Sourcefire VRT Rules Update

Date: 2011-04-19

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2.9.0.4.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:18679 <-> ENABLED <-> EXPLOIT Sun Java Applet2ClassLoader Remote Code Execution (exploit.rules)
 * 1:18678 <-> ENABLED <-> EXPLOIT osCommerce categories.php Arbitrary File Upload And Code Execution (exploit.rules)

Modified Rules:


 * 1:2051 <-> DISABLED <-> WEB-CGI cached_feed.cgi moreover shopping cart access (web-cgi.rules)
 * 1:2046 <-> DISABLED <-> IMAP partial body.peek buffer overflow attempt (imap.rules)
 * 1:2002 <-> DISABLED <-> WEB-PHP remote include path (web-php.rules)
 * 1:2001 <-> DISABLED <-> WEB-CGI smartsearch.cgi access (web-cgi.rules)
 * 1:2000 <-> DISABLED <-> WEB-PHP readmsg.php access (web-php.rules)
 * 1:1999 <-> DISABLED <-> WEB-PHP edit_image.php access (web-php.rules)
 * 1:1998 <-> DISABLED <-> WEB-PHP calendar.php access (web-php.rules)
 * 1:1997 <-> DISABLED <-> WEB-PHP read_body.php access attempt (web-php.rules)
 * 1:1996 <-> DISABLED <-> WEB-CGI viralator.cgi access (web-cgi.rules)
 * 1:1995 <-> DISABLED <-> WEB-CGI alya.cgi access (web-cgi.rules)
 * 1:1994 <-> DISABLED <-> WEB-CGI vpasswd.cgi access (web-cgi.rules)
 * 1:1993 <-> DISABLED <-> IMAP login literal buffer overflow attempt (imap.rules)
 * 1:1968 <-> DISABLED <-> WEB-PHP phpbb quick-reply.php access (web-php.rules)
 * 1:1967 <-> DISABLED <-> WEB-PHP phpbb quick-reply.php arbitrary command attempt (web-php.rules)
 * 1:1948 <-> DISABLED <-> DNS zone transfer UDP (dns.rules)
 * 1:1933 <-> DISABLED <-> WEB-CGI cart.cgi access (web-cgi.rules)
 * 1:1932 <-> DISABLED <-> WEB-CGI rpc-smb.pl access (web-cgi.rules)
 * 1:1931 <-> DISABLED <-> WEB-CGI rpc-nlog.pl access (web-cgi.rules)
 * 1:1893 <-> DISABLED <-> SNMP missing community string attempt (snmp.rules)
 * 1:1892 <-> DISABLED <-> SNMP null community string attempt (snmp.rules)
 * 1:1879 <-> DISABLED <-> WEB-CGI book.cgi arbitrary command execution attempt (web-cgi.rules)
 * 1:842 <-> DISABLED <-> WEB-CGI aglimpse access (web-cgi.rules)
 * 1:8410 <-> DISABLED <-> WEB-ACTIVEX RealPlayer Stream Handler ActiveX clsid unicode access (web-activex.rules)
 * 1:8409 <-> DISABLED <-> WEB-ACTIVEX RealPlayer Stream Handler ActiveX clsid access (web-activex.rules)
 * 1:840 <-> DISABLED <-> WEB-CGI perlshop.cgi access (web-cgi.rules)
 * 1:8390 <-> DISABLED <-> WEB-ACTIVEX RealPlayer RMP Download Handler ActiveX clsid unicode access (web-activex.rules)
 * 1:839 <-> DISABLED <-> WEB-CGI finger access (web-cgi.rules)
 * 1:8389 <-> DISABLED <-> WEB-ACTIVEX RealPlayer RMP Download Handler ActiveX clsid access (web-activex.rules)
 * 1:8388 <-> DISABLED <-> WEB-ACTIVEX RealPlayer RNX Download Handler ActiveX clsid unicode access (web-activex.rules)
 * 1:8387 <-> DISABLED <-> WEB-ACTIVEX RealPlayer RNX Download Handler ActiveX clsid access (web-activex.rules)
 * 1:8386 <-> DISABLED <-> WEB-ACTIVEX RealPlayer Playback Handler ActiveX clsid unicode access (web-activex.rules)
 * 1:8385 <-> DISABLED <-> WEB-ACTIVEX RealPlayer Playback Handler ActiveX clsid access (web-activex.rules)
 * 1:8384 <-> DISABLED <-> WEB-ACTIVEX RealPlayer RAM Download Handler ActiveX clsid unicode access (web-activex.rules)
 * 1:8383 <-> DISABLED <-> WEB-ACTIVEX RealPlayer RAM Download Handler ActiveX clsid access (web-activex.rules)
 * 1:8382 <-> DISABLED <-> WEB-ACTIVEX RealPlayer SMIL Download Handler ActiveX clsid unicode access (web-activex.rules)
 * 1:8381 <-> DISABLED <-> WEB-ACTIVEX RealPlayer SMIL Download Handler ActiveX clsid access (web-activex.rules)
 * 1:838 <-> DISABLED <-> WEB-CGI webgais access (web-cgi.rules)
 * 1:8378 <-> DISABLED <-> WEB-ACTIVEX RealPlayer Download Handler ActiveX clsid unicode access (web-activex.rules)
 * 1:8377 <-> DISABLED <-> WEB-ACTIVEX RealPlayer Download Handler ActiveX clsid access (web-activex.rules)
 * 1:837 <-> DISABLED <-> WEB-CGI uploader.exe access (web-cgi.rules)
 * 1:836 <-> DISABLED <-> WEB-CGI textcounter.pl access (web-cgi.rules)
 * 1:835 <-> DISABLED <-> WEB-CGI test-cgi access (web-cgi.rules)
 * 1:834 <-> DISABLED <-> WEB-CGI rwwwshell.pl access (web-cgi.rules)
 * 1:833 <-> DISABLED <-> WEB-CGI rguest.exe access (web-cgi.rules)
 * 1:832 <-> DISABLED <-> WEB-CGI perl.exe access (web-cgi.rules)
 * 1:829 <-> DISABLED <-> WEB-CGI nph-test-cgi access (web-cgi.rules)
 * 1:828 <-> DISABLED <-> WEB-CGI maillist.pl access (web-cgi.rules)
 * 1:827 <-> DISABLED <-> WEB-CGI info2www access (web-cgi.rules)
 * 1:826 <-> DISABLED <-> WEB-CGI htmlscript access (web-cgi.rules)
 * 1:825 <-> DISABLED <-> WEB-CGI glimpse access (web-cgi.rules)
 * 1:824 <-> DISABLED <-> WEB-CGI php.cgi access (web-cgi.rules)
 * 1:823 <-> DISABLED <-> WEB-CGI cvsweb.cgi access (web-cgi.rules)
 * 1:821 <-> DISABLED <-> WEB-CGI imagemap.exe overflow attempt (web-cgi.rules)
 * 1:820 <-> DISABLED <-> WEB-CGI anaconda directory transversal attempt (web-cgi.rules)
 * 1:819 <-> DISABLED <-> WEB-CGI mmstdod.cgi access (web-cgi.rules)
 * 1:818 <-> DISABLED <-> WEB-CGI dcforum.cgi access (web-cgi.rules)
 * 1:817 <-> DISABLED <-> WEB-CGI dcboard.cgi invalid user addition attempt (web-cgi.rules)
 * 1:8157 <-> ENABLED <-> NETBIOS DCERPC NCACN-IP-TCP webdav DavrCreateConnection hostname overflow attempt (netbios.rules)
 * 1:815 <-> DISABLED <-> WEB-CGI websendmail access (web-cgi.rules)
 * 1:813 <-> DISABLED <-> WEB-CGI webplus directory traversal (web-cgi.rules)
 * 1:812 <-> DISABLED <-> WEB-CGI webplus version access (web-cgi.rules)
 * 1:811 <-> DISABLED <-> WEB-CGI websitepro path access (web-cgi.rules)
 * 1:810 <-> DISABLED <-> WEB-CGI whois_raw.cgi access (web-cgi.rules)
 * 1:809 <-> DISABLED <-> WEB-CGI whois_raw.cgi arbitrary command execution attempt (web-cgi.rules)
 * 1:8084 <-> DISABLED <-> WEB-CGI CVSTrac filediff function access (web-cgi.rules)
 * 1:808 <-> DISABLED <-> WEB-CGI webdriver access (web-cgi.rules)
 * 1:807 <-> DISABLED <-> WEB-CGI /wwwboard/passwd.txt access (web-cgi.rules)
 * 1:806 <-> DISABLED <-> WEB-CGI yabb directory traversal attempt (web-cgi.rules)
 * 1:8057 <-> DISABLED <-> MYSQL Date_Format denial of service attempt (mysql.rules)
 * 1:8055 <-> DISABLED <-> WEB-ACTIVEX DirectAnimation.PathControl ActiveX function call access (web-activex.rules)
 * 1:8054 <-> DISABLED <-> WEB-ACTIVEX DirectAnimation.PathControl ActiveX CLSID unicode access (web-activex.rules)
 * 1:8053 <-> DISABLED <-> WEB-ACTIVEX DirectAnimation.PathControl ActiveX CLSID access (web-activex.rules)
 * 1:805 <-> DISABLED <-> WEB-CGI webspeed access (web-cgi.rules)
 * 1:804 <-> DISABLED <-> WEB-CGI SWSoft ASPSeek Overflow attempt (web-cgi.rules)
 * 1:803 <-> DISABLED <-> WEB-CGI HyperSeek hsx.cgi directory traversal attempt (web-cgi.rules)
 * 1:7982 <-> DISABLED <-> WEB-ACTIVEX Snapshot Viewer General Property Page Object ActiveX clsid unicode access (web-activex.rules)
 * 1:7981 <-> DISABLED <-> WEB-ACTIVEX Snapshot Viewer General Property Page Object ActiveX clsid access (web-activex.rules)
 * 1:7980 <-> DISABLED <-> WEB-ACTIVEX ShockwaveFlash.ShockwaveFlash.9 ActiveX function call access (web-activex.rules)
 * 1:7979 <-> DISABLED <-> WEB-ACTIVEX ShockwaveFlash.ShockwaveFlash ActiveX clsid unicode access (web-activex.rules)
 * 1:7978 <-> DISABLED <-> WEB-ACTIVEX ShockwaveFlash.ShockwaveFlash ActiveX clsid access (web-activex.rules)
 * 1:7877 <-> DISABLED <-> WEB-ACTIVEX Microsoft Office Data Source Control 10.0 ActiveX clsid unicode access (web-activex.rules)
 * 1:7876 <-> DISABLED <-> WEB-ACTIVEX Microsoft Office Data Source Control 10.0 ActiveX clsid access (web-activex.rules)
 * 1:7873 <-> DISABLED <-> WEB-ACTIVEX Microsoft Office Spreadsheet 10.0 ActiveX clsid unicode access (web-activex.rules)
 * 1:7872 <-> DISABLED <-> WEB-ACTIVEX Microsoft Office Spreadsheet 10.0 ActiveX clsid access (web-activex.rules)
 * 1:7871 <-> DISABLED <-> WEB-ACTIVEX Microsoft Office Data Source Control 9.0 ActiveX clsid unicode access (web-activex.rules)
 * 1:7870 <-> DISABLED <-> WEB-ACTIVEX Microsoft Office Data Source Control 9.0 ActiveX clsid access (web-activex.rules)
 * 1:7839 <-> DISABLED <-> SPYWARE-PUT Hijacker rx toolbar runtime detection (spyware-put.rules)
 * 1:7503 <-> ENABLED <-> WEB-ACTIVEX tsuserex.ADsTSUserEx.1 ActiveX clsid unicode access (web-activex.rules)
 * 1:7502 <-> ENABLED <-> WEB-ACTIVEX tsuserex.ADsTSUserEx.1 ActiveX clsid access (web-activex.rules)
 * 1:7436 <-> ENABLED <-> WEB-ACTIVEX Dynamic Casts ActiveX function call (web-activex.rules)
 * 1:7435 <-> ENABLED <-> WEB-ACTIVEX Dynamic Casts ActiveX clsid access (web-activex.rules)
 * 1:7190 <-> DISABLED <-> SPYWARE-PUT Adware trustyfiles v3.1.0.1 runtime detection - host retrieval (spyware-put.rules)
 * 1:719 <-> DISABLED <-> TELNET root login (telnet.rules)
 * 1:7187 <-> DISABLED <-> SPYWARE-PUT Trackware shopathome user-agent detected (spyware-put.rules)
 * 1:717 <-> DISABLED <-> TELNET not on console (telnet.rules)
 * 1:715 <-> DISABLED <-> TELNET Attempted SU from wrong group (telnet.rules)
 * 1:714 <-> DISABLED <-> TELNET resolv_host_conf (telnet.rules)
 * 1:713 <-> DISABLED <-> TELNET livingston DOS (telnet.rules)
 * 1:712 <-> DISABLED <-> TELNET ld_library_path (telnet.rules)
 * 1:711 <-> DISABLED <-> TELNET SGI telnetd format bug (telnet.rules)
 * 1:710 <-> DISABLED <-> TELNET EZsetup account attempt (telnet.rules)
 * 1:709 <-> DISABLED <-> TELNET 4Dgifts SGI account attempt (telnet.rules)
 * 1:7042 <-> ENABLED <-> NETBIOS-DG SMB Trans unicode andx mailslot heap overflow attempt (netbios.rules)
 * 1:7038 <-> ENABLED <-> NETBIOS-DG SMB Trans unicode mailslot heap overflow attempt (netbios.rules)
 * 1:7037 <-> ENABLED <-> NETBIOS-DG SMB Trans mailslot heap overflow attempt (netbios.rules)
 * 1:6810 <-> ENABLED <-> NETBIOS DCERPC NCACN-IP-TCP rras RasRpcSetUserPreferences area/country overflow attempt (netbios.rules)
 * 1:6584 <-> ENABLED <-> NETBIOS DCERPC NCACN-IP-TCP rras RasRpcSubmitRequest overflow attempt (netbios.rules)
 * 1:6411 <-> DISABLED <-> WEB-FRONTPAGE frontpage server extension long host string overflow attempt (web-frontpage.rules)
 * 1:6410 <-> DISABLED <-> WEB-FRONTPAGE frontpage server extension long host string overflow attempt (web-frontpage.rules)
 * 1:6409 <-> DISABLED <-> WEB-FRONTPAGE frontpage server extension long host string overflow attempt (web-frontpage.rules)
 * 1:6403 <-> ENABLED <-> WEB-PHP horde help module arbitrary command execution attempt (web-php.rules)
 * 1:6368 <-> DISABLED <-> SPYWARE-PUT Adware flashtrack media/spoton runtime detection - update request (spyware-put.rules)
 * 1:6271 <-> DISABLED <-> SPYWARE-PUT Trickler bundleware runtime detection (spyware-put.rules)
 * 1:5854 <-> DISABLED <-> SPYWARE-PUT Adware warez_p2p runtime detection - pass user information (spyware-put.rules)
 * 1:5853 <-> DISABLED <-> SPYWARE-PUT Adware warez_p2p runtime detection - download ads (spyware-put.rules)
 * 1:5852 <-> DISABLED <-> SPYWARE-PUT Adware warez_p2p runtime detection - cache.dat request (spyware-put.rules)
 * 1:5851 <-> DISABLED <-> SPYWARE-PUT Adware warez_p2p runtime detection - .txt .dat and .lst requests (spyware-put.rules)
 * 1:5850 <-> DISABLED <-> SPYWARE-PUT Adware warez_p2p runtime detection - check update (spyware-put.rules)
 * 1:5849 <-> DISABLED <-> SPYWARE-PUT Adware warez_p2p runtime detection - update request (spyware-put.rules)
 * 1:5848 <-> DISABLED <-> SPYWARE-PUT Adware warez_p2p runtime detection - ip.php request (spyware-put.rules)
 * 1:5847 <-> DISABLED <-> SPYWARE-PUT Adware warez_p2p runtime detection - p2p client home (spyware-put.rules)
 * 1:5797 <-> DISABLED <-> POLICY kontiki runtime detection (policy.rules)
 * 1:5709 <-> DISABLED <-> WEB-PHP file upload directory traversal (web-php.rules)
 * 1:5705 <-> DISABLED <-> IMAP CAPABILITY overflow attempt (imap.rules)
 * 1:5704 <-> DISABLED <-> IMAP SELECT overflow attempt (imap.rules)
 * 1:5703 <-> DISABLED <-> IMAP unsubscribe directory traversal attempt (imap.rules)
 * 1:5702 <-> DISABLED <-> IMAP SUBSCRIBE directory traversal attempt (imap.rules)
 * 1:5701 <-> DISABLED <-> IMAP status directory traversal attempt (imap.rules)
 * 1:5700 <-> DISABLED <-> IMAP rename directory traversal attempt (imap.rules)
 * 1:5699 <-> DISABLED <-> IMAP lsub directory traversal attempt (imap.rules)
 * 1:5698 <-> DISABLED <-> IMAP list directory traversal attempt (imap.rules)
 * 1:5697 <-> DISABLED <-> IMAP examine directory traversal attempt (imap.rules)
 * 1:5696 <-> DISABLED <-> IMAP delete directory traversal attempt (imap.rules)
 * 1:5682 <-> DISABLED <-> NETBIOS SMB Session Setup unicode andx username overflow attempt (netbios.rules)
 * 1:5677 <-> DISABLED <-> NETBIOS SMB Session Setup username overflow attempt (netbios.rules)
 * 1:529 <-> ENABLED <-> NETBIOS DCERPC NCACN-IP-TCP srvsvc NetrShareEnum null policy handle attempt (netbios.rules)
 * 1:520 <-> DISABLED <-> TFTP root directory (tftp.rules)
 * 1:519 <-> DISABLED <-> TFTP parent directory (tftp.rules)
 * 1:518 <-> DISABLED <-> TFTP Put (tftp.rules)
 * 1:5096 <-> ENABLED <-> NETBIOS DCERPC NCADG-IP-UDP lsass DsRolerGetPrimaryDomainInformation attempt (netbios.rules)
 * 1:5095 <-> ENABLED <-> NETBIOS DCERPC NCACN-IP-TCP lsass DsRolerGetPrimaryDomainInformation attempt (netbios.rules)
 * 1:495 <-> ENABLED <-> ATTACK-RESPONSES command error (attack-responses.rules)
 * 1:4918 <-> ENABLED <-> NETBIOS DCERPC NCACN-IP-TCP umpnpmgr PNP_GetDeviceList dos attempt (netbios.rules)
 * 1:4826 <-> ENABLED <-> NETBIOS DCERPC NCACN-IP-TCP umpnpmgr PNP_GetRootDeviceInstance attempt (netbios.rules)
 * 1:4649 <-> DISABLED <-> MYSQL create function buffer overflow attempt (mysql.rules)
 * 1:4646 <-> DISABLED <-> IMAP search literal format string attempt (imap.rules)
 * 1:4645 <-> DISABLED <-> IMAP search format string attempt (imap.rules)
 * 1:4608 <-> ENABLED <-> NETBIOS DCERPC NCACN-IP-TCP netware_cs function 43 overflow attempt (netbios.rules)
 * 1:4413 <-> ENABLED <-> NETBIOS DCERPC NCACN-IP-TCP spoolss AddPrinterEx overflow attempt (netbios.rules)
 * 1:4334 <-> ENABLED <-> NETBIOS DCERPC NCACN-IP-TCP umpnpmgr PNP_GetDeviceList attempt (netbios.rules)
 * 1:4177 <-> DISABLED <-> WEB-ACTIVEX Office 2000 and 2002 Web Components Spreadsheet ActiveX clsid access (web-activex.rules)
 * 1:4173 <-> ENABLED <-> WEB-ACTIVEX MsnPUpld ActiveX Object Access (web-activex.rules)
 * 1:4171 <-> ENABLED <-> WEB-ACTIVEX Registration Wizard ActiveX Object Access (web-activex.rules)
 * 1:4170 <-> DISABLED <-> WEB-ACTIVEX Office 2000 and 2002 Web Components Data Source Control ActiveX clsid access (web-activex.rules)
 * 1:4167 <-> DISABLED <-> WEB-ACTIVEX MSN Heartbeat ActiveX clsid access (web-activex.rules)
 * 1:4148 <-> DISABLED <-> WEB-ACTIVEX DHTML Editing ActiveX clsid access (web-activex.rules)
 * 1:4128 <-> ENABLED <-> WEB-CGI 4DWebstar ShellExample.cgi information disclosure (web-cgi.rules)
 * 1:3827 <-> DISABLED <-> WEB-PHP xmlrpc.php post attempt (web-php.rules)
 * 1:3818 <-> DISABLED <-> TFTP PUT transfer mode overflow attempt (tftp.rules)
 * 1:3817 <-> DISABLED <-> TFTP GET transfer mode overflow attempt (tftp.rules)
 * 1:3813 <-> ENABLED <-> WEB-CGI awstats.pl configdir command execution attempt (web-cgi.rules)
 * 1:3697 <-> ENABLED <-> NETBIOS DCERPC NCACN-IP-TCP veritas bind attempt (netbios.rules)
 * 1:3690 <-> ENABLED <-> WEB-CGI Nucleus CMS action.php itemid SQL injection (web-cgi.rules)
 * 1:3688 <-> DISABLED <-> TELNET client ENV OPT VAR information disclosure (telnet.rules)
 * 1:3687 <-> DISABLED <-> TELNET client ENV OPT USERVAR information disclosure (telnet.rules)
 * 1:3674 <-> ENABLED <-> WEB-CGI db4web_c directory traversal attempt (web-cgi.rules)
 * 1:3672 <-> DISABLED <-> MYSQL client overflow attempt (mysql.rules)
 * 1:3671 <-> DISABLED <-> MYSQL protocol 41 client overflow attempt (mysql.rules)
 * 1:3670 <-> DISABLED <-> MYSQL secure client overflow attempt (mysql.rules)
 * 1:3669 <-> DISABLED <-> MYSQL protocol 41 secure client overflow attempt (mysql.rules)
 * 1:3668 <-> DISABLED <-> MYSQL client authentication bypass attempt (mysql.rules)
 * 1:3667 <-> DISABLED <-> MYSQL protocol 41 client authentication bypass attempt (mysql.rules)
 * 1:3638 <-> DISABLED <-> WEB-CGI SoftCart.exe CGI buffer overflow attempt (web-cgi.rules)
 * 1:3631 <-> ENABLED <-> ORACLE ftp user name buffer overflow attempt (oracle.rules)
 * 1:3630 <-> DISABLED <-> ORACLE ftp TEST command buffer overflow attempt (oracle.rules)
 * 1:3591 <-> ENABLED <-> NETBIOS DCERPC NCADG-IP-UDP mqqm QMDeleteObject overflow attempt (netbios.rules)
 * 1:3590 <-> ENABLED <-> NETBIOS DCERPC NCACN-IP-TCP mqqm QMDeleteObject overflow attempt (netbios.rules)
 * 1:3537 <-> DISABLED <-> TELNET client ENV OPT escape overflow attempt (telnet.rules)
 * 1:3533 <-> DISABLED <-> TELNET client LINEMODE SLC overflow attempt (telnet.rules)
 * 1:3532 <-> DISABLED <-> ORACLE ftp password buffer overflow attempt (oracle.rules)
 * 1:3528 <-> DISABLED <-> MYSQL create function access attempt (mysql.rules)
 * 1:3492 <-> DISABLED <-> IMAP TLSv1 Server_Hello request (imap.rules)
 * 1:3491 <-> DISABLED <-> IMAP SSLv2 Server_Hello request (imap.rules)
 * 1:3490 <-> DISABLED <-> IMAP TLSv1 Client_Hello via SSLv2 handshake request (imap.rules)
 * 1:3489 <-> DISABLED <-> IMAP TLSv1 Client_Hello request (imap.rules)
 * 1:3488 <-> DISABLED <-> IMAP SSLv2 Client_Hello with pad request (imap.rules)
 * 1:3487 <-> DISABLED <-> IMAP SSLv2 Client_Hello request (imap.rules)
 * 1:3469 <-> DISABLED <-> WEB-CGI Ipswitch WhatsUp Gold dos attempt (web-cgi.rules)
 * 1:3468 <-> DISABLED <-> WEB-CGI math_sum.mscgi access (web-cgi.rules)
 * 1:3465 <-> DISABLED <-> WEB-CGI RiSearch show.pl proxy attempt (web-cgi.rules)
 * 1:3464 <-> DISABLED <-> WEB-CGI awstats.pl command execution attempt (web-cgi.rules)
 * 1:3463 <-> DISABLED <-> WEB-CGI awstats access (web-cgi.rules)
 * 1:3456 <-> DISABLED <-> MYSQL 4.0 root login attempt (mysql.rules)
 * 1:3274 <-> DISABLED <-> TELNET login buffer non-evasive overflow attempt (telnet.rules)
 * 1:3239 <-> ENABLED <-> NETBIOS DCERPC NCADG-IP-UDP irot IrotIsRunning/Revoke overflow attempt (netbios.rules)
 * 1:3238 <-> ENABLED <-> NETBIOS DCERPC NCACN-IP-TCP irot IrotIsRunning/Revoke overflow attempt (netbios.rules)
 * 1:3218 <-> ENABLED <-> NETBIOS DCERPC NCACN-IP-TCP winreg OpenKey overflow attempt (netbios.rules)
 * 1:3154 <-> DISABLED <-> DNS UDP inverse query overflow (dns.rules)
 * 1:3153 <-> DISABLED <-> DNS TCP inverse query overflow (dns.rules)
 * 1:3147 <-> DISABLED <-> TELNET login buffer overflow attempt (telnet.rules)
 * 1:314 <-> DISABLED <-> DNS EXPLOIT named tsig overflow attempt (dns.rules)
 * 1:3131 <-> DISABLED <-> WEB-CGI mailman directory traversal attempt (web-cgi.rules)
 * 1:3076 <-> DISABLED <-> IMAP UNSUBSCRIBE overflow attempt (imap.rules)
 * 1:3072 <-> DISABLED <-> IMAP status overflow attempt (imap.rules)
 * 1:3070 <-> DISABLED <-> IMAP fetch overflow attempt (imap.rules)
 * 1:3065 <-> DISABLED <-> IMAP append literal overflow attempt (imap.rules)
 * 1:3062 <-> DISABLED <-> WEB-CGI NetScreen SA 5000 delhomepage.cgi access (web-cgi.rules)
 * 1:303 <-> DISABLED <-> DNS EXPLOIT named tsig overflow attempt (dns.rules)
 * 1:3008 <-> DISABLED <-> IMAP delete literal overflow attempt (imap.rules)
 * 1:3007 <-> DISABLED <-> IMAP delete overflow attempt (imap.rules)
 * 1:2936 <-> ENABLED <-> NETBIOS DCERPC NCACN-IP-TCP nddeapi NDdeSetTrustedShareW overflow attempt (netbios.rules)
 * 1:2926 <-> DISABLED <-> WEB-PHP PhpGedView PGV base directory manipulation (web-php.rules)
 * 1:2923 <-> ENABLED <-> NETBIOS SMB repeated logon failure (netbios.rules)
 * 1:2922 <-> DISABLED <-> DNS TCP inverse query (dns.rules)
 * 1:2921 <-> DISABLED <-> DNS UDP inverse query (dns.rules)
 * 1:2670 <-> DISABLED <-> WEB-CGI pgpmail.pl access (web-cgi.rules)
 * 1:267 <-> DISABLED <-> DNS EXPLOIT sparc overflow attempt (dns.rules)
 * 1:2669 <-> DISABLED <-> WEB-CGI ibillpm.pl access (web-cgi.rules)
 * 1:2668 <-> DISABLED <-> WEB-CGI processit access (web-cgi.rules)
 * 1:2664 <-> DISABLED <-> IMAP login format string attempt (imap.rules)
 * 1:2663 <-> DISABLED <-> WEB-CGI WhatsUpGold instancename overflow attempt (web-cgi.rules)
 * 1:266 <-> DISABLED <-> DNS EXPLOIT x86 FreeBSD overflow attempt (dns.rules)
 * 1:2654 <-> DISABLED <-> WEB-PHP PHPNuke Forum viewtopic SQL insertion attempt (web-php.rules)
 * 1:265 <-> DISABLED <-> DNS EXPLOIT x86 Linux overflow attempt ADMv2 (dns.rules)
 * 1:264 <-> DISABLED <-> DNS EXPLOIT x86 Linux overflow attempt (dns.rules)
 * 1:262 <-> DISABLED <-> DNS EXPLOIT x86 Linux overflow attempt (dns.rules)
 * 1:261 <-> DISABLED <-> DNS EXPLOIT named overflow attempt (dns.rules)
 * 1:260 <-> DISABLED <-> DNS EXPLOIT named overflow ADMROCKS (dns.rules)
 * 1:259 <-> DISABLED <-> DNS EXPLOIT named overflow ADM (dns.rules)
 * 1:2588 <-> DISABLED <-> WEB-PHP TUTOS path disclosure attempt (web-php.rules)
 * 1:258 <-> DISABLED <-> DNS EXPLOIT named 8.2->8.2.1 (dns.rules)
 * 1:2575 <-> DISABLED <-> WEB-PHP Opt-X header.php remote file include attempt (web-php.rules)
 * 1:257 <-> DISABLED <-> DNS named version attempt (dns.rules)
 * 1:2568 <-> DISABLED <-> WEB-CGI Emumail emumail.fcgi access (web-cgi.rules)
 * 1:2567 <-> DISABLED <-> WEB-CGI Emumail init.emu access (web-cgi.rules)
 * 1:2566 <-> DISABLED <-> WEB-PHP PHPBB viewforum.php access (web-php.rules)
 * 1:2565 <-> DISABLED <-> WEB-PHP modules.php access (web-php.rules)
 * 1:256 <-> DISABLED <-> DNS named authors attempt (dns.rules)
 * 1:255 <-> DISABLED <-> DNS zone transfer TCP (dns.rules)
 * 1:254 <-> ENABLED <-> DNS SPOOF query response with TTL of 1 min. and no authority (dns.rules)
 * 1:2531 <-> DISABLED <-> IMAP SSLv3 invalid Client_Hello attempt (imap.rules)
 * 1:2530 <-> DISABLED <-> IMAP SSLv3 Server_Hello request (imap.rules)
 * 1:253 <-> ENABLED <-> DNS SPOOF query response PTR with TTL of 1 min. and no authority (dns.rules)
 * 1:2529 <-> DISABLED <-> IMAP SSLv3 Client_Hello request (imap.rules)
 * 1:2517 <-> DISABLED <-> IMAP PCT Client_Hello overflow attempt (imap.rules)
 * 1:2497 <-> DISABLED <-> IMAP SSLv3 invalid data version attempt (imap.rules)
 * 1:2434 <-> DISABLED <-> WEB-CGI MDaemon form2raw.cgi access (web-cgi.rules)
 * 1:2433 <-> DISABLED <-> WEB-CGI MDaemon form2raw.cgi overflow attempt (web-cgi.rules)
 * 1:2410 <-> DISABLED <-> WEB-PHP IGeneric Free Shopping Cart page.php access (web-php.rules)
 * 1:2406 <-> DISABLED <-> TELNET APC SmartSlot default admin account attempt (telnet.rules)
 * 1:2405 <-> DISABLED <-> WEB-PHP phptest.php access (web-php.rules)
