Sourcefire VRT Rules Update

Date: 2010-06-03

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2.8_6_0.

The format of the file is:

sid - Message (rule group, priority)

Updated rules:
 109 <-> DELETED BACKDOOR netbus active (deleted.rules, High)
 803 <-> WEB-CGI HyperSeek hsx.cgi directory traversal attempt (web-cgi.rules, High)
 804 <-> WEB-CGI SWSoft ASPSeek Overflow attempt (web-cgi.rules, High)
 805 <-> WEB-CGI webspeed access (web-cgi.rules, High)
 806 <-> WEB-CGI yabb directory traversal attempt (web-cgi.rules, Medium)
 807 <-> WEB-CGI /wwwboard/passwd.txt access (web-cgi.rules, Medium)
 808 <-> WEB-CGI webdriver access (web-cgi.rules, Medium)
 809 <-> WEB-CGI whois_raw.cgi arbitrary command execution attempt (web-cgi.rules, High)
 810 <-> WEB-CGI whois_raw.cgi access (web-cgi.rules, Medium)
 812 <-> WEB-CGI webplus version access (web-cgi.rules, Medium)
 813 <-> WEB-CGI webplus directory traversal (web-cgi.rules, High)
 815 <-> WEB-CGI websendmail access (web-cgi.rules, Medium)
 817 <-> WEB-CGI dcboard.cgi invalid user addition attempt (web-cgi.rules, High)
 818 <-> WEB-CGI dcforum.cgi access (web-cgi.rules, Medium)
 819 <-> WEB-CGI mmstdod.cgi access (web-cgi.rules, Medium)
 820 <-> WEB-CGI anaconda directory transversal attempt (web-cgi.rules, High)
 821 <-> WEB-CGI imagemap.exe overflow attempt (web-cgi.rules, High)
 823 <-> WEB-CGI cvsweb.cgi access (web-cgi.rules, Medium)
 824 <-> WEB-CGI php.cgi access (web-cgi.rules, Medium)
 825 <-> WEB-CGI glimpse access (web-cgi.rules, Medium)
 826 <-> WEB-CGI htmlscript access (web-cgi.rules, Medium)
 827 <-> WEB-CGI info2www access (web-cgi.rules, Medium)
 828 <-> WEB-CGI maillist.pl access (web-cgi.rules, Medium)
 829 <-> WEB-CGI nph-test-cgi access (web-cgi.rules, Medium)
 832 <-> WEB-CGI perl.exe access (web-cgi.rules, Medium)
 833 <-> WEB-CGI rguest.exe access (web-cgi.rules, Medium)
 834 <-> WEB-CGI rwwwshell.pl access (web-cgi.rules, Medium)
 835 <-> WEB-CGI test-cgi access (web-cgi.rules, Medium)
 836 <-> WEB-CGI textcounter.pl access (web-cgi.rules, Medium)
 837 <-> WEB-CGI uploader.exe access (web-cgi.rules, Medium)
 838 <-> WEB-CGI webgais access (web-cgi.rules, Medium)
 839 <-> WEB-CGI finger access (web-cgi.rules, Medium)
 840 <-> WEB-CGI perlshop.cgi access (web-cgi.rules, Medium)
 842 <-> WEB-CGI aglimpse access (web-cgi.rules, Medium)
 843 <-> WEB-CGI anform2 access (web-cgi.rules, Medium)
 844 <-> WEB-CGI args.bat access (web-cgi.rules, Medium)
 845 <-> WEB-CGI AT-admin.cgi access (web-cgi.rules, Medium)
 846 <-> WEB-CGI bnbform.cgi access (web-cgi.rules, Medium)
 847 <-> WEB-CGI campas access (web-cgi.rules, Medium)
 848 <-> WEB-CGI view-source directory traversal (web-cgi.rules, High)
 849 <-> WEB-CGI view-source access (web-cgi.rules, Medium)
 850 <-> WEB-CGI wais.pl access (web-cgi.rules, Medium)
 851 <-> WEB-CGI files.pl access (web-cgi.rules, Medium)
 852 <-> WEB-CGI wguest.exe access (web-cgi.rules, Medium)
 853 <-> WEB-CGI wrap access (web-cgi.rules, Medium)
 854 <-> WEB-CGI classifieds.cgi access (web-cgi.rules, Medium)
 856 <-> WEB-CGI environ.cgi access (web-cgi.rules, Medium)
 857 <-> WEB-CGI faxsurvey access (web-cgi.rules, Medium)
 858 <-> WEB-CGI filemail access (web-cgi.rules, Medium)
 859 <-> WEB-CGI man.sh access (web-cgi.rules, Medium)
 860 <-> WEB-CGI snork.bat access (web-cgi.rules, Medium)
 861 <-> WEB-CGI w3-msql access (web-cgi.rules, Medium)
 862 <-> WEB-CGI csh access (web-cgi.rules, Medium)
 863 <-> WEB-CGI day5datacopier.cgi access (web-cgi.rules, Medium)
 864 <-> WEB-CGI day5datanotifier.cgi access (web-cgi.rules, Medium)
 865 <-> WEB-CGI ksh access (web-cgi.rules, Medium)
 866 <-> WEB-CGI post-query access (web-cgi.rules, Medium)
 867 <-> WEB-CGI visadmin.exe access (web-cgi.rules, Medium)
 868 <-> WEB-CGI rsh access (web-cgi.rules, Medium)
 869 <-> WEB-CGI dumpenv.pl access (web-cgi.rules, Medium)
 870 <-> WEB-CGI snorkerz.cmd access (web-cgi.rules, Medium)
 871 <-> WEB-CGI survey.cgi access (web-cgi.rules, Medium)
 872 <-> WEB-CGI tcsh access (web-cgi.rules, Medium)
 875 <-> WEB-CGI win-c-sample.exe access (web-cgi.rules, Medium)
 877 <-> WEB-CGI rksh access (web-cgi.rules, Medium)
 878 <-> WEB-CGI w3tvars.pm access (web-cgi.rules, Medium)
 879 <-> WEB-CGI admin.pl access (web-cgi.rules, Medium)
 880 <-> WEB-CGI LWGate access (web-cgi.rules, Medium)
 881 <-> WEB-CGI archie access (web-cgi.rules, Medium)
 882 <-> WEB-CGI calendar access (web-cgi.rules, Medium)
 883 <-> WEB-CGI flexform access (web-cgi.rules, Medium)
 885 <-> WEB-CGI bash access (web-cgi.rules, Medium)
 886 <-> WEB-CGI phf access (web-cgi.rules, Medium)
 887 <-> WEB-CGI www-sql access (web-cgi.rules, Medium)
 888 <-> WEB-CGI wwwadmin.pl access (web-cgi.rules, Medium)
 889 <-> WEB-CGI ppdscgi.exe access (web-cgi.rules, Medium)
 890 <-> WEB-CGI sendform.cgi access (web-cgi.rules, Medium)
 891 <-> WEB-CGI upload.pl access (web-cgi.rules, Medium)
 892 <-> WEB-CGI AnyForm2 access (web-cgi.rules, Medium)
 894 <-> WEB-CGI bb-hist.sh access (web-cgi.rules, Medium)
 895 <-> WEB-CGI redirect access (web-cgi.rules, Medium)
 896 <-> WEB-CGI way-board access (web-cgi.rules, Medium)
 897 <-> WEB-CGI pals-cgi access (web-cgi.rules, Medium)
 898 <-> WEB-CGI commerce.cgi access (web-cgi.rules, Medium)
 899 <-> WEB-CGI Amaya templates sendtemp.pl directory traversal attempt (web-cgi.rules, High)
 900 <-> WEB-CGI webspirs.cgi directory traversal attempt (web-cgi.rules, High)
 901 <-> WEB-CGI webspirs.cgi access (web-cgi.rules, Medium)
 902 <-> WEB-CGI tstisapi.dll access (web-cgi.rules, Medium)
 903 <-> WEB-COLDFUSION cfcache.map access (web-coldfusion.rules, Medium)
 904 <-> WEB-COLDFUSION exampleapp application.cfm (web-coldfusion.rules, Medium)
 905 <-> WEB-COLDFUSION application.cfm access (web-coldfusion.rules, Medium)
 906 <-> WEB-COLDFUSION getfile.cfm access (web-coldfusion.rules, Medium)
 907 <-> WEB-COLDFUSION addcontent.cfm access (web-coldfusion.rules, Medium)
 908 <-> WEB-COLDFUSION administrator access (web-coldfusion.rules, Medium)
 910 <-> WEB-COLDFUSION fileexists.cfm access (web-coldfusion.rules, Medium)
 911 <-> WEB-COLDFUSION exprcalc access (web-coldfusion.rules, Medium)
 912 <-> WEB-COLDFUSION parks access (web-coldfusion.rules, Medium)
 913 <-> WEB-COLDFUSION cfappman access (web-coldfusion.rules, Medium)
 914 <-> WEB-COLDFUSION beaninfo access (web-coldfusion.rules, Medium)
 915 <-> WEB-COLDFUSION evaluate.cfm access (web-coldfusion.rules, Medium)
 918 <-> WEB-COLDFUSION expeval access (web-coldfusion.rules, High)
 922 <-> WEB-COLDFUSION displayfile access (web-coldfusion.rules, High)
 925 <-> WEB-COLDFUSION mainframeset access (web-coldfusion.rules, Medium)
 928 <-> WEB-COLDFUSION exampleapp access (web-coldfusion.rules, Medium)
 930 <-> WEB-COLDFUSION snippets attempt (web-coldfusion.rules, Medium)
 931 <-> WEB-COLDFUSION cfmlsyntaxcheck.cfm access (web-coldfusion.rules, Medium)
 932 <-> WEB-COLDFUSION application.cfm access (web-coldfusion.rules, Medium)
 933 <-> WEB-COLDFUSION onrequestend.cfm access (web-coldfusion.rules, Medium)
 935 <-> WEB-COLDFUSION startstop DOS access (web-coldfusion.rules, High)
 936 <-> WEB-COLDFUSION gettempdirectory.cfm access  (web-coldfusion.rules, Medium)
 937 <-> WEB-FRONTPAGE _vti_rpc access (web-frontpage.rules, Medium)
 939 <-> WEB-FRONTPAGE posting (web-frontpage.rules, Medium)
 940 <-> WEB-FRONTPAGE shtml.dll access (web-frontpage.rules, Medium)
 941 <-> WEB-FRONTPAGE contents.htm access (web-frontpage.rules, Medium)
 942 <-> WEB-FRONTPAGE orders.htm access (web-frontpage.rules, Medium)
 943 <-> WEB-FRONTPAGE fpsrvadm.exe access (web-frontpage.rules, Medium)
 944 <-> WEB-FRONTPAGE fpremadm.exe access (web-frontpage.rules, Medium)
 945 <-> WEB-FRONTPAGE fpadmin.htm access (web-frontpage.rules, Medium)
 946 <-> WEB-FRONTPAGE fpadmcgi.exe access (web-frontpage.rules, Medium)
 947 <-> WEB-FRONTPAGE orders.txt access (web-frontpage.rules, Medium)
 948 <-> WEB-FRONTPAGE form_results access (web-frontpage.rules, Medium)
 949 <-> WEB-FRONTPAGE registrations.htm access (web-frontpage.rules, Medium)
 950 <-> WEB-FRONTPAGE cfgwiz.exe access (web-frontpage.rules, Medium)
 951 <-> WEB-FRONTPAGE authors.pwd access (web-frontpage.rules, Medium)
 952 <-> WEB-FRONTPAGE author.exe access (web-frontpage.rules, Medium)
 953 <-> WEB-FRONTPAGE administrators.pwd access (web-frontpage.rules, Medium)
 954 <-> WEB-FRONTPAGE form_results.htm access (web-frontpage.rules, Medium)
 955 <-> WEB-FRONTPAGE access.cnf access (web-frontpage.rules, Medium)
 956 <-> WEB-FRONTPAGE register.txt access (web-frontpage.rules, Medium)
 957 <-> WEB-FRONTPAGE registrations.txt access (web-frontpage.rules, Medium)
 958 <-> WEB-FRONTPAGE service.cnf access (web-frontpage.rules, Medium)
 959 <-> WEB-FRONTPAGE service.pwd (web-frontpage.rules, Medium)
 960 <-> WEB-FRONTPAGE service.stp access (web-frontpage.rules, Medium)
 961 <-> WEB-FRONTPAGE services.cnf access (web-frontpage.rules, Medium)
 962 <-> WEB-FRONTPAGE shtml.exe access (web-frontpage.rules, Medium)
 963 <-> WEB-FRONTPAGE svcacl.cnf access (web-frontpage.rules, Medium)
 964 <-> WEB-FRONTPAGE users.pwd access (web-frontpage.rules, Medium)
 965 <-> WEB-FRONTPAGE writeto.cnf access (web-frontpage.rules, Medium)
 966 <-> WEB-FRONTPAGE .... request (web-frontpage.rules, High)
 967 <-> WEB-FRONTPAGE dvwssr.dll access (web-frontpage.rules, Medium)
 968 <-> WEB-FRONTPAGE register.htm access (web-frontpage.rules, Medium)
 971 <-> WEB-IIS ISAPI .printer access (web-iis.rules, Medium)
 973 <-> WEB-IIS *.idc attempt (web-iis.rules, High)
 975 <-> WEB-IIS Alternate Data streams ASP file access attempt (web-iis.rules, High)
 977 <-> WEB-IIS .cnf access (web-iis.rules, Medium)
 979 <-> WEB-IIS ASP contents view (web-iis.rules, High)
 980 <-> WEB-IIS CGImail.exe access (web-iis.rules, Medium)
 984 <-> WEB-IIS JET VBA access (web-iis.rules, Medium)
 985 <-> WEB-IIS JET VBA access (web-iis.rules, Medium)
 986 <-> WEB-IIS MSProxy access (web-iis.rules, Medium)
 987 <-> WEB-IIS .htr access (web-iis.rules, Medium)
 990 <-> WEB-FRONTPAGE _vti_inf.html access (web-frontpage.rules, Medium)
 991 <-> WEB-IIS achg.htr access (web-iis.rules, Medium)
 992 <-> WEB-IIS adctest.asp access (web-iis.rules, Medium)
 993 <-> WEB-IIS iisadmin access (web-iis.rules, High)
 994 <-> WEB-IIS /scripts/iisadmin/default.htm access (web-iis.rules, High)
 995 <-> WEB-IIS ism.dll access (web-iis.rules, High)
 996 <-> WEB-IIS anot.htr access (web-iis.rules, Medium)
 997 <-> WEB-IIS asp-dot attempt (web-iis.rules, High)
 998 <-> WEB-IIS asp-srch attempt (web-iis.rules, High)
 999 <-> WEB-IIS bdir access (web-iis.rules, Medium)
1000 <-> WEB-IIS bdir.htr access (web-iis.rules, Medium)
1002 <-> WEB-IIS cmd.exe access (web-iis.rules, High)
1004 <-> WEB-IIS codebrowser Exair access (web-iis.rules, Medium)
1005 <-> WEB-IIS codebrowser SDK access (web-iis.rules, Medium)
1007 <-> WEB-IIS Form_JScript.asp access (web-iis.rules, High)
1009 <-> WEB-IIS directory listing (web-iis.rules, High)
1012 <-> WEB-IIS fpcount attempt (web-iis.rules, High)
1013 <-> WEB-IIS fpcount access (web-iis.rules, Medium)
1015 <-> WEB-IIS getdrvs.exe access (web-iis.rules, Medium)
1016 <-> WEB-IIS global.asa access (web-iis.rules, Medium)
1018 <-> WEB-IIS iisadmpwd attempt (web-iis.rules, High)
1019 <-> WEB-IIS Malformed Hit-Highlighting Argument File Access Attempt (web-iis.rules, High)
1020 <-> WEB-IIS isc$data attempt (web-iis.rules, High)
1021 <-> WEB-IIS ism.dll attempt (web-iis.rules, High)
1022 <-> WEB-IIS jet vba access (web-iis.rules, Medium)
1023 <-> WEB-IIS msadcs.dll access (web-iis.rules, Medium)
1024 <-> WEB-IIS newdsn.exe access (web-iis.rules, Medium)
1025 <-> WEB-IIS perl access (web-iis.rules, Medium)
1026 <-> WEB-IIS perl-browse newline attempt (web-iis.rules, High)
1027 <-> WEB-IIS perl-browse space attempt (web-iis.rules, High)
1028 <-> WEB-IIS query.asp access (web-iis.rules, Medium)
1030 <-> WEB-IIS search97.vts access (web-iis.rules, Medium)
1031 <-> WEB-IIS /SiteServer/Publishing/viewcode.asp access (web-iis.rules, Medium)
1032 <-> WEB-IIS showcode access (web-iis.rules, Medium)
1033 <-> WEB-IIS viewcode access (web-iis.rules, Medium)
1034 <-> WEB-IIS viewcode access (web-iis.rules, Medium)
1035 <-> WEB-IIS viewcode access (web-iis.rules, Medium)
1036 <-> WEB-IIS viewcode access (web-iis.rules, Medium)
1037 <-> WEB-IIS showcode.asp access (web-iis.rules, Medium)
1038 <-> WEB-IIS site server config access (web-iis.rules, Medium)
1039 <-> WEB-IIS srch.htm access (web-iis.rules, Medium)
1040 <-> WEB-IIS srchadm access (web-iis.rules, Medium)
1041 <-> WEB-IIS uploadn.asp access (web-iis.rules, Medium)
1043 <-> WEB-IIS viewcode.asp access (web-iis.rules, Medium)
1044 <-> WEB-IIS webhits access (web-iis.rules, Medium)
1046 <-> WEB-IIS site/iisamples access (web-iis.rules, Medium)
1051 <-> WEB-CGI technote main.cgi file directory traversal attempt (web-cgi.rules, High)
1052 <-> WEB-CGI technote print.cgi directory traversal attempt (web-cgi.rules, High)
1053 <-> WEB-CGI ads.cgi command execution attempt (web-cgi.rules, High)
1075 <-> WEB-IIS postinfo.asp access (web-iis.rules, Medium)
1076 <-> WEB-IIS repost.asp access (web-iis.rules, Medium)
1077 <-> SQL queryhit.htm access (sql.rules, Medium)
1078 <-> SQL counter.exe access (sql.rules, Medium)
1086 <-> WEB-PHP strings overflow (web-php.rules, High)
1088 <-> WEB-CGI eXtropia webstore directory traversal (web-cgi.rules, High)
1089 <-> WEB-CGI shopping cart directory traversal (web-cgi.rules, High)
1090 <-> WEB-CGI Allaire Pro Web Shell attempt (web-cgi.rules, High)
1092 <-> WEB-CGI Armada Style Master Index directory traversal (web-cgi.rules, High)
1093 <-> WEB-CGI cached_feed.cgi moreover shopping cart directory traversal (web-cgi.rules, High)
1097 <-> WEB-CGI Talentsoft Web+ exploit attempt (web-cgi.rules, High)
1100 <-> WEB-MISC L3retriever HTTP Probe (web-misc.rules, Medium)
1101 <-> WEB-MISC Webtrends HTTP probe (web-misc.rules, Medium)
1106 <-> WEB-CGI Poll-it access (web-cgi.rules, Medium)
1134 <-> WEB-PHP Phorum admin access (web-php.rules, Medium)
1149 <-> WEB-CGI count.cgi access (web-cgi.rules, Medium)
1161 <-> WEB-PHP piranha passwd.php3 access (web-php.rules, Medium)
1163 <-> WEB-CGI webdist.cgi access (web-cgi.rules, Medium)
1172 <-> WEB-CGI bigconf.cgi access (web-cgi.rules, Medium)
1174 <-> WEB-CGI /cgi-bin/jj access (web-cgi.rules, Medium)
1178 <-> WEB-PHP Phorum read access (web-php.rules, Medium)
1179 <-> WEB-PHP Phorum violation access (web-php.rules, Medium)
1185 <-> WEB-CGI bizdbsearch attempt (web-cgi.rules, High)
1194 <-> WEB-CGI sojourn.cgi File attempt (web-cgi.rules, High)
1195 <-> WEB-CGI sojourn.cgi access (web-cgi.rules, Medium)
1196 <-> WEB-CGI SGI InfoSearch fname attempt (web-cgi.rules, High)
1197 <-> WEB-PHP Phorum code access (web-php.rules, Medium)
1204 <-> WEB-CGI ax-admin.cgi access (web-cgi.rules, Medium)
1205 <-> WEB-CGI axs.cgi access (web-cgi.rules, Medium)
1206 <-> WEB-CGI cachemgr.cgi access (web-cgi.rules, Medium)
1208 <-> WEB-CGI responder.cgi access (web-cgi.rules, Medium)
1211 <-> WEB-CGI web-map.cgi access (web-cgi.rules, Medium)
1215 <-> WEB-CGI ministats admin access (web-cgi.rules, Medium)
1219 <-> WEB-CGI dfire.cgi access (web-cgi.rules, Medium)
1222 <-> WEB-CGI pals-cgi arbitrary file access attempt (web-cgi.rules, High)
1242 <-> WEB-IIS ISAPI .ida access (web-iis.rules, Medium)
1243 <-> WEB-IIS ISAPI .ida attempt (web-iis.rules, High)
1244 <-> WEB-IIS ISAPI .idq attempt (web-iis.rules, High)
1245 <-> WEB-IIS ISAPI .idq access (web-iis.rules, Medium)
1248 <-> WEB-FRONTPAGE rad fp30reg.dll access (web-frontpage.rules, Medium)
1249 <-> WEB-FRONTPAGE frontpage rad fp4areg.dll access (web-frontpage.rules, Medium)
1255 <-> WEB-PHP PHPLIB remote command attempt (web-php.rules, High)
1256 <-> WEB-IIS CodeRed v2 root.exe access (web-iis.rules, High)
1260 <-> WEB-MISC long basic authorization string (web-misc.rules, Medium)
1283 <-> WEB-IIS outlook web dos (web-iis.rules, High)
1285 <-> WEB-IIS msdac access (web-iis.rules, Medium)
