Sourcefire VRT Rules Update

Date: 2007-08-01

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2.7.

The format of the file is:

sid - Message (rule group)

New rules:
11620 <-> WEB-CLIENT DXImageTransform.Microsoft.Chroma ActiveX function call access (web-client.rules)
11621 <-> WEB-CLIENT DXImageTransform.Microsoft.Chroma ActiveX function call unicode access (web-client.rules)
11622 <-> WEB-CLIENT Microsoft Office 2000 OUACTR ActiveX clsid access (web-client.rules)
11623 <-> WEB-CLIENT Microsoft Office 2000 OUACTR ActiveX clsid unicode access (web-client.rules)
11624 <-> WEB-CLIENT LeadTools ISIS ActiveX clsid access (web-client.rules)
11625 <-> WEB-CLIENT LeadTools ISIS ActiveX clsid unicode access (web-client.rules)
11626 <-> WEB-CLIENT LeadTools ISIS ActiveX function call access (web-client.rules)
11627 <-> WEB-CLIENT LeadTools ISIS ActiveX function call unicode access (web-client.rules)
11628 <-> WEB-CLIENT LeadTools JPEG 2000 COM Object ActiveX function call access (web-client.rules)
11629 <-> WEB-CLIENT LeadTools JPEG 2000 COM Object ActiveX function call unicode access (web-client.rules)
11630 <-> WEB-CLIENT LeadTools Raster Dialog File Object ActiveX clsid access (web-client.rules)
11631 <-> WEB-CLIENT LeadTools Raster Dialog File Object ActiveX clsid unicode access (web-client.rules)
11632 <-> WEB-CLIENT LeadTools Raster Dialog File Object ActiveX function call access (web-client.rules)
11633 <-> WEB-CLIENT LeadTools Raster Dialog File Object ActiveX function call unicode access (web-client.rules)
11634 <-> WEB-CLIENT LeadTools Raster Dialog File_D Object ActiveX clsid access (web-client.rules)
11635 <-> WEB-CLIENT LeadTools Raster Dialog File_D Object ActiveX clsid unicode access (web-client.rules)
11636 <-> WEB-CLIENT LeadTools Raster Dialog File_D Object ActiveX function call access (web-client.rules)
11637 <-> WEB-CLIENT LeadTools Raster Dialog File_D Object ActiveX function call unicode access (web-client.rules)
11638 <-> WEB-CLIENT LeadTools Raster Document Object Library ActiveX clsid access (web-client.rules)
11639 <-> WEB-CLIENT LeadTools Raster Document Object Library ActiveX clsid unicode access (web-client.rules)
11640 <-> WEB-CLIENT LeadTools Raster Document Object Library ActiveX function call access (web-client.rules)
11641 <-> WEB-CLIENT LeadTools Raster Document Object Library ActiveX function call unicode access (web-client.rules)
11642 <-> WEB-CLIENT LeadTools Raster ISIS Object ActiveX clsid access (web-client.rules)
11643 <-> WEB-CLIENT LeadTools Raster ISIS Object ActiveX clsid unicode access (web-client.rules)
11644 <-> WEB-CLIENT LeadTools Raster ISIS Object ActiveX function call access (web-client.rules)
11645 <-> WEB-CLIENT LeadTools Raster ISIS Object ActiveX function call unicode access (web-client.rules)
11646 <-> WEB-CLIENT LeadTools Raster Thumbnail Object Library ActiveX clsid access (web-client.rules)
11647 <-> WEB-CLIENT LeadTools Raster Thumbnail Object Library ActiveX clsid unicode access (web-client.rules)
11648 <-> WEB-CLIENT LeadTools Raster Thumbnail Object Library ActiveX function call access (web-client.rules)
11649 <-> WEB-CLIENT LeadTools Raster Thumbnail Object Library ActiveX function call unicode access (web-client.rules)
11650 <-> WEB-CLIENT LeadTools Raster Variant Object Library ActiveX clsid access (web-client.rules)
11651 <-> WEB-CLIENT LeadTools Raster Variant Object Library ActiveX clsid unicode access (web-client.rules)
11652 <-> WEB-CLIENT LeadTools Raster Variant Object Library ActiveX function call access (web-client.rules)
11653 <-> WEB-CLIENT LeadTools Raster Variant Object Library ActiveX function call unicode access (web-client.rules)
11654 <-> WEB-CLIENT LeadTools Thumbnail Browser Control ActiveX clsid access (web-client.rules)
11655 <-> WEB-CLIENT LeadTools Thumbnail Browser Control ActiveX clsid unicode access (web-client.rules)
11656 <-> WEB-CLIENT LeadTools Thumbnail Browser Control ActiveX function call access (web-client.rules)
11657 <-> WEB-CLIENT LeadTools Thumbnail Browser Control ActiveX function call unicode access (web-client.rules)
11658 <-> WEB-CLIENT Dart ZipLite Compression ActiveX clsid access (web-client.rules)
11659 <-> WEB-CLIENT Dart ZipLite Compression ActiveX clsid unicode access (web-client.rules)
11660 <-> WEB-CLIENT EDraw Office Viewer ActiveX clsid access (web-client.rules)
11661 <-> WEB-CLIENT EDraw Office Viewer ActiveX clsid unicode access (web-client.rules)
11662 <-> WEB-CLIENT EDraw Office Viewer ActiveX function call access (web-client.rules)
11663 <-> WEB-CLIENT EDraw Office Viewer ActiveX function call unicode access (web-client.rules)
11664 <-> WEB-PHP sphpblog password.txt access attempt (web-php.rules)
11665 <-> WEB-PHP sphpblog install03_cgi access attempt (web-php.rules)
11666 <-> WEB-PHP sphpblog upload_img_cgi access attempt (web-php.rules)
11667 <-> WEB-PHP sphpblog arbitrary file delete attempt (web-php.rules)
11668 <-> WEB-PHP vbulletin php code injection (web-php.rules)
11669 <-> SPECIFIC-THREATS Eudora 250 command response buffer overflow attempt (specific-threats.rules)
11670 <-> EXPLOIT Symantec Discovery logging buffer overflow (exploit.rules)
11671 <-> WEB-MISC SSLv2 Server_Hello request from SSLv3 Client_Hello request (web-misc.rules)
11673 <-> WEB-CLIENT Zenturi ProgramChecker ActiveX clsid access (web-client.rules)
11674 <-> WEB-CLIENT Zenturi ProgramChecker ActiveX clsid unicode access (web-client.rules)
11675 <-> WEB-CLIENT Zenturi ProgramChecker ActiveX function call access (web-client.rules)
11676 <-> WEB-CLIENT Zenturi ProgramChecker ActiveX function call unicode access (web-client.rules)
11677 <-> WEB-CLIENT Provideo Camimage Class ISSCamControl ActiveX clsid access (web-client.rules)
11678 <-> WEB-CLIENT Provideo Camimage Class ISSCamControl ActiveX clsid unicode access (web-client.rules)
11679 <-> WEB-MISC Apache mod_rewrite buffer overflow attempt (web-misc.rules)
11680 <-> MISC Sun Java web proxy sockd buffer overflow attempt (misc.rules)
11681 <-> EXPLOIT Openview Omni II command bypass attempt (exploit.rules)
11682 <-> SPECIFIC-THREATS Metasploit niprint_lpd module attack attempt (specific-threats.rules)
11683 <-> SPECIFIC-THREATS CA BrightStor Agent for Microsoft SQL overflow attempt (specific-threats.rules)
11684 <-> EXPLOIT WINS Overflow attempt (exploit.rules)
11685 <-> WEB-MISC Oracle iSQL Plus cross site scripting attempt (web-misc.rules)
11686 <-> SPECIFIC-THREATS WebDAV search overflow attempt (specific-threats.rules)
11687 <-> WEB-MISC Apache SSI error page cross-site scripting (web-misc.rules)
11688 <-> NETBIOS SMB nddeapi bind attempt (netbios.rules)
11689 <-> NETBIOS SMB nddeapi unicode bind attempt (netbios.rules)
11690 <-> NETBIOS SMB nddeapi WriteAndX bind attempt (netbios.rules)
11691 <-> NETBIOS SMB nddeapi WriteAndX unicode bind attempt (netbios.rules)
11692 <-> NETBIOS SMB-DS nddeapi bind attempt (netbios.rules)
11693 <-> NETBIOS SMB-DS nddeapi WriteAndX bind attempt (netbios.rules)
11694 <-> NETBIOS SMB-DS nddeapi unicode bind attempt (netbios.rules)
11695 <-> NETBIOS SMB-DS nddeapi WriteAndX unicode bind attempt (netbios.rules)
11696 <-> NETBIOS SMB nddeapi little endian bind attempt (netbios.rules)
11697 <-> NETBIOS SMB nddeapi WriteAndX little endian bind attempt (netbios.rules)
11698 <-> NETBIOS SMB nddeapi unicode little endian bind attempt (netbios.rules)
11699 <-> NETBIOS SMB nddeapi WriteAndX unicode little endian bind attempt (netbios.rules)
11700 <-> NETBIOS SMB-DS nddeapi little endian bind attempt (netbios.rules)
11701 <-> NETBIOS SMB-DS nddeapi WriteAndX little endian bind attempt (netbios.rules)
11702 <-> NETBIOS SMB-DS nddeapi unicode little endian bind attempt (netbios.rules)
11703 <-> NETBIOS SMB-DS nddeapi WriteAndX unicode little endian bind attempt (netbios.rules)
11704 <-> NETBIOS SMB nddeapi andx alter context attempt (netbios.rules)
11705 <-> NETBIOS SMB nddeapi unicode andx alter context attempt (netbios.rules)
11706 <-> NETBIOS SMB nddeapi WriteAndX andx alter context attempt (netbios.rules)
11707 <-> NETBIOS SMB nddeapi WriteAndX unicode andx alter context attempt (netbios.rules)
11708 <-> NETBIOS SMB-DS nddeapi andx alter context attempt (netbios.rules)
11709 <-> NETBIOS SMB-DS nddeapi WriteAndX andx alter context attempt (netbios.rules)
11710 <-> NETBIOS SMB-DS nddeapi unicode andx alter context attempt (netbios.rules)
11711 <-> NETBIOS SMB-DS nddeapi WriteAndX unicode andx alter context attempt (netbios.rules)
11712 <-> NETBIOS SMB nddeapi little endian andx alter context attempt (netbios.rules)
11713 <-> NETBIOS SMB nddeapi WriteAndX little endian andx alter context attempt (netbios.rules)
11714 <-> NETBIOS SMB nddeapi unicode little endian andx alter context attempt (netbios.rules)
11715 <-> NETBIOS SMB nddeapi WriteAndX unicode little endian andx alter context attempt (netbios.rules)
11716 <-> NETBIOS SMB-DS nddeapi little endian andx alter context attempt (netbios.rules)
11717 <-> NETBIOS SMB-DS nddeapi WriteAndX little endian andx alter context attempt (netbios.rules)
11718 <-> NETBIOS SMB-DS nddeapi unicode little endian andx alter context attempt (netbios.rules)
11719 <-> NETBIOS SMB-DS nddeapi WriteAndX unicode little endian andx alter context attempt (netbios.rules)
11720 <-> NETBIOS SMB nddeapi andx bind attempt (netbios.rules)
11721 <-> NETBIOS SMB nddeapi unicode andx bind attempt (netbios.rules)
11722 <-> NETBIOS SMB nddeapi WriteAndX andx bind attempt (netbios.rules)
11723 <-> NETBIOS SMB nddeapi WriteAndX unicode andx bind attempt (netbios.rules)
11724 <-> NETBIOS SMB-DS nddeapi andx bind attempt (netbios.rules)
11725 <-> NETBIOS SMB-DS nddeapi WriteAndX andx bind attempt (netbios.rules)
11726 <-> NETBIOS SMB-DS nddeapi unicode andx bind attempt (netbios.rules)
11727 <-> NETBIOS SMB-DS nddeapi WriteAndX unicode andx bind attempt (netbios.rules)
11728 <-> NETBIOS SMB nddeapi little endian andx bind attempt (netbios.rules)
11729 <-> NETBIOS SMB nddeapi WriteAndX little endian andx bind attempt (netbios.rules)
11730 <-> NETBIOS SMB nddeapi unicode little endian andx bind attempt (netbios.rules)
11731 <-> NETBIOS SMB nddeapi WriteAndX unicode little endian andx bind attempt (netbios.rules)
11732 <-> NETBIOS SMB-DS nddeapi little endian andx bind attempt (netbios.rules)
11733 <-> NETBIOS SMB-DS nddeapi WriteAndX little endian andx bind attempt (netbios.rules)
11734 <-> NETBIOS SMB-DS nddeapi unicode little endian andx bind attempt (netbios.rules)
11735 <-> NETBIOS SMB-DS nddeapi WriteAndX unicode little endian andx bind attempt (netbios.rules)
11736 <-> NETBIOS SMB v4 nddeapi NDdeSetTrustedShareW WriteAndX unicode little endian overflow attempt (netbios.rules)
11737 <-> NETBIOS SMB v4 nddeapi NDdeSetTrustedShareW little endian overflow attempt (netbios.rules)
11738 <-> NETBIOS SMB v4 nddeapi NDdeSetTrustedShareW unicode overflow attempt (netbios.rules)
11739 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW WriteAndX overflow attempt (netbios.rules)
11740 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW WriteAndX unicode little endian overflow attempt (netbios.rules)
11741 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW unicode overflow attempt (netbios.rules)
11742 <-> NETBIOS SMB-DS v4 nddeapi NDdeSetTrustedShareW WriteAndX unicode overflow attempt (netbios.rules)
11743 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW WriteAndX unicode overflow attempt (netbios.rules)
11744 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW overflow attempt (netbios.rules)
11745 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW WriteAndX overflow attempt (netbios.rules)
11746 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW unicode overflow attempt (netbios.rules)
11747 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW WriteAndX unicode overflow attempt (netbios.rules)
11748 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW unicode little endian overflow attempt (netbios.rules)
11749 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW WriteAndX unicode little endian overflow attempt (netbios.rules)
11750 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW little endian overflow attempt (netbios.rules)
11751 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW unicode little endian overflow attempt (netbios.rules)
11752 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW WriteAndX little endian object call overflow attempt (netbios.rules)
11753 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW object call overflow attempt (netbios.rules)
11754 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW WriteAndX little endian object call overflow attempt (netbios.rules)
11755 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW little endian object call overflow attempt (netbios.rules)
11756 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW WriteAndX object call overflow attempt (netbios.rules)
11757 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW WriteAndX unicode little endian object call overflow attempt (netbios.rules)
11758 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW unicode object call overflow attempt (netbios.rules)
11759 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW WriteAndX unicode object call overflow attempt (netbios.rules)
11760 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW object call overflow attempt (netbios.rules)
11761 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW WriteAndX object call overflow attempt (netbios.rules)
11762 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW unicode object call overflow attempt (netbios.rules)
11763 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW WriteAndX unicode object call overflow attempt (netbios.rules)
11764 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW unicode little endian object call overflow attempt (netbios.rules)
11765 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW WriteAndX unicode little endian object call overflow attempt (netbios.rules)
11766 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW little endian object call overflow attempt (netbios.rules)
11767 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW unicode little endian object call overflow attempt (netbios.rules)
11768 <-> NETBIOS SMB-DS v4 nddeapi NDdeSetTrustedShareW WriteAndX unicode little endian andx overflow attempt (netbios.rules)
11769 <-> NETBIOS SMB v4 nddeapi NDdeSetTrustedShareW WriteAndX little endian andx overflow attempt (netbios.rules)
11770 <-> NETBIOS SMB-DS v4 nddeapi NDdeSetTrustedShareW unicode little endian andx overflow attempt (netbios.rules)
11771 <-> NETBIOS SMB v4 nddeapi NDdeSetTrustedShareW WriteAndX andx overflow attempt (netbios.rules)
11772 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW WriteAndX little endian andx overflow attempt (netbios.rules)
11773 <-> NETBIOS SMB-DS v4 nddeapi NDdeSetTrustedShareW unicode andx overflow attempt (netbios.rules)
11774 <-> NETBIOS SMB v4 nddeapi NDdeSetTrustedShareW andx overflow attempt (netbios.rules)
11775 <-> NETBIOS SMB v4 nddeapi NDdeSetTrustedShareW WriteAndX unicode andx overflow attempt (netbios.rules)
11776 <-> NETBIOS SMB-DS v4 nddeapi NDdeSetTrustedShareW andx overflow attempt (netbios.rules)
11777 <-> NETBIOS SMB-DS v4 nddeapi NDdeSetTrustedShareW WriteAndX andx overflow attempt (netbios.rules)
11778 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW andx overflow attempt (netbios.rules)
11779 <-> NETBIOS SMB v4 nddeapi NDdeSetTrustedShareW unicode little endian andx overflow attempt (netbios.rules)
11780 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW WriteAndX little endian andx overflow attempt (netbios.rules)
11781 <-> NETBIOS SMB-DS v4 nddeapi NDdeSetTrustedShareW little endian andx overflow attempt (netbios.rules)
11782 <-> NETBIOS SMB-DS v4 nddeapi NDdeSetTrustedShareW WriteAndX little endian andx overflow attempt (netbios.rules)
11783 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW little endian andx overflow attempt (netbios.rules)
11784 <-> NETBIOS SMB v4 nddeapi NDdeSetTrustedShareW WriteAndX unicode little endian andx overflow attempt (netbios.rules)
11785 <-> NETBIOS SMB v4 nddeapi NDdeSetTrustedShareW little endian andx overflow attempt (netbios.rules)
11786 <-> NETBIOS SMB v4 nddeapi NDdeSetTrustedShareW unicode andx overflow attempt (netbios.rules)
11787 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW WriteAndX andx overflow attempt (netbios.rules)
11788 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW WriteAndX unicode little endian andx overflow attempt (netbios.rules)
11789 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW unicode andx overflow attempt (netbios.rules)
11790 <-> NETBIOS SMB-DS v4 nddeapi NDdeSetTrustedShareW WriteAndX unicode andx overflow attempt (netbios.rules)
11791 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW WriteAndX unicode andx overflow attempt (netbios.rules)
11792 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW andx overflow attempt (netbios.rules)
11793 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW WriteAndX andx overflow attempt (netbios.rules)
11794 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW unicode andx overflow attempt (netbios.rules)
11795 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW WriteAndX unicode andx overflow attempt (netbios.rules)
11796 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW unicode little endian andx overflow attempt (netbios.rules)
11797 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW WriteAndX unicode little endian andx overflow attempt (netbios.rules)
11798 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW little endian andx overflow attempt (netbios.rules)
11799 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW unicode little endian andx overflow attempt (netbios.rules)
11800 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW WriteAndX little endian andx object call overflow attempt (netbios.rules)
11801 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW andx object call overflow attempt (netbios.rules)
11802 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW WriteAndX little endian andx object call overflow attempt (netbios.rules)
11803 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW little endian andx object call overflow attempt (netbios.rules)
11804 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW WriteAndX andx object call overflow attempt (netbios.rules)
11805 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW WriteAndX unicode little endian andx object call overflow attempt (netbios.rules)