 * 1:2403 <-> DISABLED <-> NETBIOS SMB Session Setup unicode username overflow attempt (netbios.rules)
 * 1:2401 <-> DISABLED <-> NETBIOS SMB Session Setup andx username overflow attempt (netbios.rules)
 * 1:2399 <-> DISABLED <-> WEB-PHP WAnewsletter db_type.php access (web-php.rules)
 * 1:2398 <-> DISABLED <-> WEB-PHP WAnewsletter newsletter.php file include attempt (web-php.rules)
 * 1:2397 <-> DISABLED <-> WEB-CGI CCBill whereami.cgi access (web-cgi.rules)
 * 1:2396 <-> DISABLED <-> WEB-CGI CCBill whereami.cgi arbitrary command execution attempt (web-cgi.rules)
 * 1:2393 <-> DISABLED <-> WEB-PHP /_admin access (web-php.rules)
 * 1:2388 <-> DISABLED <-> WEB-CGI streaming server view_broadcast.cgi access (web-cgi.rules)
 * 1:2387 <-> DISABLED <-> WEB-CGI view_broadcast.cgi access (web-cgi.rules)
 * 1:2372 <-> DISABLED <-> WEB-PHP Photopost PHP Pro showphoto.php access (web-php.rules)
 * 1:2368 <-> DISABLED <-> WEB-PHP PhpGedView PGV config_gedcom.php base directory manipulation attempt (web-php.rules)
 * 1:2367 <-> DISABLED <-> WEB-PHP PhpGedView PGV functions.php base directory manipulation attempt (web-php.rules)
 * 1:2366 <-> DISABLED <-> WEB-PHP PhpGedView PGV authentication_index.php base directory manipulation attempt (web-php.rules)
 * 1:2365 <-> DISABLED <-> WEB-PHP newsPHP Language file include attempt (web-php.rules)
 * 1:2364 <-> DISABLED <-> WEB-PHP Cyboards options_form.php access (web-php.rules)
 * 1:2363 <-> DISABLED <-> WEB-PHP Cyboards default_header.php access (web-php.rules)
 * 1:2362 <-> DISABLED <-> WEB-PHP YaBB SE packages.php file include (web-php.rules)
 * 1:2361 <-> DISABLED <-> WEB-PHP news.php file include (web-php.rules)
 * 1:2360 <-> DISABLED <-> WEB-PHP myphpPagetool pt_config.inc file include (web-php.rules)
 * 1:2359 <-> DISABLED <-> WEB-PHP Invision Board ipchat.php file include (web-php.rules)
 * 1:2358 <-> DISABLED <-> WEB-PHP Typo3 translations.php file include (web-php.rules)
 * 1:2357 <-> DISABLED <-> WEB-PHP WebChat english.php file include (web-php.rules)
 * 1:2356 <-> DISABLED <-> WEB-PHP WebChat db_mysql.php file include (web-php.rules)
 * 1:2355 <-> DISABLED <-> WEB-PHP Invision Board emailer.php file include (web-php.rules)
 * 1:2354 <-> DISABLED <-> WEB-PHP IdeaBox notification.php file include (web-php.rules)
 * 1:2353 <-> DISABLED <-> WEB-PHP IdeaBox cord.php file include (web-php.rules)
 * 1:2347 <-> DISABLED <-> WEB-PHP myPHPNuke partner.php access (web-php.rules)
 * 1:2346 <-> DISABLED <-> WEB-PHP myPHPNuke chatheader.php access (web-php.rules)
 * 1:2345 <-> DISABLED <-> WEB-PHP PhpGedView search.php access (web-php.rules)
 * 1:2342 <-> DISABLED <-> WEB-PHP DCP-Portal remote file include lib script attempt (web-php.rules)
 * 1:2341 <-> DISABLED <-> WEB-PHP DCP-Portal remote file include editor script attempt (web-php.rules)
 * 1:2339 <-> DISABLED <-> TFTP NULL command attempt (tftp.rules)
 * 1:2337 <-> DISABLED <-> TFTP PUT filename overflow attempt (tftp.rules)
 * 1:2331 <-> DISABLED <-> WEB-PHP MatrikzGB privilege escalation attempt (web-php.rules)
 * 1:2328 <-> DISABLED <-> WEB-PHP authentication_index.php access (web-php.rules)
 * 1:2323 <-> DISABLED <-> WEB-CGI quickstore.cgi access (web-cgi.rules)
 * 1:2307 <-> DISABLED <-> WEB-PHP PayPal Storefront remote file include attempt (web-php.rules)
 * 1:2306 <-> DISABLED <-> WEB-PHP gallery remote file include attempt (web-php.rules)
 * 1:2305 <-> DISABLED <-> WEB-PHP chatbox.php access (web-php.rules)
 * 1:2304 <-> DISABLED <-> WEB-PHP files.inc.php access (web-php.rules)
 * 1:2303 <-> DISABLED <-> WEB-PHP Advanced Poll popup.php access (web-php.rules)
 * 1:2302 <-> DISABLED <-> WEB-PHP Advanced Poll poll_ssi.php access (web-php.rules)
 * 1:2301 <-> DISABLED <-> WEB-PHP Advanced Poll booth.php access (web-php.rules)
 * 1:2300 <-> DISABLED <-> WEB-PHP Advanced Poll admin_tpl_new.php access (web-php.rules)
 * 1:2299 <-> DISABLED <-> WEB-PHP Advanced Poll admin_tpl_misc_new.php access (web-php.rules)
 * 1:2298 <-> DISABLED <-> WEB-PHP Advanced Poll admin_templates.php access (web-php.rules)
 * 1:2297 <-> DISABLED <-> WEB-PHP Advanced Poll admin_templates_misc.php access (web-php.rules)
 * 1:2296 <-> DISABLED <-> WEB-PHP Advanced Poll admin_stats.php access (web-php.rules)
 * 1:2295 <-> DISABLED <-> WEB-PHP Advanced Poll admin_settings.php access (web-php.rules)
 * 1:2294 <-> DISABLED <-> WEB-PHP Advanced Poll admin_preview.php access (web-php.rules)
 * 1:2293 <-> DISABLED <-> WEB-PHP Advanced Poll admin_password.php access (web-php.rules)
 * 1:2292 <-> DISABLED <-> WEB-PHP Advanced Poll admin_logout.php access (web-php.rules)
 * 1:2291 <-> DISABLED <-> WEB-PHP Advanced Poll admin_license.php access (web-php.rules)
 * 1:2290 <-> DISABLED <-> WEB-PHP Advanced Poll admin_help.php access (web-php.rules)
 * 1:2289 <-> DISABLED <-> WEB-PHP Advanced Poll admin_embed.php access (web-php.rules)
 * 1:2288 <-> DISABLED <-> WEB-PHP Advanced Poll admin_edit.php access (web-php.rules)
 * 1:2287 <-> DISABLED <-> WEB-PHP Advanced Poll admin_comment.php access (web-php.rules)
 * 1:2286 <-> DISABLED <-> WEB-PHP friends.php access (web-php.rules)
 * 1:2285 <-> DISABLED <-> WEB-PHP rolis guestbook access (web-php.rules)
 * 1:2284 <-> DISABLED <-> WEB-PHP rolis guestbook remote file include attempt (web-php.rules)
 * 1:2283 <-> DISABLED <-> WEB-PHP DatabaseFunctions.php access (web-php.rules)
 * 1:2282 <-> DISABLED <-> WEB-PHP GlobalFunctions.php access (web-php.rules)
 * 1:2281 <-> DISABLED <-> WEB-PHP Setup.php access (web-php.rules)
 * 1:2280 <-> DISABLED <-> WEB-PHP Title.php access (web-php.rules)
 * 1:2279 <-> DISABLED <-> WEB-PHP UpdateClasses.php access (web-php.rules)
 * 1:2273 <-> DISABLED <-> IMAP login brute force attempt (imap.rules)
 * 1:2229 <-> DISABLED <-> WEB-PHP viewtopic.php access (web-php.rules)
 * 1:2228 <-> DISABLED <-> WEB-PHP phpMyAdmin db_details_importdocsql.php access (web-php.rules)
 * 1:2227 <-> DISABLED <-> WEB-PHP forum_details.php access (web-php.rules)
 * 1:2226 <-> DISABLED <-> WEB-PHP pmachine remote file include attempt (web-php.rules)
 * 1:2225 <-> DISABLED <-> WEB-CGI gozila.cgi access (web-cgi.rules)
 * 1:2224 <-> DISABLED <-> WEB-CGI psunami.cgi access (web-cgi.rules)
 * 1:2223 <-> DISABLED <-> WEB-CGI csNews.cgi access (web-cgi.rules)
 * 1:2222 <-> DISABLED <-> WEB-CGI nph-exploitscanget.cgi access (web-cgi.rules)
 * 1:2221 <-> DISABLED <-> WEB-CGI ws_mail.cgi access (web-cgi.rules)
 * 1:2220 <-> DISABLED <-> WEB-CGI simplestmail.cgi access (web-cgi.rules)
 * 1:2219 <-> DISABLED <-> WEB-CGI setpasswd.cgi access (web-cgi.rules)
 * 1:2218 <-> DISABLED <-> WEB-CGI service.cgi access (web-cgi.rules)
 * 1:2217 <-> DISABLED <-> WEB-CGI printmail.cgi access (web-cgi.rules)
 * 1:2216 <-> DISABLED <-> WEB-CGI readmail.cgi access (web-cgi.rules)
 * 1:2215 <-> DISABLED <-> WEB-CGI nsManager.cgi access (web-cgi.rules)
 * 1:2214 <-> DISABLED <-> WEB-CGI mailview.cgi access (web-cgi.rules)
 * 1:2213 <-> DISABLED <-> WEB-CGI mailfile.cgi access (web-cgi.rules)
 * 1:2212 <-> DISABLED <-> WEB-CGI imageFolio.cgi access (web-cgi.rules)
 * 1:2211 <-> DISABLED <-> WEB-CGI guestserver.cgi access (web-cgi.rules)
 * 1:2210 <-> DISABLED <-> WEB-CGI global.cgi access (web-cgi.rules)
 * 1:2209 <-> DISABLED <-> WEB-CGI getdoc.cgi access (web-cgi.rules)
 * 1:2208 <-> DISABLED <-> WEB-CGI fom.cgi access (web-cgi.rules)
 * 1:2207 <-> DISABLED <-> WEB-CGI fileseek.cgi access (web-cgi.rules)
 * 1:2206 <-> DISABLED <-> WEB-CGI ezman.cgi access (web-cgi.rules)
 * 1:2205 <-> DISABLED <-> WEB-CGI ezboard.cgi access (web-cgi.rules)
 * 1:2204 <-> DISABLED <-> WEB-CGI ezadmin.cgi access (web-cgi.rules)
 * 1:2203 <-> DISABLED <-> WEB-CGI everythingform.cgi access (web-cgi.rules)
 * 1:2202 <-> DISABLED <-> WEB-CGI edit_action.cgi access (web-cgi.rules)
 * 1:2201 <-> DISABLED <-> WEB-CGI download.cgi access (web-cgi.rules)
 * 1:2200 <-> DISABLED <-> WEB-CGI dnewsweb.cgi access (web-cgi.rules)
 * 1:2199 <-> DISABLED <-> WEB-CGI multidiff.cgi access (web-cgi.rules)
 * 1:2198 <-> DISABLED <-> WEB-CGI cvslog.cgi access (web-cgi.rules)
 * 1:2197 <-> DISABLED <-> WEB-CGI cvsview2.cgi access (web-cgi.rules)
 * 1:2196 <-> DISABLED <-> WEB-CGI catgy.cgi access (web-cgi.rules)
 * 1:2195 <-> DISABLED <-> WEB-CGI alert.cgi access (web-cgi.rules)
 * 1:2194 <-> DISABLED <-> WEB-CGI CSMailto.cgi access (web-cgi.rules)
 * 1:2177 <-> DISABLED <-> NETBIOS SMB startup folder unicode access (netbios.rules)
 * 1:2155 <-> DISABLED <-> WEB-PHP ttforum remote file include attempt (web-php.rules)
 * 1:2154 <-> DISABLED <-> WEB-PHP autohtml.php access (web-php.rules)
 * 1:2153 <-> DISABLED <-> WEB-PHP autohtml.php directory traversal attempt (web-php.rules)
 * 1:2152 <-> DISABLED <-> WEB-PHP test.php access (web-php.rules)
 * 1:2151 <-> DISABLED <-> WEB-PHP ttCMS header.php access (web-php.rules)
 * 1:2150 <-> DISABLED <-> WEB-PHP ttCMS header.php remote file include attempt (web-php.rules)
 * 1:2149 <-> DISABLED <-> WEB-PHP Turba status.php access (web-php.rules)
 * 1:2148 <-> DISABLED <-> WEB-PHP BLNews objects.inc.php4 access (web-php.rules)
 * 1:2147 <-> DISABLED <-> WEB-PHP BLNews objects.inc.php4 remote file include attempt (web-php.rules)
 * 1:2146 <-> DISABLED <-> WEB-PHP TextPortal admin.php default password 12345 attempt (web-php.rules)
 * 1:2145 <-> DISABLED <-> WEB-PHP TextPortal admin.php default password admin attempt (web-php.rules)
 * 1:2144 <-> DISABLED <-> WEB-PHP b2 cafelog gm-2-b2.php access (web-php.rules)
 * 1:2143 <-> DISABLED <-> WEB-PHP b2 cafelog gm-2-b2.php remote file include attempt (web-php.rules)
 * 1:2142 <-> DISABLED <-> WEB-PHP shoutbox.php access (web-php.rules)
 * 1:2141 <-> DISABLED <-> WEB-PHP shoutbox.php directory traversal attempt (web-php.rules)
 * 1:2140 <-> DISABLED <-> WEB-PHP p-news.php access (web-php.rules)
 * 1:2128 <-> DISABLED <-> WEB-CGI swsrv.cgi access (web-cgi.rules)
 * 1:2127 <-> DISABLED <-> WEB-CGI ikonboard.cgi access (web-cgi.rules)
 * 1:2120 <-> DISABLED <-> IMAP create literal buffer overflow attempt (imap.rules)
 * 1:2116 <-> DISABLED <-> WEB-CGI chipcfg.cgi access (web-cgi.rules)
 * 1:2115 <-> DISABLED <-> WEB-CGI album.pl access (web-cgi.rules)
 * 1:2107 <-> DISABLED <-> IMAP create buffer overflow attempt (imap.rules)
 * 1:2105 <-> DISABLED <-> IMAP authenticate literal overflow attempt (imap.rules)
 * 1:2086 <-> DISABLED <-> WEB-CGI streaming server parse_xml.cgi access (web-cgi.rules)
 * 1:2085 <-> DISABLED <-> WEB-CGI parse_xml.cgi access (web-cgi.rules)
 * 1:2078 <-> DISABLED <-> WEB-PHP phpBB privmsg.php access (web-php.rules)
 * 1:2077 <-> DISABLED <-> WEB-PHP Mambo upload.php access (web-php.rules)
 * 1:2076 <-> DISABLED <-> WEB-PHP Mambo uploadimage.php access (web-php.rules)
 * 1:2075 <-> DISABLED <-> WEB-PHP Mambo upload.php upload php file attempt (web-php.rules)
 * 1:2074 <-> DISABLED <-> WEB-PHP Mambo uploadimage.php upload php file attempt (web-php.rules)
 * 1:2055 <-> DISABLED <-> WEB-CGI enter_bug.cgi access (web-cgi.rules)
 * 1:2054 <-> DISABLED <-> WEB-CGI enter_bug.cgi arbitrary command attempt (web-cgi.rules)
 * 1:2053 <-> DISABLED <-> WEB-CGI process_bug.cgi access (web-cgi.rules)
 * 1:2052 <-> DISABLED <-> WEB-CGI overflow.cgi access (web-cgi.rules)
 * 1:1878 <-> DISABLED <-> WEB-CGI sdbsearch.cgi access (web-cgi.rules)
 * 1:1877 <-> DISABLED <-> WEB-CGI printenv access (web-cgi.rules)
 * 1:1876 <-> DISABLED <-> WEB-CGI nph-publish.cgi access (web-cgi.rules)
 * 1:1875 <-> DISABLED <-> WEB-CGI cgicso access (web-cgi.rules)
 * 1:1870 <-> DISABLED <-> WEB-CGI siteUserMod.cgi access (web-cgi.rules)
 * 1:1869 <-> DISABLED <-> WEB-CGI story.pl access (web-cgi.rules)
 * 1:1868 <-> DISABLED <-> WEB-CGI story.pl arbitrary file read attempt (web-cgi.rules)
 * 1:1865 <-> DISABLED <-> WEB-CGI webdist.cgi arbitrary command attempt (web-cgi.rules)
 * 1:1862 <-> DISABLED <-> WEB-CGI mrtg.cgi directory traversal attempt (web-cgi.rules)
 * 1:18609 <-> ENABLED <-> POLICY Dropbox Desktop Software in use (policy.rules)
 * 1:18608 <-> ENABLED <-> POLICY Dropbox Desktop Software in use (policy.rules)
 * 1:18603 <-> ENABLED <-> SPECIFIC-THREATS IBM Lotus Notes Applix Graphics Parsing Buffer Overflow (specific-threats.rules)
 * 1:18589 <-> ENABLED <-> SPECIFIC-THREATS Novell Client NetIdentity Agent remote arbitrary pointer dereference code execution attempt (specific-threats.rules)
 * 1:18517 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer long URL buffer overflow attempt (specific-threats.rules)
 * 1:18515 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Visio VSD file icon memory corruption (specific-threats.rules)
 * 1:1850 <-> DISABLED <-> WEB-CGI way-board.cgi access (web-cgi.rules)
 * 1:18492 <-> ENABLED <-> BLACKLIST DNS request for known malware domain ilo.brenz.pl (blacklist.rules)
 * 1:18491 <-> ENABLED <-> WEB-ACTIVEX Whale Client Components ActiveX ProgID access (web-activex.rules)
 * 1:18490 <-> ENABLED <-> WEB-ACTIVEX Whale Client Components ActiveX clsid access (web-activex.rules)
 * 1:18479 <-> ENABLED <-> WEB-PHP miniBB rss.php pathToFiles remote file include attempt (web-php.rules)
 * 1:18478 <-> ENABLED <-> WEB-PHP miniBB rss.php premodDir remote file include attempt (web-php.rules)
 * 1:18476 <-> ENABLED <-> SPECIFIC-THREATS IBM Lotus Notes DOC attachment viewer buffer overflow (specific-threats.rules)
 * 1:18395 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string Duckling/1.0 (blacklist.rules)
 * 1:18394 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string OCRecover (blacklist.rules)
 * 1:18393 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string vyre32 (blacklist.rules)
 * 1:18392 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string qixi (blacklist.rules)
 * 1:18391 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string MyLove (blacklist.rules)
 * 1:18390 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string Delphi 5.x (blacklist.rules)
 * 1:18389 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string 3653Client (blacklist.rules)
 * 1:18388 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string RookIE/1.0 (blacklist.rules)
 * 1:18387 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string dwplayer (blacklist.rules)
 * 1:18386 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string AHTTPConnection (blacklist.rules)
 * 1:18385 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string HTTPCSDCENTER (blacklist.rules)
 * 1:18384 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string Install Stub (blacklist.rules)
 * 1:18383 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string GPInstaller (blacklist.rules)
 * 1:18382 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string WMUpdate (blacklist.rules)
 * 1:18381 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string Travel Update (blacklist.rules)
 * 1:18380 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string FPUpdater (blacklist.rules)
 * 1:18379 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string AskInstallChecker (blacklist.rules)
 * 1:18378 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string AutoHotkey (blacklist.rules)
 * 1:18377 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string malware (blacklist.rules)
 * 1:18376 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string Trololo (blacklist.rules)
 * 1:18375 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string HTTP Wininet (blacklist.rules)
 * 1:18374 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string MSDN SurfBear (blacklist.rules)
 * 1:18373 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string Installer (blacklist.rules)
 * 1:18371 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string QvodDown (blacklist.rules)
 * 1:18370 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string Mozilla Windows MSIE (blacklist.rules)
 * 1:18369 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string iexp-get (blacklist.rules)
 * 1:18368 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string Our_Agent (blacklist.rules)
 * 1:18367 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string FPRecover (blacklist.rules)
 * 1:18366 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string OCInstaller (blacklist.rules)
 * 1:18365 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string Agentcc (blacklist.rules)
 * 1:18364 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string msndown (blacklist.rules)
 * 1:18363 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string GPRecover (blacklist.rules)
 * 1:18362 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string Search Toolbar 1.1 (blacklist.rules)
 * 1:18361 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string Downloader1.1 (blacklist.rules)
 * 1:18360 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string Oncues (blacklist.rules)
 * 1:18359 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string Shareaza (blacklist.rules)
 * 1:18358 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string NSIS_INETLOAD (blacklist.rules)
 * 1:18357 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string Setup Factory (blacklist.rules)
 * 1:18356 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string random (blacklist.rules)
 * 1:18355 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string Se2011 (blacklist.rules)
 * 1:18354 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string opera/8.11 (blacklist.rules)
 * 1:18353 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string SelectRebates (blacklist.rules)
 * 1:18352 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string PinballCorp-BSAI/VER_STR_COMMA (blacklist.rules)
 * 1:18351 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string GPUpdater (blacklist.rules)
 * 1:18350 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string GabPath (blacklist.rules)
 * 1:18349 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string Flipopia (blacklist.rules)
 * 1:18348 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string Opera/9.80 Pesto/2.2.15 (blacklist.rules)
 * 1:18347 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string AutoIt (blacklist.rules)
 * 1:18346 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string GPRecover (blacklist.rules)
 * 1:18345 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string Macrovision_DM_2.4.15 (blacklist.rules)
 * 1:18344 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string FSD (blacklist.rules)
 * 1:18343 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string WSEnrichment (blacklist.rules)
 * 1:18342 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string NSIS_DOWNLOAD (blacklist.rules)
 * 1:18341 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string UtilMind HTTPGet (blacklist.rules)
 * 1:18340 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string ClickAdsByIE 0.7.5 (blacklist.rules)
 * 1:1834 <-> DISABLED <-> WEB-PHP PHP-Wiki cross site scripting attempt (web-php.rules)
 * 1:18339 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string NSIS_Inetc (blacklist.rules)
 * 1:18338 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string NSISDL/1.2 (blacklist.rules)
 * 1:18337 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string iamx/3.11 (blacklist.rules)
 * 1:18336 <-> ENABLED <-> BLACKLIST USER-AGENT known malicious user-agent string gbot/2.3 (blacklist.rules)
 * 1:18325 <-> ENABLED <-> WEB-ACTIVEX Image Viewer CP Gold 6 ActiveX clsid access (web-activex.rules)
 * 1:18324 <-> ENABLED <-> WEB-ACTIVEX SonicWall Aventail EPInstaller ActiveX function call access (web-activex.rules)
 * 1:18323 <-> ENABLED <-> WEB-ACTIVEX SonicWall Aventail EPInstaller ActiveX clsid access (web-activex.rules)
 * 1:18322 <-> ENABLED <-> WEB-ACTIVEX SonicWall Aventail EPInterrogator ActiveX function call access (web-activex.rules)
 * 1:18321 <-> ENABLED <-> WEB-ACTIVEX SonicWall Aventail EPInterrogator ActiveX clsid access (web-activex.rules)
 * 1:18314 <-> ENABLED <-> SPECIFIC-THREATS NETBIOS DCERPC NCACN-IP-TCP lsarpc LsarLookupSids lsa_io_trans_name heap overflow attempt (specific-threats.rules)
 * 1:18307 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer frameset memory corruption attempt (specific-threats.rules)
 * 1:18298 <-> ENABLED <-> SPECIFIC-THREATS Mozilla Firefox Javascript large regex memory corruption attempt (specific-threats.rules)
 * 1:18285 <-> DISABLED <-> NETBIOS BrightStor ARCserve backup tape engine buffer overflow attempt (netbios.rules)
 * 1:18283 <-> DISABLED <-> SPECIFIC-THREATS Oracle WebLogic Apache Connector buffer overflow attempt (specific-threats.rules)
 * 1:18272 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.886.com (blacklist.rules)
 * 1:18271 <-> ENABLED <-> BLACKLIST DNS request for known malware domain move.su (blacklist.rules)
 * 1:18270 <-> ENABLED <-> BLACKLIST DNS request for known malware domain koonol.com (blacklist.rules)
 * 1:18269 <-> ENABLED <-> BLACKLIST DNS request for known malware domain dnf.6bom.com (blacklist.rules)
 * 1:18268 <-> ENABLED <-> BLACKLIST DNS request for known malware domain 35free.net (blacklist.rules)
 * 1:18264 <-> ENABLED <-> SPECIFIC-THREATS Mozilla Firefox Javascript deleted frame or window reference attempt (specific-threats.rules)
 * 1:18260 <-> ENABLED <-> BLACKLIST DNS request for known malware domain freenetgameonline.com (blacklist.rules)
 * 1:18259 <-> ENABLED <-> BLACKLIST DNS request for known malware domain whysohardx.com (blacklist.rules)
 * 1:18258 <-> ENABLED <-> BLACKLIST DNS request for known malware domain ftuny.com (blacklist.rules)
 * 1:18257 <-> ENABLED <-> BLACKLIST DNS request for known malware domain dns-check.biz (blacklist.rules)
 * 1:18256 <-> ENABLED <-> BLACKLIST DNS request for known malware domain tutubest.com (blacklist.rules)
 * 1:18255 <-> ENABLED <-> BLACKLIST DNS request for known malware domain gopheisstoo.cc (blacklist.rules)
 * 1:18254 <-> ENABLED <-> BLACKLIST DNS request for known malware domain checkserverstux.com (blacklist.rules)
 * 1:18253 <-> ENABLED <-> BLACKLIST DNS request for known malware domain blogsmonitoringservice.com (blacklist.rules)
 * 1:18252 <-> ENABLED <-> BLACKLIST DNS request for known malware domain protectyourpc-11.com (blacklist.rules)
 * 1:18251 <-> ENABLED <-> BLACKLIST DNS request for known malware domain vcxde.com (blacklist.rules)
 * 1:1825 <-> DISABLED <-> WEB-CGI AlienForm af.cgi access (web-cgi.rules)
 * 1:1824 <-> DISABLED <-> WEB-CGI alienform.cgi access (web-cgi.rules)
 * 1:1823 <-> DISABLED <-> WEB-CGI AlienForm af.cgi directory traversal attempt (web-cgi.rules)