1286 <-> WEB-IIS _mem_bin access (web-iis.rules, Medium)
1300 <-> WEB-PHP admin.php file upload attempt (web-php.rules, High)
1301 <-> WEB-PHP admin.php access (web-php.rules, Medium)
1304 <-> WEB-CGI txt2html.cgi access (web-cgi.rules, Medium)
1305 <-> WEB-CGI txt2html.cgi directory traversal attempt (web-cgi.rules, High)
1306 <-> WEB-CGI store.cgi product directory traversal attempt (web-cgi.rules, High)
1307 <-> WEB-CGI store.cgi access (web-cgi.rules, Medium)
1308 <-> WEB-CGI sendmessage.cgi access (web-cgi.rules, Medium)
1309 <-> WEB-CGI zsh access (web-cgi.rules, Medium)
1380 <-> WEB-IIS Form_VBScript.asp access (web-iis.rules, High)
1392 <-> WEB-CGI lastlines.cgi access (web-cgi.rules, Medium)
1395 <-> WEB-CGI zml.cgi attempt (web-cgi.rules, Medium)
1396 <-> WEB-CGI zml.cgi access (web-cgi.rules, Medium)
1397 <-> WEB-CGI wayboard attempt (web-cgi.rules, High)
1399 <-> WEB-PHP PHP-Nuke remote file include attempt (web-php.rules, High)
1400 <-> WEB-IIS /scripts/samples/ access (web-iis.rules, High)
1401 <-> WEB-IIS /msadc/samples/ access (web-iis.rules, High)
1402 <-> WEB-IIS iissamples access (web-iis.rules, High)
1405 <-> WEB-CGI AHG search.cgi access (web-cgi.rules, Medium)
1406 <-> WEB-CGI agora.cgi access (web-cgi.rules, Medium)
1407 <-> WEB-PHP smssend.php access (web-php.rules, Medium)
1410 <-> WEB-CGI dcboard.cgi access (web-cgi.rules, Medium)
1423 <-> WEB-PHP content-disposition memchr overflow (web-php.rules, High)
1425 <-> WEB-PHP content-disposition file upload attempt (web-php.rules, High)
1437 <-> MULTIMEDIA Windows Media download (multimedia.rules, High)
1451 <-> WEB-CGI NPH-maillist access (web-cgi.rules, Medium)
1452 <-> WEB-CGI args.cmd access (web-cgi.rules, Medium)
1453 <-> WEB-CGI AT-generated.cgi access (web-cgi.rules, Medium)
1454 <-> WEB-CGI wwwwais access (web-cgi.rules, Medium)
1455 <-> WEB-CGI calendar.pl access (web-cgi.rules, Medium)
1456 <-> WEB-CGI calender_admin.pl access (web-cgi.rules, Medium)
1457 <-> WEB-CGI user_update_admin.pl access (web-cgi.rules, Medium)
1458 <-> WEB-CGI user_update_passwd.pl access (web-cgi.rules, Medium)
1459 <-> WEB-CGI bb-histlog.sh access (web-cgi.rules, Medium)
1460 <-> WEB-CGI bb-histsvc.sh access (web-cgi.rules, Medium)
1461 <-> WEB-CGI bb-rep.sh access (web-cgi.rules, Medium)
1462 <-> WEB-CGI bb-replog.sh access (web-cgi.rules, Medium)
1465 <-> WEB-CGI auktion.cgi access (web-cgi.rules, Medium)
1466 <-> WEB-CGI cgiforum.pl access (web-cgi.rules, Medium)
1467 <-> WEB-CGI directorypro.cgi access (web-cgi.rules, Medium)
1468 <-> WEB-CGI Web Shopper shopper.cgi attempt (web-cgi.rules, High)
1469 <-> WEB-CGI Web Shopper shopper.cgi access (web-cgi.rules, Medium)
1470 <-> WEB-CGI listrec.pl access (web-cgi.rules, Medium)
1471 <-> WEB-CGI mailnews.cgi access (web-cgi.rules, Medium)
1472 <-> WEB-CGI book.cgi access (web-cgi.rules, Medium)
1473 <-> WEB-CGI newsdesk.cgi access (web-cgi.rules, Medium)
1474 <-> WEB-CGI cal_make.pl access (web-cgi.rules, Medium)
1475 <-> WEB-CGI mailit.pl access (web-cgi.rules, Medium)
1476 <-> WEB-CGI sdbsearch.cgi access (web-cgi.rules, Medium)
1478 <-> WEB-CGI swc access (web-cgi.rules, Medium)
1480 <-> WEB-CGI ttawebtop.cgi access (web-cgi.rules, Medium)
1481 <-> WEB-CGI upload.cgi access (web-cgi.rules, Medium)
1482 <-> WEB-CGI view_source access (web-cgi.rules, Medium)
1483 <-> WEB-CGI ustorekeeper.pl access (web-cgi.rules, Medium)
1485 <-> WEB-IIS mkilog.exe access (web-iis.rules, Medium)
1486 <-> WEB-IIS ctss.idc access (web-iis.rules, Medium)
1487 <-> WEB-IIS /iisadmpwd/aexp2.htr access (web-iis.rules, Medium)
1488 <-> WEB-CGI store.cgi directory traversal attempt (web-cgi.rules, High)
1490 <-> WEB-PHP Phorum /support/common.php attempt (web-php.rules, High)
1491 <-> WEB-PHP Phorum /support/common.php access (web-php.rules, High)
1494 <-> WEB-CGI SIX webboard generate.cgi attempt (web-cgi.rules, High)
1495 <-> WEB-CGI SIX webboard generate.cgi access (web-cgi.rules, Medium)
1496 <-> WEB-CGI spin_client.cgi access (web-cgi.rules, Medium)
1501 <-> WEB-CGI a1stats a1disp3.cgi directory traversal attempt (web-cgi.rules, High)
1502 <-> WEB-CGI a1stats a1disp3.cgi access (web-cgi.rules, Medium)
1503 <-> WEB-CGI admentor admin.asp access (web-cgi.rules, Medium)
1505 <-> WEB-CGI alchemy http server PRN arbitrary command execution attempt (web-cgi.rules, Medium)
1506 <-> WEB-CGI alchemy http server NUL arbitrary command execution attempt (web-cgi.rules, Medium)
1507 <-> WEB-CGI alibaba.pl arbitrary command execution attempt (web-cgi.rules, High)
1508 <-> WEB-CGI alibaba.pl access (web-cgi.rules, Medium)
1509 <-> WEB-CGI AltaVista Intranet Search directory traversal attempt (web-cgi.rules, High)
1510 <-> WEB-CGI test.bat arbitrary command execution attempt (web-cgi.rules, High)
1511 <-> WEB-CGI test.bat access (web-cgi.rules, Medium)
1512 <-> WEB-CGI input.bat arbitrary command execution attempt (web-cgi.rules, High)
1513 <-> WEB-CGI input.bat access (web-cgi.rules, Medium)
1514 <-> WEB-CGI input2.bat arbitrary command execution attempt (web-cgi.rules, High)
1515 <-> WEB-CGI input2.bat access (web-cgi.rules, Medium)
1516 <-> WEB-CGI envout.bat arbitrary command execution attempt (web-cgi.rules, High)
1517 <-> WEB-CGI envout.bat access (web-cgi.rules, Medium)
1531 <-> WEB-CGI bb-hist.sh attempt (web-cgi.rules, High)
1532 <-> WEB-CGI bb-hostscv.sh attempt (web-cgi.rules, High)
1533 <-> WEB-CGI bb-hostscv.sh access (web-cgi.rules, Medium)
1534 <-> WEB-CGI agora.cgi attempt (web-cgi.rules, High)
1535 <-> WEB-CGI bizdbsearch access (web-cgi.rules, Medium)
1536 <-> WEB-CGI calendar_admin.pl arbitrary command execution attempt (web-cgi.rules, High)
1537 <-> WEB-CGI calendar_admin.pl access (web-cgi.rules, Medium)
1539 <-> WEB-CGI /cgi-bin/ls access (web-cgi.rules, Medium)
1540 <-> WEB-COLDFUSION ?Mode=debug attempt (web-coldfusion.rules, Medium)
1542 <-> WEB-CGI cgimail access (web-cgi.rules, Medium)
1543 <-> WEB-CGI cgiwrap access (web-cgi.rules, Medium)
1547 <-> WEB-CGI csSearch.cgi arbitrary command execution attempt (web-cgi.rules, High)
1548 <-> WEB-CGI csSearch.cgi access (web-cgi.rules, Medium)
1554 <-> WEB-CGI dbman db.cgi access (web-cgi.rules, Medium)
1555 <-> WEB-CGI DCShop access (web-cgi.rules, Medium)
1556 <-> WEB-CGI DCShop orders.txt access (web-cgi.rules, Medium)
1557 <-> WEB-CGI DCShop auth_user_file.txt access (web-cgi.rules, Medium)
1565 <-> WEB-CGI eshop.pl arbitrary command execution attempt (web-cgi.rules, High)
1566 <-> WEB-CGI eshop.pl access (web-cgi.rules, Medium)
1567 <-> WEB-IIS /exchange/root.asp attempt (web-iis.rules, High)
1568 <-> WEB-IIS /exchange/root.asp access (web-iis.rules, Medium)
1569 <-> WEB-CGI loadpage.cgi directory traversal attempt (web-cgi.rules, High)
1570 <-> WEB-CGI loadpage.cgi access (web-cgi.rules, Medium)
1571 <-> WEB-CGI dcforum.cgi directory traversal attempt (web-cgi.rules, High)
1572 <-> WEB-CGI commerce.cgi arbitrary file access attempt (web-cgi.rules, Medium)
1573 <-> WEB-CGI cgiforum.pl attempt (web-cgi.rules, High)
1574 <-> WEB-CGI directorypro.cgi attempt (web-cgi.rules, High)
1590 <-> WEB-CGI faqmanager.cgi arbitrary file access attempt (web-cgi.rules, High)
1591 <-> WEB-CGI faqmanager.cgi access (web-cgi.rules, Medium)
1592 <-> WEB-CGI /fcgi-bin/echo.exe access (web-cgi.rules, Medium)
1593 <-> WEB-CGI FormHandler.cgi external site redirection attempt (web-cgi.rules, High)
1594 <-> WEB-CGI FormHandler.cgi access (web-cgi.rules, Medium)
1595 <-> WEB-IIS htimage.exe access (web-iis.rules, Medium)
1597 <-> WEB-CGI guestbook.cgi access (web-cgi.rules, Medium)
1598 <-> WEB-CGI Home Free search.cgi directory traversal attempt (web-cgi.rules, High)
1599 <-> WEB-CGI search.cgi access (web-cgi.rules, Medium)
1600 <-> WEB-CGI htsearch arbitrary configuration file attempt (web-cgi.rules, High)
1601 <-> WEB-CGI htsearch arbitrary file read attempt (web-cgi.rules, High)
1602 <-> WEB-CGI htsearch access (web-cgi.rules, Medium)
1606 <-> WEB-CGI icat access (web-cgi.rules, Medium)
1607 <-> WEB-CGI HyperSeek hsx.cgi access (web-cgi.rules, Medium)
1608 <-> WEB-CGI htmlscript attempt (web-cgi.rules, High)
1610 <-> WEB-CGI formmail arbitrary command execution attempt (web-cgi.rules, High)
1611 <-> WEB-CGI eXtropia webstore access (web-cgi.rules, Medium)
1617 <-> WEB-CGI Bugzilla doeditvotes.cgi access (web-cgi.rules, Medium)
1618 <-> WEB-IIS .asp chunked Transfer-Encoding (web-iis.rules, High)
1626 <-> WEB-IIS /StoreCSVS/InstantOrder.asmx request (web-iis.rules, Medium)
1628 <-> WEB-CGI FormHandler.cgi directory traversal attempt attempt (web-cgi.rules, High)
1637 <-> WEB-CGI yabb access (web-cgi.rules, Medium)
1642 <-> WEB-CGI document.d2w access (web-cgi.rules, Medium)
1643 <-> WEB-CGI db2www access (web-cgi.rules, Medium)
1644 <-> WEB-CGI test-cgi attempt (web-cgi.rules, High)
1645 <-> WEB-CGI testcgi access (web-cgi.rules, Medium)
1646 <-> WEB-CGI test.cgi access (web-cgi.rules, Medium)
1648 <-> WEB-CGI perl.exe command attempt (web-cgi.rules, Medium)
1649 <-> WEB-CGI perl command attempt (web-cgi.rules, Medium)
1650 <-> WEB-CGI tst.bat access (web-cgi.rules, Medium)
1651 <-> WEB-CGI environ.pl access (web-cgi.rules, Medium)
1652 <-> WEB-CGI campas attempt (web-cgi.rules, High)
1654 <-> WEB-CGI cart32.exe access (web-cgi.rules, Medium)
1655 <-> WEB-CGI pfdispaly.cgi arbitrary command execution attempt (web-cgi.rules, High)
1656 <-> WEB-CGI pfdispaly.cgi access (web-cgi.rules, Medium)
1657 <-> WEB-CGI pagelog.cgi directory traversal attempt (web-cgi.rules, Medium)
1658 <-> WEB-CGI pagelog.cgi access (web-cgi.rules, Medium)
1659 <-> WEB-COLDFUSION sendmail.cfm access (web-coldfusion.rules, Medium)
1660 <-> WEB-IIS trace.axd access (web-iis.rules, Medium)
1661 <-> WEB-IIS cmd32.exe access (web-iis.rules, High)
1668 <-> WEB-CGI /cgi-bin/ access (web-cgi.rules, High)
1669 <-> WEB-CGI /cgi-dos/ access (web-cgi.rules, High)
1700 <-> WEB-CGI imagemap.exe access (web-cgi.rules, Medium)
1701 <-> WEB-CGI calendar-admin.pl access (web-cgi.rules, Medium)
1702 <-> WEB-CGI Amaya templates sendtemp.pl access (web-cgi.rules, Medium)
1703 <-> WEB-CGI auktion.cgi directory traversal attempt (web-cgi.rules, High)
1704 <-> WEB-CGI cal_make.pl directory traversal attempt (web-cgi.rules, High)
1705 <-> WEB-CGI echo.bat arbitrary command execution attempt (web-cgi.rules, High)
1706 <-> WEB-CGI echo.bat access (web-cgi.rules, Medium)
1707 <-> WEB-CGI hello.bat arbitrary command execution attempt (web-cgi.rules, High)
1708 <-> WEB-CGI hello.bat access (web-cgi.rules, Medium)
1709 <-> WEB-CGI ad.cgi access (web-cgi.rules, Medium)
1710 <-> WEB-CGI bbs_forum.cgi access (web-cgi.rules, Medium)
1711 <-> WEB-CGI bsguest.cgi access (web-cgi.rules, Medium)
1712 <-> WEB-CGI bslist.cgi access (web-cgi.rules, Medium)
1713 <-> WEB-CGI cgforum.cgi access (web-cgi.rules, Medium)
1714 <-> WEB-CGI newdesk access (web-cgi.rules, Medium)
1715 <-> WEB-CGI register.cgi access (web-cgi.rules, Medium)
1716 <-> WEB-CGI gbook.cgi access (web-cgi.rules, Medium)
1717 <-> WEB-CGI simplestguest.cgi access (web-cgi.rules, Medium)
1718 <-> WEB-CGI statsconfig.pl access (web-cgi.rules, Medium)
1719 <-> WEB-CGI talkback.cgi directory traversal attempt (web-cgi.rules, High)
1720 <-> WEB-CGI talkback.cgi access (web-cgi.rules, Medium)
1721 <-> WEB-CGI adcycle access (web-cgi.rules, Medium)
1722 <-> WEB-CGI MachineInfo access (web-cgi.rules, Medium)
1723 <-> WEB-CGI emumail.cgi NULL attempt (web-cgi.rules, Medium)
1724 <-> WEB-CGI emumail.cgi access (web-cgi.rules, Medium)
1725 <-> WEB-IIS +.htr code fragment attempt (web-iis.rules, High)
1726 <-> WEB-IIS doctodep.btr access (web-iis.rules, Medium)
1727 <-> WEB-CGI SGI InfoSearch fname access (web-cgi.rules, Medium)
1730 <-> WEB-CGI ustorekeeper.pl directory traversal attempt (web-cgi.rules, High)
1731 <-> WEB-CGI a1stats access (web-cgi.rules, Medium)
1736 <-> WEB-PHP squirrel mail spell-check arbitrary command attempt (web-php.rules, High)
1737 <-> WEB-PHP squirrel mail theme arbitrary command attempt (web-php.rules, High)
1739 <-> WEB-PHP DNSTools administrator authentication bypass attempt (web-php.rules, High)
1740 <-> WEB-PHP DNSTools authentication bypass attempt (web-php.rules, High)
1741 <-> WEB-PHP DNSTools access (web-php.rules, Medium)
1742 <-> WEB-PHP Blahz-DNS dostuff.php modify user attempt (web-php.rules, High)
1743 <-> WEB-PHP Blahz-DNS dostuff.php access (web-php.rules, Medium)
1745 <-> WEB-PHP Messagerie supp_membre.php access (web-php.rules, Medium)
1750 <-> WEB-IIS users.xml access (web-iis.rules, Medium)
1753 <-> WEB-IIS as_web.exe access (web-iis.rules, Medium)
1754 <-> WEB-IIS as_web4.exe access (web-iis.rules, Medium)
1762 <-> WEB-CGI phf arbitrary command execution attempt (web-cgi.rules, High)
1763 <-> WEB-CGI Nortel Contivity cgiproc DOS attempt (web-cgi.rules, High)
1764 <-> WEB-CGI Nortel Contivity cgiproc DOS attempt (web-cgi.rules, High)
1765 <-> WEB-CGI Nortel Contivity cgiproc access (web-cgi.rules, Medium)
1772 <-> WEB-IIS pbserver access (web-iis.rules, Medium)
1773 <-> WEB-PHP php.exe access (web-php.rules, Medium)
1774 <-> WEB-PHP bb_smilies.php access (web-php.rules, Medium)
1787 <-> WEB-CGI csPassword.cgi access (web-cgi.rules, Medium)
1788 <-> WEB-CGI csPassword password.cgi.tmp access (web-cgi.rules, Medium)
1802 <-> WEB-IIS .asa HTTP header buffer overflow attempt (web-iis.rules, High)
1803 <-> WEB-IIS .cer HTTP header buffer overflow attempt (web-iis.rules, High)
1804 <-> WEB-IIS .cdx HTTP header buffer overflow attempt (web-iis.rules, High)
1805 <-> WEB-CGI Oracle reports CGI access (web-cgi.rules, Medium)
1806 <-> WEB-IIS .htr chunked Transfer-Encoding (web-iis.rules, High)
1807 <-> WEB-MISC Chunked-Encoding transfer attempt (web-misc.rules, High)
1815 <-> WEB-PHP directory.php arbitrary command attempt (web-php.rules, Medium)
1816 <-> WEB-PHP directory.php access (web-php.rules, Medium)
1817 <-> WEB-IIS MS Site Server default login attempt (web-iis.rules, High)
1818 <-> WEB-IIS MS Site Server admin attempt (web-iis.rules, High)
1822 <-> WEB-CGI alienform.cgi directory traversal attempt (web-cgi.rules, High)
1823 <-> WEB-CGI AlienForm af.cgi directory traversal attempt (web-cgi.rules, High)
1824 <-> WEB-CGI alienform.cgi access (web-cgi.rules, Medium)
1825 <-> WEB-CGI AlienForm af.cgi access (web-cgi.rules, Medium)
1834 <-> WEB-PHP PHP-Wiki cross site scripting attempt (web-php.rules, High)
1850 <-> WEB-CGI way-board.cgi access (web-cgi.rules, Medium)
1860 <-> WEB-MISC Linksys router default password login attempt (web-misc.rules, Medium)
1862 <-> WEB-CGI mrtg.cgi directory traversal attempt (web-cgi.rules, High)
1865 <-> WEB-CGI webdist.cgi arbitrary command attempt (web-cgi.rules, High)
1868 <-> WEB-CGI story.pl arbitrary file read attempt (web-cgi.rules, Medium)
1869 <-> WEB-CGI story.pl access (web-cgi.rules, Medium)
1870 <-> WEB-CGI siteUserMod.cgi access (web-cgi.rules, Medium)
1875 <-> WEB-CGI cgicso access (web-cgi.rules, Medium)
1876 <-> WEB-CGI nph-publish.cgi access (web-cgi.rules, Medium)
1877 <-> WEB-CGI printenv access (web-cgi.rules, Medium)
1878 <-> WEB-CGI sdbsearch.cgi access (web-cgi.rules, Medium)
1879 <-> WEB-CGI book.cgi arbitrary command execution attempt (web-cgi.rules, High)
1931 <-> WEB-CGI rpc-nlog.pl access (web-cgi.rules, Medium)
1932 <-> WEB-CGI rpc-smb.pl access (web-cgi.rules, Medium)
1933 <-> WEB-CGI cart.cgi access (web-cgi.rules, Medium)
1967 <-> WEB-PHP phpbb quick-reply.php arbitrary command attempt (web-php.rules, High)
1968 <-> WEB-PHP phpbb quick-reply.php access (web-php.rules, Medium)
1970 <-> WEB-IIS MDAC Content-Type overflow attempt (web-iis.rules, High)
1994 <-> WEB-CGI vpasswd.cgi access (web-cgi.rules, Medium)
1995 <-> WEB-CGI alya.cgi access (web-cgi.rules, Medium)
1996 <-> WEB-CGI viralator.cgi access (web-cgi.rules, Medium)
1997 <-> WEB-PHP read_body.php access attempt (web-php.rules, Medium)
1998 <-> WEB-PHP calendar.php access (web-php.rules, Medium)
1999 <-> WEB-PHP edit_image.php access (web-php.rules, Medium)
