_date buffer overflow attempt (oracle.rules) 2773 <-> ORACLE dbms_repcat.drop_priority_nchar buffer overflow attempt (oracle.rules) 2774 <-> ORACLE dbms_repcat.drop_priority_number buffer overflow attempt (oracle.rules) 2775 <-> ORACLE dbms_repcat.drop_priority_nvarchar2 buffer overflow attempt (oracle.rules) 2776 <-> ORACLE dbms_repcat.drop_priority_raw buffer overflow attempt (oracle.rules) 2777 <-> ORACLE dbms_repcat.drop_priority buffer overflow attempt (oracle.rules) 2778 <-> ORACLE dbms_repcat.drop_priority_varchar2 buffer overflow attempt (oracle.rules) 2779 <-> ORACLE dbms_repcat.drop_site_priority_site buffer overflow attempt (oracle.rules) 3156 <-> NETBIOS DCERPC DIRECT msqueue alter context attempt (netbios.rules) 3157 <-> NETBIOS DCERPC NCACN-IP-TCP msqueue little endian bind attempt (netbios.rules) 3158 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile WriteAndX little endian object call attempt (netbios.rules) 3159 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile WriteAndX object call attempt (netbios.rules) 3160 <-> NETBIOS DCERPC NCACN-IP-TCP msqueue alter context attempt (netbios.rules) 3161 <-> NETBIOS DCERPC DIRECT msqueue little endian alter context attempt (netbios.rules) 3162 <-> NETBIOS DCERPC DIRECT msqueue little endian bind attempt (netbios.rules) 3163 <-> NETBIOS DCERPC NCACN-IP-TCP msqueue little endian alter context attempt (netbios.rules) 3164 <-> NETBIOS DCERPC DIRECT msqueue bind attempt (netbios.rules) 3165 <-> NETBIOS DCERPC NCACN-IP-TCP msqueue bind attempt (netbios.rules) 3166 <-> NETBIOS DCERPC NCACN-IP-TCP v4 msqueue function 4 overflow attempt (netbios.rules) 3167 <-> NETBIOS DCERPC DIRECT msqueue function 4 object call overflow attempt (netbios.rules) 3168 <-> NETBIOS DCERPC NCACN-IP-TCP msqueue function 4 little endian overflow attempt (netbios.rules) 3169 <-> NETBIOS DCERPC NCACN-IP-TCP msqueue function 4 overflow attempt (netbios.rules) 3170 <-> NETBIOS DCERPC NCACN-IP-TCP msqueue function 4 little endian object call overflow attempt (netbios.rules) 3171 <-> NETBIOS DCERPC DIRECT v4 msqueue function 4 overflow attempt (netbios.rules) 3172 <-> NETBIOS DCERPC DIRECT msqueue function 4 little endian object call overflow attempt (netbios.rules) 3173 <-> NETBIOS DCERPC DIRECT v4 msqueue function 4 little endian overflow attempt (netbios.rules) 3174 <-> NETBIOS DCERPC DIRECT msqueue function 4 overflow attempt (netbios.rules) 3175 <-> NETBIOS DCERPC DIRECT msqueue function 4 little endian overflow attempt (netbios.rules) 3176 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile object call attempt (netbios.rules) 3177 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile unicode little endian object call attempt (netbios.rules) 3178 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile WriteAndX unicode little endian object call attempt (netbios.rules) 3179 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile unicode little endian object call attempt (netbios.rules) 3180 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile little endian object call attempt (netbios.rules) 3181 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile WriteAndX little endian object call attempt (netbios.rules) 3184 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile unicode attempt (netbios.rules) 3185 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile little endian attempt (netbios.rules) 3187 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile WriteAndX unicode object call attempt (netbios.rules) 3188 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile WriteAndX object call attempt (netbios.rules) 3189 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile unicode object call attempt (netbios.rules) 3190 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile unicode object call attempt (netbios.rules) 3191 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile object call attempt (netbios.rules) 3197 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance little endian attempt (netbios.rules) 3198 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance WriteAndX little endian attempt (netbios.rules) 3379 <-> NETBIOS SMB-DS IActivation alter context attempt (netbios.rules) 3380 <-> NETBIOS SMB-DS IActivation WriteAndX alter context attempt (netbios.rules) 3381 <-> NETBIOS SMB-DS IActivation unicode alter context attempt (netbios.rules) 3382 <-> NETBIOS SMB-DS IActivation WriteAndX unicode little endian alter context attempt (netbios.rules) 3386 <-> NETBIOS SMB-DS IActivation WriteAndX unicode little endian bind attempt (netbios.rules) 3391 <-> NETBIOS SMB-DS IActivation little endian bind attempt (netbios.rules) 3392 <-> NETBIOS SMB-DS IActivation WriteAndX little endian bind attempt (netbios.rules) 3396 <-> NETBIOS SMB-DS ISystemActivator little endian alter context attempt (netbios.rules) 3397 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance attempt (netbios.rules) 3398 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance WriteAndX little endian object call attempt (netbios.rules) 3399 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance unicode object call attempt (netbios.rules) 3400 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance WriteAndX unicode object call attempt (netbios.rules) 3401 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance WriteAndX object call attempt (netbios.rules) 3402 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance WriteAndX unicode little endian object call attempt (netbios.rules) 3403 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance little endian object call attempt (netbios.rules) 3404 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance WriteAndX unicode little endian object call attempt (netbios.rules) 3405 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance WriteAndX object call attempt (netbios.rules) 3406 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance object call attempt (netbios.rules) 3407 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance WriteAndX unicode attempt (netbios.rules) 3408 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance unicode little endian attempt (netbios.rules) 3415 <-> NETBIOS SMB-DS IActivation remoteactivation unicode little endian overflow attempt (netbios.rules) 3419 <-> NETBIOS SMB-DS IActivation remoteactivation WriteAndX little endian overflow attempt (netbios.rules) 3425 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile WriteAndX unicode little endian object call attempt (netbios.rules) 3426 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile WriteAndX unicode attempt (netbios.rules) 3428 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile little endian attempt (netbios.rules) 3499 <-> POP3 SSLv2 Client_Hello request (pop3.rules) 3500 <-> POP3 SSLv2 Client_Hello with pad request (pop3.rules) 3501 <-> POP3 TLSv1 Client_Hello request (pop3.rules) 3502 <-> POP3 TLSv1 Client_Hello via SSLv2 handshake request (pop3.rules) 3503 <-> POP3 SSLv2 Server_Hello request (pop3.rules) 3504 <-> POP3 TLSv1 Server_Hello request (pop3.rules) 3526 <-> ORACLE XDB FTP UNLOCK overflow attempt (oracle.rules) 3680 <-> P2P AOL Instant Messenger file send attempt (p2p.rules) 3681 <-> P2P AOL Instant Messenger file receive attempt (p2p.rules) 5692 <-> P2P Skype client successful install (p2p.rules) 5693 <-> P2P Skype client start up get latest version attempt (p2p.rules) 5694 <-> P2P Skype client setup get newest version attempt (p2p.rules) 5742 <-> SPYWARE-PUT Keylogger activitylogger runtime detection (spyware-put.rules) 5743 <-> SPYWARE-PUT Hijacker actualnames runtime detection - plugin list (spyware-put.rules) 5744 <-> SPYWARE-PUT Hijacker actualnames runtime detection - online.php request (spyware-put.rules) 5745 <-> SPYWARE-PUT Hijacker adultlinks runtime detection - redirect (spyware-put.rules) 5746 <-> SPYWARE-PUT Hijacker adultlinks runtime detection - load url (spyware-put.rules) 5747 <-> SPYWARE-PUT Hijacker adultlinks runtime detection - log hits (spyware-put.rules) 5748 <-> SPYWARE-PUT Hijacker adultlinks runtime detection - ads (spyware-put.rules) 5749 <-> SPYWARE-PUT Trackware alexa runtime detection (spyware-put.rules) 5750 <-> SPYWARE-PUT Adware dogpile runtime detection (spyware-put.rules) 5751 <-> SPYWARE-PUT Adware exactsearch runtime detection - switch search engine 1 (spyware-put.rules) 5752 <-> SPYWARE-PUT Adware exactsearch runtime detection - switch search engine 2 (spyware-put.rules) 5753 <-> SPYWARE-PUT Adware exactsearch runtime detection - topsearches (spyware-put.rules) 5754 <-> SPYWARE-PUT Hijacker ezcybersearch runtime detection - ie auto search hijack (spyware-put.rules) 5755 <-> SPYWARE-PUT Hijacker ezcybersearch runtime detection - check update (spyware-put.rules) 5756 <-> SPYWARE-PUT Hijacker ezcybersearch runtime detection - add coolsites to ie favorites (spyware-put.rules) 5757 <-> SPYWARE-PUT Hijacker ezcybersearch runtime detection - check toolbar setting (spyware-put.rules) 5758 <-> SPYWARE-PUT Hijacker ezcybersearch runtime detection - download fastclick pop-under code (spyware-put.rules) 5759 <-> SPYWARE-PUT Keylogger fearlesskeyspy runtime detection (spyware-put.rules) 5760 <-> SPYWARE-PUT Hijacker marketscore runtime detection (spyware-put.rules) 5761 <-> SPYWARE-PUT Trickler bearshare runtime detection - ads popup (spyware-put.rules) 5762 <-> SPYWARE-PUT Trickler bearshare runtime detection - p2p information request (spyware-put.rules) 5763 <-> SPYWARE-PUT Trickler bearshare runtime detection - chat request (spyware-put.rules) 5764 <-> SPYWARE-PUT Hijacker begin2search runtime detection - fcgi query (spyware-put.rules) 5765 <-> SPYWARE-PUT Hijacker begin2search runtime detection - ico query (spyware-put.rules) 5766 <-> SPYWARE-PUT Hijacker begin2search runtime detection - install spyware trafficsector (spyware-put.rules) 5767 <-> SPYWARE-PUT Hijacker begin2search runtime detection - download unauthorized code (spyware-put.rules) 5768 <-> SPYWARE-PUT Hijacker begin2search runtime detection - pass information (spyware-put.rules) 5769 <-> SPYWARE-PUT Hijacker begin2search runtime detection - play bingo ads (spyware-put.rules) 5770 <-> SPYWARE-PUT Snoopware casinoonnet runtime detection (spyware-put.rules) 5771 <-> SPYWARE-PUT Screen-Scraper farsighter runtime detection - initial connection (spyware-put.rules) 5772 <-> SPYWARE-PUT Screen-Scraper farsighter runtime detection - initial connection (spyware-put.rules) 5773 <-> SPYWARE-PUT Adware forbes runtime detection (spyware-put.rules) 5774 <-> SPYWARE-PUT Hijacker freescratch runtime detection - get card (spyware-put.rules) 5775 <-> SPYWARE-PUT Hijacker freescratch runtime detection - scratch card (spyware-put.rules) 5776 <-> SPYWARE-PUT Trickler grokster runtime detection (spyware-put.rules) 5777 <-> SPYWARE-PUT Keylogger gurl watcher runtime detection (spyware-put.rules) 5778 <-> SPYWARE-PUT Keylogger runtime detection - hwpe windows activity logs (spyware-put.rules) 5779 <-> SPYWARE-PUT Keylogger runtime detection - hwpe shell file logs (spyware-put.rules) 5780 <-> SPYWARE-PUT Keylogger runtime detection - hwpe word filtered echelon log (spyware-put.rules) 5781 <-> SPYWARE-PUT Keylogger runtime detection - hwae windows activity logs (spyware-put.rules) 5998 <-> P2P Skype client login startup (p2p.rules) 5999 <-> P2P Skype client login (p2p.rules) 8161 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX hostname overflow attempt (netbios.rules) 8173 <-> NETBIOS SMB webdav DavrCreateConnection hostname overflow attempt (netbios.rules) 8175 <-> NETBIOS SMB-DS webdav DavrCreateConnection unicode hostname overflow attempt (netbios.rules) 8176 <-> NETBIOS SMB webdav DavrCreateConnection unicode little endian hostname overflow