 * 1:1822 <-> DISABLED <-> WEB-CGI alienform.cgi directory traversal attempt (web-cgi.rules)
 * 1:18194 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer cross domain information disclosure attempt (specific-threats.rules)
 * 1:18193 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer cross domain information disclosure attempt (specific-threats.rules)
 * 1:18192 <-> ENABLED <-> NETBIOS DCERPC NCADG-IP-UDP netdfs NetrDfsEnum attempt (netbios.rules)
 * 1:18191 <-> ENABLED <-> NETBIOS DCERPC NCACN-IP-TCP netdfs NetrDfsEnum attempt (netbios.rules)
 * 1:18190 <-> ENABLED <-> NETBIOS DCERPC NCADG-IP-UDP netdfs NetrDfsEnum attempt (netbios.rules)
 * 1:18189 <-> ENABLED <-> NETBIOS DCERPC NCACN-IP-TCP netdfs NetrDfsEnum attempt (netbios.rules)
 * 1:18185 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.dd0415.net (blacklist.rules)
 * 1:18184 <-> ENABLED <-> BLACKLIST DNS request for known malware domain dnf.gametime.co.kr (blacklist.rules)
 * 1:18183 <-> ENABLED <-> BLACKLIST DNS request for known malware domain mailzou.com (blacklist.rules)
 * 1:18179 <-> ENABLED <-> SCAN Proxyfire.net anonymous proxy scan (scan.rules)
 * 1:18169 <-> ENABLED <-> WEB-ACTIVEX WinZip FileView 6.1 ActiveX function call unicode access (web-activex.rules)
 * 1:18166 <-> ENABLED <-> BLACKLIST DNS request for known malware domain dfgdd.9y6c.co.cc (blacklist.rules)
 * 1:18165 <-> ENABLED <-> BLACKLIST DNS request for known malware domain e.mssm.com (blacklist.rules)
 * 1:18164 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.yx240.com (blacklist.rules)
 * 1:18163 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.yisaa.com (blacklist.rules)
 * 1:18162 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.weilingcy.com (blacklist.rules)
 * 1:18161 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.street08.com (blacklist.rules)
 * 1:18160 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.stony-skunk.com (blacklist.rules)
 * 1:1816 <-> DISABLED <-> WEB-PHP directory.php access (web-php.rules)
 * 1:18159 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.soanala.com (blacklist.rules)
 * 1:18158 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.shzhaotian.cn (blacklist.rules)
 * 1:18157 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.quyou365.com (blacklist.rules)
 * 1:18156 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.pxflm.com (blacklist.rules)
 * 1:18155 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.pplog.cn (blacklist.rules)
 * 1:18154 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.nc57.com (blacklist.rules)
 * 1:18153 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.maoyiren.com (blacklist.rules)
 * 1:18152 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.mainhu.com (blacklist.rules)
 * 1:18151 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.kingsoftduba2009.com (blacklist.rules)
 * 1:18150 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.jxbaike.com (blacklist.rules)
 * 1:1815 <-> DISABLED <-> WEB-PHP directory.php arbitrary command attempt (web-php.rules)
 * 1:18149 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.haosf08.com (blacklist.rules)
 * 1:18148 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.haoleyou.com (blacklist.rules)
 * 1:18147 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.gev.cn (blacklist.rules)
 * 1:18146 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.gdfp365.cn (blacklist.rules)
 * 1:18145 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.fp360.net (blacklist.rules)
 * 1:18144 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.fp0769.com (blacklist.rules)
 * 1:18143 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.fp0755.cn (blacklist.rules)
 * 1:18142 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.eastadmin.com (blacklist.rules)
 * 1:18141 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.dspenter.com (blacklist.rules)
 * 1:18140 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.cqtjg.com (blacklist.rules)
 * 1:18139 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.china-aoben.com (blacklist.rules)
 * 1:18138 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.chateaulegend.com (blacklist.rules)
 * 1:18137 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.9292cs.cn (blacklist.rules)
 * 1:18136 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.66xihu.com (blacklist.rules)
 * 1:18135 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.555hd.com (blacklist.rules)
 * 1:18134 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.551sf.com (blacklist.rules)
 * 1:18133 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.001zs.com (blacklist.rules)
 * 1:18131 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.ybtour.co.kr (blacklist.rules)
 * 1:18130 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.wwmei.com (blacklist.rules)
 * 1:18129 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.w22rt.com (blacklist.rules)
 * 1:18128 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.uwonderfull.com (blacklist.rules)
 * 1:18127 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.univus.co.kr (blacklist.rules)
 * 1:18126 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.tpydb.com (blacklist.rules)
 * 1:18125 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.tpydb.com (blacklist.rules)
 * 1:18124 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.sijianfeng.com (blacklist.rules)
 * 1:18123 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.phoroshop.es (blacklist.rules)
 * 1:18122 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.opusgame.com (blacklist.rules)
 * 1:18121 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.linzhiling123.com (blacklist.rules)
 * 1:18120 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.iwebdy.net (blacklist.rules)
 * 1:18119 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.ilbondrama.net (blacklist.rules)
 * 1:18118 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.hao1345.com (blacklist.rules)
 * 1:18117 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.cineseoul.com (blacklist.rules)
 * 1:18116 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.bnbsoft.co.kr (blacklist.rules)
 * 1:18115 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.ajs2002.com (blacklist.rules)
 * 1:18114 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.5fqq.com (blacklist.rules)
 * 1:18113 <-> ENABLED <-> BLACKLIST DNS request for known malware domain wusheng03.3322.org (blacklist.rules)
 * 1:18111 <-> ENABLED <-> BLACKLIST DNS request for known malware domain v.9y9c.co.cc (blacklist.rules)
 * 1:18112 <-> ENABLED <-> BLACKLIST DNS request for known malware domain wenyixuan.3322.org. (blacklist.rules)
 * 1:18107 <-> ENABLED <-> BLACKLIST DNS request for known malware domain jsshmz.gotoip4.com (blacklist.rules)
 * 1:18110 <-> ENABLED <-> BLACKLIST DNS request for known malware domain tiantianzaixian.gotoip1.com (blacklist.rules)
 * 1:18108 <-> ENABLED <-> BLACKLIST DNS request for known malware domain phoroshop.es (blacklist.rules)
 * 1:1811 <-> DISABLED <-> SPECIFIC-THREATS successful gobbles ssh exploit uname (specific-threats.rules)
 * 1:18109 <-> ENABLED <-> BLACKLIST DNS request for known malware domain talk.cetizen.com (blacklist.rules)
 * 1:897 <-> DISABLED <-> WEB-CGI pals-cgi access (web-cgi.rules)
 * 1:898 <-> DISABLED <-> WEB-CGI commerce.cgi access (web-cgi.rules)
 * 1:899 <-> DISABLED <-> WEB-CGI Amaya templates sendtemp.pl directory traversal attempt (web-cgi.rules)
 * 1:900 <-> DISABLED <-> WEB-CGI webspirs.cgi directory traversal attempt (web-cgi.rules)
 * 1:901 <-> DISABLED <-> WEB-CGI webspirs.cgi access (web-cgi.rules)
 * 1:902 <-> DISABLED <-> WEB-CGI tstisapi.dll access (web-cgi.rules)
 * 1:903 <-> DISABLED <-> WEB-COLDFUSION cfcache.map access (web-coldfusion.rules)
 * 1:843 <-> DISABLED <-> WEB-CGI anform2 access (web-cgi.rules)
 * 1:8438 <-> DISABLED <-> IMAP SSLv2 openssl get shared ciphers overflow attempt (imap.rules)
 * 1:8439 <-> DISABLED <-> IMAP SSLv3 openssl get shared ciphers overflow attempt (imap.rules)
 * 1:844 <-> DISABLED <-> WEB-CGI args.bat access (web-cgi.rules)
 * 1:8440 <-> DISABLED <-> IMAP SSLv2 openssl get shared ciphers overflow attempt (imap.rules)
 * 1:845 <-> DISABLED <-> WEB-CGI AT-admin.cgi access (web-cgi.rules)
 * 1:846 <-> DISABLED <-> WEB-CGI bnbform.cgi access (web-cgi.rules)
 * 1:847 <-> DISABLED <-> WEB-CGI campas access (web-cgi.rules)
 * 1:848 <-> DISABLED <-> WEB-CGI view-source directory traversal (web-cgi.rules)
 * 1:8485 <-> DISABLED <-> WEB-COLDFUSION CFNEWINTERNALADMINSECURITY access (web-coldfusion.rules)
 * 1:8486 <-> DISABLED <-> WEB-COLDFUSION CFNEWINTERNALREGISTRY access (web-coldfusion.rules)
 * 1:8487 <-> DISABLED <-> WEB-COLDFUSION CFADMIN_REGISTRY_SET access (web-coldfusion.rules)
 * 1:8488 <-> DISABLED <-> WEB-COLDFUSION CFADMIN_REGISTRY_GET access (web-coldfusion.rules)
 * 1:8489 <-> DISABLED <-> WEB-COLDFUSION CFADMIN_REGISTRY_DELETE access (web-coldfusion.rules)
 * 1:849 <-> DISABLED <-> WEB-CGI view-source access (web-cgi.rules)
 * 1:8490 <-> DISABLED <-> WEB-COLDFUSION viewexample.cfm access (web-coldfusion.rules)
 * 1:8491 <-> DISABLED <-> WEB-COLDFUSION eval.cfm access (web-coldfusion.rules)
 * 1:8492 <-> DISABLED <-> WEB-COLDFUSION openfile.cfm access (web-coldfusion.rules)
 * 1:8493 <-> DISABLED <-> WEB-COLDFUSION sourcewindow.cfm access (web-coldfusion.rules)
 * 1:850 <-> DISABLED <-> WEB-CGI wais.pl access (web-cgi.rules)
 * 1:851 <-> DISABLED <-> WEB-CGI files.pl access (web-cgi.rules)
 * 1:852 <-> DISABLED <-> WEB-CGI wguest.exe access (web-cgi.rules)
 * 1:853 <-> DISABLED <-> WEB-CGI wrap access (web-cgi.rules)
 * 1:854 <-> DISABLED <-> WEB-CGI classifieds.cgi access (web-cgi.rules)
 * 1:856 <-> DISABLED <-> WEB-CGI environ.cgi access (web-cgi.rules)
 * 1:857 <-> DISABLED <-> WEB-CGI faxsurvey access (web-cgi.rules)
 * 1:858 <-> DISABLED <-> WEB-CGI filemail access (web-cgi.rules)
 * 1:859 <-> DISABLED <-> WEB-CGI man.sh access (web-cgi.rules)
 * 1:860 <-> DISABLED <-> WEB-CGI snork.bat access (web-cgi.rules)
 * 1:861 <-> DISABLED <-> WEB-CGI w3-msql access (web-cgi.rules)
 * 1:862 <-> DISABLED <-> WEB-CGI csh access (web-cgi.rules)
 * 1:863 <-> DISABLED <-> WEB-CGI day5datacopier.cgi access (web-cgi.rules)
 * 1:864 <-> DISABLED <-> WEB-CGI day5datanotifier.cgi access (web-cgi.rules)
 * 1:865 <-> DISABLED <-> WEB-CGI ksh access (web-cgi.rules)
 * 1:866 <-> DISABLED <-> WEB-CGI post-query access (web-cgi.rules)
 * 1:867 <-> DISABLED <-> WEB-CGI visadmin.exe access (web-cgi.rules)
 * 1:868 <-> DISABLED <-> WEB-CGI rsh access (web-cgi.rules)
 * 1:869 <-> DISABLED <-> WEB-CGI dumpenv.pl access (web-cgi.rules)
 * 1:870 <-> DISABLED <-> WEB-CGI snorkerz.cmd access (web-cgi.rules)
 * 1:8708 <-> DISABLED <-> WEB-PHP Wordpress cache_lastpostdate code injection attempt (web-php.rules)
 * 1:8709 <-> ENABLED <-> DNS Windows NAT helper components tcp denial of service attempt (dns.rules)
 * 1:871 <-> DISABLED <-> WEB-CGI survey.cgi access (web-cgi.rules)
 * 1:8710 <-> ENABLED <-> DNS Windows NAT helper components udp denial of service attempt (dns.rules)
 * 1:8712 <-> DISABLED <-> WEB-PHP cacti graph_image arbitrary command execution attempt (web-php.rules)
 * 1:8713 <-> DISABLED <-> WEB-PHP cacti graph_image SQL injection attempt (web-php.rules)
 * 1:8714 <-> DISABLED <-> WEB-PHP cacti graph_image SQL injection attempt (web-php.rules)
 * 1:8715 <-> DISABLED <-> WEB-PHP cacti graph_image SQL injection attempt (web-php.rules)
 * 1:8716 <-> DISABLED <-> WEB-PHP cacti graph_image SQL injection attempt (web-php.rules)
 * 1:872 <-> DISABLED <-> WEB-CGI tcsh access (web-cgi.rules)
 * 1:8734 <-> DISABLED <-> WEB-PHP Pajax arbitrary command execution attempt (web-php.rules)
 * 1:8738 <-> DISABLED <-> WEB-ACTIVEX Macrovision InstallShield Update Service ActiveX clsid access (web-activex.rules)
 * 1:8739 <-> DISABLED <-> WEB-ACTIVEX Macrovision InstallShield Update Service ActiveX clsid unicode access (web-activex.rules)
 * 1:8740 <-> DISABLED <-> WEB-ACTIVEX Macrovision InstallShield Update Service ActiveX function call access (web-activex.rules)
 * 1:875 <-> DISABLED <-> WEB-CGI win-c-sample.exe access (web-cgi.rules)
 * 1:877 <-> DISABLED <-> WEB-CGI rksh access (web-cgi.rules)
 * 1:878 <-> DISABLED <-> WEB-CGI w3tvars.pm access (web-cgi.rules)
 * 1:879 <-> DISABLED <-> WEB-CGI admin.pl access (web-cgi.rules)
 * 1:880 <-> DISABLED <-> WEB-CGI LWGate access (web-cgi.rules)
 * 1:881 <-> DISABLED <-> WEB-CGI archie access (web-cgi.rules)
 * 1:882 <-> DISABLED <-> WEB-CGI calendar access (web-cgi.rules)
 * 1:883 <-> DISABLED <-> WEB-CGI flexform access (web-cgi.rules)
 * 1:885 <-> DISABLED <-> WEB-CGI bash access (web-cgi.rules)
 * 1:886 <-> DISABLED <-> WEB-CGI phf access (web-cgi.rules)
 * 1:887 <-> DISABLED <-> WEB-CGI www-sql access (web-cgi.rules)
 * 1:888 <-> DISABLED <-> WEB-CGI wwwadmin.pl access (web-cgi.rules)
 * 1:889 <-> DISABLED <-> WEB-CGI ppdscgi.exe access (web-cgi.rules)
 * 1:890 <-> DISABLED <-> WEB-CGI sendform.cgi access (web-cgi.rules)
 * 1:891 <-> DISABLED <-> WEB-CGI upload.pl access (web-cgi.rules)
 * 1:892 <-> DISABLED <-> WEB-CGI AnyForm2 access (web-cgi.rules)
 * 1:8925 <-> ENABLED <-> NETBIOS DCERPC NCACN-IP-TCP wkssvc NetrAddAlternateComputerName overflow attempt (netbios.rules)
 * 1:894 <-> DISABLED <-> WEB-CGI bb-hist.sh access (web-cgi.rules)
 * 1:895 <-> DISABLED <-> WEB-CGI redirect access (web-cgi.rules)
 * 1:896 <-> DISABLED <-> WEB-CGI way-board access (web-cgi.rules)
 * 1:921 <-> DISABLED <-> WEB-COLDFUSION admin encrypt attempt (web-coldfusion.rules)
 * 1:922 <-> DISABLED <-> WEB-COLDFUSION displayfile access (web-coldfusion.rules)
 * 1:9228 <-> ENABLED <-> NETBIOS DCERPC NCACN-IP-TCP netware_cs NwGetConnectionInformation overflow attempt (netbios.rules)
 * 1:923 <-> DISABLED <-> WEB-COLDFUSION getodbcin attempt (web-coldfusion.rules)
 * 1:924 <-> DISABLED <-> WEB-COLDFUSION admin decrypt attempt (web-coldfusion.rules)
 * 1:925 <-> DISABLED <-> WEB-COLDFUSION mainframeset access (web-coldfusion.rules)
 * 1:926 <-> DISABLED <-> WEB-COLDFUSION set odbc ini attempt (web-coldfusion.rules)
 * 1:927 <-> DISABLED <-> WEB-COLDFUSION settings refresh attempt (web-coldfusion.rules)
 * 1:928 <-> DISABLED <-> WEB-COLDFUSION exampleapp access (web-coldfusion.rules)
 * 1:929 <-> DISABLED <-> WEB-COLDFUSION CFUSION_VERIFYMAIL access (web-coldfusion.rules)
 * 1:930 <-> DISABLED <-> WEB-COLDFUSION snippets attempt (web-coldfusion.rules)
 * 1:931 <-> DISABLED <-> WEB-COLDFUSION cfmlsyntaxcheck.cfm access (web-coldfusion.rules)
 * 1:932 <-> DISABLED <-> WEB-COLDFUSION application.cfm access (web-coldfusion.rules)
 * 1:933 <-> DISABLED <-> WEB-COLDFUSION onrequestend.cfm access (web-coldfusion.rules)
 * 1:935 <-> DISABLED <-> WEB-COLDFUSION startstop DOS access (web-coldfusion.rules)
 * 1:936 <-> DISABLED <-> WEB-COLDFUSION gettempdirectory.cfm access  (web-coldfusion.rules)
 * 1:937 <-> DISABLED <-> WEB-FRONTPAGE _vti_rpc access (web-frontpage.rules)
 * 1:939 <-> DISABLED <-> WEB-FRONTPAGE posting (web-frontpage.rules)
 * 1:940 <-> DISABLED <-> WEB-FRONTPAGE shtml.dll access (web-frontpage.rules)
 * 1:941 <-> DISABLED <-> WEB-FRONTPAGE contents.htm access (web-frontpage.rules)
 * 1:942 <-> DISABLED <-> WEB-FRONTPAGE orders.htm access (web-frontpage.rules)
 * 1:943 <-> DISABLED <-> WEB-FRONTPAGE fpsrvadm.exe access (web-frontpage.rules)
 * 1:944 <-> DISABLED <-> WEB-FRONTPAGE fpremadm.exe access (web-frontpage.rules)
 * 1:9441 <-> ENABLED <-> NETBIOS DCERPC NCACN-IP-TCP brightstor QSIGetQueuePath overflow attempt (netbios.rules)
 * 1:945 <-> DISABLED <-> WEB-FRONTPAGE fpadmin.htm access (web-frontpage.rules)
 * 1:946 <-> DISABLED <-> WEB-FRONTPAGE fpadmcgi.exe access (web-frontpage.rules)
 * 1:947 <-> DISABLED <-> WEB-FRONTPAGE orders.txt access (web-frontpage.rules)
 * 1:948 <-> DISABLED <-> WEB-FRONTPAGE form_results access (web-frontpage.rules)
 * 1:949 <-> DISABLED <-> WEB-FRONTPAGE registrations.htm access (web-frontpage.rules)
 * 1:950 <-> DISABLED <-> WEB-FRONTPAGE cfgwiz.exe access (web-frontpage.rules)
 * 1:951 <-> DISABLED <-> WEB-FRONTPAGE authors.pwd access (web-frontpage.rules)
 * 1:952 <-> DISABLED <-> WEB-FRONTPAGE author.exe access (web-frontpage.rules)
 * 1:953 <-> DISABLED <-> WEB-FRONTPAGE administrators.pwd access (web-frontpage.rules)
 * 1:954 <-> DISABLED <-> WEB-FRONTPAGE form_results.htm access (web-frontpage.rules)
 * 1:955 <-> DISABLED <-> WEB-FRONTPAGE access.cnf access (web-frontpage.rules)
 * 1:956 <-> DISABLED <-> WEB-FRONTPAGE register.txt access (web-frontpage.rules)
 * 1:957 <-> DISABLED <-> WEB-FRONTPAGE registrations.txt access (web-frontpage.rules)
 * 1:958 <-> DISABLED <-> WEB-FRONTPAGE service.cnf access (web-frontpage.rules)
 * 1:959 <-> DISABLED <-> WEB-FRONTPAGE service.pwd (web-frontpage.rules)
 * 1:960 <-> DISABLED <-> WEB-FRONTPAGE service.stp access (web-frontpage.rules)
 * 1:961 <-> DISABLED <-> WEB-FRONTPAGE services.cnf access (web-frontpage.rules)
 * 1:962 <-> DISABLED <-> WEB-FRONTPAGE shtml.exe access (web-frontpage.rules)
 * 1:9621 <-> DISABLED <-> TFTP 3COM server transport mode buffer overflow attempt (tftp.rules)
 * 1:9626 <-> DISABLED <-> WEB-ACTIVEX AcroPDF.PDF ActiveX clsid access (web-activex.rules)
 * 1:9627 <-> DISABLED <-> WEB-ACTIVEX AcroPDF.PDF ActiveX clsid unicode access (web-activex.rules)
 * 1:9629 <-> DISABLED <-> WEB-ACTIVEX Citrix.ICAClient ActiveX clsid access (web-activex.rules)
 * 1:963 <-> DISABLED <-> WEB-FRONTPAGE svcacl.cnf access (web-frontpage.rules)
 * 1:9630 <-> DISABLED <-> WEB-ACTIVEX Citrix.ICAClient ActiveX clsid unicode access (web-activex.rules)
 * 1:9631 <-> DISABLED <-> WEB-ACTIVEX Citrix.ICAClient ActiveX function call access (web-activex.rules)
 * 1:9638 <-> DISABLED <-> TFTP PUT Microsoft RIS filename overwrite attempt (tftp.rules)
 * 1:964 <-> DISABLED <-> WEB-FRONTPAGE users.pwd access (web-frontpage.rules)
 * 1:965 <-> DISABLED <-> WEB-FRONTPAGE writeto.cnf access (web-frontpage.rules)
 * 1:966 <-> DISABLED <-> WEB-FRONTPAGE .... request (web-frontpage.rules)
 * 1:967 <-> DISABLED <-> WEB-FRONTPAGE dvwssr.dll access (web-frontpage.rules)
 * 1:968 <-> DISABLED <-> WEB-FRONTPAGE register.htm access (web-frontpage.rules)
 * 1:9772 <-> ENABLED <-> NETBIOS DCERPC NCACN-IP-TCP msqueue function 1 overflow attempt (netbios.rules)
 * 1:9773 <-> ENABLED <-> NETBIOS DCERPC NCADG-IP-UDP msqueue function 1 overflow attempt (netbios.rules)
 * 1:9827 <-> DISABLED <-> SPYWARE-PUT Keylogger paq keylog runtime detection - smtp (spyware-put.rules)
 * 1:990 <-> DISABLED <-> WEB-FRONTPAGE _vti_inf.html access (web-frontpage.rules)
 * 1:9914 <-> ENABLED <-> NETBIOS DCERPC NCACN-IP-TCP tapisrv ClientRequest LSetAppPriority overflow attempt (netbios.rules)
 * 1:904 <-> DISABLED <-> WEB-COLDFUSION exampleapp application.cfm (web-coldfusion.rules)
 * 1:905 <-> DISABLED <-> WEB-COLDFUSION application.cfm access (web-coldfusion.rules)
 * 1:906 <-> DISABLED <-> WEB-COLDFUSION getfile.cfm access (web-coldfusion.rules)
 * 1:907 <-> DISABLED <-> WEB-COLDFUSION addcontent.cfm access (web-coldfusion.rules)
 * 1:908 <-> DISABLED <-> WEB-COLDFUSION administrator access (web-coldfusion.rules)
 * 1:909 <-> DISABLED <-> WEB-COLDFUSION datasource username attempt (web-coldfusion.rules)
 * 1:910 <-> DISABLED <-> WEB-COLDFUSION fileexists.cfm access (web-coldfusion.rules)
 * 1:911 <-> DISABLED <-> WEB-COLDFUSION exprcalc access (web-coldfusion.rules)
 * 1:912 <-> DISABLED <-> WEB-COLDFUSION parks access (web-coldfusion.rules)
 * 1:9129 <-> ENABLED <-> WEB-ACTIVEX WinZip FileView 6.1 ActiveX clsid access (web-activex.rules)
 * 1:913 <-> DISABLED <-> WEB-COLDFUSION cfappman access (web-coldfusion.rules)
 * 1:9130 <-> ENABLED <-> WEB-ACTIVEX WinZip FileView 6.1 ActiveX clsid unicode access (web-activex.rules)
 * 1:9131 <-> ENABLED <-> WEB-ACTIVEX WinZip FileView 6.1 ActiveX function call access (web-activex.rules)
 * 1:9132 <-> ENABLED <-> NETBIOS DCERPC NCACN-IP-TCP netware_cs NwrOpenEnumNdsStubTrees_Any overflow attempt (netbios.rules)
 * 1:914 <-> DISABLED <-> WEB-COLDFUSION beaninfo access (web-coldfusion.rules)
 * 1:915 <-> DISABLED <-> WEB-COLDFUSION evaluate.cfm access (web-coldfusion.rules)
 * 1:916 <-> DISABLED <-> WEB-COLDFUSION getodbcdsn access (web-coldfusion.rules)
 * 1:917 <-> DISABLED <-> WEB-COLDFUSION db connections flush attempt (web-coldfusion.rules)
 * 1:918 <-> DISABLED <-> WEB-COLDFUSION expeval access (web-coldfusion.rules)
 * 1:919 <-> DISABLED <-> WEB-COLDFUSION datasource passwordattempt (web-coldfusion.rules)
 * 1:920 <-> DISABLED <-> WEB-COLDFUSION datasource attempt (web-coldfusion.rules)
 * 1:10192 <-> ENABLED <-> WEB-ACTIVEX RealPlayer Ierpplug.dll ActiveX clsid access (web-activex.rules)
 * 1:10194 <-> DISABLED <-> WEB-ACTIVEX RealPlayer Ierpplug.dll ActiveX function call access (web-activex.rules)
 * 1:10202 <-> ENABLED <-> NETBIOS DCERPC NCACN-IP-TCP trend-serverprotect _SetRealTimeScanConfigInfo attempt (netbios.rules)
 * 1:10208 <-> ENABLED <-> NETBIOS DCERPC NCACN-IP-TCP trend-serverprotect COMN_NetTestConnection attempt (netbios.rules)
 * 1:10214 <-> ENABLED <-> WEB-ACTIVEX Shockwave ActiveX Control ActiveX clsid access (web-activex.rules)
 * 1:10215 <-> ENABLED <-> WEB-ACTIVEX Shockwave ActiveX Control ActiveX clsid unicode access (web-activex.rules)
 * 1:10216 <-> ENABLED <-> WEB-ACTIVEX Shockwave ActiveX Control ActiveX function call access (web-activex.rules)
 * 1:10285 <-> ENABLED <-> NETBIOS DCERPC NCACN-IP-TCP svcctl ChangeServiceConfig2A attempt (netbios.rules)
 * 1:10393 <-> DISABLED <-> WEB-ACTIVEX Symantec SupportSoft SmartIssue ActiveX clsid access (web-activex.rules)
 * 1:10394 <-> DISABLED <-> WEB-ACTIVEX Symantec SupportSoft SmartIssue ActiveX clsid unicode access (web-activex.rules)
 * 1:10395 <-> DISABLED <-> WEB-ACTIVEX Symantec SupportSoft SmartIssue ActiveX function call access (web-activex.rules)
 * 1:10419 <-> DISABLED <-> WEB-ACTIVEX HP Mercury Quality Center SPIDERLib ActiveX clsid access (web-activex.rules)
 * 1:10420 <-> DISABLED <-> WEB-ACTIVEX HP Mercury Quality Center SPIDERLib ActiveX clsid unicode access (web-activex.rules)
 * 1:10421 <-> DISABLED <-> WEB-ACTIVEX HP Mercury Quality Center SPIDERLib ActiveX function call access (web-activex.rules)
 * 1:10422 <-> DISABLED <-> WEB-ACTIVEX HP Mercury Quality Center SPIDERLib ActiveX function call unicode access (web-activex.rules)
 * 1:10464 <-> DISABLED <-> TELNET kerberos login environment variable authentication bypass attempt (telnet.rules)