2000 <-> WEB-PHP readmsg.php access (web-php.rules, Medium)
2001 <-> WEB-CGI smartsearch.cgi access (web-cgi.rules, Medium)
2002 <-> WEB-PHP remote include path (web-php.rules, High)
2051 <-> WEB-CGI cached_feed.cgi moreover shopping cart access (web-cgi.rules, Medium)
2052 <-> WEB-CGI overflow.cgi access (web-cgi.rules, Medium)
2053 <-> WEB-CGI process_bug.cgi access (web-cgi.rules, Medium)
2054 <-> WEB-CGI enter_bug.cgi arbitrary command attempt (web-cgi.rules, High)
2055 <-> WEB-CGI enter_bug.cgi access (web-cgi.rules, Medium)
2074 <-> WEB-PHP Mambo uploadimage.php upload php file attempt (web-php.rules, High)
2075 <-> WEB-PHP Mambo upload.php upload php file attempt (web-php.rules, High)
2076 <-> WEB-PHP Mambo uploadimage.php access (web-php.rules, Medium)
2077 <-> WEB-PHP Mambo upload.php access (web-php.rules, Medium)
2078 <-> WEB-PHP phpBB privmsg.php access (web-php.rules, Medium)
2085 <-> WEB-CGI parse_xml.cgi access (web-cgi.rules, Medium)
2090 <-> WEB-IIS WEBDAV exploit attempt (web-iis.rules, High)
2116 <-> WEB-CGI chipcfg.cgi access (web-cgi.rules, Medium)
2117 <-> WEB-IIS Battleaxe Forum login.asp access (web-iis.rules, Medium)
2127 <-> WEB-CGI ikonboard.cgi access (web-cgi.rules, Medium)
2128 <-> WEB-CGI swsrv.cgi access (web-cgi.rules, Medium)
2129 <-> WEB-IIS nsiislog.dll access (web-iis.rules, Medium)
2130 <-> WEB-IIS IISProtect siteadmin.asp access (web-iis.rules, Medium)
2131 <-> WEB-IIS IISProtect access (web-iis.rules, Medium)
2132 <-> WEB-IIS Synchrologic Email Accelerator userid list access attempt (web-iis.rules, Medium)
2133 <-> WEB-IIS MS BizTalk server access (web-iis.rules, Medium)
2134 <-> WEB-IIS register.asp access (web-iis.rules, Medium)
2140 <-> WEB-PHP p-news.php access (web-php.rules, Medium)
2141 <-> WEB-PHP shoutbox.php directory traversal attempt (web-php.rules, High)
2142 <-> WEB-PHP shoutbox.php access (web-php.rules, Medium)
2143 <-> WEB-PHP b2 cafelog gm-2-b2.php remote file include attempt (web-php.rules, High)
2144 <-> WEB-PHP b2 cafelog gm-2-b2.php access (web-php.rules, Medium)
2145 <-> WEB-PHP TextPortal admin.php default password admin attempt (web-php.rules, Medium)
2146 <-> WEB-PHP TextPortal admin.php default password 12345 attempt (web-php.rules, Medium)
2147 <-> WEB-PHP BLNews objects.inc.php4 remote file include attempt (web-php.rules, High)
2148 <-> WEB-PHP BLNews objects.inc.php4 access (web-php.rules, Medium)
2149 <-> WEB-PHP Turba status.php access (web-php.rules, Medium)
2150 <-> WEB-PHP ttCMS header.php remote file include attempt (web-php.rules, High)
2151 <-> WEB-PHP ttCMS header.php access (web-php.rules, Medium)
2152 <-> WEB-PHP test.php access (web-php.rules, Medium)
2153 <-> WEB-PHP autohtml.php directory traversal attempt (web-php.rules, High)
2154 <-> WEB-PHP autohtml.php access (web-php.rules, Medium)
2155 <-> WEB-PHP ttforum remote file include attempt (web-php.rules, High)
2157 <-> WEB-IIS IISProtect globaladmin.asp access (web-iis.rules, Medium)
2194 <-> WEB-CGI CSMailto.cgi access (web-cgi.rules, Medium)
2195 <-> WEB-CGI alert.cgi access (web-cgi.rules, Medium)
2196 <-> WEB-CGI catgy.cgi access (web-cgi.rules, Medium)
2197 <-> WEB-CGI cvsview2.cgi access (web-cgi.rules, Medium)
2198 <-> WEB-CGI cvslog.cgi access (web-cgi.rules, Medium)
2199 <-> WEB-CGI multidiff.cgi access (web-cgi.rules, Medium)
2200 <-> WEB-CGI dnewsweb.cgi access (web-cgi.rules, Medium)
2201 <-> WEB-CGI download.cgi access (web-cgi.rules, Medium)
2202 <-> WEB-CGI edit_action.cgi access (web-cgi.rules, Medium)
2203 <-> WEB-CGI everythingform.cgi access (web-cgi.rules, Medium)
2204 <-> WEB-CGI ezadmin.cgi access (web-cgi.rules, Medium)
2205 <-> WEB-CGI ezboard.cgi access (web-cgi.rules, Medium)
2206 <-> WEB-CGI ezman.cgi access (web-cgi.rules, Medium)
2207 <-> WEB-CGI fileseek.cgi access (web-cgi.rules, Medium)
2208 <-> WEB-CGI fom.cgi access (web-cgi.rules, Medium)
2209 <-> WEB-CGI getdoc.cgi access (web-cgi.rules, Medium)
2210 <-> WEB-CGI global.cgi access (web-cgi.rules, Medium)
2211 <-> WEB-CGI guestserver.cgi access (web-cgi.rules, Medium)
2212 <-> WEB-CGI imageFolio.cgi access (web-cgi.rules, Medium)
2213 <-> WEB-CGI mailfile.cgi access (web-cgi.rules, Medium)
2214 <-> WEB-CGI mailview.cgi access (web-cgi.rules, Medium)
2215 <-> WEB-CGI nsManager.cgi access (web-cgi.rules, Medium)
2216 <-> WEB-CGI readmail.cgi access (web-cgi.rules, Medium)
2217 <-> WEB-CGI printmail.cgi access (web-cgi.rules, Medium)
2218 <-> WEB-CGI service.cgi access (web-cgi.rules, Medium)
2219 <-> WEB-CGI setpasswd.cgi access (web-cgi.rules, Medium)
2220 <-> WEB-CGI simplestmail.cgi access (web-cgi.rules, Medium)
2221 <-> WEB-CGI ws_mail.cgi access (web-cgi.rules, Medium)
2222 <-> WEB-CGI nph-exploitscanget.cgi access (web-cgi.rules, Medium)
2223 <-> WEB-CGI csNews.cgi access (web-cgi.rules, Medium)
2224 <-> WEB-CGI psunami.cgi access (web-cgi.rules, Medium)
2225 <-> WEB-CGI gozila.cgi access (web-cgi.rules, Medium)
2226 <-> WEB-PHP pmachine remote file include attempt (web-php.rules, High)
2227 <-> WEB-PHP forum_details.php access (web-php.rules, High)
2228 <-> WEB-PHP phpMyAdmin db_details_importdocsql.php access (web-php.rules, High)
2229 <-> WEB-PHP viewtopic.php access (web-php.rules, High)
2230 <-> WEB-MISC NetGear router default password login attempt admin/password (web-misc.rules, Medium)
2247 <-> WEB-IIS UploadScript11.asp access (web-iis.rules, Medium)
2248 <-> WEB-IIS DirectoryListing.asp access (web-iis.rules, Medium)
2249 <-> WEB-IIS /pcadmin/login.asp access (web-iis.rules, Medium)
2278 <-> WEB-MISC client negative Content-Length attempt (web-misc.rules, Medium)
2279 <-> WEB-PHP UpdateClasses.php access (web-php.rules, Medium)
2280 <-> WEB-PHP Title.php access (web-php.rules, Medium)
2281 <-> WEB-PHP Setup.php access (web-php.rules, Medium)
2282 <-> WEB-PHP GlobalFunctions.php access (web-php.rules, Medium)
2283 <-> WEB-PHP DatabaseFunctions.php access (web-php.rules, Medium)
2284 <-> WEB-PHP rolis guestbook remote file include attempt (web-php.rules, High)
2285 <-> WEB-PHP rolis guestbook access (web-php.rules, Medium)
2286 <-> WEB-PHP friends.php access (web-php.rules, Medium)
2287 <-> WEB-PHP Advanced Poll admin_comment.php access (web-php.rules, Medium)
2288 <-> WEB-PHP Advanced Poll admin_edit.php access (web-php.rules, Medium)
2289 <-> WEB-PHP Advanced Poll admin_embed.php access (web-php.rules, Medium)
2290 <-> WEB-PHP Advanced Poll admin_help.php access (web-php.rules, Medium)
2291 <-> WEB-PHP Advanced Poll admin_license.php access (web-php.rules, Medium)
2292 <-> WEB-PHP Advanced Poll admin_logout.php access (web-php.rules, Medium)
2293 <-> WEB-PHP Advanced Poll admin_password.php access (web-php.rules, Medium)
2294 <-> WEB-PHP Advanced Poll admin_preview.php access (web-php.rules, Medium)
2295 <-> WEB-PHP Advanced Poll admin_settings.php access (web-php.rules, Medium)
2296 <-> WEB-PHP Advanced Poll admin_stats.php access (web-php.rules, Medium)
2297 <-> WEB-PHP Advanced Poll admin_templates_misc.php access (web-php.rules, Medium)
2298 <-> WEB-PHP Advanced Poll admin_templates.php access (web-php.rules, Medium)
2299 <-> WEB-PHP Advanced Poll admin_tpl_misc_new.php access (web-php.rules, Medium)
2300 <-> WEB-PHP Advanced Poll admin_tpl_new.php access (web-php.rules, Medium)
2301 <-> WEB-PHP Advanced Poll booth.php access (web-php.rules, Medium)
2302 <-> WEB-PHP Advanced Poll poll_ssi.php access (web-php.rules, Medium)
2303 <-> WEB-PHP Advanced Poll popup.php access (web-php.rules, Medium)
2304 <-> WEB-PHP files.inc.php access (web-php.rules, Medium)
2305 <-> WEB-PHP chatbox.php access (web-php.rules, Medium)
2306 <-> WEB-PHP gallery remote file include attempt (web-php.rules, High)
2307 <-> WEB-PHP PayPal Storefront remote file include attempt (web-php.rules, High)
2321 <-> WEB-IIS foxweb.exe access (web-iis.rules, Medium)
2322 <-> WEB-IIS foxweb.dll access (web-iis.rules, Medium)
2323 <-> WEB-CGI quickstore.cgi access (web-cgi.rules, Medium)
2324 <-> WEB-IIS VP-ASP shopsearch.asp access (web-iis.rules, Medium)
2325 <-> WEB-IIS VP-ASP ShopDisplayProducts.asp access (web-iis.rules, Medium)
2326 <-> WEB-IIS sgdynamo.exe access (web-iis.rules, Medium)
2328 <-> WEB-PHP authentication_index.php access (web-php.rules, Medium)
2331 <-> WEB-PHP MatrikzGB privilege escalation attempt (web-php.rules, Medium)
2341 <-> WEB-PHP DCP-Portal remote file include editor script attempt (web-php.rules, High)
2342 <-> WEB-PHP DCP-Portal remote file include lib script attempt (web-php.rules, High)
2345 <-> WEB-PHP PhpGedView search.php access (web-php.rules, Medium)
2346 <-> WEB-PHP myPHPNuke chatheader.php access (web-php.rules, Medium)
2347 <-> WEB-PHP myPHPNuke partner.php access (web-php.rules, Medium)
2353 <-> WEB-PHP IdeaBox cord.php file include (web-php.rules, Medium)
2354 <-> WEB-PHP IdeaBox notification.php file include (web-php.rules, Medium)
2355 <-> WEB-PHP Invision Board emailer.php file include (web-php.rules, Medium)
2356 <-> WEB-PHP WebChat db_mysql.php file include (web-php.rules, High)
2357 <-> WEB-PHP WebChat english.php file include (web-php.rules, High)
2358 <-> WEB-PHP Typo3 translations.php file include (web-php.rules, High)
2359 <-> WEB-PHP Invision Board ipchat.php file include (web-php.rules, High)
2360 <-> WEB-PHP myphpPagetool pt_config.inc file include (web-php.rules, High)
2361 <-> WEB-PHP news.php file include (web-php.rules, High)
2362 <-> WEB-PHP YaBB SE packages.php file include (web-php.rules, High)
2363 <-> WEB-PHP Cyboards default_header.php access (web-php.rules, Medium)
2364 <-> WEB-PHP Cyboards options_form.php access (web-php.rules, Medium)
2365 <-> WEB-PHP newsPHP Language file include attempt (web-php.rules, Medium)
2366 <-> WEB-PHP PhpGedView PGV authentication_index.php base directory manipulation attempt (web-php.rules, High)
2367 <-> WEB-PHP PhpGedView PGV functions.php base directory manipulation attempt (web-php.rules, High)
2368 <-> WEB-PHP PhpGedView PGV config_gedcom.php base directory manipulation attempt (web-php.rules, High)
2372 <-> WEB-PHP Photopost PHP Pro showphoto.php access (web-php.rules, Medium)
2386 <-> WEB-IIS NTLM ASN1 vulnerability scan attempt (web-iis.rules, Medium)
2387 <-> WEB-CGI view_broadcast.cgi access (web-cgi.rules, Medium)
2388 <-> WEB-CGI streaming server view_broadcast.cgi access (web-cgi.rules, Medium)
2393 <-> WEB-PHP /_admin access (web-php.rules, Medium)
2396 <-> WEB-CGI CCBill whereami.cgi arbitrary command execution attempt (web-cgi.rules, High)
2397 <-> WEB-CGI CCBill whereami.cgi access (web-cgi.rules, Medium)
2398 <-> WEB-PHP WAnewsletter newsletter.php file include attempt (web-php.rules, High)
2399 <-> WEB-PHP WAnewsletter db_type.php access (web-php.rules, Medium)
2405 <-> WEB-PHP phptest.php access (web-php.rules, Medium)
2410 <-> WEB-PHP IGeneric Free Shopping Cart page.php access (web-php.rules, Medium)
2419 <-> MULTIMEDIA realplayer .ram playlist download attempt (multimedia.rules, Low)
2420 <-> MULTIMEDIA realplayer .rmp playlist download attempt (multimedia.rules, Low)
2421 <-> MULTIMEDIA realplayer .smi playlist download attempt (multimedia.rules, Low)
2422 <-> MULTIMEDIA realplayer .rt playlist download attempt (multimedia.rules, Low)
2423 <-> MULTIMEDIA realplayer .rp playlist download attempt (multimedia.rules, Low)
2441 <-> WEB-MISC NetObserve authentication bypass attempt (web-misc.rules, High)
2547 <-> MISC HP Web JetAdmin remote file upload attempt (misc.rules, Medium)
2565 <-> WEB-PHP modules.php access (web-php.rules, Medium)
2566 <-> WEB-PHP PHPBB viewforum.php access (web-php.rules, Medium)
2567 <-> WEB-CGI Emumail init.emu access (web-cgi.rules, Medium)
2568 <-> WEB-CGI Emumail emumail.fcgi access (web-cgi.rules, Medium)
2571 <-> WEB-IIS SmarterTools SmarterMail frmGetAttachment.aspx access (web-iis.rules, Medium)
2572 <-> WEB-IIS SmarterTools SmarterMail login.aspx buffer overflow attempt (web-iis.rules, High)
2573 <-> WEB-IIS SmarterTools SmarterMail frmCompose.asp access (web-iis.rules, Medium)
2575 <-> WEB-PHP Opt-X header.php remote file include attempt (web-php.rules, High)
2577 <-> WEB-CLIENT local resource redirection attempt (web-client.rules, High)
2588 <-> WEB-PHP TUTOS path disclosure attempt (web-php.rules, Medium)
2589 <-> WEB-CLIENT Content-Disposition CLSID command attempt (web-client.rules, High)
2597 <-> WEB-MISC Samba SWAT Authorization overflow attempt (web-misc.rules, High)
2654 <-> WEB-PHP PHPNuke Forum viewtopic SQL insertion attempt (web-php.rules, High)
2663 <-> WEB-CGI WhatsUpGold instancename overflow attempt (web-cgi.rules, High)
2667 <-> WEB-IIS ping.asp access (web-iis.rules, Medium)
2668 <-> WEB-CGI processit access (web-cgi.rules, Medium)
2669 <-> WEB-CGI ibillpm.pl access (web-cgi.rules, Medium)
2670 <-> WEB-CGI pgpmail.pl access (web-cgi.rules, Medium)
2671 <-> WEB-CLIENT bitmap BitmapOffset integer overflow attempt (web-client.rules, High)
2705 <-> WEB-CLIENT JPEG parser heap overflow attempt (web-client.rules, High)
2926 <-> WEB-PHP PhpGedView PGV base directory manipulation (web-php.rules, High)
3062 <-> WEB-CGI NetScreen SA 5000 delhomepage.cgi access (web-cgi.rules, Medium)
3087 <-> WEB-IIS w3who.dll buffer overflow attempt (web-iis.rules, High)
3131 <-> WEB-CGI mailman directory traversal attempt (web-cgi.rules, High)
3150 <-> WEB-IIS SQLXML content type overflow (web-iis.rules, High)
3192 <-> WEB-CLIENT Windows Media Player directory traversal via Content-Disposition attempt (web-client.rules, High)
3193 <-> WEB-IIS .cmd executable file parsing attack (web-iis.rules, High)
3194 <-> WEB-IIS .bat executable file parsing attack (web-iis.rules, High)
3201 <-> WEB-IIS httpodbc.dll access - nimda (web-iis.rules, Medium)
3463 <-> WEB-CGI awstats access (web-cgi.rules, Medium)
3464 <-> WEB-CGI awstats.pl command execution attempt (web-cgi.rules, High)
3465 <-> WEB-CGI RiSearch show.pl proxy attempt (web-cgi.rules, Medium)
3466 <-> WEB-MISC Authorization Basic overflow attempt (web-misc.rules, High)
3468 <-> WEB-CGI math_sum.mscgi access (web-cgi.rules, Medium)
3469 <-> WEB-CGI Ipswitch WhatsUp Gold dos attempt (web-cgi.rules, Medium)
3534 <-> WEB-CLIENT Mozilla GIF single packet heap overflow - NETSCAPE2.0 (web-client.rules, High)
3535 <-> WEB-CLIENT GIF transfer (web-client.rules, Low)
3632 <-> WEB-CLIENT Bitmap width integer overflow attempt (web-client.rules, High)
3638 <-> WEB-CGI SoftCart.exe CGI buffer overflow attempt (web-cgi.rules, High)
3674 <-> WEB-CGI db4web_c directory traversal attempt (web-cgi.rules, High)
3683 <-> WEB-CLIENT spoofed MIME-Type auto-execution attempt (web-client.rules, High)
3690 <-> WEB-CGI Nucleus CMS action.php itemid SQL injection (web-cgi.rules, Medium)
3694 <-> WEB-MISC Squid content length cache poisoning attempt (web-misc.rules, Medium)
3813 <-> WEB-CGI awstats.pl configdir command execution attempt (web-cgi.rules, High)
3819 <-> WEB-CLIENT multipacket CHM file transfer start (web-client.rules, Low)
3821 <-> WEB-CLIENT CHM file transfer attempt (web-client.rules, High)
3827 <-> WEB-PHP xmlrpc.php post attempt (web-php.rules, High)
4128 <-> WEB-CGI 4DWebstar ShellExample.cgi information disclosure (web-cgi.rules, Medium)
4135 <-> WEB-CLIENT IE JPEG heap overflow single packet attempt (web-client.rules, Medium)
4194 <-> WEB-CLIENT multipacket CBO CBL CBM file transfer start (web-client.rules, Low)
4196 <-> WEB-CLIENT CBO CBL CBM file transfer attempt (web-client.rules, High)
4678 <-> WEB-CLIENT quicktime movie file transfer (web-client.rules, Low)
4680 <-> WEB-CLIENT quicktime movie file component name integer overflow attempt (web-client.rules, High)
5695 <-> WEB-IIS web agent redirect overflow attempt (web-iis.rules, High)
5709 <-> WEB-PHP file upload directory traversal (web-php.rules, Medium)
5743 <-> SPYWARE-PUT Hijacker actualnames runtime detection - plugin list (spyware-put.rules, Low)
5744 <-> SPYWARE-PUT Hijacker actualnames runtime detection - online.php request (spyware-put.rules, Low)
5745 <-> SPYWARE-PUT Hijacker adultlinks runtime detection - redirect (spyware-put.rules, Low)
