Sourcefire VRT Rules Update

Date: 2008-01-23

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2.7.

The format of the file is:

sid - Message (rule group)

New rules:
13294 <-> WEB-CLIENT Microsoft Rich TextBox ActiveX clsid access (web-client.rules)
13295 <-> WEB-CLIENT Microsoft Rich TextBox ActiveX clsid unicode access (web-client.rules)
13296 <-> WEB-CLIENT Microsoft Rich TextBox ActiveX clsid access (web-client.rules)
13297 <-> WEB-CLIENT Microsoft Rich TextBox ActiveX clsid unicode access (web-client.rules)
13298 <-> WEB-CLIENT Microsoft Rich TextBox ActiveX function call access (web-client.rules)
13299 <-> WEB-CLIENT Microsoft Rich TextBox ActiveX function call unicode access (web-client.rules)
13300 <-> WEB-CLIENT Adobe Flash Player embedded JPG image height overflow attempt (web-client.rules)
13301 <-> WEB-CLIENT Adobe Flash Player embedded JPG image width overflow attempt (web-client.rules)
13302 <-> WEB-CLIENT Apache mod_imagemap cross site scripting attempt (web-client.rules)
13303 <-> WEB-CLIENT Microsoft Visual FoxPro 2 ActiveX clsid access (web-client.rules)
13304 <-> WEB-CLIENT Microsoft Visual FoxPro 2 ActiveX clsid unicode access (web-client.rules)
13305 <-> WEB-CLIENT Microsoft Visual FoxPro 2 ActiveX function call access (web-client.rules)
13306 <-> WEB-CLIENT Microsoft Visual FoxPro 2 ActiveX function call unicode access (web-client.rules)
13309 <-> WEB-MISC Apache http server mod_proxy http request crafted date handling denial of service attempt (web-misc.rules)
13310 <-> WEB-MISC Apache http server mod_proxy http response crafted date handling denial of service attempt (web-misc.rules)
13311 <-> WEB-MISC Apache http server mod_proxy http response crafted date handling denial of service attempt (web-misc.rules)
13312 <-> WEB-CLIENT StreamAudio ProxyManager ActiveX clsid access (web-client.rules)
13313 <-> WEB-CLIENT StreamAudio ProxyManager ActiveX clsid unicode access (web-client.rules)
13314 <-> WEB-CLIENT StreamAudio ProxyManager ActiveX function call access (web-client.rules)
13315 <-> WEB-CLIENT StreamAudio ProxyManager ActiveX function call unicode access (web-client.rules)
13316 <-> WEB-CLIENT 3ivx MP4 file parsing ART buffer overflow attempt (web-client.rules)
13317 <-> WEB-CLIENT 3ivx MP4 file parsing nam buffer overflow attempt (web-client.rules)
13318 <-> WEB-CLIENT 3ivx MP4 file parsing cmt buffer overflow attempt (web-client.rules)
13319 <-> WEB-CLIENT 3ivx MP4 file parsing des buffer overflow attempt (web-client.rules)
13320 <-> WEB-CLIENT 3ivx MP4 file parsing cpy buffer overflow attempt (web-client.rules)

Updated rules:
 549 <-> P2P napster login (p2p.rules)
 550 <-> P2P napster new user login (p2p.rules)
 551 <-> P2P napster download attempt (p2p.rules)
 552 <-> P2P napster upload request (p2p.rules)
 556 <-> P2P Outbound GNUTella client request (p2p.rules)
 557 <-> P2P GNUTella client request (p2p.rules)
 561 <-> P2P Napster Client Data (p2p.rules)
 562 <-> P2P Napster Client Data (p2p.rules)
 563 <-> P2P Napster Client Data (p2p.rules)
 564 <-> P2P Napster Client Data (p2p.rules)
 565 <-> P2P Napster Server Login (p2p.rules)
 569 <-> RPC snmpXdmi overflow attempt TCP (rpc.rules)
 588 <-> RPC portmap ttdbserv request UDP (rpc.rules)
 593 <-> RPC portmap snmpXdmi request TCP (rpc.rules)
1274 <-> RPC portmap ttdbserv request TCP (rpc.rules)
1383 <-> P2P Fastrack kazaa/morpheus GET request (p2p.rules)
1432 <-> P2P GNUTella client request (p2p.rules)
1699 <-> P2P Fastrack kazaa/morpheus traffic (p2p.rules)
1891 <-> RPC status GHBN format string attack (rpc.rules)
1912 <-> RPC sadmind TCP NETMGT_PROC_SERVICE CLIENT_DOMAIN overflow attempt (rpc.rules)
1914 <-> RPC STATD TCP stat mon_name format string exploit attempt (rpc.rules)
1916 <-> RPC STATD TCP monitor mon_name format string exploit attempt (rpc.rules)
1957 <-> RPC sadmind UDP PING (rpc.rules)
1958 <-> RPC sadmind TCP PING (rpc.rules)
1965 <-> RPC tooltalk TCP overflow attempt (rpc.rules)
2006 <-> RPC portmap kcms_server request TCP (rpc.rules)
2007 <-> RPC kcms_server directory traversal attempt (rpc.rules)
2095 <-> RPC CMSD TCP CMSD_CREATE array buffer overflow attempt (rpc.rules)
2103 <-> NETBIOS SMB Trans2 OPEN2 unicode maximum param count overflow attempt (netbios.rules)
2180 <-> P2P BitTorrent announce request (p2p.rules)
2181 <-> P2P BitTorrent transfer (p2p.rules)
2184 <-> RPC mountd TCP mount path overflow attempt (rpc.rules)
2255 <-> RPC sadmind query with root credentials attempt TCP (rpc.rules)
2350 <-> NETBIOS SMB-DS ISystemActivator alter context attempt (netbios.rules)
2351 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance unicode little endian attempt (netbios.rules)
2409 <-> POP3 APOP USER overflow attempt (pop3.rules)
2430 <-> NNTP newgroup overflow attempt (nntp.rules)
2431 <-> NNTP rmgroup overflow attempt (nntp.rules)
2491 <-> NETBIOS SMB-DS ISystemActivator WriteAndX alter context attempt (netbios.rules)
2492 <-> NETBIOS SMB-DS ISystemActivator unicode alter context attempt (netbios.rules)
2493 <-> NETBIOS SMB-DS ISystemActivator WriteAndX unicode little endian alter context attempt (netbios.rules)
2502 <-> POP3 SSLv3 invalid data version attempt (pop3.rules)
2518 <-> POP3 PCT Client_Hello overflow attempt (pop3.rules)
2535 <-> POP3 SSLv3 Client_Hello request (pop3.rules)
2536 <-> POP3 SSLv3 Server_Hello request (pop3.rules)
2537 <-> POP3 SSLv3 invalid Client_Hello attempt (pop3.rules)
2586 <-> P2P eDonkey transfer (p2p.rules)
2587 <-> P2P eDonkey server response (p2p.rules)
2599 <-> ORACLE dbms_repcat.add_grouped_column buffer overflow attempt (oracle.rules)
2601 <-> ORACLE dbms_repcat.drop_master_repgroup buffer overflow attempt (oracle.rules)
2603 <-> ORACLE dbms_repcat.create_mview_repgroup buffer overflow attempt (oracle.rules)
2605 <-> ORACLE dbms_repcat.compare_old_values buffer overflow attempt (oracle.rules)
2606 <-> ORACLE dbms_repcat.comment_on_repobject buffer overflow attempt (oracle.rules)
2608 <-> ORACLE sysdbms_repcat_rgt.check_ddl_text buffer overflow attempt (oracle.rules)
2609 <-> ORACLE dbms_repcat.cancel_statistics buffer overflow attempt (oracle.rules)
2740 <-> ORACLE dbms_repcat.alter_priority_raw buffer overflow attempt (oracle.rules)
2741 <-> ORACLE dbms_repcat.alter_priority buffer overflow attempt (oracle.rules)
2742 <-> ORACLE dbms_repcat.alter_priority_varchar2 buffer overflow attempt (oracle.rules)
2743 <-> ORACLE dbms_repcat.alter_site_priority_site buffer overflow attempt (oracle.rules)
2744 <-> ORACLE dbms_repcat.alter_site_priority buffer overflow attempt (oracle.rules)
2745 <-> ORACLE dbms_repcat.alter_snapshot_propagation buffer overflow attempt (oracle.rules)
2746 <-> ORACLE dbms_repcat_auth.revoke_surrogate_repcat buffer overflow attempt (oracle.rules)
2747 <-> ORACLE dbms_repcat.begin_flavor_definition buffer overflow attempt (oracle.rules)
2748 <-> ORACLE dbms_repcat.comment_on_column_group buffer overflow attempt (oracle.rules)
2749 <-> ORACLE dbms_repcat.comment_on_delete_resolution buffer overflow attempt (oracle.rules)
2770 <-> ORACLE dbms_repcat.drop_object_from_flavor buffer overflow attempt (oracle.rules)
2771 <-> ORACLE dbms_repcat.drop_priority_char buffer overflow attempt (oracle.rules)
2772 <-> ORACLE dbms_repcat.drop_priority_date buffer overflow attempt (oracle.rules)
2773 <-> ORACLE dbms_repcat.drop_priority_nchar buffer overflow attempt (oracle.rules)
2774 <-> ORACLE dbms_repcat.drop_priority_number buffer overflow attempt (oracle.rules)
2775 <-> ORACLE dbms_repcat.drop_priority_nvarchar2 buffer overflow attempt (oracle.rules)
2776 <-> ORACLE dbms_repcat.drop_priority_raw buffer overflow attempt (oracle.rules)
2777 <-> ORACLE dbms_repcat.drop_priority buffer overflow attempt (oracle.rules)
2778 <-> ORACLE dbms_repcat.drop_priority_varchar2 buffer overflow attempt (oracle.rules)
2779 <-> ORACLE dbms_repcat.drop_site_priority_site buffer overflow attempt (oracle.rules)
3156 <-> NETBIOS DCERPC DIRECT msqueue alter context attempt (netbios.rules)
3157 <-> NETBIOS DCERPC NCACN-IP-TCP msqueue little endian bind attempt (netbios.rules)
3158 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile WriteAndX little endian object call attempt (netbios.rules)
3159 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile WriteAndX object call attempt (netbios.rules)
3160 <-> NETBIOS DCERPC NCACN-IP-TCP msqueue alter context attempt (netbios.rules)
3161 <-> NETBIOS DCERPC DIRECT msqueue little endian alter context attempt (netbios.rules)
3162 <-> NETBIOS DCERPC DIRECT msqueue little endian bind attempt (netbios.rules)
3163 <-> NETBIOS DCERPC NCACN-IP-TCP msqueue little endian alter context attempt (netbios.rules)
3164 <-> NETBIOS DCERPC DIRECT msqueue bind attempt (netbios.rules)
3165 <-> NETBIOS DCERPC NCACN-IP-TCP msqueue bind attempt (netbios.rules)
3166 <-> NETBIOS DCERPC NCACN-IP-TCP v4 msqueue function 4 overflow attempt (netbios.rules)
3167 <-> NETBIOS DCERPC DIRECT msqueue function 4 object call overflow attempt (netbios.rules)
3168 <-> NETBIOS DCERPC NCACN-IP-TCP msqueue function 4 little endian overflow attempt (netbios.rules)
3169 <-> NETBIOS DCERPC NCACN-IP-TCP msqueue function 4 overflow attempt (netbios.rules)
3170 <-> NETBIOS DCERPC NCACN-IP-TCP msqueue function 4 little endian object call overflow attempt (netbios.rules)
3171 <-> NETBIOS DCERPC DIRECT v4 msqueue function 4 overflow attempt (netbios.rules)
3172 <-> NETBIOS DCERPC DIRECT msqueue function 4 little endian object call overflow attempt (netbios.rules)
3173 <-> NETBIOS DCERPC DIRECT v4 msqueue function 4 little endian overflow attempt (netbios.rules)
3174 <-> NETBIOS DCERPC DIRECT msqueue function 4 overflow attempt (netbios.rules)
3175 <-> NETBIOS DCERPC DIRECT msqueue function 4 little endian overflow attempt (netbios.rules)
3176 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile object call attempt (netbios.rules)
3177 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile unicode little endian object call attempt (netbios.rules)
3178 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile WriteAndX unicode little endian object call attempt (netbios.rules)
3179 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile unicode little endian object call attempt (netbios.rules)
3180 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile little endian object call attempt (netbios.rules)
3181 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile WriteAndX little endian object call attempt (netbios.rules)
3184 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile unicode attempt (netbios.rules)
3185 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile little endian attempt (netbios.rules)
3187 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile WriteAndX unicode object call attempt (netbios.rules)
3188 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile WriteAndX object call attempt (netbios.rules)
3189 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile unicode object call attempt (netbios.rules)
3190 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile unicode object call attempt (netbios.rules)
3191 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile object call attempt (netbios.rules)
3197 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance little endian attempt (netbios.rules)
3198 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance WriteAndX little endian attempt (netbios.rules)
3379 <-> NETBIOS SMB-DS IActivation alter context attempt (netbios.rules)
3380 <-> NETBIOS SMB-DS IActivation WriteAndX alter context attempt (netbios.rules)
3381 <-> NETBIOS SMB-DS IActivation unicode alter context attempt (netbios.rules)
3382 <-> NETBIOS SMB-DS IActivation WriteAndX unicode little endian alter context attempt (netbios.rules)
3386 <-> NETBIOS SMB-DS IActivation WriteAndX unicode little endian bind attempt (netbios.rules)
3391 <-> NETBIOS SMB-DS IActivation little endian bind attempt (netbios.rules)
3392 <-> NETBIOS SMB-DS IActivation WriteAndX little endian bind attempt (netbios.rules)
3396 <-> NETBIOS SMB-DS ISystemActivator little endian alter context attempt (netbios.rules)
3397 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance attempt (netbios.rules)
3398 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance WriteAndX little endian object call attempt (netbios.rules)
3399 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance unicode object call attempt (netbios.rules)
3400 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance WriteAndX unicode object call attempt (netbios.rules)
3401 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance WriteAndX object call attempt (netbios.rules)