attempt (netbios.rules) 8177 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX unicode little endian hostname overflow attempt (netbios.rules) 8178 <-> NETBIOS SMB-DS webdav DavrCreateConnection unicode little endian hostname overflow attempt (netbios.rules) 8179 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX hostname overflow attempt (netbios.rules) 8180 <-> NETBIOS SMB-DS webdav DavrCreateConnection hostname overflow attempt (netbios.rules) 8181 <-> NETBIOS SMB-DS webdav DavrCreateConnection little endian hostname overflow attempt (netbios.rules) 8182 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX unicode hostname overflow attempt (netbios.rules) 8183 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX unicode little endian hostname overflow attempt (netbios.rules) 8184 <-> NETBIOS SMB webdav DavrCreateConnection unicode hostname overflow attempt (netbios.rules) 8185 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX unicode hostname overflow attempt (netbios.rules) 8186 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX little endian hostname overflow attempt (netbios.rules) 8187 <-> NETBIOS SMB webdav DavrCreateConnection little endian hostname overflow attempt (netbios.rules) 8188 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX little endian hostname overflow attempt (netbios.rules) 8189 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX object call hostname overflow attempt (netbios.rules) 8190 <-> NETBIOS SMB webdav DavrCreateConnection object call hostname overflow attempt (netbios.rules) 8191 <-> NETBIOS SMB-DS webdav DavrCreateConnection unicode object call hostname overflow attempt (netbios.rules) 8192 <-> NETBIOS SMB webdav DavrCreateConnection unicode little endian object call hostname overflow attempt (netbios.rules) 8193 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX unicode little endian object call hostname overflow attempt (netbios.rules) 8194 <-> NETBIOS SMB-DS webdav DavrCreateConnection unicode little endian object call hostname overflow attempt (netbios.rules) 8195 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX object call hostname overflow attempt (netbios.rules) 8196 <-> NETBIOS SMB-DS webdav DavrCreateConnection object call hostname overflow attempt (netbios.rules) 8197 <-> NETBIOS SMB-DS webdav DavrCreateConnection little endian object call hostname overflow attempt (netbios.rules) 8198 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX unicode object call hostname overflow attempt (netbios.rules) 8199 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX unicode little endian object call hostname overflow attempt (netbios.rules) 8200 <-> NETBIOS SMB webdav DavrCreateConnection unicode object call hostname overflow attempt (netbios.rules) 8201 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX unicode object call hostname overflow attempt (netbios.rules) 8202 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX little endian object call hostname overflow attempt (netbios.rules) 8203 <-> NETBIOS SMB webdav DavrCreateConnection little endian object call hostname overflow attempt (netbios.rules) 8204 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX little endian object call hostname overflow attempt (netbios.rules) 8209 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX andx hostname overflow attempt (netbios.rules) 8221 <-> NETBIOS SMB webdav DavrCreateConnection andx hostname overflow attempt (netbios.rules) 8223 <-> NETBIOS SMB-DS webdav DavrCreateConnection unicode andx hostname overflow attempt (netbios.rules) 8224 <-> NETBIOS SMB webdav DavrCreateConnection unicode little endian andx hostname overflow attempt (netbios.rules) 8225 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX unicode little endian andx hostname overflow attempt (netbios.rules) 8226 <-> NETBIOS SMB-DS webdav DavrCreateConnection unicode little endian andx hostname overflow attempt (netbios.rules) 8228 <-> NETBIOS SMB-DS webdav DavrCreateConnection andx hostname overflow attempt (netbios.rules) 8229 <-> NETBIOS SMB-DS webdav DavrCreateConnection little endian andx hostname overflow attempt (netbios.rules) 8230 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX unicode andx hostname overflow attempt (netbios.rules) 8231 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX unicode little endian andx hostname overflow attempt (netbios.rules) 8232 <-> NETBIOS SMB webdav DavrCreateConnection unicode andx hostname overflow attempt (netbios.rules) 8233 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX unicode andx hostname overflow attempt (netbios.rules) 8234 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX little endian andx hostname overflow attempt (netbios.rules) 8235 <-> NETBIOS SMB webdav DavrCreateConnection little endian andx hostname overflow attempt (netbios.rules) 8236 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX little endian andx hostname overflow attempt (netbios.rules) 8237 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX andx object call hostname overflow attempt (netbios.rules) 8238 <-> NETBIOS SMB webdav DavrCreateConnection andx object call hostname overflow attempt (netbios.rules) 8239 <-> NETBIOS SMB-DS webdav DavrCreateConnection unicode andx object call hostname overflow attempt (netbios.rules) 8240 <-> NETBIOS SMB webdav DavrCreateConnection unicode little endian andx object call hostname overflow attempt (netbios.rules) 8241 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX unicode little endian andx object call hostname overflow attempt (netbios.rules) 8242 <-> NETBIOS SMB-DS webdav DavrCreateConnection unicode little endian andx object call hostname overflow attempt (netbios.rules) 8244 <-> NETBIOS SMB-DS webdav DavrCreateConnection andx object call hostname overflow attempt (netbios.rules) 8245 <-> NETBIOS SMB-DS webdav DavrCreateConnection little endian andx object call hostname overflow attempt (netbios.rules) 8246 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX unicode andx object call hostname overflow attempt (netbios.rules) 8247 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX unicode little endian andx object call hostname overflow attempt (netbios.rules) 8248 <-> NETBIOS SMB webdav DavrCreateConnection unicode andx object call hostname overflow attempt (netbios.rules) 8249 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX unicode andx object call hostname overflow attempt (netbios.rules) 8250 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX little endian andx object call hostname overflow attempt (netbios.rules) 8251 <-> NETBIOS SMB webdav DavrCreateConnection little endian andx object call hostname overflow attempt (netbios.rules) 8252 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX little endian andx object call hostname overflow attempt (netbios.rules) 8253 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX little endian object call username overflow attempt (netbios.rules) 8254 <-> NETBIOS SMB-DS webdav DavrCreateConnection unicode little endian object call username overflow attempt (netbios.rules) 8255 <-> NETBIOS SMB webdav DavrCreateConnection object call username overflow attempt (netbios.rules) 8256 <-> NETBIOS SMB-DS webdav DavrCreateConnection little endian object call username overflow attempt (netbios.rules) 8257 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX object call username overflow attempt (netbios.rules) 8258 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX object call username overflow attempt (netbios.rules) 8259 <-> NETBIOS SMB-DS webdav DavrCreateConnection object call username overflow attempt (netbios.rules) 8260 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX unicode little endian object call username overflow attempt (netbios.rules) 8261 <-> NETBIOS SMB webdav DavrCreateConnection unicode little endian object call username overflow attempt (netbios.rules) 8262 <-> NETBIOS SMB webdav DavrCreateConnection little endian object call username overflow attempt (netbios.rules) 8263 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX unicode object call username overflow attempt (netbios.rules) 8264 <-> NETBIOS SMB webdav DavrCreateConnection unicode object call username overflow attempt (netbios.rules) 8265 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX unicode object call username overflow attempt (netbios.rules) 8270 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX unicode username overflow attempt (netbios.rules) 8271 <-> NETBIOS SMB webdav DavrCreateConnection username overflow attempt (netbios.rules) 8272 <-> NETBIOS SMB-DS webdav DavrCreateConnection unicode object call username overflow attempt (netbios.rules) 8285 <-> NETBIOS SMB-DS webdav DavrCreateConnection unicode username overflow attempt (netbios.rules) 8286 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX unicode little endian username overflow attempt (netbios.rules) 8287 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX little endian username overflow attempt (netbios.rules) 8288 <-> NETBIOS SMB webdav DavrCreateConnection unicode username overflow attempt (netbios.rules) 8289 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX unicode username overflow attempt (netbios.rules) 8290 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX username overflow attempt (netbios.rules) 8291 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX username overflow attempt (netbios.rules) 8292 <-> NETBIOS SMB-DS webdav DavrCreateConnection username overflow attempt (netbios.rules) 8293 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX unicode little endian username overflow attempt (netbios.rules) 8294 <-> NETBIOS SMB webdav DavrCreateConnection little endian username overflow attempt (netbios.rules) 8295 <-> NETBIOS SMB webdav DavrCreateConnection unicode little endian username overflow attempt (netbios.rules) 8296 <-> NETBIOS SMB-DS webdav DavrCreateConnection unicode little endian username overflow attempt (netbios.rules) 8297 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX little endian username overflow attempt (netbios.rules) 8298 <-> NETBIOS SMB-DS webdav DavrCreateConnection little endian username overflow attempt (netbios.rules) 8299 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX little endian object call username overflow attempt (netbios.rules) 8300 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX unicode little endian object call username overflow attempt (netbios.rules) 8301 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX little endian andx object call username overflow attempt (netbios.rules) 8302 <-> NETBIOS SMB-DS webdav DavrCreateConnection unicode little endian andx object call username overflow attempt (netbios.rules) 8303 <-> NETBIOS SMB webdav DavrCreateConnection andx object call username overflow attempt (netbios.rules) 8304 <-> NETBIOS SMB-DS webdav DavrCreateConnection little endian andx object call username overflow attempt (netbios.rules) 8305 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX andx object call username overflow attempt (netbios.rules) 8306 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX andx object call username overflow attempt (netbios.rules) 8307 <-> NETBIOS SMB-DS webdav DavrCreateConnection andx object call username overflow attempt (netbios.rules) 8308 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX unicode little endian andx object call username overflow attempt (netbios.rules) 8309 <-> NETBIOS SMB webdav DavrCreateConnection unicode little endian andx object call username overflow attempt (netbios.rules) 8310 <-> NETBIOS SMB webdav DavrCreateConnection little endian andx object call username overflow attempt (netbios.rules) 8311 