5746 <-> SPYWARE-PUT Hijacker adultlinks runtime detection - load url (spyware-put.rules, Low)
5747 <-> SPYWARE-PUT Hijacker adultlinks runtime detection - log hits (spyware-put.rules, Low)
5748 <-> SPYWARE-PUT Hijacker adultlinks runtime detection - ads (spyware-put.rules, Low)
5751 <-> SPYWARE-PUT Adware exactsearch runtime detection - switch search engine 1 (spyware-put.rules, Low)
5752 <-> SPYWARE-PUT Adware exactsearch runtime detection - switch search engine 2 (spyware-put.rules, Low)
5753 <-> SPYWARE-PUT Adware exactsearch runtime detection - topsearches (spyware-put.rules, Low)
5754 <-> SPYWARE-PUT Hijacker ezcybersearch runtime detection - ie auto search hijack (spyware-put.rules, Low)
5755 <-> SPYWARE-PUT Hijacker ezcybersearch runtime detection - check update (spyware-put.rules, Low)
5756 <-> SPYWARE-PUT Hijacker ezcybersearch runtime detection - add coolsites to ie favorites (spyware-put.rules, Low)
5757 <-> SPYWARE-PUT Hijacker ezcybersearch runtime detection - check toolbar setting (spyware-put.rules, Low)
5758 <-> SPYWARE-PUT Hijacker ezcybersearch runtime detection - download fastclick pop-under code (spyware-put.rules, Low)
5761 <-> SPYWARE-PUT Trickler bearshare runtime detection - ads popup (spyware-put.rules, Low)
5762 <-> SPYWARE-PUT Trickler bearshare runtime detection - p2p information request (spyware-put.rules, Low)
5763 <-> SPYWARE-PUT Trickler bearshare runtime detection - chat request (spyware-put.rules, Low)
5764 <-> SPYWARE-PUT Hijacker begin2search runtime detection - fcgi query (spyware-put.rules, Low)
5765 <-> SPYWARE-PUT Hijacker begin2search runtime detection - ico query (spyware-put.rules, Low)
5766 <-> SPYWARE-PUT Hijacker begin2search runtime detection - install spyware trafficsector (spyware-put.rules, Low)
5767 <-> SPYWARE-PUT Hijacker begin2search runtime detection - download unauthorized code (spyware-put.rules, Low)
5768 <-> SPYWARE-PUT Hijacker begin2search runtime detection - pass information (spyware-put.rules, Low)
5769 <-> SPYWARE-PUT Hijacker begin2search runtime detection - play bingo ads (spyware-put.rules, Low)
5770 <-> SPYWARE-PUT Snoopware casinoonnet runtime detection (spyware-put.rules, Medium)
5774 <-> SPYWARE-PUT Hijacker freescratch runtime detection - get card (spyware-put.rules, Low)
5775 <-> SPYWARE-PUT Hijacker freescratch runtime detection - scratch card (spyware-put.rules, Low)
5785 <-> SPYWARE-PUT Adware hithopper runtime detection - get xml setting (spyware-put.rules, Low)
5786 <-> SPYWARE-PUT Adware hithopper runtime detection - redirect (spyware-put.rules, Low)
5787 <-> SPYWARE-PUT Adware hithopper runtime detection - search (spyware-put.rules, Low)
5788 <-> SPYWARE-PUT Adware hithopper runtime detection - click toolbar buttons (spyware-put.rules, Low)
5789 <-> SPYWARE-PUT keylogger pc actmon pro runtime detection - http (spyware-put.rules, Medium)
5791 <-> SPYWARE-PUT Dialer pluginaccess runtime detection - get pin (spyware-put.rules, Low)
5792 <-> SPYWARE-PUT Dialer pluginaccess runtime detection - active proxy (spyware-put.rules, Low)
5793 <-> SPYWARE-PUT Dialer pluginaccess runtime detection - redirect (spyware-put.rules, Low)
5794 <-> SPYWARE-PUT Hijacker coolwebsearch.aboutblank variant runtime detection (spyware-put.rules, Low)
5795 <-> SPYWARE-PUT Adware ist powerscan runtime detection (spyware-put.rules, Low)
5796 <-> SPYWARE-PUT Adware keenvalue runtime detection (spyware-put.rules, Low)
5798 <-> SPYWARE-PUT Adware mydailyhoroscope runtime detection (spyware-put.rules, Low)
5800 <-> SPYWARE-PUT Trackware myway speedbar runtime detection - request config (spyware-put.rules, Medium)
5801 <-> SPYWARE-PUT Trackware myway speedbar / mywebsearch toolbar runtime detection - track activity 1 (spyware-put.rules, Medium)
5802 <-> SPYWARE-PUT Trackware myway speedbar / mywebsearch toolbar runtime detection - track activity 2 (spyware-put.rules, Medium)
5803 <-> SPYWARE-PUT Trackware myway speedbar / mywebsearch toolbar runtime detection - collect information (spyware-put.rules, Medium)
5805 <-> SPYWARE-PUT Trackware myway speedbar runtime detection - switch engines (spyware-put.rules, Medium)
5808 <-> SPYWARE-PUT Hijacker shop at home search merchant redirect check (spyware-put.rules, Low)
5809 <-> SPYWARE-PUT Hijacker shop at home select merchant redirect in progress (spyware-put.rules, Low)
5810 <-> SPYWARE-PUT Hijacker shop at home select installation in progress (spyware-put.rules, Low)
5825 <-> SPYWARE-PUT Adware broadcasturban tuner runtime detection - start tuner (spyware-put.rules, Low)
5826 <-> SPYWARE-PUT Adware broadcasturban tuner runtime detection - pass user info to server (spyware-put.rules, Low)
5827 <-> SPYWARE-PUT Adware broadcasturban tuner runtime detection - get gateway (spyware-put.rules, Low)
5828 <-> SPYWARE-PUT Adware broadcasturban tuner runtime detection - connect to station (spyware-put.rules, Low)
5829 <-> SPYWARE-PUT Trickler clipgenie runtime detection (spyware-put.rules, Low)
5831 <-> DELETED SPYWARE-PUT Hijacker comet systems runtime detection - update requests (deleted.rules, Low)
5834 <-> SPYWARE-PUT Trickler conscorr runtime detection (spyware-put.rules, Low)
5836 <-> SPYWARE-PUT Trickler nictech.bm2 runtime detection (spyware-put.rules, Low)
5839 <-> SPYWARE-PUT Trackware ucmore runtime detection - click sponsor/ad link (spyware-put.rules, Medium)
5840 <-> SPYWARE-PUT Hijacker sep runtime detection (spyware-put.rules, Low)
5841 <-> SPYWARE-PUT Trickler minibug runtime detection - retrieve weather information (spyware-put.rules, Low)
5842 <-> SPYWARE-PUT Trickler minibug runtime detection - ads (spyware-put.rules, Low)
5843 <-> SPYWARE-PUT Hijacker surfsidekick runtime detection - hijack ie auto search (spyware-put.rules, Low)
5845 <-> SPYWARE-PUT Hijacker surfsidekick runtime detection - update request (spyware-put.rules, Low)
5846 <-> SPYWARE-PUT Trickler VX2/DLmax/BestOffers/Aurora runtime detection (spyware-put.rules, Low)
5847 <-> SPYWARE-PUT Adware warez_p2p runtime detection - p2p client home (spyware-put.rules, Low)
5848 <-> SPYWARE-PUT Adware warez_p2p runtime detection - ip.php request (spyware-put.rules, Low)
5849 <-> SPYWARE-PUT Adware warez_p2p runtime detection - update request (spyware-put.rules, Low)
5850 <-> SPYWARE-PUT Adware warez_p2p runtime detection - check update (spyware-put.rules, Low)
5852 <-> SPYWARE-PUT Adware warez_p2p runtime detection - cache.dat request (spyware-put.rules, Low)
5853 <-> SPYWARE-PUT Adware warez_p2p runtime detection - download ads (spyware-put.rules, Low)
5854 <-> SPYWARE-PUT Adware warez_p2p runtime detection - pass user information (spyware-put.rules, Low)
5855 <-> SPYWARE-PUT Hijacker funbuddyicons runtime detection - request config (spyware-put.rules, Low)
5857 <-> SPYWARE-PUT Hijacker funbuddyicons runtime detection - mysaconfg request (spyware-put.rules, Low)
5858 <-> SPYWARE-PUT Adware praizetoolbar runtime detection (spyware-put.rules, Low)
5859 <-> SPYWARE-PUT Hijacker daosearch runtime detection - information request (spyware-put.rules, Low)
5860 <-> SPYWARE-PUT Hijacker daosearch runtime detection - search hijack (spyware-put.rules, Low)
5861 <-> SPYWARE-PUT Hijacker isearch runtime detection - toolbar information request (spyware-put.rules, Low)
5862 <-> SPYWARE-PUT Hijacker isearch runtime detection - search hijack 1 (spyware-put.rules, Low)
5863 <-> SPYWARE-PUT Hijacker isearch runtime detection - search hijack 2 (spyware-put.rules, Low)
5864 <-> SPYWARE-PUT Hijacker isearch runtime detection - search in toolbar (spyware-put.rules, Low)
5865 <-> SPYWARE-PUT Adware zapspot runtime detection - pop up ads (spyware-put.rules, Low)
5866 <-> SPYWARE-PUT Hijacker couponbar runtime detection - download new coupon offers and links (spyware-put.rules, Low)
5867 <-> SPYWARE-PUT Hijacker couponbar runtime detection - get updates to toolbar buttons (spyware-put.rules, Low)
5868 <-> SPYWARE-PUT Hijacker couponbar runtime detection - view coupon offers (spyware-put.rules, Low)
5872 <-> SPYWARE-PUT Snoopware hyperlinker runtime detection (spyware-put.rules, Medium)
5883 <-> SPYWARE-PUT Other-Technologies saria 1.0 runtime detection - send user information (spyware-put.rules, Low)
5884 <-> SPYWARE-PUT Hijacker copernic meta toolbar runtime detection - check toolbar & category info (spyware-put.rules, Low)
5885 <-> SPYWARE-PUT Hijacker copernic meta toolbar runtime detection - ie autosearch & search assistant hijack (spyware-put.rules, Low)
5886 <-> SPYWARE-PUT Hijacker copernic meta toolbar runtime detection - pass info to server (spyware-put.rules, Low)
5887 <-> SPYWARE-PUT Hijacker shopnav runtime detection - ie search assistant hijack (spyware-put.rules, Low)
5888 <-> SPYWARE-PUT Hijacker shopnav runtime detection - ie auto search hijack (spyware-put.rules, Low)
5889 <-> SPYWARE-PUT Hijacker shopnav runtime detection - collect information (spyware-put.rules, Low)
5890 <-> SPYWARE-PUT Hijacker shopnav runtime detection - self-update request 1 (spyware-put.rules, Low)
5892 <-> SPYWARE-PUT Trackware wordiq toolbar runtime detection - get link info (spyware-put.rules, Medium)
5893 <-> SPYWARE-PUT Trackware wordiq toolbar runtime detection - search keyword (spyware-put.rules, Medium)
5899 <-> SPYWARE-PUT Trackware adtools-screenmate runtime detection - generate desktop alert (spyware-put.rules, Medium)
5901 <-> SPYWARE-PUT Trackware adtools-communicator runtime detection - download self-update (spyware-put.rules, Medium)
5902 <-> SPYWARE-PUT Adware download accelerator plus runtime detection - startup (spyware-put.rules, Low)
5903 <-> SPYWARE-PUT Adware download accelerator plus runtime detection - get ads (spyware-put.rules, Low)
5904 <-> SPYWARE-PUT Adware download accelerator plus runtime detection - download files (spyware-put.rules, Low)
5905 <-> SPYWARE-PUT Adware download accelerator plus runtime detection - games center request (spyware-put.rules, Low)
5906 <-> SPYWARE-PUT Adware download accelerator plus runtime detection - update (spyware-put.rules, Low)
5907 <-> SPYWARE-PUT Trackware e2give runtime detection - check update (spyware-put.rules, Medium)
5908 <-> SPYWARE-PUT Trackware e2give runtime detection - redirect affiliate site request 1 (spyware-put.rules, Medium)
5909 <-> SPYWARE-PUT Trackware e2give runtime detection - redirect affiliate site request 2 (spyware-put.rules, Medium)
5911 <-> SPYWARE-PUT Adware smartpops runtime detection (spyware-put.rules, Low)
5914 <-> SPYWARE-PUT Hijacker locatorstoolbar runtime detection - configuration download (spyware-put.rules, Low)
5915 <-> SPYWARE-PUT Hijacker locatorstoolbar runtime detection - autosearch hijack (spyware-put.rules, Low)
5916 <-> SPYWARE-PUT Hijacker locatorstoolbar runtime detection - sidebar search (spyware-put.rules, Low)
5917 <-> SPYWARE-PUT Hijacker locatorstoolbar runtime detection - toolbar search (spyware-put.rules, Low)
5919 <-> SPYWARE-PUT Hijacker painter runtime detection - redirect to klikvipsearch (spyware-put.rules, Low)
5920 <-> SPYWARE-PUT Hijacker painter runtime detection - redirect yahoo search through online-casino-searcher (spyware-put.rules, Low)
5921 <-> SPYWARE-PUT Trackware fftoolbar toolbar runtime detection - send user url request (spyware-put.rules, Medium)
5922 <-> SPYWARE-PUT Trackware fftoolbar toolbar runtime detection - display advertisement news (spyware-put.rules, Medium)
5923 <-> SPYWARE-PUT Adware active shopper runtime detection - side search request (spyware-put.rules, Low)
5924 <-> SPYWARE-PUT Adware active shopper runtime detection - redirect (spyware-put.rules, Low)
5925 <-> SPYWARE-PUT Adware active shopper runtime detection - check (spyware-put.rules, Low)
5926 <-> SPYWARE-PUT Adware active shopper runtime detection - collect information (spyware-put.rules, Low)
5927 <-> SPYWARE-PUT Adware cashbar runtime detection - .smx requests (spyware-put.rules, Low)
5928 <-> SPYWARE-PUT Adware cashbar runtime detection - ads request (spyware-put.rules, Low)
5929 <-> SPYWARE-PUT Adware cashbar runtime detection - pop-up ad 1 (spyware-put.rules, Low)
5930 <-> SPYWARE-PUT Adware cashbar runtime detection - pop-up ad 2 (spyware-put.rules, Low)
5932 <-> SPYWARE-PUT Adware cashbar runtime detection - stats track (spyware-put.rules, Low)
5933 <-> SPYWARE-PUT Hijacker dropspam runtime detection - search request 1 (spyware-put.rules, Low)
5934 <-> SPYWARE-PUT Hijacker dropspam runtime detection - search request 2 (spyware-put.rules, Low)
5936 <-> SPYWARE-PUT Hijacker dropspam runtime detection - side search (spyware-put.rules, Low)
5937 <-> SPYWARE-PUT Hijacker dropspam runtime detection - pass information to its controlling server (spyware-put.rules, Low)
5938 <-> SPYWARE-PUT Hijacker dropspam runtime detection - third party information collection (spyware-put.rules, Low)
5939 <-> SPYWARE-PUT Trackware supreme toolbar runtime detection - get cfg (spyware-put.rules, Medium)
5940 <-> SPYWARE-PUT Trackware supreme toolbar runtime detection - search request (spyware-put.rules, Medium)
5941 <-> SPYWARE-PUT Trackware supreme toolbar runtime detection - track (spyware-put.rules, Medium)
5942 <-> SPYWARE-PUT Trackware supreme toolbar runtime detection - pass information to its controlling server (spyware-put.rules, Medium)
5943 <-> SPYWARE-PUT Trackware supreme toolbar runtime detection - third party information collection (spyware-put.rules, Medium)
5945 <-> SPYWARE-PUT Adware weirdontheweb runtime detection - track.cgi request (spyware-put.rules, Low)
5946 <-> SPYWARE-PUT Adware weirdontheweb runtime detection - monitor user web activity (spyware-put.rules, Low)
5948 <-> SPYWARE-PUT Adware weirdontheweb runtime detection - update notifier (spyware-put.rules, Low)
5949 <-> SPYWARE-PUT Trackware iggsey toolbar detection - simpleticker.htm request (spyware-put.rules, Medium)
5951 <-> SPYWARE-PUT Trackware iggsey toolbar detection - search request (spyware-put.rules, Medium)
5952 <-> SPYWARE-PUT Hijacker 123mania runtime detection - autosearch hijacking (spyware-put.rules, Low)
5953 <-> SPYWARE-PUT Hijacker 123mania runtime detection - sidesearch hijacking (spyware-put.rules, Low)
5955 <-> SPYWARE-PUT Trackware browserpal runtime detection - adblocker function (spyware-put.rules, Medium)
5956 <-> SPYWARE-PUT Hacker-Tool ghostvoice 1.02 icq notification of server installation (spyware-put.rules, Low)
5959 <-> SPYWARE-PUT Hijacker raxsearch detection - send search keywords to raxsearch (spyware-put.rules, Low)
5960 <-> SPYWARE-PUT Hijacker raxsearch detection - pop-up raxsearch window (spyware-put.rules, Low)
5961 <-> SPYWARE-PUT Hijacker searchfast detection - news ticker (spyware-put.rules, Low)
5962 <-> SPYWARE-PUT Hijacker searchfast detection - catch search keyword (spyware-put.rules, Low)
5963 <-> SPYWARE-PUT Hijacker searchfast detection - search request (spyware-put.rules, Low)
5964 <-> SPYWARE-PUT Hijacker searchfast detection - track user activity & get 'relates links' of the toolbar (spyware-put.rules, Low)
5965 <-> SPYWARE-PUT Hijacker searchfast detection - get toolbar cfg (spyware-put.rules, Low)
5966 <-> SPYWARE-PUT trackware searchinweb detection - search request (spyware-put.rules, Medium)
5967 <-> SPYWARE-PUT trackware searchinweb detection - click result links (spyware-put.rules, Medium)
5968 <-> SPYWARE-PUT trackware searchinweb detection - redirect (spyware-put.rules, Medium)
5969 <-> SPYWARE-PUT trackware searchinweb detection - collect information (spyware-put.rules, Medium)
5970 <-> SPYWARE-PUT hijacker smart finder detection - keys update (spyware-put.rules, Low)
5971 <-> SPYWARE-PUT hijacker smart finder detection - track hits (spyware-put.rules, Low)
5972 <-> SPYWARE-PUT hijacker smart finder detection - ie autosearch hijack 1 (spyware-put.rules, Low)
5973 <-> SPYWARE-PUT hijacker smart finder detection - search engines hijack (spyware-put.rules, Low)
5974 <-> SPYWARE-PUT hijacker smart finder detection - pop-up ads (spyware-put.rules, Low)
5975 <-> SPYWARE-PUT hijacker topfive searchassistant detection - search request (spyware-put.rules, Low)