11806 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW unicode andx object call overflow attempt (netbios.rules)
11807 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW WriteAndX unicode andx object call overflow attempt (netbios.rules)
11808 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW andx object call overflow attempt (netbios.rules)
11809 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW WriteAndX andx object call overflow attempt (netbios.rules)
11810 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW unicode andx object call overflow attempt (netbios.rules)
11811 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW WriteAndX unicode andx object call overflow attempt (netbios.rules)
11812 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW unicode little endian andx object call overflow attempt (netbios.rules)
11813 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW WriteAndX unicode little endian andx object call overflow attempt (netbios.rules)
11814 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW little endian andx object call overflow attempt (netbios.rules)
11815 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW unicode little endian andx object call overflow attempt (netbios.rules)
11816 <-> NETBIOS Session Service NetDDE attack (netbios.rules)
11817 <-> WEB-CGI WhatsUpGold configuration access (web-cgi.rules)
11818 <-> WEB-CLIENT Yahoo Webcam Viewer Wrapper ActiveX clsid access (web-client.rules)
11819 <-> WEB-CLIENT Yahoo Webcam Viewer Wrapper ActiveX clsid unicode access (web-client.rules)
11820 <-> WEB-CLIENT Yahoo Webcam Viewer Wrapper ActiveX function call access (web-client.rules)
11821 <-> WEB-CLIENT Yahoo Webcam Viewer Wrapper ActiveX function call unicode access (web-client.rules)
11822 <-> WEB-CLIENT Yahoo Webcam Upload ActiveX clsid access (web-client.rules)
11823 <-> WEB-CLIENT Yahoo Webcam Upload ActiveX clsid unicode access (web-client.rules)
11824 <-> WEB-CLIENT Yahoo Webcam Upload ActiveX function call access (web-client.rules)
11825 <-> WEB-CLIENT Yahoo Webcam Upload ActiveX function call unicode access (web-client.rules)
11826 <-> WEB-CLIENT Microsoft Voice Control ActiveX clsid access (web-client.rules)
11827 <-> WEB-CLIENT Microsoft Voice Control ActiveX clsid unicode access (web-client.rules)
11828 <-> WEB-CLIENT Microsoft Voice Control ActiveX function call access (web-client.rules)
11829 <-> WEB-CLIENT Microsoft Voice Control ActiveX function call unicode access (web-client.rules)
11830 <-> WEB-CLIENT Microsoft Direct Speech Recognition ActiveX clsid access (web-client.rules)
11831 <-> WEB-CLIENT Microsoft Direct Speech Recognition ActiveX clsid unicode access (web-client.rules)
11832 <-> WEB-CLIENT Microsoft Direct Speech Recognition ActiveX function call access (web-client.rules)
11833 <-> WEB-CLIENT Microsoft Direct Speech Recognition ActiveX function call unicode access (web-client.rules)
11834 <-> WEB-MISC Internet Explorer navcancl.htm url spoofing attempt (web-misc.rules)
11835 <-> POLICY Visio file download (policy.rules)
11836 <-> MISC Visio version number anomaly (misc.rules)
11837 <-> SMTP MS Windows Mail UNC navigation remote command execution (smtp.rules)
11838 <-> WEB-MISC Win32 API res buffer overflow attempt (web-misc.rules)
11839 <-> WEB-CLIENT TEC-IT TBarCode ActiveX clsid access (web-client.rules)
11840 <-> WEB-CLIENT TEC-IT TBarCode ActiveX clsid unicode access (web-client.rules)
11841 <-> WEB-CLIENT TEC-IT TBarCode ActiveX function call access (web-client.rules)
11842 <-> WEB-CLIENT TEC-IT TBarCode ActiveX function call unicode access (web-client.rules)
11843 <-> NETBIOS SMB spoolss AddPrinter unicode little endian object call overflow attempt (netbios.rules)
11844 <-> NETBIOS SMB spoolss AddPrinter WriteAndX little endian object call overflow attempt (netbios.rules)
11845 <-> NETBIOS SMB spoolss AddPrinter WriteAndX unicode little endian object call overflow attempt (netbios.rules)
11846 <-> NETBIOS SMB-DS spoolss AddPrinter unicode little endian object call overflow attempt (netbios.rules)
11847 <-> NETBIOS SMB-DS spoolss AddPrinter little endian object call overflow attempt (netbios.rules)
11848 <-> NETBIOS SMB-DS spoolss AddPrinter WriteAndX unicode object call overflow attempt (netbios.rules)
11849 <-> NETBIOS SMB-DS spoolss AddPrinter WriteAndX little endian object call overflow attempt (netbios.rules)
11850 <-> NETBIOS SMB-DS spoolss AddPrinter WriteAndX unicode little endian object call overflow attempt (netbios.rules)
11851 <-> NETBIOS SMB-DS v4 spoolss AddPrinter WriteAndX unicode overflow attempt (netbios.rules)
11852 <-> NETBIOS SMB spoolss AddPrinter unicode overflow attempt (netbios.rules)
11853 <-> NETBIOS SMB spoolss AddPrinter unicode little endian overflow attempt (netbios.rules)
11854 <-> NETBIOS SMB-DS spoolss AddPrinter WriteAndX object call overflow attempt (netbios.rules)
11855 <-> NETBIOS SMB-DS v4 spoolss AddPrinter WriteAndX little endian overflow attempt (netbios.rules)
11856 <-> NETBIOS SMB-DS v4 spoolss AddPrinter overflow attempt (netbios.rules)
11857 <-> NETBIOS SMB spoolss AddPrinter little endian overflow attempt (netbios.rules)
11858 <-> NETBIOS SMB v4 spoolss AddPrinter WriteAndX unicode overflow attempt (netbios.rules)
11859 <-> NETBIOS SMB v4 spoolss AddPrinter unicode overflow attempt (netbios.rules)
11860 <-> NETBIOS SMB v4 spoolss AddPrinter WriteAndX overflow attempt (netbios.rules)
11861 <-> NETBIOS SMB v4 spoolss AddPrinter overflow attempt (netbios.rules)
11862 <-> NETBIOS SMB-DS v4 spoolss AddPrinter WriteAndX overflow attempt (netbios.rules)
11863 <-> NETBIOS SMB-DS v4 spoolss AddPrinter unicode overflow attempt (netbios.rules)
11864 <-> NETBIOS SMB-DS v4 spoolss AddPrinter little endian overflow attempt (netbios.rules)
11865 <-> NETBIOS SMB v4 spoolss AddPrinter WriteAndX little endian overflow attempt (netbios.rules)
11866 <-> NETBIOS SMB v4 spoolss AddPrinter little endian overflow attempt (netbios.rules)
11867 <-> NETBIOS SMB-DS v4 spoolss AddPrinter unicode little endian overflow attempt (netbios.rules)
11868 <-> NETBIOS SMB v4 spoolss AddPrinter WriteAndX unicode little endian overflow attempt (netbios.rules)
11869 <-> NETBIOS SMB v4 spoolss AddPrinter unicode little endian overflow attempt (netbios.rules)
11870 <-> NETBIOS SMB-DS spoolss AddPrinter overflow attempt (netbios.rules)
11871 <-> NETBIOS SMB-DS v4 spoolss AddPrinter WriteAndX unicode little endian overflow attempt (netbios.rules)
11872 <-> NETBIOS SMB spoolss AddPrinter WriteAndX overflow attempt (netbios.rules)
11873 <-> NETBIOS SMB spoolss AddPrinter overflow attempt (netbios.rules)
11874 <-> NETBIOS SMB-DS spoolss AddPrinter unicode overflow attempt (netbios.rules)
11875 <-> NETBIOS SMB-DS spoolss AddPrinter WriteAndX overflow attempt (netbios.rules)
11876 <-> NETBIOS SMB-DS spoolss AddPrinter WriteAndX unicode overflow attempt (netbios.rules)
11877 <-> NETBIOS SMB spoolss AddPrinter WriteAndX unicode overflow attempt (netbios.rules)
11878 <-> NETBIOS SMB-DS spoolss AddPrinter unicode little endian overflow attempt (netbios.rules)
11879 <-> NETBIOS SMB-DS spoolss AddPrinter little endian overflow attempt (netbios.rules)
11880 <-> NETBIOS SMB spoolss AddPrinter WriteAndX little endian overflow attempt (netbios.rules)
11881 <-> NETBIOS SMB spoolss AddPrinter WriteAndX unicode little endian overflow attempt (netbios.rules)
11882 <-> NETBIOS SMB-DS spoolss AddPrinter WriteAndX unicode little endian overflow attempt (netbios.rules)
11883 <-> NETBIOS SMB-DS spoolss AddPrinter WriteAndX little endian overflow attempt (netbios.rules)
11884 <-> NETBIOS SMB spoolss AddPrinter little endian object call overflow attempt (netbios.rules)
11885 <-> NETBIOS SMB-DS spoolss AddPrinter object call overflow attempt (netbios.rules)
11886 <-> NETBIOS SMB spoolss AddPrinter WriteAndX object call overflow attempt (netbios.rules)
11887 <-> NETBIOS SMB spoolss AddPrinter unicode object call overflow attempt (netbios.rules)
11888 <-> NETBIOS SMB-DS spoolss AddPrinter unicode object call overflow attempt (netbios.rules)
11889 <-> NETBIOS SMB spoolss AddPrinter object call overflow attempt (netbios.rules)
11890 <-> NETBIOS SMB spoolss AddPrinter WriteAndX unicode object call overflow attempt (netbios.rules)
11891 <-> NETBIOS SMB spoolss AddPrinter unicode little endian andx object call overflow attempt (netbios.rules)
11892 <-> NETBIOS SMB spoolss AddPrinter WriteAndX little endian andx object call overflow attempt (netbios.rules)
11893 <-> NETBIOS SMB spoolss AddPrinter WriteAndX unicode little endian andx object call overflow attempt (netbios.rules)
11894 <-> NETBIOS SMB-DS spoolss AddPrinter unicode little endian andx object call overflow attempt (netbios.rules)
11895 <-> NETBIOS SMB-DS spoolss AddPrinter little endian andx object call overflow attempt (netbios.rules)
11896 <-> NETBIOS SMB-DS spoolss AddPrinter WriteAndX unicode andx object call overflow attempt (netbios.rules)
11897 <-> NETBIOS SMB-DS spoolss AddPrinter WriteAndX little endian andx object call overflow attempt (netbios.rules)
11898 <-> NETBIOS SMB-DS spoolss AddPrinter WriteAndX unicode little endian andx object call overflow attempt (netbios.rules)
11899 <-> NETBIOS SMB-DS v4 spoolss AddPrinter WriteAndX unicode andx overflow attempt (netbios.rules)
11900 <-> NETBIOS SMB spoolss AddPrinter unicode andx overflow attempt (netbios.rules)
11901 <-> NETBIOS SMB spoolss AddPrinter unicode little endian andx overflow attempt (netbios.rules)
11902 <-> NETBIOS SMB-DS spoolss AddPrinter WriteAndX andx object call overflow attempt (netbios.rules)
11903 <-> NETBIOS SMB-DS v4 spoolss AddPrinter WriteAndX little endian andx overflow attempt (netbios.rules)
11904 <-> NETBIOS SMB-DS v4 spoolss AddPrinter andx overflow attempt (netbios.rules)
11905 <-> NETBIOS SMB spoolss AddPrinter little endian andx overflow attempt (netbios.rules)
11906 <-> NETBIOS SMB v4 spoolss AddPrinter WriteAndX unicode andx overflow attempt (netbios.rules)
11907 <-> NETBIOS SMB v4 spoolss AddPrinter unicode andx overflow attempt (netbios.rules)
11908 <-> NETBIOS SMB v4 spoolss AddPrinter WriteAndX andx overflow attempt (netbios.rules)
11909 <-> NETBIOS SMB v4 spoolss AddPrinter andx overflow attempt (netbios.rules)
11910 <-> NETBIOS SMB-DS v4 spoolss AddPrinter WriteAndX andx overflow attempt (netbios.rules)
11911 <-> NETBIOS SMB-DS v4 spoolss AddPrinter unicode andx overflow attempt (netbios.rules)
11912 <-> NETBIOS SMB-DS v4 spoolss AddPrinter little endian andx overflow attempt (netbios.rules)
11913 <-> NETBIOS SMB v4 spoolss AddPrinter WriteAndX little endian andx overflow attempt (netbios.rules)
11914 <-> NETBIOS SMB v4 spoolss AddPrinter little endian andx overflow attempt (netbios.rules)
11915 <-> NETBIOS SMB-DS v4 spoolss AddPrinter unicode little endian andx overflow attempt (netbios.rules)
11916 <-> NETBIOS SMB v4 spoolss AddPrinter WriteAndX unicode little endian andx overflow attempt (netbios.rules)
11917 <-> NETBIOS SMB v4 spoolss AddPrinter unicode little endian andx overflow attempt (netbios.rules)
11918 <-> NETBIOS SMB-DS spoolss AddPrinter andx overflow attempt (netbios.rules)
11919 <-> NETBIOS SMB-DS v4 spoolss AddPrinter WriteAndX unicode little endian andx overflow attempt (netbios.rules)
11920 <-> NETBIOS SMB spoolss AddPrinter WriteAndX andx overflow attempt (netbios.rules)
11921 <-> NETBIOS SMB spoolss AddPrinter andx overflow attempt (netbios.rules)
11922 <-> NETBIOS SMB-DS spoolss AddPrinter unicode andx overflow attempt (netbios.rules)
11923 <-> NETBIOS SMB-DS spoolss AddPrinter WriteAndX andx overflow attempt (netbios.rules)
11924 <-> NETBIOS SMB-DS spoolss AddPrinter WriteAndX unicode andx overflow attempt (netbios.rules)
11925 <-> NETBIOS SMB spoolss AddPrinter WriteAndX unicode andx overflow attempt (netbios.rules)
11926 <-> NETBIOS SMB-DS spoolss AddPrinter unicode little endian andx overflow attempt (netbios.rules)
11927 <-> NETBIOS SMB-DS spoolss AddPrinter little endian andx overflow attempt (netbios.rules)
11928 <-> NETBIOS SMB spoolss AddPrinter WriteAndX little endian andx overflow attempt (netbios.rules)
11929 <-> NETBIOS SMB spoolss AddPrinter WriteAndX unicode little endian andx overflow attempt (netbios.rules)
11930 <-> NETBIOS SMB-DS spoolss AddPrinter WriteAndX unicode little endian andx overflow attempt (netbios.rules)
11931 <-> NETBIOS SMB-DS spoolss AddPrinter WriteAndX little endian andx overflow attempt (netbios.rules)
11932 <-> NETBIOS SMB spoolss AddPrinter little endian andx object call overflow attempt (netbios.rules)
11933 <-> NETBIOS SMB-DS spoolss AddPrinter andx object call overflow attempt (netbios.rules)
11934 <-> NETBIOS SMB spoolss AddPrinter WriteAndX andx object call overflow attempt (netbios.rules)
11935 <-> NETBIOS SMB spoolss AddPrinter unicode andx object call overflow attempt (netbios.rules)
11936 <-> NETBIOS SMB-DS spoolss AddPrinter unicode andx object call overflow attempt (netbios.rules)
11937 <-> NETBIOS SMB spoolss AddPrinter andx object call overflow attempt (netbios.rules)
11938 <-> NETBIOS SMB spoolss AddPrinter WriteAndX unicode andx object call overflow attempt (netbios.rules)
11939 <-> WEB-CLIENT Westbyte Internet Download Accelerator ActiveX clsid unicode access (web-client.rules)
11940 <-> WEB-CLIENT Westbyte Internet Download Accelerator ActiveX function call access (web-client.rules)
11941 <-> WEB-CLIENT Westbyte Internet Download Accelerator ActiveX function call unicode access (web-client.rules)
11942 <-> WEB-CLIENT Westbyte internet download accelerator ActiveX clsid access (web-client.rules)
11943 <-> WEB-CLIENT HP ModemUtil ActiveX clsid access (web-client.rules)
11944 <-> WEB-CLIENT HP ModemUtil ActiveX clsid unicode access (web-client.rules)
11945 <-> NETBIOS SMB Trans2 OPEN2 maximum param count overflow attempt (netbios.rules)
11946 <-> NETBIOS Datagram Service NetDDE attack (netbios.rules)
11947 <-> WEB-CLIENT Windows schannel security package (web-client.rules)
11948 <-> SPYWARE-PUT Hijacker snap toolbar runtime detection - cookie (spyware-put.rules)
11949 <-> BACKDOOR lame rat v1.0 runtime detection (backdoor.rules)
11950 <-> BACKDOOR killav_gj (backdoor.rules)
11951 <-> BACKDOOR winshadow runtime detection - init connection request (backdoor.rules)
11952 <-> BACKDOOR winshadow runtime detection - udp response (backdoor.rules)
11953 <-> BACKDOOR supervisor plus runtime detection (backdoor.rules)
11954 <-> BACKDOOR supervisor plus runtime detection (backdoor.rules)
11955 <-> NETBIOS SMB-DS Trans2 OPEN2 maximum param count overflow attempt (netbios.rules)
11956 <-> NETBIOS SMB-DS Trans2 OPEN2 unicode maximum param count overflow attempt (netbios.rules)
11957 <-> NETBIOS-DG SMB Trans2 OPEN2 maximum param count overflow attempt (netbios.rules)
11958 <-> NETBIOS-DG SMB Trans2 OPEN2 unicode maximum param count overflow attempt (netbios.rules)
11959 <-> NETBIOS SMB Trans2 OPEN2 andx maximum param count overflow attempt (netbios.rules)
11960 <-> NETBIOS SMB Trans2 OPEN2 unicode andx maximum param count overflow attempt (netbios.rules)
11961 <-> NETBIOS SMB-DS Trans2 OPEN2 andx maximum param count overflow attempt (netbios.rules)
11962 <-> NETBIOS SMB-DS Trans2 OPEN2 unicode andx maximum param count overflow attempt (netbios.rules)
11963 <-> NETBIOS-DG SMB Trans2 OPEN2 andx maximum param count overflow attempt (netbios.rules)
11964 <-> NETBIOS-DG SMB Trans2 OPEN2 unicode andx maximum param count overflow attempt (netbios.rules)
11965 <-> WEB-MISC SSLv2 Server_Hello request from TLSv1 Client_Hello request (web-misc.rules)
11966 <-> WEB-CLIENT Microsoft Internet Explorer CSS tag memory corruption attempt (web-client.rules)
11967 <-> WEB-CLIENT Microsoft Office Data Source Control 11.0 ActiveX function call unicode access (web-client.rules)
12009 <-> SQL Firebird SQL Fbserver Buffer Overflow (sql.rules)
12010 <-> WEB-CLIENT RKD Software BarCode ActiveX clsid access (web-client.rules)
12011 <-> WEB-CLIENT RKD Software BarCode ActiveX clsid unicode access (web-client.rules)
12012 <-> WEB-CLIENT RKD Software BarCode ActiveX function call access (web-client.rules)
12013 <-> WEB-CLIENT RKD Software BarCode ActiveX function call unicode access (web-client.rules)
12014 <-> WEB-MISC Internet Explorer navcancl.htm url spoofing attempt (web-misc.rules)
12015 <-> WEB-CLIENT NCTAudioStudio2 NCT WavChunksEditor ActiveX clsid access (web-client.rules)
12016 <-> WEB-CLIENT NCTAudioStudio2 NCT WavChunksEditor ActiveX clsid unicode access (web-client.rules)
12017 <-> WEB-CLIENT NCTAudioStudio2 NCT WavChunksEditor ActiveX function call access (web-client.rules)
12018 <-> WEB-CLIENT NCTAudioStudio2 NCT WavChunksEditor ActiveX function call unicode access (web-client.rules)
12019 <-> WEB-CLIENT NCTsoft NCTAudioFile2 NCTWMAFile ActiveX clsid access (web-client.rules)
12020 <-> WEB-CLIENT NCTsoft NCTAudioFile2 NCTWMAFile ActiveX clsid unicode access (web-client.rules)
12021 <-> WEB-CLIENT NCTsoft NCTAudioFile2 NCTWMAFile ActiveX function call access (web-client.rules)
12022 <-> WEB-CLIENT NCTsoft NCTAudioFile2 NCTWMAFile ActiveX function call unicode access (web-client.rules)
12023 <-> DELETED WEB-CLIENT RealPlayer Helix G2 Control ActiveX clsid access (deleted.rules)
12024 <-> DELETED WEB-CLIENT RealPlayer Helix G2 Control ActiveX clsid unicode access (deleted.rules)
12025 <-> DELETED WEB-CLIENT RealPlayer Helix G2 Control ActiveX function call access (deleted.rules)
12026 <-> DELETED WEB-CLIENT RealPlayer Helix G2 Control ActiveX function call unicode access (deleted.rules)
12027 <-> SQL Ingres Database uuid_from_char buffer overflow attempt (sql.rules)
12029 <-> WEB-CLIENT HP Digital Imaging hpqxml.dll ActiveX clsid access (web-client.rules)
12030 <-> WEB-CLIENT HP Digital Imaging hpqxml.dll ActiveX clsid unicode access (web-client.rules)
12043 <-> DOS Microsoft XML parser IIS WebDAV attack attempt (dos.rules)
12044 <-> ORACLE Oracle Web Cache denial of service attempt (oracle.rules)
12045 <-> ORACLE Oracle Web Cache denial of service attempt (oracle.rules)
12046 <-> RPC MIT Kerberos kadmind RPC Library unix authentication buffer overflow attempt (rpc.rules)
12047 <-> SPYWARE-PUT Adware yayad runtime detection (spyware-put.rules)
12048 <-> SPYWARE-PUT Keylogger computer Keylogger runtime detection (spyware-put.rules)
12049 <-> SPYWARE-PUT Keylogger apophis spy 1.0 runtime detection (spyware-put.rules)
12050 <-> SPYWARE-PUT Hijacker ez-greets toolbar runtime detection (spyware-put.rules)
12051 <-> BACKDOOR ultimate rat 2.1 runtime detection (backdoor.rules)
12052 <-> BACKDOOR the[x] 1.2 runtime detection - execute command (backdoor.rules)