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX unicode andx object call username overflow attempt (netbios.rules) 8312 <-> NETBIOS SMB webdav DavrCreateConnection unicode andx object call username overflow attempt (netbios.rules) 8313 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX unicode andx object call username overflow attempt (netbios.rules) 8318 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX unicode andx username overflow attempt (netbios.rules) 8319 <-> NETBIOS SMB webdav DavrCreateConnection andx username overflow attempt (netbios.rules) 8320 <-> NETBIOS SMB-DS webdav DavrCreateConnection unicode andx object call username overflow attempt (netbios.rules) 8333 <-> NETBIOS SMB-DS webdav DavrCreateConnection unicode andx username overflow attempt (netbios.rules) 8334 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX unicode little endian andx username overflow attempt (netbios.rules) 8335 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX little endian andx username overflow attempt (netbios.rules) 8336 <-> NETBIOS SMB webdav DavrCreateConnection unicode andx username overflow attempt (netbios.rules) 8337 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX unicode andx username overflow attempt (netbios.rules) 8338 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX andx username overflow attempt (netbios.rules) 8339 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX andx username overflow attempt (netbios.rules) 8340 <-> NETBIOS SMB-DS webdav DavrCreateConnection andx username overflow attempt (netbios.rules) 8341 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX unicode little endian andx username overflow attempt (netbios.rules) 8342 <-> NETBIOS SMB webdav DavrCreateConnection little endian andx username overflow attempt (netbios.rules) 8343 <-> NETBIOS SMB webdav DavrCreateConnection unicode little endian andx username overflow attempt (netbios.rules) 8344 <-> NETBIOS SMB-DS webdav DavrCreateConnection unicode little endian andx username overflow attempt (netbios.rules) 8345 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX little endian andx username overflow attempt (netbios.rules) 8346 <-> NETBIOS SMB-DS webdav DavrCreateConnection little endian andx username overflow attempt (netbios.rules) 8347 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX little endian andx object call username overflow attempt (netbios.rules) 8348 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX unicode little endian andx object call username overflow attempt (netbios.rules) 8429 <-> POP3 SSLv2 openssl get shared ciphers overflow attempt (pop3.rules) 8430 <-> POP3 SSLv3 openssl get shared ciphers overflow attempt (pop3.rules) 8431 <-> POP3 SSLv2 openssl get shared ciphers overflow attempt (pop3.rules) 8552 <-> NETBIOS SMB-DS IActivation unicode little endian bind attempt (netbios.rules) 8553 <-> NETBIOS SMB-DS IActivation WriteAndX unicode bind attempt (netbios.rules) 8556 <-> NETBIOS SMB-DS IActivation little endian alter context attempt (netbios.rules) 8557 <-> NETBIOS SMB-DS IActivation WriteAndX little endian alter context attempt (netbios.rules) 8558 <-> NETBIOS SMB-DS IActivation unicode little endian alter context attempt (netbios.rules) 8559 <-> NETBIOS SMB-DS IActivation WriteAndX unicode alter context attempt (netbios.rules) 8564 <-> NETBIOS SMB-DS IActivation bind attempt (netbios.rules) 8565 <-> NETBIOS SMB-DS IActivation WriteAndX bind attempt (netbios.rules) 8566 <-> NETBIOS SMB-DS IActivation unicode bind attempt (netbios.rules) 8570 <-> NETBIOS SMB-DS IActivation andx alter context attempt (netbios.rules) 8571 <-> NETBIOS SMB-DS IActivation WriteAndX andx alter context attempt (netbios.rules) 8572 <-> NETBIOS SMB-DS IActivation unicode andx alter context attempt (netbios.rules) 8573 <-> NETBIOS SMB-DS IActivation WriteAndX unicode little endian andx alter context attempt (netbios.rules) 8577 <-> NETBIOS SMB-DS IActivation WriteAndX unicode little endian andx bind attempt (netbios.rules) 8582 <-> NETBIOS SMB-DS IActivation little endian andx bind attempt (netbios.rules) 8583 <-> NETBIOS SMB-DS IActivation WriteAndX little endian andx bind attempt (netbios.rules) 8584 <-> NETBIOS SMB-DS IActivation unicode little endian andx bind attempt (netbios.rules) 8585 <-> NETBIOS SMB-DS IActivation WriteAndX unicode andx bind attempt (netbios.rules) 8588 <-> NETBIOS SMB-DS IActivation little endian andx alter context attempt (netbios.rules) 8589 <-> NETBIOS SMB-DS IActivation WriteAndX little endian andx alter context attempt (netbios.rules) 8590 <-> NETBIOS SMB-DS IActivation unicode little endian andx alter context attempt (netbios.rules) 8591 <-> NETBIOS SMB-DS IActivation WriteAndX unicode andx alter context attempt (netbios.rules) 8596 <-> NETBIOS SMB-DS IActivation andx bind attempt (netbios.rules) 8597 <-> NETBIOS SMB-DS IActivation WriteAndX andx bind attempt (netbios.rules) 8598 <-> NETBIOS SMB-DS IActivation unicode andx bind attempt (netbios.rules) 8601 <-> NETBIOS DCERPC NCACN-IP-TCP IActivation alter context attempt (netbios.rules) 8603 <-> NETBIOS DCERPC NCACN-IP-TCP IActivation little endian alter context attempt (netbios.rules) 8605 <-> NETBIOS DCERPC NCACN-IP-TCP IActivation bind attempt (netbios.rules) 8607 <-> NETBIOS DCERPC NCACN-IP-TCP IActivation little endian bind attempt (netbios.rules) 8610 <-> NETBIOS SMB-DS IActivation remoteactivation unicode overflow attempt (netbios.rules) 8611 <-> NETBIOS SMB-DS IActivation remoteactivation little endian overflow attempt (netbios.rules) 8612 <-> NETBIOS SMB-DS IActivation remoteactivation WriteAndX unicode little endian overflow attempt (netbios.rules) 8616 <-> NETBIOS SMB-DS IActivation remoteactivation WriteAndX unicode overflow attempt (netbios.rules) 8617 <-> NETBIOS SMB-DS IActivation remoteactivation overflow attempt (netbios.rules) 8618 <-> NETBIOS SMB-DS IActivation remoteactivation WriteAndX overflow attempt (netbios.rules) 8621 <-> NETBIOS SMB-DS IActivation remoteactivation unicode little endian object call overflow attempt (netbios.rules) 8622 <-> NETBIOS SMB-DS IActivation remoteactivation WriteAndX little endian object call overflow attempt (netbios.rules) 8626 <-> NETBIOS SMB-DS IActivation remoteactivation unicode object call overflow attempt (netbios.rules) 8627 <-> NETBIOS SMB-DS IActivation remoteactivation little endian object call overflow attempt (netbios.rules) 8628 <-> NETBIOS SMB-DS IActivation remoteactivation WriteAndX unicode little endian object call overflow attempt (netbios.rules) 8632 <-> NETBIOS SMB-DS IActivation remoteactivation WriteAndX unicode object call overflow attempt (netbios.rules) 8633 <-> NETBIOS SMB-DS IActivation remoteactivation object call overflow attempt (netbios.rules) 8634 <-> NETBIOS SMB-DS IActivation remoteactivation WriteAndX object call overflow attempt (netbios.rules) 8646 <-> NETBIOS SMB-DS IActivation remoteactivation unicode little endian andx overflow attempt (netbios.rules) 8650 <-> NETBIOS SMB-DS IActivation remoteactivation WriteAndX little endian andx overflow attempt (netbios.rules) 8658 <-> NETBIOS SMB-DS IActivation remoteactivation unicode andx overflow attempt (netbios.rules) 8659 <-> NETBIOS SMB-DS IActivation remoteactivation little endian andx overflow attempt (netbios.rules) 8660 <-> NETBIOS SMB-DS IActivation remoteactivation WriteAndX unicode little endian andx overflow attempt (netbios.rules) 8664 <-> NETBIOS SMB-DS IActivation remoteactivation WriteAndX unicode andx overflow attempt (netbios.rules) 8665 <-> NETBIOS SMB-DS IActivation remoteactivation andx overflow attempt (netbios.rules) 8666 <-> NETBIOS SMB-DS IActivation remoteactivation WriteAndX andx overflow attempt (netbios.rules) 8669 <-> NETBIOS SMB-DS IActivation remoteactivation unicode little endian andx object call overflow attempt (netbios.rules) 8670 <-> NETBIOS SMB-DS IActivation remoteactivation WriteAndX little endian andx object call overflow attempt (netbios.rules) 8674 <-> NETBIOS SMB-DS IActivation remoteactivation unicode andx object call overflow attempt (netbios.rules) 8675 <-> NETBIOS SMB-DS IActivation remoteactivation little endian andx object call overflow attempt (netbios.rules) 8676 <-> NETBIOS SMB-DS IActivation remoteactivation WriteAndX unicode little endian andx object call overflow attempt (netbios.rules) 8680 <-> NETBIOS SMB-DS IActivation remoteactivation WriteAndX unicode andx object call overflow attempt (netbios.rules) 8681 <-> NETBIOS SMB-DS IActivation remoteactivation andx object call overflow attempt (netbios.rules) 8682 <-> NETBIOS SMB-DS IActivation remoteactivation WriteAndX andx object call overflow attempt (netbios.rules) 8690 <-> NETBIOS DCERPC NCACN-IP-TCP IActivation remoteactivation little endian overflow attempt (netbios.rules) 8692 <-> NETBIOS DCERPC NCACN-IP-TCP v4 IActivation remoteactivation overflow attempt (netbios.rules) 8694 <-> NETBIOS DCERPC NCACN-IP-TCP IActivation remoteactivation overflow attempt (netbios.rules) 8695 <-> NETBIOS DCERPC NCACN-IP-TCP v4 IActivation remoteactivation little endian overflow attempt (netbios.rules) 8697 <-> NETBIOS DCERPC NCACN-IP-TCP IActivation remoteactivation little endian object call overflow attempt (netbios.rules) 8699 <-> NETBIOS DCERPC NCACN-IP-TCP IActivation remoteactivation object call overflow attempt (netbios.rules) 8859 <-> NETBIOS SMB-DS wkssvc WriteAndX alter context attempt (netbios.rules) 8860 <-> NETBIOS SMB-DS wkssvc unicode alter context attempt (netbios.rules) 8861 <-> NETBIOS SMB-DS wkssvc WriteAndX unicode alter context attempt (netbios.rules) 8862 <-> NETBIOS SMB-DS wkssvc alter context attempt (netbios.rules) 8865 <-> NETBIOS SMB-DS wkssvc WriteAndX unicode bind attempt (netbios.rules) 8866 <-> NETBIOS SMB-DS wkssvc bind attempt (netbios.rules) 8871 <-> NETBIOS SMB-DS wkssvc WriteAndX little endian bind attempt (netbios.rules) 8873 <-> NETBIOS SMB-DS wkssvc unicode little endian bind attempt (netbios.rules) 8874 <-> NETBIOS SMB-DS wkssvc WriteAndX unicode little endian bind attempt (netbios.rules) 8875 <-> NETBIOS SMB-DS wkssvc little endian bind attempt (netbios.rules) 8879 <-> NETBIOS SMB-DS wkssvc WriteAndX little endian alter context attempt (netbios.rules) 8881 <-> NETBIOS SMB-DS wkssvc unicode little endian alter context attempt (netbios.rules) 8882 <-> NETBIOS SMB-DS wkssvc WriteAndX unicode little endian alter context attempt (netbios.rules) 8883 <-> NETBIOS SMB-DS wkssvc little endian alter context attempt (netbios.rules) 8887 <-> NETBIOS SMB-DS wkssvc WriteAndX bind attempt (netbios.rules) 8888 <-> NETBIOS SMB-DS wkssvc unicode bind attempt (netbios.rules) 8891 <-> NETBIOS SMB-DS wkssvc WriteAndX andx alter context attempt (netbios.rules) 8892 <-> NETBIOS SMB-DS wkssvc unicode andx alter context attempt (netbios.rules) 8893 <-> NETBIOS SMB-DS wkssvc WriteAndX unicode andx alter context attempt (netbios.rules) 8894 <-> NETBIOS SMB-DS wkssvc andx alter context attempt (netbios.rules) 8897 <-> NETBIOS SMB-DS wkssvc WriteAndX unicode andx bind attempt (netbios.rules) 8898 <-> NETBIOS SMB-DS wkssvc andx bind attempt (netbios.rules) 8903 <-> NETBIOS SMB-DS wkssvc WriteAndX little endian andx bind attempt (netbios.rules) 8905 <-> NETBIOS SMB-DS wkssvc unicode little endian andx bind attempt (netbios.rules) 8906 <-> NETBIOS SMB-DS wkssvc WriteAndX unicode little endian andx bind attempt (netbios.rules) 8907 <-> NETBIOS SMB-DS wkssvc little endian andx bind attempt (netbios.rules) 8911 <-> NETBIOS SMB-DS wkssvc WriteAndX little endian andx alter context attempt (netbios.rules) 8913 <-> NETBIOS SMB-DS wkssvc unicode little endian andx alter context attempt (netbios.rules) 8914 <-> NETBIOS SMB-DS wkssvc WriteAndX unicode little endian andx alter context attempt (netbios.rules) 8915 <-> NETBIOS SMB-DS wkssvc little endian andx alter context attempt (netbios.rules) 8919 <-> NETBIOS SMB-DS wkssvc WriteAndX andx bind attempt (netbios.rules) 8920 <-> NETBIOS SMB-DS wkssvc unicode andx bind attempt (netbios.rules) 8926 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName overflow attempt (netbios.rules) 8938 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName unicode overflow attempt (netbios.rules) 8941 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName little endian overflow attempt (netbios.rules) 8942 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName unicode overflow attempt (netbios.rules) 8943 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName WriteAndX unicode overflow attempt (netbios.rules) 8944 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName WriteAndX overflow attempt (netbios.rules) 8945 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName WriteAndX unicode overflow attempt (netbios.rules) 8946 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName WriteAndX overflow attempt (netbios.rules) 8947 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName overflow attempt (netbios.rules) 8949 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName WriteAndX little endian object call overflow attempt (netbios.rules) 8950 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName WriteAndX little endian object call overflow attempt (netbios.rules) 8951 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName little endian object call overflow attempt (netbios.rules) 8952 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName WriteAndX unicode little endian object call overflow attempt (netbios.rules) 8953 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName unicode object call overflow attempt (netbios.rules) 8954 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName little endian object call overflow attempt (netbios.rules) 8955 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName unicode object call overflow attempt (netbios.rules) 8956 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName WriteAndX unicode object call overflow attempt (netbios.rules) 8957 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName WriteAndX object call overflow attempt (netbios.rules) 8958 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName WriteAndX unicode object call overflow attempt (netbios.rules) 8959 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName WriteAndX object call overflow attempt (netbios.rules) 8960 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName object call overflow attempt (netbios.rules) 8961 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName unicode little endian object call overflow attempt (netbios.rules) 8962 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName WriteAndX unicode little endian object call overflow attempt (netbios.rules) 8963 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName unicode little endian object call overflow attempt (netbios.rules) 8964 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName unicode little endian overflow attempt (netbios.rules) 8965 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName WriteAndX unicode little endian overflow attempt (netbios.rules) 8966 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName unicode little endian overflow attempt (netbios.rules) 8967 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName object call overflow attempt (netbios.rules) 8969 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName WriteAndX little endian overflow attempt (netbios.rules) 8970 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName WriteAndX little endian overflow attempt (netbios.rules) 8971 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName little endian overflow attempt (netbios.rules) 8972 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName WriteAndX unicode little endian overflow attempt (netbios.rules) 8974 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName andx overflow attempt (netbios.rules) 8986 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName unicode andx overflow attempt (netbios.rules) 8989 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName little endian andx overflow attempt (netbios.rules) 8990 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName unicode andx overflow attempt (netbios.rules) 8991 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName WriteAndX unicode andx overflow attempt (netbios.rules) 8992 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName WriteAndX andx overflow attempt (netbios.rules) 8993 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName WriteAndX unicode andx overflow attempt (netbios.rules) 8994 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName WriteAndX andx overflow attempt (netbios.rules) 8995 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName andx overflow attempt (netbios.rules) 8997 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName WriteAndX little endian andx object call overflow attempt (netbios.rules) 8998 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName WriteAndX little endian andx object call overflow attempt (netbios.rules) 8999 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName little endian andx object call overflow attempt (netbios.rules) 9000 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName WriteAndX unicode little endian andx object call overflow attempt (netbios.rules) 9001 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName unicode andx object call overflow attempt (netbios.rules) 9002 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName little endian andx object call overflow attempt (netbios.rules) 9003 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName unicode andx object call overflow attempt (netbios.rules) 9004 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName WriteAndX unicode andx object call overflow attempt (netbios.rules) 9005 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName WriteAndX andx object call overflow attempt (netbios.rules) 9006 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName WriteAndX unicode andx object call overflow attempt (netbios.rules) 9007 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName WriteAndX andx object call overflow attempt (netbios.rules) 9008 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName andx object call overflow attempt (netbios.rules) 9009 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName unicode little endian andx object call overflow attempt (netbios.rules) 9010 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName WriteAndX unicode little endian andx object call overflow attempt (netbios.rules) 9011 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName unicode little endian andx object call overflow attempt (netbios.rules) 9012 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName unicode little endian andx overflow attempt (netbios.rules) 9013 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName WriteAndX unicode little endian andx overflow attempt (netbios.rules) 9014 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName unicode little endian andx overflow attempt (netbios.rules) 9015 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName andx object call overflow attempt (netbios.rules) 9017 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName WriteAndX little endian andx overflow attempt (netbios.rules) 9018 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName WriteAndX little endian andx overflow attempt (netbios.rules) 9019 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName little endian andx overflow attempt (netbios.rules) 9020 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName WriteAndX unicode little endian andx overflow attempt (netbios.rules) 9027 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 overflow attempt (netbios.rules) 9028 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 WriteAndX overflow attempt (netbios.rules) 9029 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 unicode object call overflow attempt (netbios.rules) 9030 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 WriteAndX unicode little endian object call overflow attempt (netbios.rules) 9031 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 little endian object call overflow attempt (netbios.rules) 9032 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 WriteAndX little endian object call overflow attempt (netbios.rules) 9033 <-> NETBIOS SMB wkssvc NetrJoinDomain2 WriteAndX unicode little endian overflow attempt (netbios.rules) 9034 <-> NETBIOS SMB wkssvc NetrJoinDomain2 object call overflow attempt (netbios.rules) 9036 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 WriteAndX unicode little endian overflow attempt (netbios.rules) 9037 <-> NETBIOS SMB wkssvc NetrJoinDomain2 WriteAndX little endian object call overflow attempt (netbios.rules) 9041 <-> NETBIOS SMB wkssvc NetrJoinDomain2 unicode overflow attempt (netbios.rules) 9042 <-> NETBIOS SMB wkssvc NetrJoinDomain2 WriteAndX little endian overflow attempt (netbios.rules) 9043 <-> NETBIOS SMB wkssvc NetrJoinDomain2 little endian overflow attempt (netbios.rules) 9044 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 unicode little endian overflow attempt (netbios.rules) 9045 <-> NETBIOS SMB wkssvc NetrJoinDomain2 WriteAndX unicode overflow attempt (netbios.rules) 9046 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 WriteAndX unicode overflow attempt (netbios.rules) 9047 <-> NETBIOS SMB wkssvc NetrJoinDomain2 WriteAndX overflow attempt (netbios.rules) 9048 <-> NETBIOS SMB wkssvc NetrJoinDomain2 overflow attempt (netbios.rules) 9049 <-> NETBIOS SMB wkssvc NetrJoinDomain2 unicode little endian overflow attempt (netbios.rules) 9061 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 unicode overflow attempt (netbios.rules) 9063 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 little endian overflow attempt (netbios.rules) 9064 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 WriteAndX little endian overflow attempt (netbios.rules) 9065 <-> NETBIOS SMB wkssvc NetrJoinDomain2 WriteAndX unicode little endian object call overflow attempt (netbios.rules) 9066 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 object call overflow attempt (netbios.rules) 9067 <-> NETBIOS SMB wkssvc NetrJoinDomain2 unicode object call overflow attempt (netbios.rules) 9068 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 unicode little endian object call overflow attempt (netbios.rules) 9069 <-> NETBIOS SMB wkssvc NetrJoinDomain2 little endian object call overflow attempt (netbios.rules) 9070 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 WriteAndX unicode object call overflow attempt (netbios.rules) 9071 <-> NETBIOS SMB wkssvc NetrJoinDomain2 WriteAndX unicode object call overflow attempt (netbios.rules) 9072 <-> NETBIOS SMB wkssvc NetrJoinDomain2 WriteAndX object call overflow attempt (netbios.rules) 9073 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 WriteAndX object call overflow attempt (netbios.rules) 9074 <-> NETBIOS SMB wkssvc NetrJoinDomain2 unicode little endian object call overflow attempt (netbios.rules) 9075 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 andx overflow attempt (netbios.rules) 9076 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 WriteAndX andx overflow attempt (netbios.rules) 9077 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 unicode andx object call overflow attempt (netbios.rules) 9078 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 WriteAndX unicode little endian andx