3402 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance WriteAndX unicode little endian object call attempt (netbios.rules)
3403 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance little endian object call attempt (netbios.rules)
3404 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance WriteAndX unicode little endian object call attempt (netbios.rules)
3405 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance WriteAndX object call attempt (netbios.rules)
3406 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance object call attempt (netbios.rules)
3407 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance WriteAndX unicode attempt (netbios.rules)
3408 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance unicode little endian attempt (netbios.rules)
3415 <-> NETBIOS SMB-DS IActivation remoteactivation unicode little endian overflow attempt (netbios.rules)
3419 <-> NETBIOS SMB-DS IActivation remoteactivation WriteAndX little endian overflow attempt (netbios.rules)
3425 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile WriteAndX unicode little endian object call attempt (netbios.rules)
3426 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile WriteAndX unicode attempt (netbios.rules)
3428 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile little endian attempt (netbios.rules)
3499 <-> POP3 SSLv2 Client_Hello request (pop3.rules)
3500 <-> POP3 SSLv2 Client_Hello with pad request (pop3.rules)
3501 <-> POP3 TLSv1 Client_Hello request (pop3.rules)
3502 <-> POP3 TLSv1 Client_Hello via SSLv2 handshake request (pop3.rules)
3503 <-> POP3 SSLv2 Server_Hello request (pop3.rules)
3504 <-> POP3 TLSv1 Server_Hello request (pop3.rules)
3526 <-> ORACLE XDB FTP UNLOCK overflow attempt (oracle.rules)
3680 <-> P2P AOL Instant Messenger file send attempt (p2p.rules)
3681 <-> P2P AOL Instant Messenger file receive attempt (p2p.rules)
5692 <-> P2P Skype client successful install (p2p.rules)
5693 <-> P2P Skype client start up get latest version attempt (p2p.rules)
5694 <-> P2P Skype client setup get newest version attempt (p2p.rules)
5742 <-> SPYWARE-PUT Keylogger activitylogger runtime detection (spyware-put.rules)
5743 <-> SPYWARE-PUT Hijacker actualnames runtime detection - plugin list (spyware-put.rules)
5744 <-> SPYWARE-PUT Hijacker actualnames runtime detection - online.php request (spyware-put.rules)
5745 <-> SPYWARE-PUT Hijacker adultlinks runtime detection - redirect (spyware-put.rules)
5746 <-> SPYWARE-PUT Hijacker adultlinks runtime detection - load url (spyware-put.rules)
5747 <-> SPYWARE-PUT Hijacker adultlinks runtime detection - log hits (spyware-put.rules)
5748 <-> SPYWARE-PUT Hijacker adultlinks runtime detection - ads (spyware-put.rules)
5749 <-> SPYWARE-PUT Trackware alexa runtime detection (spyware-put.rules)
5750 <-> SPYWARE-PUT Adware dogpile runtime detection (spyware-put.rules)
5751 <-> SPYWARE-PUT Adware exactsearch runtime detection - switch search engine 1 (spyware-put.rules)
5752 <-> SPYWARE-PUT Adware exactsearch runtime detection - switch search engine 2 (spyware-put.rules)
5753 <-> SPYWARE-PUT Adware exactsearch runtime detection - topsearches (spyware-put.rules)
5754 <-> SPYWARE-PUT Hijacker ezcybersearch runtime detection - ie auto search hijack (spyware-put.rules)
5755 <-> SPYWARE-PUT Hijacker ezcybersearch runtime detection - check update (spyware-put.rules)
5756 <-> SPYWARE-PUT Hijacker ezcybersearch runtime detection - add coolsites to ie favorites (spyware-put.rules)
5757 <-> SPYWARE-PUT Hijacker ezcybersearch runtime detection - check toolbar setting (spyware-put.rules)
5758 <-> SPYWARE-PUT Hijacker ezcybersearch runtime detection - download fastclick pop-under code (spyware-put.rules)
5759 <-> SPYWARE-PUT Keylogger fearlesskeyspy runtime detection (spyware-put.rules)
5760 <-> SPYWARE-PUT Hijacker marketscore runtime detection (spyware-put.rules)
5761 <-> SPYWARE-PUT Trickler bearshare runtime detection - ads popup (spyware-put.rules)
5762 <-> SPYWARE-PUT Trickler bearshare runtime detection - p2p information request (spyware-put.rules)
5763 <-> SPYWARE-PUT Trickler bearshare runtime detection - chat request (spyware-put.rules)
5764 <-> SPYWARE-PUT Hijacker begin2search runtime detection - fcgi query (spyware-put.rules)
5765 <-> SPYWARE-PUT Hijacker begin2search runtime detection - ico query (spyware-put.rules)
5766 <-> SPYWARE-PUT Hijacker begin2search runtime detection - install spyware trafficsector (spyware-put.rules)
5767 <-> SPYWARE-PUT Hijacker begin2search runtime detection - download unauthorized code (spyware-put.rules)
5768 <-> SPYWARE-PUT Hijacker begin2search runtime detection - pass information (spyware-put.rules)
5769 <-> SPYWARE-PUT Hijacker begin2search runtime detection - play bingo ads (spyware-put.rules)
5770 <-> SPYWARE-PUT Snoopware casinoonnet runtime detection (spyware-put.rules)
5771 <-> SPYWARE-PUT Screen-Scraper farsighter runtime detection - initial connection (spyware-put.rules)
5772 <-> SPYWARE-PUT Screen-Scraper farsighter runtime detection - initial connection (spyware-put.rules)
5773 <-> SPYWARE-PUT Adware forbes runtime detection (spyware-put.rules)
5774 <-> SPYWARE-PUT Hijacker freescratch runtime detection - get card (spyware-put.rules)
5775 <-> SPYWARE-PUT Hijacker freescratch runtime detection - scratch card (spyware-put.rules)
5776 <-> SPYWARE-PUT Trickler grokster runtime detection (spyware-put.rules)
5777 <-> SPYWARE-PUT Keylogger gurl watcher runtime detection (spyware-put.rules)
5778 <-> SPYWARE-PUT Keylogger runtime detection - hwpe windows activity logs (spyware-put.rules)
5779 <-> SPYWARE-PUT Keylogger runtime detection - hwpe shell file logs (spyware-put.rules)
5780 <-> SPYWARE-PUT Keylogger runtime detection - hwpe word filtered echelon log (spyware-put.rules)
5781 <-> SPYWARE-PUT Keylogger runtime detection - hwae windows activity logs (spyware-put.rules)
5998 <-> P2P Skype client login startup (p2p.rules)
5999 <-> P2P Skype client login (p2p.rules)
8161 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX hostname overflow attempt (netbios.rules)
8173 <-> NETBIOS SMB webdav DavrCreateConnection hostname overflow attempt (netbios.rules)
8175 <-> NETBIOS SMB-DS webdav DavrCreateConnection unicode hostname overflow attempt (netbios.rules)
8176 <-> NETBIOS SMB webdav DavrCreateConnection unicode little endian hostname overflow attempt (netbios.rules)
8177 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX unicode little endian hostname overflow attempt (netbios.rules)
8178 <-> NETBIOS SMB-DS webdav DavrCreateConnection unicode little endian hostname overflow attempt (netbios.rules)
8179 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX hostname overflow attempt (netbios.rules)
8180 <-> NETBIOS SMB-DS webdav DavrCreateConnection hostname overflow attempt (netbios.rules)
8181 <-> NETBIOS SMB-DS webdav DavrCreateConnection little endian hostname overflow attempt (netbios.rules)
8182 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX unicode hostname overflow attempt (netbios.rules)
8183 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX unicode little endian hostname overflow attempt (netbios.rules)
8184 <-> NETBIOS SMB webdav DavrCreateConnection unicode hostname overflow attempt (netbios.rules)
8185 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX unicode hostname overflow attempt (netbios.rules)
8186 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX little endian hostname overflow attempt (netbios.rules)
8187 <-> NETBIOS SMB webdav DavrCreateConnection little endian hostname overflow attempt (netbios.rules)
8188 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX little endian hostname overflow attempt (netbios.rules)
8189 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX object call hostname overflow attempt (netbios.rules)
8190 <-> NETBIOS SMB webdav DavrCreateConnection object call hostname overflow attempt (netbios.rules)
8191 <-> NETBIOS SMB-DS webdav DavrCreateConnection unicode object call hostname overflow attempt (netbios.rules)
8192 <-> NETBIOS SMB webdav DavrCreateConnection unicode little endian object call hostname overflow attempt (netbios.rules)
8193 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX unicode little endian object call hostname overflow attempt (netbios.rules)
8194 <-> NETBIOS SMB-DS webdav DavrCreateConnection unicode little endian object call hostname overflow attempt (netbios.rules)
8195 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX object call hostname overflow attempt (netbios.rules)
8196 <-> NETBIOS SMB-DS webdav DavrCreateConnection object call hostname overflow attempt (netbios.rules)
8197 <-> NETBIOS SMB-DS webdav DavrCreateConnection little endian object call hostname overflow attempt (netbios.rules)
8198 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX unicode object call hostname overflow attempt (netbios.rules)
8199 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX unicode little endian object call hostname overflow attempt (netbios.rules)
8200 <-> NETBIOS SMB webdav DavrCreateConnection unicode object call hostname overflow attempt (netbios.rules)
8201 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX unicode object call hostname overflow attempt (netbios.rules)
8202 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX little endian object call hostname overflow attempt (netbios.rules)
8203 <-> NETBIOS SMB webdav DavrCreateConnection little endian object call hostname overflow attempt (netbios.rules)
8204 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX little endian object call hostname overflow attempt (netbios.rules)
8209 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX andx hostname overflow attempt (netbios.rules)
8221 <-> NETBIOS SMB webdav DavrCreateConnection andx hostname overflow attempt (netbios.rules)
8223 <-> NETBIOS SMB-DS webdav DavrCreateConnection unicode andx hostname overflow attempt (netbios.rules)
8224 <-> NETBIOS SMB webdav DavrCreateConnection unicode little endian andx hostname overflow attempt (netbios.rules)
8225 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX unicode little endian andx hostname overflow attempt (netbios.rules)
8226 <-> NETBIOS SMB-DS webdav DavrCreateConnection unicode little endian andx hostname overflow attempt (netbios.rules)
8228 <-> NETBIOS SMB-DS webdav DavrCreateConnection andx hostname overflow attempt (netbios.rules)
8229 <-> NETBIOS SMB-DS webdav DavrCreateConnection little endian andx hostname overflow attempt (netbios.rules)
8230 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX unicode andx hostname overflow attempt (netbios.rules)
8231 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX unicode little endian andx hostname overflow attempt (netbios.rules)
8232 <-> NETBIOS SMB webdav DavrCreateConnection unicode andx hostname overflow attempt (netbios.rules)
8233 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX unicode andx hostname overflow attempt (netbios.rules)
8234 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX little endian andx hostname overflow attempt (netbios.rules)
8235 <-> NETBIOS SMB webdav DavrCreateConnection little endian andx hostname overflow attempt (netbios.rules)
8236 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX little endian andx hostname overflow attempt (netbios.rules)
8237 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX andx object call hostname overflow attempt (netbios.rules)
8238 <-> NETBIOS SMB webdav DavrCreateConnection andx object call hostname overflow attempt (netbios.rules)
8239 <-> NETBIOS SMB-DS webdav DavrCreateConnection unicode andx object call hostname overflow attempt (netbios.rules)
8240 <-> NETBIOS SMB webdav DavrCreateConnection unicode little endian andx object call hostname overflow attempt (netbios.rules)
8241 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX unicode little endian andx object call hostname overflow attempt (netbios.rules)
8242 <-> NETBIOS SMB-DS webdav DavrCreateConnection unicode little endian andx object call hostname overflow attempt (netbios.rules)
8244 <-> NETBIOS SMB-DS webdav DavrCreateConnection andx object call hostname overflow attempt (netbios.rules)
8245 <-> NETBIOS SMB-DS webdav DavrCreateConnection little endian andx object call hostname overflow attempt (netbios.rules)
8246 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX unicode andx object call hostname overflow attempt (netbios.rules)
8247 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX unicode little endian andx object call hostname overflow attempt (netbios.rules)
8248 <-> NETBIOS SMB webdav DavrCreateConnection unicode andx object call hostname overflow attempt (netbios.rules)