12053 <-> BACKDOOR trail of destruction 2.0 runtime detection - get system info (backdoor.rules)
12054 <-> BACKDOOR tron runtime detection - init connection - flowbit set (backdoor.rules)
12055 <-> BACKDOOR tron runtime detection - init connection (backdoor.rules)
12056 <-> WEB-CGI WhatsUpGold instancename overflow attempt (web-cgi.rules)
12057 <-> WEB-CGI WhatsUpGold configuration access (web-cgi.rules)
12058 <-> SPECIFIC-THREATS Microsoft SPNEGO ASN.1 library heap corruption overflow attempt (specific-threats.rules)
12059 <-> WEB-MISC Oracle iSQL Plus cross site scripting attempt (web-misc.rules)
12060 <-> WEB-MISC Oracle iSQL Plus cross site scripting attempt (web-misc.rules)
12062 <-> WEB-CLIENT HP Instant Support ActiveX clsid access (web-client.rules)
12063 <-> WEB-CLIENT HP Instant Support ActiveX clsid unicode access (web-client.rules)
12064 <-> WEB-IIS w3svc _vti_bin null pointer dereference attempt (web-iis.rules)
12065 <-> POLICY Outbound Teredo traffic detected (policy.rules)
12066 <-> POLICY Inbound Teredo traffic detected (policy.rules)
12067 <-> POLICY Outbound Teredo traffic detected (policy.rules)
12068 <-> POLICY Inbound Teredo traffic detected (policy.rules)
12069 <-> EXPLOIT Microsoft Windows Active Directory Crafted LDAP ModifyRequest (exploit.rules)
12070 <-> EXPLOIT Microsoft Excel malformed version field (exploit.rules)
12075 <-> RPC MIT Kerberos kadmind rpc library uninitialized pointer arbitrary code execution attempt (rpc.rules)
12076 <-> DOS Ipswitch WS_FTP log server long unicode string (dos.rules)
12077 <-> BACKDOOR c99shell.php command request (backdoor.rules)
12078 <-> EXPLOIT CA BrightStor LGServer Heap Buffer Overflow (exploit.rules)
12079 <-> EXPLOIT CA BrightStor LGServer Stack Buffer Overflow (exploit.rules)
12080 <-> EXPLOIT Sun Solaris printd arbitrary file deletion vulnerability (exploit.rules)
12081 <-> EXPLOIT BakBone NetVault heap overflow attempt (exploit.rules)
12082 <-> ORACLE Oracle 9i TNS denial of service attempt (oracle.rules)
12083 <-> WEB-CLIENT Data Dynamics ActiveBar Actbar3 ActiveX clsid access (web-client.rules)
12084 <-> WEB-CLIENT Data Dynamics ActiveBar Actbar3 ActiveX clsid unicode access (web-client.rules)
12085 <-> WEB-CLIENT Data Dynamics ActiveBar Actbar3 ActiveX function call access (web-client.rules)
12086 <-> WEB-CLIENT Data Dynamics ActiveBar Actbar3 ActiveX function call unicode access (web-client.rules)
12087 <-> WEB-CLIENT McAfee NeoTrace ActiveX clsid access (web-client.rules)
12088 <-> WEB-CLIENT McAfee NeoTrace ActiveX clsid unicode access (web-client.rules)
12089 <-> WEB-CLIENT McAfee NeoTrace ActiveX function call access (web-client.rules)
12090 <-> WEB-CLIENT McAfee NeoTrace ActiveX function call unicode access (web-client.rules)
12091 <-> WEB-CLIENT EldoS SecureBlackbox PGPBBox ActiveX clsid access (web-client.rules)
12092 <-> WEB-CLIENT EldoS SecureBlackbox PGPBBox ActiveX clsid unicode access (web-client.rules)
12093 <-> WEB-CLIENT EldoS SecureBlackbox PGPBBox ActiveX function call access (web-client.rules)
12094 <-> WEB-CLIENT EldoS SecureBlackbox PGPBBox ActiveX function call unicode access (web-client.rules)
12095 <-> WEB-CLIENT Zenturi ProgramChecker ActiveX clsid access (web-client.rules)
12096 <-> WEB-CLIENT Zenturi ProgramChecker ActiveX clsid unicode access (web-client.rules)
12097 <-> WEB-CLIENT Zenturi ProgramChecker ActiveX function call access (web-client.rules)
12098 <-> WEB-CLIENT Zenturi ProgramChecker ActiveX function call unicode access (web-client.rules)
12099 <-> MISC Microsoft Excel rtWindow1 record handling arbitrary code execution attempt (misc.rules)
12100 <-> NETBIOS DCERPC DIRECT v4 ca-alert function 16 overflow attempt (netbios.rules)
12101 <-> NETBIOS DCERPC DIRECT v4 ca-alert function 16 little endian overflow attempt (netbios.rules)
12102 <-> NETBIOS DCERPC DIRECT ca-alert function 16 overflow attempt (netbios.rules)
12103 <-> NETBIOS DCERPC DIRECT ca-alert function 16 little endian overflow attempt (netbios.rules)
12104 <-> NETBIOS DCERPC DIRECT ca-alert function 16 object call overflow attempt (netbios.rules)
12105 <-> NETBIOS DCERPC DIRECT ca-alert function 16 little endian object call overflow attempt (netbios.rules)
12106 <-> NETBIOS DCERPC DIRECT v4 ca-alert function 23 overflow attempt (netbios.rules)
12107 <-> NETBIOS DCERPC DIRECT ca-alert function 23 little endian overflow attempt (netbios.rules)
12108 <-> NETBIOS DCERPC DIRECT v4 ca-alert function 23 little endian overflow attempt (netbios.rules)
12109 <-> NETBIOS DCERPC DIRECT ca-alert function 23 overflow attempt (netbios.rules)
12110 <-> NETBIOS DCERPC DIRECT ca-alert function 23 little endian object call overflow attempt (netbios.rules)
12111 <-> NETBIOS DCERPC DIRECT ca-alert function 23 object call overflow attempt (netbios.rules)
12114 <-> IMAP Ipswitch IMail search command buffer overflow attempt (imap.rules)
12115 <-> IMAP Ipswitch IMail search command buffer overflow attempt (imap.rules)
12116 <-> WEB-CLIENT Zenturi ProgramChecker SASATL ActiveX clsid access (web-client.rules)
12117 <-> WEB-CLIENT Zenturi ProgramChecker SASATL ActiveX clsid unicode access (web-client.rules)
12118 <-> WEB-CLIENT Zenturi ProgramChecker SASATL ActiveX function call access (web-client.rules)
12119 <-> WEB-CLIENT Zenturi ProgramChecker SASATL ActiveX function call unicode access (web-client.rules)
12120 <-> SPYWARE-PUT Adware pprich runtime detection - version check (spyware-put.rules)
12121 <-> SPYWARE-PUT Adware pprich runtime detection - udp info sent out (spyware-put.rules)
12122 <-> SPYWARE-PUT Trackware spynova runtime detection (spyware-put.rules)
12123 <-> SPYWARE-PUT Hijacker lookquick runtime detection - hijack ie (spyware-put.rules)
12124 <-> SPYWARE-PUT Hijacker lookquick runtime detection - monitor and collect user info (spyware-put.rules)
12125 <-> SPYWARE-PUT Trackware lookster toolbar runtime detection - hijack ie search assistant (spyware-put.rules)
12126 <-> SPYWARE-PUT Trackware lookster toolbar runtime detection - collect user information (spyware-put.rules)
12127 <-> SPYWARE-PUT Trackware lookster toolbar runtime detection - ads (spyware-put.rules)
12128 <-> SPYWARE-PUT Keylogger remotekeylog.b runtime detection - init connection (spyware-put.rules)
12129 <-> SPYWARE-PUT Keylogger remotekeylog.b runtime detection - get sys info (spyware-put.rules)
12130 <-> SPYWARE-PUT Keylogger remotekeylog.b runtime detection - get sys info (spyware-put.rules)
12131 <-> SPYWARE-PUT Keylogger remotekeylog.b runtime detection - keylogging (spyware-put.rules)
12132 <-> SPYWARE-PUT Keylogger remotekeylog.b runtime detection - keylogging (spyware-put.rules)
12133 <-> SPYWARE-PUT Keylogger remotekeylog.b runtime detection - open url (spyware-put.rules)
12134 <-> SPYWARE-PUT Keylogger remotekeylog.b runtime detection - open url (spyware-put.rules)
12135 <-> SPYWARE-PUT Keylogger remotekeylog.b runtime detection - fun (spyware-put.rules)
12136 <-> SPYWARE-PUT Keylogger remotekeylog.b runtime detection - fun (spyware-put.rules)
12137 <-> SPYWARE-PUT Keylogger Keylogger king home 2.3 runtime detection (spyware-put.rules)
12138 <-> SPYWARE-PUT Adware zamingo runtime detection (spyware-put.rules)
12139 <-> SPYWARE-PUT Trackware stealth website logger 3.4 runtime detection (spyware-put.rules)
12140 <-> SPYWARE-PUT Hijacker cnnic update runtime detection (spyware-put.rules)
12141 <-> SPYWARE-PUT Keylogger logit v1.0 runtime detection (spyware-put.rules)
12142 <-> BACKDOOR access remote pc runtime detection - init connection (backdoor.rules)
12143 <-> BACKDOOR access remote pc runtime detection - init connection (backdoor.rules)
12144 <-> BACKDOOR access remote pc runtime detection - rpc setup (backdoor.rules)
12145 <-> BACKDOOR access remote pc runtime detection - rpc setup (backdoor.rules)
12146 <-> BACKDOOR blue eye 1.0b runtime detection - init connection (backdoor.rules)
12147 <-> BACKDOOR blue eye 1.0b runtime detection - init connection (backdoor.rules)
12148 <-> BACKDOOR back orifice 2006 - v1.1.5 runtime detection - init connection (backdoor.rules)
12149 <-> BACKDOOR back orifice 2006 - v1.1.5 runtime detection - init connection (backdoor.rules)
12150 <-> BACKDOOR cafeini 1.0 runtime detection - init connection (backdoor.rules)
12151 <-> BACKDOOR cafeini 1.0 runtime detection (backdoor.rules)
12152 <-> BACKDOOR optix pro v1.32 runtime detection - init connection (backdoor.rules)
12153 <-> BACKDOOR optix pro v1.32 runtime detection - download file (backdoor.rules)
12154 <-> BACKDOOR optix pro v1.32 runtime detection - download file (backdoor.rules)
12155 <-> BACKDOOR optix pro v1.32 runtime detection - download file (backdoor.rules)
12156 <-> BACKDOOR optix pro v1.32 runtime detection - upload file (backdoor.rules)
12157 <-> BACKDOOR optix pro v1.32 runtime detection - upload file (backdoor.rules)
12158 <-> BACKDOOR optix pro v1.32 runtime detection - upload file (backdoor.rules)
12159 <-> BACKDOOR optix pro v1.32 runtime detection - keylogging (backdoor.rules)
12160 <-> BACKDOOR optix pro v1.32 runtime detection - screen capturing (backdoor.rules)
12161 <-> BACKDOOR optix pro v1.32 runtime detection - screen capturing (backdoor.rules)
12162 <-> BACKDOOR optix pro v1.32 runtime detection - screen capturing (backdoor.rules)
12163 <-> BACKDOOR cobra uploader 1.0 runtime detection (backdoor.rules)
12164 <-> BACKDOOR cobra uploader 1.0 runtime detection (backdoor.rules)
12165 <-> BACKDOOR lithium 1.02 runtime detection (backdoor.rules)
12166 <-> BACKDOOR lithium 1.02 runtime detection (backdoor.rules)
12168 <-> WEB-CLIENT Computer Associates ETrust Intrusion Detection Caller.DLL ActiveX clsid access (web-client.rules)
12169 <-> WEB-CLIENT Computer Associates ETrust Intrusion Detection Caller.DLL ActiveX clsid unicode access (web-client.rules)
12182 <-> POLICY Adobe FLV file transfer (policy.rules)
12183 <-> EXPLOIT Adobe FLV long string script data buffer overflow (exploit.rules)
12184 <-> MISC Microsoft Excel workbook workspace designation handling arbitrary code execution attempt (misc.rules)
12185 <-> RPC portmap 2112 tcp request (rpc.rules)
12186 <-> RPC portmap 2112 udp request (rpc.rules)
12187 <-> RPC portmap 2112 tcp rename_principal attempt (rpc.rules)
12188 <-> RPC portmap 2112 udp rename_principal attempt (rpc.rules)
12189 <-> WEB-CLIENT Clever Internet Suite ActiveX clsid access (web-client.rules)
12190 <-> WEB-CLIENT Clever Internet Suite ActiveX clsid unicode access (web-client.rules)
12191 <-> WEB-CLIENT Clever Internet Suite ActiveX function call access (web-client.rules)
12192 <-> WEB-CLIENT Clever Internet Suite ActiveX function call unicode access (web-client.rules)
12193 <-> WEB-CLIENT Yahoo Widgets Engine ActiveX clsid access (web-client.rules)
12194 <-> WEB-CLIENT Yahoo Widgets Engine ActiveX clsid unicode access (web-client.rules)
12195 <-> WEB-CLIENT Yahoo Widgets Engine ActiveX function call access (web-client.rules)
12196 <-> WEB-CLIENT Yahoo Widgets Engine ActiveX function call unicode access (web-client.rules)
12197 <-> EXPLOIT CA message queuing server buffer overflow attempt (exploit.rules)
12198 <-> SNMP MS Windows getbulk request (snmp.rules)
12199 <-> DOS RIM BlackBerry SRP negative string size (dos.rules)
12200 <-> WEB-CLIENT VMWare IntraProcessLogging ActiveX clsid access (web-client.rules)
12201 <-> WEB-CLIENT VMWare IntraProcessLogging ActiveX clsid unicode access (web-client.rules)
12202 <-> DELETED EXPLOIT Ingres long message heap buffer overflow attempt (deleted.rules)

Updated rules:
 104 <-> DELETED BACKDOOR - Dagger_1.4.0_client_connect (deleted.rules)
 120 <-> DELETED BACKDOOR Infector 1.6 Server to Client (deleted.rules)
 144 <-> FTP ADMw0rm ftp login attempt (ftp.rules)
 153 <-> DELETED BACKDOOR DonaldDick 1.53 Traffic (deleted.rules)
 155 <-> DELETED BACKDOOR NetSphere 1.31.337 access (deleted.rules)
 159 <-> DELETED BACKDOOR NetMetro File List (deleted.rules)
 228 <-> DDOS TFN client command BE (ddos.rules)
 251 <-> DDOS - TFN client command LE (ddos.rules)
 253 <-> DNS SPOOF query response PTR with TTL of 1 min. and no authority (dns.rules)
 254 <-> DNS SPOOF query response with TTL of 1 min. and no authority (dns.rules)
 255 <-> DNS zone transfer TCP (dns.rules)
 256 <-> DNS named authors attempt (dns.rules)
 257 <-> DNS named version attempt (dns.rules)
 258 <-> DNS EXPLOIT named 8.2->8.2.1 (dns.rules)
 259 <-> DNS EXPLOIT named overflow ADM (dns.rules)
 260 <-> DNS EXPLOIT named overflow ADMROCKS (dns.rules)
 261 <-> DNS EXPLOIT named overflow attempt (dns.rules)
 262 <-> DNS EXPLOIT x86 Linux overflow attempt (dns.rules)
 264 <-> DNS EXPLOIT x86 Linux overflow attempt (dns.rules)
 265 <-> DNS EXPLOIT x86 Linux overflow attempt ADMv2 (dns.rules)
 266 <-> DNS EXPLOIT x86 FreeBSD overflow attempt (dns.rules)
 267 <-> DNS EXPLOIT sparc overflow attempt (dns.rules)
 282 <-> DELETED DOS arkiea backup (deleted.rules)
 284 <-> POP2 x86 Linux overflow (pop2.rules)
 285 <-> POP2 x86 Linux overflow (pop2.rules)
 286 <-> POP3 EXPLOIT x86 BSD overflow (pop3.rules)
 287 <-> POP3 EXPLOIT x86 BSD overflow (pop3.rules)
 288 <-> POP3 EXPLOIT x86 Linux overflow (pop3.rules)
 289 <-> POP3 EXPLOIT x86 SCO overflow (pop3.rules)
 290 <-> POP3 EXPLOIT qpopper overflow (pop3.rules)
 303 <-> DNS EXPLOIT named tsig overflow attempt (dns.rules)
 314 <-> DNS EXPLOIT named tsig overflow attempt (dns.rules)
 320 <-> FINGER cmd_rootsh backdoor attempt (finger.rules)
 321 <-> FINGER account enumeration attempt (finger.rules)
 322 <-> FINGER search query (finger.rules)
 323 <-> FINGER root query (finger.rules)
 324 <-> FINGER null request (finger.rules)
 326 <-> FINGER remote command execution attempt (finger.rules)
 327 <-> FINGER remote command pipe execution attempt (finger.rules)
 328 <-> FINGER bomb attempt (finger.rules)
 330 <-> FINGER redirection attempt (finger.rules)
 331 <-> FINGER cybercop query (finger.rules)
 332 <-> FINGER 0 query (finger.rules)
 333 <-> FINGER . query (finger.rules)
 334 <-> FTP .forward (ftp.rules)
 335 <-> FTP .rhosts (ftp.rules)
 336 <-> FTP CWD ~root attempt (ftp.rules)
 337 <-> FTP CEL overflow attempt (ftp.rules)
 353 <-> FTP adm scan (ftp.rules)
 354 <-> FTP iss scan (ftp.rules)
 355 <-> FTP pass wh00t (ftp.rules)
 356 <-> FTP passwd retrieval attempt (ftp.rules)
 357 <-> FTP piss scan (ftp.rules)
 358 <-> FTP saint scan (ftp.rules)
 359 <-> FTP satan scan (ftp.rules)
 360 <-> FTP serv-u directory transversal (ftp.rules)
 361 <-> FTP SITE EXEC attempt (ftp.rules)
 362 <-> FTP tar parameters (ftp.rules)
 537 <-> DELETED NETBIOS SMB IPC$ share access (deleted.rules)
 538 <-> DELETED NETBIOS SMB IPC$ unicode share access (deleted.rules)
 631 <-> SMTP ehlo cybercop attempt (smtp.rules)
 632 <-> SMTP expn cybercop attempt (smtp.rules)
 654 <-> SMTP RCPT TO overflow (smtp.rules)
 655 <-> SMTP sendmail 8.6.9 exploit (smtp.rules)
 657 <-> SMTP chameleon overflow (smtp.rules)
 658 <-> SMTP exchange mime DOS (smtp.rules)
 659 <-> SMTP expn decode (smtp.rules)
 660 <-> SMTP expn root (smtp.rules)
 661 <-> SMTP majordomo ifs (smtp.rules)
 662 <-> SMTP sendmail 5.5.5 exploit (smtp.rules)
 663 <-> SMTP rcpt to command attempt (smtp.rules)
 664 <-> SMTP RCPT TO decode attempt (smtp.rules)
 665 <-> SMTP sendmail 5.6.5 exploit (smtp.rules)
 667 <-> SMTP sendmail 8.6.10 exploit (smtp.rules)
 668 <-> SMTP sendmail 8.6.10 exploit (smtp.rules)
 669 <-> SMTP sendmail 8.6.9 exploit (smtp.rules)
 670 <-> SMTP sendmail 8.6.9 exploit (smtp.rules)
 671 <-> SMTP sendmail 8.6.9c exploit (smtp.rules)
 672 <-> SMTP vrfy decode (smtp.rules)
 674 <-> DELETED MS-SQL xp_displayparamstmt possible buffer overflow (deleted.rules)
 675 <-> DELETED MS-SQL xp_setsqlsecurity possible buffer overflow (deleted.rules)
 682 <-> DELETED MS-SQL xp_enumresultset possible buffer overflow (deleted.rules)
 690 <-> DELETED MS-SQL/SMB xp_printstatements possible buffer overflow (deleted.rules)
 696 <-> DELETED MS-SQL/SMB xp_showcolv possible buffer overflow (deleted.rules)
 697 <-> DELETED MS-SQL/SMB xp_peekqueue possible buffer overflow (deleted.rules)
 698 <-> DELETED MS-SQL/SMB xp_proxiedmetadata possible buffer overflow (deleted.rules)
 699 <-> DELETED MS-SQL xp_printstatements possible buffer overflow (deleted.rules)
 700 <-> DELETED MS-SQL/SMB xp_updatecolvbm possible buffer overflow (deleted.rules)
 701 <-> DELETED MS-SQL xp_updatecolvbm possible buffer overflow (deleted.rules)
 702 <-> DELETED MS-SQL/SMB xp_displayparamstmt possible buffer overflow (deleted.rules)
 703 <-> DELETED MS-SQL/SMB xp_setsqlsecurity possible buffer overflow (deleted.rules)
 705 <-> DELETED MS-SQL xp_showcolv possible buffer overflow (deleted.rules)
 706 <-> DELETED MS-SQL xp_peekqueue possible buffer overflow (deleted.rules)
 707 <-> DELETED MS-SQL xp_proxiedmetadata possible buffer overflow (deleted.rules)
 708 <-> DELETED MS-SQL/SMB xp_enumresultset possible buffer overflow (deleted.rules)
 830 <-> DELETED WEB-CGI NPH-publish access (deleted.rules)
 841 <-> DELETED WEB-CGI pfdisplay.cgi access (deleted.rules)
 873 <-> DELETED WEB-CGI scriptalias access (deleted.rules)
 915 <-> WEB-COLDFUSION evaluate.cfm access (web-coldfusion.rules)
 972 <-> DELETED WEB-IIS %2E-asp access (deleted.rules)
1029 <-> WEB-IIS scripts-browse access (web-iis.rules)
1079 <-> WEB-MISC WebDAV propfind access (web-misc.rules)
1104 <-> DELETED WEB-MISC whisker space splice attack (deleted.rules)
1143 <-> DELETED WEB-MISC ///cgi-bin access (deleted.rules)
1144 <-> DELETED WEB-MISC /cgi-bin/// access (deleted.rules)
1225 <-> X11 MIT Magic Cookie detected (x11.rules)
1226 <-> X11 xopen (x11.rules)
1229 <-> FTP CWD ... (ftp.rules)
1248 <-> WEB-FRONTPAGE rad fp30reg.dll access (web-frontpage.rules)
1288 <-> WEB-FRONTPAGE /_vti_bin/ access (web-frontpage.rules)
1321 <-> BAD-TRAFFIC 0 ttl (bad-traffic.rules)
1377 <-> FTP wu-ftp bad file completion attempt [ (ftp.rules)
1378 <-> FTP wu-ftp bad file completion attempt { (ftp.rules)
1379 <-> FTP STAT overflow attempt (ftp.rules)
1394 <-> SHELLCODE x86 NOOP (shellcode.rules)
1399 <-> WEB-PHP PHP-Nuke remote file include attempt (web-php.rules)
1435 <-> DNS named authors attempt (dns.rules)
1446 <-> SMTP vrfy root (smtp.rules)
1450 <-> SMTP expn *@ (smtp.rules)
1479 <-> WEB-CGI ttawebtop.cgi arbitrary file attempt (web-cgi.rules)
1524 <-> WEB-MISC AxisStorpoint CD attempt (web-misc.rules)
1529 <-> FTP SITE overflow attempt (ftp.rules)
1538 <-> NNTP AUTHINFO USER overflow attempt (nntp.rules)
1541 <-> FINGER version query (finger.rules)
1546 <-> WEB-MISC Cisco /%% DOS attempt (web-misc.rules)
1549 <-> SMTP HELO overflow attempt (smtp.rules)
1550 <-> SMTP ETRN overflow attempt (smtp.rules)
1562 <-> FTP SITE CHOWN overflow attempt (ftp.rules)