object call overflow attempt (netbios.rules) 9079 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 little endian andx object call overflow attempt (netbios.rules) 9080 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 WriteAndX little endian andx object call overflow attempt (netbios.rules) 9081 <-> NETBIOS SMB wkssvc NetrJoinDomain2 WriteAndX unicode little endian andx overflow attempt (netbios.rules) 9082 <-> NETBIOS SMB wkssvc NetrJoinDomain2 andx object call overflow attempt (netbios.rules) 9084 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 WriteAndX unicode little endian andx overflow attempt (netbios.rules) 9085 <-> NETBIOS SMB wkssvc NetrJoinDomain2 WriteAndX little endian andx object call overflow attempt (netbios.rules) 9089 <-> NETBIOS SMB wkssvc NetrJoinDomain2 unicode andx overflow attempt (netbios.rules) 9090 <-> NETBIOS SMB wkssvc NetrJoinDomain2 WriteAndX little endian andx overflow attempt (netbios.rules) 9091 <-> NETBIOS SMB wkssvc NetrJoinDomain2 little endian andx overflow attempt (netbios.rules) 9092 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 unicode little endian andx overflow attempt (netbios.rules) 9093 <-> NETBIOS SMB wkssvc NetrJoinDomain2 WriteAndX unicode andx overflow attempt (netbios.rules) 9094 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 WriteAndX unicode andx overflow attempt (netbios.rules) 9095 <-> NETBIOS SMB wkssvc NetrJoinDomain2 WriteAndX andx overflow attempt (netbios.rules) 9096 <-> NETBIOS SMB wkssvc NetrJoinDomain2 andx overflow attempt (netbios.rules) 9097 <-> NETBIOS SMB wkssvc NetrJoinDomain2 unicode little endian andx overflow attempt (netbios.rules) 9109 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 unicode andx overflow attempt (netbios.rules) 9111 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 little endian andx overflow attempt (netbios.rules) 9112 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 WriteAndX little endian andx overflow attempt (netbios.rules) 9113 <-> NETBIOS SMB wkssvc NetrJoinDomain2 WriteAndX unicode little endian andx object call overflow attempt (netbios.rules) 9114 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 andx object call overflow attempt (netbios.rules) 9115 <-> NETBIOS SMB wkssvc NetrJoinDomain2 unicode andx object call overflow attempt (netbios.rules) 9116 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 unicode little endian andx object call overflow attempt (netbios.rules) 9117 <-> NETBIOS SMB wkssvc NetrJoinDomain2 little endian andx object call overflow attempt (netbios.rules) 9118 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 WriteAndX unicode andx object call overflow attempt (netbios.rules) 9119 <-> NETBIOS SMB wkssvc NetrJoinDomain2 WriteAndX unicode andx object call overflow attempt (netbios.rules) 9120 <-> NETBIOS SMB wkssvc NetrJoinDomain2 WriteAndX andx object call overflow attempt (netbios.rules) 9121 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 WriteAndX andx object call overflow attempt (netbios.rules) 9122 <-> NETBIOS SMB wkssvc NetrJoinDomain2 unicode little endian andx object call overflow attempt (netbios.rules) 9326 <-> SPECIFIC-THREATS netsky.p smtp propagation detection (specific-threats.rules) 9327 <-> SPECIFIC-THREATS netsky.af smtp propagation detection (specific-threats.rules) 9328 <-> SPECIFIC-THREATS zhangpo smtp propagation detection (specific-threats.rules) 9329 <-> SPECIFIC-THREATS yarner.b smtp propagation detection (specific-threats.rules) 9330 <-> SPECIFIC-THREATS mydoom.e smtp propagation detection (specific-threats.rules) 9331 <-> SPECIFIC-THREATS mydoom.m smtp propagation detection (specific-threats.rules) 9332 <-> SPECIFIC-THREATS mimail.a smtp propagation detection (specific-threats.rules) 9333 <-> SPECIFIC-THREATS mimail.e smtp propagation detection (specific-threats.rules) 9334 <-> SPECIFIC-THREATS lovgate.c smtp propagation detection (specific-threats.rules) 9335 <-> SPECIFIC-THREATS netsky.b smtp propagation detection (specific-threats.rules) 9336 <-> SPECIFIC-THREATS netsky.t smtp propagation detection (specific-threats.rules) 9337 <-> SPECIFIC-THREATS netsky.x smtp propagation detection (specific-threats.rules) 9338 <-> SPECIFIC-THREATS mydoom.i smtp propagation detection (specific-threats.rules) 9339 <-> SPECIFIC-THREATS klez.g web propagation detection (specific-threats.rules) 9340 <-> SPECIFIC-THREATS klez.i web propagation detection (specific-threats.rules) 9341 <-> SPECIFIC-THREATS sasser open ftp command shell (specific-threats.rules) 9342 <-> SPECIFIC-THREATS paroc.a smtp propagation detection (specific-threats.rules) 9343 <-> SPECIFIC-THREATS kadra smtp propagation detection (specific-threats.rules) 9344 <-> SPECIFIC-THREATS kindal smtp propagation detection (specific-threats.rules) 9345 <-> SPECIFIC-THREATS kipis.a smtp propagation detection (specific-threats.rules) 9346 <-> SPECIFIC-THREATS klez.b web propagation detection (specific-threats.rules) 9347 <-> SPECIFIC-THREATS klez.b netshare propagation detection (specific-threats.rules) 9348 <-> SPECIFIC-THREATS morbex smtp propagation detection (specific-threats.rules) 9349 <-> SPECIFIC-THREATS plemood smtp propagation detection (specific-threats.rules) 9350 <-> SPECIFIC-THREATS mimail.k smtp propagation detection (specific-threats.rules) 9351 <-> SPECIFIC-THREATS lovgate.a netshare propagation detection (specific-threats.rules) 9352 <-> SPECIFIC-THREATS lovgate.a smtp propagation detection (specific-threats.rules) 9353 <-> SPECIFIC-THREATS deborm.x netshare propagation detection (specific-threats.rules) 9354 <-> SPECIFIC-THREATS deborm.y netshare propagation detection (specific-threats.rules) 9355 <-> SPECIFIC-THREATS deborm.u netshare propagation detection (specific-threats.rules) 9356 <-> SPECIFIC-THREATS deborm.q netshare propagation detection (specific-threats.rules) 9357 <-> SPECIFIC-THREATS deborm.r netshare propagation detection (specific-threats.rules) 9358 <-> SPECIFIC-THREATS fizzer smtp propagation detection (specific-threats.rules) 9359 <-> SPECIFIC-THREATS zafi.b smtp propagation detection (specific-threats.rules) 9360 <-> SPECIFIC-THREATS cult.b smtp propagation detection (specific-threats.rules) 9361 <-> SPECIFIC-THREATS mimail.l smtp propagation detection (specific-threats.rules) 9362 <-> SPECIFIC-THREATS mimail.m smtp propagation detection (specific-threats.rules) 9363 <-> SPECIFIC-THREATS klez.d web propagation detection (specific-threats.rules) 9364 <-> SPECIFIC-THREATS klez.e web propagation detection (specific-threats.rules) 9365 <-> SPECIFIC-THREATS cult.c smtp propagation detection (specific-threats.rules) 9366 <-> SPECIFIC-THREATS mimail.s smtp propagation detection (specific-threats.rules) 9367 <-> SPECIFIC-THREATS anset.b smtp propagation detection (specific-threats.rules) 9368 <-> SPECIFIC-THREATS agist.a smtp propagation detection (specific-threats.rules) 9369 <-> SPECIFIC-THREATS atak.a smtp propagation detection (specific-threats.rules) 9370 <-> SPECIFIC-THREATS bagle.b smtp propagation detection (specific-threats.rules) 9371 <-> SPECIFIC-THREATS bagle.e smtp propagation detection (specific-threats.rules) 9372 <-> SPECIFIC-THREATS blebla.a smtp propagation detection (specific-threats.rules) 9373 <-> SPECIFIC-THREATS clepa smtp propagation detection (specific-threats.rules) 9374 <-> SPECIFIC-THREATS creepy.b smtp propagation detection (specific-threats.rules) 9375 <-> SPECIFIC-THREATS duksten.c smtp propagation detection (specific-threats.rules) 9376 <-> SPECIFIC-THREATS fishlet.a smtp propagation detection (specific-threats.rules) 9377 <-> SPECIFIC-THREATS mydoom.g smtp propagation detection (specific-threats.rules) 9378 <-> SPECIFIC-THREATS netsky.q smtp propagation detection (specific-threats.rules) 9379 <-> SPECIFIC-THREATS netsky.s smtp propagation detection (specific-threats.rules) 9380 <-> SPECIFIC-THREATS jitux msn messenger propagation detection (specific-threats.rules) 9381 <-> SPECIFIC-THREATS lara smtp propagation detection (specific-threats.rules) 9382 <-> SPECIFIC-THREATS fearso.c smtp propagation detection (specific-threats.rules) 9383 <-> SPECIFIC-THREATS netsky.y smtp propagation detection (specific-threats.rules) 9384 <-> SPECIFIC-THREATS beglur.a smtp propagation detection (specific-threats.rules) 9385 <-> SPECIFIC-THREATS collo.a smtp propagation detection (specific-threats.rules) 9386 <-> SPECIFIC-THREATS bagle.f smtp propagation detection (specific-threats.rules) 9387 <-> SPECIFIC-THREATS klez.j web propagation detection (specific-threats.rules) 9388 <-> SPECIFIC-THREATS mimail.g smtp propagation detection (specific-threats.rules) 9389 <-> SPECIFIC-THREATS bagle.i smtp propagation detection (specific-threats.rules) 9390 <-> SPECIFIC-THREATS deborm.d netshare propagation detection (specific-threats.rules) 9391 <-> SPECIFIC-THREATS mimail.i smtp propagation detection (specific-threats.rules) 9392 <-> SPECIFIC-THREATS bagle.j smtp propagation detection (specific-threats.rules) 9393 <-> SPECIFIC-THREATS bagle.k smtp propagation detection (specific-threats.rules) 9394 <-> SPECIFIC-THREATS bagle.n smtp propagation detection (specific-threats.rules) 9395 <-> SPECIFIC-THREATS deborm.j netshare propagation detection (specific-threats.rules) 9396 <-> SPECIFIC-THREATS deborm.t netshare propagation detection (specific-threats.rules) 9397 <-> SPECIFIC-THREATS neysid smtp propagation detection (specific-threats.rules) 9398 <-> SPECIFIC-THREATS totilix.a smtp propagation detection (specific-threats.rules) 9399 <-> SPECIFIC-THREATS hanged smtp propagation detection (specific-threats.rules) 9400 <-> SPECIFIC-THREATS abotus smtp propagation detection (specific-threats.rules) 9401 <-> SPECIFIC-THREATS gokar http propagation detectiot (specific-threats.rules) 9403 <-> SPECIFIC-THREATS netsky.aa smtp propagation detection (specific-threats.rules) 9404 <-> SPECIFIC-THREATS netsky.ac smtp propagation detection (specific-threats.rules) 9405 <-> SPECIFIC-THREATS netsky.af smtp propagation detection (specific-threats.rules) 9406 <-> SPECIFIC-THREATS lovgate.e smtp propagation detection (specific-threats.rules) 9407 <-> SPECIFIC-THREATS lovgate.b netshare propagation detection (specific-threats.rules) 9408 <-> SPECIFIC-THREATS lacrow smtp propagation detection (specific-threats.rules) 9409 <-> SPECIFIC-THREATS atak.b smtp propagation detection (specific-threats.rules) 9410 <-> SPECIFIC-THREATS netsky.z smtp propagation detection (specific-threats.rules) 9411 <-> SPECIFIC-THREATS mimail.f smtp propagation detection (specific-threats.rules) 9412 <-> SPECIFIC-THREATS sinmsn.b msn propagation detection (specific-threats.rules) 9413 <-> SPECIFIC-THREATS ganda smtp propagation detection (specific-threats.rules) 9414 <-> SPECIFIC-THREATS lovelorn.a smtp propagation detection (specific-threats.rules) 9415 <-> SPECIFIC-THREATS plexus.a smtp propagation detection (specific-threats.rules) 9416 <-> SPECIFIC-THREATS bagle.at smtp propagation detection (specific-threats.rules) 9417 <-> SPECIFIC-THREATS bagle.a smtp propagation detection (specific-threats.rules) 9418 <-> SPECIFIC-THREATS bagle.a http notification detection (specific-threats.rules) 9419 <-> SPECIFIC-THREATS sasser attempt (specific-threats.rules) 9420 <-> SPECIFIC-THREATS korgo attempt (specific-threats.rules) 9421 <-> SPECIFIC-THREATS zotob attempt (specific-threats.rules) 9422 <-> SPECIFIC-THREATS msblast attempt (specific-threats.rules) 9423 <-> SPECIFIC-THREATS lovegate attempt (specific-threats.rules) 9424 <-> SPECIFIC-THREATS /winnt/explorer.exe unicode klez infection attempt attempt (specific-threats.rules) 9425 <-> SPECIFIC-THREATS netsky attachment (specific-threats.rules) 9426 <-> SPECIFIC-THREATS mydoom.ap attachment (specific-threats.rules) 9447 <-> NETBIOS SMB-DS ISystemActivator WriteAndX