8249 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX unicode andx object call hostname overflow attempt (netbios.rules)
8250 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX little endian andx object call hostname overflow attempt (netbios.rules)
8251 <-> NETBIOS SMB webdav DavrCreateConnection little endian andx object call hostname overflow attempt (netbios.rules)
8252 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX little endian andx object call hostname overflow attempt (netbios.rules)
8253 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX little endian object call username overflow attempt (netbios.rules)
8254 <-> NETBIOS SMB-DS webdav DavrCreateConnection unicode little endian object call username overflow attempt (netbios.rules)
8255 <-> NETBIOS SMB webdav DavrCreateConnection object call username overflow attempt (netbios.rules)
8256 <-> NETBIOS SMB-DS webdav DavrCreateConnection little endian object call username overflow attempt (netbios.rules)
8257 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX object call username overflow attempt (netbios.rules)
8258 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX object call username overflow attempt (netbios.rules)
8259 <-> NETBIOS SMB-DS webdav DavrCreateConnection object call username overflow attempt (netbios.rules)
8260 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX unicode little endian object call username overflow attempt (netbios.rules)
8261 <-> NETBIOS SMB webdav DavrCreateConnection unicode little endian object call username overflow attempt (netbios.rules)
8262 <-> NETBIOS SMB webdav DavrCreateConnection little endian object call username overflow attempt (netbios.rules)
8263 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX unicode object call username overflow attempt (netbios.rules)
8264 <-> NETBIOS SMB webdav DavrCreateConnection unicode object call username overflow attempt (netbios.rules)
8265 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX unicode object call username overflow attempt (netbios.rules)
8270 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX unicode username overflow attempt (netbios.rules)
8271 <-> NETBIOS SMB webdav DavrCreateConnection username overflow attempt (netbios.rules)
8272 <-> NETBIOS SMB-DS webdav DavrCreateConnection unicode object call username overflow attempt (netbios.rules)
8285 <-> NETBIOS SMB-DS webdav DavrCreateConnection unicode username overflow attempt (netbios.rules)
8286 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX unicode little endian username overflow attempt (netbios.rules)
8287 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX little endian username overflow attempt (netbios.rules)
8288 <-> NETBIOS SMB webdav DavrCreateConnection unicode username overflow attempt (netbios.rules)
8289 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX unicode username overflow attempt (netbios.rules)
8290 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX username overflow attempt (netbios.rules)
8291 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX username overflow attempt (netbios.rules)
8292 <-> NETBIOS SMB-DS webdav DavrCreateConnection username overflow attempt (netbios.rules)
8293 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX unicode little endian username overflow attempt (netbios.rules)
8294 <-> NETBIOS SMB webdav DavrCreateConnection little endian username overflow attempt (netbios.rules)
8295 <-> NETBIOS SMB webdav DavrCreateConnection unicode little endian username overflow attempt (netbios.rules)
8296 <-> NETBIOS SMB-DS webdav DavrCreateConnection unicode little endian username overflow attempt (netbios.rules)
8297 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX little endian username overflow attempt (netbios.rules)
8298 <-> NETBIOS SMB-DS webdav DavrCreateConnection little endian username overflow attempt (netbios.rules)
8299 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX little endian object call username overflow attempt (netbios.rules)
8300 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX unicode little endian object call username overflow attempt (netbios.rules)
8301 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX little endian andx object call username overflow attempt (netbios.rules)
8302 <-> NETBIOS SMB-DS webdav DavrCreateConnection unicode little endian andx object call username overflow attempt (netbios.rules)
8303 <-> NETBIOS SMB webdav DavrCreateConnection andx object call username overflow attempt (netbios.rules)
8304 <-> NETBIOS SMB-DS webdav DavrCreateConnection little endian andx object call username overflow attempt (netbios.rules)
8305 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX andx object call username overflow attempt (netbios.rules)
8306 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX andx object call username overflow attempt (netbios.rules)
8307 <-> NETBIOS SMB-DS webdav DavrCreateConnection andx object call username overflow attempt (netbios.rules)
8308 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX unicode little endian andx object call username overflow attempt (netbios.rules)
8309 <-> NETBIOS SMB webdav DavrCreateConnection unicode little endian andx object call username overflow attempt (netbios.rules)
8310 <-> NETBIOS SMB webdav DavrCreateConnection little endian andx object call username overflow attempt (netbios.rules)
8311 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX unicode andx object call username overflow attempt (netbios.rules)
8312 <-> NETBIOS SMB webdav DavrCreateConnection unicode andx object call username overflow attempt (netbios.rules)
8313 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX unicode andx object call username overflow attempt (netbios.rules)
8318 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX unicode andx username overflow attempt (netbios.rules)
8319 <-> NETBIOS SMB webdav DavrCreateConnection andx username overflow attempt (netbios.rules)
8320 <-> NETBIOS SMB-DS webdav DavrCreateConnection unicode andx object call username overflow attempt (netbios.rules)
8333 <-> NETBIOS SMB-DS webdav DavrCreateConnection unicode andx username overflow attempt (netbios.rules)
8334 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX unicode little endian andx username overflow attempt (netbios.rules)
8335 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX little endian andx username overflow attempt (netbios.rules)
8336 <-> NETBIOS SMB webdav DavrCreateConnection unicode andx username overflow attempt (netbios.rules)
8337 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX unicode andx username overflow attempt (netbios.rules)
8338 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX andx username overflow attempt (netbios.rules)
8339 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX andx username overflow attempt (netbios.rules)
8340 <-> NETBIOS SMB-DS webdav DavrCreateConnection andx username overflow attempt (netbios.rules)
8341 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX unicode little endian andx username overflow attempt (netbios.rules)
8342 <-> NETBIOS SMB webdav DavrCreateConnection little endian andx username overflow attempt (netbios.rules)
8343 <-> NETBIOS SMB webdav DavrCreateConnection unicode little endian andx username overflow attempt (netbios.rules)
8344 <-> NETBIOS SMB-DS webdav DavrCreateConnection unicode little endian andx username overflow attempt (netbios.rules)
8345 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX little endian andx username overflow attempt (netbios.rules)
8346 <-> NETBIOS SMB-DS webdav DavrCreateConnection little endian andx username overflow attempt (netbios.rules)
8347 <-> NETBIOS SMB webdav DavrCreateConnection WriteAndX little endian andx object call username overflow attempt (netbios.rules)
8348 <-> NETBIOS SMB-DS webdav DavrCreateConnection WriteAndX unicode little endian andx object call username overflow attempt (netbios.rules)
8429 <-> POP3 SSLv2 openssl get shared ciphers overflow attempt (pop3.rules)
8430 <-> POP3 SSLv3 openssl get shared ciphers overflow attempt (pop3.rules)
8431 <-> POP3 SSLv2 openssl get shared ciphers overflow attempt (pop3.rules)
8552 <-> NETBIOS SMB-DS IActivation unicode little endian bind attempt (netbios.rules)
8553 <-> NETBIOS SMB-DS IActivation WriteAndX unicode bind attempt (netbios.rules)
8556 <-> NETBIOS SMB-DS IActivation little endian alter context attempt (netbios.rules)
8557 <-> NETBIOS SMB-DS IActivation WriteAndX little endian alter context attempt (netbios.rules)
8558 <-> NETBIOS SMB-DS IActivation unicode little endian alter context attempt (netbios.rules)
8559 <-> NETBIOS SMB-DS IActivation WriteAndX unicode alter context attempt (netbios.rules)
8564 <-> NETBIOS SMB-DS IActivation bind attempt (netbios.rules)
8565 <-> NETBIOS SMB-DS IActivation WriteAndX bind attempt (netbios.rules)
8566 <-> NETBIOS SMB-DS IActivation unicode bind attempt (netbios.rules)
8570 <-> NETBIOS SMB-DS IActivation andx alter context attempt (netbios.rules)
8571 <-> NETBIOS SMB-DS IActivation WriteAndX andx alter context attempt (netbios.rules)
8572 <-> NETBIOS SMB-DS IActivation unicode andx alter context attempt (netbios.rules)
8573 <-> NETBIOS SMB-DS IActivation WriteAndX unicode little endian andx alter context attempt (netbios.rules)
8577 <-> NETBIOS SMB-DS IActivation WriteAndX unicode little endian andx bind attempt (netbios.rules)
8582 <-> NETBIOS SMB-DS IActivation little endian andx bind attempt (netbios.rules)
8583 <-> NETBIOS SMB-DS IActivation WriteAndX little endian andx bind attempt (netbios.rules)
8584 <-> NETBIOS SMB-DS IActivation unicode little endian andx bind attempt (netbios.rules)
8585 <-> NETBIOS SMB-DS IActivation WriteAndX unicode andx bind attempt (netbios.rules)
8588 <-> NETBIOS SMB-DS IActivation little endian andx alter context attempt (netbios.rules)
8589 <-> NETBIOS SMB-DS IActivation WriteAndX little endian andx alter context attempt (netbios.rules)
8590 <-> NETBIOS SMB-DS IActivation unicode little endian andx alter context attempt (netbios.rules)
8591 <-> NETBIOS SMB-DS IActivation WriteAndX unicode andx alter context attempt (netbios.rules)
8596 <-> NETBIOS SMB-DS IActivation andx bind attempt (netbios.rules)
8597 <-> NETBIOS SMB-DS IActivation WriteAndX andx bind attempt (netbios.rules)
8598 <-> NETBIOS SMB-DS IActivation unicode andx bind attempt (netbios.rules)
8601 <-> NETBIOS DCERPC NCACN-IP-TCP IActivation alter context attempt (netbios.rules)
8603 <-> NETBIOS DCERPC NCACN-IP-TCP IActivation little endian alter context attempt (netbios.rules)
8605 <-> NETBIOS DCERPC NCACN-IP-TCP IActivation bind attempt (netbios.rules)
8607 <-> NETBIOS DCERPC NCACN-IP-TCP IActivation little endian bind attempt (netbios.rules)
8610 <-> NETBIOS SMB-DS IActivation remoteactivation unicode overflow attempt (netbios.rules)
8611 <-> NETBIOS SMB-DS IActivation remoteactivation little endian overflow attempt (netbios.rules)
8612 <-> NETBIOS SMB-DS IActivation remoteactivation WriteAndX unicode little endian overflow attempt (netbios.rules)
8616 <-> NETBIOS SMB-DS IActivation remoteactivation WriteAndX unicode overflow attempt (netbios.rules)
8617 <-> NETBIOS SMB-DS IActivation remoteactivation overflow attempt (netbios.rules)
8618 <-> NETBIOS SMB-DS IActivation remoteactivation WriteAndX overflow attempt (netbios.rules)
8621 <-> NETBIOS SMB-DS IActivation remoteactivation unicode little endian object call overflow attempt (netbios.rules)
8622 <-> NETBIOS SMB-DS IActivation remoteactivation WriteAndX little endian object call overflow attempt (netbios.rules)
8626 <-> NETBIOS SMB-DS IActivation remoteactivation unicode object call overflow attempt (netbios.rules)
8627 <-> NETBIOS SMB-DS IActivation remoteactivation little endian object call overflow attempt (netbios.rules)
8628 <-> NETBIOS SMB-DS IActivation remoteactivation WriteAndX unicode little endian object call overflow attempt (netbios.rules)
8632 <-> NETBIOS SMB-DS IActivation remoteactivation WriteAndX unicode object call overflow attempt (netbios.rules)
8633 <-> NETBIOS SMB-DS IActivation remoteactivation object call overflow attempt (netbios.rules)
8634 <-> NETBIOS SMB-DS IActivation remoteactivation WriteAndX object call overflow attempt (netbios.rules)
8646 <-> NETBIOS SMB-DS IActivation remoteactivation unicode little endian andx overflow attempt (netbios.rules)
8650 <-> NETBIOS SMB-DS IActivation remoteactivation WriteAndX little endian andx overflow attempt (netbios.rules)
8658 <-> NETBIOS SMB-DS IActivation remoteactivation unicode andx overflow attempt (netbios.rules)