1616 <-> DNS named version attempt (dns.rules)
1621 <-> FTP CMD overflow attempt (ftp.rules)
1622 <-> FTP RNFR ././ attempt (ftp.rules)
1623 <-> FTP invalid MODE (ftp.rules)
1624 <-> FTP PWD overflow attempt (ftp.rules)
1625 <-> FTP SYST overflow attempt (ftp.rules)
1632 <-> DELETED CHAT AIM send message (deleted.rules)
1634 <-> POP3 PASS overflow attempt (pop3.rules)
1635 <-> POP3 APOP overflow attempt (pop3.rules)
1672 <-> FTP CWD ~ attempt (ftp.rules)
1734 <-> FTP USER overflow attempt (ftp.rules)
1748 <-> DELETED FTP command overflow attempt (deleted.rules)
1755 <-> IMAP partial body buffer overflow attempt (imap.rules)
1775 <-> MYSQL root login attempt (mysql.rules)
1776 <-> MYSQL show databases attempt (mysql.rules)
1777 <-> FTP EXPLOIT STAT * dos attempt (ftp.rules)
1778 <-> FTP EXPLOIT STAT ? dos attempt (ftp.rules)
1792 <-> NNTP return code buffer overflow attempt (nntp.rules)
1801 <-> DELETED WEB-IIS .asp HTTP header buffer overflow attempt (deleted.rules)
1842 <-> IMAP login buffer overflow attempt (imap.rules)
1844 <-> IMAP authenticate overflow attempt (imap.rules)
1845 <-> IMAP list literal overflow attempt (imap.rules)
1864 <-> FTP SITE NEWER attempt (ftp.rules)
1866 <-> POP3 USER overflow attempt (pop3.rules)
1882 <-> ATTACK-RESPONSES id check returned userid (attack-responses.rules)
1888 <-> FTP SITE CPWD overflow attempt (ftp.rules)
1902 <-> IMAP lsub literal overflow attempt (imap.rules)
1903 <-> IMAP rename overflow attempt (imap.rules)
1904 <-> IMAP find overflow attempt (imap.rules)
1919 <-> FTP CWD overflow attempt (ftp.rules)
1920 <-> FTP SITE NEWER overflow attempt (ftp.rules)
1921 <-> FTP SITE ZIPCHK overflow attempt (ftp.rules)
1927 <-> FTP authorized_keys (ftp.rules)
1928 <-> FTP shadow retrieval attempt (ftp.rules)
1930 <-> IMAP auth literal overflow attempt (imap.rules)
1934 <-> POP2 FOLD overflow attempt (pop2.rules)
1935 <-> POP2 FOLD arbitrary file attempt (pop2.rules)
1936 <-> POP3 AUTH overflow attempt (pop3.rules)
1937 <-> POP3 LIST overflow attempt (pop3.rules)
1938 <-> POP3 XTND overflow attempt (pop3.rules)
1942 <-> FTP RMDIR overflow attempt (ftp.rules)
1948 <-> DNS zone transfer UDP (dns.rules)
1971 <-> FTP SITE EXEC format string attempt (ftp.rules)
1972 <-> FTP PASS overflow attempt (ftp.rules)
1973 <-> FTP MKD overflow attempt (ftp.rules)
1974 <-> FTP REST overflow attempt (ftp.rules)
1975 <-> FTP DELE overflow attempt (ftp.rules)
1976 <-> FTP RMD overflow attempt (ftp.rules)
1992 <-> FTP LIST directory traversal attempt (ftp.rules)
1993 <-> IMAP login literal buffer overflow attempt (imap.rules)
2002 <-> WEB-PHP remote include path (web-php.rules)
2046 <-> IMAP partial body.peek buffer overflow attempt (imap.rules)
2087 <-> SMTP From comment overflow attempt (smtp.rules)
2101 <-> NETBIOS SMB Trans Max Param/Count DOS attempt (netbios.rules)
2103 <-> NETBIOS SMB Trans2 OPEN2 unicode maximum param count overflow attempt (netbios.rules)
2105 <-> IMAP authenticate literal overflow attempt (imap.rules)
2106 <-> IMAP lsub overflow attempt (imap.rules)
2107 <-> IMAP create buffer overflow attempt (imap.rules)
2108 <-> POP3 CAPA overflow attempt (pop3.rules)
2109 <-> POP3 TOP overflow attempt (pop3.rules)
2110 <-> POP3 STAT overflow attempt (pop3.rules)
2111 <-> POP3 DELE overflow attempt (pop3.rules)
2112 <-> POP3 RSET overflow attempt (pop3.rules)
2118 <-> IMAP list overflow attempt (imap.rules)
2119 <-> IMAP rename literal overflow attempt (imap.rules)
2120 <-> IMAP create literal buffer overflow attempt (imap.rules)
2121 <-> POP3 DELE negative argument attempt (pop3.rules)
2122 <-> POP3 UIDL negative argument attempt (pop3.rules)
2125 <-> FTP CWD Root directory transversal attempt (ftp.rules)
2143 <-> WEB-PHP b2 cafelog gm-2-b2.php remote file include attempt (web-php.rules)
2147 <-> WEB-PHP BLNews objects.inc.php4 remote file include attempt (web-php.rules)
2150 <-> WEB-PHP ttCMS header.php remote file include attempt (web-php.rules)
2155 <-> WEB-PHP ttforum remote file include attempt (web-php.rules)
2178 <-> FTP USER format string attempt (ftp.rules)
2179 <-> FTP PASS format string attempt (ftp.rules)
2183 <-> SMTP Content-Transfer-Encoding overflow attempt (smtp.rules)
2226 <-> WEB-PHP pmachine remote file include attempt (web-php.rules)
2250 <-> POP3 USER format string attempt (pop3.rules)
2251 <-> DELETED NETBIOS DCERPC Remote Activation bind attempt (deleted.rules)
2253 <-> SMTP XEXCH50 overflow attempt (smtp.rules)
2259 <-> SMTP EXPN overflow attempt (smtp.rules)
2260 <-> SMTP VRFY overflow attempt (smtp.rules)
2261 <-> SMTP SEND FROM sendmail prescan too many addresses overflow (smtp.rules)
2262 <-> SMTP SEND FROM sendmail prescan too long addresses overflow (smtp.rules)
2263 <-> SMTP SAML FROM sendmail prescan too many addresses overflow (smtp.rules)
2264 <-> SMTP SAML FROM sendmail prescan too long addresses overflow (smtp.rules)
2265 <-> SMTP SOML FROM sendmail prescan too many addresses overflow (smtp.rules)
2266 <-> SMTP SOML FROM sendmail prescan too long addresses overflow (smtp.rules)
2267 <-> SMTP MAIL FROM sendmail prescan too many addresses overflow (smtp.rules)
2268 <-> SMTP MAIL FROM sendmail prescan too long addresses overflow (smtp.rules)
2269 <-> SMTP RCPT TO sendmail prescan too many addresses overflow (smtp.rules)
2270 <-> SMTP RCPT TO sendmail prescan too long addresses overflow (smtp.rules)
2272 <-> FTP LIST integer overflow attempt (ftp.rules)
2273 <-> IMAP login brute force attempt (imap.rules)
2274 <-> POP3 login brute force attempt (pop3.rules)
2275 <-> SMTP AUTH LOGON brute force attempt (smtp.rules)
2306 <-> WEB-PHP gallery remote file include attempt (web-php.rules)
2307 <-> WEB-PHP PayPal Storefront remote file include attempt (web-php.rules)
2308 <-> DELETED NETBIOS SMB DCERPC Workstation Service unicode bind attempt (deleted.rules)
2309 <-> DELETED NETBIOS SMB DCERPC Workstation Service bind attempt (deleted.rules)
2310 <-> DELETED NETBIOS SMB-DS DCERPC Workstation Service unicode bind attempt (deleted.rules)
2311 <-> DELETED NETBIOS SMB-DS DCERPC Workstation Service bind attempt (deleted.rules)
2315 <-> DELETED NETBIOS DCERPC Workstation Service direct service bind attempt (deleted.rules)
2316 <-> DELETED NETBIOS DCERPC Workstation Service direct service access attempt (deleted.rules)
2330 <-> IMAP auth overflow attempt (imap.rules)
2332 <-> FTP MKDIR format string attempt (ftp.rules)
2333 <-> FTP RENAME format string attempt (ftp.rules)
2334 <-> FTP Yak! FTP server default account login attempt (ftp.rules)
2335 <-> FTP RMD / attempt (ftp.rules)
2338 <-> FTP LIST buffer overflow attempt (ftp.rules)
2340 <-> FTP SITE CHMOD overflow attempt (ftp.rules)
2343 <-> FTP STOR overflow attempt (ftp.rules)
2344 <-> FTP XCWD overflow attempt (ftp.rules)
2373 <-> FTP XMKD overflow attempt (ftp.rules)
2374 <-> FTP NLST overflow attempt (ftp.rules)
2389 <-> FTP RNTO overflow attempt (ftp.rules)
2390 <-> FTP STOU overflow attempt (ftp.rules)
2391 <-> FTP APPE overflow attempt (ftp.rules)
2392 <-> FTP RETR overflow attempt (ftp.rules)
2409 <-> POP3 APOP USER overflow attempt (pop3.rules)
2416 <-> FTP invalid MDTM command attempt (ftp.rules)
2417 <-> FTP format string attempt (ftp.rules)
2424 <-> NNTP sendsys overflow attempt (nntp.rules)
2425 <-> NNTP senduuname overflow attempt (nntp.rules)
2426 <-> NNTP version overflow attempt (nntp.rules)
2427 <-> NNTP checkgroups overflow attempt (nntp.rules)
2428 <-> NNTP ihave overflow attempt (nntp.rules)
2429 <-> NNTP sendme overflow attempt (nntp.rules)
2430 <-> NNTP newgroup overflow attempt (nntp.rules)
2431 <-> NNTP rmgroup overflow attempt (nntp.rules)
2432 <-> NNTP article post without path attempt (nntp.rules)
2449 <-> FTP ALLO overflow attempt (ftp.rules)
2465 <-> DELETED NETBIOS-DG SMB IPC$ share access (deleted.rules)
2466 <-> DELETED NETBIOS-DG SMB IPC$ unicode share access (deleted.rules)
2487 <-> SMTP WinZip MIME content-type buffer overflow (smtp.rules)
2488 <-> SMTP WinZip MIME content-disposition buffer overflow (smtp.rules)
2497 <-> IMAP SSLv3 invalid data version attempt (imap.rules)
2500 <-> DELETED POP3 SSLv3 invalid data version attempt (deleted.rules)
2502 <-> POP3 SSLv3 invalid data version attempt (pop3.rules)
2504 <-> SMTP SSLv3 invalid data version attempt (smtp.rules)
2517 <-> IMAP PCT Client_Hello overflow attempt (imap.rules)
2518 <-> POP3 PCT Client_Hello overflow attempt (pop3.rules)
2527 <-> SMTP STARTTLS attempt (smtp.rules)
2528 <-> SMTP PCT Client_Hello overflow attempt (smtp.rules)
2529 <-> IMAP SSLv3 Client_Hello request (imap.rules)
2530 <-> IMAP SSLv3 Server_Hello request (imap.rules)
2531 <-> IMAP SSLv3 invalid Client_Hello attempt (imap.rules)
2532 <-> DELETED POP3 SSLv3 Client_Hello request (deleted.rules)
2533 <-> DELETED POP3 SSLv3 Server_Hello request (deleted.rules)
2534 <-> DELETED POP3 SSLv3 invalid Client_Hello attempt (deleted.rules)
2535 <-> POP3 SSLv3 Client_Hello request (pop3.rules)
2536 <-> POP3 SSLv3 Server_Hello request (pop3.rules)
2537 <-> POP3 SSLv3 invalid Client_Hello attempt (pop3.rules)
2541 <-> SMTP TLS SSLv3 invalid data version attempt (smtp.rules)
2542 <-> SMTP SSLv3 Client_Hello request (smtp.rules)
2543 <-> SMTP SSLv3 Server_Hello request (smtp.rules)
2544 <-> SMTP SSLv3 invalid Client_Hello attempt (smtp.rules)
2546 <-> FTP MDTM overflow attempt (ftp.rules)
2574 <-> FTP RETR format string attempt (ftp.rules)
2575 <-> WEB-PHP Opt-X header.php remote file include attempt (web-php.rules)
2582 <-> WEB-MISC Crystal Reports crystalImageHandler.aspx directory traversal attempt (web-misc.rules)
2590 <-> SMTP MAIL FROM overflow attempt (smtp.rules)
2597 <-> WEB-MISC Samba SWAT Authorization overflow attempt (web-misc.rules)
2598 <-> WEB-MISC Samba SWAT Authorization port 901 overflow attempt (web-misc.rules)
2622 <-> DELETED ORACLE dbms_repcat_utl.drop_an_object buffer overflow attempt (deleted.rules)
2623 <-> DELETED ORACLE dbms_repcat_sna_utl.create_snapshot_repgroup buffer overflow attempt (deleted.rules)
2631 <-> DELETED ORACLE dbms_repcat.refresh_mview_repgroup buffer overflow attempt (deleted.rules)
2635 <-> DELETED ORACLE dbms_offline_snapshot.end_load buffer overflow attempt (deleted.rules)
2647 <-> DELETED ORACLE dbms_repcat_instantiate.instantiate_online buffer overflow attempt (deleted.rules)
2656 <-> WEB-MISC SSLv2 Client_Hello Challenge Length overflow attempt (web-misc.rules)
2664 <-> IMAP login format string attempt (imap.rules)
2665 <-> IMAP login literal format string attempt (imap.rules)
2666 <-> POP3 PASS format string attempt (pop3.rules)
2676 <-> DELETED ORACLE dbms_repcat_rgt.drop_site_instantiation buffer overflow attempt (deleted.rules)
2700 <-> DELETED ORACLE numtoyminterval buffer overflow attempt (deleted.rules)
2710 <-> DELETED ORACLE dbms_offline_og.begin_load buffer overflow attempt (deleted.rules)
2921 <-> DNS UDP inverse query (dns.rules)
2922 <-> DNS TCP inverse query (dns.rules)
2927 <-> NNTP XPAT pattern overflow attempt (nntp.rules)
2928 <-> NETBIOS SMB-DS nddeapi little endian alter context attempt (netbios.rules)
2929 <-> NETBIOS SMB-DS nddeapi WriteAndX little endian alter context attempt (netbios.rules)
2930 <-> NETBIOS SMB-DS nddeapi unicode little endian alter context attempt (netbios.rules)
2931 <-> NETBIOS SMB-DS nddeapi WriteAndX unicode little endian alter context attempt (netbios.rules)
2932 <-> NETBIOS SMB nddeapi alter context attempt (netbios.rules)
2933 <-> NETBIOS SMB nddeapi unicode alter context attempt (netbios.rules)
2934 <-> NETBIOS SMB-DS nddeapi alter context attempt (netbios.rules)
2935 <-> NETBIOS SMB-DS nddeapi WriteAndX alter context attempt (netbios.rules)
2936 <-> NETBIOS SMB-DS v4 nddeapi NDdeSetTrustedShareW WriteAndX unicode little endian overflow attempt (netbios.rules)
2937 <-> NETBIOS SMB v4 nddeapi NDdeSetTrustedShareW WriteAndX little endian overflow attempt (netbios.rules)
2938 <-> NETBIOS SMB v4 nddeapi NDdeSetTrustedShareW WriteAndX overflow attempt (netbios.rules)
2939 <-> NETBIOS SMB-DS nddeapi NDdeSetTrustedShareW WriteAndX little endian overflow attempt (netbios.rules)
2946 <-> NETBIOS SMB v4 nddeapi NDdeSetTrustedShareW overflow attempt (netbios.rules)
2947 <-> NETBIOS SMB-DS v4 nddeapi NDdeSetTrustedShareW unicode little endian overflow attempt (netbios.rules)
2948 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW little endian overflow attempt (netbios.rules)
2949 <-> NETBIOS SMB-DS v4 nddeapi NDdeSetTrustedShareW unicode overflow attempt (netbios.rules)
2952 <-> DELETED NETBIOS SMB-DS IPC$ share access (deleted.rules)
2953 <-> DELETED NETBIOS SMB-DS IPC$ unicode share access (deleted.rules)
2954 <-> DELETED NETBIOS SMB IPC$ andx share access (deleted.rules)
2955 <-> DELETED NETBIOS SMB IPC$ unicode andx share access (deleted.rules)
2956 <-> NETBIOS SMB nddeapi little endian alter context attempt (netbios.rules)
2957 <-> NETBIOS SMB nddeapi WriteAndX little endian alter context attempt (netbios.rules)
2958 <-> NETBIOS SMB nddeapi unicode little endian alter context attempt (netbios.rules)
2959 <-> NETBIOS SMB nddeapi WriteAndX unicode little endian alter context attempt (netbios.rules)
2960 <-> NETBIOS SMB nddeapi WriteAndX alter context attempt (netbios.rules)
2961 <-> NETBIOS SMB nddeapi WriteAndX unicode alter context attempt (netbios.rules)
2962 <-> NETBIOS SMB-DS nddeapi unicode alter context attempt (netbios.rules)
2963 <-> NETBIOS SMB-DS nddeapi WriteAndX unicode alter context attempt (netbios.rules)
2964 <-> NETBIOS SMB v4 nddeapi NDdeSetTrustedShareW unicode little endian overflow attempt (netbios.rules)
2965 <-> NETBIOS SMB v4 nddeapi NDdeSetTrustedShareW WriteAndX unicode overflow attempt (netbios.rules)
2966 <-> NETBIOS SMB-DS v4 nddeapi NDdeSetTrustedShareW overflow attempt (netbios.rules)
2967 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW WriteAndX little endian overflow attempt (netbios.rules)
2968 <-> NETBIOS SMB-DS v4 nddeapi NDdeSetTrustedShareW little endian overflow attempt (netbios.rules)
2969 <-> NETBIOS SMB-DS v4 nddeapi NDdeSetTrustedShareW WriteAndX little endian overflow attempt (netbios.rules)
2970 <-> NETBIOS SMB-DS v4 nddeapi NDdeSetTrustedShareW WriteAndX overflow attempt (netbios.rules)
2971 <-> NETBIOS SMB nddeapi NDdeSetTrustedShareW overflow attempt (netbios.rules)
3007 <-> IMAP delete overflow attempt (imap.rules)
3008 <-> IMAP delete literal overflow attempt (imap.rules)
3017 <-> EXPLOIT WINS overflow attempt (exploit.rules)
3058 <-> IMAP copy literal overflow attempt (imap.rules)
3065 <-> IMAP append literal overflow attempt (imap.rules)
3066 <-> IMAP append overflow attempt (imap.rules)
3067 <-> IMAP examine literal overflow attempt (imap.rules)
3068 <-> IMAP examine overflow attempt (imap.rules)
3069 <-> IMAP fetch literal overflow attempt (imap.rules)
3070 <-> IMAP fetch overflow attempt (imap.rules)
3071 <-> IMAP status literal overflow attempt (imap.rules)
3072 <-> IMAP status overflow attempt (imap.rules)
3073 <-> IMAP subscribe literal overflow attempt (imap.rules)
3074 <-> IMAP subscribe overflow attempt (imap.rules)
3075 <-> IMAP unsubscribe literal overflow attempt (imap.rules)
3076 <-> IMAP unsubscribe overflow attempt (imap.rules)
3077 <-> FTP RNFR overflow attempt (ftp.rules)
3078 <-> NNTP SEARCH pattern overflow attempt (nntp.rules)
3151 <-> FINGER / execution attempt (finger.rules)
3153 <-> DNS TCP inverse query overflow (dns.rules)
3154 <-> DNS UDP inverse query overflow (dns.rules)
3272 <-> DELETED BACKDOOR mydoom.a backdoor upload/execute attempt (deleted.rules)
3441 <-> FTP PORT bounce attempt (ftp.rules)
3456 <-> MYSQL 4.0 root login attempt (mysql.rules)
3460 <-> FTP REST with numeric argument (ftp.rules)
3461 <-> SMTP Content-Type overflow attempt (smtp.rules)
3462 <-> SMTP Content-Encoding overflow attempt (smtp.rules)
3487 <-> IMAP SSLv2 Client_Hello request (imap.rules)
3488 <-> IMAP SSLv2 Client_Hello with pad request (imap.rules)
3489 <-> IMAP TLSv1 Client_Hello request (imap.rules)
3490 <-> IMAP TLSv1 Client_Hello via SSLv2 handshake request (imap.rules)
3491 <-> IMAP SSLv2 Server_Hello request (imap.rules)
3492 <-> IMAP TLSv1 Server_Hello request (imap.rules)
3493 <-> SMTP SSLv2 Client_Hello request (smtp.rules)
3494 <-> SMTP SSLv2 Client_Hello with pad request (smtp.rules)
3495 <-> SMTP TLSv1 Client_Hello request (smtp.rules)
3496 <-> SMTP TLSv1 Client_Hello via SSLv2 handshake request (smtp.rules)
3497 <-> SMTP SSLv2 Server_Hello request (smtp.rules)
3498 <-> SMTP TLSv1 Server_Hello request (smtp.rules)
3499 <-> POP3 SSLv2 Client_Hello request (pop3.rules)
3500 <-> POP3 SSLv2 Client_Hello with pad request (pop3.rules)
3501 <-> POP3 TLSv1 Client_Hello request (pop3.rules)
3502 <-> POP3 TLSv1 Client_Hello via SSLv2 handshake request (pop3.rules)
3503 <-> POP3 SSLv2 Server_Hello request (pop3.rules)
3504 <-> POP3 TLSv1 Server_Hello request (pop3.rules)
3505 <-> DELETED POP3 SSLv2 Client_Hello request (deleted.rules)
3506 <-> DELETED POP3 SSLv2 Client_Hello with pad request (deleted.rules)
3507 <-> DELETED POP3 TLSv1 Client_Hello request (deleted.rules)
3508 <-> DELETED POP3 TLSv1 Client_Hello via SSLv2 handshake request (deleted.rules)
3509 <-> DELETED POP3 SSLv2 Server_Hello request (deleted.rules)
3510 <-> DELETED POP3 TLSv1 Server_Hello request (deleted.rules)
3511 <-> SMTP PCT Client_Hello overflow attempt (smtp.rules)
3523 <-> FTP SITE INDEX format string attempt (ftp.rules)
3528 <-> MYSQL CREATE FUNCTION attempt (mysql.rules)
3532 <-> FTP ORACLE password buffer overflow attempt (ftp.rules)
3533 <-> TELNET client LINEMODE SLC overflow attempt (telnet.rules)
3630 <-> FTP ORACLE TEST command buffer overflow attempt (ftp.rules)
3631 <-> FTP ORACLE user name buffer overflow attempt (ftp.rules)
3653 <-> SMTP SAML overflow attempt (smtp.rules)
3654 <-> SMTP SOML overflow attempt (smtp.rules)
3655 <-> SMTP SEND overflow attempt (smtp.rules)
3656 <-> SMTP MAIL overflow attempt (smtp.rules)
3665 <-> MYSQL server greeting (mysql.rules)
3666 <-> MYSQL server greeting finished (mysql.rules)
3667 <-> MYSQL protocol 41 client authentication bypass attempt (mysql.rules)
3668 <-> MYSQL client authentication bypass attempt (mysql.rules)
3669 <-> MYSQL protocol 41 secure client overflow attempt (mysql.rules)
3670 <-> MYSQL secure client overflow attempt (mysql.rules)
3671 <-> MYSQL protocol 41 client overflow attempt (mysql.rules)
3672 <-> MYSQL client overflow attempt (mysql.rules)
3682 <-> SMTP spoofed MIME-Type auto-execution attempt (smtp.rules)
3684 <-> DELETED WEB-CLIENT Bitmap Transfer (deleted.rules)
3697 <-> NETBIOS DCERPC DIRECT veritas alter context attempt (netbios.rules)