5976 <-> SPYWARE-PUT hijacker topfive searchassistant detection - side search (spyware-put.rules, Low)
5979 <-> SPYWARE-PUT Trackware anwb toolbar runtime detection - track user ip address (spyware-put.rules, Medium)
5980 <-> SPYWARE-PUT Trackware anwb toolbar runtime detection - display advertisement (spyware-put.rules, Medium)
5981 <-> SPYWARE-PUT Hijacker seeqtoolbar runtime detection - autosearch hijack or search in toolbar (spyware-put.rules, Low)
5982 <-> SPYWARE-PUT Hijacker seeqtoolbar runtime detection - email login page (spyware-put.rules, Low)
5983 <-> SPYWARE-PUT Adware powerstrip runtime detection (spyware-put.rules, Low)
5984 <-> SPYWARE-PUT Trackware push toolbar installtime detection - user information collect (spyware-put.rules, Medium)
5985 <-> SPYWARE-PUT Trackware push toolbar runtime detection - toolbar information request (spyware-put.rules, Medium)
5987 <-> SPYWARE-PUT Hijacker wishbone runtime detection (spyware-put.rules, Low)
5990 <-> SPYWARE-PUT Adware broadcastpc runtime detection - get up-to-date movie/tv/ad information (spyware-put.rules, Low)
5991 <-> SPYWARE-PUT Hijacker getmirar runtime detection - search request (spyware-put.rules, Low)
5992 <-> SPYWARE-PUT Hijacker getmirar runtime detection - get keyword-related content (spyware-put.rules, Low)
5993 <-> SPYWARE-PUT Hijacker getmirar runtime detection - track activity (spyware-put.rules, Low)
5994 <-> SPYWARE-PUT Hijacker getmirar runtime detection - click related button (spyware-put.rules, Low)
5995 <-> SPYWARE-PUT Adware offeragent runtime detection - information checking (spyware-put.rules, Low)
5996 <-> SPYWARE-PUT Adware offeragent runtime detection - ads request (spyware-put.rules, Low)
5997 <-> WEB-MISC WinProxy overly long host header buffer overflow attempt (web-misc.rules, High)
6023 <-> BACKDOOR silent spy 2.10 runtime detection - icq notification (backdoor.rules, High)
6183 <-> SPYWARE-PUT Adware 180Search assistant runtime detection - tracked event URL (spyware-put.rules, Low)
6184 <-> SPYWARE-PUT Adware 180Search assistant runtime detection - config upload (spyware-put.rules, Low)
6185 <-> SPYWARE-PUT Adware 180Search assistant runtime detection - reporting keyword (spyware-put.rules, Low)
6187 <-> SPYWARE-PUT Adware ISTBar runtime detection - scripts (spyware-put.rules, Low)
6188 <-> SPYWARE-PUT Adware ISTBar runtime detection - bar (spyware-put.rules, Low)
6192 <-> SPYWARE-PUT Adware seekmo runtime detection - reporting keyword (spyware-put.rules, Low)
6193 <-> SPYWARE-PUT Adware seekmo runtime detection - pop up ads (spyware-put.rules, Low)
6194 <-> SPYWARE-PUT Adware seekmo runtime detection - config upload (spyware-put.rules, Low)
6195 <-> SPYWARE-PUT Adware seekmo runtime detection - download .cab (spyware-put.rules, Low)
6196 <-> SPYWARE-PUT Hijacker smart shopper runtime detection - services requests (spyware-put.rules, Low)
6198 <-> SPYWARE-PUT Trackware squaretrade side bar runtime detection - collect user information (spyware-put.rules, Medium)
6199 <-> SPYWARE-PUT Hijacker smart search runtime detection - hijack/ads (spyware-put.rules, Low)
6201 <-> SPYWARE-PUT Adware twaintec runtime detection (spyware-put.rules, Low)
6202 <-> SPYWARE-PUT Trickler farmmext installtime/update request (spyware-put.rules, Low)
6203 <-> SPYWARE-PUT Trickler farmmext runtime detection - drk.syn request (spyware-put.rules, Low)
6204 <-> SPYWARE-PUT Trickler farmmext runtime detection - track activity (spyware-put.rules, Low)
6209 <-> SPYWARE-PUT Adware deskwizz/zquest runtime detection - get config information / ad banner (spyware-put.rules, Low)
6211 <-> SPYWARE-PUT Adware deskwizz runtime detection - pop-up ad request (spyware-put.rules, Low)
6213 <-> SPYWARE-PUT Hijacker 7fasst runtime detection - auto requests (spyware-put.rules, Low)
6214 <-> SPYWARE-PUT Hijacker 7fasst runtime detection - search (spyware-put.rules, Low)
6215 <-> SPYWARE-PUT Hijacker 7fasst runtime detection - track (spyware-put.rules, Low)
6216 <-> SPYWARE-PUT Adware aornum/iwon copilot runtime detection - config (spyware-put.rules, Low)
6218 <-> SPYWARE-PUT Adware aornum/iwon copilot runtime detection - ads (spyware-put.rules, Low)
6219 <-> SPYWARE-PUT Adware bonzibuddy runtime detection (spyware-put.rules, Low)
6222 <-> SPYWARE-PUT Adware delfin media viewer runtime detection - contact server (spyware-put.rules, Low)
6223 <-> SPYWARE-PUT Adware delfin media viewer runtime detection - retrieve schedule (spyware-put.rules, Low)
6224 <-> SPYWARE-PUT Hijacker ieplugin runtime detection - search (spyware-put.rules, Low)
6230 <-> SPYWARE-PUT Hijacker i-lookup runtime detection (spyware-put.rules, Low)
6232 <-> SPYWARE-PUT Adware mirar runtime detection - thumbnail (spyware-put.rules, Low)
6233 <-> SPYWARE-PUT Adware mirar runtime detection - delayed (spyware-put.rules, Low)
6234 <-> SPYWARE-PUT Adware mirar runtime detection - ads (spyware-put.rules, Low)
6236 <-> SPYWARE-PUT Adware lop runtime detection - pass info to server (spyware-put.rules, Low)
6237 <-> SPYWARE-PUT Adware lop runtime detection - check update request (spyware-put.rules, Low)
6239 <-> SPYWARE-PUT Adware lop runtime detection - collect info request 2 (spyware-put.rules, Low)
6240 <-> SPYWARE-PUT Adware lop runtime detection - pop up ads (spyware-put.rules, Low)
6241 <-> SPYWARE-PUT Adware lop runtime detection - ie autosearch hijack (spyware-put.rules, Low)
6242 <-> SPYWARE-PUT Hijacker coolwebsearch.cameup runtime detection (spyware-put.rules, Low)
6243 <-> SPYWARE-PUT Hijacker coolwebsearch cameup runtime detection - home page hijack (spyware-put.rules, Low)
6244 <-> SPYWARE-PUT Hijacker coolwebsearch cameup runtime detection - ie auto search hijack (spyware-put.rules, Low)
6245 <-> SPYWARE-PUT Hijacker coolwebsearch startpage runtime detection (spyware-put.rules, Low)
6246 <-> SPYWARE-PUT Hijacker exact navisearch runtime detection - search hijack (spyware-put.rules, Low)
6247 <-> SPYWARE-PUT Adware ezula toptext runtime detection - help redirect (spyware-put.rules, Low)
6248 <-> SPYWARE-PUT Adware ezula toptext runtime detection - popup (spyware-put.rules, Low)
6249 <-> SPYWARE-PUT Adware ezula toptext runtime detection - redirect (spyware-put.rules, Low)
6252 <-> SPYWARE-PUT Trackware quicksearch toolbar runtime detection - search request (spyware-put.rules, Medium)
6253 <-> SPYWARE-PUT Trackware quicksearch toolbar runtime detection - log user ativity (spyware-put.rules, Medium)
6254 <-> SPYWARE-PUT Trackware quicksearch toolbar runtime detection - redirect (spyware-put.rules, Medium)
6255 <-> SPYWARE-PUT Trackware quicksearch toolbar runtime detection - update (spyware-put.rules, Medium)
6257 <-> SPYWARE-PUT Adware searchsquire runtime detection - testgeonew query (spyware-put.rules, Low)
6258 <-> SPYWARE-PUT Adware searchsquire runtime detection - get engine file (spyware-put.rules, Low)
6259 <-> SPYWARE-PUT Adware searchsquire runtime detection - search forward (spyware-put.rules, Low)
6260 <-> SPYWARE-PUT Adware overpro runtime detection (spyware-put.rules, Low)
6261 <-> SPYWARE-PUT Trickler slinkyslate toolbar runtime detection (spyware-put.rules, Low)
6263 <-> SPYWARE-PUT Hijacker gigatech superbar runtime detection - collect information (spyware-put.rules, Low)
6264 <-> SPYWARE-PUT Hijacker gigatech superbar runtime detection - self update - movie (spyware-put.rules, Low)
6265 <-> SPYWARE-PUT Hijacker gigatech superbar runtime detection - self update - engine (spyware-put.rules, Low)
6266 <-> SPYWARE-PUT Hijacker gigatech superbar runtime detection - self update - check update (spyware-put.rules, Low)
6267 <-> SPYWARE-PUT Hijacker gigatech superbar runtime detection - self update - get update (spyware-put.rules, Low)
6268 <-> SPYWARE-PUT Hijacker gigatech superbar runtime detection - self update - download exe (spyware-put.rules, Low)
6269 <-> SPYWARE-PUT Hijacker gigatech superbar runtime detection - track event (spyware-put.rules, Low)
6270 <-> SPYWARE-PUT Hijacker topicks runtime detection (spyware-put.rules, Low)
6271 <-> SPYWARE-PUT Trickler bundleware runtime detection (spyware-put.rules, Low)
6274 <-> SPYWARE-PUT Trickler clickalchemy runtime detection (spyware-put.rules, Low)
6275 <-> SPYWARE-PUT Hijacker incredifind runtime detection - cookie (spyware-put.rules, Low)
6279 <-> SPYWARE-PUT Hijacker sidefind runtime detection (spyware-put.rules, Low)
6280 <-> SPYWARE-PUT Hijacker sidefind runtime detection - cookie (spyware-put.rules, Low)
6283 <-> SPYWARE-PUT Hijacker websearch runtime detection - sitereview (spyware-put.rules, Low)
6284 <-> SPYWARE-PUT Hijacker websearch runtime detection - webstat (spyware-put.rules, Low)
6342 <-> SPYWARE-PUT Hijacker spediabar runtime detection - info check (spyware-put.rules, Low)
6344 <-> SPYWARE-PUT Adware excite search bar runtime detection - config (spyware-put.rules, Low)
6345 <-> SPYWARE-PUT Adware excite search bar runtime detection - search (spyware-put.rules, Low)
6346 <-> SPYWARE-PUT Adware stationripper update detection (spyware-put.rules, Low)
6347 <-> SPYWARE-PUT Adware stationripper ad display detection (spyware-put.rules, Low)
6348 <-> SPYWARE-PUT Snoopware zenosearch runtime detection (spyware-put.rules, Medium)
6349 <-> SPYWARE-PUT Hijacker richfind update detection (spyware-put.rules, Low)
6350 <-> SPYWARE-PUT Hijacker richfind auto search redirect detection (spyware-put.rules, Low)
6351 <-> SPYWARE-PUT Hijacker adblock update detection (spyware-put.rules, Low)
6352 <-> SPYWARE-PUT Hijacker adblock auto search redirect detection (spyware-put.rules, Low)
6353 <-> SPYWARE-PUT Hijacker adblock ie search assistant redirect detection (spyware-put.rules, Low)
6354 <-> SPYWARE-PUT Trickler wsearch runtime detection - auto update (spyware-put.rules, Low)
6355 <-> SPYWARE-PUT Trickler wsearch runtime detection - mp3 search (spyware-put.rules, Low)
6356 <-> SPYWARE-PUT Trickler wsearch runtime detection - desktop search (spyware-put.rules, Low)
6357 <-> SPYWARE-PUT Hijacker need2find initial configuration detection (spyware-put.rules, Low)
6358 <-> SPYWARE-PUT Hijacker need2find search query detection (spyware-put.rules, Low)
6359 <-> SPYWARE-PUT Adware altnet runtime detection - initial retrieval (spyware-put.rules, Low)
6361 <-> SPYWARE-PUT Adware altnet runtime detection - status report (spyware-put.rules, Low)
6363 <-> SPYWARE-PUT adware surfaccuracy runtime detection (spyware-put.rules, Low)
6367 <-> SPYWARE-PUT Trickler eacceleration downloadreceiver runtime detection - stop-sign ads (spyware-put.rules, Low)
6368 <-> SPYWARE-PUT Adware flashtrack media/spoton runtime detection - update request (spyware-put.rules, Low)
6371 <-> SPYWARE-PUT Adware flashtrack media/spoton runtime detection - pop up ads (spyware-put.rules, Low)
6372 <-> SPYWARE-PUT Trickler spyblocs eblocs detection - get wsliveup.dat (spyware-put.rules, Low)
6373 <-> SPYWARE-PUT Trickler spyblocs eblocs detection - stbarpat.dat (spyware-put.rules, Low)
6374 <-> SPYWARE-PUT Trickler spyblocs eblocs detection - get spyblpat.dat/spyblini.ini (spyware-put.rules, Low)
6375 <-> SPYWARE-PUT Trickler spyblocs.eblocs detection - register request (spyware-put.rules, Low)
6376 <-> SPYWARE-PUT Hijacker girafa toolbar - toolbar update (spyware-put.rules, Low)
6377 <-> SPYWARE-PUT Hijacker girafa toolbar - browser hijack (spyware-put.rules, Low)
6378 <-> SPYWARE-PUT Hijacker adbars runtime detection - homepage hijack (spyware-put.rules, Low)
6379 <-> SPYWARE-PUT Hijacker adbars runtime detection - search in toolbar (spyware-put.rules, Low)
6380 <-> SPYWARE-PUT Hijacker dotcomtoolbar runtime detection - toolbar information retrieve (spyware-put.rules, Low)
6381 <-> SPYWARE-PUT Hijacker dotcomtoolbar runtime detection - search in toolbar (spyware-put.rules, Low)
6382 <-> SPYWARE-PUT Hijacker dotcomtoolbar runtime detection - url hook (spyware-put.rules, Low)
6387 <-> SPYWARE-PUT Hijacker internet optimizer runtime detection - autosearch hijack (spyware-put.rules, Low)
6388 <-> SPYWARE-PUT Hijacker internet optimizer runtime detection - error page hijack (spyware-put.rules, Low)
6389 <-> SPYWARE-PUT Adware esyndicate runtime detection - postinstall request (spyware-put.rules, Low)
6390 <-> SPYWARE-PUT Adware esyndicate runtime detection - ads popup (spyware-put.rules, Low)
6391 <-> SPYWARE-PUT Adware esyndicate runtime detection - ads popup (spyware-put.rules, Low)
6392 <-> SPYWARE-PUT Hijacker zeropopup runtime detection (spyware-put.rules, Low)
6403 <-> WEB-PHP horde help module arbitrary command execution attempt (web-php.rules, High)
6408 <-> POLICY webshots desktop traffic (policy.rules, Low)
6409 <-> WEB-FRONTPAGE frontpage server extension long host string overflow attempt (web-frontpage.rules, High)
6410 <-> WEB-FRONTPAGE frontpage server extension long host string overflow attempt (web-frontpage.rules, High)
6411 <-> WEB-FRONTPAGE frontpage server extension long host string overflow attempt (web-frontpage.rules, High)
6480 <-> SPYWARE-PUT Hijacker cws.cameup runtime detection - home page (spyware-put.rules, Low)
6481 <-> SPYWARE-PUT Hijacker cws.cameup runtime detection - search (spyware-put.rules, Low)
6482 <-> SPYWARE-PUT Hijacker makemesearch toolbar runtime detection - get info (spyware-put.rules, Low)
6483 <-> SPYWARE-PUT Hijacker makemesearch toolbar runtime detection - home page hijacker (spyware-put.rules, Low)
6484 <-> SPYWARE-PUT Hijacker makemesearch toolbar runtime detection - search (spyware-put.rules, Low)
6487 <-> SPYWARE-PUT Adware searchnugget toolbar runtime detection - check updates (spyware-put.rules, Low)
6488 <-> SPYWARE-PUT Adware searchnugget toolbar runtime detection - redirect mistyped urls (spyware-put.rules, Low)
6489 <-> SPYWARE-PUT Hijacker analyze IE runtime detection - default page hijacker (spyware-put.rules, Low)
6491 <-> SPYWARE-PUT Dialer yeaknet runtime detection - post-installation (spyware-put.rules, Low)
6492 <-> SPYWARE-PUT Trickler Backdoor-BAC.gen.e runtime detection - notification (spyware-put.rules, Low)
6493 <-> SPYWARE-PUT Trickler Backdoor-BAC.gen.e runtime detection - post data (spyware-put.rules, Low)
6494 <-> SPYWARE-PUT Adware yourenhancement runtime detection (spyware-put.rules, Low)
6495 <-> SPYWARE-PUT Hijacker troj_spywad.x runtime detection (spyware-put.rules, Low)
6496 <-> SPYWARE-PUT Adware adpowerzone runtime detection (spyware-put.rules, Low)
7049 <-> SPYWARE-PUT Hijacker extreme biz runtime detection - uniq1 (spyware-put.rules, Low)
7051 <-> SPYWARE-PUT Trickler generic downloader.g runtime detection - spyware injection (spyware-put.rules, Low)
7052 <-> SPYWARE-PUT Trickler generic downloader.g runtime detection - adv (spyware-put.rules, Low)
7053 <-> SPYWARE-PUT Adware webredir runtime detection (spyware-put.rules, Low)
7054 <-> SPYWARE-PUT Trickler download arq variant runtime detection (spyware-put.rules, Low)
7055 <-> SPYWARE-PUT Hijacker vip01 biz runtime detection - adv (spyware-put.rules, Low)
7073 <-> BACKDOOR w32.dumaru.gen@mm runtime detection - notification (backdoor.rules, High)
7074 <-> BACKDOOR w32.dumaru.gen@mm runtime detection - cmd (backdoor.rules, High)
7077 <-> BACKDOOR minimo v0.6 runtime detection - icq notification (backdoor.rules, High)
7118 <-> BACKDOOR y3k 1.2 runtime detection - user-agent string detected (backdoor.rules, High)
7123 <-> SPYWARE-PUT Other-Technologies alfacleaner runtime detection - update (spyware-put.rules, Low)
7124 <-> SPYWARE-PUT Other-Technologies alfacleaner runtime detection - buy (spyware-put.rules, Low)
7125 <-> SPYWARE-PUT Hijacker traffbest biz runtime detection - adv (spyware-put.rules, Low)
7126 <-> SPYWARE-PUT Hijacker trojan proxy atiup runtime detection - notification (spyware-put.rules, Low)
7127 <-> SPYWARE-PUT Hijacker wowok mp3 bar runtime detection - tracking (spyware-put.rules, Low)
7128 <-> SPYWARE-PUT Hijacker wowok mp3 bar runtime detection - advertising 1 (spyware-put.rules, Low)
7129 <-> SPYWARE-PUT Hijacker wowok mp3 bar runtime detection - advertising 2 (spyware-put.rules, Low)