8659 <-> NETBIOS SMB-DS IActivation remoteactivation little endian andx overflow attempt (netbios.rules)
8660 <-> NETBIOS SMB-DS IActivation remoteactivation WriteAndX unicode little endian andx overflow attempt (netbios.rules)
8664 <-> NETBIOS SMB-DS IActivation remoteactivation WriteAndX unicode andx overflow attempt (netbios.rules)
8665 <-> NETBIOS SMB-DS IActivation remoteactivation andx overflow attempt (netbios.rules)
8666 <-> NETBIOS SMB-DS IActivation remoteactivation WriteAndX andx overflow attempt (netbios.rules)
8669 <-> NETBIOS SMB-DS IActivation remoteactivation unicode little endian andx object call overflow attempt (netbios.rules)
8670 <-> NETBIOS SMB-DS IActivation remoteactivation WriteAndX little endian andx object call overflow attempt (netbios.rules)
8674 <-> NETBIOS SMB-DS IActivation remoteactivation unicode andx object call overflow attempt (netbios.rules)
8675 <-> NETBIOS SMB-DS IActivation remoteactivation little endian andx object call overflow attempt (netbios.rules)
8676 <-> NETBIOS SMB-DS IActivation remoteactivation WriteAndX unicode little endian andx object call overflow attempt (netbios.rules)
8680 <-> NETBIOS SMB-DS IActivation remoteactivation WriteAndX unicode andx object call overflow attempt (netbios.rules)
8681 <-> NETBIOS SMB-DS IActivation remoteactivation andx object call overflow attempt (netbios.rules)
8682 <-> NETBIOS SMB-DS IActivation remoteactivation WriteAndX andx object call overflow attempt (netbios.rules)
8690 <-> NETBIOS DCERPC NCACN-IP-TCP IActivation remoteactivation little endian overflow attempt (netbios.rules)
8692 <-> NETBIOS DCERPC NCACN-IP-TCP v4 IActivation remoteactivation overflow attempt (netbios.rules)
8694 <-> NETBIOS DCERPC NCACN-IP-TCP IActivation remoteactivation overflow attempt (netbios.rules)
8695 <-> NETBIOS DCERPC NCACN-IP-TCP v4 IActivation remoteactivation little endian overflow attempt (netbios.rules)
8697 <-> NETBIOS DCERPC NCACN-IP-TCP IActivation remoteactivation little endian object call overflow attempt (netbios.rules)
8699 <-> NETBIOS DCERPC NCACN-IP-TCP IActivation remoteactivation object call overflow attempt (netbios.rules)
8859 <-> NETBIOS SMB-DS wkssvc WriteAndX alter context attempt (netbios.rules)
8860 <-> NETBIOS SMB-DS wkssvc unicode alter context attempt (netbios.rules)
8861 <-> NETBIOS SMB-DS wkssvc WriteAndX unicode alter context attempt (netbios.rules)
8862 <-> NETBIOS SMB-DS wkssvc alter context attempt (netbios.rules)
8865 <-> NETBIOS SMB-DS wkssvc WriteAndX unicode bind attempt (netbios.rules)
8866 <-> NETBIOS SMB-DS wkssvc bind attempt (netbios.rules)
8871 <-> NETBIOS SMB-DS wkssvc WriteAndX little endian bind attempt (netbios.rules)
8873 <-> NETBIOS SMB-DS wkssvc unicode little endian bind attempt (netbios.rules)
8874 <-> NETBIOS SMB-DS wkssvc WriteAndX unicode little endian bind attempt (netbios.rules)
8875 <-> NETBIOS SMB-DS wkssvc little endian bind attempt (netbios.rules)
8879 <-> NETBIOS SMB-DS wkssvc WriteAndX little endian alter context attempt (netbios.rules)
8881 <-> NETBIOS SMB-DS wkssvc unicode little endian alter context attempt (netbios.rules)
8882 <-> NETBIOS SMB-DS wkssvc WriteAndX unicode little endian alter context attempt (netbios.rules)
8883 <-> NETBIOS SMB-DS wkssvc little endian alter context attempt (netbios.rules)
8887 <-> NETBIOS SMB-DS wkssvc WriteAndX bind attempt (netbios.rules)
8888 <-> NETBIOS SMB-DS wkssvc unicode bind attempt (netbios.rules)
8891 <-> NETBIOS SMB-DS wkssvc WriteAndX andx alter context attempt (netbios.rules)
8892 <-> NETBIOS SMB-DS wkssvc unicode andx alter context attempt (netbios.rules)
8893 <-> NETBIOS SMB-DS wkssvc WriteAndX unicode andx alter context attempt (netbios.rules)
8894 <-> NETBIOS SMB-DS wkssvc andx alter context attempt (netbios.rules)
8897 <-> NETBIOS SMB-DS wkssvc WriteAndX unicode andx bind attempt (netbios.rules)
8898 <-> NETBIOS SMB-DS wkssvc andx bind attempt (netbios.rules)
8903 <-> NETBIOS SMB-DS wkssvc WriteAndX little endian andx bind attempt (netbios.rules)
8905 <-> NETBIOS SMB-DS wkssvc unicode little endian andx bind attempt (netbios.rules)
8906 <-> NETBIOS SMB-DS wkssvc WriteAndX unicode little endian andx bind attempt (netbios.rules)
8907 <-> NETBIOS SMB-DS wkssvc little endian andx bind attempt (netbios.rules)
8911 <-> NETBIOS SMB-DS wkssvc WriteAndX little endian andx alter context attempt (netbios.rules)
8913 <-> NETBIOS SMB-DS wkssvc unicode little endian andx alter context attempt (netbios.rules)
8914 <-> NETBIOS SMB-DS wkssvc WriteAndX unicode little endian andx alter context attempt (netbios.rules)
8915 <-> NETBIOS SMB-DS wkssvc little endian andx alter context attempt (netbios.rules)
8919 <-> NETBIOS SMB-DS wkssvc WriteAndX andx bind attempt (netbios.rules)
8920 <-> NETBIOS SMB-DS wkssvc unicode andx bind attempt (netbios.rules)
8926 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName overflow attempt (netbios.rules)
8938 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName unicode overflow attempt (netbios.rules)
8941 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName little endian overflow attempt (netbios.rules)
8942 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName unicode overflow attempt (netbios.rules)
8943 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName WriteAndX unicode overflow attempt (netbios.rules)
8944 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName WriteAndX overflow attempt (netbios.rules)
8945 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName WriteAndX unicode overflow attempt (netbios.rules)
8946 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName WriteAndX overflow attempt (netbios.rules)
8947 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName overflow attempt (netbios.rules)
8949 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName WriteAndX little endian object call overflow attempt (netbios.rules)
8950 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName WriteAndX little endian object call overflow attempt (netbios.rules)
8951 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName little endian object call overflow attempt (netbios.rules)
8952 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName WriteAndX unicode little endian object call overflow attempt (netbios.rules)
8953 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName unicode object call overflow attempt (netbios.rules)
8954 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName little endian object call overflow attempt (netbios.rules)
8955 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName unicode object call overflow attempt (netbios.rules)
8956 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName WriteAndX unicode object call overflow attempt (netbios.rules)
8957 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName WriteAndX object call overflow attempt (netbios.rules)
8958 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName WriteAndX unicode object call overflow attempt (netbios.rules)
8959 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName WriteAndX object call overflow attempt (netbios.rules)
8960 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName object call overflow attempt (netbios.rules)
8961 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName unicode little endian object call overflow attempt (netbios.rules)
8962 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName WriteAndX unicode little endian object call overflow attempt (netbios.rules)
8963 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName unicode little endian object call overflow attempt (netbios.rules)
8964 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName unicode little endian overflow attempt (netbios.rules)
8965 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName WriteAndX unicode little endian overflow attempt (netbios.rules)
8966 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName unicode little endian overflow attempt (netbios.rules)
8967 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName object call overflow attempt (netbios.rules)
8969 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName WriteAndX little endian overflow attempt (netbios.rules)
8970 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName WriteAndX little endian overflow attempt (netbios.rules)
8971 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName little endian overflow attempt (netbios.rules)
8972 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName WriteAndX unicode little endian overflow attempt (netbios.rules)
8974 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName andx overflow attempt (netbios.rules)
8986 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName unicode andx overflow attempt (netbios.rules)
8989 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName little endian andx overflow attempt (netbios.rules)
8990 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName unicode andx overflow attempt (netbios.rules)
8991 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName WriteAndX unicode andx overflow attempt (netbios.rules)
8992 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName WriteAndX andx overflow attempt (netbios.rules)
8993 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName WriteAndX unicode andx overflow attempt (netbios.rules)
8994 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName WriteAndX andx overflow attempt (netbios.rules)
8995 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName andx overflow attempt (netbios.rules)
8997 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName WriteAndX little endian andx object call overflow attempt (netbios.rules)
8998 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName WriteAndX little endian andx object call overflow attempt (netbios.rules)
8999 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName little endian andx object call overflow attempt (netbios.rules)
9000 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName WriteAndX unicode little endian andx object call overflow attempt (netbios.rules)
9001 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName unicode andx object call overflow attempt (netbios.rules)
9002 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName little endian andx object call overflow attempt (netbios.rules)
9003 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName unicode andx object call overflow attempt (netbios.rules)
9004 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName WriteAndX unicode andx object call overflow attempt (netbios.rules)
9005 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName WriteAndX andx object call overflow attempt (netbios.rules)
9006 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName WriteAndX unicode andx object call overflow attempt (netbios.rules)
9007 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName WriteAndX andx object call overflow attempt (netbios.rules)
9008 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName andx object call overflow attempt (netbios.rules)
9009 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName unicode little endian andx object call overflow attempt (netbios.rules)
9010 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName WriteAndX unicode little endian andx object call overflow attempt (netbios.rules)
9011 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName unicode little endian andx object call overflow attempt (netbios.rules)
9012 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName unicode little endian andx overflow attempt (netbios.rules)
9013 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName WriteAndX unicode little endian andx overflow attempt (netbios.rules)
9014 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName unicode little endian andx overflow attempt (netbios.rules)
9015 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName andx object call overflow attempt (netbios.rules)
9017 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName WriteAndX little endian andx overflow attempt (netbios.rules)
9018 <-> NETBIOS SMB wkssvc NetrAddAlternateComputerName WriteAndX little endian andx overflow attempt (netbios.rules)
9019 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName little endian andx overflow attempt (netbios.rules)
9020 <-> NETBIOS SMB-DS wkssvc NetrAddAlternateComputerName WriteAndX unicode little endian andx overflow attempt (netbios.rules)
9027 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 overflow attempt (netbios.rules)
9028 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 WriteAndX overflow attempt (netbios.rules)