3698 <-> NETBIOS DCERPC DIRECT veritas little endian alter context attempt (netbios.rules)
3699 <-> NETBIOS DCERPC DIRECT veritas bind attempt (netbios.rules)
3700 <-> NETBIOS DCERPC DIRECT veritas little endian bind attempt (netbios.rules)
3815 <-> SMTP eXchange POP3 mail server overflow attempt (smtp.rules)
3824 <-> SMTP AUTH user overflow attempt (smtp.rules)
4638 <-> EXPLOIT RSVP Protocol zero length object DoS attempt (exploit.rules)
4645 <-> IMAP search format string attempt (imap.rules)
4646 <-> IMAP search literal format string attempt (imap.rules)
4649 <-> MYSQL CREATE FUNCTION buffer overflow attempt (mysql.rules)
4754 <-> NETBIOS DCERPC NCACN-IP-TCP locator nsi_binding_lookup_begin little endian overflow attempt (netbios.rules)
4755 <-> NETBIOS DCERPC NCACN-IP-TCP locator nsi_binding_lookup_begin overflow attempt (netbios.rules)
4756 <-> NETBIOS DCERPC NCACN-IP-TCP v4 locator nsi_binding_lookup_begin little endian overflow attempt (netbios.rules)
4757 <-> NETBIOS DCERPC NCACN-IP-TCP v4 locator nsi_binding_lookup_begin overflow attempt (netbios.rules)
4758 <-> NETBIOS SMB locator nsi_binding_lookup_begin WriteAndX andx overflow attempt (netbios.rules)
4759 <-> NETBIOS SMB locator nsi_binding_lookup_begin WriteAndX little endian andx overflow attempt (netbios.rules)
4760 <-> NETBIOS SMB locator nsi_binding_lookup_begin WriteAndX little endian overflow attempt (netbios.rules)
4761 <-> NETBIOS SMB locator nsi_binding_lookup_begin WriteAndX overflow attempt (netbios.rules)
4762 <-> NETBIOS SMB locator nsi_binding_lookup_begin WriteAndX unicode andx overflow attempt (netbios.rules)
4763 <-> NETBIOS SMB locator nsi_binding_lookup_begin WriteAndX unicode little endian andx overflow attempt (netbios.rules)
4764 <-> NETBIOS SMB locator nsi_binding_lookup_begin WriteAndX unicode little endian overflow attempt (netbios.rules)
4765 <-> NETBIOS SMB locator nsi_binding_lookup_begin WriteAndX unicode overflow attempt (netbios.rules)
4766 <-> NETBIOS SMB locator nsi_binding_lookup_begin andx overflow attempt (netbios.rules)
4767 <-> NETBIOS SMB locator nsi_binding_lookup_begin little endian andx overflow attempt (netbios.rules)
4768 <-> NETBIOS SMB locator nsi_binding_lookup_begin little endian overflow attempt (netbios.rules)
4769 <-> NETBIOS SMB locator nsi_binding_lookup_begin overflow attempt (netbios.rules)
4770 <-> NETBIOS SMB locator nsi_binding_lookup_begin unicode andx overflow attempt (netbios.rules)
4771 <-> NETBIOS SMB locator nsi_binding_lookup_begin unicode little endian andx overflow attempt (netbios.rules)
4772 <-> NETBIOS SMB locator nsi_binding_lookup_begin unicode little endian overflow attempt (netbios.rules)
4773 <-> NETBIOS SMB locator nsi_binding_lookup_begin unicode overflow attempt (netbios.rules)
4774 <-> NETBIOS SMB v4 locator nsi_binding_lookup_begin WriteAndX andx overflow attempt (netbios.rules)
4775 <-> NETBIOS SMB v4 locator nsi_binding_lookup_begin WriteAndX little endian andx overflow attempt (netbios.rules)
4776 <-> NETBIOS SMB v4 locator nsi_binding_lookup_begin WriteAndX little endian overflow attempt (netbios.rules)
4777 <-> NETBIOS SMB v4 locator nsi_binding_lookup_begin WriteAndX overflow attempt (netbios.rules)
4778 <-> NETBIOS SMB v4 locator nsi_binding_lookup_begin WriteAndX unicode andx overflow attempt (netbios.rules)
4779 <-> NETBIOS SMB v4 locator nsi_binding_lookup_begin WriteAndX unicode little endian andx overflow attempt (netbios.rules)
4780 <-> NETBIOS SMB v4 locator nsi_binding_lookup_begin WriteAndX unicode little endian overflow attempt (netbios.rules)
4781 <-> NETBIOS SMB v4 locator nsi_binding_lookup_begin WriteAndX unicode overflow attempt (netbios.rules)
4782 <-> NETBIOS SMB v4 locator nsi_binding_lookup_begin andx overflow attempt (netbios.rules)
4783 <-> NETBIOS SMB v4 locator nsi_binding_lookup_begin little endian andx overflow attempt (netbios.rules)
4784 <-> NETBIOS SMB v4 locator nsi_binding_lookup_begin little endian overflow attempt (netbios.rules)
4785 <-> NETBIOS SMB v4 locator nsi_binding_lookup_begin overflow attempt (netbios.rules)
4786 <-> NETBIOS SMB v4 locator nsi_binding_lookup_begin unicode andx overflow attempt (netbios.rules)
4787 <-> NETBIOS SMB v4 locator nsi_binding_lookup_begin unicode little endian andx overflow attempt (netbios.rules)
4788 <-> NETBIOS SMB v4 locator nsi_binding_lookup_begin unicode little endian overflow attempt (netbios.rules)
4789 <-> NETBIOS SMB v4 locator nsi_binding_lookup_begin unicode overflow attempt (netbios.rules)
4790 <-> NETBIOS SMB-DS locator nsi_binding_lookup_begin WriteAndX andx overflow attempt (netbios.rules)
4791 <-> NETBIOS SMB-DS locator nsi_binding_lookup_begin WriteAndX little endian andx overflow attempt (netbios.rules)
4792 <-> NETBIOS SMB-DS locator nsi_binding_lookup_begin WriteAndX little endian overflow attempt (netbios.rules)
4793 <-> NETBIOS SMB-DS locator nsi_binding_lookup_begin WriteAndX overflow attempt (netbios.rules)
4794 <-> NETBIOS SMB-DS locator nsi_binding_lookup_begin WriteAndX unicode andx overflow attempt (netbios.rules)
4795 <-> NETBIOS SMB-DS locator nsi_binding_lookup_begin WriteAndX unicode little endian andx overflow attempt (netbios.rules)
4796 <-> NETBIOS SMB-DS locator nsi_binding_lookup_begin WriteAndX unicode little endian overflow attempt (netbios.rules)
4797 <-> NETBIOS SMB-DS locator nsi_binding_lookup_begin WriteAndX unicode overflow attempt (netbios.rules)
4798 <-> NETBIOS SMB-DS locator nsi_binding_lookup_begin andx overflow attempt (netbios.rules)
4799 <-> NETBIOS SMB-DS locator nsi_binding_lookup_begin little endian andx overflow attempt (netbios.rules)
4800 <-> NETBIOS SMB-DS locator nsi_binding_lookup_begin little endian overflow attempt (netbios.rules)
4801 <-> NETBIOS SMB-DS locator nsi_binding_lookup_begin overflow attempt (netbios.rules)
4802 <-> NETBIOS SMB-DS locator nsi_binding_lookup_begin unicode andx overflow attempt (netbios.rules)
4803 <-> NETBIOS SMB-DS locator nsi_binding_lookup_begin unicode little endian andx overflow attempt (netbios.rules)
4804 <-> NETBIOS SMB-DS locator nsi_binding_lookup_begin unicode little endian overflow attempt (netbios.rules)
4805 <-> NETBIOS SMB-DS locator nsi_binding_lookup_begin unicode overflow attempt (netbios.rules)
4806 <-> NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin WriteAndX andx overflow attempt (netbios.rules)
4807 <-> NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin WriteAndX little endian andx overflow attempt (netbios.rules)
4808 <-> NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin WriteAndX little endian overflow attempt (netbios.rules)
4809 <-> NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin WriteAndX overflow attempt (netbios.rules)
4810 <-> NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin WriteAndX unicode andx overflow attempt (netbios.rules)
4811 <-> NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin WriteAndX unicode little endian andx overflow attempt (netbios.rules)
4812 <-> NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin WriteAndX unicode little endian overflow attempt (netbios.rules)
4813 <-> NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin WriteAndX unicode overflow attempt (netbios.rules)
4814 <-> NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin andx overflow attempt (netbios.rules)
4815 <-> NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin little endian andx overflow attempt (netbios.rules)
4816 <-> NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin little endian overflow attempt (netbios.rules)
4817 <-> NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin overflow attempt (netbios.rules)
4818 <-> NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin unicode andx overflow attempt (netbios.rules)
4819 <-> NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin unicode little endian andx overflow attempt (netbios.rules)
4820 <-> NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin unicode little endian overflow attempt (netbios.rules)
4821 <-> NETBIOS SMB-DS v4 locator nsi_binding_lookup_begin unicode overflow attempt (netbios.rules)
4822 <-> NETBIOS DCERPC NCADG-IP-UDP locator nsi_binding_lookup_begin little endian overflow attempt (netbios.rules)
4823 <-> NETBIOS DCERPC NCADG-IP-UDP locator nsi_binding_lookup_begin overflow attempt (netbios.rules)
4824 <-> NETBIOS DCERPC NCADG-IP-UDP v4 locator nsi_binding_lookup_begin little endian overflow attempt (netbios.rules)
4825 <-> NETBIOS DCERPC NCADG-IP-UDP v4 locator nsi_binding_lookup_begin overflow attempt (netbios.rules)
4826 <-> NETBIOS SMB-DS umpnpmgr PNP_GetRootDeviceInstance unicode little endian attempt (netbios.rules)
4827 <-> NETBIOS SMB umpnpmgr PNP_GetRootDeviceInstance unicode little endian attempt (netbios.rules)
4828 <-> NETBIOS SMB umpnpmgr PNP_GetRootDeviceInstance WriteAndX unicode little endian attempt (netbios.rules)
4829 <-> NETBIOS SMB v4 umpnpmgr PNP_GetRootDeviceInstance unicode attempt (netbios.rules)
4830 <-> NETBIOS SMB umpnpmgr PNP_GetRootDeviceInstance WriteAndX unicode attempt (netbios.rules)
4831 <-> NETBIOS SMB-DS umpnpmgr PNP_GetRootDeviceInstance little endian attempt (netbios.rules)
4832 <-> NETBIOS SMB-DS umpnpmgr PNP_GetRootDeviceInstance WriteAndX unicode attempt (netbios.rules)
4833 <-> NETBIOS SMB-DS umpnpmgr PNP_GetRootDeviceInstance WriteAndX attempt (netbios.rules)
4834 <-> NETBIOS SMB-DS umpnpmgr PNP_GetRootDeviceInstance attempt (netbios.rules)
4835 <-> NETBIOS SMB umpnpmgr PNP_GetRootDeviceInstance little endian attempt (netbios.rules)
4836 <-> NETBIOS SMB umpnpmgr PNP_GetRootDeviceInstance WriteAndX attempt (netbios.rules)
4837 <-> NETBIOS SMB-DS umpnpmgr PNP_GetRootDeviceInstance unicode attempt (netbios.rules)
4838 <-> NETBIOS SMB-DS umpnpmgr PNP_GetRootDeviceInstance WriteAndX unicode little endian attempt (netbios.rules)
4839 <-> NETBIOS SMB umpnpmgr PNP_GetRootDeviceInstance unicode attempt (netbios.rules)
4840 <-> NETBIOS SMB-DS umpnpmgr PNP_GetRootDeviceInstance WriteAndX little endian attempt (netbios.rules)
4841 <-> NETBIOS SMB v4 umpnpmgr PNP_GetRootDeviceInstance unicode little endian attempt (netbios.rules)
4842 <-> NETBIOS SMB v4 umpnpmgr PNP_GetRootDeviceInstance WriteAndX unicode little endian attempt (netbios.rules)
4843 <-> NETBIOS SMB umpnpmgr PNP_GetRootDeviceInstance WriteAndX little endian attempt (netbios.rules)
4844 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetRootDeviceInstance unicode attempt (netbios.rules)
4845 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetRootDeviceInstance unicode little endian attempt (netbios.rules)
4846 <-> NETBIOS SMB v4 umpnpmgr PNP_GetRootDeviceInstance WriteAndX attempt (netbios.rules)
4847 <-> NETBIOS SMB v4 umpnpmgr PNP_GetRootDeviceInstance attempt (netbios.rules)
4848 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetRootDeviceInstance WriteAndX attempt (netbios.rules)
4849 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetRootDeviceInstance attempt (netbios.rules)
4850 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetRootDeviceInstance WriteAndX unicode attempt (netbios.rules)
4851 <-> NETBIOS SMB v4 umpnpmgr PNP_GetRootDeviceInstance WriteAndX little endian attempt (netbios.rules)
4852 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetRootDeviceInstance WriteAndX little endian attempt (netbios.rules)
4853 <-> NETBIOS SMB v4 umpnpmgr PNP_GetRootDeviceInstance little endian attempt (netbios.rules)
4854 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetRootDeviceInstance little endian attempt (netbios.rules)
4855 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetRootDeviceInstance WriteAndX unicode little endian attempt (netbios.rules)
4856 <-> NETBIOS SMB umpnpmgr PNP_GetRootDeviceInstance attempt (netbios.rules)
4857 <-> NETBIOS SMB v4 umpnpmgr PNP_GetRootDeviceInstance WriteAndX unicode attempt (netbios.rules)
4858 <-> NETBIOS SMB-DS umpnpmgr PNP_GetRootDeviceInstance unicode little endian andx attempt (netbios.rules)
4859 <-> NETBIOS SMB umpnpmgr PNP_GetRootDeviceInstance unicode little endian andx attempt (netbios.rules)
4860 <-> NETBIOS SMB umpnpmgr PNP_GetRootDeviceInstance WriteAndX unicode little endian andx attempt (netbios.rules)
4861 <-> NETBIOS SMB v4 umpnpmgr PNP_GetRootDeviceInstance unicode andx attempt (netbios.rules)
4862 <-> NETBIOS SMB umpnpmgr PNP_GetRootDeviceInstance WriteAndX unicode andx attempt (netbios.rules)
4863 <-> NETBIOS SMB-DS umpnpmgr PNP_GetRootDeviceInstance little endian andx attempt (netbios.rules)
4864 <-> NETBIOS SMB-DS umpnpmgr PNP_GetRootDeviceInstance WriteAndX unicode andx attempt (netbios.rules)
4865 <-> NETBIOS SMB-DS umpnpmgr PNP_GetRootDeviceInstance WriteAndX andx attempt (netbios.rules)
4866 <-> NETBIOS SMB-DS umpnpmgr PNP_GetRootDeviceInstance andx attempt (netbios.rules)
4867 <-> NETBIOS SMB umpnpmgr PNP_GetRootDeviceInstance little endian andx attempt (netbios.rules)
4868 <-> NETBIOS SMB umpnpmgr PNP_GetRootDeviceInstance WriteAndX andx attempt (netbios.rules)
4869 <-> NETBIOS SMB-DS umpnpmgr PNP_GetRootDeviceInstance unicode andx attempt (netbios.rules)
4870 <-> NETBIOS SMB-DS umpnpmgr PNP_GetRootDeviceInstance WriteAndX unicode little endian andx attempt (netbios.rules)
4871 <-> NETBIOS SMB umpnpmgr PNP_GetRootDeviceInstance unicode andx attempt (netbios.rules)
4872 <-> NETBIOS SMB-DS umpnpmgr PNP_GetRootDeviceInstance WriteAndX little endian andx attempt (netbios.rules)
4873 <-> NETBIOS SMB v4 umpnpmgr PNP_GetRootDeviceInstance unicode little endian andx attempt (netbios.rules)
4874 <-> NETBIOS SMB v4 umpnpmgr PNP_GetRootDeviceInstance WriteAndX unicode little endian andx attempt (netbios.rules)
4875 <-> NETBIOS SMB umpnpmgr PNP_GetRootDeviceInstance WriteAndX little endian andx attempt (netbios.rules)
4876 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetRootDeviceInstance unicode andx attempt (netbios.rules)
4877 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetRootDeviceInstance unicode little endian andx attempt (netbios.rules)
4878 <-> NETBIOS SMB v4 umpnpmgr PNP_GetRootDeviceInstance WriteAndX andx attempt (netbios.rules)
4879 <-> NETBIOS SMB v4 umpnpmgr PNP_GetRootDeviceInstance andx attempt (netbios.rules)
4880 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetRootDeviceInstance WriteAndX andx attempt (netbios.rules)
4881 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetRootDeviceInstance andx attempt (netbios.rules)
4882 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetRootDeviceInstance WriteAndX unicode andx attempt (netbios.rules)
4883 <-> NETBIOS SMB v4 umpnpmgr PNP_GetRootDeviceInstance WriteAndX little endian andx attempt (netbios.rules)
4884 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetRootDeviceInstance WriteAndX little endian andx attempt (netbios.rules)
4885 <-> NETBIOS SMB v4 umpnpmgr PNP_GetRootDeviceInstance little endian andx attempt (netbios.rules)
4886 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetRootDeviceInstance little endian andx attempt (netbios.rules)
4887 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetRootDeviceInstance WriteAndX unicode little endian andx attempt (netbios.rules)
4888 <-> NETBIOS SMB umpnpmgr PNP_GetRootDeviceInstance andx attempt (netbios.rules)
4889 <-> NETBIOS SMB v4 umpnpmgr PNP_GetRootDeviceInstance WriteAndX unicode andx attempt (netbios.rules)
4918 <-> NETBIOS SMB umpnpmgr PNP_GetDeviceList dos attempt (netbios.rules)
4919 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetDeviceList dos attempt (netbios.rules)
4920 <-> NETBIOS SMB-DS umpnpmgr PNP_GetDeviceList WriteAndX little endian dos attempt (netbios.rules)
4921 <-> NETBIOS SMB-DS umpnpmgr PNP_GetDeviceList WriteAndX dos attempt (netbios.rules)
4922 <-> NETBIOS SMB-DS umpnpmgr PNP_GetDeviceList unicode dos attempt (netbios.rules)
4923 <-> NETBIOS SMB umpnpmgr PNP_GetDeviceList WriteAndX unicode little endian dos attempt (netbios.rules)
4924 <-> NETBIOS SMB-DS umpnpmgr PNP_GetDeviceList little endian dos attempt (netbios.rules)
4925 <-> NETBIOS SMB umpnpmgr PNP_GetDeviceList WriteAndX little endian dos attempt (netbios.rules)
4926 <-> NETBIOS SMB umpnpmgr PNP_GetDeviceList WriteAndX unicode dos attempt (netbios.rules)
4927 <-> NETBIOS SMB-DS umpnpmgr PNP_GetDeviceList WriteAndX unicode little endian dos attempt (netbios.rules)
4928 <-> NETBIOS SMB v4 umpnpmgr PNP_GetDeviceList unicode dos attempt (netbios.rules)
4929 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetDeviceList WriteAndX unicode dos attempt (netbios.rules)
4930 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetDeviceList little endian dos attempt (netbios.rules)
4931 <-> NETBIOS SMB v4 umpnpmgr PNP_GetDeviceList WriteAndX dos attempt (netbios.rules)
4932 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetDeviceList unicode little endian dos attempt (netbios.rules)
4933 <-> NETBIOS SMB v4 umpnpmgr PNP_GetDeviceList WriteAndX little endian dos attempt (netbios.rules)
4934 <-> NETBIOS SMB v4 umpnpmgr PNP_GetDeviceList WriteAndX unicode dos attempt (netbios.rules)
4935 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetDeviceList WriteAndX unicode little endian dos attempt (netbios.rules)
4936 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetDeviceList unicode dos attempt (netbios.rules)
4937 <-> NETBIOS SMB v4 umpnpmgr PNP_GetDeviceList unicode little endian dos attempt (netbios.rules)
4938 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetDeviceList WriteAndX little endian dos attempt (netbios.rules)
4939 <-> NETBIOS SMB v4 umpnpmgr PNP_GetDeviceList WriteAndX unicode little endian dos attempt (netbios.rules)
4940 <-> NETBIOS SMB umpnpmgr PNP_GetDeviceList unicode dos attempt (netbios.rules)
4941 <-> NETBIOS SMB v4 umpnpmgr PNP_GetDeviceList dos attempt (netbios.rules)
4942 <-> NETBIOS SMB-DS umpnpmgr PNP_GetDeviceList dos attempt (netbios.rules)
4943 <-> NETBIOS SMB umpnpmgr PNP_GetDeviceList WriteAndX dos attempt (netbios.rules)
4944 <-> NETBIOS SMB v4 umpnpmgr PNP_GetDeviceList little endian dos attempt (netbios.rules)
4945 <-> NETBIOS SMB umpnpmgr PNP_GetDeviceList little endian dos attempt (netbios.rules)
4946 <-> NETBIOS SMB umpnpmgr PNP_GetDeviceList unicode little endian dos attempt (netbios.rules)
4947 <-> NETBIOS SMB-DS umpnpmgr PNP_GetDeviceList WriteAndX unicode dos attempt (netbios.rules)
4948 <-> NETBIOS SMB-DS umpnpmgr PNP_GetDeviceList unicode little endian dos attempt (netbios.rules)
4949 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetDeviceList WriteAndX dos attempt (netbios.rules)
4950 <-> NETBIOS SMB umpnpmgr PNP_GetDeviceList andx dos attempt (netbios.rules)
4951 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetDeviceList andx dos attempt (netbios.rules)