 * 1:10486 <-> ENABLED <-> NETBIOS DCERPC NCACN-IP-TCP brightstor-arc function 15,16,17 attempt (netbios.rules)
 * 1:1051 <-> DISABLED <-> WEB-CGI technote main.cgi file directory traversal attempt (web-cgi.rules)
 * 1:1052 <-> DISABLED <-> WEB-CGI technote print.cgi directory traversal attempt (web-cgi.rules)
 * 1:1053 <-> DISABLED <-> WEB-CGI ads.cgi command execution attempt (web-cgi.rules)
 * 1:1057 <-> DISABLED <-> SQL ftp attempt (sql.rules)
 * 1:1058 <-> DISABLED <-> SQL xp_enumdsn attempt (sql.rules)
 * 1:1059 <-> DISABLED <-> SQL xp_filelist attempt (sql.rules)
 * 1:1060 <-> DISABLED <-> SQL xp_availablemedia attempt (sql.rules)
 * 1:1061 <-> DISABLED <-> SQL xp_cmdshell attempt (sql.rules)
 * 1:1069 <-> DISABLED <-> SQL xp_regread attempt (sql.rules)
 * 1:1077 <-> DISABLED <-> SQL queryhit.htm access (sql.rules)
 * 1:1078 <-> DISABLED <-> SQL counter.exe access (sql.rules)
 * 1:1085 <-> DISABLED <-> WEB-PHP strings overflow (web-php.rules)
 * 1:1086 <-> DISABLED <-> WEB-PHP strings overflow (web-php.rules)
 * 1:1088 <-> DISABLED <-> WEB-CGI eXtropia webstore directory traversal (web-cgi.rules)
 * 1:1089 <-> DISABLED <-> WEB-CGI shopping cart directory traversal (web-cgi.rules)
 * 1:1090 <-> DISABLED <-> WEB-CGI Allaire Pro Web Shell attempt (web-cgi.rules)
 * 1:1092 <-> DISABLED <-> WEB-CGI Armada Style Master Index directory traversal (web-cgi.rules)
 * 1:1093 <-> DISABLED <-> WEB-CGI cached_feed.cgi moreover shopping cart directory traversal (web-cgi.rules)
 * 1:1097 <-> DISABLED <-> WEB-CGI Talentsoft Web+ exploit attempt (web-cgi.rules)
 * 1:10999 <-> DISABLED <-> WEB-CGI chetcpasswd access (web-cgi.rules)
 * 1:1106 <-> DISABLED <-> WEB-CGI Poll-it access (web-cgi.rules)
 * 1:11073 <-> ENABLED <-> NETBIOS DCERPC NCACN-IP-TCP rpcss _RemoteGetClassObject attempt (netbios.rules)
 * 1:11074 <-> ENABLED <-> NETBIOS DCERPC NCADG-IP-UDP rpcss _RemoteGetClassObject attempt (netbios.rules)
 * 1:11177 <-> DISABLED <-> WEB-ACTIVEX PowerPoint Viewer ActiveX clsid unicode access (web-activex.rules)
 * 1:11178 <-> DISABLED <-> WEB-ACTIVEX PowerPoint Viewer ActiveX function call access (web-activex.rules)
 * 1:11179 <-> DISABLED <-> WEB-ACTIVEX PowerPoint Viewer ActiveX function call unicode access (web-activex.rules)
 * 1:11188 <-> DISABLED <-> WEB-ACTIVEX Word Viewer ActiveX clsid unicode access (web-activex.rules)
 * 1:11189 <-> DISABLED <-> WEB-ACTIVEX Word Viewer ActiveX function call access (web-activex.rules)
 * 1:11190 <-> DISABLED <-> WEB-ACTIVEX Word Viewer ActiveX function call unicode access (web-activex.rules)
 * 1:11199 <-> ENABLED <-> WEB-ACTIVEX Office Viewer ActiveX clsid access (web-activex.rules)
 * 1:11200 <-> DISABLED <-> WEB-ACTIVEX Office Viewer ActiveX clsid unicode access (web-activex.rules)
 * 1:11201 <-> DISABLED <-> WEB-ACTIVEX Office Viewer ActiveX function call access (web-activex.rules)
 * 1:11202 <-> DISABLED <-> WEB-ACTIVEX Office Viewer ActiveX function call unicode access (web-activex.rules)
 * 1:1134 <-> DISABLED <-> WEB-PHP Phorum admin access (web-php.rules)
 * 1:1137 <-> DISABLED <-> WEB-PHP Phorum authentication access (web-php.rules)
 * 1:11442 <-> ENABLED <-> NETBIOS DCERPC NCACN-IP-TCP lsarpc LsarAddPrivilegesToAccount overflow attempt (netbios.rules)
 * 1:11443 <-> ENABLED <-> NETBIOS DCERPC NCADG-IP-UDP lsarpc LsarAddPrivilegesToAccount overflow attempt (netbios.rules)
 * 1:1149 <-> DISABLED <-> WEB-CGI count.cgi access (web-cgi.rules)
 * 1:1161 <-> DISABLED <-> WEB-PHP piranha passwd.php3 access (web-php.rules)
 * 1:1163 <-> DISABLED <-> WEB-CGI webdist.cgi access (web-cgi.rules)
 * 1:11664 <-> DISABLED <-> WEB-PHP sphpblog password.txt access attempt (web-php.rules)
 * 1:11665 <-> DISABLED <-> WEB-PHP sphpblog install03_cgi access attempt (web-php.rules)
 * 1:11666 <-> DISABLED <-> WEB-PHP sphpblog upload_img_cgi access attempt (web-php.rules)
 * 1:11667 <-> DISABLED <-> WEB-PHP sphpblog arbitrary file delete attempt (web-php.rules)
 * 1:11668 <-> DISABLED <-> WEB-PHP vbulletin php code injection (web-php.rules)
 * 1:1172 <-> DISABLED <-> WEB-CGI bigconf.cgi access (web-cgi.rules)
 * 1:1174 <-> DISABLED <-> WEB-CGI /cgi-bin/jj access (web-cgi.rules)
 * 1:1178 <-> DISABLED <-> WEB-PHP Phorum read access (web-php.rules)
 * 1:1179 <-> DISABLED <-> WEB-PHP Phorum violation access (web-php.rules)
 * 1:11817 <-> DISABLED <-> WEB-CGI WhatsUpGold configuration access (web-cgi.rules)
 * 1:11822 <-> DISABLED <-> WEB-ACTIVEX Yahoo Webcam Upload ActiveX clsid access (web-activex.rules)
 * 1:11823 <-> DISABLED <-> WEB-ACTIVEX Yahoo Webcam Upload ActiveX clsid unicode access (web-activex.rules)
 * 1:11824 <-> DISABLED <-> WEB-ACTIVEX Yahoo Webcam Upload ActiveX function call access (web-activex.rules)
 * 1:11825 <-> DISABLED <-> WEB-ACTIVEX Yahoo Webcam Upload ActiveX function call unicode access (web-activex.rules)
 * 1:11843 <-> ENABLED <-> NETBIOS DCERPC NCACN-IP-TCP spoolss AddPrinter overflow attempt (netbios.rules)
 * 1:1185 <-> DISABLED <-> WEB-CGI bizdbsearch attempt (web-cgi.rules)
 * 1:1194 <-> DISABLED <-> WEB-CGI sojourn.cgi File attempt (web-cgi.rules)
 * 1:1195 <-> DISABLED <-> WEB-CGI sojourn.cgi access (web-cgi.rules)
 * 1:1196 <-> DISABLED <-> WEB-CGI SGI InfoSearch fname attempt (web-cgi.rules)
 * 1:1197 <-> DISABLED <-> WEB-PHP Phorum code access (web-php.rules)
 * 1:12010 <-> DISABLED <-> WEB-ACTIVEX RKD Software BarCode ActiveX clsid access (web-activex.rules)
 * 1:12011 <-> DISABLED <-> WEB-ACTIVEX RKD Software BarCode ActiveX clsid unicode access (web-activex.rules)
 * 1:12012 <-> DISABLED <-> WEB-ACTIVEX RKD Software BarCode ActiveX function call access (web-activex.rules)
 * 1:12013 <-> DISABLED <-> WEB-ACTIVEX RKD Software BarCode ActiveX function call unicode access (web-activex.rules)
 * 1:1204 <-> DISABLED <-> WEB-CGI ax-admin.cgi access (web-cgi.rules)
 * 1:1205 <-> DISABLED <-> WEB-CGI axs.cgi access (web-cgi.rules)
 * 1:12056 <-> ENABLED <-> WEB-CGI WhatsUpGold instancename overflow attempt (web-cgi.rules)
 * 1:12057 <-> DISABLED <-> WEB-CGI WhatsUpGold configuration access (web-cgi.rules)
 * 1:1206 <-> DISABLED <-> WEB-CGI cachemgr.cgi access (web-cgi.rules)
 * 1:1208 <-> DISABLED <-> WEB-CGI responder.cgi access (web-cgi.rules)
 * 1:12100 <-> ENABLED <-> NETBIOS DCERPC NCACN-IP-TCP ca-alert function 16,23 overflow attempt (netbios.rules)
 * 1:1211 <-> DISABLED <-> WEB-CGI web-map.cgi access (web-cgi.rules)
 * 1:1215 <-> DISABLED <-> WEB-CGI ministats admin access (web-cgi.rules)
 * 1:1219 <-> DISABLED <-> WEB-CGI dfire.cgi access (web-cgi.rules)
 * 1:12198 <-> DISABLED <-> SNMP MS Windows getbulk request (snmp.rules)
 * 1:1222 <-> DISABLED <-> WEB-CGI pals-cgi arbitrary file access attempt (web-cgi.rules)
 * 1:12221 <-> DISABLED <-> WEB-PHP file upload GLOBAL variable overwrite attempt (web-php.rules)
 * 1:1225 <-> ENABLED <-> X11 MIT Magic Cookie detected (x11.rules)
 * 1:1226 <-> ENABLED <-> X11 xopen (x11.rules)
 * 1:12269 <-> ENABLED <-> WEB-ACTIVEX Microsoft Visual Basic 6 TLIApplication ActiveX clsid access (web-activex.rules)
 * 1:12270 <-> ENABLED <-> WEB-ACTIVEX Microsoft Visual Basic 6 TLIApplication ActiveX function call (web-activex.rules)
 * 1:12277 <-> DISABLED <-> EXPLOIT Microsoft IE CSS memory corruption exploit (exploit.rules)
 * 1:12278 <-> ENABLED <-> POLICY Microsoft Media Player compressed skin download - .wmz (policy.rules)
 * 1:12317 <-> ENABLED <-> NETBIOS DCERPC NCACN-IP-TCP trend-serverprotect-earthagent RPCFN_CopyAUSrc attempt (netbios.rules)
 * 1:12360 <-> DISABLED <-> WEB-PHP PHP function CRLF injection attempt (web-php.rules)
 * 1:12393 <-> DISABLED <-> WEB-ACTIVEX Intuit QuickBooks Online Edition 1 ActiveX clsid access (web-activex.rules)
 * 1:12394 <-> DISABLED <-> WEB-ACTIVEX Intuit QuickBooks Online Edition 1 ActiveX clsid unicode access (web-activex.rules)
 * 1:12395 <-> DISABLED <-> WEB-ACTIVEX Intuit QuickBooks Online Edition 2 ActiveX clsid access (web-activex.rules)
 * 1:12396 <-> DISABLED <-> WEB-ACTIVEX Intuit QuickBooks Online Edition 2 ActiveX clsid unicode access (web-activex.rules)
 * 1:12397 <-> DISABLED <-> WEB-ACTIVEX Intuit QuickBooks Online Edition 3 ActiveX clsid access (web-activex.rules)
 * 1:12398 <-> DISABLED <-> WEB-ACTIVEX Intuit QuickBooks Online Edition 3 ActiveX clsid unicode access (web-activex.rules)
 * 1:12399 <-> DISABLED <-> WEB-ACTIVEX Intuit QuickBooks Online Edition 4 ActiveX clsid access (web-activex.rules)
 * 1:12400 <-> DISABLED <-> WEB-ACTIVEX Intuit QuickBooks Online Edition 4 ActiveX clsid unicode access (web-activex.rules)
 * 1:12401 <-> DISABLED <-> WEB-ACTIVEX Intuit QuickBooks Online Edition 5 ActiveX clsid access (web-activex.rules)
 * 1:12402 <-> DISABLED <-> WEB-ACTIVEX Intuit QuickBooks Online Edition 5 ActiveX clsid unicode access (web-activex.rules)
 * 1:12403 <-> DISABLED <-> WEB-ACTIVEX Intuit QuickBooks Online Edition 6 ActiveX clsid access (web-activex.rules)
 * 1:12404 <-> DISABLED <-> WEB-ACTIVEX Intuit QuickBooks Online Edition 6 ActiveX clsid unicode access (web-activex.rules)
 * 1:12405 <-> DISABLED <-> WEB-ACTIVEX Intuit QuickBooks Online Edition 7 ActiveX clsid access (web-activex.rules)
 * 1:12406 <-> DISABLED <-> WEB-ACTIVEX Intuit QuickBooks Online Edition 7 ActiveX clsid unicode access (web-activex.rules)
 * 1:12407 <-> DISABLED <-> WEB-ACTIVEX Intuit QuickBooks Online Edition 8 ActiveX clsid access (web-activex.rules)
 * 1:12408 <-> DISABLED <-> WEB-ACTIVEX Intuit QuickBooks Online Edition 8 ActiveX clsid unicode access (web-activex.rules)
 * 1:12409 <-> DISABLED <-> WEB-ACTIVEX Intuit QuickBooks Online Edition 9 ActiveX clsid access (web-activex.rules)
 * 1:12410 <-> DISABLED <-> WEB-ACTIVEX Intuit QuickBooks Online Edition 9 ActiveX clsid unicode access (web-activex.rules)
 * 1:12411 <-> DISABLED <-> WEB-ACTIVEX Intuit QuickBooks Online Edition 10 ActiveX clsid access (web-activex.rules)
 * 1:12412 <-> DISABLED <-> WEB-ACTIVEX Intuit QuickBooks Online Edition 10 ActiveX clsid unicode access (web-activex.rules)
 * 1:12417 <-> DISABLED <-> WEB-ACTIVEX Microsoft Visual FoxPro ActiveX clsid access (web-activex.rules)
 * 1:12418 <-> DISABLED <-> WEB-ACTIVEX Microsoft Visual FoxPro ActiveX clsid unicode access (web-activex.rules)
 * 1:12419 <-> DISABLED <-> WEB-ACTIVEX Microsoft Visual FoxPro ActiveX function call access (web-activex.rules)
 * 1:12420 <-> DISABLED <-> WEB-ACTIVEX Microsoft Visual FoxPro ActiveX function call unicode access (web-activex.rules)
 * 1:12421 <-> DISABLED <-> EXPLOIT RealNetworks Helix RTSP long transport header (exploit.rules)
 * 1:12459 <-> DISABLED <-> WEB-ACTIVEX Microsoft Visual Studio 6 PDWizard.ocx ActiveX clsid access (web-activex.rules)
 * 1:12465 <-> DISABLED <-> EXPLOIT Apache APR memory corruption attempt (exploit.rules)
 * 1:12466 <-> DISABLED <-> WEB-ACTIVEX MW6 Technologies QRCode ActiveX clsid access (web-activex.rules)
 * 1:12467 <-> DISABLED <-> WEB-ACTIVEX MW6 Technologies QRCode ActiveX clsid unicode access (web-activex.rules)
 * 1:12472 <-> ENABLED <-> WEB-ACTIVEX Sun Java Web Start ActiveX clsid access (web-activex.rules)
 * 1:12473 <-> ENABLED <-> WEB-ACTIVEX Sun Java Web Start ActiveX clsid unicode access (web-activex.rules)
 * 1:12474 <-> ENABLED <-> WEB-ACTIVEX Sun Java Web Start ActiveX function call access (web-activex.rules)
 * 1:12475 <-> ENABLED <-> WEB-ACTIVEX Sun Java Web Start ActiveX function call unicode access (web-activex.rules)
 * 1:1248 <-> DISABLED <-> WEB-FRONTPAGE rad fp30reg.dll access (web-frontpage.rules)
 * 1:1249 <-> DISABLED <-> WEB-FRONTPAGE frontpage rad fp4areg.dll access (web-frontpage.rules)
 * 1:1252 <-> DISABLED <-> TELNET bsd telnet exploit response (telnet.rules)
 * 1:1253 <-> DISABLED <-> TELNET bsd exploit client finishing (telnet.rules)
 * 1:1254 <-> DISABLED <-> WEB-PHP PHPLIB remote command attempt (web-php.rules)
 * 1:1255 <-> DISABLED <-> WEB-PHP PHPLIB remote command attempt (web-php.rules)
 * 1:12610 <-> DISABLED <-> WEB-PHP phpBB viewtopic double URL encoding attempt (web-php.rules)
 * 1:12612 <-> DISABLED <-> WEB-ACTIVEX Microsoft Windows MFC Library ActiveX clsid access (web-activex.rules)
 * 1:12613 <-> DISABLED <-> WEB-ACTIVEX Microsoft Windows MFC Library ActiveX clsid unicode access (web-activex.rules)
 * 1:12614 <-> DISABLED <-> WEB-ACTIVEX Microsoft Windows MFC Library ActiveX function call access (web-activex.rules)
 * 1:12615 <-> DISABLED <-> WEB-ACTIVEX Microsoft Windows MFC Library ActiveX function call unicode access (web-activex.rules)
 * 1:12616 <-> DISABLED <-> WEB-ACTIVEX Microsoft Visual Studio 6 PDWizard.ocx ActiveX function call access (web-activex.rules)
 * 1:12619 <-> DISABLED <-> EXPLOIT Microsoft Exchange ical/vcal malformed property (exploit.rules)
 * 1:12661 <-> ENABLED <-> BACKDOOR troll.a runtime detection (backdoor.rules)
 * 1:12672 <-> DISABLED <-> SPYWARE-PUT Trackware searchmiracle elitebar runtime detection - get ads (spyware-put.rules)
 * 1:12703 <-> DISABLED <-> WEB-ACTIVEX Macrovision InstallShield Update Service ActiveX function call unicode access (web-activex.rules)
 * 1:12741 <-> DISABLED <-> EXPLOIT Apple Quicktime TCP RTSP sdp type buffer overflow attempt (exploit.rules)
 * 1:12742 <-> DISABLED <-> EXPLOIT Apple Quicktime UDP RTSP sdp type buffer overflow attempt (exploit.rules)
 * 1:12747 <-> DISABLED <-> WEB-ACTIVEX BitDefender Online Scanner ActiveX clsid access (web-activex.rules)
 * 1:12748 <-> DISABLED <-> WEB-ACTIVEX BitDefender Online Scanner ActiveX clsid unicode access (web-activex.rules)
 * 1:12749 <-> DISABLED <-> WEB-ACTIVEX BitDefender Online Scanner ActiveX function call access (web-activex.rules)
 * 1:12750 <-> DISABLED <-> WEB-ACTIVEX BitDefender Online Scanner ActiveX function call unicode access (web-activex.rules)
 * 1:12751 <-> DISABLED <-> WEB-ACTIVEX RichFX Basic Player ActiveX clsid access (web-activex.rules)
 * 1:12752 <-> DISABLED <-> WEB-ACTIVEX RichFX Basic Player ActiveX clsid unicode access (web-activex.rules)
 * 1:12753 <-> DISABLED <-> WEB-ACTIVEX RichFX Basic Player ActiveX function call access (web-activex.rules)
 * 1:12754 <-> DISABLED <-> WEB-ACTIVEX RichFX Basic Player ActiveX function call unicode access (web-activex.rules)
 * 1:12755 <-> DISABLED <-> WEB-ACTIVEX PPStream PowerList ActiveX clsid access (web-activex.rules)
 * 1:12756 <-> DISABLED <-> WEB-ACTIVEX PPStream PowerList ActiveX clsid unicode access (web-activex.rules)
 * 1:12762 <-> DISABLED <-> WEB-ACTIVEX Yahoo Toolbar Helper Class ActiveX clsid access (web-activex.rules)
 * 1:12763 <-> DISABLED <-> WEB-ACTIVEX Yahoo Toolbar Helper Class ActiveX clsid unicode access (web-activex.rules)
 * 1:12764 <-> DISABLED <-> WEB-ACTIVEX Yahoo Toolbar Helper Class ActiveX function call access (web-activex.rules)
 * 1:12765 <-> DISABLED <-> WEB-ACTIVEX Yahoo Toolbar Helper Class ActiveX function call unicode access (web-activex.rules)
 * 1:12768 <-> DISABLED <-> WEB-ACTIVEX RealPlayer RMOC3260.DLL ActiveX function call access (web-activex.rules)
 * 1:12769 <-> DISABLED <-> WEB-ACTIVEX RealPlayer RMOC3260.DLL ActiveX function call unicode access (web-activex.rules)
 * 1:12770 <-> ENABLED <-> SPECIFIC-THREATS obfuscated RDS.Dataspace ActiveX exploit attempt (specific-threats.rules)
 * 1:12771 <-> ENABLED <-> SPECIFIC-THREATS obfuscated BaoFeng Storm MPS.dll ActiveX exploit attempt (specific-threats.rules)
 * 1:12772 <-> ENABLED <-> SPECIFIC-THREATS obfuscated PPStream PowerPlayer ActiveX exploit attempt (specific-threats.rules)
 * 1:12773 <-> ENABLED <-> SPECIFIC-THREATS obfuscated Xunlei Thunder PPLAYER.DLL ActiveX exploit attempt (specific-threats.rules)
 * 1:12774 <-> ENABLED <-> SPECIFIC-THREATS obfuscated GlobalLink ConnectAndEnterRoom ActiveX exploit attempt (specific-threats.rules)
 * 1:12775 <-> ENABLED <-> SPECIFIC-THREATS obfuscated RealPlayer Ierpplug.dll ActiveX exploit attempt (specific-threats.rules)
 * 1:12780 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader 4 Vulnerable Methods ActiveX clsid access (web-activex.rules)
 * 1:12781 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader 4 Vulnerable Methods ActiveX clsid unicode access (web-activex.rules)
 * 1:12782 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader 4 Vulnerable Methods ActiveX function call access (web-activex.rules)
 * 1:12783 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader 4 Vulnerable Methods ActiveX function call unicode access (web-activex.rules)
 * 1:12803 <-> DISABLED <-> WEB-ACTIVEX VideoLAN VLC ActiveX clsid access (web-activex.rules)
 * 1:12804 <-> DISABLED <-> WEB-ACTIVEX VideoLAN VLC ActiveX clsid unicode access (web-activex.rules)
 * 1:12805 <-> DISABLED <-> WEB-ACTIVEX VideoLAN VLC ActiveX function call access (web-activex.rules)
 * 1:12806 <-> DISABLED <-> WEB-ACTIVEX VideoLAN VLC ActiveX function call unicode access (web-activex.rules)
 * 1:1288 <-> DISABLED <-> WEB-FRONTPAGE /_vti_bin/ access (web-frontpage.rules)
 * 1:1289 <-> DISABLED <-> TFTP GET Admin.dll (tftp.rules)
 * 1:12905 <-> DISABLED <-> SPECIFIC-THREATS Microsoft SPNEGO ASN.1 library heap corruption overflow attempt (specific-threats.rules)
 * 1:12940 <-> ENABLED <-> NETBIOS DCERPC NCACN-IP-TCP brightstor-arc2 CA call 269 overflow attempt (netbios.rules)
 * 1:12946 <-> DISABLED <-> NETBIOS SMB-DS SMBv2 protocol negotiation attempt (netbios.rules)
 * 1:12947 <-> DISABLED <-> NETBIOS SMB SMBv2 protocol negotiation attempt (netbios.rules)
 * 1:12948 <-> DISABLED <-> WEB-ACTIVEX Vantage Linguistics 1 ActiveX clsid access (web-activex.rules)
 * 1:12949 <-> DISABLED <-> WEB-ACTIVEX Vantage Linguistics 1 ActiveX clsid unicode access (web-activex.rules)
 * 1:12950 <-> DISABLED <-> WEB-ACTIVEX Vantage Linguistics 2 ActiveX clsid access (web-activex.rules)
 * 1:12951 <-> DISABLED <-> WEB-ACTIVEX Vantage Linguistics 2 ActiveX clsid unicode access (web-activex.rules)
 * 1:12952 <-> DISABLED <-> WEB-ACTIVEX Vantage Linguistics 3 ActiveX clsid access (web-activex.rules)
 * 1:12953 <-> DISABLED <-> WEB-ACTIVEX Vantage Linguistics 3 ActiveX clsid unicode access (web-activex.rules)
 * 1:12954 <-> DISABLED <-> WEB-ACTIVEX DXLTPI.DLL ActiveX clsid access (web-activex.rules)
 * 1:12955 <-> DISABLED <-> WEB-ACTIVEX DXLTPI.DLL ActiveX clsid unicode access (web-activex.rules)
 * 1:12956 <-> DISABLED <-> WEB-ACTIVEX MSN Heartbeat ActiveX clsid unicode access (web-activex.rules)
 * 1:12957 <-> DISABLED <-> WEB-ACTIVEX MSN Heartbeat 2 ActiveX clsid access (web-activex.rules)
 * 1:12958 <-> DISABLED <-> WEB-ACTIVEX MSN Heartbeat 2 ActiveX clsid unicode access (web-activex.rules)
 * 1:12959 <-> DISABLED <-> WEB-ACTIVEX MSN Heartbeat 3 ActiveX clsid access (web-activex.rules)
 * 1:12960 <-> DISABLED <-> WEB-ACTIVEX MSN Heartbeat 3 ActiveX clsid unicode access (web-activex.rules)
 * 1:12961 <-> DISABLED <-> WEB-ACTIVEX Intuit QuickBooks Online Import 1 ActiveX clsid access (web-activex.rules)
 * 1:12962 <-> DISABLED <-> WEB-ACTIVEX Intuit QuickBooks Online Import 1 ActiveX clsid unicode access (web-activex.rules)
 * 1:12963 <-> DISABLED <-> WEB-ACTIVEX Intuit QuickBooks Online Import 2 ActiveX clsid access (web-activex.rules)
 * 1:12964 <-> DISABLED <-> WEB-ACTIVEX Intuit QuickBooks Online Import 2 ActiveX clsid unicode access (web-activex.rules)
 * 1:12965 <-> DISABLED <-> WEB-ACTIVEX Intuit QuickBooks Online Import 3 ActiveX clsid access (web-activex.rules)
 * 1:12966 <-> DISABLED <-> WEB-ACTIVEX Intuit QuickBooks Online Import 3 ActiveX clsid unicode access (web-activex.rules)
 * 1:12967 <-> DISABLED <-> WEB-ACTIVEX Intuit QuickBooks Online Import 4 ActiveX clsid access (web-activex.rules)
 * 1:12968 <-> DISABLED <-> WEB-ACTIVEX Intuit QuickBooks Online Import 4 ActiveX clsid unicode access (web-activex.rules)
 * 1:12969 <-> DISABLED <-> WEB-ACTIVEX Intuit QuickBooks Online Import 5 ActiveX clsid access (web-activex.rules)
 * 1:12970 <-> DISABLED <-> WEB-ACTIVEX Intuit QuickBooks Online Import 5 ActiveX clsid unicode access (web-activex.rules)
 * 1:12971 <-> DISABLED <-> EXPLOIT microsoft directshow wav file overflow attempt (exploit.rules)
 * 1:12977 <-> ENABLED <-> NETBIOS DCERPC NCACN-IP-TCP mqqm QMCreateObjectInternal overflow attempt (netbios.rules)
 * 1:12978 <-> ENABLED <-> NETBIOS DCERPC NCADG-IP-UDP mqqm QMCreateObjectInternal overflow attempt (netbios.rules)
 * 1:12984 <-> ENABLED <-> NETBIOS DCERPC NCACN-IP-TCP srvsvc NetSetFileSecurity integer overflow attempt (netbios.rules)
 * 1:12985 <-> ENABLED <-> NETBIOS DCERPC NCADG-IP-UDP srvsvc NetSetFileSecurity integer overflow attempt (netbios.rules)
 * 1:1300 <-> DISABLED <-> WEB-PHP admin.php file upload attempt (web-php.rules)
 * 1:1301 <-> DISABLED <-> WEB-PHP admin.php access (web-php.rules)
 * 1:1304 <-> DISABLED <-> WEB-CGI txt2html.cgi access (web-cgi.rules)
 * 1:1305 <-> DISABLED <-> WEB-CGI txt2html.cgi directory traversal attempt (web-cgi.rules)
 * 1:1306 <-> DISABLED <-> WEB-CGI store.cgi product directory traversal attempt (web-cgi.rules)
 * 1:1307 <-> DISABLED <-> WEB-CGI store.cgi access (web-cgi.rules)
 * 1:1308 <-> DISABLED <-> WEB-CGI sendmessage.cgi access (web-cgi.rules)
 * 1:1309 <-> DISABLED <-> WEB-CGI zsh access (web-cgi.rules)
 * 1:13210 <-> ENABLED <-> NETBIOS DCERPC NCACN-IP-TCP mqqm QMObjectPathToObjectFormat overflow attempt (netbios.rules)
 * 1:13211 <-> ENABLED <-> NETBIOS DCERPC NCADG-IP-UDP mqqm QMObjectPathToObjectFormat overflow attempt (netbios.rules)
 * 1:13216 <-> DISABLED <-> WEB-ACTIVEX ShockwaveFlash.ShockwaveFlash ActiveX function call access (web-activex.rules)
 * 1:13217 <-> DISABLED <-> WEB-ACTIVEX ShockwaveFlash.ShockwaveFlash ActiveX function call unicode access (web-activex.rules)
 * 1:13218 <-> DISABLED <-> WEB-ACTIVEX ShockwaveFlash.ShockwaveFlash.9 ActiveX function call unicode access (web-activex.rules)
 * 1:13219 <-> DISABLED <-> WEB-ACTIVEX HP Software Update RulesEngine.dll ActiveX clsid access (web-activex.rules)
 * 1:13220 <-> DISABLED <-> WEB-ACTIVEX HP Software Update RulesEngine.dll ActiveX clsid unicode access (web-activex.rules)
 * 1:13224 <-> DISABLED <-> WEB-ACTIVEX Yahoo Toolbar YShortcut ActiveX clsid access (web-activex.rules)
 * 1:13225 <-> DISABLED <-> WEB-ACTIVEX Yahoo Toolbar YShortcut ActiveX clsid unicode access (web-activex.rules)
 * 1:13226 <-> DISABLED <-> WEB-ACTIVEX Yahoo Toolbar YShortcut ActiveX function call access (web-activex.rules)
 * 1:13227 <-> DISABLED <-> WEB-ACTIVEX Yahoo Toolbar YShortcut ActiveX function call unicode access (web-activex.rules)
 * 1:13228 <-> DISABLED <-> WEB-ACTIVEX HP eSupportDiagnostics 1 ActiveX clsid access (web-activex.rules)
 * 1:13229 <-> DISABLED <-> WEB-ACTIVEX HP eSupportDiagnostics 1 ActiveX clsid unicode access (web-activex.rules)