little endian alter context attempt (netbios.rules) 9448 <-> NETBIOS SMB-DS ISystemActivator unicode little endian alter context attempt (netbios.rules) 9449 <-> NETBIOS SMB-DS ISystemActivator WriteAndX unicode alter context attempt (netbios.rules) 9454 <-> NETBIOS SMB-DS ISystemActivator bind attempt (netbios.rules) 9455 <-> NETBIOS SMB-DS ISystemActivator WriteAndX bind attempt (netbios.rules) 9456 <-> NETBIOS SMB-DS ISystemActivator unicode bind attempt (netbios.rules) 9457 <-> NETBIOS SMB-DS ISystemActivator WriteAndX unicode little endian bind attempt (netbios.rules) 9462 <-> NETBIOS SMB-DS ISystemActivator little endian bind attempt (netbios.rules) 9463 <-> NETBIOS SMB-DS ISystemActivator WriteAndX little endian bind attempt (netbios.rules) 9464 <-> NETBIOS SMB-DS ISystemActivator unicode little endian bind attempt (netbios.rules) 9465 <-> NETBIOS SMB-DS ISystemActivator WriteAndX unicode bind attempt (netbios.rules) 9469 <-> NETBIOS SMB-DS ISystemActivator andx alter context attempt (netbios.rules) 9470 <-> NETBIOS SMB-DS ISystemActivator WriteAndX andx alter context attempt (netbios.rules) 9471 <-> NETBIOS SMB-DS ISystemActivator unicode andx alter context attempt (netbios.rules) 9472 <-> NETBIOS SMB-DS ISystemActivator WriteAndX unicode little endian andx alter context attempt (netbios.rules) 9478 <-> NETBIOS SMB-DS ISystemActivator little endian andx alter context attempt (netbios.rules) 9479 <-> NETBIOS SMB-DS ISystemActivator WriteAndX little endian andx alter context attempt (netbios.rules) 9480 <-> NETBIOS SMB-DS ISystemActivator unicode little endian andx alter context attempt (netbios.rules) 9481 <-> NETBIOS SMB-DS ISystemActivator WriteAndX unicode andx alter context attempt (netbios.rules) 9486 <-> NETBIOS SMB-DS ISystemActivator andx bind attempt (netbios.rules) 9487 <-> NETBIOS SMB-DS ISystemActivator WriteAndX andx bind attempt (netbios.rules) 9488 <-> NETBIOS SMB-DS ISystemActivator unicode andx bind attempt (netbios.rules) 9489 <-> NETBIOS SMB-DS ISystemActivator WriteAndX unicode little endian andx bind attempt (netbios.rules) 9494 <-> NETBIOS SMB-DS ISystemActivator little endian andx bind attempt (netbios.rules) 9495 <-> NETBIOS SMB-DS ISystemActivator WriteAndX little endian andx bind attempt (netbios.rules) 9496 <-> NETBIOS SMB-DS ISystemActivator unicode little endian andx bind attempt (netbios.rules) 9497 <-> NETBIOS SMB-DS ISystemActivator WriteAndX unicode andx bind attempt (netbios.rules) 9499 <-> NETBIOS DCERPC DIRECT ISystemActivator little endian alter context attempt (netbios.rules) 9500 <-> NETBIOS DCERPC NCACN-HTTP ISystemActivator little endian alter context attempt (netbios.rules) 9501 <-> NETBIOS DCERPC NCACN-HTTP ISystemActivator alter context attempt (netbios.rules) 9502 <-> NETBIOS DCERPC NCACN-IP-TCP ISystemActivator alter context attempt (netbios.rules) 9503 <-> NETBIOS DCERPC NCADG-IP-UDP ISystemActivator alter context attempt (netbios.rules) 9504 <-> NETBIOS DCERPC NCADG-IP-UDP ISystemActivator little endian alter context attempt (netbios.rules) 9505 <-> NETBIOS DCERPC NCACN-IP-TCP ISystemActivator little endian alter context attempt (netbios.rules) 9506 <-> NETBIOS DCERPC DIRECT ISystemActivator alter context attempt (netbios.rules) 9507 <-> NETBIOS DCERPC DIRECT ISystemActivator little endian bind attempt (netbios.rules) 9508 <-> NETBIOS DCERPC NCACN-HTTP ISystemActivator little endian bind attempt (netbios.rules) 9509 <-> NETBIOS DCERPC NCACN-HTTP ISystemActivator bind attempt (netbios.rules) 9510 <-> NETBIOS DCERPC NCACN-IP-TCP ISystemActivator bind attempt (netbios.rules) 9511 <-> NETBIOS DCERPC NCADG-IP-UDP ISystemActivator bind attempt (netbios.rules) 9512 <-> NETBIOS DCERPC NCADG-IP-UDP ISystemActivator little endian bind attempt (netbios.rules) 9513 <-> NETBIOS DCERPC NCACN-IP-TCP ISystemActivator little endian bind attempt (netbios.rules) 9514 <-> NETBIOS DCERPC DIRECT ISystemActivator bind attempt (netbios.rules) 9516 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance unicode attempt (netbios.rules) 9528 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance WriteAndX little endian attempt (netbios.rules) 9532 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance unicode attempt (netbios.rules) 9533 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance WriteAndX unicode attempt (netbios.rules) 9534 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance WriteAndX attempt (netbios.rules) 9535 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance WriteAndX unicode little endian attempt (netbios.rules) 9536 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance little endian attempt (netbios.rules) 9537 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance WriteAndX unicode little endian attempt (netbios.rules) 9538 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance WriteAndX attempt (netbios.rules) 9539 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance attempt (netbios.rules) 9540 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance object call attempt (netbios.rules) 9541 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance WriteAndX unicode object call attempt (netbios.rules) 9542 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance unicode little endian object call attempt (netbios.rules) 9543 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance little endian object call attempt (netbios.rules) 9544 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance WriteAndX little endian object call attempt (netbios.rules) 9545 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance unicode little endian object call attempt (netbios.rules) 9546 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance unicode object call attempt (netbios.rules) 9547 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance andx attempt (netbios.rules) 9548 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance WriteAndX little endian andx object call attempt (netbios.rules) 9549 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance unicode andx object call attempt (netbios.rules) 9550 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance WriteAndX unicode andx object call attempt (netbios.rules) 9551 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance WriteAndX andx object call attempt (netbios.rules) 9552 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance WriteAndX unicode little endian andx object call attempt (netbios.rules) 9553 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance little endian andx object call attempt (netbios.rules) 9554 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance WriteAndX unicode little endian andx object call attempt (netbios.rules) 9555 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance WriteAndX andx object call attempt (netbios.rules) 9556 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance andx object call attempt (netbios.rules) 9557 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance WriteAndX unicode andx attempt (netbios.rules) 9558 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance unicode little endian andx attempt (netbios.rules) 9559 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance little endian andx attempt (netbios.rules) 9560 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance WriteAndX little endian andx attempt (netbios.rules) 9561 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance unicode little endian andx attempt (netbios.rules) 9564 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance unicode andx attempt (netbios.rules) 9576 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance WriteAndX little endian andx attempt (netbios.rules) 9580 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance unicode andx attempt (netbios.rules) 9581 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance WriteAndX unicode andx attempt (netbios.rules) 9582 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance WriteAndX andx attempt (netbios.rules) 9583 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance WriteAndX unicode little endian andx attempt (netbios.rules) 9584 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance little endian andx attempt (netbios.rules) 9585 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance WriteAndX unicode little endian andx attempt (netbios.rules) 9586 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance WriteAndX andx attempt (netbios.rules) 9587 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance andx attempt (netbios.rules) 9588 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance andx object call attempt (netbios.rules) 9589 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance WriteAndX unicode andx object call attempt (netbios.rules) 9590 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance unicode little endian andx object call attempt (netbios.rules) 9591 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance little endian andx object call attempt (netbios.rules) 9592 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance WriteAndX little endian andx object call attempt (netbios.rules) 9593 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance unicode little endian andx object call attempt (netbios.rules) 9594 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance unicode andx object call attempt (netbios.rules) 9599 <-> NETBIOS DCERPC NCADG-IP-UDP v4 ISystemActivator RemoteCreateInstance attempt (netbios.rules) 9600 <-> NETBIOS DCERPC NCADG-IP-UDP v4 ISystemActivator RemoteCreateInstance little endian attempt (netbios.rules) 9601 <-> NETBIOS DCERPC NCACN-IP-TCP ISystemActivator RemoteCreateInstance little endian attempt (netbios.rules) 9602 <-> NETBIOS DCERPC DIRECT ISystemActivator RemoteCreateInstance little endian attempt (netbios.rules) 9603 <-> NETBIOS DCERPC NCACN-HTTP ISystemActivator RemoteCreateInstance little endian attempt (netbios.rules) 9606 <-> NETBIOS DCERPC NCACN-HTTP ISystemActivator RemoteCreateInstance attempt (netbios.rules) 9607 <-> NETBIOS DCERPC NCACN-IP-TCP ISystemActivator RemoteCreateInstance attempt (netbios.rules) 9608 <-> NETBIOS DCERPC DIRECT ISystemActivator RemoteCreateInstance attempt (netbios.rules) 9609 <-> NETBIOS DCERPC NCADG-IP-UDP ISystemActivator RemoteCreateInstance attempt (netbios.rules) 9610 <-> NETBIOS DCERPC NCADG-IP-UDP ISystemActivator RemoteCreateInstance little endian attempt (netbios.rules) 9611 <-> NETBIOS DCERPC NCACN-IP-TCP ISystemActivator RemoteCreateInstance little endian object call attempt (netbios.rules) 9612 <-> NETBIOS DCERPC DIRECT ISystemActivator RemoteCreateInstance little endian object call attempt (netbios.rules) 9613 <-> NETBIOS DCERPC NCACN-HTTP ISystemActivator RemoteCreateInstance little endian object call attempt (netbios.rules) 9614 <-> NETBIOS DCERPC NCACN-HTTP ISystemActivator RemoteCreateInstance object call attempt (netbios.rules) 9615 <-> NETBIOS DCERPC NCACN-IP-TCP ISystemActivator RemoteCreateInstance object call attempt (netbios.rules) 9616 <-> NETBIOS DCERPC DIRECT ISystemActivator RemoteCreateInstance object call attempt (netbios.rules) 9617 <-> NETBIOS DCERPC NCADG-IP-UDP ISystemActivator RemoteCreateInstance object call attempt (netbios.rules) 9618 <-> NETBIOS DCERPC NCADG-IP-UDP ISystemActivator RemoteCreateInstance little endian object call attempt (netbios.rules) 9674 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile WriteAndX unicode attempt (netbios.rules) 9675 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile WriteAndX attempt (netbios.rules) 9676 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile unicode attempt (netbios.rules) 9677 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile attempt (netbios.rules) 9678 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile WriteAndX attempt (netbios.rules) 9679 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile WriteAndX unicode little endian attempt (netbios.rules) 9680 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile attempt (netbios.rules) 9681 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile WriteAndX little endian attempt (netbios.rules) 9682 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile WriteAndX unicode little endian attempt (netbios.rules) 9683 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile unicode little endian attempt (netbios.rules) 9684 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile WriteAndX little endian attempt (netbios.rules) 9685 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile unicode little endian attempt (netbios.rules) 9686 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile little endian object call attempt (netbios.rules) 9687 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile WriteAndX unicode object call attempt (netbios.rules) 9688 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile WriteAndX little endian andx object call attempt (netbios.rules) 9689 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile WriteAndX andx object call attempt (netbios.rules) 9690 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile andx object call attempt (netbios.rules) 9691 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile unicode little endian andx object call attempt (netbios.rules) 9692 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile WriteAndX unicode little endian andx object call attempt (netbios.rules) 9693 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile unicode little endian andx object call attempt (netbios.rules) 9694 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile little endian andx object call attempt (netbios.rules) 9695 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile WriteAndX little endian andx object call attempt (netbios.rules) 9698 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile unicode andx attempt (netbios.rules) 9699 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile little endian andx attempt (netbios.rules) 9701 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile WriteAndX unicode andx object call attempt (netbios.rules) 9702 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile WriteAndX andx object call attempt (netbios.rules) 9703 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile unicode andx object call attempt (netbios.rules) 9704 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile unicode andx object call attempt (netbios.rules) 9705 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile andx object call attempt (netbios.rules) 9706 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile WriteAndX unicode little endian andx object call attempt (netbios.rules) 9707 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile WriteAndX unicode andx attempt (netbios.rules) 9709 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile little endian andx attempt (netbios.rules) 9722 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile WriteAndX unicode andx attempt (netbios.rules) 9723 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile WriteAndX andx attempt (netbios.rules) 9724 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile unicode andx attempt (netbios.rules) 9725 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile andx attempt (netbios.rules) 9726 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile WriteAndX andx attempt (netbios.rules) 9727 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile WriteAndX unicode little endian andx attempt (netbios.rules) 9728 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile andx attempt (netbios.rules) 9729 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile WriteAndX little endian andx attempt (netbios.rules) 9730 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile WriteAndX unicode little endian andx attempt (netbios.rules) 9731 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile unicode little endian andx attempt (netbios.rules) 9732 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile WriteAndX little endian andx attempt (netbios.rules) 9733 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile unicode little endian andx attempt (netbios.rules) 9734 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile little endian andx object call attempt (netbios.rules) 9735 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile WriteAndX unicode andx object call attempt (netbios.rules) 9737 <-> NETBIOS DCERPC NCADG-IP-UDP v4 ISystemActivator CoGetInstanceFromFile attempt (netbios.rules) 9738 <-> NETBIOS DCERPC DIRECT ISystemActivator CoGetInstanceFromFile little endian attempt (netbios.rules) 9739 <-> NETBIOS DCERPC DIRECT v4 ISystemActivator CoGetInstanceFromFile little endian attempt (netbios.rules) 9740 <-> NETBIOS DCERPC NCACN-HTTP ISystemActivator CoGetInstanceFromFile attempt (netbios.rules) 9744 <-> NETBIOS DCERPC NCADG-IP-UDP v4 ISystemActivator CoGetInstanceFromFile little endian attempt (netbios.rules) 9745 <-> NETBIOS DCERPC NCADG-IP-UDP ISystemActivator CoGetInstanceFromFile attempt (netbios.rules) 9746 <-> NETBIOS DCERPC DIRECT v4 ISystemActivator CoGetInstanceFromFile attempt (netbios.rules) 9747 <-> NETBIOS DCERPC NCACN-HTTP ISystemActivator CoGetInstanceFromFile little endian attempt (netbios.rules) 9748 <-> NETBIOS DCERPC NCACN-IP-TCP ISystemActivator CoGetInstanceFromFile attempt (netbios.rules) 9749 <-> NETBIOS DCERPC NCACN-IP-TCP ISystemActivator CoGetInstanceFromFile little endian attempt (netbios.rules) 9750 <-> NETBIOS DCERPC NCADG-IP-UDP ISystemActivator CoGetInstanceFromFile little endian attempt (netbios.rules) 9751 <-> NETBIOS DCERPC DIRECT ISystemActivator CoGetInstanceFromFile attempt (netbios.rules) 9752 <-> NETBIOS DCERPC DIRECT ISystemActivator CoGetInstanceFromFile little endian object call attempt (netbios.rules) 9753 <-> NETBIOS DCERPC NCACN-HTTP ISystemActivator CoGetInstanceFromFile object call attempt (netbios.rules) 9754 <-> NETBIOS DCERPC NCADG-IP-UDP ISystemActivator CoGetInstanceFromFile object call attempt (netbios.rules) 9755 <-> NETBIOS DCERPC NCACN-HTTP ISystemActivator CoGetInstanceFromFile little endian object call attempt (netbios.rules) 9756 <-> NETBIOS DCERPC NCACN-IP-TCP ISystemActivator CoGetInstanceFromFile object call attempt (netbios.rules) 9757 <-> NETBIOS DCERPC NCACN-IP-TCP ISystemActivator CoGetInstanceFromFile little endian object call attempt (netbios.rules) 9758 <-> NETBIOS DCERPC NCADG-IP-UDP ISystemActivator CoGetInstanceFromFile little endian object call attempt (netbios.rules) 9759 <-> NETBIOS DCERPC DIRECT ISystemActivator CoGetInstanceFromFile object call attempt (netbios.rules) 9760 <-> NETBIOS DCERPC DIRECT-UDP msqueue little endian bind attempt (netbios.rules) 9761 <-> NETBIOS DCERPC DIRECT-UDP msqueue little endian alter context attempt (netbios.rules) 9763 <-> NETBIOS DCERPC DIRECT-UDP msqueue alter context attempt (netbios.rules) 9764 <-> NETBIOS DCERPC DIRECT-UDP v4 msqueue function 4 little endian overflow attempt (netbios.rules) 9765 <-> NETBIOS DCERPC DIRECT-UDP msqueue function 4 little endian overflow attempt (netbios.rules) 9766 <-> NETBIOS DCERPC DIRECT-UDP msqueue function 4 overflow attempt (netbios.rules) 9767 <-> NETBIOS DCERPC DIRECT-UDP msqueue function 4 object call overflow attempt (netbios.rules) 9768 <-> NETBIOS DCERPC NCACN-IP-TCP v4 msqueue function 4 little endian overflow attempt (netbios.rules) 9769 <-> NETBIOS DCERPC DIRECT-UDP v4 msqueue function 4 overflow attempt (netbios.rules) 9770 <-> NETBIOS DCERPC NCACN-IP-TCP msqueue function 4 object call overflow attempt (netbios.rules) 9771 <-> NETBIOS DCERPC DIRECT-UDP msqueue function 4 little endian object call overflow attempt (netbios.rules) 9802 <-> NETBIOS DCERPC DIRECT brightstor-arc alter context attempt (netbios.rules) 9803 <-> NETBIOS DCERPC DIRECT brightstor-arc little endian alter context attempt (netbios.rules) 9804 <-> NETBIOS DCERPC DIRECT brightstor-arc bind attempt (netbios.rules) 9805 <-> NETBIOS DCERPC DIRECT brightstor-arc little endian bind attempt (netbios.rules) 9806 <-> NETBIOS DCERPC DIRECT v4 brightstor-arc GetGroupStatus little endian overflow attempt (netbios.rules) 9807 <-> NETBIOS DCERPC DIRECT brightstor-arc GetGroupStatus little endian overflow attempt (netbios.rules) 9808 <-> NETBIOS DCERPC DIRECT v4 brightstor-arc GetGroupStatus overflow attempt (netbios.rules) 9809 <-> NETBIOS DCERPC DIRECT brightstor-arc GetGroupStatus overflow attempt (netbios.rules) 9854 <-> NETBIOS SMB-DS tapisrv little endian alter context attempt (netbios.rules) 9855 <-> NETBIOS SMB-DS tapisrv WriteAndX little endian alter context attempt (netbios.rules) 9856 <-> NETBIOS SMB-DS tapisrv unicode little endian alter context attempt (netbios.rules) 9857 <-> NETBIOS SMB-DS tapisrv WriteAndX unicode little endian alter context attempt (netbios.rules) 9866 <-> NETBIOS SMB-DS tapisrv alter context attempt (netbios.rules) 9867 <-> NETBIOS SMB-DS tapisrv WriteAndX alter context attempt (netbios.rules) 9868 <-> NETBIOS SMB-DS tapisrv unicode alter context attempt (netbios.rules) 9869 <-> NETBIOS SMB-DS tapisrv WriteAndX unicode alter context attempt (netbios.rules) 9870 <-> NETBIOS SMB-DS tapisrv bind attempt (netbios.rules) 9871 <-> NETBIOS SMB-DS tapisrv WriteAndX bind attempt (netbios.rules) 9872 <-> NETBIOS SMB-DS tapisrv unicode bind attempt (netbios.rules) 9873 <-> NETBIOS SMB-DS tapisrv WriteAndX unicode bind attempt (netbios.rules) 9878 <-> NETBIOS SMB-DS tapisrv little endian bind attempt (netbios.rules) 9879 <-> NETBIOS SMB-DS tapisrv WriteAndX little endian bind attempt (netbios.rules) 9880 <-> NETBIOS SMB-DS tapisrv unicode little endian bind attempt (netbios.rules) 9881 <-> NETBIOS SMB-DS tapisrv WriteAndX unicode little endian bind attempt (netbios.rules) 9886 <-> NETBIOS SMB-DS tapisrv little endian andx alter context attempt (netbios.rules) 9887 <-> NETBIOS SMB-DS tapisrv WriteAndX little endian andx alter context attempt (netbios.rules) 9888 <-> NETBIOS SMB-DS tapisrv unicode little endian andx alter context attempt (netbios.rules) 9889 <-> NETBIOS SMB-DS tapisrv WriteAndX unicode little endian andx alter context attempt (netbios.rules) 9898 <-> NETBIOS SMB-DS tapisrv andx alter context attempt (netbios.rules) 9899 <-> NETBIOS SMB-DS tapisrv WriteAndX andx alter context attempt (netbios.rules) 9900 <-> NETBIOS SMB-DS tapisrv unicode andx alter context attempt (netbios.rules) 9901 <-> NETBIOS SMB-DS tapisrv WriteAndX unicode andx alter context attempt (netbios.rules) 9902 <-> NETBIOS SMB-DS tapisrv andx bind attempt (netbios.rules) 9903 <-> NETBIOS SMB-DS tapisrv WriteAndX andx bind attempt (netbios.rules) 9904 <-> NETBIOS SMB-DS tapisrv unicode andx bind attempt (netbios.rules) 9905 <-> NETBIOS SMB-DS tapisrv WriteAndX unicode andx bind attempt (netbios.rules) 9910 <-> NETBIOS SMB-DS tapisrv little endian andx bind attempt (netbios.rules) 9911 <-> NETBIOS SMB-DS tapisrv WriteAndX little endian andx bind attempt (netbios.rules) 9912 <-> NETBIOS SMB-DS tapisrv unicode little endian andx bind attempt (netbios.rules) 9913 <-> NETBIOS SMB-DS tapisrv WriteAndX unicode little endian andx bind attempt (netbios.rules) 9930 <-> NETBIOS SMB v4 tapisrv ClientRequest unicode little endian LSetAppPriority overflow attempt (netbios.rules) 9931 <-> NETBIOS SMB-DS tapisrv ClientRequest WriteAndX little endian LSetAppPriority overflow attempt (netbios.rules) 9932 <-> NETBIOS SMB-DS tapisrv ClientRequest WriteAndX unicode LSetAppPriority overflow attempt (netbios.rules) 9933 <-> NETBIOS SMB-DS tapisrv ClientRequest WriteAndX unicode little endian LSetAppPriority overflow attempt (netbios.rules) 9934 <-> NETBIOS SMB-DS tapisrv ClientRequest little endian LSetAppPriority overflow attempt (netbios.rules) 9935 <-> NETBIOS SMB tapisrv ClientRequest LSetAppPriority overflow attempt (netbios.rules) 9936 <-> NETBIOS SMB tapisrv ClientRequest WriteAndX unicode LSetAppPriority overflow attempt (netbios.rules) 9937 <-> NETBIOS SMB tapisrv ClientRequest WriteAndX LSetAppPriority overflow attempt (netbios.rules) 9938 <-> NETBIOS SMB tapisrv ClientRequest unicode LSetAppPriority overflow attempt (netbios.rules) 9939 <-> NETBIOS SMB-DS tapisrv ClientRequest unicode LSetAppPriority overflow attempt (netbios.rules) 9950 <-> NETBIOS SMB-DS tapisrv ClientRequest little endian object call LSetAppPriority overflow attempt (netbios.rules) 9951 <-> NETBIOS SMB tapisrv ClientRequest object call LSetAppPriority overflow attempt (netbios.rules) 9952 <-> NETBIOS SMB tapisrv ClientRequest WriteAndX unicode object call LSetAppPriority overflow attempt (netbios.rules) 9953 <-> NETBIOS SMB tapisrv ClientRequest WriteAndX object call LSetAppPriority overflow attempt (netbios.rules) 9954 <-> NETBIOS SMB tapisrv ClientRequest unicode object call LSetAppPriority overflow attempt (netbios.rules) 9955 <-> NETBIOS SMB-DS tapisrv ClientRequest unicode object call LSetAppPriority overflow attempt (netbios.rules) 9956 <-> NETBIOS SMB-DS tapisrv ClientRequest WriteAndX object call LSetAppPriority overflow attempt (netbios.rules) 9957 <-> NETBIOS SMB tapisrv ClientRequest little endian object call LSetAppPriority overflow attempt (netbios.rules) 9958 <-> NETBIOS SMB tapisrv ClientRequest WriteAndX little endian object call LSetAppPriority overflow attempt (netbios.rules) 9959 <-> NETBIOS SMB tapisrv ClientRequest unicode little endian object call LSetAppPriority overflow attempt (netbios.rules) 10018 <-> NETBIOS DCERPC DIRECT v4 brightstor-arc ReserveGroup attempt (netbios.rules) 10019 <-> NETBIOS DCERPC DIRECT brightstor-arc ReserveGroup attempt (netbios.rules) 10042 <-> NETBIOS DCERPC DIRECT brightstor-arc2 alter context attempt (netbios.rules) 10043 <-> NETBIOS DCERPC DIRECT brightstor-arc2 little endian alter context attempt (netbios.rules) 10044 <-> NETBIOS DCERPC DIRECT brightstor-arc2 bind attempt (netbios.rules) 10045 <-> NETBIOS DCERPC DIRECT brightstor-arc2 little endian bind attempt (netbios.rules) 10046 <-> NETBIOS DCERPC DIRECT brightstor-arc2 alter context attempt (netbios.rules) 10047 <-> NETBIOS DCERPC DIRECT brightstor-arc2 little endian alter context attempt (netbios.rules) 10048 <-> NETBIOS DCERPC DIRECT brightstor-arc2 bind attempt (netbios.rules) 10049 <-> NETBIOS DCERPC DIRECT brightstor-arc2 little endian bind attempt (netbios.rules) 10050 <-> NETBIOS DCERPC DIRECT brightstor-arc2 ASDBLoginToComputer overflow attempt (netbios.rules) 10051 <-> NETBIOS DCERPC DIRECT v4 brightstor-arc2 ASDBLoginToComputer little endian overflow attempt (netbios.rules) 10052 <-> NETBIOS DCERPC DIRECT v4 brightstor-arc2 ASDBLoginToComputer overflow attempt (netbios.rules) 10053 <-> NETBIOS DCERPC DIRECT brightstor-arc2 ASDBLoginToComputer little endian overflow attempt (netbios.rules) 10054 <-> NETBIOS DCERPC DIRECT brightstor-arc2 ASDBLoginToComputer object call overflow attempt (netbios.rules) 10055 <-> NETBIOS DCERPC DIRECT brightstor-arc2 ASDBLoginToComputer little endian object call overflow attempt (netbios.rules) 10056 <-> NETBIOS DCERPC DIRECT v4 brightstor-arc2 ASDBLoginToComputer overflow attempt (netbios.rules) 10057 <-> NETBIOS DCERPC DIRECT brightstor-arc2 ASDBLoginToComputer little endian overflow attempt (netbios.rules) 10058 <-> NETBIOS DCERPC DIRECT v4 brightstor-arc2 ASDBLoginToComputer little endian overflow attempt (netbios.rules) 10059 <-> NETBIOS DCERPC DIRECT brightstor-arc2 ASDBLoginToComputer overflow attempt (netbios.rules) 10065 <-> SPECIFIC-THREATS Trojan Peacomm smtp propagation detection (specific-threats.rules) 10066 <-> SPECIFIC-THREATS Trojan Peacomm smtp propagation detection (specific-threats.rules) 10067 <-> SPECIFIC-THREATS Trojan Peacomm smtp propagation detection (specific-threats.rules) 10068 <-> SPECIFIC-THREATS Trojan Peacomm smtp propagation detection (specific-threats.rules) 10069 <-> SPECIFIC-THREATS Trojan Peacomm smtp propagation detection (specific-threats.rules) 10070 <-> SPECIFIC-THREATS Trojan Peacomm smtp propagation detection (specific-threats.rules) 10071 <-> SPECIFIC-THREATS Trojan Peacomm smtp propagation detection (specific-threats.rules) 10072 <-> SPECIFIC-THREATS Trojan Peacomm smtp propagation detection (specific-threats.rules) 10073 <-> SPECIFIC-THREATS Trojan Peacomm smtp propagation detection (specific-threats.rules) 10074 <-> SPECIFIC-THREATS Trojan Peacomm smtp propagation detection (specific-threats.rules) 10075 <-> SPECIFIC-THREATS Trojan Peacomm smtp propagation detection (specific-threats.rules) 10076 <-> SPECIFIC-THREATS Trojan Peacomm smtp propagation detection (specific-threats.rules) 10077 <-> SPECIFIC-THREATS Trojan Peacomm smtp propagation detection (specific-threats.rules) 10078 <-> SPECIFIC-THREATS W32.Nuwar.AY smtp propagation detection (specific-threats.rules) 10079 <-> SPECIFIC-THREATS W32.Nuwar.AY smtp propagation detection (specific-threats.rules) 10080 <-> SPECIFIC-THREATS W32.Nuwar.AY smtp propagation detection (specific-threats.rules) 10081 <-> SPECIFIC-THREATS W32.Nuwar.AY smtp propagation detection (specific-threats.rules) 10082 <-> SPECIFIC-THREATS W32.Nuwar.AY smtp propagation detection (specific-threats.rules) 10083 <-> SPECIFIC-THREATS W32.Nuwar.AY smtp propagation detection (specific-threats.rules) 10120 <-> NETBIOS DCERPC DIRECT brightstor-arc GetGCBHandleFromGroupName overflow attempt (netbios.rules) 10121 <-> NETBIOS DCERPC DIRECT v4 brightstor-arc GetGCBHandleFromGroupName little endian overflow attempt (netbios.rules) 10122 <-> NETBIOS DCERPC DIRECT v4 brightstor-arc GetGCBHandleFromGroupName overflow attempt (netbios.rules) 10123 <-> SPECIFIC-THREATS PA168 chipset based IP phone default password attempt (specific-threats.rules) 10124 <-> SPECIFIC-THREATS PA168 chipset based IP phone authentication bypass (specific-threats.rules) 10402 <-> SPECIFIC-THREATS Trojan.Duntek Data Report POST (specific-threats.rules) 10403 <-> SPECIFIC-THREATS Trojan.Duntek Checkin GET Request (specific-threats.rules) 12307 <-> NETBIOS DCERPC DIRECT v4 trend-serverprotect _SetPagerNotifyConfig little endian attempt (netbios.rules) 12308 <-> NETBIOS DCERPC DIRECT v4 trend-serverprotect _SetPagerNotifyConfig attempt (netbios.rules) 12309 <-> NETBIOS DCERPC DIRECT trend-serverprotect _SetPagerNotifyConfig attempt (netbios.rules) 12310 <-> NETBIOS DCERPC DIRECT trend-serverprotect _SetPagerNotifyConfig little endian attempt (netbios.rules) 12311 <-> NETBIOS DCERPC DIRECT trend-serverprotect _SetPagerNotifyConfig object call attempt (netbios.rules) 12312 <-> NETBIOS DCERPC DIRECT trend-serverprotect _SetPagerNotifyConfig little endian object call attempt (netbios.rules) 12313 <-> NETBIOS DCERPC DIRECT trend-serverprotect-earthagent alter context attempt (netbios.rules) 12314 <-> NETBIOS DCERPC DIRECT trend-serverprotect-earthagent little endian alter context attempt (netbios.rules) 12315 <-> NETBIOS DCERPC DIRECT trend-serverprotect-earthagent bind attempt (netbios.rules) 12316 <-> NETBIOS DCERPC DIRECT trend-serverprotect-earthagent little endian bind attempt (netbios.rules) 12317 <-> NETBIOS DCERPC DIRECT v4 trend-serverprotect-earthagent _SetSpntShareConfig little endian attempt (netbios.rules) 12318 <-> NETBIOS DCERPC DIRECT v4 trend-serverprotect-earthagent _SetSpntShareConfig attempt (netbios.rules) 12319 <-> NETBIOS DCERPC DIRECT trend-serverprotect-earthagent _SetSpntShareConfig attempt (netbios.rules) 12320 <-> NETBIOS DCERPC DIRECT trend-serverprotect-earthagent _SetSpntShareConfig little endian attempt (netbios.rules) 12321 <-> NETBIOS DCERPC DIRECT trend-serverprotect-earthagent _SetSpntShareConfig object call attempt (netbios.rules) 12322 <-> NETBIOS DCERPC DIRECT trend-serverprotect-earthagent _SetSpntShareConfig little endian object call attempt (netbios.rules) 12323 <-> NETBIOS DCERPC DIRECT v4 trend-serverprotect _AddTaskExportLogItem attempt (netbios.rules) 12324 <-> NETBIOS DCERPC DIRECT trend-serverprotect _AddTaskExportLogItem little endian attempt (netbios.rules) 12325 <-> NETBIOS DCERPC DIRECT v4 trend-serverprotect _AddTaskExportLogItem little endian attempt (netbios.rules) 12326 <-> NETBIOS DCERPC DIRECT trend-serverprotect _AddTaskExportLogItem attempt (netbios.rules) 12327 <-> NETBIOS DCERPC DIRECT trend-serverprotect _AddTaskExportLogItem little endian object call attempt (netbios.rules) 12328 <-> NETBIOS DCERPC DIRECT trend-serverprotect _AddTaskExportLogItem object call attempt (netbios.rules) 12329 <-> NETBIOS DCERPC DIRECT v4 trend-serverprotect _TakeActionOnAFile attempt (netbios.rules) 12330 <-> NETBIOS DCERPC DIRECT trend-serverprotect _TakeActionOnAFile little endian attempt (netbios.rules) 12331 <-> NETBIOS DCERPC DIRECT v4 trend-serverprotect _TakeActionOnAFile little endian attempt (netbios.rules) 12332 <-> NETBIOS DCERPC DIRECT trend-serverprotect _TakeActionOnAFile attempt (netbios.rules) 12333 <-> NETBIOS DCERPC DIRECT trend-serverprotect _TakeActionOnAFile little endian object call attempt (netbios.rules) 12334 <-> NETBIOS DCERPC DIRECT trend-serverprotect _TakeActionOnAFile object call attempt (netbios.rules) 12335 <-> NETBIOS DCERPC DIRECT v4 trend-serverprotect Trent_req_num_30010 overflow attempt (netbios.rules) 12336 <-> NETBIOS DCERPC DIRECT trend-serverprotect Trent_req_num_30010 overflow attempt (netbios.rules) 12337 <-> NETBIOS DCERPC DIRECT trend-serverprotect Trent_req_num_30010 little endian overflow attempt (netbios.rules) 12338 <-> NETBIOS DCERPC DIRECT v4 trend-serverprotect Trent_req_num_30010 little endian overflow attempt (netbios.rules) 12339 <-> NETBIOS DCERPC DIRECT trend-serverprotect Trent_req_num_30010 object call overflow attempt (netbios.rules) 12340 <-> NETBIOS DCERPC DIRECT trend-serverprotect Trent_req_num_30010 little endian object call overflow attempt (netbios.rules) 12341 <-> NETBIOS DCERPC DIRECT trend-serverprotect Trent_req_num_a0030 little endian attempt (netbios.rules) 12342 <-> NETBIOS DCERPC DIRECT v4 trend-serverprotect Trent_req_num_a0030 attempt (netbios.rules) 12343 <-> NETBIOS DCERPC DIRECT trend-serverprotect Trent_req_num_a0030 attempt (netbios.rules) 12344 <-> NETBIOS DCERPC DIRECT v4 trend-serverprotect Trent_req_num_a0030 little endian attempt (netbios.rules) 12345 <-> NETBIOS DCERPC DIRECT trend-serverprotect Trent_req_num_a0030 little endian object call attempt (netbios.rules) 12346 <-> NETBIOS DCERPC DIRECT trend-serverprotect Trent_req_num_a0030 object call attempt (netbios.rules) 12347 <-> NETBIOS DCERPC DIRECT v4 trend-serverprotect _SetSvcImpersonateUser little endian attempt (netbios.rules) 12348 <-> NETBIOS DCERPC DIRECT trend-serverprotect _SetSvcImpersonateUser little endian attempt (netbios.rules) 12349 <-> NETBIOS DCERPC DIRECT v4 trend-serverprotect _SetSvcImpersonateUser attempt (netbios.rules) 12350 <-> NETBIOS DCERPC DIRECT trend-serverprotect _SetSvcImpersonateUser attempt (netbios.rules) 12351 <-> NETBIOS DCERPC DIRECT trend-serverprotect _SetSvcImpersonateUser little endian object call attempt (netbios.rules) 12352 <-> NETBIOS DCERPC DIRECT trend-serverprotect _SetSvcImpersonateUser object call attempt (netbios.rules) 13289 <-> WEB-CLIENT Gatway CWebLaunchCtl ActiveX clsid access (web-client.rules) 13290 <-> WEB-CLIENT Gatway CWebLaunchCtl ActiveX clsid unicode access (web-client.rules) 13293 <-> WEB-CLIENT QuickTime panorama atoms buffer overflow attempt (web-client.rules)