4952 <-> NETBIOS SMB-DS umpnpmgr PNP_GetDeviceList WriteAndX little endian andx dos attempt (netbios.rules)
4953 <-> NETBIOS SMB-DS umpnpmgr PNP_GetDeviceList WriteAndX andx dos attempt (netbios.rules)
4954 <-> NETBIOS SMB-DS umpnpmgr PNP_GetDeviceList unicode andx dos attempt (netbios.rules)
4955 <-> NETBIOS SMB umpnpmgr PNP_GetDeviceList WriteAndX unicode little endian andx dos attempt (netbios.rules)
4956 <-> NETBIOS SMB-DS umpnpmgr PNP_GetDeviceList little endian andx dos attempt (netbios.rules)
4957 <-> NETBIOS SMB umpnpmgr PNP_GetDeviceList WriteAndX little endian andx dos attempt (netbios.rules)
4958 <-> NETBIOS SMB umpnpmgr PNP_GetDeviceList WriteAndX unicode andx dos attempt (netbios.rules)
4959 <-> NETBIOS SMB-DS umpnpmgr PNP_GetDeviceList WriteAndX unicode little endian andx dos attempt (netbios.rules)
4960 <-> NETBIOS SMB v4 umpnpmgr PNP_GetDeviceList unicode andx dos attempt (netbios.rules)
4961 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetDeviceList WriteAndX unicode andx dos attempt (netbios.rules)
4962 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetDeviceList little endian andx dos attempt (netbios.rules)
4963 <-> NETBIOS SMB v4 umpnpmgr PNP_GetDeviceList WriteAndX andx dos attempt (netbios.rules)
4964 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetDeviceList unicode little endian andx dos attempt (netbios.rules)
4965 <-> NETBIOS SMB v4 umpnpmgr PNP_GetDeviceList WriteAndX little endian andx dos attempt (netbios.rules)
4966 <-> NETBIOS SMB v4 umpnpmgr PNP_GetDeviceList WriteAndX unicode andx dos attempt (netbios.rules)
4967 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetDeviceList WriteAndX unicode little endian andx dos attempt (netbios.rules)
4968 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetDeviceList unicode andx dos attempt (netbios.rules)
4969 <-> NETBIOS SMB v4 umpnpmgr PNP_GetDeviceList unicode little endian andx dos attempt (netbios.rules)
4970 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetDeviceList WriteAndX little endian andx dos attempt (netbios.rules)
4971 <-> NETBIOS SMB v4 umpnpmgr PNP_GetDeviceList WriteAndX unicode little endian andx dos attempt (netbios.rules)
4972 <-> NETBIOS SMB umpnpmgr PNP_GetDeviceList unicode andx dos attempt (netbios.rules)
4973 <-> NETBIOS SMB v4 umpnpmgr PNP_GetDeviceList andx dos attempt (netbios.rules)
4974 <-> NETBIOS SMB-DS umpnpmgr PNP_GetDeviceList andx dos attempt (netbios.rules)
4975 <-> NETBIOS SMB umpnpmgr PNP_GetDeviceList WriteAndX andx dos attempt (netbios.rules)
4976 <-> NETBIOS SMB v4 umpnpmgr PNP_GetDeviceList little endian andx dos attempt (netbios.rules)
4977 <-> NETBIOS SMB umpnpmgr PNP_GetDeviceList little endian andx dos attempt (netbios.rules)
4978 <-> NETBIOS SMB umpnpmgr PNP_GetDeviceList unicode little endian andx dos attempt (netbios.rules)
4979 <-> NETBIOS SMB-DS umpnpmgr PNP_GetDeviceList WriteAndX unicode andx dos attempt (netbios.rules)
4980 <-> NETBIOS SMB-DS umpnpmgr PNP_GetDeviceList unicode little endian andx dos attempt (netbios.rules)
4981 <-> NETBIOS SMB-DS v4 umpnpmgr PNP_GetDeviceList WriteAndX andx dos attempt (netbios.rules)
5685 <-> SMTP TLSv1 Client_Hello via SSLv2 handshake request (smtp.rules)
5686 <-> SMTP TLSv1 Server_Hello request (smtp.rules)
5687 <-> SMTP SSLv2 Client_Hello request (smtp.rules)
5688 <-> SMTP SSLv2 Client_Hello with pad request (smtp.rules)
5689 <-> SMTP TLSv1 Client_Hello request (smtp.rules)
5690 <-> SMTP SSLv3 Client_Hello request (smtp.rules)
5691 <-> SMTP SSLv2 Server_Hello request (smtp.rules)
5694 <-> P2P Skype client setup get newest version attempt (p2p.rules)
5696 <-> IMAP delete directory traversal attempt (imap.rules)
5697 <-> IMAP examine directory traversal attempt (imap.rules)
5698 <-> IMAP list directory traversal attempt (imap.rules)
5699 <-> IMAP lsub directory traversal attempt (imap.rules)
5700 <-> IMAP rename directory traversal attempt (imap.rules)
5701 <-> IMAP status directory traversal attempt (imap.rules)
5702 <-> IMAP subscribe directory traversal attempt (imap.rules)
5703 <-> IMAP unsubscribe directory traversal attempt (imap.rules)
5704 <-> IMAP SELECT overflow attempt (imap.rules)
5705 <-> IMAP CAPABILITY overflow attempt (imap.rules)
5714 <-> SMTP x-unix-mode executable mail attachment (smtp.rules)
5716 <-> NETBIOS SMB Trans unicode Max Param/Count DOS attempt (netbios.rules)
5717 <-> NETBIOS SMB-DS Trans Max Param/Count DOS attempt (netbios.rules)
5718 <-> NETBIOS SMB-DS Trans unicode Max Param/Count DOS attempt (netbios.rules)
5719 <-> NETBIOS-DG SMB Trans Max Param/Count DOS attempt (netbios.rules)
5720 <-> NETBIOS-DG SMB Trans unicode Max Param/Count DOS attempt (netbios.rules)
5721 <-> NETBIOS SMB Trans andx Max Param/Count DOS attempt (netbios.rules)
5722 <-> NETBIOS SMB Trans unicode andx Max Param/Count DOS attempt (netbios.rules)
5723 <-> NETBIOS SMB-DS Trans andx Max Param/Count DOS attempt (netbios.rules)
5724 <-> NETBIOS SMB-DS Trans unicode andx Max Param/Count DOS attempt (netbios.rules)
5725 <-> NETBIOS-DG SMB Trans andx Max Param/Count DOS attempt (netbios.rules)
5726 <-> NETBIOS-DG SMB Trans unicode andx Max Param/Count DOS attempt (netbios.rules)
5727 <-> NETBIOS SMB Trans unicode Max Param DOS attempt (netbios.rules)
5728 <-> NETBIOS-DG SMB Trans Max Param DOS attempt (netbios.rules)
5729 <-> NETBIOS SMB Trans Max Param DOS attempt (netbios.rules)
5730 <-> NETBIOS SMB-DS Trans Max Param DOS attempt (netbios.rules)
5731 <-> NETBIOS SMB-DS Trans unicode Max Param DOS attempt (netbios.rules)
5732 <-> NETBIOS-DG SMB Trans unicode Max Param DOS attempt (netbios.rules)
5733 <-> NETBIOS SMB Trans unicode andx Max Param DOS attempt (netbios.rules)
5734 <-> NETBIOS-DG SMB Trans andx Max Param DOS attempt (netbios.rules)
5735 <-> NETBIOS SMB Trans andx Max Param DOS attempt (netbios.rules)
5736 <-> NETBIOS SMB-DS Trans andx Max Param DOS attempt (netbios.rules)
5737 <-> NETBIOS SMB-DS Trans unicode andx Max Param DOS attempt (netbios.rules)
5738 <-> NETBIOS-DG SMB Trans unicode andx Max Param DOS attempt (netbios.rules)
5739 <-> SMTP headers too long server response (smtp.rules)
5856 <-> DELETED SPYWARE-PUT Hijacker funbuddyicons runtime detection - funwebproducts user-agent string (deleted.rules)
5869 <-> DELETED SPYWARE-PUT Trickler VX2/ABetterInternet transponder thinstaller runtime detection - download request 1 (deleted.rules)
5870 <-> DELETED SPYWARE-PUT Trickler VX2/ABetterInternet transponder thinstaller runtime detection - download request 2 (deleted.rules)
5912 <-> DELETED SPYWARE-PUT Hijacker webcrawler runtime detection (deleted.rules)
6032 <-> DELETED BACKDOOR fkwp 2.0 runtime detection - conn success-cts (deleted.rules)
6038 <-> DELETED BACKDOOR netbus 1.7 runtime detection - initial connection (deleted.rules)
6067 <-> DELETED BACKDOOR optixlite 1.0 runtime detection - conn failure-cts (deleted.rules)
6135 <-> DELETED BACKDOOR clindestine 1.0 icq notification of server installation (deleted.rules)
6158 <-> DELETED BACKDOOR satanz Backdoor runtime detection (deleted.rules)
6162 <-> DELETED BACKDOOR netsphere v1.31.337 final runtime detection (deleted.rules)
6163 <-> DELETED BACKDOOR gate crahser v1.2 runtime detection (deleted.rules)
6210 <-> DELETED SPYWARE-PUT Adware deskwizz runtime detection - ad banner (deleted.rules)
6229 <-> DELETED SPYWARE-PUT Adware exact.bargainbuddy runtime detection - adp ads (deleted.rules)
6231 <-> DELETED SPYWARE-PUT Adware mirar runtime detection - search (deleted.rules)
6235 <-> DELETED SPYWARE-PUT Adware spoton runtime detection (deleted.rules)
6262 <-> DELETED SPYWARE-PUT Hijacker gigatech superbar runtime detection - hijack ie auto search (deleted.rules)
6272 <-> DELETED SPYWARE-PUT Adware bundleware ds3 runtime detection - initial connection (deleted.rules)
6273 <-> DELETED SPYWARE-PUT Adware bundleware ds3 runtime detection - pop-up retreival (deleted.rules)
6277 <-> DELETED SPYWARE-PUT Hijacker navexcel runtime detection (deleted.rules)
6369 <-> DELETED SPYWARE-PUT Adware flashtrack media runtime detection - download .dll (deleted.rules)
6370 <-> DELETED SPYWARE-PUT Adware flashtrack media runtime detection - download .exe (deleted.rules)
6393 <-> DELETED SPYWARE-PUT Hijacker zeropopup runtime detection - button search (deleted.rules)
6410 <-> WEB-FRONTPAGE frontpage server extension long host string overflow attempt (web-frontpage.rules)
6412 <-> SMTP Windows Address Book attachment detected (smtp.rules)
6413 <-> SMTP Base64 encoded Windows Address Book attachment detected (smtp.rules)
6471 <-> EXPLOIT RealVNC password authentication bypass vulnerability attempt (exploit.rules)
6519 <-> DELETED WEB-CLIENT DXImageTransform.Microsoft.Light ActiveX function call access (deleted.rules)
7056 <-> DELETED BACKDOOR amanda 2.0 runtime detection - initial connection (deleted.rules)
7062 <-> DELETED BACKDOOR charon runtime detection - download log flowbit 2 (deleted.rules)
7063 <-> DELETED BACKDOOR charon runtime detection - download log (deleted.rules)
7092 <-> DELETED BACKDOOR uprising screen control 1.0 runtime detection (deleted.rules)
7093 <-> DELETED BACKDOOR uprising screen control 1.0 runtime detection - init connectiion (deleted.rules)
7094 <-> DELETED BACKDOOR uprising screen control 1.0 runtime detection (deleted.rules)
7095 <-> DELETED BACKDOOR uprising screen control 1.0 runtime detection - begin capture (deleted.rules)
7100 <-> DELETED BACKDOOR mass connect 1.1 runtime detection - http (deleted.rules)
7109 <-> DELETED BACKDOOR vampire runtime detection (deleted.rules)
7110 <-> DELETED BACKDOOR vampire runtime detection (deleted.rules)
7117 <-> DELETED BACKDOOR y3k 1.2 runtime detection - icq notification (deleted.rules)
7131 <-> DELETED SPYWARE-PUT Hijacker wowok mp3 bar runtime detection - tracking (deleted.rules)
7132 <-> DELETED SPYWARE-PUT Hijacker wowok mp3 bar runtime detection - advertising 1 (deleted.rules)
7133 <-> DELETED SPYWARE-PUT Hijacker wowok mp3 bar runtime detection - advertising 2 (deleted.rules)
7134 <-> DELETED SPYWARE-PUT Hijacker wowok mp3 bar runtime detection - search assissant hijacking (deleted.rules)
7170 <-> DELETED SPYWARE-PUT Keylogger ab system spy runtime detection - info update (deleted.rules)
7171 <-> DELETED SPYWARE-PUT Keylogger ab system spy runtime detection - info update (deleted.rules)
7172 <-> DELETED SPYWARE-PUT Keylogger ab system spy runtime detection - info update (deleted.rules)
7173 <-> DELETED SPYWARE-PUT Keylogger ab system spy runtime detection - info update (deleted.rules)
7174 <-> DELETED SPYWARE-PUT Keylogger ab system spy runtime detection - info update (deleted.rules)
7181 <-> DELETED SPYWARE-PUT Keylogger desktop detective 2000 runtime detection - info request (deleted.rules)
7182 <-> DELETED SPYWARE-PUT Keylogger desktop detective 2000 runtime detection - info request (deleted.rules)
7555 <-> DELETED SPYWARE-PUT Adware hxdl runtime detection - crypt user-agent (deleted.rules)
7666 <-> DELETED BACKDOOR screen control 1.0 runtime detection - capture on port 2208 - flowbit set (deleted.rules)
7724 <-> BACKDOOR reversable ver1.0 runtime detection - initial connection - flowbit set (backdoor.rules)
7725 <-> DELETED BACKDOOR reversable ver1.0 runtime detection - initial connection (deleted.rules)
7779 <-> DELETED BACKDOOR net devil 1.4 runtime detection - initial connection - flowbit set 1 (deleted.rules)
7780 <-> DELETED BACKDOOR net devil 1.4 runtime detection - initial connection - flowbit set 2 (deleted.rules)
7781 <-> DELETED BACKDOOR net devil 1.4 runtime detection - initial connection (deleted.rules)
7796 <-> BACKDOOR incommand 1.7 runtime detection - init connection (backdoor.rules)
7904 <-> WEB-CLIENT CDL Asychronous Pluggable Protocol Handler ActiveX clsid access (web-client.rules)
7905 <-> WEB-CLIENT CDL Asychronous Pluggable Protocol Handler ActiveX clsid unicode access (web-client.rules)
7908 <-> WEB-CLIENT DXImageTransform.Microsoft.Chroma ActiveX clsid access (web-client.rules)
7909 <-> WEB-CLIENT DXImageTransform.Microsoft.Chroma ActiveX clsid unicode access (web-client.rules)
7928 <-> WEB-CLIENT file or local Asychronous Pluggable Protocol Handler ActiveX clsid access (web-client.rules)
7929 <-> WEB-CLIENT file or local Asychronous Pluggable Protocol Handler ActiveX clsid unicode access (web-client.rules)
7934 <-> WEB-CLIENT ftp Asychronous Pluggable Protocol Handler ActiveX clsid access (web-client.rules)
7935 <-> WEB-CLIENT ftp Asychronous Pluggable Protocol Handler ActiveX clsid unicode access (web-client.rules)
7938 <-> WEB-CLIENT gopher Asychronous Pluggable Protocol Handler ActiveX clsid access (web-client.rules)
7939 <-> WEB-CLIENT gopher Asychronous Pluggable Protocol Handler ActiveX clsid unicode access (web-client.rules)
7942 <-> WEB-CLIENT http Asychronous Pluggable Protocol Handler ActiveX clsid access (web-client.rules)
7943 <-> WEB-CLIENT http Asychronous Pluggable Protocol Handler ActiveX clsid unicode access (web-client.rules)
7944 <-> WEB-CLIENT https Asychronous Pluggable Protocol Handler ActiveX clsid access (web-client.rules)
7945 <-> WEB-CLIENT https Asychronous Pluggable Protocol Handler ActiveX clsid unicode access (web-client.rules)
7958 <-> WEB-CLIENT mk Asychronous Pluggable Protocol Handler ActiveX clsid access (web-client.rules)
7959 <-> WEB-CLIENT mk Asychronous Pluggable Protocol Handler ActiveX clsid unicode access (web-client.rules)
7960 <-> DELETED WEB-CLIENT mk Asychronous Pluggable Protocol Handler ActiveX CLSID access (deleted.rules)
7961 <-> DELETED WEB-CLIENT mk Asychronous Pluggable Protocol Handler ActiveX CLSID unicode access (deleted.rules)
7962 <-> DELETED WEB-CLIENT mk Asychronous Pluggable Protocol Handler ActiveX CLSID access (deleted.rules)
7963 <-> DELETED WEB-CLIENT mk Asychronous Pluggable Protocol Handler ActiveX CLSID unicode access (deleted.rules)
7964 <-> DELETED WEB-CLIENT mk Asychronous Pluggable Protocol Handler ActiveX CLSID access (deleted.rules)
7965 <-> DELETED WEB-CLIENT mk Asychronous Pluggable Protocol Handler ActiveX CLSID unicode access (deleted.rules)
7966 <-> DELETED WEB-CLIENT mk Asychronous Pluggable Protocol Handler ActiveX CLSID access (deleted.rules)
7967 <-> DELETED WEB-CLIENT mk Asychronous Pluggable Protocol Handler ActiveX CLSID unicode access (deleted.rules)
7968 <-> DELETED WEB-CLIENT mk Asychronous Pluggable Protocol Handler ActiveX CLSID access (deleted.rules)
7969 <-> DELETED WEB-CLIENT mk Asychronous Pluggable Protocol Handler ActiveX CLSID unicode access (deleted.rules)
8057 <-> MYSQL Date_Format denial of service attempt (mysql.rules)
8415 <-> FTP SIZE overflow attempt (ftp.rules)
8429 <-> POP3 SSLv2 openssl get shared ciphers overflow attempt (pop3.rules)
8430 <-> POP3 SSLv3 openssl get shared ciphers overflow attempt (pop3.rules)
8431 <-> POP3 SSLv2 openssl get shared ciphers overflow attempt (pop3.rules)
8432 <-> SMTP SSLv2 openssl get shared ciphers overflow attempt (smtp.rules)
8433 <-> SMTP SSLv2 openssl get shared ciphers overflow attempt (smtp.rules)
8434 <-> SMTP SSLv3 openssl get shared ciphers overflow attempt (smtp.rules)
8435 <-> SMTP SSLv3 openssl get shared ciphers overflow attempt (smtp.rules)
8436 <-> SMTP SSLv2 openssl get shared ciphers overflow attempt (smtp.rules)
8437 <-> SMTP SSLv2 openssl get shared ciphers overflow attempt (smtp.rules)
8438 <-> IMAP SSLv2 openssl get shared ciphers overflow attempt (imap.rules)
8439 <-> IMAP SSLv3 openssl get shared ciphers overflow attempt (imap.rules)
8440 <-> IMAP SSLv2 openssl get shared ciphers overflow attempt (imap.rules)
8441 <-> WEB-MISC McAfee header buffer overflow attempt (web-misc.rules)
8447 <-> DELETED WEB-CLIENT Open document file transfer attempt (deleted.rules)
8479 <-> FTP HELP overflow attempt (ftp.rules)
8480 <-> FTP PORT overflow attempt (ftp.rules)
8481 <-> FTP Microsoft NLST * dos attempt (ftp.rules)
8704 <-> SMTP YPOPS Banner (smtp.rules)
8705 <-> SMTP YPOPS buffer overflow attempt (smtp.rules)
8707 <-> FTP WZD-FTPD SITE arbitrary command execution attempt (ftp.rules)
8709 <-> DNS Windows NAT helper components tcp denial of service attempt (dns.rules)
8710 <-> DNS Windows NAT helper components udp denial of service attempt (dns.rules)
8723 <-> WEB-CLIENT Microsoft Office Data Source Control 11.0 ActiveX clsid access (web-client.rules)
8724 <-> WEB-CLIENT Microsoft Office Data Source Control 11.0 ActiveX clsid unicode access (web-client.rules)
9601 <-> NETBIOS DCERPC NCACN-IP-TCP ISystemActivator RemoteCreateInstance little endian attempt (netbios.rules)
9792 <-> FTP PASV overflow attempt (ftp.rules)
9813 <-> EXPLOIT Symantec NetBackup connect_options buffer overflow attempt (exploit.rules)
9820 <-> WEB-CLIENT Microsoft Office Data Source Control 11.0 ActiveX function call access (web-client.rules)
9841 <-> SMTP Microsoft Outlook VEVENT overflow attempt (smtp.rules)
10011 <-> IMAP Novell NetMail APPEND command buffer overflow attempt (imap.rules)
10012 <-> SMTP Microsoft Outlook VEVENT non-TZID overflow attempt (smtp.rules)
10106 <-> DELETED BACKDOOR icmp cmd 1.0 runtime detection - download file (deleted.rules)
10123 <-> SPECIFIC-THREATS PA168 chipset based IP phone default password attempt (specific-threats.rules)
10124 <-> SPECIFIC-THREATS PA168 chipset based IP phone authentication bypass (specific-threats.rules)
10130 <-> POLICY VERITAS NetBackup system execution function call access attempt (policy.rules)
10158 <-> DELETED NETBIOS SMB writex possible Snort dcerpc preprocessor overflow attempt (deleted.rules)
10159 <-> DELETED NETBIOS SMB-DS writex possible Snort dcerpc preprocessor overflow attempt (deleted.rules)
10160 <-> DELETED NETBIOS-DG SMB writex possible Snort dcerpc preprocessor overflow attempt (deleted.rules)
10186 <-> SMTP ClamAV mime parsing directory traversal (smtp.rules)
10188 <-> FTP Wsftp XMD5 overflow attempt (ftp.rules)
10381 <-> NETBIOS DCERPC DIRECT svcctl ChangeServiceConfig2A attempt (netbios.rules)
10382 <-> NETBIOS DCERPC DIRECT v4 svcctl ChangeServiceConfig2A attempt (netbios.rules)
10383 <-> NETBIOS DCERPC DIRECT svcctl ChangeServiceConfig2A little endian attempt (netbios.rules)
10384 <-> NETBIOS DCERPC DIRECT v4 svcctl ChangeServiceConfig2A little endian attempt (netbios.rules)
10385 <-> NETBIOS DCERPC DIRECT svcctl ChangeServiceConfig2A object call attempt (netbios.rules)
10386 <-> NETBIOS DCERPC DIRECT svcctl ChangeServiceConfig2A little endian object call attempt (netbios.rules)
10396 <-> DELETED WEB-IIS Internet Data Query query.idq directory traversal attempt (deleted.rules)
10397 <-> DELETED WEB-IIS Internet Data Query exair query.idq directory traversal attempt (deleted.rules)