 * 1:13230 <-> DISABLED <-> WEB-ACTIVEX HP eSupportDiagnostics 2 ActiveX clsid access (web-activex.rules)
 * 1:13231 <-> DISABLED <-> WEB-ACTIVEX HP eSupportDiagnostics 2 ActiveX clsid unicode access (web-activex.rules)
 * 1:13232 <-> DISABLED <-> WEB-ACTIVEX Persits Software XUpload ActiveX clsid access (web-activex.rules)
 * 1:13233 <-> DISABLED <-> WEB-ACTIVEX Persits Software XUpload ActiveX clsid unicode access (web-activex.rules)
 * 1:13234 <-> DISABLED <-> WEB-ACTIVEX Persits Software XUpload ActiveX function call access (web-activex.rules)
 * 1:13235 <-> DISABLED <-> WEB-ACTIVEX Persits Software XUpload ActiveX function call unicode access (web-activex.rules)
 * 1:13249 <-> DISABLED <-> DNS dns response for rfc1918 10/8 address detected (dns.rules)
 * 1:13258 <-> DISABLED <-> WEB-ACTIVEX IBM Lotus Domino Web Access 6 ActiveX clsid access (web-activex.rules)
 * 1:13259 <-> DISABLED <-> WEB-ACTIVEX IBM Lotus Domino Web Access 6 ActiveX clsid unicode access (web-activex.rules)
 * 1:13260 <-> DISABLED <-> WEB-ACTIVEX IBM Lotus Domino Web Access 6 ActiveX function call access (web-activex.rules)
 * 1:13261 <-> DISABLED <-> WEB-ACTIVEX IBM Lotus Domino Web Access 6 ActiveX function call unicode access (web-activex.rules)
 * 1:13262 <-> DISABLED <-> WEB-ACTIVEX IBM Lotus Domino Web Access 7 ActiveX clsid access (web-activex.rules)
 * 1:13263 <-> DISABLED <-> WEB-ACTIVEX IBM Lotus Domino Web Access 7 ActiveX clsid unicode access (web-activex.rules)
 * 1:13264 <-> DISABLED <-> WEB-ACTIVEX IBM Lotus Domino Web Access 7 ActiveX function call access (web-activex.rules)
 * 1:13265 <-> DISABLED <-> WEB-ACTIVEX IBM Lotus Domino Web Access 7 ActiveX function call unicode access (web-activex.rules)
 * 1:13266 <-> DISABLED <-> WEB-ACTIVEX SkyFex Client ActiveX clsid access (web-activex.rules)
 * 1:13267 <-> DISABLED <-> WEB-ACTIVEX SkyFex Client ActiveX clsid unicode access (web-activex.rules)
 * 1:13273 <-> DISABLED <-> WEB-ACTIVEX DivX Web Player ActiveX clsid access (web-activex.rules)
 * 1:13274 <-> DISABLED <-> WEB-ACTIVEX DivX Web Player ActiveX clsid unicode access (web-activex.rules)
 * 1:13275 <-> DISABLED <-> WEB-ACTIVEX DivX Web Player ActiveX function call access (web-activex.rules)
 * 1:13276 <-> DISABLED <-> WEB-ACTIVEX DivX Web Player ActiveX function call unicode access (web-activex.rules)
 * 1:13289 <-> DISABLED <-> WEB-ACTIVEX Gatway CWebLaunchCtl ActiveX clsid access (web-activex.rules)
 * 1:13290 <-> DISABLED <-> WEB-ACTIVEX Gatway CWebLaunchCtl ActiveX clsid unicode access (web-activex.rules)
 * 1:13294 <-> DISABLED <-> WEB-ACTIVEX Microsoft Rich TextBox ActiveX clsid access (web-activex.rules)
 * 1:13295 <-> DISABLED <-> WEB-ACTIVEX Microsoft Rich TextBox ActiveX clsid unicode access (web-activex.rules)
 * 1:13296 <-> DISABLED <-> WEB-ACTIVEX Microsoft Rich TextBox ActiveX clsid access (web-activex.rules)
 * 1:13297 <-> DISABLED <-> WEB-ACTIVEX Microsoft Rich TextBox ActiveX clsid unicode access (web-activex.rules)
 * 1:13298 <-> DISABLED <-> WEB-ACTIVEX Microsoft Rich TextBox ActiveX function call access (web-activex.rules)
 * 1:13299 <-> DISABLED <-> WEB-ACTIVEX Microsoft Rich TextBox ActiveX function call unicode access (web-activex.rules)
 * 1:13303 <-> DISABLED <-> WEB-ACTIVEX Microsoft Visual FoxPro 2 ActiveX clsid access (web-activex.rules)
 * 1:13304 <-> DISABLED <-> WEB-ACTIVEX Microsoft Visual FoxPro 2 ActiveX clsid unicode access (web-activex.rules)
 * 1:13305 <-> DISABLED <-> WEB-ACTIVEX Microsoft Visual FoxPro 2 ActiveX function call access (web-activex.rules)
 * 1:13306 <-> DISABLED <-> WEB-ACTIVEX Microsoft Visual FoxPro 2 ActiveX function call unicode access (web-activex.rules)
 * 1:13312 <-> DISABLED <-> WEB-ACTIVEX StreamAudio ProxyManager ActiveX clsid access (web-activex.rules)
 * 1:13313 <-> DISABLED <-> WEB-ACTIVEX StreamAudio ProxyManager ActiveX clsid unicode access (web-activex.rules)
 * 1:13314 <-> DISABLED <-> WEB-ACTIVEX StreamAudio ProxyManager ActiveX function call access (web-activex.rules)
 * 1:13315 <-> DISABLED <-> WEB-ACTIVEX StreamAudio ProxyManager ActiveX function call unicode access (web-activex.rules)
 * 1:13321 <-> ENABLED <-> WEB-ACTIVEX Microsoft Package and Deployment Wizard ActiveX clsid access (web-activex.rules)
 * 1:13322 <-> DISABLED <-> WEB-ACTIVEX Microsoft Package and Deployment Wizard ActiveX clsid unicode access (web-activex.rules)
 * 1:13323 <-> DISABLED <-> WEB-ACTIVEX Microsoft Package and Deployment Wizard ActiveX function call access (web-activex.rules)
 * 1:13324 <-> DISABLED <-> WEB-ACTIVEX Microsoft Package and Deployment Wizard ActiveX function call unicode access (web-activex.rules)
 * 1:13325 <-> DISABLED <-> WEB-ACTIVEX Macrovision FLEXnet Connect ActiveX clsid access (web-activex.rules)
 * 1:13326 <-> DISABLED <-> WEB-ACTIVEX Macrovision FLEXnet Connect ActiveX clsid unicode access (web-activex.rules)
 * 1:13327 <-> DISABLED <-> WEB-ACTIVEX Macrovision FLEXnet Connect ActiveX function call access (web-activex.rules)
 * 1:13328 <-> DISABLED <-> WEB-ACTIVEX Macrovision FLEXnet Connect ActiveX function call unicode access (web-activex.rules)
 * 1:13329 <-> DISABLED <-> WEB-ACTIVEX Toshiba Surveillance Surveillix DVR ActiveX clsid access (web-activex.rules)
 * 1:13330 <-> DISABLED <-> WEB-ACTIVEX Toshiba Surveillance Surveillix DVR ActiveX clsid unicode access (web-activex.rules)
 * 1:13331 <-> DISABLED <-> WEB-ACTIVEX Toshiba Surveillance Surveillix DVR ActiveX function call access (web-activex.rules)
 * 1:13332 <-> DISABLED <-> WEB-ACTIVEX Toshiba Surveillance Surveillix DVR ActiveX function call unicode access (web-activex.rules)
 * 1:13333 <-> DISABLED <-> WEB-ACTIVEX HP Virtual Rooms ActiveX clsid access (web-activex.rules)
 * 1:13334 <-> DISABLED <-> WEB-ACTIVEX HP Virtual Rooms ActiveX clsid unicode access (web-activex.rules)
 * 1:13335 <-> DISABLED <-> WEB-ACTIVEX Lycos File Upload Component ActiveX clsid access (web-activex.rules)
 * 1:13336 <-> DISABLED <-> WEB-ACTIVEX Lycos File Upload Component ActiveX clsid unicode access (web-activex.rules)
 * 1:13337 <-> DISABLED <-> WEB-ACTIVEX Comodo AntiVirus ActiveX clsid access (web-activex.rules)
 * 1:13338 <-> DISABLED <-> WEB-ACTIVEX Comodo AntiVirus ActiveX clsid unicode access (web-activex.rules)
 * 1:13348 <-> DISABLED <-> WEB-ACTIVEX Move Networks Media Player ActiveX clsid access (web-activex.rules)
 * 1:13349 <-> DISABLED <-> WEB-ACTIVEX Move Networks Media Player ActiveX clsid unicode access (web-activex.rules)
 * 1:13350 <-> DISABLED <-> WEB-ACTIVEX Move Networks Media Player ActiveX function call access (web-activex.rules)
 * 1:13351 <-> DISABLED <-> WEB-ACTIVEX Move Networks Media Player ActiveX function call unicode access (web-activex.rules)
 * 1:13352 <-> DISABLED <-> WEB-ACTIVEX Lycos File Upload Component ActiveX function call access (web-activex.rules)
 * 1:13353 <-> DISABLED <-> WEB-ACTIVEX Lycos File Upload Component ActiveX function call unicode access (web-activex.rules)
 * 1:13354 <-> DISABLED <-> WEB-ACTIVEX HP Virtual Rooms ActiveX function call access (web-activex.rules)
 * 1:13355 <-> DISABLED <-> WEB-ACTIVEX HP Virtual Rooms ActiveX function call unicode access (web-activex.rules)
 * 1:13357 <-> DISABLED <-> POLICY failed mysql login attempt (policy.rules)
 * 1:13358 <-> DISABLED <-> POLICY mysql login attempt from unauthorized location (policy.rules)
 * 1:13359 <-> DISABLED <-> POLICY failed IMAP login attempt - invalid username/password (policy.rules)
 * 1:13360 <-> DISABLED <-> POLICY failed FTP login attempt (policy.rules)
 * 1:13361 <-> DISABLED <-> EXPLOIT ClamAV MEW PE file integer overflow attempt (exploit.rules)
 * 1:13362 <-> DISABLED <-> EXPLOIT ClamAV MEW PE file integer overflow attempt (exploit.rules)
 * 1:13423 <-> DISABLED <-> WEB-ACTIVEX SwiftView ActiveX clsid access (web-activex.rules)
 * 1:13424 <-> DISABLED <-> WEB-ACTIVEX SwiftView ActiveX clsid unicode access (web-activex.rules)
 * 1:13426 <-> DISABLED <-> WEB-ACTIVEX Yahoo Music JukeBox DataGrid ActiveX clsid access (web-activex.rules)
 * 1:13427 <-> DISABLED <-> WEB-ACTIVEX Yahoo Music JukeBox DataGrid ActiveX clsid unicode access (web-activex.rules)
 * 1:13428 <-> DISABLED <-> WEB-ACTIVEX Yahoo Music JukeBox DataGrid ActiveX function call access (web-activex.rules)
 * 1:13429 <-> DISABLED <-> WEB-ACTIVEX Yahoo Music JukeBox DataGrid ActiveX function call unicode access (web-activex.rules)
 * 1:13430 <-> DISABLED <-> WEB-ACTIVEX Yahoo Music JukeBox MediaGrid ActiveX clsid access (web-activex.rules)
 * 1:13431 <-> DISABLED <-> WEB-ACTIVEX Yahoo Music JukeBox MediaGrid ActiveX clsid unicode access (web-activex.rules)
 * 1:13432 <-> DISABLED <-> WEB-ACTIVEX Yahoo Music JukeBox MediaGrid ActiveX function call access (web-activex.rules)
 * 1:13433 <-> DISABLED <-> WEB-ACTIVEX Yahoo Music JukeBox MediaGrid ActiveX function call unicode access (web-activex.rules)
 * 1:13434 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader 4 Property Overflows ActiveX clsid access (web-activex.rules)
 * 1:13435 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader 4 Property Overflows ActiveX clsid unicode access (web-activex.rules)
 * 1:13436 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader 4 Property Overflows ActiveX function call access (web-activex.rules)
 * 1:13437 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader 4 Property Overflows ActiveX function call unicode access (web-activex.rules)
 * 1:13438 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader 5 Vulnerable Methods ActiveX clsid access (web-activex.rules)
 * 1:13439 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader 5 Vulnerable Methods ActiveX clsid unicode access (web-activex.rules)
 * 1:13440 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader 5 Vulnerable Methods ActiveX function call access (web-activex.rules)
 * 1:13441 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader 5 Vulnerable Methods ActiveX function call unicode access (web-activex.rules)
 * 1:13442 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader 5 Property Overflows ActiveX clsid access (web-activex.rules)
 * 1:13443 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader 5 Property Overflows ActiveX clsid unicode access (web-activex.rules)
 * 1:13444 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader 5 Property Overflows ActiveX function call access (web-activex.rules)
 * 1:13445 <-> DISABLED <-> WEB-ACTIVEX Aurigma Image Uploader 5 Property Overflows ActiveX function call unicode access (web-activex.rules)
 * 1:13446 <-> DISABLED <-> WEB-ACTIVEX GlobalLink HanGamePlugin ActiveX clsid access (web-activex.rules)
 * 1:13447 <-> DISABLED <-> WEB-ACTIVEX GlobalLink HanGamePlugin ActiveX clsid unicode access (web-activex.rules)
 * 1:13512 <-> DISABLED <-> SQL generic sql exec injection attempt - GET parameter (sql.rules)
 * 1:13513 <-> DISABLED <-> SQL generic sql insert injection atttempt - GET parameter (sql.rules)
 * 1:13514 <-> DISABLED <-> SQL generic sql update injection attempt - GET parameter (sql.rules)
 * 1:13523 <-> ENABLED <-> WEB-ACTIVEX Novell iPrint ActiveX clsid access (web-activex.rules)
 * 1:13524 <-> ENABLED <-> WEB-ACTIVEX Novell iPrint ActiveX clsid unicode access (web-activex.rules)
 * 1:13525 <-> ENABLED <-> WEB-ACTIVEX Novell iPrint ActiveX function call access (web-activex.rules)
 * 1:13526 <-> ENABLED <-> WEB-ACTIVEX Novell iPrint ActiveX function call unicode access (web-activex.rules)
 * 1:13527 <-> DISABLED <-> WEB-ACTIVEX D-Link MPEG4 SHM Audio Control ActiveX clsid access (web-activex.rules)
 * 1:13528 <-> DISABLED <-> WEB-ACTIVEX D-Link MPEG4 SHM Audio Control ActiveX clsid unicode access (web-activex.rules)
 * 1:13529 <-> DISABLED <-> WEB-ACTIVEX D-Link MPEG4 SHM Audio Control ActiveX function call access (web-activex.rules)
 * 1:13530 <-> DISABLED <-> WEB-ACTIVEX D-Link MPEG4 SHM Audio Control ActiveX function call unicode access (web-activex.rules)
 * 1:13531 <-> DISABLED <-> WEB-ACTIVEX 4xem VatCtrl ActiveX clsid access (web-activex.rules)
 * 1:13532 <-> DISABLED <-> WEB-ACTIVEX 4xem VatCtrl ActiveX clsid unicode access (web-activex.rules)
 * 1:13533 <-> DISABLED <-> WEB-ACTIVEX 4xem VatCtrl ActiveX function call access (web-activex.rules)
 * 1:13534 <-> DISABLED <-> WEB-ACTIVEX 4xem VatCtrl ActiveX function call unicode access (web-activex.rules)
 * 1:13535 <-> DISABLED <-> WEB-ACTIVEX Vivotek RTSP MPEG4 SP Control ActiveX clsid access (web-activex.rules)
 * 1:13536 <-> DISABLED <-> WEB-ACTIVEX Vivotek RTSP MPEG4 SP Control ActiveX clsid unicode access (web-activex.rules)
 * 1:13537 <-> DISABLED <-> WEB-ACTIVEX Vivotek RTSP MPEG4 SP Control ActiveX function call access (web-activex.rules)
 * 1:13538 <-> DISABLED <-> WEB-ACTIVEX Vivotek RTSP MPEG4 SP Control ActiveX function call unicode access (web-activex.rules)
 * 1:13539 <-> DISABLED <-> WEB-ACTIVEX Symantec Backup Exec ActiveX clsid access (web-activex.rules)
 * 1:13540 <-> DISABLED <-> WEB-ACTIVEX Symantec Backup Exec ActiveX clsid unicode access (web-activex.rules)
 * 1:13541 <-> DISABLED <-> WEB-ACTIVEX Symantec Backup Exec ActiveX function call access (web-activex.rules)
 * 1:13542 <-> DISABLED <-> WEB-ACTIVEX Symantec Backup Exec ActiveX function call unicode access (web-activex.rules)
 * 1:13543 <-> DISABLED <-> WEB-ACTIVEX Learn2 STRunner ActiveX clsid access (web-activex.rules)
 * 1:13544 <-> DISABLED <-> WEB-ACTIVEX Learn2 STRunner ActiveX clsid unicode access (web-activex.rules)
 * 1:13545 <-> DISABLED <-> WEB-ACTIVEX Learn2 STRunner ActiveX function call access (web-activex.rules)
 * 1:13546 <-> DISABLED <-> WEB-ACTIVEX Learn2 STRunner ActiveX function call unicode access (web-activex.rules)
 * 1:13547 <-> DISABLED <-> WEB-ACTIVEX Sony ImageStation ActiveX clsid access (web-activex.rules)
 * 1:13548 <-> DISABLED <-> WEB-ACTIVEX Sony ImageStation ActiveX clsid unicode access (web-activex.rules)
 * 1:13549 <-> DISABLED <-> WEB-ACTIVEX Sony ImageStation ActiveX function call access (web-activex.rules)
 * 1:13550 <-> DISABLED <-> WEB-ACTIVEX Sony ImageStation ActiveX function call unicode access (web-activex.rules)
 * 1:13594 <-> DISABLED <-> SPECIFIC-THREATS Microsoft Windows print spooler little endian DoS attempt (specific-threats.rules)
 * 1:13595 <-> DISABLED <-> WEB-ACTIVEX ICQ Toolbar toolbaru.dll ActiveX clsid access (web-activex.rules)
 * 1:13596 <-> DISABLED <-> WEB-ACTIVEX ICQ Toolbar toolbaru.dll ActiveX clsid unicode access (web-activex.rules)
 * 1:13597 <-> DISABLED <-> WEB-ACTIVEX ICQ Toolbar toolbaru.dll ActiveX function call access (web-activex.rules)
 * 1:13598 <-> DISABLED <-> WEB-ACTIVEX ICQ Toolbar toolbaru.dll ActiveX function call unicode access (web-activex.rules)
 * 1:13599 <-> DISABLED <-> WEB-ACTIVEX Kingsoft Antivirus Online Update Module ActiveX clsid access (web-activex.rules)
 * 1:13600 <-> DISABLED <-> WEB-ACTIVEX Kingsoft Antivirus Online Update Module ActiveX clsid unicode access (web-activex.rules)
 * 1:13601 <-> DISABLED <-> WEB-ACTIVEX Kingsoft Antivirus Online Update Module ActiveX function call access (web-activex.rules)
 * 1:13602 <-> DISABLED <-> WEB-ACTIVEX Kingsoft Antivirus Online Update Module ActiveX function call unicode access (web-activex.rules)
 * 1:13603 <-> DISABLED <-> WEB-ACTIVEX RealPlayer Download Handler ActiveX function call access (web-activex.rules)
 * 1:13604 <-> DISABLED <-> WEB-ACTIVEX RealPlayer Download Handler ActiveX function call unicode access (web-activex.rules)
 * 1:13605 <-> DISABLED <-> WEB-ACTIVEX RealPlayer RAM Download Handler ActiveX function call access (web-activex.rules)
 * 1:13606 <-> DISABLED <-> WEB-ACTIVEX RealPlayer RAM Download Handler ActiveX function call unicode access (web-activex.rules)
 * 1:13607 <-> DISABLED <-> WEB-ACTIVEX RealPlayer RMOC3260.DLL Vulnerble Property ActiveX clsid access (web-activex.rules)
 * 1:13608 <-> DISABLED <-> WEB-ACTIVEX RealPlayer RMOC3260.DLL Vulnerble Property ActiveX clsid unicode access (web-activex.rules)
 * 1:13609 <-> DISABLED <-> WEB-ACTIVEX RealPlayer RMOC3260.DLL Vulnerble Property ActiveX function call access (web-activex.rules)
 * 1:13610 <-> DISABLED <-> WEB-ACTIVEX RealPlayer RMOC3260.DLL Vulnerble Property ActiveX function call unicode access (web-activex.rules)
 * 1:13613 <-> DISABLED <-> SPECIFIC-THREATS Solaris username overflow authentication bypass attempt (specific-threats.rules)
 * 1:13619 <-> ENABLED <-> SPECIFIC-THREATS Microsoft getBulkRequest memory corruption attempt (specific-threats.rules)
 * 1:13621 <-> DISABLED <-> WEB-ACTIVEX CA BrightStor ListCtrl ActiveX clsid access (web-activex.rules)
 * 1:13622 <-> DISABLED <-> WEB-ACTIVEX CA BrightStor ListCtrl ActiveX clsid unicode access (web-activex.rules)
 * 1:13623 <-> DISABLED <-> WEB-ACTIVEX CA BrightStor ListCtrl ActiveX function call access (web-activex.rules)
 * 1:13624 <-> DISABLED <-> WEB-ACTIVEX CA BrightStor ListCtrl ActiveX function call unicode access (web-activex.rules)
 * 1:13657 <-> DISABLED <-> WEB-ACTIVEX BusinessObjects RptViewerAx ActiveX clsid access (web-activex.rules)
 * 1:13658 <-> DISABLED <-> WEB-ACTIVEX BusinessObjects RptViewerAx ActiveX clsid unicode access (web-activex.rules)
 * 1:13659 <-> DISABLED <-> WEB-ACTIVEX BusinessObjects RptViewerAx ActiveX function call access (web-activex.rules)
 * 1:13660 <-> DISABLED <-> WEB-ACTIVEX BusinessObjects RptViewerAx ActiveX function call unicode access (web-activex.rules)
 * 1:13661 <-> DISABLED <-> WEB-ACTIVEX VeralSoft HTTP File Upload ActiveX clsid access (web-activex.rules)
 * 1:13662 <-> DISABLED <-> WEB-ACTIVEX VeralSoft HTTP File Upload ActiveX clsid unicode access (web-activex.rules)
 * 1:13679 <-> DISABLED <-> WEB-ACTIVEX IBiz EBanking Integrator ActiveX clsid access (web-activex.rules)
 * 1:13680 <-> DISABLED <-> WEB-ACTIVEX IBiz EBanking Integrator ActiveX clsid unicode access (web-activex.rules)
 * 1:13681 <-> DISABLED <-> WEB-ACTIVEX CDNetworks Nefficient Download ActiveX clsid access (web-activex.rules)
 * 1:13682 <-> DISABLED <-> WEB-ACTIVEX CDNetworks Nefficient Download ActiveX clsid unicode access (web-activex.rules)
 * 1:13683 <-> DISABLED <-> WEB-ACTIVEX CDNetworks Nefficient Download ActiveX function call access (web-activex.rules)
 * 1:13684 <-> DISABLED <-> WEB-ACTIVEX CDNetworks Nefficient Download ActiveX function call unicode access (web-activex.rules)
 * 1:13685 <-> DISABLED <-> WEB-ACTIVEX Chilkat HTTP 1 ActiveX clsid access (web-activex.rules)
 * 1:13686 <-> DISABLED <-> WEB-ACTIVEX Chilkat HTTP 1 ActiveX clsid unicode access (web-activex.rules)
 * 1:13687 <-> DISABLED <-> WEB-ACTIVEX Chilkat HTTP 1 ActiveX function call access (web-activex.rules)
 * 1:13688 <-> DISABLED <-> WEB-ACTIVEX Chilkat HTTP 1 ActiveX function call unicode access (web-activex.rules)
 * 1:13689 <-> DISABLED <-> WEB-ACTIVEX Chilkat HTTP 2 ActiveX clsid access (web-activex.rules)
 * 1:13690 <-> DISABLED <-> WEB-ACTIVEX Chilkat HTTP 2 ActiveX clsid unicode access (web-activex.rules)
 * 1:13691 <-> DISABLED <-> WEB-ACTIVEX Chilkat HTTP 2 ActiveX function call access (web-activex.rules)
 * 1:13692 <-> DISABLED <-> WEB-ACTIVEX Chilkat HTTP 2 ActiveX function call unicode access (web-activex.rules)
 * 1:13695 <-> DISABLED <-> EXPLOIT RealNetworks Helix RTSP long setup request exploit attempt (exploit.rules)
 * 1:13699 <-> DISABLED <-> WEB-ACTIVEX CA DSM gui_cm_ctrls ActiveX clsid access (web-activex.rules)
 * 1:13700 <-> DISABLED <-> WEB-ACTIVEX CA DSM gui_cm_ctrls ActiveX clsid unicode access (web-activex.rules)
 * 1:13711 <-> DISABLED <-> MYSQL yaSSL SSLv2 Client Hello Message Cipher Length Buffer Overflow attempt (mysql.rules)
 * 1:13712 <-> DISABLED <-> MYSQL yaSSL SSLv2 Client Hello Message Session ID Buffer Overflow attempt (mysql.rules)
 * 1:13713 <-> DISABLED <-> MYSQL yaSSL SSLv2 Client Hello Message Challenge Buffer Overflow attempt (mysql.rules)
 * 1:13714 <-> DISABLED <-> MYSQL yaSSL SSLv3 Client Hello Message Cipher Specs Buffer Overflow attempt (mysql.rules)
 * 1:13720 <-> DISABLED <-> WEB-ACTIVEX HP eSupportDiagnostics 3 ActiveX clsid access (web-activex.rules)
 * 1:13721 <-> DISABLED <-> WEB-ACTIVEX HP eSupportDiagnostics 3 ActiveX clsid unicode access (web-activex.rules)
 * 1:13722 <-> DISABLED <-> WEB-ACTIVEX HP eSupportDiagnostics 4 ActiveX clsid access (web-activex.rules)
 * 1:13723 <-> DISABLED <-> WEB-ACTIVEX HP eSupportDiagnostics 4 ActiveX clsid unicode access (web-activex.rules)
 * 1:13724 <-> DISABLED <-> WEB-ACTIVEX HP eSupportDiagnostics 5 ActiveX clsid access (web-activex.rules)
 * 1:13725 <-> DISABLED <-> WEB-ACTIVEX HP eSupportDiagnostics 5 ActiveX clsid unicode access (web-activex.rules)
 * 1:13726 <-> DISABLED <-> WEB-ACTIVEX HP eSupportDiagnostics 6 ActiveX clsid access (web-activex.rules)
 * 1:13727 <-> DISABLED <-> WEB-ACTIVEX HP eSupportDiagnostics 6 ActiveX clsid unicode access (web-activex.rules)
 * 1:13728 <-> DISABLED <-> WEB-ACTIVEX HP eSupportDiagnostics 7 ActiveX clsid access (web-activex.rules)
 * 1:13729 <-> DISABLED <-> WEB-ACTIVEX HP eSupportDiagnostics 7 ActiveX clsid unicode access (web-activex.rules)
 * 1:13730 <-> DISABLED <-> WEB-ACTIVEX HP eSupportDiagnostics 8 ActiveX clsid access (web-activex.rules)
 * 1:13731 <-> DISABLED <-> WEB-ACTIVEX HP eSupportDiagnostics 8 ActiveX clsid unicode access (web-activex.rules)
 * 1:13732 <-> DISABLED <-> WEB-ACTIVEX HP eSupportDiagnostics 9 ActiveX clsid access (web-activex.rules)
 * 1:13733 <-> DISABLED <-> WEB-ACTIVEX HP eSupportDiagnostics 9 ActiveX clsid unicode access (web-activex.rules)
 * 1:13734 <-> DISABLED <-> WEB-ACTIVEX HP eSupportDiagnostics 10 ActiveX clsid access (web-activex.rules)
 * 1:13735 <-> DISABLED <-> WEB-ACTIVEX HP eSupportDiagnostics 10 ActiveX clsid unicode access (web-activex.rules)
 * 1:13736 <-> DISABLED <-> WEB-ACTIVEX HP eSupportDiagnostics 11 ActiveX clsid access (web-activex.rules)
 * 1:13737 <-> DISABLED <-> WEB-ACTIVEX HP eSupportDiagnostics 11 ActiveX clsid unicode access (web-activex.rules)
 * 1:13738 <-> DISABLED <-> WEB-ACTIVEX HP eSupportDiagnostics 12 ActiveX clsid access (web-activex.rules)
 * 1:13739 <-> DISABLED <-> WEB-ACTIVEX HP eSupportDiagnostics 12 ActiveX clsid unicode access (web-activex.rules)
 * 1:13740 <-> DISABLED <-> WEB-ACTIVEX HP eSupportDiagnostics 13 ActiveX clsid access (web-activex.rules)
 * 1:13741 <-> DISABLED <-> WEB-ACTIVEX HP eSupportDiagnostics 13 ActiveX clsid unicode access (web-activex.rules)
 * 1:13742 <-> DISABLED <-> WEB-ACTIVEX HP eSupportDiagnostics 14 ActiveX clsid access (web-activex.rules)
 * 1:13743 <-> DISABLED <-> WEB-ACTIVEX HP eSupportDiagnostics 14 ActiveX clsid unicode access (web-activex.rules)