7130 <-> SPYWARE-PUT Hijacker wowok mp3 bar runtime detection - search assissant hijacking (spyware-put.rules, Low)
7136 <-> SPYWARE-PUT Hijacker dsrch runtime detection - search assistant redirect (spyware-put.rules, Low)
7137 <-> SPYWARE-PUT Hijacker dsrch runtime detection - side search redirect (spyware-put.rules, Low)
7138 <-> SPYWARE-PUT Other-Technologies clicktrojan runtime detection - version check (spyware-put.rules, Low)
7139 <-> SPYWARE-PUT Other-Technologies clicktrojan runtime detection - fake search query (spyware-put.rules, Low)
7140 <-> SPYWARE-PUT Adware pay-per-click runtime detection - configuration (spyware-put.rules, Low)
7141 <-> SPYWARE-PUT Adware pay-per-click runtime detection - update (spyware-put.rules, Low)
7142 <-> SPYWARE-PUT Adware ares flash downloader 2.04 runtime detection (spyware-put.rules, Low)
7143 <-> SPYWARE-PUT Adware digink.com runtime detection (spyware-put.rules, Low)
7144 <-> SPYWARE-PUT Hijacker cool search runtime detection (spyware-put.rules, Low)
7145 <-> SPYWARE-PUT Other-Technologies spam maxy runtime detection (spyware-put.rules, Low)
7147 <-> SPYWARE-PUT Hacker-Tool sars notifier runtime detection - icq notification (spyware-put.rules, Low)
7148 <-> SPYWARE-PUT Hacker-Tool sars notifier runtime detection - cgi notification (spyware-put.rules, Low)
7149 <-> SPYWARE-PUT Hacker-Tool sars notifier runtime detection - php notification (spyware-put.rules, Low)
7152 <-> SPYWARE-PUT Hijacker cnsmin 3721 runtime detection - installation (spyware-put.rules, Low)
7153 <-> SPYWARE-PUT Hijacker cnsmin 3721 runtime detection - hijacking (spyware-put.rules, Low)
7155 <-> SPYWARE-PUT Trickler jubster runtime detection (spyware-put.rules, Low)
7188 <-> SPYWARE-PUT Hijacker shop at home select - merchant redirect in progress (spyware-put.rules, Medium)
7189 <-> SPYWARE-PUT Trackware shopathome runtime detection - setcookie request (spyware-put.rules, Medium)
7190 <-> SPYWARE-PUT Adware trustyfiles v3.1.0.1 runtime detection - host retrieval (spyware-put.rules, Low)
7191 <-> SPYWARE-PUT Adware trustyfiles v3.1.0.1 runtime detection - url retrieval (spyware-put.rules, Low)
7192 <-> SPYWARE-PUT Adware trustyfiles v3.1.0.1 runtime detection - sponsor selection (spyware-put.rules, Low)
7193 <-> SPYWARE-PUT Adware trustyfiles v3.1.0.1 runtime detection - startup access (spyware-put.rules, Low)
7194 <-> SPYWARE-PUT Hijacker shopprreports runtime detection - services requests (spyware-put.rules, Low)
7510 <-> SPYWARE-PUT Trickler edonkey2000 runtime detection - version verification (spyware-put.rules, Low)
7511 <-> SPYWARE-PUT Trickler edonkey2000 runtime detection - get ads page (spyware-put.rules, Low)
7516 <-> SPYWARE-PUT Trickler hmtoolbar runtime detection (spyware-put.rules, Low)
7517 <-> SPYWARE-PUT Hijacker chinese keywords runtime detection (spyware-put.rules, Low)
7518 <-> SPYWARE-PUT Trackware earthlink toolbar runtime detection - get up-to-date news info (spyware-put.rules, Medium)
7519 <-> SPYWARE-PUT Trackware earthlink toolbar runtime detection - track activity (spyware-put.rules, Medium)
7520 <-> SPYWARE-PUT Trackware earthlink toolbar runtime detection - ie autosearch hijack (spyware-put.rules, Medium)
7521 <-> SPYWARE-PUT Trackware earthlink toolbar runtime detection - search toolbar request 1 (spyware-put.rules, Medium)
7522 <-> SPYWARE-PUT Trackware earthlink toolbar runtime detection - search toolbar request 2 (spyware-put.rules, Medium)
7523 <-> SPYWARE-PUT Trackware earthlink toolbar runtime detection - click news button links (spyware-put.rules, Medium)
7524 <-> SPYWARE-PUT Hijacker moneybar runtime detection - cgispy counter (spyware-put.rules, Low)
7525 <-> SPYWARE-PUT Trackware hotblox toolbar runtime detection - barad.asp request (spyware-put.rules, Medium)
7526 <-> SPYWARE-PUT Trackware hotblox toolbar runtime detection - stat counter (spyware-put.rules, Medium)
7527 <-> SPYWARE-PUT Trackware hotblox toolbar runtime detection - toolbar find function (spyware-put.rules, Medium)
7528 <-> SPYWARE-PUT Trackware hotblox toolbar runtime detection - ie autosearch hijack (spyware-put.rules, Medium)
7529 <-> SPYWARE-PUT Snoopware halflife jacker runtime detection (spyware-put.rules, Medium)
7530 <-> SPYWARE-PUT Trickler mediaseek.pl client runtime detection - trickler (spyware-put.rules, Low)
7533 <-> SPYWARE-PUT Adware piolet runtime detection - ads request (spyware-put.rules, Low)
7534 <-> SPYWARE-PUT Hijacker clearsearch variant runtime detection - ie hijacking (spyware-put.rules, Low)
7535 <-> SPYWARE-PUT Hijacker clearsearch variant runtime detection - pass information (spyware-put.rules, Low)
7536 <-> SPYWARE-PUT Hijacker clearsearch variant runtime detection - popup (spyware-put.rules, Low)
7540 <-> SPYWARE-PUT Hacker-Tool unify runtime detection - cgi notification (spyware-put.rules, Low)
7543 <-> SPYWARE-PUT Hijacker 2020search runtime detection (spyware-put.rules, Low)
7553 <-> SPYWARE-PUT Adware hxdl runtime detection - hxlogonly user-agent (spyware-put.rules, Low)
7556 <-> SPYWARE-PUT Hijacker blazefind runtime detection - search bar (spyware-put.rules, Low)
7557 <-> SPYWARE-PUT Trackware purityscan runtime detection - start up (spyware-put.rules, Medium)
7558 <-> SPYWARE-PUT Trackware purityscan runtime detection - installation notify (spyware-put.rules, Medium)
7559 <-> SPYWARE-PUT Trackware purityscan runtime detection - track user activity and status (spyware-put.rules, Medium)
7560 <-> SPYWARE-PUT Trackware purityscan runtime detection - self update (spyware-put.rules, Medium)
7561 <-> SPYWARE-PUT Trackware purityscan runtime detection - opt out of interstitial advertising (spyware-put.rules, Medium)
7562 <-> SPYWARE-PUT Adware morpheus runtime detection - ad 1 (spyware-put.rules, Low)
7564 <-> SPYWARE-PUT Hijacker startnow runtime detection (spyware-put.rules, Low)
7565 <-> SPYWARE-PUT Hijacker adshooter.searchforit runtime detection - search engine (spyware-put.rules, Low)
7566 <-> SPYWARE-PUT Hijacker adshooter.searchforit runtime detection - redirector (spyware-put.rules, Low)
7569 <-> SPYWARE-PUT Adware lordofsearch runtime detection (spyware-put.rules, Low)
7570 <-> SPYWARE-PUT Hijacker linkspider search bar runtime detection - ads (spyware-put.rules, Low)
7571 <-> SPYWARE-PUT Hijacker linkspider search bar runtime detection - toolbar search (spyware-put.rules, Low)
7572 <-> SPYWARE-PUT Trickler album galaxy runtime detection - startup data (spyware-put.rules, Low)
7573 <-> SPYWARE-PUT Trickler album galaxy runtime detection - p2p gnutella (spyware-put.rules, Low)
7575 <-> SPYWARE-PUT Hijacker starware toolbar runtime detection - weather request (spyware-put.rules, Low)
7576 <-> SPYWARE-PUT Hijacker starware toolbar runtime detection - hijack ie browser (spyware-put.rules, Low)
7577 <-> SPYWARE-PUT Hijacker starware toolbar runtime detection - collect information (spyware-put.rules, Low)
7578 <-> SPYWARE-PUT Hijacker starware toolbar runtime detection - reference (spyware-put.rules, Low)
7579 <-> SPYWARE-PUT Hijacker starware toolbar runtime detection - smileys (spyware-put.rules, Low)
7580 <-> SPYWARE-PUT Hijacker starware toolbar runtime detection - update (spyware-put.rules, Low)
7588 <-> SPYWARE-PUT Trickler urlblaze runtime detection - files search or download (spyware-put.rules, Low)
7590 <-> SPYWARE-PUT Hijacker swbar runtime detection (spyware-put.rules, Low)
7593 <-> SPYWARE-PUT Trackware trellian toolbarbrowser runtime detection (spyware-put.rules, Medium)
7594 <-> SPYWARE-PUT Adware comedy planet runtime detection - ads (spyware-put.rules, Low)
7598 <-> SPYWARE-PUT Snoopware 2-seek runtime detection - search in toolbar (spyware-put.rules, Medium)
7599 <-> SPYWARE-PUT Snoopware 2-seek runtime detection - user info collection (spyware-put.rules, Medium)
7639 <-> BACKDOOR air runtime detection - php notification (backdoor.rules, High)
7640 <-> BACKDOOR air runtime detection - webmail notification (backdoor.rules, High)
7701 <-> BACKDOOR brain wiper runtime detection - chat (backdoor.rules, High)
7702 <-> BACKDOOR roach 1.0 runtime detection - remote control actions - flowbit set (backdoor.rules, High)
7703 <-> BACKDOOR roach 1.0 runtime detection - remote control actions (backdoor.rules, High)
7704 <-> BACKDOOR roach 1.0 server installation notification - email (backdoor.rules, High)
7805 <-> BACKDOOR war trojan ver1.0 runtime detection - ie hijacker (backdoor.rules, High)
7823 <-> SPYWARE-PUT Adware whenu runtime detection - datachunksgz (spyware-put.rules, Low)
7824 <-> SPYWARE-PUT Trickler whenu.clocksync runtime detection (spyware-put.rules, Low)
7825 <-> SPYWARE-PUT Adware whenu.savenow runtime detection (spyware-put.rules, Low)
7826 <-> SPYWARE-PUT Trickler whenu.weathercast runtime detection - check (spyware-put.rules, Low)
7827 <-> SPYWARE-PUT Adware whenu runtime detection - search request 1 (spyware-put.rules, Low)
7828 <-> SPYWARE-PUT Adware whenu runtime detection - search request 2 (spyware-put.rules, Low)
7831 <-> SPYWARE-PUT Adware downloadplus runtime detection (spyware-put.rules, Low)
7833 <-> SPYWARE-PUT Hijacker navexcel helper runtime detection - search (spyware-put.rules, Low)
7834 <-> SPYWARE-PUT Hacker-Tool nettracker runtime detection - report browsing (spyware-put.rules, Low)
7838 <-> SPYWARE-PUT Adware smiley central runtime detection (spyware-put.rules, Low)
7840 <-> SPYWARE-PUT Hijacker instafinder initial configuration detection (spyware-put.rules, Low)
7841 <-> SPYWARE-PUT Hijacker instafinder error redirect detection (spyware-put.rules, Low)
7843 <-> SPYWARE-PUT Hijacker avenuemedia.dyfuca runtime detection - search engine hijack (spyware-put.rules, Low)
7844 <-> SPYWARE-PUT Hijacker avenuemedia.dyfuca runtime detection - post data (spyware-put.rules, Low)
7848 <-> SPYWARE-PUT Hijacker netguide runtime detection (spyware-put.rules, Low)
7849 <-> SPYWARE-PUT Trickler maxsearch runtime detection - toolbar download (spyware-put.rules, Low)
7850 <-> SPYWARE-PUT Trickler maxsearch runtime detection - retrieve command (spyware-put.rules, Low)
7851 <-> SPYWARE-PUT Trickler maxsearch runtime detection - ack (spyware-put.rules, Low)
7852 <-> SPYWARE-PUT Trickler maxsearch runtime detection - advertisement (spyware-put.rules, Low)
7853 <-> SPYWARE-PUT Adware web-nexus runtime detection - ad url 1 (spyware-put.rules, Low)
7854 <-> SPYWARE-PUT Adware web-nexus runtime detection - config retrieval (spyware-put.rules, Low)
7855 <-> SPYWARE-PUT Adware web-nexus runtime detection - ad url 2 (spyware-put.rules, Low)
7856 <-> SPYWARE-PUT Trackware winsysba-a runtime detection - track surfing activity (spyware-put.rules, Medium)
7858 <-> POLICY Google Desktop initial install - firstuse request (policy.rules, High)
7859 <-> POLICY Google Desktop initial install  - installer request (policy.rules, High)
7860 <-> POLICY Google Desktop search query (policy.rules, High)
7861 <-> POLICY Google Desktop activity (policy.rules, High)
8071 <-> SPYWARE-PUT Hijacker findthewebsiteyouneed runtime detection - search hijack (spyware-put.rules, Low)
8072 <-> SPYWARE-PUT Hijacker findthewebsiteyouneed runtime detection - surf monitor (spyware-put.rules, Low)
8073 <-> SPYWARE-PUT Adware zango toolbar runtime detection (spyware-put.rules, Low)
8080 <-> BACKDOOR x2a runtime detection - client update (backdoor.rules, High)
8084 <-> WEB-CGI CVSTrac filediff function access (web-cgi.rules, Medium)
8352 <-> SPYWARE-PUT Adware desktopmedia runtime detection - ads popup (spyware-put.rules, Low)
8353 <-> SPYWARE-PUT Adware desktopmedia runtime detection - auto update (spyware-put.rules, Low)
8354 <-> SPYWARE-PUT Adware desktopmedia runtime detection - surf monitoring (spyware-put.rules, Low)
8358 <-> SPYWARE-PUT Hijacker yok supersearch runtime detection - addressbar keyword search hijack (spyware-put.rules, Low)
8359 <-> SPYWARE-PUT Hijacker yok supersearch runtime detection - target website display (spyware-put.rules, Low)
8360 <-> SPYWARE-PUT Hijacker yok supersearch runtime detection - search info collect (spyware-put.rules, Low)
8461 <-> SPYWARE-PUT Trackware duduaccelerator runtime detection - send userinfo (spyware-put.rules, Medium)
8462 <-> SPYWARE-PUT Trackware duduaccelerator runtime detection - trace info downloaded (spyware-put.rules, Medium)
8463 <-> SPYWARE-PUT Trackware duduaccelerator runtime detection - trace login info (spyware-put.rules, Medium)
8464 <-> SPYWARE-PUT Adware henbang runtime detection (spyware-put.rules, Low)
8468 <-> SPYWARE-PUT Hijacker accoona runtime detection - collect info (spyware-put.rules, Low)
8469 <-> SPYWARE-PUT Hijacker accoona runtime detection - open sidebar search url (spyware-put.rules, Low)
8490 <-> WEB-COLDFUSION viewexample.cfm access (web-coldfusion.rules, Medium)
8491 <-> WEB-COLDFUSION eval.cfm access (web-coldfusion.rules, Medium)
8492 <-> WEB-COLDFUSION openfile.cfm access (web-coldfusion.rules, Medium)
8493 <-> WEB-COLDFUSION sourcewindow.cfm access (web-coldfusion.rules, Medium)
8542 <-> SPYWARE-PUT Trackware deluxecommunications runtime detection - collect info (spyware-put.rules, Medium)
8543 <-> SPYWARE-PUT Trackware deluxecommunications runtime detection - display popup ads (spyware-put.rules, Medium)
8546 <-> SPYWARE-PUT Adware roogoo runtime detection - show ads (spyware-put.rules, Low)
8712 <-> WEB-PHP cacti graph_image arbitrary command execution attempt (web-php.rules, High)
8713 <-> WEB-PHP cacti graph_image SQL injection attempt (web-php.rules, High)
8714 <-> WEB-PHP cacti graph_image SQL injection attempt (web-php.rules, High)
8715 <-> WEB-PHP cacti graph_image SQL injection attempt (web-php.rules, High)
8716 <-> WEB-PHP cacti graph_image SQL injection attempt (web-php.rules, High)
9418 <-> SPECIFIC-THREATS bagle.a http notification detection (specific-threats.rules, High)
9644 <-> SPYWARE-PUT Adware imnames runtime detection (spyware-put.rules, Low)
9645 <-> SPYWARE-PUT Hijacker sogou runtime detection - keyword hijack (spyware-put.rules, Low)
9646 <-> SPYWARE-PUT Hijacker sogou runtime detection - search through sogou toolbar (spyware-put.rules, Low)
9651 <-> SPYWARE-PUT Hijacker ricercadoppia runtime detection (spyware-put.rules, Low)
9652 <-> SPYWARE-PUT Hijacker oemji bar runtime detection (spyware-put.rules, Low)
9829 <-> SPYWARE-PUT Trackware relevantknowledge runtime detection (spyware-put.rules, Medium)
9831 <-> SPYWARE-PUT Adware u88 runtime detection (spyware-put.rules, Low)
10090 <-> SPYWARE-PUT Trickler zango easymessenger runtime detection (spyware-put.rules, Low)
10092 <-> SPYWARE-PUT Trackware russian searchbar runtime detection (spyware-put.rules, Medium)
10093 <-> SPYWARE-PUT Hijacker kuaiso toolbar runtime detection (spyware-put.rules, Low)
10094 <-> SPYWARE-PUT Adware borlan runtime detection (spyware-put.rules, Low)
10095 <-> SPYWARE-PUT Trackware bydou runtime detection (spyware-put.rules, Medium)
10164 <-> SPYWARE-PUT Adware adclicker-ej runtime detection (spyware-put.rules, Low)
10166 <-> SPYWARE-PUT Trackware baigoo runtime detection (spyware-put.rules, Medium)
10180 <-> SPYWARE-PUT Adware eqiso runtime detection (spyware-put.rules, Low)
10182 <-> SPYWARE-PUT Adware newweb runtime detection (spyware-put.rules, Low)
10195 <-> WEB-MISC Content-Length buffer overflow attempt (web-misc.rules, High)
10435 <-> SPYWARE-PUT Trackware admedia runtime detection (spyware-put.rules, Medium)
10437 <-> SPYWARE-PUT Hijacker bazookabar runtime detection (spyware-put.rules, Low)
10438 <-> SPYWARE-PUT Hijacker bazookabar runtime detection (spyware-put.rules, Low)
10439 <-> SPYWARE-PUT Adware mokead runtime detection (spyware-put.rules, Low)
10999 <-> WEB-CGI chetcpasswd access (web-cgi.rules, Medium)
11191 <-> WEB-IIS Microsoft Content Management Server memory corruption (web-iis.rules, High)
11192 <-> POLICY download of executable content (policy.rules, High)
11308 <-> SPYWARE-PUT Other-Technologies spydawn runtime detection - update checking (spyware-put.rules, Low)
11310 <-> SPYWARE-PUT Trickler iowa webdownloader - icq notification (spyware-put.rules, Low)