9029 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 unicode object call overflow attempt (netbios.rules)
9030 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 WriteAndX unicode little endian object call overflow attempt (netbios.rules)
9031 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 little endian object call overflow attempt (netbios.rules)
9032 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 WriteAndX little endian object call overflow attempt (netbios.rules)
9033 <-> NETBIOS SMB wkssvc NetrJoinDomain2 WriteAndX unicode little endian overflow attempt (netbios.rules)
9034 <-> NETBIOS SMB wkssvc NetrJoinDomain2 object call overflow attempt (netbios.rules)
9036 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 WriteAndX unicode little endian overflow attempt (netbios.rules)
9037 <-> NETBIOS SMB wkssvc NetrJoinDomain2 WriteAndX little endian object call overflow attempt (netbios.rules)
9041 <-> NETBIOS SMB wkssvc NetrJoinDomain2 unicode overflow attempt (netbios.rules)
9042 <-> NETBIOS SMB wkssvc NetrJoinDomain2 WriteAndX little endian overflow attempt (netbios.rules)
9043 <-> NETBIOS SMB wkssvc NetrJoinDomain2 little endian overflow attempt (netbios.rules)
9044 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 unicode little endian overflow attempt (netbios.rules)
9045 <-> NETBIOS SMB wkssvc NetrJoinDomain2 WriteAndX unicode overflow attempt (netbios.rules)
9046 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 WriteAndX unicode overflow attempt (netbios.rules)
9047 <-> NETBIOS SMB wkssvc NetrJoinDomain2 WriteAndX overflow attempt (netbios.rules)
9048 <-> NETBIOS SMB wkssvc NetrJoinDomain2 overflow attempt (netbios.rules)
9049 <-> NETBIOS SMB wkssvc NetrJoinDomain2 unicode little endian overflow attempt (netbios.rules)
9061 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 unicode overflow attempt (netbios.rules)
9063 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 little endian overflow attempt (netbios.rules)
9064 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 WriteAndX little endian overflow attempt (netbios.rules)
9065 <-> NETBIOS SMB wkssvc NetrJoinDomain2 WriteAndX unicode little endian object call overflow attempt (netbios.rules)
9066 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 object call overflow attempt (netbios.rules)
9067 <-> NETBIOS SMB wkssvc NetrJoinDomain2 unicode object call overflow attempt (netbios.rules)
9068 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 unicode little endian object call overflow attempt (netbios.rules)
9069 <-> NETBIOS SMB wkssvc NetrJoinDomain2 little endian object call overflow attempt (netbios.rules)
9070 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 WriteAndX unicode object call overflow attempt (netbios.rules)
9071 <-> NETBIOS SMB wkssvc NetrJoinDomain2 WriteAndX unicode object call overflow attempt (netbios.rules)
9072 <-> NETBIOS SMB wkssvc NetrJoinDomain2 WriteAndX object call overflow attempt (netbios.rules)
9073 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 WriteAndX object call overflow attempt (netbios.rules)
9074 <-> NETBIOS SMB wkssvc NetrJoinDomain2 unicode little endian object call overflow attempt (netbios.rules)
9075 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 andx overflow attempt (netbios.rules)
9076 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 WriteAndX andx overflow attempt (netbios.rules)
9077 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 unicode andx object call overflow attempt (netbios.rules)
9078 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 WriteAndX unicode little endian andx object call overflow attempt (netbios.rules)
9079 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 little endian andx object call overflow attempt (netbios.rules)
9080 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 WriteAndX little endian andx object call overflow attempt (netbios.rules)
9081 <-> NETBIOS SMB wkssvc NetrJoinDomain2 WriteAndX unicode little endian andx overflow attempt (netbios.rules)
9082 <-> NETBIOS SMB wkssvc NetrJoinDomain2 andx object call overflow attempt (netbios.rules)
9084 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 WriteAndX unicode little endian andx overflow attempt (netbios.rules)
9085 <-> NETBIOS SMB wkssvc NetrJoinDomain2 WriteAndX little endian andx object call overflow attempt (netbios.rules)
9089 <-> NETBIOS SMB wkssvc NetrJoinDomain2 unicode andx overflow attempt (netbios.rules)
9090 <-> NETBIOS SMB wkssvc NetrJoinDomain2 WriteAndX little endian andx overflow attempt (netbios.rules)
9091 <-> NETBIOS SMB wkssvc NetrJoinDomain2 little endian andx overflow attempt (netbios.rules)
9092 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 unicode little endian andx overflow attempt (netbios.rules)
9093 <-> NETBIOS SMB wkssvc NetrJoinDomain2 WriteAndX unicode andx overflow attempt (netbios.rules)
9094 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 WriteAndX unicode andx overflow attempt (netbios.rules)
9095 <-> NETBIOS SMB wkssvc NetrJoinDomain2 WriteAndX andx overflow attempt (netbios.rules)
9096 <-> NETBIOS SMB wkssvc NetrJoinDomain2 andx overflow attempt (netbios.rules)
9097 <-> NETBIOS SMB wkssvc NetrJoinDomain2 unicode little endian andx overflow attempt (netbios.rules)
9109 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 unicode andx overflow attempt (netbios.rules)
9111 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 little endian andx overflow attempt (netbios.rules)
9112 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 WriteAndX little endian andx overflow attempt (netbios.rules)
9113 <-> NETBIOS SMB wkssvc NetrJoinDomain2 WriteAndX unicode little endian andx object call overflow attempt (netbios.rules)
9114 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 andx object call overflow attempt (netbios.rules)
9115 <-> NETBIOS SMB wkssvc NetrJoinDomain2 unicode andx object call overflow attempt (netbios.rules)
9116 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 unicode little endian andx object call overflow attempt (netbios.rules)
9117 <-> NETBIOS SMB wkssvc NetrJoinDomain2 little endian andx object call overflow attempt (netbios.rules)
9118 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 WriteAndX unicode andx object call overflow attempt (netbios.rules)
9119 <-> NETBIOS SMB wkssvc NetrJoinDomain2 WriteAndX unicode andx object call overflow attempt (netbios.rules)
9120 <-> NETBIOS SMB wkssvc NetrJoinDomain2 WriteAndX andx object call overflow attempt (netbios.rules)
9121 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 WriteAndX andx object call overflow attempt (netbios.rules)
9122 <-> NETBIOS SMB wkssvc NetrJoinDomain2 unicode little endian andx object call overflow attempt (netbios.rules)
9326 <-> SPECIFIC-THREATS netsky.p smtp propagation detection (specific-threats.rules)
9327 <-> SPECIFIC-THREATS netsky.af smtp propagation detection (specific-threats.rules)
9328 <-> SPECIFIC-THREATS zhangpo smtp propagation detection (specific-threats.rules)
9329 <-> SPECIFIC-THREATS yarner.b smtp propagation detection (specific-threats.rules)
9330 <-> SPECIFIC-THREATS mydoom.e smtp propagation detection (specific-threats.rules)
9331 <-> SPECIFIC-THREATS mydoom.m smtp propagation detection (specific-threats.rules)
9332 <-> SPECIFIC-THREATS mimail.a smtp propagation detection (specific-threats.rules)
9333 <-> SPECIFIC-THREATS mimail.e smtp propagation detection (specific-threats.rules)
9334 <-> SPECIFIC-THREATS lovgate.c smtp propagation detection (specific-threats.rules)
9335 <-> SPECIFIC-THREATS netsky.b smtp propagation detection (specific-threats.rules)
9336 <-> SPECIFIC-THREATS netsky.t smtp propagation detection (specific-threats.rules)
9337 <-> SPECIFIC-THREATS netsky.x smtp propagation detection (specific-threats.rules)
9338 <-> SPECIFIC-THREATS mydoom.i smtp propagation detection (specific-threats.rules)
9339 <-> SPECIFIC-THREATS klez.g web propagation detection (specific-threats.rules)
9340 <-> SPECIFIC-THREATS klez.i web propagation detection (specific-threats.rules)
9341 <-> SPECIFIC-THREATS sasser open ftp command shell (specific-threats.rules)
9342 <-> SPECIFIC-THREATS paroc.a smtp propagation detection (specific-threats.rules)
9343 <-> SPECIFIC-THREATS kadra smtp propagation detection (specific-threats.rules)
9344 <-> SPECIFIC-THREATS kindal smtp propagation detection (specific-threats.rules)
9345 <-> SPECIFIC-THREATS kipis.a smtp propagation detection (specific-threats.rules)
9346 <-> SPECIFIC-THREATS klez.b web propagation detection (specific-threats.rules)
9347 <-> SPECIFIC-THREATS klez.b netshare propagation detection (specific-threats.rules)
9348 <-> SPECIFIC-THREATS morbex smtp propagation detection (specific-threats.rules)
9349 <-> SPECIFIC-THREATS plemood smtp propagation detection (specific-threats.rules)
9350 <-> SPECIFIC-THREATS mimail.k smtp propagation detection (specific-threats.rules)
9351 <-> SPECIFIC-THREATS lovgate.a netshare propagation detection (specific-threats.rules)
9352 <-> SPECIFIC-THREATS lovgate.a smtp propagation detection (specific-threats.rules)
9353 <-> SPECIFIC-THREATS deborm.x netshare propagation detection (specific-threats.rules)
9354 <-> SPECIFIC-THREATS deborm.y netshare propagation detection (specific-threats.rules)
9355 <-> SPECIFIC-THREATS deborm.u netshare propagation detection (specific-threats.rules)
9356 <-> SPECIFIC-THREATS deborm.q netshare propagation detection (specific-threats.rules)
9357 <-> SPECIFIC-THREATS deborm.r netshare propagation detection (specific-threats.rules)
9358 <-> SPECIFIC-THREATS fizzer smtp propagation detection (specific-threats.rules)
9359 <-> SPECIFIC-THREATS zafi.b smtp propagation detection (specific-threats.rules)
9360 <-> SPECIFIC-THREATS cult.b smtp propagation detection (specific-threats.rules)
9361 <-> SPECIFIC-THREATS mimail.l smtp propagation detection (specific-threats.rules)
9362 <-> SPECIFIC-THREATS mimail.m smtp propagation detection (specific-threats.rules)
9363 <-> SPECIFIC-THREATS klez.d web propagation detection (specific-threats.rules)
9364 <-> SPECIFIC-THREATS klez.e web propagation detection (specific-threats.rules)
9365 <-> SPECIFIC-THREATS cult.c smtp propagation detection (specific-threats.rules)
9366 <-> SPECIFIC-THREATS mimail.s smtp propagation detection (specific-threats.rules)
9367 <-> SPECIFIC-THREATS anset.b smtp propagation detection (specific-threats.rules)
9368 <-> SPECIFIC-THREATS agist.a smtp propagation detection (specific-threats.rules)
9369 <-> SPECIFIC-THREATS atak.a smtp propagation detection (specific-threats.rules)
9370 <-> SPECIFIC-THREATS bagle.b smtp propagation detection (specific-threats.rules)
9371 <-> SPECIFIC-THREATS bagle.e smtp propagation detection (specific-threats.rules)
9372 <-> SPECIFIC-THREATS blebla.a smtp propagation detection (specific-threats.rules)
9373 <-> SPECIFIC-THREATS clepa smtp propagation detection (specific-threats.rules)
9374 <-> SPECIFIC-THREATS creepy.b smtp propagation detection (specific-threats.rules)
9375 <-> SPECIFIC-THREATS duksten.c smtp propagation detection (specific-threats.rules)
9376 <-> SPECIFIC-THREATS fishlet.a smtp propagation detection (specific-threats.rules)
9377 <-> SPECIFIC-THREATS mydoom.g smtp propagation detection (specific-threats.rules)
9378 <-> SPECIFIC-THREATS netsky.q smtp propagation detection (specific-threats.rules)
9379 <-> SPECIFIC-THREATS netsky.s smtp propagation detection (specific-threats.rules)
9380 <-> SPECIFIC-THREATS jitux msn messenger propagation detection (specific-threats.rules)
9381 <-> SPECIFIC-THREATS lara smtp propagation detection (specific-threats.rules)
9382 <-> SPECIFIC-THREATS fearso.c smtp propagation detection (specific-threats.rules)
9383 <-> SPECIFIC-THREATS netsky.y smtp propagation detection (specific-threats.rules)
9384 <-> SPECIFIC-THREATS beglur.a smtp propagation detection (specific-threats.rules)
9385 <-> SPECIFIC-THREATS collo.a smtp propagation detection (specific-threats.rules)
9386 <-> SPECIFIC-THREATS bagle.f smtp propagation detection (specific-threats.rules)
9387 <-> SPECIFIC-THREATS klez.j web propagation detection (specific-threats.rules)
9388 <-> SPECIFIC-THREATS mimail.g smtp propagation detection (specific-threats.rules)
9389 <-> SPECIFIC-THREATS bagle.i smtp propagation detection (specific-threats.rules)
9390 <-> SPECIFIC-THREATS deborm.d netshare propagation detection (specific-threats.rules)
9391 <-> SPECIFIC-THREATS mimail.i smtp propagation detection (specific-threats.rules)
9392 <-> SPECIFIC-THREATS bagle.j smtp propagation detection (specific-threats.rules)
9393 <-> SPECIFIC-THREATS bagle.k smtp propagation detection (specific-threats.rules)