10398 <-> DELETED WEB-IIS Internet Data Query exair search.idq directory traversal attempt (deleted.rules)
10399 <-> DELETED WEB-IIS Internet Data Query iissamples fastq.idq directory traversal attempt (deleted.rules)
10400 <-> DELETED WEB-IIS Internet Data Query iissamples query.idq directory traversal attempt (deleted.rules)
10401 <-> DELETED WEB-IIS Internet Data Query prxdocs prxrch.idq directory traversal attempt (deleted.rules)
10418 <-> EXPLOIT lpd Solaris unlink file attempt (exploit.rules)
10482 <-> RPC portmap CA BrightStor ARCserve tcp request (rpc.rules)
10483 <-> RPC portmap CA BrightStor ARCserve udp request (rpc.rules)
10484 <-> RPC portmap CA BrightStor ARCserve tcp procedure 191 attempt (rpc.rules)
10485 <-> RPC portmap CA BrightStor ARCserve udp procedure 191 attempt (rpc.rules)
10524 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs2 WriteAndX overflow attempt (deleted.rules)
10525 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 WriteAndX object call overflow attempt (deleted.rules)
10526 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 object call overflow attempt (deleted.rules)
10527 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs2 little endian overflow attempt (deleted.rules)
10528 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 unicode object call overflow attempt (deleted.rules)
10532 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 WriteAndX overflow attempt (deleted.rules)
10533 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 WriteAndX little endian overflow attempt (deleted.rules)
10534 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 little endian overflow attempt (deleted.rules)
10535 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 overflow attempt (deleted.rules)
10538 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 object call overflow attempt (deleted.rules)
10539 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 little endian object call overflow attempt (deleted.rules)
10540 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 WriteAndX little endian object call overflow attempt (deleted.rules)
10541 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 unicode object call overflow attempt (deleted.rules)
10543 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 WriteAndX unicode object call overflow attempt (deleted.rules)
10544 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 WriteAndX unicode little endian object call overflow attempt (deleted.rules)
10546 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 little endian object call overflow attempt (deleted.rules)
10547 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 unicode little endian object call overflow attempt (deleted.rules)
10548 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 WriteAndX unicode little endian object call overflow attempt (deleted.rules)
10549 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 unicode little endian overflow attempt (deleted.rules)
10551 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs2 WriteAndX unicode little endian overflow attempt (deleted.rules)
10553 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 unicode overflow attempt (deleted.rules)
10554 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs2 little endian overflow attempt (deleted.rules)
10556 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 WriteAndX little endian overflow attempt (deleted.rules)
10557 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs2 WriteAndX little endian overflow attempt (deleted.rules)
10559 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs2 WriteAndX unicode overflow attempt (deleted.rules)
10561 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs2 overflow attempt (deleted.rules)
10562 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs2 WriteAndX overflow attempt (deleted.rules)
10563 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs2 overflow attempt (deleted.rules)
10564 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs2 WriteAndX little endian overflow attempt (deleted.rules)
10565 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs2 unicode overflow attempt (deleted.rules)
10567 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs2 WriteAndX unicode overflow attempt (deleted.rules)
10569 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs2 unicode overflow attempt (deleted.rules)
10570 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs2 WriteAndX unicode little endian overflow attempt (deleted.rules)
10571 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs2 unicode little endian overflow attempt (deleted.rules)
10575 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs2 unicode little endian overflow attempt (deleted.rules)
10576 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 WriteAndX overflow attempt (deleted.rules)
10578 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 WriteAndX unicode overflow attempt (deleted.rules)
10579 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 overflow attempt (deleted.rules)
10582 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 unicode overflow attempt (deleted.rules)
10583 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 WriteAndX unicode overflow attempt (deleted.rules)
10584 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 WriteAndX unicode little endian overflow attempt (deleted.rules)
10585 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 little endian overflow attempt (deleted.rules)
10588 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 WriteAndX unicode little endian overflow attempt (deleted.rules)
10590 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 unicode little endian overflow attempt (deleted.rules)
10591 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 WriteAndX little endian object call overflow attempt (deleted.rules)
10593 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 unicode little endian object call overflow attempt (deleted.rules)
10594 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 WriteAndX unicode object call overflow attempt (deleted.rules)
10595 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 WriteAndX object call overflow attempt (deleted.rules)
10596 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs2 WriteAndX andx overflow attempt (deleted.rules)
10597 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 WriteAndX andx object call overflow attempt (deleted.rules)
10598 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 andx object call overflow attempt (deleted.rules)
10599 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs2 little endian andx overflow attempt (deleted.rules)
10600 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 unicode andx object call overflow attempt (deleted.rules)
10604 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 WriteAndX andx overflow attempt (deleted.rules)
10605 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 WriteAndX little endian andx overflow attempt (deleted.rules)
10606 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 little endian andx overflow attempt (deleted.rules)
10607 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 andx overflow attempt (deleted.rules)
10610 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 andx object call overflow attempt (deleted.rules)
10611 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 little endian andx object call overflow attempt (deleted.rules)
10612 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 WriteAndX little endian andx object call overflow attempt (deleted.rules)
10613 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 unicode andx object call overflow attempt (deleted.rules)
10615 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 WriteAndX unicode andx object call overflow attempt (deleted.rules)
10616 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 WriteAndX unicode little endian andx object call overflow attempt (deleted.rules)
10618 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 little endian andx object call overflow attempt (deleted.rules)
10619 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 unicode little endian andx object call overflow attempt (deleted.rules)
10620 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 WriteAndX unicode little endian andx object call overflow attempt (deleted.rules)
10621 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 unicode little endian andx overflow attempt (deleted.rules)
10623 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs2 WriteAndX unicode little endian andx overflow attempt (deleted.rules)
10625 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 unicode andx overflow attempt (deleted.rules)
10626 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs2 little endian andx overflow attempt (deleted.rules)
10628 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 WriteAndX little endian andx overflow attempt (deleted.rules)
10629 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs2 WriteAndX little endian andx overflow attempt (deleted.rules)
10631 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs2 WriteAndX unicode andx overflow attempt (deleted.rules)
10633 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs2 andx overflow attempt (deleted.rules)
10634 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs2 WriteAndX andx overflow attempt (deleted.rules)
10635 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs2 andx overflow attempt (deleted.rules)
10636 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs2 WriteAndX little endian andx overflow attempt (deleted.rules)
10637 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs2 unicode andx overflow attempt (deleted.rules)
10639 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs2 WriteAndX unicode andx overflow attempt (deleted.rules)
10641 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs2 unicode andx overflow attempt (deleted.rules)
10642 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs2 WriteAndX unicode little endian andx overflow attempt (deleted.rules)
10643 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs2 unicode little endian andx overflow attempt (deleted.rules)
10647 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs2 unicode little endian andx overflow attempt (deleted.rules)
10648 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 WriteAndX andx overflow attempt (deleted.rules)
10650 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 WriteAndX unicode andx overflow attempt (deleted.rules)
10651 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 andx overflow attempt (deleted.rules)
10654 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 unicode andx overflow attempt (deleted.rules)
10655 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 WriteAndX unicode andx overflow attempt (deleted.rules)
10656 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 WriteAndX unicode little endian andx overflow attempt (deleted.rules)
10657 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 little endian andx overflow attempt (deleted.rules)
10660 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 WriteAndX unicode little endian andx overflow attempt (deleted.rules)
10662 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs2 unicode little endian andx overflow attempt (deleted.rules)
10663 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 WriteAndX little endian andx object call overflow attempt (deleted.rules)
10665 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 unicode little endian andx object call overflow attempt (deleted.rules)
10666 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 WriteAndX unicode andx object call overflow attempt (deleted.rules)
10667 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs2 WriteAndX andx object call overflow attempt (deleted.rules)
10668 <-> DELETED NETBIOS DCERPC DIRECT-UDP v4 dns R_Dnssrv funcs2 little endian overflow attempt (deleted.rules)
10670 <-> DELETED NETBIOS DCERPC NCACN-IP-TCP v4 dns R_Dnssrv funcs2 overflow attempt (deleted.rules)
10671 <-> DELETED NETBIOS DCERPC NCACN-HTTP v4 dns R_Dnssrv funcs2 little endian overflow attempt (deleted.rules)
10673 <-> DELETED NETBIOS DCERPC NCACN-IP-TCP dns R_Dnssrv funcs2 little endian overflow attempt (deleted.rules)
10674 <-> DELETED NETBIOS DCERPC NCACN-HTTP v4 dns R_Dnssrv funcs2 overflow attempt (deleted.rules)
10675 <-> DELETED NETBIOS DCERPC NCADG-IP-UDP v4 dns R_Dnssrv funcs2 little endian overflow attempt (deleted.rules)
10676 <-> DELETED NETBIOS DCERPC NCADG-IP-UDP v4 dns R_Dnssrv funcs2 overflow attempt (deleted.rules)
10677 <-> DELETED NETBIOS DCERPC NCACN-IP-TCP v4 dns R_Dnssrv funcs2 little endian overflow attempt (deleted.rules)
10678 <-> DELETED NETBIOS DCERPC DIRECT-UDP v4 dns R_Dnssrv funcs2 overflow attempt (deleted.rules)
10680 <-> DELETED NETBIOS DCERPC NCACN-IP-TCP dns R_Dnssrv funcs2 overflow attempt (deleted.rules)
10681 <-> DELETED NETBIOS DCERPC DIRECT-UDP dns R_Dnssrv funcs2 little endian overflow attempt (deleted.rules)
10682 <-> DELETED NETBIOS DCERPC NCACN-HTTP dns R_Dnssrv funcs2 little endian overflow attempt (deleted.rules)
10683 <-> DELETED NETBIOS DCERPC NCADG-IP-UDP dns R_Dnssrv funcs2 overflow attempt (deleted.rules)
10684 <-> DELETED NETBIOS DCERPC NCADG-IP-UDP dns R_Dnssrv funcs2 little endian overflow attempt (deleted.rules)
10685 <-> DELETED NETBIOS DCERPC NCACN-HTTP dns R_Dnssrv funcs2 overflow attempt (deleted.rules)
10687 <-> DELETED NETBIOS DCERPC DIRECT-UDP dns R_Dnssrv funcs2 overflow attempt (deleted.rules)
10689 <-> DELETED NETBIOS DCERPC NCACN-IP-TCP dns R_Dnssrv funcs2 little endian object call overflow attempt (deleted.rules)
10691 <-> DELETED NETBIOS DCERPC NCACN-IP-TCP dns R_Dnssrv funcs2 object call overflow attempt (deleted.rules)
10692 <-> DELETED NETBIOS DCERPC DIRECT-UDP dns R_Dnssrv funcs2 little endian object call overflow attempt (deleted.rules)
10693 <-> DELETED NETBIOS DCERPC NCACN-HTTP dns R_Dnssrv funcs2 little endian object call overflow attempt (deleted.rules)
10694 <-> DELETED NETBIOS DCERPC NCADG-IP-UDP dns R_Dnssrv funcs2 object call overflow attempt (deleted.rules)
10695 <-> DELETED NETBIOS DCERPC NCADG-IP-UDP dns R_Dnssrv funcs2 little endian object call overflow attempt (deleted.rules)
10696 <-> DELETED NETBIOS DCERPC NCACN-HTTP dns R_Dnssrv funcs2 object call overflow attempt (deleted.rules)
10697 <-> DELETED NETBIOS DCERPC DIRECT-UDP dns R_Dnssrv funcs2 object call overflow attempt (deleted.rules)
10698 <-> DELETED NETBIOS SMB dns alter context attempt (deleted.rules)
10701 <-> DELETED NETBIOS SMB dns WriteAndX alter context attempt (deleted.rules)
10703 <-> DELETED NETBIOS-DG SMB dns alter context attempt (deleted.rules)
10704 <-> DELETED NETBIOS-DG SMB dns WriteAndX alter context attempt (deleted.rules)
10705 <-> DELETED NETBIOS-DG SMB dns unicode alter context attempt (deleted.rules)
10706 <-> DELETED NETBIOS SMB dns unicode alter context attempt (deleted.rules)
10707 <-> DELETED NETBIOS SMB dns WriteAndX unicode alter context attempt (deleted.rules)
10709 <-> DELETED NETBIOS-DG SMB dns WriteAndX unicode alter context attempt (deleted.rules)
10710 <-> DELETED NETBIOS SMB dns little endian alter context attempt (deleted.rules)
10711 <-> DELETED NETBIOS SMB dns WriteAndX little endian alter context attempt (deleted.rules)
10712 <-> DELETED NETBIOS SMB dns unicode little endian alter context attempt (deleted.rules)
10713 <-> DELETED NETBIOS SMB dns WriteAndX unicode little endian alter context attempt (deleted.rules)
10718 <-> DELETED NETBIOS-DG SMB dns little endian alter context attempt (deleted.rules)
10719 <-> DELETED NETBIOS-DG SMB dns WriteAndX little endian alter context attempt (deleted.rules)
10720 <-> DELETED NETBIOS-DG SMB dns unicode little endian alter context attempt (deleted.rules)
10721 <-> DELETED NETBIOS-DG SMB dns WriteAndX unicode little endian alter context attempt (deleted.rules)
10722 <-> DELETED NETBIOS SMB dns bind attempt (deleted.rules)
10723 <-> DELETED NETBIOS SMB dns WriteAndX bind attempt (deleted.rules)
10724 <-> DELETED NETBIOS SMB dns unicode bind attempt (deleted.rules)
10725 <-> DELETED NETBIOS SMB dns WriteAndX unicode bind attempt (deleted.rules)
10730 <-> DELETED NETBIOS-DG SMB dns bind attempt (deleted.rules)
10731 <-> DELETED NETBIOS-DG SMB dns WriteAndX bind attempt (deleted.rules)
10732 <-> DELETED NETBIOS-DG SMB dns unicode bind attempt (deleted.rules)
10733 <-> DELETED NETBIOS-DG SMB dns WriteAndX unicode bind attempt (deleted.rules)
10734 <-> DELETED NETBIOS SMB dns little endian bind attempt (deleted.rules)
10735 <-> DELETED NETBIOS SMB dns WriteAndX little endian bind attempt (deleted.rules)
10736 <-> DELETED NETBIOS SMB dns unicode little endian bind attempt (deleted.rules)
10737 <-> DELETED NETBIOS SMB dns WriteAndX unicode little endian bind attempt (deleted.rules)
10742 <-> DELETED NETBIOS-DG SMB dns little endian bind attempt (deleted.rules)
10743 <-> DELETED NETBIOS-DG SMB dns WriteAndX little endian bind attempt (deleted.rules)
10744 <-> DELETED NETBIOS-DG SMB dns unicode little endian bind attempt (deleted.rules)
10745 <-> DELETED NETBIOS-DG SMB dns WriteAndX unicode little endian bind attempt (deleted.rules)
10746 <-> DELETED NETBIOS SMB dns andx alter context attempt (deleted.rules)
10749 <-> DELETED NETBIOS SMB dns WriteAndX andx alter context attempt (deleted.rules)
10751 <-> DELETED NETBIOS-DG SMB dns andx alter context attempt (deleted.rules)
10752 <-> DELETED NETBIOS-DG SMB dns WriteAndX andx alter context attempt (deleted.rules)
10753 <-> DELETED NETBIOS-DG SMB dns unicode andx alter context attempt (deleted.rules)
10754 <-> DELETED NETBIOS SMB dns unicode andx alter context attempt (deleted.rules)
10755 <-> DELETED NETBIOS SMB dns WriteAndX unicode andx alter context attempt (deleted.rules)
10757 <-> DELETED NETBIOS-DG SMB dns WriteAndX unicode andx alter context attempt (deleted.rules)
10758 <-> DELETED NETBIOS SMB dns little endian andx alter context attempt (deleted.rules)
10759 <-> DELETED NETBIOS SMB dns WriteAndX little endian andx alter context attempt (deleted.rules)
10760 <-> DELETED NETBIOS SMB dns unicode little endian andx alter context attempt (deleted.rules)
10761 <-> DELETED NETBIOS SMB dns WriteAndX unicode little endian andx alter context attempt (deleted.rules)
10766 <-> DELETED NETBIOS-DG SMB dns little endian andx alter context attempt (deleted.rules)
10767 <-> DELETED NETBIOS-DG SMB dns WriteAndX little endian andx alter context attempt (deleted.rules)