11311 <-> SPYWARE-PUT Keylogger pcsentinelsoftware Keylogger runtime detection - upload infor (spyware-put.rules, Medium)
11312 <-> SPYWARE-PUT Trackware uplink runtime detection (spyware-put.rules, Medium)
11313 <-> SPYWARE-PUT Other-Technologies spywarelocker 3.3 runtime detection - update checking (spyware-put.rules, Low)
11664 <-> WEB-PHP sphpblog password.txt access attempt (web-php.rules, High)
11665 <-> WEB-PHP sphpblog install03_cgi access attempt (web-php.rules, High)
11666 <-> WEB-PHP sphpblog upload_img_cgi access attempt (web-php.rules, High)
11667 <-> WEB-PHP sphpblog arbitrary file delete attempt (web-php.rules, High)
11668 <-> WEB-PHP vbulletin php code injection (web-php.rules, High)
11687 <-> WEB-MISC Apache SSI error page cross-site scripting (web-misc.rules, High)
11817 <-> WEB-CGI WhatsUpGold configuration access (web-cgi.rules, Medium)
12047 <-> SPYWARE-PUT Adware yayad runtime detection (spyware-put.rules, Low)
12050 <-> SPYWARE-PUT Hijacker ez-greets toolbar runtime detection (spyware-put.rules, Low)
12056 <-> WEB-CGI WhatsUpGold instancename overflow attempt (web-cgi.rules, High)
12057 <-> WEB-CGI WhatsUpGold configuration access (web-cgi.rules, Medium)
12058 <-> SPECIFIC-THREATS Microsoft SPNEGO ASN.1 library heap corruption overflow attempt (specific-threats.rules, High)
12120 <-> SPYWARE-PUT Adware pprich runtime detection - version check (spyware-put.rules, Low)
12123 <-> SPYWARE-PUT Hijacker lookquick runtime detection - hijack ie (spyware-put.rules, Low)
12124 <-> SPYWARE-PUT Hijacker lookquick runtime detection - monitor and collect user info (spyware-put.rules, Low)
12126 <-> SPYWARE-PUT Trackware lookster toolbar runtime detection - collect user information (spyware-put.rules, Medium)
12127 <-> SPYWARE-PUT Trackware lookster toolbar runtime detection - ads (spyware-put.rules, Medium)
12140 <-> SPYWARE-PUT Hijacker cnnic update runtime detection (spyware-put.rules, Low)
12221 <-> WEB-PHP file upload GLOBAL variable overwrite attempt (web-php.rules, High)
12225 <-> SPYWARE-PUT Adware zango2007 toolbar runtime detection (spyware-put.rules, Low)
12227 <-> SPYWARE-PUT Trackware snap ultrasearch/desktop toolbar runtime detection - search (spyware-put.rules, Medium)
12229 <-> SPYWARE-PUT Adware vroomsearch runtime detection (spyware-put.rules, Low)
12230 <-> SPYWARE-PUT Hacker-Tool hippynotify 2.0 runtime detection (spyware-put.rules, Low)
12231 <-> SPYWARE-PUT Adware vroomsearch runtime detection (spyware-put.rules, Low)
12232 <-> SPYWARE-PUT Adware errorsafe runtime detection (spyware-put.rules, Low)
12239 <-> BACKDOOR webcenter v1.0 Backdoor - init connection (backdoor.rules, High)
12255 <-> WEB-CGI CSGuestbook setup attempt (web-cgi.rules, Medium)
12277 <-> EXPLOIT Microsoft IE CSS memory corruption exploit (exploit.rules, High)
12287 <-> SPYWARE-PUT Hijacker scn toolbar runtime detection - ebrss request (spyware-put.rules, Low)
12288 <-> SPYWARE-PUT Hijacker scn toolbar runtime detection - hijack ie searches (spyware-put.rules, Low)
12289 <-> SPYWARE-PUT Hijacker scn toolbar runtime detection - get updates (spyware-put.rules, Low)
12290 <-> SPYWARE-PUT Hijacker newdotnet quick! search runtime detection (spyware-put.rules, Low)
12291 <-> SPYWARE-PUT Trackware vmn toolbar runtime detection (spyware-put.rules, Medium)
12292 <-> SPYWARE-PUT Hijacker morpheus toolbar runtime detection - hijack/search (spyware-put.rules, Low)
12293 <-> SPYWARE-PUT Hijacker morpheus toolbar runtime detection - get cfg info (spyware-put.rules, Low)
12294 <-> SPYWARE-PUT Hijacker 3search runtime detection - counter (spyware-put.rules, Low)
12295 <-> SPYWARE-PUT Hijacker 3search runtime detection - hijacking (spyware-put.rules, Low)
12296 <-> SPYWARE-PUT Hijacker 3search runtime detection - update (spyware-put.rules, Low)
12360 <-> WEB-PHP PHP function CRLF injection attempt (web-php.rules, High)
12361 <-> SPYWARE-PUT Infostealer.Monstres runtime detection (spyware-put.rules, Low)
12362 <-> EXPLOIT Squid HTTP Proxy-Authorization overflow (exploit.rules, High)
12363 <-> SPYWARE-PUT Other-Technologies malware-stopper runtime detection (spyware-put.rules, Low)
12364 <-> SPYWARE-PUT Hijacker proventactics 3.5 runtime detection - get cfg information (spyware-put.rules, Low)
12365 <-> SPYWARE-PUT Hijacker proventactics 3.5 runtime detection - redirect searches (spyware-put.rules, Low)
12366 <-> SPYWARE-PUT Hijacker proventactics 3.5 runtime detection - toolbar search function (spyware-put.rules, Low)
12367 <-> SPYWARE-PUT Hijacker imesh mediabar runtime detection - hijack ie searches (spyware-put.rules, Low)
12368 <-> SPYWARE-PUT Hijacker imesh mediabar runtime detection - hijack ie side search (spyware-put.rules, Low)
12369 <-> SPYWARE-PUT Hijacker imesh mediabar runtime detection - collect user information (spyware-put.rules, Low)
12370 <-> SPYWARE-PUT Hijacker imesh mediabar runtime detection - auto update (spyware-put.rules, Low)
12436 <-> MULTIMEDIA Youtube video player file request (multimedia.rules, High)
12437 <-> MULTIMEDIA Google video player request (multimedia.rules, High)
12481 <-> SPYWARE-PUT Hijacker 411web toolbar runtime detection (spyware-put.rules, Low)
12483 <-> SPYWARE-PUT Other-Technologies virusprotectpro 3.7 runtime detection (spyware-put.rules, Low)
12484 <-> SPYWARE-PUT Adware instant buzz runtime detection - ads for members (spyware-put.rules, Low)
12485 <-> SPYWARE-PUT Adware instant buzz runtime detection - random text ads (spyware-put.rules, Low)
12487 <-> SPYWARE-PUT Hijacker soso toolbar runtime detection - hijack ie auto searches / soso toolbar searches requests (spyware-put.rules, Low)
12595 <-> WEB-IIS malicious ASP file upload attempt (web-iis.rules, High)
12610 <-> WEB-PHP phpBB viewtopic double URL encoding attempt (web-php.rules, High)
12611 <-> CHAT ebuddy.com login attempt (chat.rules, High)
12620 <-> SPYWARE-PUT Adware drive cleaner 1.0.111 runtime detection (spyware-put.rules, Low)
12621 <-> SPYWARE-PUT Trackware extra toolbar 1.0 runtime detection (spyware-put.rules, Medium)
12622 <-> SPYWARE-PUT Trackware extra toolbar 1.0 runtime detection - file download (spyware-put.rules, Medium)
12623 <-> SPYWARE-PUT Hijacker onestepsearch 1.0.118 runtime detection (spyware-put.rules, Low)
12624 <-> SPYWARE-PUT Hijacker onestepsearch 1.0.118 runtime detection - upgrade (spyware-put.rules, Low)
12652 <-> SPYWARE-PUT Hijacker new.net domain 7.2.2 runtime detection - hijack browser (spyware-put.rules, Low)
12653 <-> SPYWARE-PUT Hijacker new.net domain 7.2.2 runtime detection - download code (spyware-put.rules, Low)
12654 <-> SPYWARE-PUT Hijacker rabio 4.2 runtime detection - hijack browser (spyware-put.rules, Low)
12655 <-> SPYWARE-PUT Hijacker rabio 4.2 runtime detection - download updates (spyware-put.rules, Low)
12656 <-> SPYWARE-PUT Adware icoo loader 2.5 runtime detection 1 (spyware-put.rules, Low)
12657 <-> SPYWARE-PUT Adware icoo loader 2.5 runtime detection 2 (spyware-put.rules, Low)
12658 <-> SPYWARE-PUT Adware winantivirus pro 2007 runtime detection (spyware-put.rules, Low)
12659 <-> SPYWARE-PUT Trickler zlob media codec runtime detection - automatic updates (spyware-put.rules, Low)
12660 <-> SPYWARE-PUT Trickler zlob media codec runtime detection - download redirect domains (spyware-put.rules, Low)
12672 <-> SPYWARE-PUT Trackware searchmiracle elitebar runtime detection - get ads (spyware-put.rules, Medium)
12673 <-> SPYWARE-PUT Trackware searchmiracle elitebar runtime detection - collect information (spyware-put.rules, Medium)
12674 <-> SPYWARE-PUT Trackware searchmiracle elitebar runtime detection - track activity (spyware-put.rules, Medium)
12676 <-> SPYWARE-PUT Conspy Update Checking Detected (spyware-put.rules, Low)
12677 <-> SPYWARE-PUT Adware ISTBar runtime detection - softwares (spyware-put.rules, Low)
12678 <-> SPYWARE-PUT SpyTech Realtime Spy Detection (spyware-put.rules, Low)
12694 <-> SPYWARE-PUT Adware avsystemcare runtime detection (spyware-put.rules, Low)
12695 <-> SPYWARE-PUT Adware coopen 3.6.1 runtime detection - initial connection (spyware-put.rules, Low)
12696 <-> SPYWARE-PUT Adware coopen 3.6.1 runtime detection - automatic upgrade (spyware-put.rules, Low)
12697 <-> SPYWARE-PUT Trackware browser accelerator runtime detection - pass user information to server (spyware-put.rules, Medium)
12709 <-> SPECIFIC-THREATS ASN.1 constructed bit string (specific-threats.rules, High)
12718 <-> SPYWARE-PUT Hijacker side find 1.0 runtime detection - initial connection (spyware-put.rules, Low)
12719 <-> SPYWARE-PUT Hijacker side find 1.0 runtime detection - hijacks search engine (spyware-put.rules, Low)
12720 <-> SPYWARE-PUT Adware pestbot runtime detection - update (spyware-put.rules, Low)
12721 <-> SPYWARE-PUT Adware pestbot runtime detection - purchase (spyware-put.rules, Low)
12722 <-> SPYWARE-PUT Hijacker sexyvideoscreensaver runtime detection (spyware-put.rules, Low)
12723 <-> SPYWARE-PUT Trackware winzix 2.2.0 runtime detection (spyware-put.rules, Medium)
12789 <-> SPYWARE-PUT Adware sunshine spy 1.0 runtime detection - check update (spyware-put.rules, Low)
12790 <-> SPYWARE-PUT Trackware partypoker runtime detection (spyware-put.rules, Medium)
12791 <-> SPYWARE-PUT Adware gophoria toolbar runtime detection (spyware-put.rules, Low)
12794 <-> SPYWARE-PUT Hijacker gralicwrap runtime detection - search frauddb process (spyware-put.rules, Low)
12795 <-> SPYWARE-PUT Hijacker gralicwrap runtime detection - display frauddb information (spyware-put.rules, Low)
12796 <-> SPYWARE-PUT Trackware happytofind toolbar runtime detection (spyware-put.rules, Medium)
12797 <-> SPYWARE-PUT Adware x-con spyware destroyer eh 3.2.8 runtime detection (spyware-put.rules, Low)
12905 <-> SPECIFIC-THREATS Microsoft SPNEGO ASN.1 library heap corruption overflow attempt (specific-threats.rules, High)
13161 <-> EXPLOIT HP OpenView CGI parameter buffer overflow attempt (exploit.rules, High)
13238 <-> SPYWARE-PUT Adware adult p2p 1.5 runtime detection (spyware-put.rules, Low)
13239 <-> SPYWARE-PUT Hijacker blue wave adult links toolbar runtime detection (spyware-put.rules, Low)
13240 <-> SPYWARE-PUT Adware live protection 2.1 runtime detection - redirects to purchase page (spyware-put.rules, Low)
13241 <-> SPYWARE-PUT Adware live protection 2.1 runtime detection - application updates (spyware-put.rules, Low)
13277 <-> SPYWARE-PUT Adware netword agent runtime detection (spyware-put.rules, Low)
13282 <-> SPYWARE-PUT Adware jily ie toolbar runtime detection (spyware-put.rules, Low)
13283 <-> SPYWARE-PUT Hijacker dreambar runtime detection (spyware-put.rules, Low)
13284 <-> SPYWARE-PUT Adware netguarder web cleaner runtime detection (spyware-put.rules, Low)
13285 <-> SPYWARE-PUT Hijacker phazebar runtime detection (spyware-put.rules, Low)
13286 <-> SPYWARE-PUT Adware 3wplayer 1.7 runtime detection (spyware-put.rules, Low)
13339 <-> SPYWARE-PUT Hijacker direct toolbar runtime detection (spyware-put.rules, Low)
13340 <-> SPYWARE-PUT Hijacker search4top runtime detection - hijack ie searches and error pages (spyware-put.rules, Low)
13341 <-> SPYWARE-PUT Hijacker search4top runtime detection - popup ads (spyware-put.rules, Low)
13342 <-> SPYWARE-PUT Hijacker ditto toolbar runtime detection (spyware-put.rules, Low)
13343 <-> SPYWARE-PUT Adware 2005-search loader runtime detection (spyware-put.rules, Low)
13344 <-> SPYWARE-PUT Adware yourprivacyguard runtime detection - presale request (spyware-put.rules, Low)
13345 <-> SPYWARE-PUT Adware yourprivacyguard runtime detection - update (spyware-put.rules, Low)
13473 <-> EXPLOIT Microsoft Publisher file download (exploit.rules, Low)
13481 <-> SPYWARE-PUT Hijacker baidu toolbar runtime detection - hijacks search engine (spyware-put.rules, Low)
13482 <-> SPYWARE-PUT Hijacker baidu toolbar runtime detection - discloses information (spyware-put.rules, Low)
13483 <-> SPYWARE-PUT Hijacker baidu toolbar runtime detection - updates automatically (spyware-put.rules, Low)
13485 <-> SPYWARE-PUT Hijacker sofa toolbar runtime detection - hijacks search engine (spyware-put.rules, Low)
13486 <-> SPYWARE-PUT Hijacker sofa toolbar runtime detection - records search information (spyware-put.rules, Low)
13488 <-> SPYWARE-PUT Hijacker people pal toolbar runtime detection - automatic upgrade (spyware-put.rules, Low)
13489 <-> SPYWARE-PUT Hijacker people pal toolbar runtime detection - traffic for searching (spyware-put.rules, Low)
13490 <-> SPYWARE-PUT Adware spy shredder 2.1 runtime detection - presale request (spyware-put.rules, Low)
13491 <-> SPYWARE-PUT Adware spy shredder 2.1 runtime detection - update (spyware-put.rules, Low)
13492 <-> SPYWARE-PUT Hijacker deepdo toolbar runtime detection - redirects search engine (spyware-put.rules, Low)
13493 <-> SPYWARE-PUT Hijacker deepdo toolbar runtime detection - automatic update (spyware-put.rules, Low)
13495 <-> SPYWARE-PUT Hijacker ez-tracks toolbar runtime detection - initial traffic 1 (spyware-put.rules, Low)
13496 <-> SPYWARE-PUT Hijacker ez-tracks toolbar runtime detection - initial traffic 2 (spyware-put.rules, Low)
13497 <-> SPYWARE-PUT Hijacker ez-tracks toolbar runtime detection - tracking traffic (spyware-put.rules, Low)
13498 <-> SPYWARE-PUT Hijacker hbtbar runtime detection - search traffic 1 (spyware-put.rules, Low)
13499 <-> SPYWARE-PUT Hijacker hbtbar runtime detection - search traffic 2 (spyware-put.rules, Low)
13500 <-> SPYWARE-PUT Hijacker hbtbar runtime detection - log information (spyware-put.rules, Low)
13501 <-> SPYWARE-PUT Adware contravirus runtime detection - presale request (spyware-put.rules, Low)
13504 <-> SPYWARE-PUT Adware iedefender runtime detection - presale request (spyware-put.rules, Low)
13505 <-> SPYWARE-PUT Adware iedefender runtime detection - update (spyware-put.rules, Low)
13512 <-> SQL generic sql exec injection attempt - GET parameter (sql.rules, High)
13513 <-> SQL generic sql insert injection atttempt - GET parameter (sql.rules, High)
13514 <-> SQL generic sql update injection attempt - GET parameter (sql.rules, High)
13515 <-> WEB-CLIENT Quicktime user agent (web-client.rules, Low)
13556 <-> SPYWARE-PUT Hijacker kword interkey runtime detection - search traffic 1 (spyware-put.rules, Low)
13557 <-> SPYWARE-PUT Hijacker kword interkey runtime detection - search traffic 2 (spyware-put.rules, Low)
13558 <-> SPYWARE-PUT Hijacker kword interkey runtime detection - log user info (spyware-put.rules, Low)
13559 <-> SPYWARE-PUT Hijacker kompass toolbar runtime detection - initial connection (spyware-put.rules, Low)
13560 <-> SPYWARE-PUT Hijacker kompass toolbar runtime detection - search traffic (spyware-put.rules, Low)
13561 <-> SPYWARE-PUT Adware malware alarm runtime detection - presale request (spyware-put.rules, Low)
13562 <-> SPYWARE-PUT Adware malware alarm runtime detection - update request (spyware-put.rules, Low)
13563 <-> SPYWARE-PUT Adware system doctor runtime detection - presale request (spyware-put.rules, Low)
13564 <-> SPYWARE-PUT Adware system doctor runtime detection - update status (spyware-put.rules, Low)
13565 <-> SPYWARE-PUT Trickler iecodec runtime detection - initial traffic (spyware-put.rules, Low)
13566 <-> SPYWARE-PUT Trickler iecodec runtime detection - message dialog (spyware-put.rules, Low)
13635 <-> SPYWARE-PUT Trickler downloader trojan.gen runtime detection - get malicious link (spyware-put.rules, Low)
13636 <-> SPYWARE-PUT Trickler downloader trojan.gen runtime detection - download malicious link (spyware-put.rules, Low)
13637 <-> SPYWARE-PUT Adware virus heat runtime detection - presale request (spyware-put.rules, Low)
13638 <-> SPYWARE-PUT Adware virus heat runtime detection - initial database connection (spyware-put.rules, Low)
13639 <-> SPYWARE-PUT Hijacker locmag toolbar runtime detection - connection to toolbar (spyware-put.rules, Low)
13640 <-> SPYWARE-PUT Hijacker locmag toolbar runtime detection - hijacks address bar (spyware-put.rules, Low)
13641 <-> SPYWARE-PUT Hijacker eclickz toolbar runtime detection - search traffic (spyware-put.rules, Low)