9394 <-> SPECIFIC-THREATS bagle.n smtp propagation detection (specific-threats.rules)
9395 <-> SPECIFIC-THREATS deborm.j netshare propagation detection (specific-threats.rules)
9396 <-> SPECIFIC-THREATS deborm.t netshare propagation detection (specific-threats.rules)
9397 <-> SPECIFIC-THREATS neysid smtp propagation detection (specific-threats.rules)
9398 <-> SPECIFIC-THREATS totilix.a smtp propagation detection (specific-threats.rules)
9399 <-> SPECIFIC-THREATS hanged smtp propagation detection (specific-threats.rules)
9400 <-> SPECIFIC-THREATS abotus smtp propagation detection (specific-threats.rules)
9401 <-> SPECIFIC-THREATS gokar http propagation detectiot (specific-threats.rules)
9403 <-> SPECIFIC-THREATS netsky.aa smtp propagation detection (specific-threats.rules)
9404 <-> SPECIFIC-THREATS netsky.ac smtp propagation detection (specific-threats.rules)
9405 <-> SPECIFIC-THREATS netsky.af smtp propagation detection (specific-threats.rules)
9406 <-> SPECIFIC-THREATS lovgate.e smtp propagation detection (specific-threats.rules)
9407 <-> SPECIFIC-THREATS lovgate.b netshare propagation detection (specific-threats.rules)
9408 <-> SPECIFIC-THREATS lacrow smtp propagation detection (specific-threats.rules)
9409 <-> SPECIFIC-THREATS atak.b smtp propagation detection (specific-threats.rules)
9410 <-> SPECIFIC-THREATS netsky.z smtp propagation detection (specific-threats.rules)
9411 <-> SPECIFIC-THREATS mimail.f smtp propagation detection (specific-threats.rules)
9412 <-> SPECIFIC-THREATS sinmsn.b msn propagation detection (specific-threats.rules)
9413 <-> SPECIFIC-THREATS ganda smtp propagation detection (specific-threats.rules)
9414 <-> SPECIFIC-THREATS lovelorn.a smtp propagation detection (specific-threats.rules)
9415 <-> SPECIFIC-THREATS plexus.a smtp propagation detection (specific-threats.rules)
9416 <-> SPECIFIC-THREATS bagle.at smtp propagation detection (specific-threats.rules)
9417 <-> SPECIFIC-THREATS bagle.a smtp propagation detection (specific-threats.rules)
9418 <-> SPECIFIC-THREATS bagle.a http notification detection (specific-threats.rules)
9419 <-> SPECIFIC-THREATS sasser attempt (specific-threats.rules)
9420 <-> SPECIFIC-THREATS korgo attempt (specific-threats.rules)
9421 <-> SPECIFIC-THREATS zotob attempt (specific-threats.rules)
9422 <-> SPECIFIC-THREATS msblast attempt (specific-threats.rules)
9423 <-> SPECIFIC-THREATS lovegate attempt (specific-threats.rules)
9424 <-> SPECIFIC-THREATS /winnt/explorer.exe unicode klez infection attempt attempt (specific-threats.rules)
9425 <-> SPECIFIC-THREATS netsky attachment (specific-threats.rules)
9426 <-> SPECIFIC-THREATS mydoom.ap attachment (specific-threats.rules)
9447 <-> NETBIOS SMB-DS ISystemActivator WriteAndX little endian alter context attempt (netbios.rules)
9448 <-> NETBIOS SMB-DS ISystemActivator unicode little endian alter context attempt (netbios.rules)
9449 <-> NETBIOS SMB-DS ISystemActivator WriteAndX unicode alter context attempt (netbios.rules)
9454 <-> NETBIOS SMB-DS ISystemActivator bind attempt (netbios.rules)
9455 <-> NETBIOS SMB-DS ISystemActivator WriteAndX bind attempt (netbios.rules)
9456 <-> NETBIOS SMB-DS ISystemActivator unicode bind attempt (netbios.rules)
9457 <-> NETBIOS SMB-DS ISystemActivator WriteAndX unicode little endian bind attempt (netbios.rules)
9462 <-> NETBIOS SMB-DS ISystemActivator little endian bind attempt (netbios.rules)
9463 <-> NETBIOS SMB-DS ISystemActivator WriteAndX little endian bind attempt (netbios.rules)
9464 <-> NETBIOS SMB-DS ISystemActivator unicode little endian bind attempt (netbios.rules)
9465 <-> NETBIOS SMB-DS ISystemActivator WriteAndX unicode bind attempt (netbios.rules)
9469 <-> NETBIOS SMB-DS ISystemActivator andx alter context attempt (netbios.rules)
9470 <-> NETBIOS SMB-DS ISystemActivator WriteAndX andx alter context attempt (netbios.rules)
9471 <-> NETBIOS SMB-DS ISystemActivator unicode andx alter context attempt (netbios.rules)
9472 <-> NETBIOS SMB-DS ISystemActivator WriteAndX unicode little endian andx alter context attempt (netbios.rules)
9478 <-> NETBIOS SMB-DS ISystemActivator little endian andx alter context attempt (netbios.rules)
9479 <-> NETBIOS SMB-DS ISystemActivator WriteAndX little endian andx alter context attempt (netbios.rules)
9480 <-> NETBIOS SMB-DS ISystemActivator unicode little endian andx alter context attempt (netbios.rules)
9481 <-> NETBIOS SMB-DS ISystemActivator WriteAndX unicode andx alter context attempt (netbios.rules)
9486 <-> NETBIOS SMB-DS ISystemActivator andx bind attempt (netbios.rules)
9487 <-> NETBIOS SMB-DS ISystemActivator WriteAndX andx bind attempt (netbios.rules)
9488 <-> NETBIOS SMB-DS ISystemActivator unicode andx bind attempt (netbios.rules)
9489 <-> NETBIOS SMB-DS ISystemActivator WriteAndX unicode little endian andx bind attempt (netbios.rules)
9494 <-> NETBIOS SMB-DS ISystemActivator little endian andx bind attempt (netbios.rules)
9495 <-> NETBIOS SMB-DS ISystemActivator WriteAndX little endian andx bind attempt (netbios.rules)
9496 <-> NETBIOS SMB-DS ISystemActivator unicode little endian andx bind attempt (netbios.rules)
9497 <-> NETBIOS SMB-DS ISystemActivator WriteAndX unicode andx bind attempt (netbios.rules)
9499 <-> NETBIOS DCERPC DIRECT ISystemActivator little endian alter context attempt (netbios.rules)
9500 <-> NETBIOS DCERPC NCACN-HTTP ISystemActivator little endian alter context attempt (netbios.rules)
9501 <-> NETBIOS DCERPC NCACN-HTTP ISystemActivator alter context attempt (netbios.rules)
9502 <-> NETBIOS DCERPC NCACN-IP-TCP ISystemActivator alter context attempt (netbios.rules)
9503 <-> NETBIOS DCERPC NCADG-IP-UDP ISystemActivator alter context attempt (netbios.rules)
9504 <-> NETBIOS DCERPC NCADG-IP-UDP ISystemActivator little endian alter context attempt (netbios.rules)
9505 <-> NETBIOS DCERPC NCACN-IP-TCP ISystemActivator little endian alter context attempt (netbios.rules)
9506 <-> NETBIOS DCERPC DIRECT ISystemActivator alter context attempt (netbios.rules)
9507 <-> NETBIOS DCERPC DIRECT ISystemActivator little endian bind attempt (netbios.rules)
9508 <-> NETBIOS DCERPC NCACN-HTTP ISystemActivator little endian bind attempt (netbios.rules)
9509 <-> NETBIOS DCERPC NCACN-HTTP ISystemActivator bind attempt (netbios.rules)
9510 <-> NETBIOS DCERPC NCACN-IP-TCP ISystemActivator bind attempt (netbios.rules)
9511 <-> NETBIOS DCERPC NCADG-IP-UDP ISystemActivator bind attempt (netbios.rules)
9512 <-> NETBIOS DCERPC NCADG-IP-UDP ISystemActivator little endian bind attempt (netbios.rules)
9513 <-> NETBIOS DCERPC NCACN-IP-TCP ISystemActivator little endian bind attempt (netbios.rules)
9514 <-> NETBIOS DCERPC DIRECT ISystemActivator bind attempt (netbios.rules)
9516 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance unicode attempt (netbios.rules)
9528 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance WriteAndX little endian attempt (netbios.rules)
9532 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance unicode attempt (netbios.rules)
9533 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance WriteAndX unicode attempt (netbios.rules)
9534 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance WriteAndX attempt (netbios.rules)
9535 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance WriteAndX unicode little endian attempt (netbios.rules)
9536 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance little endian attempt (netbios.rules)
9537 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance WriteAndX unicode little endian attempt (netbios.rules)
9538 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance WriteAndX attempt (netbios.rules)
9539 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance attempt (netbios.rules)
9540 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance object call attempt (netbios.rules)
9541 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance WriteAndX unicode object call attempt (netbios.rules)
9542 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance unicode little endian object call attempt (netbios.rules)
9543 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance little endian object call attempt (netbios.rules)
9544 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance WriteAndX little endian object call attempt (netbios.rules)
9545 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance unicode little endian object call attempt (netbios.rules)
9546 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance unicode object call attempt (netbios.rules)
9547 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance andx attempt (netbios.rules)
9548 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance WriteAndX little endian andx object call attempt (netbios.rules)
9549 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance unicode andx object call attempt (netbios.rules)
9550 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance WriteAndX unicode andx object call attempt (netbios.rules)
9551 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance WriteAndX andx object call attempt (netbios.rules)
9552 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance WriteAndX unicode little endian andx object call attempt (netbios.rules)
9553 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance little endian andx object call attempt (netbios.rules)
9554 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance WriteAndX unicode little endian andx object call attempt (netbios.rules)
9555 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance WriteAndX andx object call attempt (netbios.rules)
9556 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance andx object call attempt (netbios.rules)
9557 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance WriteAndX unicode andx attempt (netbios.rules)
9558 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance unicode little endian andx attempt (netbios.rules)
9559 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance little endian andx attempt (netbios.rules)
9560 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance WriteAndX little endian andx attempt (netbios.rules)
9561 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance unicode little endian andx attempt (netbios.rules)
9564 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance unicode andx attempt (netbios.rules)
9576 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance WriteAndX little endian andx attempt (netbios.rules)
9580 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance unicode andx attempt (netbios.rules)
9581 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance WriteAndX unicode andx attempt (netbios.rules)
9582 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance WriteAndX andx attempt (netbios.rules)
9583 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance WriteAndX unicode little endian andx attempt (netbios.rules)
9584 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance little endian andx attempt (netbios.rules)
9585 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance WriteAndX unicode little endian andx attempt (netbios.rules)
9586 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance WriteAndX andx attempt (netbios.rules)
9587 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance andx attempt (netbios.rules)
9588 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance andx object call attempt (netbios.rules)
9589 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance WriteAndX unicode andx object call attempt (netbios.rules)
9590 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance unicode little endian andx object call attempt (netbios.rules)
9591 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance little endian andx object call attempt (netbios.rules)
9592 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance WriteAndX little endian andx object call attempt (netbios.rules)
9593 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance unicode little endian andx object call attempt (netbios.rules)
9594 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance unicode andx object call attempt (netbios.rules)
9599 <-> NETBIOS DCERPC NCADG-IP-UDP v4 ISystemActivator RemoteCreateInstance attempt (netbios.rules)
9600 <-> NETBIOS DCERPC NCADG-IP-UDP v4 ISystemActivator RemoteCreateInstance little endian attempt (netbios.rules)
9601 <-> NETBIOS DCERPC NCACN-IP-TCP ISystemActivator RemoteCreateInstance little endian attempt (netbios.rules)
9602 <-> NETBIOS DCERPC DIRECT ISystemActivator RemoteCreateInstance little endian attempt (netbios.rules)
9603 <-> NETBIOS DCERPC NCACN-HTTP ISystemActivator RemoteCreateInstance little endian attempt (netbios.rules)