10768 <-> DELETED NETBIOS-DG SMB dns unicode little endian andx alter context attempt (deleted.rules)
10769 <-> DELETED NETBIOS-DG SMB dns WriteAndX unicode little endian andx alter context attempt (deleted.rules)
10770 <-> DELETED NETBIOS SMB dns andx bind attempt (deleted.rules)
10771 <-> DELETED NETBIOS SMB dns WriteAndX andx bind attempt (deleted.rules)
10772 <-> DELETED NETBIOS SMB dns unicode andx bind attempt (deleted.rules)
10773 <-> DELETED NETBIOS SMB dns WriteAndX unicode andx bind attempt (deleted.rules)
10778 <-> DELETED NETBIOS-DG SMB dns andx bind attempt (deleted.rules)
10779 <-> DELETED NETBIOS-DG SMB dns WriteAndX andx bind attempt (deleted.rules)
10780 <-> DELETED NETBIOS-DG SMB dns unicode andx bind attempt (deleted.rules)
10781 <-> DELETED NETBIOS-DG SMB dns WriteAndX unicode andx bind attempt (deleted.rules)
10782 <-> DELETED NETBIOS SMB dns little endian andx bind attempt (deleted.rules)
10783 <-> DELETED NETBIOS SMB dns WriteAndX little endian andx bind attempt (deleted.rules)
10784 <-> DELETED NETBIOS SMB dns unicode little endian andx bind attempt (deleted.rules)
10785 <-> DELETED NETBIOS SMB dns WriteAndX unicode little endian andx bind attempt (deleted.rules)
10790 <-> DELETED NETBIOS-DG SMB dns little endian andx bind attempt (deleted.rules)
10791 <-> DELETED NETBIOS-DG SMB dns WriteAndX little endian andx bind attempt (deleted.rules)
10792 <-> DELETED NETBIOS-DG SMB dns unicode little endian andx bind attempt (deleted.rules)
10793 <-> DELETED NETBIOS-DG SMB dns WriteAndX unicode little endian andx bind attempt (deleted.rules)
10794 <-> DELETED NETBIOS DCERPC NCACN-IP-TCP dns alter context attempt (deleted.rules)
10795 <-> DELETED NETBIOS DCERPC DIRECT-UDP dns alter context attempt (deleted.rules)
10796 <-> DELETED NETBIOS DCERPC NCACN-HTTP dns little endian alter context attempt (deleted.rules)
10797 <-> DELETED NETBIOS DCERPC NCADG-IP-UDP dns alter context attempt (deleted.rules)
10798 <-> DELETED NETBIOS DCERPC NCADG-IP-UDP dns little endian alter context attempt (deleted.rules)
10799 <-> DELETED NETBIOS DCERPC DIRECT-UDP dns little endian alter context attempt (deleted.rules)
10800 <-> DELETED NETBIOS DCERPC NCACN-IP-TCP dns little endian alter context attempt (deleted.rules)
10801 <-> DELETED NETBIOS DCERPC NCACN-HTTP dns alter context attempt (deleted.rules)
10802 <-> DELETED NETBIOS DCERPC NCACN-IP-TCP dns bind attempt (deleted.rules)
10803 <-> DELETED NETBIOS DCERPC DIRECT-UDP dns bind attempt (deleted.rules)
10804 <-> DELETED NETBIOS DCERPC NCACN-HTTP dns little endian bind attempt (deleted.rules)
10805 <-> DELETED NETBIOS DCERPC NCADG-IP-UDP dns bind attempt (deleted.rules)
10806 <-> DELETED NETBIOS DCERPC NCADG-IP-UDP dns little endian bind attempt (deleted.rules)
10807 <-> DELETED NETBIOS DCERPC DIRECT-UDP dns little endian bind attempt (deleted.rules)
10808 <-> DELETED NETBIOS DCERPC NCACN-IP-TCP dns little endian bind attempt (deleted.rules)
10809 <-> DELETED NETBIOS DCERPC NCACN-HTTP dns bind attempt (deleted.rules)
10811 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs1 WriteAndX overflow attempt (deleted.rules)
10813 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs1 little endian overflow attempt (deleted.rules)
10814 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs1 unicode little endian overflow attempt (deleted.rules)
10815 <-> NETBIOS DCERPC DIRECT dns R_DnssrvEnumRecords overflow attempt (netbios.rules)
10816 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs1 WriteAndX unicode little endian overflow attempt (deleted.rules)
10817 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs1 unicode overflow attempt (deleted.rules)
10818 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs1 WriteAndX unicode overflow attempt (deleted.rules)
10819 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs1 WriteAndX little endian overflow attempt (deleted.rules)
10820 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs1 overflow attempt (deleted.rules)
10821 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs1 WriteAndX unicode little endian overflow attempt (deleted.rules)
10822 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs1 unicode little endian overflow attempt (deleted.rules)
10823 <-> NETBIOS DCERPC DIRECT dns R_DnssrvEnumRecords little endian object call overflow attempt (netbios.rules)
10824 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 overflow attempt (deleted.rules)
10830 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 WriteAndX object call overflow attempt (deleted.rules)
10831 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 WriteAndX unicode object call overflow attempt (deleted.rules)
10832 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 unicode object call overflow attempt (deleted.rules)
10833 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 WriteAndX little endian object call overflow attempt (deleted.rules)
10834 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 little endian object call overflow attempt (deleted.rules)
10835 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 little endian object call overflow attempt (deleted.rules)
10836 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 WriteAndX object call overflow attempt (deleted.rules)
10838 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 unicode little endian object call overflow attempt (deleted.rules)
10840 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 WriteAndX unicode little endian object call overflow attempt (deleted.rules)
10841 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 unicode object call overflow attempt (deleted.rules)
10842 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 WriteAndX unicode object call overflow attempt (deleted.rules)
10843 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 WriteAndX little endian object call overflow attempt (deleted.rules)
10844 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 object call overflow attempt (deleted.rules)
10845 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 WriteAndX unicode little endian object call overflow attempt (deleted.rules)
10846 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 unicode little endian object call overflow attempt (deleted.rules)
10848 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 WriteAndX unicode overflow attempt (deleted.rules)
10849 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 unicode overflow attempt (deleted.rules)
10850 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 WriteAndX little endian overflow attempt (deleted.rules)
10852 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs1 overflow attempt (deleted.rules)
10853 <-> NETBIOS DCERPC DIRECT v4 dns R_DnssrvEnumRecords little endian overflow attempt (netbios.rules)
10855 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs1 WriteAndX overflow attempt (deleted.rules)
10856 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs1 WriteAndX unicode overflow attempt (deleted.rules)
10857 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs1 unicode overflow attempt (deleted.rules)
10858 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs1 WriteAndX little endian overflow attempt (deleted.rules)
10859 <-> NETBIOS DCERPC DIRECT dns R_DnssrvEnumRecords object call overflow attempt (netbios.rules)
10860 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 little endian overflow attempt (deleted.rules)
10861 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 little endian overflow attempt (deleted.rules)
10862 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs1 little endian overflow attempt (deleted.rules)
10863 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 WriteAndX overflow attempt (deleted.rules)
10865 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 unicode little endian overflow attempt (deleted.rules)
10867 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 WriteAndX unicode little endian overflow attempt (deleted.rules)
10868 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 unicode overflow attempt (deleted.rules)
10869 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 WriteAndX unicode overflow attempt (deleted.rules)
10870 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 WriteAndX little endian overflow attempt (deleted.rules)
10871 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 overflow attempt (deleted.rules)
10872 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 WriteAndX unicode little endian overflow attempt (deleted.rules)
10873 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 unicode little endian overflow attempt (deleted.rules)
10875 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 object call overflow attempt (deleted.rules)
10881 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 WriteAndX overflow attempt (deleted.rules)
10883 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs1 WriteAndX andx overflow attempt (deleted.rules)
10885 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs1 little endian andx overflow attempt (deleted.rules)
10886 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs1 unicode little endian andx overflow attempt (deleted.rules)
10888 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs1 WriteAndX unicode little endian andx overflow attempt (deleted.rules)
10889 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs1 unicode andx overflow attempt (deleted.rules)
10890 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs1 WriteAndX unicode andx overflow attempt (deleted.rules)
10891 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs1 WriteAndX little endian andx overflow attempt (deleted.rules)
10892 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs1 andx overflow attempt (deleted.rules)
10893 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs1 WriteAndX unicode little endian andx overflow attempt (deleted.rules)
10894 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs1 unicode little endian andx overflow attempt (deleted.rules)
10895 <-> NETBIOS DCERPC DIRECT dns R_DnssrvEnumRecords little endian overflow attempt (netbios.rules)
10896 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 andx overflow attempt (deleted.rules)
10902 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 WriteAndX andx object call overflow attempt (deleted.rules)
10903 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 WriteAndX unicode andx object call overflow attempt (deleted.rules)
10904 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 unicode andx object call overflow attempt (deleted.rules)
10905 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 WriteAndX little endian andx object call overflow attempt (deleted.rules)
10906 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 little endian andx object call overflow attempt (deleted.rules)
10907 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 little endian andx object call overflow attempt (deleted.rules)
10908 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 WriteAndX andx object call overflow attempt (deleted.rules)
10910 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 unicode little endian andx object call overflow attempt (deleted.rules)
10912 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 WriteAndX unicode little endian andx object call overflow attempt (deleted.rules)
10913 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 unicode andx object call overflow attempt (deleted.rules)
10914 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 WriteAndX unicode andx object call overflow attempt (deleted.rules)
10915 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 WriteAndX little endian andx object call overflow attempt (deleted.rules)
10916 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 andx object call overflow attempt (deleted.rules)
10917 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 WriteAndX unicode little endian andx object call overflow attempt (deleted.rules)
10918 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 unicode little endian andx object call overflow attempt (deleted.rules)
10920 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 WriteAndX unicode andx overflow attempt (deleted.rules)
10921 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 unicode andx overflow attempt (deleted.rules)
10922 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 WriteAndX little endian andx overflow attempt (deleted.rules)
10924 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs1 andx overflow attempt (deleted.rules)
10927 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs1 WriteAndX andx overflow attempt (deleted.rules)
10928 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs1 WriteAndX unicode andx overflow attempt (deleted.rules)
10929 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs1 unicode andx overflow attempt (deleted.rules)
10930 <-> DELETED NETBIOS SMB v4 dns R_Dnssrv funcs1 WriteAndX little endian andx overflow attempt (deleted.rules)
10931 <-> NETBIOS DCERPC DIRECT v4 dns R_DnssrvEnumRecords overflow attempt (netbios.rules)
10932 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 little endian andx overflow attempt (deleted.rules)
10933 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 little endian andx overflow attempt (deleted.rules)
10934 <-> DELETED NETBIOS-DG SMB v4 dns R_Dnssrv funcs1 little endian andx overflow attempt (deleted.rules)
10935 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 WriteAndX andx overflow attempt (deleted.rules)
10937 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 unicode little endian andx overflow attempt (deleted.rules)
10939 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 WriteAndX unicode little endian andx overflow attempt (deleted.rules)
10940 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 unicode andx overflow attempt (deleted.rules)
10941 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 WriteAndX unicode andx overflow attempt (deleted.rules)
10942 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 WriteAndX little endian andx overflow attempt (deleted.rules)
10943 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 andx overflow attempt (deleted.rules)
10944 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 WriteAndX unicode little endian andx overflow attempt (deleted.rules)
10945 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 unicode little endian andx overflow attempt (deleted.rules)
10947 <-> DELETED NETBIOS SMB dns R_Dnssrv funcs1 andx object call overflow attempt (deleted.rules)
10953 <-> DELETED NETBIOS-DG SMB dns R_Dnssrv funcs1 WriteAndX andx overflow attempt (deleted.rules)
10954 <-> DELETED NETBIOS DCERPC NCACN-IP-TCP dns R_Dnssrv funcs1 overflow attempt (deleted.rules)
10955 <-> DELETED NETBIOS DCERPC NCADG-IP-UDP dns R_Dnssrv funcs1 little endian overflow attempt (deleted.rules)
10956 <-> DELETED NETBIOS DCERPC NCADG-IP-UDP dns R_Dnssrv funcs1 overflow attempt (deleted.rules)
10957 <-> DELETED NETBIOS DCERPC NCACN-IP-TCP dns R_Dnssrv funcs1 little endian overflow attempt (deleted.rules)
10958 <-> DELETED NETBIOS DCERPC DIRECT-UDP dns R_Dnssrv funcs1 little endian overflow attempt (deleted.rules)
10959 <-> DELETED NETBIOS DCERPC NCACN-IP-TCP v4 dns R_Dnssrv funcs1 little endian overflow attempt (deleted.rules)
10960 <-> DELETED NETBIOS DCERPC DIRECT-UDP dns R_Dnssrv funcs1 overflow attempt (deleted.rules)
10961 <-> DELETED NETBIOS DCERPC DIRECT-UDP v4 dns R_Dnssrv funcs1 little endian overflow attempt (deleted.rules)
10962 <-> DELETED NETBIOS DCERPC NCACN-HTTP dns R_Dnssrv funcs1 overflow attempt (deleted.rules)
10963 <-> DELETED NETBIOS DCERPC NCACN-HTTP dns R_Dnssrv funcs1 little endian overflow attempt (deleted.rules)
10964 <-> DELETED NETBIOS DCERPC NCADG-IP-UDP v4 dns R_Dnssrv funcs1 little endian overflow attempt (deleted.rules)
10965 <-> DELETED NETBIOS DCERPC DIRECT-UDP v4 dns R_Dnssrv funcs1 overflow attempt (deleted.rules)
10966 <-> DELETED NETBIOS DCERPC NCACN-IP-TCP v4 dns R_Dnssrv funcs1 overflow attempt (deleted.rules)
10967 <-> DELETED NETBIOS DCERPC NCADG-IP-UDP v4 dns R_Dnssrv funcs1 overflow attempt (deleted.rules)
10968 <-> DELETED NETBIOS DCERPC NCACN-HTTP v4 dns R_Dnssrv funcs1 little endian overflow attempt (deleted.rules)
10969 <-> DELETED NETBIOS DCERPC NCACN-HTTP v4 dns R_Dnssrv funcs1 overflow attempt (deleted.rules)
10970 <-> DELETED NETBIOS DCERPC NCACN-IP-TCP dns R_Dnssrv funcs1 object call overflow attempt (deleted.rules)
10971 <-> DELETED NETBIOS DCERPC NCADG-IP-UDP dns R_Dnssrv funcs1 little endian object call overflow attempt (deleted.rules)
10972 <-> DELETED NETBIOS DCERPC NCADG-IP-UDP dns R_Dnssrv funcs1 object call overflow attempt (deleted.rules)
10973 <-> DELETED NETBIOS DCERPC NCACN-IP-TCP dns R_Dnssrv funcs1 little endian object call overflow attempt (deleted.rules)
10974 <-> DELETED NETBIOS DCERPC DIRECT-UDP dns R_Dnssrv funcs1 little endian object call overflow attempt (deleted.rules)
10975 <-> DELETED NETBIOS DCERPC DIRECT-UDP dns R_Dnssrv funcs1 object call overflow attempt (deleted.rules)
10976 <-> DELETED NETBIOS DCERPC NCACN-HTTP dns R_Dnssrv funcs1 object call overflow attempt (deleted.rules)
10977 <-> DELETED NETBIOS DCERPC NCACN-HTTP dns R_Dnssrv funcs1 little endian object call overflow attempt (deleted.rules)
10995 <-> SMTP possible BDAT DoS attempt (smtp.rules)
10999 <-> WEB-CGI chetcpasswd access (web-cgi.rules)
11004 <-> IMAP CRAM-MD5 authentication method buffer overflow (imap.rules)
11193 <-> WEB-MISC Oracle iSQL Plus cross site scripting attempt (web-misc.rules)
11194 <-> WEB-MISC Oracle iSQL Plus cross site scripting attempt (web-misc.rules)
11196 <-> EXPLOIT MaxDB WebDBM get buffer overflow (exploit.rules)
11222 <-> SMTP Exchange MODPROPS denial of service attempt (smtp.rules)
11223 <-> WEB-MISC google proxystylesheet arbitrary command execution attempt (web-misc.rules)
11264 <-> MS-SQL Microsoft SQL Server 2000 Server hello buffer overflow attempt (sql.rules)
11273 <-> WEB-MISC Apache header parsing space saturation denial of service attempt (web-misc.rules)
11291 <-> WEB-CLIENT Hewlett Packard HPQVWOCX.DL ActiveX clsid access (web-client.rules)
11292 <-> WEB-CLIENT Hewlett Packard HPQVWOCX.DL ActiveX clsid unicode access (web-client.rules)
11315 <-> DELETED BACKDOOR ykw v375 runtime detection (deleted.rules)
11616 <-> WEB-MISC Symantec Sygate Policy Manager SQL injection (web-misc.rules)
11617 <-> DELETED EXPLOIT Zenworks password authentication buffer overflow (deleted.rules)