13643 <-> SPYWARE-PUT Hijacker zztoolbar runtime detection - toolbar traffic (spyware-put.rules, Low)
13644 <-> SPYWARE-PUT Hijacker zztoolbar runtime detection - search traffic (spyware-put.rules, Low)
13645 <-> SPYWARE-PUT Hijacker mxs toolbar runtime detection (spyware-put.rules, Low)
13646 <-> SPYWARE-PUT Adware registry defender runtime detection - presale request (spyware-put.rules, Low)
13647 <-> SPYWARE-PUT Adware registry defender runtime detection - error report request (spyware-put.rules, Low)
13648 <-> SPYWARE-PUT Hijacker mysearch bar 2.0.2.28 runtime detection (spyware-put.rules, Low)
13649 <-> SPYWARE-PUT Adware spyware stop runtime detection - presale request (spyware-put.rules, Low)
13650 <-> SPYWARE-PUT Adware spyware stop runtime detection - auto updates (spyware-put.rules, Low)
13653 <-> SPYWARE-PUT Adware cashfiesta adbar runtime detection - updates traffic (spyware-put.rules, Low)
13678 <-> MISC Microsoft EMF metafile access detected (misc.rules, High)
13762 <-> SPYWARE-PUT Adware system defender runtime detection (spyware-put.rules, Low)
13765 <-> SPYWARE-PUT Adware winxdefender runtime detection - presale request (spyware-put.rules, Low)
13766 <-> SPYWARE-PUT Adware winxdefender runtime detection - auto update (spyware-put.rules, Low)
13769 <-> SPYWARE-PUT Hijacker searchnine toolbar runtime detection - hijacks address bar (spyware-put.rules, Low)
13770 <-> SPYWARE-PUT Hijacker searchnine toolbar runtime detection - redirects search function (spyware-put.rules, Low)
13771 <-> SPYWARE-PUT Hijacker music of faith toolbar runtime detection - hijacks search engine traffic #1 (spyware-put.rules, Low)
13772 <-> SPYWARE-PUT Hijacker music of faith toolbar runtime detection - hijacks search engine traffic #2 (spyware-put.rules, Low)
13774 <-> SPYWARE-PUT Trickler trojan ecodec runtime detection - initial server connection #1 (spyware-put.rules, Low)
13775 <-> SPYWARE-PUT Trickler trojan ecodec runtime detection - initial server connection #2 (spyware-put.rules, Low)
13776 <-> SPYWARE-PUT Trackware syscleaner runtime detection - presale traffic (spyware-put.rules, Medium)
13777 <-> SPYWARE-PUT Trackware syscleaner runtime detection - get update (spyware-put.rules, Medium)
13779 <-> SPYWARE-PUT Trackware proofile toolbar runtime detection (spyware-put.rules, Medium)
13780 <-> SPYWARE-PUT Hijacker find.fm toolbar runtime detection - automatic updates (spyware-put.rules, Low)
13781 <-> SPYWARE-PUT Hijacker find.fm toolbar runtime detection - hijacks address bar (spyware-put.rules, Low)
13782 <-> SPYWARE-PUT Hijacker ezreward runtime detection (spyware-put.rules, Low)
13808 <-> SPYWARE-PUT Adware ie antivirus runtime detection - presale request (spyware-put.rules, Low)
13809 <-> SPYWARE-PUT Adware ie antivirus runtime detection - update request (spyware-put.rules, Low)
13811 <-> SPYWARE-PUT Adware xp antivirus runtime detection (spyware-put.rules, Low)
13815 <-> BACKDOOR zombget.03 runtime detection (backdoor.rules, High)
13847 <-> SPYWARE-PUT Adware phoenician casino runtime detection (spyware-put.rules, Low)
13848 <-> SPYWARE-PUT Trickler zwinky runtime detection (spyware-put.rules, Low)
13850 <-> SPYWARE-PUT Adware roogoo 2.0 runtime detection - popup ads (spyware-put.rules, Low)
13851 <-> SPYWARE-PUT Adware roogoo 2.0 runtime detection - upgrade (spyware-put.rules, Low)
13852 <-> SPYWARE-PUT Hijacker bitroll 5.0 runtime detection (spyware-put.rules, Low)
13853 <-> SPYWARE-PUT Hijacker alot toolbar runtime detection - weather request (spyware-put.rules, Low)
13854 <-> SPYWARE-PUT Hijacker alot toolbar runtime detection - auto update (spyware-put.rules, Low)
13856 <-> BACKDOOR wintrim.z runtime detection (backdoor.rules, High)
13866 <-> SPYWARE-PUT Trackware adclicker-fc.gen.a runtime detection - popup ads (spyware-put.rules, Medium)
13867 <-> SPYWARE-PUT Trackware adclicker-fc.gen.a runtime detection (spyware-put.rules, Medium)
13868 <-> SPYWARE-PUT Adware antispywaremaster runtime detection - start fake scanning (spyware-put.rules, Low)
13869 <-> SPYWARE-PUT Adware antispywaremaster runtime detection - sale/register request (spyware-put.rules, Low)
13870 <-> SPYWARE-PUT Adware coopen 5.0.0.87 runtime detection - init conn (spyware-put.rules, Low)
13871 <-> SPYWARE-PUT Adware coopen 5.0.0.87 runtime detection - ads (spyware-put.rules, Low)
13872 <-> SPYWARE-PUT Trickler fushion 1.2.4.17 runtime detection - notice (spyware-put.rules, Low)
13873 <-> SPYWARE-PUT Trickler fushion 1.2.4.17 runtime detection - underground traffic (spyware-put.rules, Low)
13874 <-> SPYWARE-PUT Adware malware destructor 4.5 runtime detection - order request (spyware-put.rules, Low)
13875 <-> SPYWARE-PUT Adware malware destructor 4.5 runtime detection - auto update (spyware-put.rules, Low)
13924 <-> EXPLOIT Lotus Domino HTTP header overflow attempt (exploit.rules, High)
13930 <-> SPYWARE-PUT Trickler pc privacy cleaner runtime detection - order/register request (spyware-put.rules, Low)
13931 <-> SPYWARE-PUT Trickler pc privacy cleaner runtime detection - auto update (spyware-put.rules, Low)
13934 <-> SPYWARE-PUT Hijacker mediatubecodec 1.470.0 runtime detection - hijack ie (spyware-put.rules, Low)
13935 <-> SPYWARE-PUT Hijacker mediatubecodec 1.470.0 runtime detection - download other malware (spyware-put.rules, Low)
13937 <-> SPYWARE-PUT Hijacker adware.win32.ejik.ec variant runtime detection - call home (spyware-put.rules, Low)
13938 <-> SPYWARE-PUT Hijacker adware.win32.ejik.ec variant runtime detection (spyware-put.rules, Low)
13940 <-> SPYWARE-PUT Hijacker win32.bho.bgf runtime detection (spyware-put.rules, Low)
13941 <-> BACKDOOR trojan agent.nac runtime detection - click fraud (backdoor.rules, High)
13942 <-> BACKDOOR trojan agent.nac runtime detection - call home (backdoor.rules, High)
13943 <-> SPYWARE-PUT Trickler dropper agent.rqg runtime detection (spyware-put.rules, High)
13990 <-> SQL union select - possible sql injection attempt - GET parameter (sql.rules, Medium)
14019 <-> WEB-CLIENT CyberLink PowerDVD playlist file handling stack overflow attempt (web-client.rules, High)
14020 <-> WEB-CLIENT CyberLink PowerDVD playlist file handling stack overflow attempt (web-client.rules, High)
14039 <-> EXPLOIT GNOME Project libxslt RC4 key string buffer overflow attempt (exploit.rules, High)
14040 <-> EXPLOIT GNOME Project libxslt RC4 key string buffer overflow attempt (exploit.rules, High)
14041 <-> EXPLOIT GNOME Project libxslt RC4 key string buffer overflow attempt - 2 (exploit.rules, High)
14054 <-> SPYWARE-PUT Adware AdwareALERT runtime detection - auto update (spyware-put.rules, Low)
14055 <-> SPYWARE-PUT Hijacker rediff toolbar runtime detection - hijack ie auto search (spyware-put.rules, Low)
14056 <-> SPYWARE-PUT Hijacker rediff toolbar runtime detection - get news info (spyware-put.rules, Low)
14059 <-> SPYWARE-PUT Hijacker cpush 2 runtime detection - hijack ie home page (spyware-put.rules, Low)
14060 <-> SPYWARE-PUT Hijacker cpush 2 runtime detection - auto update (spyware-put.rules, Low)
14061 <-> SPYWARE-PUT Trickler antimalware guard runtime detection - order/register request (spyware-put.rules, Low)
14062 <-> SPYWARE-PUT Trickler antimalware guard runtime detection - auto update (spyware-put.rules, Low)
14063 <-> SPYWARE-PUT Hijacker cashon runtime detection - hijack ie searches (spyware-put.rules, Low)
14064 <-> SPYWARE-PUT Hijacker cashon runtime detection - auto update (spyware-put.rules, Low)
14068 <-> SPYWARE-PUT Adware rond runtime detection (spyware-put.rules, Low)
14069 <-> SPYWARE-PUT Adware brave sentry runtime detection - order request (spyware-put.rules, Low)
14070 <-> SPYWARE-PUT Adware brave sentry runtime detection - self update (spyware-put.rules, Low)
14071 <-> SPYWARE-PUT Hijacker Adware bho.gen runtime detection - pop-up window traffic #1 (spyware-put.rules, Low)
14072 <-> SPYWARE-PUT Hijacker Adware bho.gen runtime detection - pop-up window traffic #2 (spyware-put.rules, Low)
14073 <-> SPYWARE-PUT Hijacker Adware bho.gen runtime detection - prompt download page (spyware-put.rules, Low)
14076 <-> SPYWARE-PUT Hijacker Adware win32 mostofate runtime detection - hijack search (spyware-put.rules, Low)
14077 <-> SPYWARE-PUT Hijacker Adware win32 mostofate runtime detection - redirect search results (spyware-put.rules, Low)
14078 <-> SPYWARE-PUT Adware winspywareprotect runtime detection - download malicous code (spyware-put.rules, Low)
14079 <-> SPYWARE-PUT Adware winspywareprotect runtime detection - connection to malicious sites (spyware-put.rules, Low)
14080 <-> SPYWARE-PUT Adware winspywareprotect runtime detection - connection to malicious server (spyware-put.rules, Low)
14081 <-> BACKDOOR trojan agent.aarm runtime detection - call home (backdoor.rules, High)
14083 <-> BACKDOOR trojan agent.aarm runtime detection - download other malware (backdoor.rules, High)
14084 <-> BACKDOOR infostealer.banker.c runtime detection - download cfg.bin (backdoor.rules, High)
14085 <-> BACKDOOR infostealer.banker.c runtime detection - collect user info (backdoor.rules, High)
14086 <-> BACKDOOR Adware.Win32.Agent.BM runtime detection #1 (backdoor.rules, High)
14087 <-> BACKDOOR Adware.Win32.Agent.BM runtime detection #2 (backdoor.rules, High)
14610 <-> WEB-PHP Joomla invalid token administrative password reset attempt (web-php.rules, High)
15172 <-> POLICY XBOX avatar retrieval request (policy.rules, High)
15424 <-> WEB-PHP phpBB mod shoutbox sql injection attempt (web-php.rules, High)
15425 <-> WEB-PHP phpBB mod tag board sql injection attempt (web-php.rules, High)
15432 <-> WEB-PHP wordpress cat parameter arbitrary file execution attempt (web-php.rules, High)
15434 <-> WEB-MISC HP OpenView Network Node Manager OvOSLocale parameter buffer overflow attempt (web-misc.rules, High)
15477 <-> EXPLOIT Oracle BEA WebLogic overlong JESSIONID buffer overflow attempt (exploit.rules, Medium)
15560 <-> CHAT Yahoo Messenger web client activity (chat.rules, High)
15561 <-> CHAT AOL Aimexpress web client login (chat.rules, High)
15566 <-> SPYWARE-PUT Gumblar HTTP GET request attempt (spyware-put.rules, High)
15567 <-> SPYWARE-PUT Martuz HTTP GET request attempt (spyware-put.rules, High)
15576 <-> CHAT MSN Messenger web client login (chat.rules, High)
15577 <-> CHAT MSN Messenger web client activity (chat.rules, High)
15579 <-> SPECIFIC-THREATS Squid NTLM fakeauth_auth Helper denial of service attempt (specific-threats.rules, Medium)
15580 <-> SPECIFIC-THREATS Squid oversized reply header handling exploit attempt (specific-threats.rules, Medium)
15994 <-> SPECIFIC-THREATS Squid strListGetItem denial of service attempt (specific-threats.rules, Medium)
15996 <-> SPECIFIC-THREATS Microsoft Negotiate SSP buffer overflow attempt (specific-threats.rules, High)
16032 <-> WEB-CLIENT Microsoft Internet Explorer HTML Decoding memory corruption attempt (web-client.rules, High)
16061 <-> MISC X PixMap file download (misc.rules, Low)
16062 <-> MISC ACD Systems ACDSee Products XPM values section buffer overflow attempt (misc.rules, High)
16079 <-> WEB-CGI uselang code injection (web-cgi.rules, High)
16095 <-> BACKDOOR td.exe runtime detection - getfile (backdoor.rules, High)
16097 <-> BACKDOOR trojan win32.agent.vvm runtime detection (backdoor.rules, High)
16099 <-> BACKDOOR trojan-dropper.win32.agent.wdv runtime detection (backdoor.rules, High)
16105 <-> BACKDOOR trojan.zlob runtime detection - topqualityads (backdoor.rules, High)
16109 <-> BACKDOOR trojan-downloader.win32.zlob.wwv runtime detection - onestoponlineshop (backdoor.rules, High)
16110 <-> BACKDOOR trojan-downloader.win32.zlob.wwv runtime detection - childhe (backdoor.rules, High)
16111 <-> BACKDOOR trojan-downloader.win32.zlob.wwv installtime detection (backdoor.rules, High)
16112 <-> BACKDOOR trojan downloader.agent.vhb runtime detection - contact remote server (backdoor.rules, High)
16113 <-> BACKDOOR trojan downloader.agent.vhb runtime detection - request login page (backdoor.rules, High)
16114 <-> SPYWARE-PUT Hijacker cramtoolbar runtime detection - hijack (spyware-put.rules, Low)
16115 <-> SPYWARE-PUT Hijacker cramtoolbar runtime detection - search (spyware-put.rules, Low)
16118 <-> SPYWARE-PUT Adware winreanimator runtime detection - register request (spyware-put.rules, Low)
16119 <-> SPYWARE-PUT Adware winreanimator runtime detection - daily update (spyware-put.rules, Low)
16120 <-> SPYWARE-PUT Trackware 6sq toolbar runtime detection (spyware-put.rules, Medium)
16121 <-> SPYWARE-PUT Hijacker weatherstudio runtime detection (spyware-put.rules, Low)
16122 <-> SPYWARE-PUT rogue antivirus xp 2008 runtime detection - buy (spyware-put.rules, Low)
16123 <-> SPYWARE-PUT rogue antivirus xp 2008 runtime detection - update (spyware-put.rules, Low)
16124 <-> SPYWARE-PUT downloader trojan.nsis.agent.s runtime detection (spyware-put.rules, Low)
16126 <-> SPYWARE-PUT Trickler virusremover 2008 runtime detection (spyware-put.rules, Low)
16129 <-> SPYWARE-PUT Keylogger kamyab Keylogger v.3 runtime detection (spyware-put.rules, Medium)
16132 <-> SPYWARE-PUT Trackware owlforce runtime detection - remote server #1 (spyware-put.rules, Medium)
16133 <-> SPYWARE-PUT Trackware owlforce runtime detection - remote server #2 (spyware-put.rules, Medium)
16134 <-> SPYWARE-PUT Adware spyware guard 2008 runtime detection - contacts remote server (spyware-put.rules, Low)
16135 <-> SPYWARE-PUT Adware spyware guard 2008 runtime detection - purchase page (spyware-put.rules, Low)
16136 <-> SPYWARE-PUT Hijacker xp antispyware 2009 runtime detection - pre-sale webpage (spyware-put.rules, Low)
16138 <-> SPYWARE-PUT Hacker-Tool 0desa msn pass stealer 8.5 runtime detection (spyware-put.rules, Low)
16139 <-> SPYWARE-PUT downloader_trojan.gen2 runtime detection - scanner page (spyware-put.rules, Low)
16218 <-> WEB-MISC Content-Length request offset smuggling attempt (web-misc.rules, Medium)
16255 <-> BACKDOOR rogue software system security 2009 installtime detection (backdoor.rules, High)
16274 <-> SPYWARE-PUT Trickler trojan-spy.win32.pophot runtime detection - connect to server (spyware-put.rules, Low)
16275 <-> SPYWARE-PUT Trickler trojan-spy.win32.pophot runtime detection - download files (spyware-put.rules, Low)
16276 <-> SPYWARE-PUT Trickler win32-fakealert.kl runtime detection (spyware-put.rules, Low)
16277 <-> SPYWARE-PUT Trickler win32-fakealert.kl installtime detection - downloads malicious files (spyware-put.rules, Low)
16278 <-> SPYWARE-PUT Trickler win32-fakealert.kl installime detection - updates remote server (spyware-put.rules, Low)
16313 <-> POLICY download of executable content - x-header (policy.rules, High)
16356 <-> WEB-IIS multiple extension code execution attempt (web-iis.rules, High)
16431 <-> SQL generic sql with comments injection attempt - GET parameter (sql.rules, High)
16440 <-> SPECIFIC-THREATS Possible Zeus User-Agent - ie (specific-threats.rules, High)
16456 <-> SPYWARE-PUT Rogue-Software ang antivirus 09 runtime detection (spyware-put.rules, High)
16459 <-> SPECIFIC-THREATS Trojan command and control communication attempt (specific-threats.rules, High)
16460 <-> DELETED WEB-MISC text/html content-type without HTML - possible malware C&C (deleted.rules, Medium)
16480 <-> SPECIFIC-THREATS Apache mod_isapi dangling pointer exploit attempt (specific-threats.rules, High)
16489 <-> SPYWARE-PUT Bobax botnet contact to C&C server attempt (spyware-put.rules, High)
16494 <-> SPYWARE-PUT Cutwail spambot server communication attempt (spyware-put.rules, High)
16495 <-> SPYWARE-PUT Rustock botnet contact to C&C server attempt (spyware-put.rules, High)
16496 <-> SPYWARE-PUT Trojan hacktool attempt to contact server (spyware-put.rules, High)
16498 <-> SPYWARE-PUT PC Antispyware 2010 FakeAV download/update attempt (spyware-put.rules, High)
16525 <-> CHAT MSN Messenger web login attempt (chat.rules, High)
16555 <-> WEB-MISC HP Openview Network Node Manager OvAcceptLang overflow attempt (web-misc.rules, High)