9606 <-> NETBIOS DCERPC NCACN-HTTP ISystemActivator RemoteCreateInstance attempt (netbios.rules)
9607 <-> NETBIOS DCERPC NCACN-IP-TCP ISystemActivator RemoteCreateInstance attempt (netbios.rules)
9608 <-> NETBIOS DCERPC DIRECT ISystemActivator RemoteCreateInstance attempt (netbios.rules)
9609 <-> NETBIOS DCERPC NCADG-IP-UDP ISystemActivator RemoteCreateInstance attempt (netbios.rules)
9610 <-> NETBIOS DCERPC NCADG-IP-UDP ISystemActivator RemoteCreateInstance little endian attempt (netbios.rules)
9611 <-> NETBIOS DCERPC NCACN-IP-TCP ISystemActivator RemoteCreateInstance little endian object call attempt (netbios.rules)
9612 <-> NETBIOS DCERPC DIRECT ISystemActivator RemoteCreateInstance little endian object call attempt (netbios.rules)
9613 <-> NETBIOS DCERPC NCACN-HTTP ISystemActivator RemoteCreateInstance little endian object call attempt (netbios.rules)
9614 <-> NETBIOS DCERPC NCACN-HTTP ISystemActivator RemoteCreateInstance object call attempt (netbios.rules)
9615 <-> NETBIOS DCERPC NCACN-IP-TCP ISystemActivator RemoteCreateInstance object call attempt (netbios.rules)
9616 <-> NETBIOS DCERPC DIRECT ISystemActivator RemoteCreateInstance object call attempt (netbios.rules)
9617 <-> NETBIOS DCERPC NCADG-IP-UDP ISystemActivator RemoteCreateInstance object call attempt (netbios.rules)
9618 <-> NETBIOS DCERPC NCADG-IP-UDP ISystemActivator RemoteCreateInstance little endian object call attempt (netbios.rules)
9674 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile WriteAndX unicode attempt (netbios.rules)
9675 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile WriteAndX attempt (netbios.rules)
9676 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile unicode attempt (netbios.rules)
9677 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile attempt (netbios.rules)
9678 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile WriteAndX attempt (netbios.rules)
9679 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile WriteAndX unicode little endian attempt (netbios.rules)
9680 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile attempt (netbios.rules)
9681 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile WriteAndX little endian attempt (netbios.rules)
9682 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile WriteAndX unicode little endian attempt (netbios.rules)
9683 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile unicode little endian attempt (netbios.rules)
9684 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile WriteAndX little endian attempt (netbios.rules)
9685 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile unicode little endian attempt (netbios.rules)
9686 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile little endian object call attempt (netbios.rules)
9687 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile WriteAndX unicode object call attempt (netbios.rules)
9688 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile WriteAndX little endian andx object call attempt (netbios.rules)
9689 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile WriteAndX andx object call attempt (netbios.rules)
9690 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile andx object call attempt (netbios.rules)
9691 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile unicode little endian andx object call attempt (netbios.rules)
9692 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile WriteAndX unicode little endian andx object call attempt (netbios.rules)
9693 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile unicode little endian andx object call attempt (netbios.rules)
9694 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile little endian andx object call attempt (netbios.rules)
9695 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile WriteAndX little endian andx object call attempt (netbios.rules)
9698 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile unicode andx attempt (netbios.rules)
9699 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile little endian andx attempt (netbios.rules)
9701 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile WriteAndX unicode andx object call attempt (netbios.rules)
9702 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile WriteAndX andx object call attempt (netbios.rules)
9703 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile unicode andx object call attempt (netbios.rules)
9704 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile unicode andx object call attempt (netbios.rules)
9705 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile andx object call attempt (netbios.rules)
9706 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile WriteAndX unicode little endian andx object call attempt (netbios.rules)
9707 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile WriteAndX unicode andx attempt (netbios.rules)
9709 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile little endian andx attempt (netbios.rules)
9722 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile WriteAndX unicode andx attempt (netbios.rules)
9723 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile WriteAndX andx attempt (netbios.rules)
9724 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile unicode andx attempt (netbios.rules)
9725 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile andx attempt (netbios.rules)
9726 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile WriteAndX andx attempt (netbios.rules)
9727 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile WriteAndX unicode little endian andx attempt (netbios.rules)
9728 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile andx attempt (netbios.rules)
9729 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile WriteAndX little endian andx attempt (netbios.rules)
9730 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile WriteAndX unicode little endian andx attempt (netbios.rules)
9731 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile unicode little endian andx attempt (netbios.rules)
9732 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile WriteAndX little endian andx attempt (netbios.rules)
9733 <-> NETBIOS SMB-DS ISystemActivator CoGetInstanceFromFile unicode little endian andx attempt (netbios.rules)
9734 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile little endian andx object call attempt (netbios.rules)
9735 <-> NETBIOS SMB ISystemActivator CoGetInstanceFromFile WriteAndX unicode andx object call attempt (netbios.rules)
9737 <-> NETBIOS DCERPC NCADG-IP-UDP v4 ISystemActivator CoGetInstanceFromFile attempt (netbios.rules)
9738 <-> NETBIOS DCERPC DIRECT ISystemActivator CoGetInstanceFromFile little endian attempt (netbios.rules)
9739 <-> NETBIOS DCERPC DIRECT v4 ISystemActivator CoGetInstanceFromFile little endian attempt (netbios.rules)
9740 <-> NETBIOS DCERPC NCACN-HTTP ISystemActivator CoGetInstanceFromFile attempt (netbios.rules)
9744 <-> NETBIOS DCERPC NCADG-IP-UDP v4 ISystemActivator CoGetInstanceFromFile little endian attempt (netbios.rules)
9745 <-> NETBIOS DCERPC NCADG-IP-UDP ISystemActivator CoGetInstanceFromFile attempt (netbios.rules)
9746 <-> NETBIOS DCERPC DIRECT v4 ISystemActivator CoGetInstanceFromFile attempt (netbios.rules)
9747 <-> NETBIOS DCERPC NCACN-HTTP ISystemActivator CoGetInstanceFromFile little endian attempt (netbios.rules)
9748 <-> NETBIOS DCERPC NCACN-IP-TCP ISystemActivator CoGetInstanceFromFile attempt (netbios.rules)
9749 <-> NETBIOS DCERPC NCACN-IP-TCP ISystemActivator CoGetInstanceFromFile little endian attempt (netbios.rules)
9750 <-> NETBIOS DCERPC NCADG-IP-UDP ISystemActivator CoGetInstanceFromFile little endian attempt (netbios.rules)
9751 <-> NETBIOS DCERPC DIRECT ISystemActivator CoGetInstanceFromFile attempt (netbios.rules)
9752 <-> NETBIOS DCERPC DIRECT ISystemActivator CoGetInstanceFromFile little endian object call attempt (netbios.rules)
9753 <-> NETBIOS DCERPC NCACN-HTTP ISystemActivator CoGetInstanceFromFile object call attempt (netbios.rules)
9754 <-> NETBIOS DCERPC NCADG-IP-UDP ISystemActivator CoGetInstanceFromFile object call attempt (netbios.rules)
9755 <-> NETBIOS DCERPC NCACN-HTTP ISystemActivator CoGetInstanceFromFile little endian object call attempt (netbios.rules)
9756 <-> NETBIOS DCERPC NCACN-IP-TCP ISystemActivator CoGetInstanceFromFile object call attempt (netbios.rules)
9757 <-> NETBIOS DCERPC NCACN-IP-TCP ISystemActivator CoGetInstanceFromFile little endian object call attempt (netbios.rules)
9758 <-> NETBIOS DCERPC NCADG-IP-UDP ISystemActivator CoGetInstanceFromFile little endian object call attempt (netbios.rules)
9759 <-> NETBIOS DCERPC DIRECT ISystemActivator CoGetInstanceFromFile object call attempt (netbios.rules)
9760 <-> NETBIOS DCERPC DIRECT-UDP msqueue little endian bind attempt (netbios.rules)
9761 <-> NETBIOS DCERPC DIRECT-UDP msqueue little endian alter context attempt (netbios.rules)
9763 <-> NETBIOS DCERPC DIRECT-UDP msqueue alter context attempt (netbios.rules)
9764 <-> NETBIOS DCERPC DIRECT-UDP v4 msqueue function 4 little endian overflow attempt (netbios.rules)
9765 <-> NETBIOS DCERPC DIRECT-UDP msqueue function 4 little endian overflow attempt (netbios.rules)
9766 <-> NETBIOS DCERPC DIRECT-UDP msqueue function 4 overflow attempt (netbios.rules)
9767 <-> NETBIOS DCERPC DIRECT-UDP msqueue function 4 object call overflow attempt (netbios.rules)
9768 <-> NETBIOS DCERPC NCACN-IP-TCP v4 msqueue function 4 little endian overflow attempt (netbios.rules)
9769 <-> NETBIOS DCERPC DIRECT-UDP v4 msqueue function 4 overflow attempt (netbios.rules)
9770 <-> NETBIOS DCERPC NCACN-IP-TCP msqueue function 4 object call overflow attempt (netbios.rules)
9771 <-> NETBIOS DCERPC DIRECT-UDP msqueue function 4 little endian object call overflow attempt (netbios.rules)
9802 <-> NETBIOS DCERPC DIRECT brightstor-arc alter context attempt (netbios.rules)
9803 <-> NETBIOS DCERPC DIRECT brightstor-arc little endian alter context attempt (netbios.rules)
9804 <-> NETBIOS DCERPC DIRECT brightstor-arc bind attempt (netbios.rules)
9805 <-> NETBIOS DCERPC DIRECT brightstor-arc little endian bind attempt (netbios.rules)
9806 <-> NETBIOS DCERPC DIRECT v4 brightstor-arc GetGroupStatus little endian overflow attempt (netbios.rules)
9807 <-> NETBIOS DCERPC DIRECT brightstor-arc GetGroupStatus little endian overflow attempt (netbios.rules)
9808 <-> NETBIOS DCERPC DIRECT v4 brightstor-arc GetGroupStatus overflow attempt (netbios.rules)
9809 <-> NETBIOS DCERPC DIRECT brightstor-arc GetGroupStatus overflow attempt (netbios.rules)
9854 <-> NETBIOS SMB-DS tapisrv little endian alter context attempt (netbios.rules)
9855 <-> NETBIOS SMB-DS tapisrv WriteAndX little endian alter context attempt (netbios.rules)
9856 <-> NETBIOS SMB-DS tapisrv unicode little endian alter context attempt (netbios.rules)
9857 <-> NETBIOS SMB-DS tapisrv WriteAndX unicode little endian alter context attempt (netbios.rules)
9866 <-> NETBIOS SMB-DS tapisrv alter context attempt (netbios.rules)
9867 <-> NETBIOS SMB-DS tapisrv WriteAndX alter context attempt (netbios.rules)
9868 <-> NETBIOS SMB-DS tapisrv unicode alter context attempt (netbios.rules)
9869 <-> NETBIOS SMB-DS tapisrv WriteAndX unicode alter context attempt (netbios.rules)
9870 <-> NETBIOS SMB-DS tapisrv bind attempt (netbios.rules)
9871 <-> NETBIOS SMB-DS tapisrv WriteAndX bind attempt (netbios.rules)
9872 <-> NETBIOS SMB-DS tapisrv unicode bind attempt (netbios.rules)
9873 <-> NETBIOS SMB-DS tapisrv WriteAndX unicode bind attempt (netbios.rules)
9878 <-> NETBIOS SMB-DS tapisrv little endian bind attempt (netbios.rules)
9879 <-> NETBIOS SMB-DS tapisrv WriteAndX little endian bind attempt (netbios.rules)
9880 <-> NETBIOS SMB-DS tapisrv unicode little endian bind attempt (netbios.rules)
9881 <-> NETBIOS SMB-DS tapisrv WriteAndX unicode little endian bind attempt (netbios.rules)
9886 <-> NETBIOS SMB-DS tapisrv little endian andx alter context attempt (netbios.rules)
9887 <-> NETBIOS SMB-DS tapisrv WriteAndX little endian andx alter context attempt (netbios.rules)
9888 <-> NETBIOS SMB-DS tapisrv unicode little endian andx alter context attempt (netbios.rules)
9889 <-> NETBIOS SMB-DS tapisrv WriteAndX unicode little endian andx alter context attempt (netbios.rules)
9898 <-> NETBIOS SMB-DS tapisrv andx alter context attempt (netbios.rules)
9899 <-> NETBIOS SMB-DS tapisrv WriteAndX andx alter context attempt (netbios.rules)
9900 <-> NETBIOS SMB-DS tapisrv unicode andx alter context attempt (netbios.rules)
9901 <-> NETBIOS SMB-DS tapisrv WriteAndX unicode andx alter context attempt (netbios.rules)
9902 <-> NETBIOS SMB-DS tapisrv andx bind attempt (netbios.rules)