 * 1:13744 <-> DISABLED <-> WEB-ACTIVEX HP eSupportDiagnostics 15 ActiveX clsid access (web-activex.rules)
 * 1:13745 <-> DISABLED <-> WEB-ACTIVEX HP eSupportDiagnostics 15 ActiveX clsid unicode access (web-activex.rules)
 * 1:13746 <-> DISABLED <-> WEB-ACTIVEX HP eSupportDiagnostics 16 ActiveX clsid access (web-activex.rules)
 * 1:13747 <-> DISABLED <-> WEB-ACTIVEX HP eSupportDiagnostics 16 ActiveX clsid unicode access (web-activex.rules)
 * 1:13748 <-> DISABLED <-> WEB-ACTIVEX HP eSupportDiagnostics 17 ActiveX clsid access (web-activex.rules)
 * 1:13749 <-> DISABLED <-> WEB-ACTIVEX HP eSupportDiagnostics 17 ActiveX clsid unicode access (web-activex.rules)
 * 1:13750 <-> DISABLED <-> WEB-ACTIVEX HP eSupportDiagnostics 18 ActiveX clsid access (web-activex.rules)
 * 1:13751 <-> DISABLED <-> WEB-ACTIVEX HP eSupportDiagnostics 18 ActiveX clsid unicode access (web-activex.rules)
 * 1:13752 <-> DISABLED <-> WEB-ACTIVEX HP eSupportDiagnostics 19 ActiveX clsid access (web-activex.rules)
 * 1:13753 <-> DISABLED <-> WEB-ACTIVEX HP eSupportDiagnostics 19 ActiveX clsid unicode access (web-activex.rules)
 * 1:13754 <-> DISABLED <-> WEB-ACTIVEX HP eSupportDiagnostics 20 ActiveX clsid access (web-activex.rules)
 * 1:13755 <-> DISABLED <-> WEB-ACTIVEX HP eSupportDiagnostics 20 ActiveX clsid unicode access (web-activex.rules)
 * 1:13756 <-> DISABLED <-> WEB-ACTIVEX HP eSupportDiagnostics 21 ActiveX clsid access (web-activex.rules)
 * 1:13757 <-> DISABLED <-> WEB-ACTIVEX HP eSupportDiagnostics 21 ActiveX clsid unicode access (web-activex.rules)
 * 1:13758 <-> DISABLED <-> WEB-ACTIVEX Microsoft HeartbeatCtl ActiveX clsid access (web-activex.rules)
 * 1:13759 <-> DISABLED <-> WEB-ACTIVEX Microsoft HeartbeatCtl ActiveX clsid unicode access (web-activex.rules)
 * 1:13760 <-> DISABLED <-> WEB-ACTIVEX Microsoft HeartbeatCtl ActiveX function call access (web-activex.rules)
 * 1:13761 <-> DISABLED <-> WEB-ACTIVEX Microsoft HeartbeatCtl ActiveX function call unicode access (web-activex.rules)
 * 1:13783 <-> DISABLED <-> WEB-ACTIVEX Yahoo Assistant ActiveX clsid access (web-activex.rules)
 * 1:13784 <-> DISABLED <-> WEB-ACTIVEX Yahoo Assistant ActiveX clsid unicode access (web-activex.rules)
 * 1:13785 <-> DISABLED <-> WEB-ACTIVEX Ourgame GLWorld ActiveX clsid access (web-activex.rules)
 * 1:13786 <-> DISABLED <-> WEB-ACTIVEX Ourgame GLWorld ActiveX clsid unicode access (web-activex.rules)
 * 1:13787 <-> DISABLED <-> WEB-ACTIVEX Ourgame GLWorld ActiveX function call access (web-activex.rules)
 * 1:13788 <-> DISABLED <-> WEB-ACTIVEX Ourgame GLWorld ActiveX function call unicode access (web-activex.rules)
 * 1:13791 <-> DISABLED <-> SQL oversized cast statement - possible sql injection obfuscation (sql.rules)
 * 1:13816 <-> ENABLED <-> SPECIFIC-THREATS Metasploit Framework xmlrpc.php command injection attempt (specific-threats.rules)
 * 1:13817 <-> ENABLED <-> SPECIFIC-THREATS xmlrpc.php command injection attempt (specific-threats.rules)
 * 1:13818 <-> ENABLED <-> SPECIFIC-THREATS alternate xmlrpc.php command injection attempt (specific-threats.rules)
 * 1:13844 <-> DISABLED <-> SPECIFIC-THREATS BDAT size longer than contents exploit attempt (specific-threats.rules)
 * 1:13845 <-> DISABLED <-> SPECIFIC-THREATS BDAT size public exploit attempt (specific-threats.rules)
 * 1:13857 <-> DISABLED <-> WEB-ACTIVEX HP Instant Support DataManager ActiveX clsid access (web-activex.rules)
 * 1:13858 <-> DISABLED <-> WEB-ACTIVEX HP Instant Support DataManager ActiveX clsid unicode access (web-activex.rules)
 * 1:13859 <-> DISABLED <-> WEB-ACTIVEX HP Instant Support DataManager ActiveX function call access (web-activex.rules)
 * 1:13860 <-> DISABLED <-> WEB-ACTIVEX HP Instant Support DataManager ActiveX function call unicode access (web-activex.rules)
 * 1:13864 <-> ENABLED <-> POLICY Microsoft Watson error reporting attempt (policy.rules)
 * 1:13883 <-> DISABLED <-> WEB-ACTIVEX UUSee UUUpgrade ActiveX clsid access (web-activex.rules)
 * 1:13884 <-> DISABLED <-> WEB-ACTIVEX UUSee UUUpgrade ActiveX clsid unicode access (web-activex.rules)
 * 1:13885 <-> DISABLED <-> WEB-ACTIVEX UUSee UUUpgrade ActiveX function call access (web-activex.rules)
 * 1:13886 <-> DISABLED <-> WEB-ACTIVEX UUSee UUUpgrade ActiveX function call unicode access (web-activex.rules)
 * 1:13901 <-> ENABLED <-> NETBIOS SMB server response heap overflow attempt (netbios.rules)
 * 1:13903 <-> DISABLED <-> WEB-ACTIVEX Microsoft Access Snapshot Viewer 1 ActiveX clsid access (web-activex.rules)
 * 1:13904 <-> DISABLED <-> WEB-ACTIVEX Microsoft Access Snapshot Viewer 1 ActiveX clsid unicode access (web-activex.rules)
 * 1:13905 <-> DISABLED <-> WEB-ACTIVEX Microsoft Access Snapshot Viewer 1 ActiveX function call access (web-activex.rules)
 * 1:13906 <-> DISABLED <-> WEB-ACTIVEX Microsoft Access Snapshot Viewer 1 ActiveX function call unicode access (web-activex.rules)
 * 1:13907 <-> DISABLED <-> WEB-ACTIVEX Microsoft Access Snapshot Viewer 2 ActiveX clsid access (web-activex.rules)
 * 1:13908 <-> DISABLED <-> WEB-ACTIVEX Microsoft Access Snapshot Viewer 2 ActiveX clsid unicode access (web-activex.rules)
 * 1:13913 <-> DISABLED <-> WEB-ACTIVEX AcroPDF.PDF ActiveX function call access (web-activex.rules)
 * 1:13914 <-> DISABLED <-> WEB-ACTIVEX AcroPDF.PDF ActiveX function call unicode access (web-activex.rules)
 * 1:1392 <-> DISABLED <-> WEB-CGI lastlines.cgi access (web-cgi.rules)
 * 1:13948 <-> DISABLED <-> DNS large number of NXDOMAIN replies - possible DNS cache poisoning (dns.rules)
 * 1:13949 <-> DISABLED <-> DNS excessive outbound NXDOMAIN replies - possible spoof of domain run by local DNS servers (dns.rules)
 * 1:1395 <-> DISABLED <-> WEB-CGI zml.cgi attempt (web-cgi.rules)
 * 1:13953 <-> DISABLED <-> BOTNET-CNC Asprox trojan initial query (botnet-cnc.rules)
 * 1:1396 <-> DISABLED <-> WEB-CGI zml.cgi access (web-cgi.rules)
 * 1:1397 <-> DISABLED <-> WEB-CGI wayboard attempt (web-cgi.rules)
 * 1:13987 <-> DISABLED <-> SQL oversized convert statement - possible sql injection obfuscation (sql.rules)
 * 1:13988 <-> DISABLED <-> SQL large number of calls to ascii function - possible sql injection obfuscation (sql.rules)
 * 1:1399 <-> DISABLED <-> WEB-PHP PHP-Nuke remote file include attempt (web-php.rules)
 * 1:13990 <-> DISABLED <-> SQL union select - possible sql injection attempt - GET parameter (sql.rules)
 * 1:13991 <-> DISABLED <-> SQL xp_regaddmultistring attempt (sql.rules)
 * 1:13992 <-> DISABLED <-> SQL xp_regdeletevalue attempt (sql.rules)
 * 1:13993 <-> DISABLED <-> SQL xp_regenumkeys attempt (sql.rules)
 * 1:13994 <-> DISABLED <-> SQL xp_regenumvalues attempt (sql.rules)
 * 1:13995 <-> DISABLED <-> SQL xp_regremovemultistring attempt (sql.rules)
 * 1:13996 <-> DISABLED <-> SQL xp_servicecontrol attempt (sql.rules)
 * 1:13997 <-> DISABLED <-> SQL xp_loginconfig attempt (sql.rules)
 * 1:13998 <-> DISABLED <-> SQL xp_terminate_process attempt (sql.rules)
 * 1:14008 <-> DISABLED <-> SQL large number of calls to concat function - possible sql injection obfuscation (sql.rules)
 * 1:14013 <-> DISABLED <-> WEB-ACTIVEX WebEx Meeting Manager atucfobj ActiveX clsid access (web-activex.rules)
 * 1:14014 <-> DISABLED <-> WEB-ACTIVEX WebEx Meeting Manager atucfobj ActiveX clsid unicode access (web-activex.rules)
 * 1:14015 <-> DISABLED <-> WEB-ACTIVEX WebEx Meeting Manager atucfobj ActiveX function call access (web-activex.rules)
 * 1:14016 <-> DISABLED <-> WEB-ACTIVEX WebEx Meeting Manager atucfobj ActiveX function call unicode access (web-activex.rules)
 * 1:14021 <-> DISABLED <-> WEB-ACTIVEX Microsoft Visual Studio Msmask32 ActiveX clsid access (web-activex.rules)
 * 1:14022 <-> DISABLED <-> WEB-ACTIVEX Microsoft Visual Studio Msmask32 ActiveX clsid unicode access (web-activex.rules)
 * 1:14023 <-> DISABLED <-> WEB-ACTIVEX Microsoft Visual Studio Msmask32 ActiveX function call access (web-activex.rules)
 * 1:14024 <-> DISABLED <-> WEB-ACTIVEX Microsoft Visual Studio Msmask32 ActiveX function call unicode access (web-activex.rules)
 * 1:14025 <-> DISABLED <-> WEB-ACTIVEX Computer Associates gui_cm_ctrls ActiveX clsid access (web-activex.rules)
 * 1:14026 <-> DISABLED <-> WEB-ACTIVEX Computer Associates gui_cm_ctrls ActiveX clsid unicode access (web-activex.rules)
 * 1:14027 <-> DISABLED <-> WEB-ACTIVEX CA DSM gui_cm_ctrls ActiveX function call access (web-activex.rules)
 * 1:14028 <-> DISABLED <-> WEB-ACTIVEX CA DSM gui_cm_ctrls ActiveX function call unicode access (web-activex.rules)
 * 1:14029 <-> DISABLED <-> WEB-ACTIVEX Computer Associates gui_cm_ctrls ActiveX clsid access (web-activex.rules)
 * 1:14030 <-> DISABLED <-> WEB-ACTIVEX Computer Associates gui_cm_ctrls ActiveX clsid unicode access (web-activex.rules)
 * 1:14031 <-> DISABLED <-> WEB-ACTIVEX Computer Associates gui_cm_ctrls ActiveX function call access (web-activex.rules)
 * 1:14032 <-> DISABLED <-> WEB-ACTIVEX Computer Associates gui_cm_ctrls ActiveX function call unicode access (web-activex.rules)
 * 1:14033 <-> DISABLED <-> WEB-ACTIVEX Orbit Downloader ActiveX clsid access (web-activex.rules)
 * 1:14034 <-> DISABLED <-> WEB-ACTIVEX Orbit Downloader ActiveX clsid unicode access (web-activex.rules)
 * 1:14035 <-> DISABLED <-> WEB-ACTIVEX Orbit Downloader ActiveX function call access (web-activex.rules)
 * 1:14036 <-> DISABLED <-> WEB-ACTIVEX Orbit Downloader ActiveX function call unicode access (web-activex.rules)
 * 1:14037 <-> DISABLED <-> WEB-ACTIVEX Novell iPrint ActiveX operation or printer-url parameter overflow attempt (web-activex.rules)
 * 1:14038 <-> DISABLED <-> WEB-ACTIVEX Novell iPrint ActiveX target-frame parameter overflow attempt (web-activex.rules)
 * 1:14042 <-> DISABLED <-> WEB-ACTIVEX RealPlayer General Property Page ActiveX clsid access (web-activex.rules)
 * 1:14043 <-> DISABLED <-> WEB-ACTIVEX RealPlayer General Property Page ActiveX clsid unicode access (web-activex.rules)
 * 1:14044 <-> DISABLED <-> WEB-ACTIVEX RealPlayer Playback Handler ActiveX function call access (web-activex.rules)
 * 1:14045 <-> DISABLED <-> WEB-ACTIVEX RealPlayer Playback Handler ActiveX function call unicode access (web-activex.rules)
 * 1:14046 <-> DISABLED <-> WEB-ACTIVEX RealPlayer RMP Download Handler ActiveX function call access (web-activex.rules)
 * 1:14047 <-> DISABLED <-> WEB-ACTIVEX RealPlayer RMP Download Handler ActiveX function call unicode access (web-activex.rules)
 * 1:14048 <-> DISABLED <-> WEB-ACTIVEX RealPlayer RNX Download Handler ActiveX function call access (web-activex.rules)
 * 1:14049 <-> DISABLED <-> WEB-ACTIVEX RealPlayer RNX Download Handler ActiveX function call unicode access (web-activex.rules)
 * 1:1405 <-> DISABLED <-> WEB-CGI AHG search.cgi access (web-cgi.rules)
 * 1:14050 <-> DISABLED <-> WEB-ACTIVEX RealPlayer SMIL Download Handler ActiveX function call access (web-activex.rules)
 * 1:14051 <-> DISABLED <-> WEB-ACTIVEX RealPlayer SMIL Download Handler ActiveX function call unicode access (web-activex.rules)
 * 1:14052 <-> DISABLED <-> WEB-ACTIVEX RealPlayer Stream Handler ActiveX function call access (web-activex.rules)
 * 1:14053 <-> DISABLED <-> WEB-ACTIVEX RealPlayer Stream Handler ActiveX function call unicode access (web-activex.rules)
 * 1:1406 <-> DISABLED <-> WEB-CGI agora.cgi access (web-cgi.rules)
 * 1:1407 <-> DISABLED <-> WEB-PHP smssend.php access (web-php.rules)
 * 1:14088 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 1 ActiveX clsid access (web-activex.rules)
 * 1:14089 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 1 ActiveX clsid unicode access (web-activex.rules)
 * 1:1409 <-> DISABLED <-> SNMP community string buffer overflow attempt (snmp.rules)
 * 1:14090 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 2 ActiveX clsid access (web-activex.rules)
 * 1:14091 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 2 ActiveX clsid unicode access (web-activex.rules)
 * 1:14092 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 3 ActiveX clsid access (web-activex.rules)
 * 1:14093 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 3 ActiveX clsid unicode access (web-activex.rules)
 * 1:14094 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 4 ActiveX clsid access (web-activex.rules)
 * 1:14095 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 4 ActiveX clsid unicode access (web-activex.rules)
 * 1:14096 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 5 ActiveX clsid access (web-activex.rules)
 * 1:14097 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 5 ActiveX clsid unicode access (web-activex.rules)
 * 1:14098 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 6 ActiveX clsid access (web-activex.rules)
 * 1:14099 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 6 ActiveX clsid unicode access (web-activex.rules)
 * 1:1410 <-> DISABLED <-> WEB-CGI dcboard.cgi access (web-cgi.rules)
 * 1:14100 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 7 ActiveX clsid access (web-activex.rules)
 * 1:14101 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 7 ActiveX clsid unicode access (web-activex.rules)
 * 1:14102 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 8 ActiveX clsid access (web-activex.rules)
 * 1:14103 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 8 ActiveX clsid unicode access (web-activex.rules)
 * 1:14104 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 9 ActiveX clsid access (web-activex.rules)
 * 1:14105 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 9 ActiveX clsid unicode access (web-activex.rules)
 * 1:14106 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 10 ActiveX clsid access (web-activex.rules)
 * 1:14107 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 10 ActiveX clsid unicode access (web-activex.rules)
 * 1:14108 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 11 ActiveX clsid access (web-activex.rules)
 * 1:14109 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 11 ActiveX clsid unicode access (web-activex.rules)
 * 1:1411 <-> DISABLED <-> SNMP public access udp (snmp.rules)
 * 1:14110 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 12 ActiveX clsid access (web-activex.rules)
 * 1:14111 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 12 ActiveX clsid unicode access (web-activex.rules)
 * 1:14112 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 13 ActiveX clsid access (web-activex.rules)
 * 1:14113 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 13 ActiveX clsid unicode access (web-activex.rules)
 * 1:14114 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 14 ActiveX clsid access (web-activex.rules)
 * 1:14115 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 14 ActiveX clsid unicode access (web-activex.rules)
 * 1:14116 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 15 ActiveX clsid access (web-activex.rules)
 * 1:14117 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 15 ActiveX clsid unicode access (web-activex.rules)
 * 1:14118 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 16 ActiveX clsid access (web-activex.rules)
 * 1:14119 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 16 ActiveX clsid unicode access (web-activex.rules)
 * 1:1412 <-> DISABLED <-> SNMP public access tcp (snmp.rules)
 * 1:14120 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 17 ActiveX clsid access (web-activex.rules)
 * 1:14121 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 17 ActiveX clsid unicode access (web-activex.rules)
 * 1:14122 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 18 ActiveX clsid access (web-activex.rules)
 * 1:14123 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 18 ActiveX clsid unicode access (web-activex.rules)
 * 1:14124 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 19 ActiveX clsid access (web-activex.rules)
 * 1:14125 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 19 ActiveX clsid unicode access (web-activex.rules)
 * 1:14126 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 20 ActiveX clsid access (web-activex.rules)
 * 1:14127 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 20 ActiveX clsid unicode access (web-activex.rules)
 * 1:14128 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 21 ActiveX clsid access (web-activex.rules)
 * 1:14129 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 21 ActiveX clsid unicode access (web-activex.rules)
 * 1:1413 <-> DISABLED <-> SNMP private access udp (snmp.rules)
 * 1:14130 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 22 ActiveX clsid access (web-activex.rules)
 * 1:14131 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 22 ActiveX clsid unicode access (web-activex.rules)
 * 1:14132 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 23 ActiveX clsid access (web-activex.rules)
 * 1:14133 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 23 ActiveX clsid unicode access (web-activex.rules)
 * 1:14134 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 24 ActiveX clsid access (web-activex.rules)
 * 1:14135 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 24 ActiveX clsid unicode access (web-activex.rules)
 * 1:14136 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 25 ActiveX clsid access (web-activex.rules)
 * 1:14137 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 25 ActiveX clsid unicode access (web-activex.rules)
 * 1:14138 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 26 ActiveX clsid access (web-activex.rules)
 * 1:14139 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 26 ActiveX clsid unicode access (web-activex.rules)
 * 1:1414 <-> DISABLED <-> SNMP private access tcp (snmp.rules)
 * 1:14140 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 27 ActiveX clsid access (web-activex.rules)
 * 1:14141 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 27 ActiveX clsid unicode access (web-activex.rules)
 * 1:14142 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 28 ActiveX clsid access (web-activex.rules)
 * 1:14143 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 28 ActiveX clsid unicode access (web-activex.rules)
 * 1:14144 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 29 ActiveX clsid access (web-activex.rules)
 * 1:14145 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 29 ActiveX clsid unicode access (web-activex.rules)
 * 1:14146 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 30 ActiveX clsid access (web-activex.rules)
 * 1:14147 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 30 ActiveX clsid unicode access (web-activex.rules)
 * 1:14149 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 31 ActiveX clsid unicode access (web-activex.rules)
 * 1:1415 <-> DISABLED <-> SNMP Broadcast request (snmp.rules)
 * 1:14150 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 32 ActiveX clsid access (web-activex.rules)
 * 1:14151 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 32 ActiveX clsid unicode access (web-activex.rules)
 * 1:14152 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 33 ActiveX clsid access (web-activex.rules)
 * 1:14153 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 33 ActiveX clsid unicode access (web-activex.rules)
 * 1:14154 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 34 ActiveX clsid access (web-activex.rules)
 * 1:14155 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 34 ActiveX clsid unicode access (web-activex.rules)
 * 1:14156 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 35 ActiveX clsid access (web-activex.rules)
 * 1:14157 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 35 ActiveX clsid unicode access (web-activex.rules)
 * 1:14158 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 36 ActiveX clsid access (web-activex.rules)
 * 1:14159 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 36 ActiveX clsid unicode access (web-activex.rules)
 * 1:1416 <-> DISABLED <-> SNMP broadcast trap (snmp.rules)
 * 1:14160 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 37 ActiveX clsid access (web-activex.rules)
 * 1:14161 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 37 ActiveX clsid unicode access (web-activex.rules)
 * 1:14162 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 38 ActiveX clsid access (web-activex.rules)
 * 1:14163 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 38 ActiveX clsid unicode access (web-activex.rules)
 * 1:14164 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 39 ActiveX clsid access (web-activex.rules)
 * 1:14165 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 39 ActiveX clsid unicode access (web-activex.rules)
 * 1:14166 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 40 ActiveX clsid access (web-activex.rules)
 * 1:14167 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 40 ActiveX clsid unicode access (web-activex.rules)
 * 1:14168 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 41 ActiveX clsid access (web-activex.rules)
 * 1:14169 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 41 ActiveX clsid unicode access (web-activex.rules)
 * 1:1417 <-> DISABLED <-> SNMP request udp (snmp.rules)
 * 1:14170 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 42 ActiveX clsid access (web-activex.rules)
 * 1:14171 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 42 ActiveX clsid unicode access (web-activex.rules)
 * 1:14172 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 43 ActiveX clsid access (web-activex.rules)
 * 1:14173 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 43 ActiveX clsid unicode access (web-activex.rules)
 * 1:14174 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 44 ActiveX clsid access (web-activex.rules)
 * 1:14175 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 44 ActiveX clsid unicode access (web-activex.rules)
 * 1:14176 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 45 ActiveX clsid access (web-activex.rules)
 * 1:14178 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 46 ActiveX clsid access (web-activex.rules)
 * 1:14179 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 46 ActiveX clsid unicode access (web-activex.rules)
 * 1:1418 <-> DISABLED <-> SNMP request tcp (snmp.rules)
 * 1:14180 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 47 ActiveX clsid access (web-activex.rules)
 * 1:14181 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 47 ActiveX clsid unicode access (web-activex.rules)
 * 1:14182 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 48 ActiveX clsid access (web-activex.rules)