9903 <-> NETBIOS SMB-DS tapisrv WriteAndX andx bind attempt (netbios.rules)
9904 <-> NETBIOS SMB-DS tapisrv unicode andx bind attempt (netbios.rules)
9905 <-> NETBIOS SMB-DS tapisrv WriteAndX unicode andx bind attempt (netbios.rules)
9910 <-> NETBIOS SMB-DS tapisrv little endian andx bind attempt (netbios.rules)
9911 <-> NETBIOS SMB-DS tapisrv WriteAndX little endian andx bind attempt (netbios.rules)
9912 <-> NETBIOS SMB-DS tapisrv unicode little endian andx bind attempt (netbios.rules)
9913 <-> NETBIOS SMB-DS tapisrv WriteAndX unicode little endian andx bind attempt (netbios.rules)
9930 <-> NETBIOS SMB v4 tapisrv ClientRequest unicode little endian LSetAppPriority overflow attempt (netbios.rules)
9931 <-> NETBIOS SMB-DS tapisrv ClientRequest WriteAndX little endian LSetAppPriority overflow attempt (netbios.rules)
9932 <-> NETBIOS SMB-DS tapisrv ClientRequest WriteAndX unicode LSetAppPriority overflow attempt (netbios.rules)
9933 <-> NETBIOS SMB-DS tapisrv ClientRequest WriteAndX unicode little endian LSetAppPriority overflow attempt (netbios.rules)
9934 <-> NETBIOS SMB-DS tapisrv ClientRequest little endian LSetAppPriority overflow attempt (netbios.rules)
9935 <-> NETBIOS SMB tapisrv ClientRequest LSetAppPriority overflow attempt (netbios.rules)
9936 <-> NETBIOS SMB tapisrv ClientRequest WriteAndX unicode LSetAppPriority overflow attempt (netbios.rules)
9937 <-> NETBIOS SMB tapisrv ClientRequest WriteAndX LSetAppPriority overflow attempt (netbios.rules)
9938 <-> NETBIOS SMB tapisrv ClientRequest unicode LSetAppPriority overflow attempt (netbios.rules)
9939 <-> NETBIOS SMB-DS tapisrv ClientRequest unicode LSetAppPriority overflow attempt (netbios.rules)
9950 <-> NETBIOS SMB-DS tapisrv ClientRequest little endian object call LSetAppPriority overflow attempt (netbios.rules)
9951 <-> NETBIOS SMB tapisrv ClientRequest object call LSetAppPriority overflow attempt (netbios.rules)
9952 <-> NETBIOS SMB tapisrv ClientRequest WriteAndX unicode object call LSetAppPriority overflow attempt (netbios.rules)
9953 <-> NETBIOS SMB tapisrv ClientRequest WriteAndX object call LSetAppPriority overflow attempt (netbios.rules)
9954 <-> NETBIOS SMB tapisrv ClientRequest unicode object call LSetAppPriority overflow attempt (netbios.rules)
9955 <-> NETBIOS SMB-DS tapisrv ClientRequest unicode object call LSetAppPriority overflow attempt (netbios.rules)
9956 <-> NETBIOS SMB-DS tapisrv ClientRequest WriteAndX object call LSetAppPriority overflow attempt (netbios.rules)
9957 <-> NETBIOS SMB tapisrv ClientRequest little endian object call LSetAppPriority overflow attempt (netbios.rules)
9958 <-> NETBIOS SMB tapisrv ClientRequest WriteAndX little endian object call LSetAppPriority overflow attempt (netbios.rules)
9959 <-> NETBIOS SMB tapisrv ClientRequest unicode little endian object call LSetAppPriority overflow attempt (netbios.rules)
10018 <-> NETBIOS DCERPC DIRECT v4 brightstor-arc ReserveGroup attempt (netbios.rules)
10019 <-> NETBIOS DCERPC DIRECT brightstor-arc ReserveGroup attempt (netbios.rules)
10042 <-> NETBIOS DCERPC DIRECT brightstor-arc2 alter context attempt (netbios.rules)
10043 <-> NETBIOS DCERPC DIRECT brightstor-arc2 little endian alter context attempt (netbios.rules)
10044 <-> NETBIOS DCERPC DIRECT brightstor-arc2 bind attempt (netbios.rules)
10045 <-> NETBIOS DCERPC DIRECT brightstor-arc2 little endian bind attempt (netbios.rules)
10046 <-> NETBIOS DCERPC DIRECT brightstor-arc2 alter context attempt (netbios.rules)
10047 <-> NETBIOS DCERPC DIRECT brightstor-arc2 little endian alter context attempt (netbios.rules)
10048 <-> NETBIOS DCERPC DIRECT brightstor-arc2 bind attempt (netbios.rules)
10049 <-> NETBIOS DCERPC DIRECT brightstor-arc2 little endian bind attempt (netbios.rules)
10050 <-> NETBIOS DCERPC DIRECT brightstor-arc2 ASDBLoginToComputer overflow attempt (netbios.rules)
10051 <-> NETBIOS DCERPC DIRECT v4 brightstor-arc2 ASDBLoginToComputer little endian overflow attempt (netbios.rules)
10052 <-> NETBIOS DCERPC DIRECT v4 brightstor-arc2 ASDBLoginToComputer overflow attempt (netbios.rules)
10053 <-> NETBIOS DCERPC DIRECT brightstor-arc2 ASDBLoginToComputer little endian overflow attempt (netbios.rules)
10054 <-> NETBIOS DCERPC DIRECT brightstor-arc2 ASDBLoginToComputer object call overflow attempt (netbios.rules)
10055 <-> NETBIOS DCERPC DIRECT brightstor-arc2 ASDBLoginToComputer little endian object call overflow attempt (netbios.rules)
10056 <-> NETBIOS DCERPC DIRECT v4 brightstor-arc2 ASDBLoginToComputer overflow attempt (netbios.rules)
10057 <-> NETBIOS DCERPC DIRECT brightstor-arc2 ASDBLoginToComputer little endian overflow attempt (netbios.rules)
10058 <-> NETBIOS DCERPC DIRECT v4 brightstor-arc2 ASDBLoginToComputer little endian overflow attempt (netbios.rules)
10059 <-> NETBIOS DCERPC DIRECT brightstor-arc2 ASDBLoginToComputer overflow attempt (netbios.rules)
10065 <-> SPECIFIC-THREATS Trojan Peacomm smtp propagation detection (specific-threats.rules)
10066 <-> SPECIFIC-THREATS Trojan Peacomm smtp propagation detection (specific-threats.rules)
10067 <-> SPECIFIC-THREATS Trojan Peacomm smtp propagation detection (specific-threats.rules)
10068 <-> SPECIFIC-THREATS Trojan Peacomm smtp propagation detection (specific-threats.rules)
10069 <-> SPECIFIC-THREATS Trojan Peacomm smtp propagation detection (specific-threats.rules)
10070 <-> SPECIFIC-THREATS Trojan Peacomm smtp propagation detection (specific-threats.rules)
10071 <-> SPECIFIC-THREATS Trojan Peacomm smtp propagation detection (specific-threats.rules)
10072 <-> SPECIFIC-THREATS Trojan Peacomm smtp propagation detection (specific-threats.rules)
10073 <-> SPECIFIC-THREATS Trojan Peacomm smtp propagation detection (specific-threats.rules)
10074 <-> SPECIFIC-THREATS Trojan Peacomm smtp propagation detection (specific-threats.rules)
10075 <-> SPECIFIC-THREATS Trojan Peacomm smtp propagation detection (specific-threats.rules)
10076 <-> SPECIFIC-THREATS Trojan Peacomm smtp propagation detection (specific-threats.rules)
10077 <-> SPECIFIC-THREATS Trojan Peacomm smtp propagation detection (specific-threats.rules)
10078 <-> SPECIFIC-THREATS W32.Nuwar.AY smtp propagation detection (specific-threats.rules)
10079 <-> SPECIFIC-THREATS W32.Nuwar.AY smtp propagation detection (specific-threats.rules)
10080 <-> SPECIFIC-THREATS W32.Nuwar.AY smtp propagation detection (specific-threats.rules)
10081 <-> SPECIFIC-THREATS W32.Nuwar.AY smtp propagation detection (specific-threats.rules)
10082 <-> SPECIFIC-THREATS W32.Nuwar.AY smtp propagation detection (specific-threats.rules)
10083 <-> SPECIFIC-THREATS W32.Nuwar.AY smtp propagation detection (specific-threats.rules)
10120 <-> NETBIOS DCERPC DIRECT brightstor-arc GetGCBHandleFromGroupName overflow attempt (netbios.rules)
10121 <-> NETBIOS DCERPC DIRECT v4 brightstor-arc GetGCBHandleFromGroupName little endian overflow attempt (netbios.rules)
10122 <-> NETBIOS DCERPC DIRECT v4 brightstor-arc GetGCBHandleFromGroupName overflow attempt (netbios.rules)
10123 <-> SPECIFIC-THREATS PA168 chipset based IP phone default password attempt (specific-threats.rules)
10124 <-> SPECIFIC-THREATS PA168 chipset based IP phone authentication bypass (specific-threats.rules)
10402 <-> SPECIFIC-THREATS Trojan.Duntek Data Report POST (specific-threats.rules)
10403 <-> SPECIFIC-THREATS Trojan.Duntek Checkin GET Request (specific-threats.rules)
12307 <-> NETBIOS DCERPC DIRECT v4 trend-serverprotect _SetPagerNotifyConfig little endian attempt (netbios.rules)
12308 <-> NETBIOS DCERPC DIRECT v4 trend-serverprotect _SetPagerNotifyConfig attempt (netbios.rules)
12309 <-> NETBIOS DCERPC DIRECT trend-serverprotect _SetPagerNotifyConfig attempt (netbios.rules)
12310 <-> NETBIOS DCERPC DIRECT trend-serverprotect _SetPagerNotifyConfig little endian attempt (netbios.rules)
12311 <-> NETBIOS DCERPC DIRECT trend-serverprotect _SetPagerNotifyConfig object call attempt (netbios.rules)
12312 <-> NETBIOS DCERPC DIRECT trend-serverprotect _SetPagerNotifyConfig little endian object call attempt (netbios.rules)
12313 <-> NETBIOS DCERPC DIRECT trend-serverprotect-earthagent alter context attempt (netbios.rules)
12314 <-> NETBIOS DCERPC DIRECT trend-serverprotect-earthagent little endian alter context attempt (netbios.rules)
12315 <-> NETBIOS DCERPC DIRECT trend-serverprotect-earthagent bind attempt (netbios.rules)
12316 <-> NETBIOS DCERPC DIRECT trend-serverprotect-earthagent little endian bind attempt (netbios.rules)
12317 <-> NETBIOS DCERPC DIRECT v4 trend-serverprotect-earthagent _SetSpntShareConfig little endian attempt (netbios.rules)
12318 <-> NETBIOS DCERPC DIRECT v4 trend-serverprotect-earthagent _SetSpntShareConfig attempt (netbios.rules)
12319 <-> NETBIOS DCERPC DIRECT trend-serverprotect-earthagent _SetSpntShareConfig attempt (netbios.rules)
12320 <-> NETBIOS DCERPC DIRECT trend-serverprotect-earthagent _SetSpntShareConfig little endian attempt (netbios.rules)
12321 <-> NETBIOS DCERPC DIRECT trend-serverprotect-earthagent _SetSpntShareConfig object call attempt (netbios.rules)
12322 <-> NETBIOS DCERPC DIRECT trend-serverprotect-earthagent _SetSpntShareConfig little endian object call attempt (netbios.rules)
12323 <-> NETBIOS DCERPC DIRECT v4 trend-serverprotect _AddTaskExportLogItem attempt (netbios.rules)
12324 <-> NETBIOS DCERPC DIRECT trend-serverprotect _AddTaskExportLogItem little endian attempt (netbios.rules)
12325 <-> NETBIOS DCERPC DIRECT v4 trend-serverprotect _AddTaskExportLogItem little endian attempt (netbios.rules)
12326 <-> NETBIOS DCERPC DIRECT trend-serverprotect _AddTaskExportLogItem attempt (netbios.rules)
12327 <-> NETBIOS DCERPC DIRECT trend-serverprotect _AddTaskExportLogItem little endian object call attempt (netbios.rules)
12328 <-> NETBIOS DCERPC DIRECT trend-serverprotect _AddTaskExportLogItem object call attempt (netbios.rules)
12329 <-> NETBIOS DCERPC DIRECT v4 trend-serverprotect _TakeActionOnAFile attempt (netbios.rules)
12330 <-> NETBIOS DCERPC DIRECT trend-serverprotect _TakeActionOnAFile little endian attempt (netbios.rules)
12331 <-> NETBIOS DCERPC DIRECT v4 trend-serverprotect _TakeActionOnAFile little endian attempt (netbios.rules)
12332 <-> NETBIOS DCERPC DIRECT trend-serverprotect _TakeActionOnAFile attempt (netbios.rules)
12333 <-> NETBIOS DCERPC DIRECT trend-serverprotect _TakeActionOnAFile little endian object call attempt (netbios.rules)
12334 <-> NETBIOS DCERPC DIRECT trend-serverprotect _TakeActionOnAFile object call attempt (netbios.rules)
12335 <-> NETBIOS DCERPC DIRECT v4 trend-serverprotect Trent_req_num_30010 overflow attempt (netbios.rules)
12336 <-> NETBIOS DCERPC DIRECT trend-serverprotect Trent_req_num_30010 overflow attempt (netbios.rules)
12337 <-> NETBIOS DCERPC DIRECT trend-serverprotect Trent_req_num_30010 little endian overflow attempt (netbios.rules)
12338 <-> NETBIOS DCERPC DIRECT v4 trend-serverprotect Trent_req_num_30010 little endian overflow attempt (netbios.rules)
12339 <-> NETBIOS DCERPC DIRECT trend-serverprotect Trent_req_num_30010 object call overflow attempt (netbios.rules)
12340 <-> NETBIOS DCERPC DIRECT trend-serverprotect Trent_req_num_30010 little endian object call overflow attempt (netbios.rules)
12341 <-> NETBIOS DCERPC DIRECT trend-serverprotect Trent_req_num_a0030 little endian attempt (netbios.rules)
12342 <-> NETBIOS DCERPC DIRECT v4 trend-serverprotect Trent_req_num_a0030 attempt (netbios.rules)
12343 <-> NETBIOS DCERPC DIRECT trend-serverprotect Trent_req_num_a0030 attempt (netbios.rules)
12344 <-> NETBIOS DCERPC DIRECT v4 trend-serverprotect Trent_req_num_a0030 little endian attempt (netbios.rules)
12345 <-> NETBIOS DCERPC DIRECT trend-serverprotect Trent_req_num_a0030 little endian object call attempt (netbios.rules)
12346 <-> NETBIOS DCERPC DIRECT trend-serverprotect Trent_req_num_a0030 object call attempt (netbios.rules)
12347 <-> NETBIOS DCERPC DIRECT v4 trend-serverprotect _SetSvcImpersonateUser little endian attempt (netbios.rules)
12348 <-> NETBIOS DCERPC DIRECT trend-serverprotect _SetSvcImpersonateUser little endian attempt (netbios.rules)
12349 <-> NETBIOS DCERPC DIRECT v4 trend-serverprotect _SetSvcImpersonateUser attempt (netbios.rules)
12350 <-> NETBIOS DCERPC DIRECT trend-serverprotect _SetSvcImpersonateUser attempt (netbios.rules)
12351 <-> NETBIOS DCERPC DIRECT trend-serverprotect _SetSvcImpersonateUser little endian object call attempt (netbios.rules)
12352 <-> NETBIOS DCERPC DIRECT trend-serverprotect _SetSvcImpersonateUser object call attempt (netbios.rules)
13289 <-> WEB-CLIENT Gatway CWebLaunchCtl ActiveX clsid access (web-client.rules)
13290 <-> WEB-CLIENT Gatway CWebLaunchCtl ActiveX clsid unicode access (web-client.rules)
13293 <-> WEB-CLIENT QuickTime panorama atoms buffer overflow attempt (web-client.rules)