 * 1:14183 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 48 ActiveX clsid unicode access (web-activex.rules)
 * 1:14184 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 49 ActiveX clsid access (web-activex.rules)
 * 1:14185 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 49 ActiveX clsid unicode access (web-activex.rules)
 * 1:14186 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 50 ActiveX clsid access (web-activex.rules)
 * 1:14187 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 50 ActiveX clsid unicode access (web-activex.rules)
 * 1:14188 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 51 ActiveX clsid access (web-activex.rules)
 * 1:14189 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 51 ActiveX clsid unicode access (web-activex.rules)
 * 1:1419 <-> DISABLED <-> SNMP trap udp (snmp.rules)
 * 1:14190 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 52 ActiveX clsid access (web-activex.rules)
 * 1:14191 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 52 ActiveX clsid unicode access (web-activex.rules)
 * 1:14192 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 53 ActiveX clsid access (web-activex.rules)
 * 1:14193 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 53 ActiveX clsid unicode access (web-activex.rules)
 * 1:14194 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 54 ActiveX clsid access (web-activex.rules)
 * 1:14195 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 54 ActiveX clsid unicode access (web-activex.rules)
 * 1:14196 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 55 ActiveX clsid access (web-activex.rules)
 * 1:14197 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 55 ActiveX clsid unicode access (web-activex.rules)
 * 1:14198 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 56 ActiveX clsid access (web-activex.rules)
 * 1:14199 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 56 ActiveX clsid unicode access (web-activex.rules)
 * 1:1420 <-> DISABLED <-> SNMP trap tcp (snmp.rules)
 * 1:14200 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 57 ActiveX clsid access (web-activex.rules)
 * 1:14201 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 57 ActiveX clsid unicode access (web-activex.rules)
 * 1:14202 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 58 ActiveX clsid access (web-activex.rules)
 * 1:14203 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 58 ActiveX clsid unicode access (web-activex.rules)
 * 1:14204 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 59 ActiveX clsid access (web-activex.rules)
 * 1:14205 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 59 ActiveX clsid unicode access (web-activex.rules)
 * 1:14206 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 60 ActiveX clsid access (web-activex.rules)
 * 1:14207 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 60 ActiveX clsid unicode access (web-activex.rules)
 * 1:14208 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 61 ActiveX clsid access (web-activex.rules)
 * 1:14209 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 61 ActiveX clsid unicode access (web-activex.rules)
 * 1:1421 <-> DISABLED <-> SNMP AgentX/tcp request (snmp.rules)
 * 1:14210 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 62 ActiveX clsid access (web-activex.rules)
 * 1:14211 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 62 ActiveX clsid unicode access (web-activex.rules)
 * 1:14212 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 63 ActiveX clsid access (web-activex.rules)
 * 1:14213 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 63 ActiveX clsid unicode access (web-activex.rules)
 * 1:14214 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 64 ActiveX clsid access (web-activex.rules)
 * 1:14215 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 64 ActiveX clsid unicode access (web-activex.rules)
 * 1:14216 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 65 ActiveX clsid access (web-activex.rules)
 * 1:14217 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 65 ActiveX clsid unicode access (web-activex.rules)
 * 1:14218 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 66 ActiveX clsid access (web-activex.rules)
 * 1:14219 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 66 ActiveX clsid unicode access (web-activex.rules)
 * 1:1422 <-> DISABLED <-> SNMP community string buffer overflow attempt with evasion (snmp.rules)
 * 1:14220 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 67 ActiveX clsid access (web-activex.rules)
 * 1:14221 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 67 ActiveX clsid unicode access (web-activex.rules)
 * 1:14222 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 68 ActiveX clsid access (web-activex.rules)
 * 1:14223 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 68 ActiveX clsid unicode access (web-activex.rules)
 * 1:14224 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 69 ActiveX clsid access (web-activex.rules)
 * 1:14225 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 69 ActiveX clsid unicode access (web-activex.rules)
 * 1:14226 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 70 ActiveX clsid access (web-activex.rules)
 * 1:14227 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 70 ActiveX clsid unicode access (web-activex.rules)
 * 1:14228 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 71 ActiveX clsid access (web-activex.rules)
 * 1:14229 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 71 ActiveX clsid unicode access (web-activex.rules)
 * 1:1423 <-> DISABLED <-> WEB-PHP content-disposition memchr overflow (web-php.rules)
 * 1:14231 <-> DISABLED <-> WEB-ACTIVEX SoftArtisans XFile FileManager ActiveX clsid access (web-activex.rules)
 * 1:14232 <-> DISABLED <-> WEB-ACTIVEX SoftArtisans XFile FileManager ActiveX clsid unicode access (web-activex.rules)
 * 1:14233 <-> DISABLED <-> WEB-ACTIVEX SoftArtisans XFile FileManager ActiveX function call access (web-activex.rules)
 * 1:14234 <-> DISABLED <-> WEB-ACTIVEX SoftArtisans XFile FileManager ActiveX function call unicode access (web-activex.rules)
 * 1:14235 <-> DISABLED <-> WEB-ACTIVEX Microsoft Windows Media Services ActiveX clsid access (web-activex.rules)
 * 1:14236 <-> DISABLED <-> WEB-ACTIVEX Microsoft Windows Media Services ActiveX clsid unicode access (web-activex.rules)
 * 1:14237 <-> DISABLED <-> WEB-ACTIVEX Microsoft Windows Media Services ActiveX function call access (web-activex.rules)
 * 1:14238 <-> DISABLED <-> WEB-ACTIVEX Microsoft Windows Media Services ActiveX function call unicode access (web-activex.rules)
 * 1:14239 <-> DISABLED <-> WEB-ACTIVEX Friendly Technologies fwRemoteConfig ActiveX clsid access (web-activex.rules)
 * 1:14240 <-> DISABLED <-> WEB-ACTIVEX Friendly Technologies fwRemoteConfig ActiveX clsid unicode access (web-activex.rules)
 * 1:14241 <-> DISABLED <-> WEB-ACTIVEX Friendly Technologies fwRemoteConfig ActiveX function call access (web-activex.rules)
 * 1:14242 <-> DISABLED <-> WEB-ACTIVEX Friendly Technologies fwRemoteConfig ActiveX function call unicode access (web-activex.rules)
 * 1:14243 <-> DISABLED <-> WEB-ACTIVEX Najdi.si Toolbar ActiveX clsid access (web-activex.rules)
 * 1:14244 <-> DISABLED <-> WEB-ACTIVEX Najdi.si Toolbar ActiveX clsid unicode access (web-activex.rules)
 * 1:14245 <-> DISABLED <-> WEB-ACTIVEX Najdi.si Toolbar ActiveX function call access (web-activex.rules)
 * 1:14246 <-> DISABLED <-> WEB-ACTIVEX Najdi.si Toolbar ActiveX function call unicode access (web-activex.rules)
 * 1:14247 <-> DISABLED <-> WEB-ACTIVEX Eyeball MessengerSDK ActiveX clsid access (web-activex.rules)
 * 1:14248 <-> DISABLED <-> WEB-ACTIVEX Eyeball MessengerSDK ActiveX clsid unicode access (web-activex.rules)
 * 1:14249 <-> DISABLED <-> WEB-ACTIVEX Eyeball MessengerSDK ActiveX function call access (web-activex.rules)
 * 1:1425 <-> DISABLED <-> WEB-PHP content-disposition file upload attempt (web-php.rules)
 * 1:14250 <-> DISABLED <-> WEB-ACTIVEX Eyeball MessengerSDK ActiveX function call unicode access (web-activex.rules)
 * 1:1426 <-> DISABLED <-> SNMP PROTOS test-suite-req-app attempt (snmp.rules)
 * 1:14266 <-> DISABLED <-> WEB-ACTIVEX Microsoft Windows Image Acquisition Logger ActiveX clsid access (web-activex.rules)
 * 1:14267 <-> DISABLED <-> WEB-ACTIVEX Microsoft Windows Image Acquisition Logger ActiveX clsid unicode access (web-activex.rules)
 * 1:14268 <-> DISABLED <-> WEB-ACTIVEX Microsoft Windows Image Acquisition Logger ActiveX function call access (web-activex.rules)
 * 1:14269 <-> DISABLED <-> WEB-ACTIVEX Microsoft Windows Image Acquisition Logger ActiveX function call unicode access (web-activex.rules)
 * 1:1427 <-> DISABLED <-> SNMP PROTOS test-suite-trap-app attempt (snmp.rules)
 * 1:14270 <-> DISABLED <-> WEB-ACTIVEX VieLib2.Vie2Locator ActiveX clsid access (web-activex.rules)
 * 1:14271 <-> DISABLED <-> WEB-ACTIVEX VieLib2.Vie2Locator ActiveX clsid unicode access (web-activex.rules)
 * 1:14272 <-> DISABLED <-> WEB-ACTIVEX VieLib2.Vie2Locator ActiveX function call access (web-activex.rules)
 * 1:14273 <-> DISABLED <-> WEB-ACTIVEX VieLib2.Vie2Locator ActiveX function call unicode access (web-activex.rules)
 * 1:14274 <-> DISABLED <-> WEB-ACTIVEX Vie2Lib.Vie2LinuxVolume ActiveX clsid access (web-activex.rules)
 * 1:14275 <-> DISABLED <-> WEB-ACTIVEX Vie2Lib.Vie2LinuxVolume ActiveX clsid unicode access (web-activex.rules)
 * 1:14276 <-> DISABLED <-> WEB-ACTIVEX Vie2Lib.Vie2LinuxVolume ActiveX function call access (web-activex.rules)
 * 1:14277 <-> DISABLED <-> WEB-ACTIVEX Vie2Lib.Vie2LinuxVolume ActiveX function call unicode access (web-activex.rules)
 * 1:14278 <-> DISABLED <-> WEB-ACTIVEX VieLib2.Vie2Process ActiveX clsid access (web-activex.rules)
 * 1:14279 <-> DISABLED <-> WEB-ACTIVEX VieLib2.Vie2Process ActiveX clsid unicode access (web-activex.rules)
 * 1:14280 <-> DISABLED <-> WEB-ACTIVEX VieLib2.Vie2Process ActiveX function call access (web-activex.rules)
 * 1:14281 <-> DISABLED <-> WEB-ACTIVEX VieLib2.Vie2Process ActiveX function call unicode access (web-activex.rules)
 * 1:14282 <-> DISABLED <-> WEB-ACTIVEX IntraProcessLogging.Logger ActiveX clsid access (web-activex.rules)
 * 1:14283 <-> DISABLED <-> WEB-ACTIVEX IntraProcessLogging.Logger ActiveX clsid unicode access (web-activex.rules)
 * 1:14284 <-> DISABLED <-> WEB-ACTIVEX IntraProcessLogging.Logger ActiveX function call access (web-activex.rules)
 * 1:14285 <-> DISABLED <-> WEB-ACTIVEX IntraProcessLogging.Logger ActiveX function call unicode access (web-activex.rules)
 * 1:14286 <-> DISABLED <-> WEB-ACTIVEX VMClientHosts Class ActiveX clsid access (web-activex.rules)
 * 1:14287 <-> DISABLED <-> WEB-ACTIVEX VMClientHosts Class ActiveX clsid unicode access (web-activex.rules)
 * 1:14288 <-> DISABLED <-> WEB-ACTIVEX VMClientHosts Class ActiveX function call access (web-activex.rules)
 * 1:14289 <-> DISABLED <-> WEB-ACTIVEX VMClientHosts Class ActiveX function call unicode access (web-activex.rules)
 * 1:14290 <-> DISABLED <-> WEB-ACTIVEX VhdCvtCom.DiskLibCreateParamObj ActiveX clsid access (web-activex.rules)
 * 1:14291 <-> DISABLED <-> WEB-ACTIVEX VhdCvtCom.DiskLibCreateParamObj ActiveX clsid unicode access (web-activex.rules)
 * 1:14292 <-> DISABLED <-> WEB-ACTIVEX VhdCvtCom.DiskLibCreateParamObj ActiveX function call access (web-activex.rules)
 * 1:14293 <-> DISABLED <-> WEB-ACTIVEX VhdCvtCom.DiskLibCreateParamObj ActiveX function call unicode access (web-activex.rules)
 * 1:14294 <-> DISABLED <-> WEB-ACTIVEX RemoteDirDlg Class ActiveX clsid access (web-activex.rules)
 * 1:14295 <-> DISABLED <-> WEB-ACTIVEX RemoteDirDlg Class ActiveX clsid unicode access (web-activex.rules)
 * 1:14296 <-> DISABLED <-> WEB-ACTIVEX RemoteDirDlg Class ActiveX function call access (web-activex.rules)
 * 1:14297 <-> DISABLED <-> WEB-ACTIVEX RemoteDirDlg Class ActiveX function call unicode access (web-activex.rules)
 * 1:14298 <-> DISABLED <-> WEB-ACTIVEX TeamListViewWnd Class ActiveX clsid access (web-activex.rules)
 * 1:14299 <-> DISABLED <-> WEB-ACTIVEX TeamListViewWnd Class ActiveX clsid unicode access (web-activex.rules)
 * 1:14300 <-> DISABLED <-> WEB-ACTIVEX TeamListViewWnd Class ActiveX function call access (web-activex.rules)
 * 1:14301 <-> DISABLED <-> WEB-ACTIVEX TeamListViewWnd Class ActiveX function call unicode access (web-activex.rules)
 * 1:14302 <-> DISABLED <-> WEB-ACTIVEX VMStatusbarCtl Class ActiveX clsid access (web-activex.rules)
 * 1:14303 <-> DISABLED <-> WEB-ACTIVEX VMStatusbarCtl Class ActiveX clsid unicode access (web-activex.rules)
 * 1:14304 <-> DISABLED <-> WEB-ACTIVEX VMStatusbarCtl Class ActiveX function call access (web-activex.rules)
 * 1:14305 <-> DISABLED <-> WEB-ACTIVEX VMStatusbarCtl Class ActiveX function call unicode access (web-activex.rules)
 * 1:14306 <-> DISABLED <-> WEB-ACTIVEX Vmc2vmx.CoVPCConfiguration ActiveX clsid access (web-activex.rules)
 * 1:14307 <-> DISABLED <-> WEB-ACTIVEX Vmc2vmx.CoVPCConfiguration ActiveX clsid unicode access (web-activex.rules)
 * 1:14308 <-> DISABLED <-> WEB-ACTIVEX Vmc2vmx.CoVPCConfiguration ActiveX function call access (web-activex.rules)
 * 1:14309 <-> DISABLED <-> WEB-ACTIVEX Vmc2vmx.CoVPCConfiguration ActiveX function call unicode access (web-activex.rules)
 * 1:14310 <-> DISABLED <-> WEB-ACTIVEX VmdbUpdate Class ActiveX clsid access (web-activex.rules)
 * 1:14311 <-> DISABLED <-> WEB-ACTIVEX VmdbUpdate Class ActiveX clsid unicode access (web-activex.rules)
 * 1:14312 <-> DISABLED <-> WEB-ACTIVEX VmdbUpdate Class ActiveX function call access (web-activex.rules)
 * 1:14313 <-> DISABLED <-> WEB-ACTIVEX VmdbUpdate Class ActiveX function call unicode access (web-activex.rules)
 * 1:14314 <-> DISABLED <-> WEB-ACTIVEX VMWare unspecified 1 ActiveX clsid access (web-activex.rules)
 * 1:14315 <-> DISABLED <-> WEB-ACTIVEX VMWare unspecified 1 ActiveX clsid unicode access (web-activex.rules)
 * 1:14316 <-> DISABLED <-> WEB-ACTIVEX VmdbExecuteError Class ActiveX clsid access (web-activex.rules)
 * 1:14317 <-> DISABLED <-> WEB-ACTIVEX VmdbExecuteError Class ActiveX clsid unicode access (web-activex.rules)
 * 1:14318 <-> DISABLED <-> WEB-ACTIVEX VmdbExecuteError Class ActiveX function call access (web-activex.rules)
 * 1:14319 <-> DISABLED <-> WEB-ACTIVEX VmdbExecuteError Class ActiveX function call unicode access (web-activex.rules)
 * 1:14320 <-> DISABLED <-> WEB-ACTIVEX VMWare unspecified 2 ActiveX clsid access (web-activex.rules)
 * 1:14321 <-> DISABLED <-> WEB-ACTIVEX VMWare unspecified 2 ActiveX clsid unicode access (web-activex.rules)
 * 1:14322 <-> DISABLED <-> WEB-ACTIVEX reconfig.SysImageUti ActiveX clsid access (web-activex.rules)
 * 1:14323 <-> DISABLED <-> WEB-ACTIVEX reconfig.SysImageUti ActiveX clsid unicode access (web-activex.rules)
 * 1:14324 <-> DISABLED <-> WEB-ACTIVEX reconfig.SysImageUti ActiveX function call access (web-activex.rules)
 * 1:14325 <-> DISABLED <-> WEB-ACTIVEX reconfig.SysImageUti ActiveX function call unicode access (web-activex.rules)
 * 1:14326 <-> DISABLED <-> WEB-ACTIVEX Microsoft Visual Database Tools Query Designer V7.0 ActiveX clsid access (web-activex.rules)
 * 1:14327 <-> DISABLED <-> WEB-ACTIVEX Microsoft Visual Database Tools Query Designer V7.0 ActiveX clsid unicode access (web-activex.rules)
 * 1:14328 <-> DISABLED <-> WEB-ACTIVEX Microsoft Visual Database Tools Query Designer V7.0 ActiveX function call access (web-activex.rules)
 * 1:14329 <-> DISABLED <-> WEB-ACTIVEX Microsoft Visual Database Tools Query Designer V7.0 ActiveX function call unicode access (web-activex.rules)
 * 1:14330 <-> DISABLED <-> WEB-ACTIVEX VmdbContext Class ActiveX clsid access (web-activex.rules)
 * 1:14331 <-> DISABLED <-> WEB-ACTIVEX VmdbContext Class ActiveX clsid unicode access (web-activex.rules)
 * 1:14332 <-> DISABLED <-> WEB-ACTIVEX VmdbContext Class ActiveX function call access (web-activex.rules)
 * 1:14333 <-> DISABLED <-> WEB-ACTIVEX VmdbContext Class ActiveX function call unicode access (web-activex.rules)
 * 1:14334 <-> DISABLED <-> WEB-ACTIVEX VMClientVMs Class ActiveX clsid access (web-activex.rules)
 * 1:14335 <-> DISABLED <-> WEB-ACTIVEX VMClientVMs Class ActiveX clsid unicode access (web-activex.rules)
 * 1:14336 <-> DISABLED <-> WEB-ACTIVEX VMClientVMs Class ActiveX function call access (web-activex.rules)
 * 1:14337 <-> DISABLED <-> WEB-ACTIVEX VMClientVMs Class ActiveX function call unicode access (web-activex.rules)
 * 1:14338 <-> DISABLED <-> WEB-ACTIVEX vmappPropObj Class ActiveX clsid access (web-activex.rules)
 * 1:14339 <-> DISABLED <-> WEB-ACTIVEX vmappPropObj Class ActiveX clsid unicode access (web-activex.rules)
 * 1:14340 <-> DISABLED <-> WEB-ACTIVEX vmappPropObj Class ActiveX function call access (web-activex.rules)
 * 1:14341 <-> DISABLED <-> WEB-ACTIVEX vmappPropObj Class ActiveX function call unicode access (web-activex.rules)
 * 1:14342 <-> DISABLED <-> WEB-ACTIVEX VMWare unspecified 3 ActiveX clsid access (web-activex.rules)
 * 1:14343 <-> DISABLED <-> WEB-ACTIVEX VMWare unspecified 3 ActiveX clsid unicode access (web-activex.rules)
 * 1:14344 <-> DISABLED <-> WEB-ACTIVEX VMMsg Class ActiveX clsid access (web-activex.rules)
 * 1:14345 <-> DISABLED <-> WEB-ACTIVEX VMMsg Class ActiveX clsid unicode access (web-activex.rules)
 * 1:14346 <-> DISABLED <-> WEB-ACTIVEX VMMsg Class ActiveX function call access (web-activex.rules)
 * 1:14347 <-> DISABLED <-> WEB-ACTIVEX VMMsg Class ActiveX function call unicode access (web-activex.rules)
 * 1:14348 <-> DISABLED <-> WEB-ACTIVEX VMWare unspecified 4 ActiveX clsid access (web-activex.rules)
 * 1:14349 <-> DISABLED <-> WEB-ACTIVEX VMWare unspecified 4 ActiveX clsid unicode access (web-activex.rules)
 * 1:1435 <-> DISABLED <-> DNS named authors attempt (dns.rules)
 * 1:14350 <-> DISABLED <-> WEB-ACTIVEX reconfig.PopulatedDi ActiveX clsid access (web-activex.rules)
 * 1:14351 <-> DISABLED <-> WEB-ACTIVEX reconfig.PopulatedDi ActiveX clsid unicode access (web-activex.rules)
 * 1:14352 <-> DISABLED <-> WEB-ACTIVEX reconfig.PopulatedDi ActiveX function call access (web-activex.rules)
 * 1:14353 <-> DISABLED <-> WEB-ACTIVEX reconfig.PopulatedDi ActiveX function call unicode access (web-activex.rules)
 * 1:14354 <-> DISABLED <-> WEB-ACTIVEX Elevated.ElevMgr ActiveX clsid access (web-activex.rules)
 * 1:14355 <-> DISABLED <-> WEB-ACTIVEX Elevated.ElevMgr ActiveX clsid unicode access (web-activex.rules)
 * 1:14356 <-> DISABLED <-> WEB-ACTIVEX Elevated.ElevMgr ActiveX function call access (web-activex.rules)
 * 1:14357 <-> DISABLED <-> WEB-ACTIVEX Elevated.ElevMgr ActiveX function call unicode access (web-activex.rules)
 * 1:14358 <-> DISABLED <-> WEB-ACTIVEX VMWare unspecified 5 ActiveX clsid access (web-activex.rules)
 * 1:14359 <-> DISABLED <-> WEB-ACTIVEX VMWare unspecified 5 ActiveX clsid unicode access (web-activex.rules)
 * 1:14360 <-> DISABLED <-> WEB-ACTIVEX HardwareCtl Class ActiveX clsid access (web-activex.rules)
 * 1:14361 <-> DISABLED <-> WEB-ACTIVEX HardwareCtl Class ActiveX clsid unicode access (web-activex.rules)
 * 1:14362 <-> DISABLED <-> WEB-ACTIVEX HardwareCtl Class ActiveX function call access (web-activex.rules)
 * 1:14363 <-> DISABLED <-> WEB-ACTIVEX HardwareCtl Class ActiveX function call unicode access (web-activex.rules)
 * 1:14364 <-> DISABLED <-> WEB-ACTIVEX VMWare unspecified 6 ActiveX clsid access (web-activex.rules)
 * 1:14365 <-> DISABLED <-> WEB-ACTIVEX VMWare unspecified 6 ActiveX clsid unicode access (web-activex.rules)
 * 1:14366 <-> DISABLED <-> WEB-ACTIVEX VmdbQuery Class ActiveX clsid access (web-activex.rules)
 * 1:14367 <-> DISABLED <-> WEB-ACTIVEX VmdbQuery Class ActiveX clsid unicode access (web-activex.rules)
 * 1:14368 <-> DISABLED <-> WEB-ACTIVEX VmdbQuery Class ActiveX function call access (web-activex.rules)
 * 1:14369 <-> DISABLED <-> WEB-ACTIVEX VmdbQuery Class ActiveX function call unicode access (web-activex.rules)
 * 1:14370 <-> DISABLED <-> WEB-ACTIVEX vmappPropObj2 Class ActiveX clsid access (web-activex.rules)
 * 1:14371 <-> DISABLED <-> WEB-ACTIVEX vmappPropObj2 Class ActiveX clsid unicode access (web-activex.rules)
 * 1:14372 <-> DISABLED <-> WEB-ACTIVEX vmappPropObj2 Class ActiveX function call access (web-activex.rules)
 * 1:14373 <-> DISABLED <-> WEB-ACTIVEX vmappPropObj2 Class ActiveX function call unicode access (web-activex.rules)
 * 1:14374 <-> DISABLED <-> WEB-ACTIVEX VmappPoll Class ActiveX clsid access (web-activex.rules)
 * 1:14375 <-> DISABLED <-> WEB-ACTIVEX VmappPoll Class ActiveX clsid unicode access (web-activex.rules)
 * 1:14376 <-> DISABLED <-> WEB-ACTIVEX VmappPoll Class ActiveX function call access (web-activex.rules)
 * 1:14377 <-> DISABLED <-> WEB-ACTIVEX VmappPoll Class ActiveX function call unicode access (web-activex.rules)
 * 1:14378 <-> DISABLED <-> WEB-ACTIVEX VMClient Class ActiveX clsid access (web-activex.rules)
 * 1:14379 <-> DISABLED <-> WEB-ACTIVEX VMClient Class ActiveX clsid unicode access (web-activex.rules)
 * 1:14380 <-> DISABLED <-> WEB-ACTIVEX VMClient Class ActiveX function call access (web-activex.rules)
 * 1:14381 <-> DISABLED <-> WEB-ACTIVEX VMClient Class ActiveX function call unicode access (web-activex.rules)
 * 1:14382 <-> DISABLED <-> WEB-ACTIVEX Pq2vcom.Pq2v ActiveX clsid access (web-activex.rules)
 * 1:14383 <-> DISABLED <-> WEB-ACTIVEX Pq2vcom.Pq2v ActiveX clsid unicode access (web-activex.rules)
 * 1:14384 <-> DISABLED <-> WEB-ACTIVEX Pq2vcom.Pq2v ActiveX function call access (web-activex.rules)
 * 1:14385 <-> DISABLED <-> WEB-ACTIVEX Pq2vcom.Pq2v ActiveX function call unicode access (web-activex.rules)
 * 1:14386 <-> DISABLED <-> WEB-ACTIVEX VmdbSchema Class ActiveX clsid access (web-activex.rules)
 * 1:14387 <-> DISABLED <-> WEB-ACTIVEX VmdbSchema Class ActiveX clsid unicode access (web-activex.rules)
 * 1:14388 <-> DISABLED <-> WEB-ACTIVEX VmdbSchema Class ActiveX function call access (web-activex.rules)
 * 1:14389 <-> DISABLED <-> WEB-ACTIVEX VmdbSchema Class ActiveX function call unicode access (web-activex.rules)
 * 1:14390 <-> DISABLED <-> WEB-ACTIVEX Vie2Lib.Vie2LinuxVolume ActiveX clsid access (web-activex.rules)
 * 1:14391 <-> DISABLED <-> WEB-ACTIVEX Vie2Lib.Vie2LinuxVolume ActiveX clsid unicode access (web-activex.rules)
 * 1:14392 <-> DISABLED <-> WEB-ACTIVEX Vie2Lib.Vie2LinuxVolume ActiveX function call access (web-activex.rules)
 * 1:14393 <-> DISABLED <-> WEB-ACTIVEX Vie2Lib.Vie2LinuxVolume ActiveX function call unicode access (web-activex.rules)
 * 1:14394 <-> DISABLED <-> WEB-ACTIVEX VixCOM.VixLib ActiveX clsid access (web-activex.rules)
 * 1:14395 <-> DISABLED <-> WEB-ACTIVEX VixCOM.VixLib ActiveX clsid unicode access (web-activex.rules)
 * 1:14396 <-> DISABLED <-> WEB-ACTIVEX VixCOM.VixLib ActiveX function call access (web-activex.rules)
 * 1:14397 <-> DISABLED <-> WEB-ACTIVEX VixCOM.VixLib ActiveX function call unicode access (web-activex.rules)
 * 1:14398 <-> DISABLED <-> WEB-ACTIVEX vmappsdk.CuiObj ActiveX clsid access (web-activex.rules)
 * 1:14399 <-> DISABLED <-> WEB-ACTIVEX vmappsdk.CuiObj ActiveX clsid unicode access (web-activex.rules)
 * 1:14400 <-> DISABLED <-> WEB-ACTIVEX vmappsdk.CuiObj ActiveX function call access (web-activex.rules)
 * 1:14401 <-> DISABLED <-> WEB-ACTIVEX vmappsdk.CuiObj ActiveX function call unicode access (web-activex.rules)
 * 1:14402 <-> DISABLED <-> WEB-ACTIVEX RemoteBrowseDlg Class ActiveX clsid access (web-activex.rules)
 * 1:14403 <-> DISABLED <-> WEB-ACTIVEX RemoteBrowseDlg Class ActiveX clsid unicode access (web-activex.rules)
 * 1:14404 <-> DISABLED <-> WEB-ACTIVEX RemoteBrowseDlg Class ActiveX function call access (web-activex.rules)
 * 1:14405 <-> DISABLED <-> WEB-ACTIVEX RemoteBrowseDlg Class ActiveX function call unicode access (web-activex.rules)
 * 1:14406 <-> DISABLED <-> WEB-ACTIVEX RegVmsCtl Class ActiveX clsid access (web-activex.rules)
 * 1:14407 <-> DISABLED <-> WEB-ACTIVEX RegVmsCtl Class ActiveX clsid unicode access (web-activex.rules)
 * 1:14408 <-> DISABLED <-> WEB-ACTIVEX RegVmsCtl Class ActiveX function call access (web-activex.rules)
 * 1:14409 <-> DISABLED <-> WEB-ACTIVEX RegVmsCtl Class ActiveX function call unicode access (web-activex.rules)
 * 1:1441 <-> DISABLED <-> TFTP GET nc.exe (tftp.rules)
 * 1:14410 <-> DISABLED <-> WEB-ACTIVEX VmdbEnumTags Class ActiveX clsid access (web-activex.rules)
 * 1:14411 <-> DISABLED <-> WEB-ACTIVEX VmdbEnumTags Class ActiveX clsid unicode access (web-activex.rules)
 * 1:14412 <-> DISABLED <-> WEB-ACTIVEX VmdbEnumTags Class ActiveX function call access (web-activex.rules)
 * 1:14413 <-> DISABLED <-> WEB-ACTIVEX VmdbEnumTags Class ActiveX function call unicode access (web-activex.rules)
 * 1:14414 <-> DISABLED <-> WEB-ACTIVEX VMWare unspecified 7 ActiveX clsid access (web-activex.rules)
 * 1:14415 <-> DISABLED <-> WEB-ACTIVEX VMWare unspecified 7 ActiveX clsid unicode access (web-activex.rules)
 * 1:14416 <-> DISABLED <-> WEB-ACTIVEX VieLib2.Vie2Process ActiveX clsid access (web-activex.rules)
 * 1:14417 <-> DISABLED <-> WEB-ACTIVEX VieLib2.Vie2Process ActiveX clsid unicode access (web-activex.rules)
 * 1:14418 <-> DISABLED <-> WEB-ACTIVEX VieLib2.Vie2Process ActiveX function call access (web-activex.rules)
 * 1:14419 <-> DISABLED <-> WEB-ACTIVEX VieLib2.Vie2Process ActiveX function call unicode access (web-activex.rules)
 * 1:1442 <-> DISABLED <-> TFTP GET shadow (tftp.rules)
 * 1:14420 <-> DISABLED <-> WEB-ACTIVEX VmdbDatabase Class ActiveX clsid access (web-activex.rules)
 * 1:14421 <-> DISABLED <-> WEB-ACTIVEX VmdbDatabase Class ActiveX clsid unicode access (web-activex.rules)
 * 1:14422 <-> DISABLED <-> WEB-ACTIVEX VmdbDatabase Class ActiveX function call access (web-activex.rules)
 * 1:14423 <-> DISABLED <-> WEB-ACTIVEX VmdbDatabase Class ActiveX function call unicode access (web-activex.rules)
 * 1:14424 <-> DISABLED <-> WEB-ACTIVEX VMAppSdkUtil Class ActiveX clsid access (web-activex.rules)
 * 1:14425 <-> DISABLED <-> WEB-ACTIVEX VMAppSdkUtil Class ActiveX clsid unicode access (web-activex.rules)
 * 1:14426 <-> DISABLED <-> WEB-ACTIVEX VMAppSdkUtil Class ActiveX function call access (web-activex.rules)
 * 1:14427 <-> DISABLED <-> WEB-ACTIVEX VMAppSdkUtil Class ActiveX function call unicode access (web-activex.rules)
 * 1:14428 <-> DISABLED <-> WEB-ACTIVEX VMWare unspecified 8 ActiveX clsid access (web-activex.rules)
 * 1:14429 <-> DISABLED <-> WEB-ACTIVEX VMWare unspecified 8 ActiveX clsid unicode access (web-activex.rules)
 * 1:1443 <-> DISABLED <-> TFTP GET passwd (tftp.rules)
 * 1:14430 <-> DISABLED <-> WEB-ACTIVEX VMEnumStrings Class ActiveX clsid access (web-activex.rules)
 * 1:14431 <-> DISABLED <-> WEB-ACTIVEX VMEnumStrings Class ActiveX clsid unicode access (web-activex.rules)
 * 1:14432 <-> DISABLED <-> WEB-ACTIVEX VMEnumStrings Class ActiveX function call access (web-activex.rules)
 * 1:14433 <-> DISABLED <-> WEB-ACTIVEX VMEnumStrings Class ActiveX function call unicode access (web-activex.rules)
 * 1:14434 <-> DISABLED <-> WEB-ACTIVEX VMWare unspecified 9 ActiveX clsid access (web-activex.rules)
 * 1:14435 <-> DISABLED <-> WEB-ACTIVEX VMWare unspecified 9 ActiveX clsid unicode access (web-activex.rules)
 * 1:14436 <-> DISABLED <-> WEB-ACTIVEX VMClientHost Class ActiveX clsid access (web-activex.rules)
 * 1:14437 <-> DISABLED <-> WEB-ACTIVEX VMClientHost Class ActiveX clsid unicode access (web-activex.rules)
 * 1:14438 <-> DISABLED <-> WEB-ACTIVEX VMClientHost Class ActiveX function call access (web-activex.rules)
 * 1:14439 <-> DISABLED <-> WEB-ACTIVEX VMClientHost Class ActiveX function call unicode access (web-activex.rules)
 * 1:1444 <-> DISABLED <-> TFTP Get (tftp.rules)
 * 1:14440 <-> DISABLED <-> WEB-ACTIVEX VMWare unspecified 10 ActiveX clsid access (web-activex.rules)
 * 1:14441 <-> DISABLED <-> WEB-ACTIVEX VMWare unspecified 10 ActiveX clsid unicode access (web-activex.rules)
 * 1:14442 <-> DISABLED <-> WEB-ACTIVEX VMWare unspecified 11 ActiveX clsid access (web-activex.rules)
 * 1:14443 <-> DISABLED <-> WEB-ACTIVEX VMWare unspecified 11 ActiveX clsid unicode access (web-activex.rules)
 * 1:14444 <-> DISABLED <-> WEB-ACTIVEX VMWare unspecified 12 ActiveX clsid access (web-activex.rules)
 * 1:14445 <-> DISABLED <-> WEB-ACTIVEX VMWare unspecified 12 ActiveX clsid unicode access (web-activex.rules)
 * 1:14446 <-> DISABLED <-> WEB-ACTIVEX VMWare unspecified 13 ActiveX clsid access (web-activex.rules)
 * 1:14447 <-> DISABLED <-> WEB-ACTIVEX VMWare unspecified 13 ActiveX clsid unicode access (web-activex.rules)
 * 1:14448 <-> DISABLED <-> WEB-ACTIVEX reconfig.SystemReconfigur ActiveX clsid access (web-activex.rules)
 * 1:14449 <-> DISABLED <-> WEB-ACTIVEX reconfig.SystemReconfigur ActiveX clsid unicode access (web-activex.rules)
 * 1:14450 <-> DISABLED <-> WEB-ACTIVEX reconfig.SystemReconfigur ActiveX function call access (web-activex.rules)
 * 1:14451 <-> DISABLED <-> WEB-ACTIVEX reconfig.SystemReconfigur ActiveX function call unicode access (web-activex.rules)
 * 1:14452 <-> DISABLED <-> WEB-ACTIVEX vmhwcfg.NwzCompleted ActiveX clsid access (web-activex.rules)
 * 1:14453 <-> DISABLED <-> WEB-ACTIVEX vmhwcfg.NwzCompleted ActiveX clsid unicode access (web-activex.rules)
 * 1:14454 <-> DISABLED <-> WEB-ACTIVEX vmhwcfg.NwzCompleted ActiveX function call access (web-activex.rules)
 * 1:14455 <-> DISABLED <-> WEB-ACTIVEX vmhwcfg.NwzCompleted ActiveX function call unicode access (web-activex.rules)
 * 1:14456 <-> DISABLED <-> WEB-ACTIVEX MksCompatCtl Class ActiveX clsid access (web-activex.rules)
 * 1:14457 <-> DISABLED <-> WEB-ACTIVEX MksCompatCtl Class ActiveX clsid unicode access (web-activex.rules)
 * 1:14458 <-> DISABLED <-> WEB-ACTIVEX MksCompatCtl Class ActiveX function call access (web-activex.rules)
 * 1:14459 <-> DISABLED <-> WEB-ACTIVEX MksCompatCtl Class ActiveX function call unicode access (web-activex.rules)
 * 1:14460 <-> DISABLED <-> WEB-ACTIVEX VMWare unspecified 14 ActiveX clsid access (web-activex.rules)
 * 1:14461 <-> DISABLED <-> WEB-ACTIVEX VMWare unspecified 14 ActiveX clsid unicode access (web-activex.rules)
 * 1:14462 <-> DISABLED <-> WEB-ACTIVEX IntraProcessLogging.Logger ActiveX clsid access (web-activex.rules)
 * 1:14463 <-> DISABLED <-> WEB-ACTIVEX IntraProcessLogging.Logger ActiveX clsid unicode access (web-activex.rules)
 * 1:14464 <-> DISABLED <-> WEB-ACTIVEX IntraProcessLogging.Logger ActiveX function call access (web-activex.rules)
 * 1:14465 <-> DISABLED <-> WEB-ACTIVEX IntraProcessLogging.Logger ActiveX function call unicode access (web-activex.rules)
 * 1:14466 <-> DISABLED <-> WEB-ACTIVEX VMWare unspecified 15 ActiveX clsid access (web-activex.rules)
 * 1:14467 <-> DISABLED <-> WEB-ACTIVEX VMWare unspecified 15 ActiveX clsid unicode access (web-activex.rules)
 * 1:14468 <-> DISABLED <-> WEB-ACTIVEX Elevated.HostDeviceInfos ActiveX clsid access (web-activex.rules)
 * 1:14469 <-> DISABLED <-> WEB-ACTIVEX Elevated.HostDeviceInfos ActiveX clsid unicode access (web-activex.rules)
 * 1:14470 <-> DISABLED <-> WEB-ACTIVEX Elevated.HostDeviceInfos ActiveX function call access (web-activex.rules)
 * 1:14471 <-> DISABLED <-> WEB-ACTIVEX Elevated.HostDeviceInfos ActiveX function call unicode access (web-activex.rules)
 * 1:14472 <-> DISABLED <-> WEB-ACTIVEX VMWare unspecified 16 ActiveX clsid access (web-activex.rules)
 * 1:14473 <-> DISABLED <-> WEB-ACTIVEX VMWare unspecified 16 ActiveX clsid unicode access (web-activex.rules)
 * 1:14474 <-> DISABLED <-> WEB-ACTIVEX VMWare unspecified 17 ActiveX clsid access (web-activex.rules)
 * 1:14475 <-> DISABLED <-> WEB-ACTIVEX VMWare unspecified 17 ActiveX clsid unicode access (web-activex.rules)
 * 1:14476 <-> DISABLED <-> WEB-ACTIVEX reconfig.GuestInfo ActiveX clsid access (web-activex.rules)
 * 1:14477 <-> DISABLED <-> WEB-ACTIVEX reconfig.GuestInfo ActiveX clsid unicode access (web-activex.rules)
 * 1:14478 <-> DISABLED <-> WEB-ACTIVEX reconfig.GuestInfo ActiveX function call access (web-activex.rules)
 * 1:14479 <-> DISABLED <-> WEB-ACTIVEX reconfig.GuestInfo ActiveX function call unicode access (web-activex.rules)
 * 1:14480 <-> DISABLED <-> WEB-ACTIVEX VmappPropFrame Class ActiveX clsid access (web-activex.rules)
 * 1:14481 <-> DISABLED <-> WEB-ACTIVEX VmappPropFrame Class ActiveX clsid unicode access (web-activex.rules)
 * 1:14482 <-> DISABLED <-> WEB-ACTIVEX VmappPropFrame Class ActiveX function call access (web-activex.rules)
 * 1:14483 <-> DISABLED <-> WEB-ACTIVEX VmappPropFrame Class ActiveX function call unicode access (web-activex.rules)
 * 1:14484 <-> DISABLED <-> WEB-ACTIVEX VhdCvtCom.VhdConverter ActiveX clsid access (web-activex.rules)
 * 1:14485 <-> DISABLED <-> WEB-ACTIVEX VhdCvtCom.VhdConverter ActiveX clsid unicode access (web-activex.rules)
 * 1:14486 <-> DISABLED <-> WEB-ACTIVEX VhdCvtCom.VhdConverter ActiveX function call access (web-activex.rules)
 * 1:14487 <-> DISABLED <-> WEB-ACTIVEX VhdCvtCom.VhdConverter ActiveX function call unicode access (web-activex.rules)
 * 1:14488 <-> DISABLED <-> WEB-ACTIVEX VMSwitchCtl Class ActiveX clsid access (web-activex.rules)
 * 1:14489 <-> DISABLED <-> WEB-ACTIVEX VMSwitchCtl Class ActiveX clsid unicode access (web-activex.rules)
 * 1:14490 <-> DISABLED <-> WEB-ACTIVEX VMSwitchCtl Class ActiveX function call access (web-activex.rules)
 * 1:14491 <-> DISABLED <-> WEB-ACTIVEX VMSwitchCtl Class ActiveX function call unicode access (web-activex.rules)
 * 1:14492 <-> DISABLED <-> WEB-ACTIVEX VMWare unspecified 18 ActiveX clsid access (web-activex.rules)
 * 1:14493 <-> DISABLED <-> WEB-ACTIVEX VMWare unspecified 18 ActiveX clsid unicode access (web-activex.rules)
 * 1:14494 <-> DISABLED <-> WEB-ACTIVEX VmdbUtil Class ActiveX clsid access (web-activex.rules)
 * 1:14495 <-> DISABLED <-> WEB-ACTIVEX VmdbUtil Class ActiveX clsid unicode access (web-activex.rules)
 * 1:14496 <-> DISABLED <-> WEB-ACTIVEX VmdbUtil Class ActiveX function call access (web-activex.rules)
 * 1:14497 <-> DISABLED <-> WEB-ACTIVEX VmdbUtil Class ActiveX function call unicode access (web-activex.rules)
 * 1:14498 <-> DISABLED <-> WEB-ACTIVEX VMWare unspecified 19 ActiveX clsid access (web-activex.rules)
 * 1:14499 <-> DISABLED <-> WEB-ACTIVEX VMWare unspecified 19 ActiveX clsid unicode access (web-activex.rules)
 * 1:14500 <-> DISABLED <-> WEB-ACTIVEX VMwareVpcCvt.VpcC ActiveX clsid access (web-activex.rules)
 * 1:14501 <-> DISABLED <-> WEB-ACTIVEX VMwareVpcCvt.VpcC ActiveX clsid unicode access (web-activex.rules)
 * 1:14502 <-> DISABLED <-> WEB-ACTIVEX VMwareVpcCvt.VpcC ActiveX function call access (web-activex.rules)
 * 1:14503 <-> DISABLED <-> WEB-ACTIVEX VMwareVpcCvt.VpcC ActiveX function call unicode access (web-activex.rules)
 * 1:14504 <-> DISABLED <-> WEB-ACTIVEX VmdbCnxUtil Class ActiveX clsid access (web-activex.rules)
 * 1:14505 <-> DISABLED <-> WEB-ACTIVEX VmdbCnxUtil Class ActiveX clsid unicode access (web-activex.rules)
 * 1:14506 <-> DISABLED <-> WEB-ACTIVEX VmdbCnxUtil Class ActiveX function call access (web-activex.rules)
 * 1:14507 <-> DISABLED <-> WEB-ACTIVEX VmdbCnxUtil Class ActiveX function call unicode access (web-activex.rules)
 * 1:14508 <-> DISABLED <-> WEB-ACTIVEX Vmc2vmx.CoVPCDrive ActiveX clsid access (web-activex.rules)
 * 1:14509 <-> DISABLED <-> WEB-ACTIVEX Vmc2vmx.CoVPCDrive ActiveX clsid unicode access (web-activex.rules)
 * 1:1451 <-> ENABLED <-> WEB-CGI NPH-maillist access (web-cgi.rules)
 * 1:14510 <-> DISABLED <-> WEB-ACTIVEX Vmc2vmx.CoVPCDrive ActiveX function call access (web-activex.rules)
 * 1:14511 <-> DISABLED <-> WEB-ACTIVEX Vmc2vmx.CoVPCDrive ActiveX function call unicode access (web-activex.rules)
 * 1:14512 <-> DISABLED <-> WEB-ACTIVEX VMWare unspecified 20 ActiveX clsid access (web-activex.rules)
 * 1:14513 <-> DISABLED <-> WEB-ACTIVEX VMWare unspecified 20 ActiveX clsid unicode access (web-activex.rules)
 * 1:14514 <-> DISABLED <-> WEB-ACTIVEX VMClientVM Class ActiveX clsid access (web-activex.rules)
 * 1:14515 <-> DISABLED <-> WEB-ACTIVEX VMClientVM Class ActiveX clsid unicode access (web-activex.rules)
 * 1:14516 <-> DISABLED <-> WEB-ACTIVEX VMClientVM Class ActiveX function call access (web-activex.rules)
 * 1:14517 <-> DISABLED <-> WEB-ACTIVEX VMClientVM Class ActiveX function call unicode access (web-activex.rules)
 * 1:14518 <-> DISABLED <-> WEB-ACTIVEX VMWare unspecified 21 ActiveX clsid access (web-activex.rules)
 * 1:14519 <-> DISABLED <-> WEB-ACTIVEX VMWare unspecified 21 ActiveX clsid unicode access (web-activex.rules)
 * 1:1452 <-> DISABLED <-> WEB-CGI args.cmd access (web-cgi.rules)
 * 1:14520 <-> DISABLED <-> WEB-ACTIVEX Elevated.VMXCreator ActiveX clsid access (web-activex.rules)
 * 1:14521 <-> DISABLED <-> WEB-ACTIVEX Elevated.VMXCreator ActiveX clsid unicode access (web-activex.rules)
 * 1:14522 <-> DISABLED <-> WEB-ACTIVEX Elevated.VMXCreator ActiveX function call access (web-activex.rules)
 * 1:14523 <-> DISABLED <-> WEB-ACTIVEX Elevated.VMXCreator ActiveX function call unicode access (web-activex.rules)
 * 1:14524 <-> DISABLED <-> WEB-ACTIVEX VMWare unspecified 22 ActiveX clsid access (web-activex.rules)
 * 1:14525 <-> DISABLED <-> WEB-ACTIVEX VMWare unspecified 22 ActiveX clsid unicode access (web-activex.rules)
 * 1:14526 <-> DISABLED <-> WEB-ACTIVEX HotfixWz Class ActiveX clsid access (web-activex.rules)
 * 1:14527 <-> DISABLED <-> WEB-ACTIVEX HotfixWz Class ActiveX clsid unicode access (web-activex.rules)
 * 1:14528 <-> DISABLED <-> WEB-ACTIVEX HotfixWz Class ActiveX function call access (web-activex.rules)
 * 1:14529 <-> DISABLED <-> WEB-ACTIVEX HotfixWz Class ActiveX function call unicode access (web-activex.rules)
 * 1:1453 <-> DISABLED <-> WEB-CGI AT-generated.cgi access (web-cgi.rules)
 * 1:14530 <-> DISABLED <-> WEB-ACTIVEX VmdbUpdates Class ActiveX clsid access (web-activex.rules)
 * 1:14531 <-> DISABLED <-> WEB-ACTIVEX VmdbUpdates Class ActiveX clsid unicode access (web-activex.rules)
 * 1:14532 <-> DISABLED <-> WEB-ACTIVEX VmdbUpdates Class ActiveX function call access (web-activex.rules)
 * 1:14533 <-> DISABLED <-> WEB-ACTIVEX VmdbUpdates Class ActiveX function call unicode access (web-activex.rules)
 * 1:14534 <-> DISABLED <-> WEB-ACTIVEX VMListCtl Class ActiveX clsid access (web-activex.rules)
 * 1:14535 <-> DISABLED <-> WEB-ACTIVEX VMListCtl Class ActiveX clsid unicode access (web-activex.rules)
 * 1:14536 <-> DISABLED <-> WEB-ACTIVEX VMListCtl Class ActiveX function call access (web-activex.rules)
 * 1:14537 <-> DISABLED <-> WEB-ACTIVEX VMListCtl Class ActiveX function call unicode access (web-activex.rules)
 * 1:14538 <-> DISABLED <-> WEB-ACTIVEX CheckedListViewWnd Class ActiveX clsid access (web-activex.rules)
 * 1:14539 <-> DISABLED <-> WEB-ACTIVEX CheckedListViewWnd Class ActiveX clsid unicode access (web-activex.rules)
 * 1:1454 <-> DISABLED <-> WEB-CGI wwwwais access (web-cgi.rules)
 * 1:14540 <-> DISABLED <-> WEB-ACTIVEX CheckedListViewWnd Class ActiveX function call access (web-activex.rules)
 * 1:14541 <-> DISABLED <-> WEB-ACTIVEX CheckedListViewWnd Class ActiveX function call unicode access (web-activex.rules)
 * 1:14542 <-> DISABLED <-> WEB-ACTIVEX VMWare unspecified 23 ActiveX clsid access (web-activex.rules)
 * 1:14543 <-> DISABLED <-> WEB-ACTIVEX VMWare unspecified 23 ActiveX clsid unicode access (web-activex.rules)
 * 1:14544 <-> DISABLED <-> WEB-ACTIVEX VmdbTreeCtl Class ActiveX clsid access (web-activex.rules)
 * 1:14545 <-> DISABLED <-> WEB-ACTIVEX VmdbTreeCtl Class ActiveX clsid unicode access (web-activex.rules)
 * 1:14546 <-> DISABLED <-> WEB-ACTIVEX VmdbTreeCtl Class ActiveX function call access (web-activex.rules)
 * 1:14547 <-> DISABLED <-> WEB-ACTIVEX VmdbTreeCtl Class ActiveX function call unicode access (web-activex.rules)
 * 1:14548 <-> DISABLED <-> WEB-ACTIVEX Nwz Class ActiveX clsid access (web-activex.rules)
 * 1:14549 <-> DISABLED <-> WEB-ACTIVEX Nwz Class ActiveX clsid unicode access (web-activex.rules)
 * 1:1455 <-> DISABLED <-> WEB-CGI calendar.pl access (web-cgi.rules)
 * 1:14550 <-> DISABLED <-> WEB-ACTIVEX Nwz Class ActiveX function call access (web-activex.rules)
 * 1:14551 <-> DISABLED <-> WEB-ACTIVEX Nwz Class ActiveX function call unicode access (web-activex.rules)
 * 1:14552 <-> DISABLED <-> WEB-ACTIVEX Vmc2vmx.CoVPCDrives ActiveX clsid access (web-activex.rules)
 * 1:14553 <-> DISABLED <-> WEB-ACTIVEX Vmc2vmx.CoVPCDrives ActiveX clsid unicode access (web-activex.rules)
 * 1:14554 <-> DISABLED <-> WEB-ACTIVEX Vmc2vmx.CoVPCDrives ActiveX function call access (web-activex.rules)
 * 1:14555 <-> DISABLED <-> WEB-ACTIVEX Vmc2vmx.CoVPCDrives ActiveX function call unicode access (web-activex.rules)
 * 1:14556 <-> DISABLED <-> WEB-ACTIVEX MksCtl Class ActiveX clsid access (web-activex.rules)
 * 1:14557 <-> DISABLED <-> WEB-ACTIVEX MksCtl Class ActiveX clsid unicode access (web-activex.rules)
 * 1:14558 <-> DISABLED <-> WEB-ACTIVEX MksCtl Class ActiveX function call access (web-activex.rules)
 * 1:14559 <-> DISABLED <-> WEB-ACTIVEX MksCtl Class ActiveX function call unicode access (web-activex.rules)
 * 1:1456 <-> DISABLED <-> WEB-CGI calender_admin.pl access (web-cgi.rules)
 * 1:14560 <-> DISABLED <-> WEB-ACTIVEX VmappPropPath Class ActiveX clsid access (web-activex.rules)
 * 1:14561 <-> DISABLED <-> WEB-ACTIVEX VmappPropPath Class ActiveX clsid unicode access (web-activex.rules)
 * 1:14562 <-> DISABLED <-> WEB-ACTIVEX VmappPropPath Class ActiveX function call access (web-activex.rules)
 * 1:14563 <-> DISABLED <-> WEB-ACTIVEX VmappPropPath Class ActiveX function call unicode access (web-activex.rules)
 * 1:14564 <-> DISABLED <-> WEB-ACTIVEX VMWare unspecified 24 ActiveX clsid access (web-activex.rules)
 * 1:14565 <-> DISABLED <-> WEB-ACTIVEX VMWare unspecified 24 ActiveX clsid unicode access (web-activex.rules)
 * 1:14566 <-> DISABLED <-> WEB-ACTIVEX PolicyCtl Class ActiveX clsid access (web-activex.rules)
 * 1:14567 <-> DISABLED <-> WEB-ACTIVEX PolicyCtl Class ActiveX clsid unicode access (web-activex.rules)
 * 1:14568 <-> DISABLED <-> WEB-ACTIVEX PolicyCtl Class ActiveX function call access (web-activex.rules)
 * 1:14569 <-> DISABLED <-> WEB-ACTIVEX PolicyCtl Class ActiveX function call unicode access (web-activex.rules)
 * 1:1457 <-> DISABLED <-> WEB-CGI user_update_admin.pl access (web-cgi.rules)
 * 1:14570 <-> DISABLED <-> WEB-ACTIVEX VmdbParseError Class ActiveX clsid access (web-activex.rules)
 * 1:14571 <-> DISABLED <-> WEB-ACTIVEX VmdbParseError Class ActiveX clsid unicode access (web-activex.rules)
 * 1:14572 <-> DISABLED <-> WEB-ACTIVEX VmdbParseError Class ActiveX function call access (web-activex.rules)
 * 1:14573 <-> DISABLED <-> WEB-ACTIVEX VmdbParseError Class ActiveX function call unicode access (web-activex.rules)
 * 1:14574 <-> DISABLED <-> WEB-ACTIVEX NavigationCtl Class ActiveX clsid access (web-activex.rules)
 * 1:14575 <-> DISABLED <-> WEB-ACTIVEX NavigationCtl Class ActiveX clsid unicode access (web-activex.rules)
 * 1:14576 <-> DISABLED <-> WEB-ACTIVEX NavigationCtl Class ActiveX function call access (web-activex.rules)
 * 1:14577 <-> DISABLED <-> WEB-ACTIVEX NavigationCtl Class ActiveX function call unicode access (web-activex.rules)
 * 1:14578 <-> DISABLED <-> WEB-ACTIVEX VMList Class ActiveX clsid access (web-activex.rules)
 * 1:14579 <-> DISABLED <-> WEB-ACTIVEX VMList Class ActiveX clsid unicode access (web-activex.rules)
 * 1:1458 <-> DISABLED <-> WEB-CGI user_update_passwd.pl access (web-cgi.rules)
 * 1:14580 <-> DISABLED <-> WEB-ACTIVEX VMList Class ActiveX function call access (web-activex.rules)
 * 1:14581 <-> DISABLED <-> WEB-ACTIVEX VMList Class ActiveX function call unicode access (web-activex.rules)
 * 1:14582 <-> DISABLED <-> WEB-ACTIVEX VMWare unspecified 25 ActiveX clsid access (web-activex.rules)
 * 1:14583 <-> DISABLED <-> WEB-ACTIVEX VMWare unspecified 25 ActiveX clsid unicode access (web-activex.rules)
 * 1:14584 <-> DISABLED <-> WEB-ACTIVEX VMWare unspecified 26 ActiveX clsid access (web-activex.rules)
 * 1:14585 <-> DISABLED <-> WEB-ACTIVEX VMWare unspecified 26 ActiveX clsid unicode access (web-activex.rules)
 * 1:14586 <-> DISABLED <-> WEB-ACTIVEX CurrentVMCtl Class ActiveX clsid access (web-activex.rules)
 * 1:14587 <-> DISABLED <-> WEB-ACTIVEX CurrentVMCtl Class ActiveX clsid unicode access (web-activex.rules)
 * 1:14588 <-> DISABLED <-> WEB-ACTIVEX CurrentVMCtl Class ActiveX function call access (web-activex.rules)
 * 1:14589 <-> DISABLED <-> WEB-ACTIVEX CurrentVMCtl Class ActiveX function call unicode access (web-activex.rules)
 * 1:1459 <-> DISABLED <-> WEB-CGI bb-histlog.sh access (web-cgi.rules)
 * 1:14590 <-> DISABLED <-> WEB-ACTIVEX VhdCvtCom.DiskLibHelper ActiveX clsid access (web-activex.rules)
 * 1:14591 <-> DISABLED <-> WEB-ACTIVEX VhdCvtCom.DiskLibHelper ActiveX clsid unicode access (web-activex.rules)
 * 1:14592 <-> DISABLED <-> WEB-ACTIVEX VhdCvtCom.DiskLibHelper ActiveX function call access (web-activex.rules)
 * 1:14593 <-> DISABLED <-> WEB-ACTIVEX VhdCvtCom.DiskLibHelper ActiveX function call unicode access (web-activex.rules)
 * 1:14594 <-> DISABLED <-> WEB-ACTIVEX Peachtree Accounting 2004 ActiveX clsid access (web-activex.rules)
 * 1:14595 <-> DISABLED <-> WEB-ACTIVEX Peachtree Accounting 2004 ActiveX clsid unicode access (web-activex.rules)
 * 1:14596 <-> DISABLED <-> WEB-ACTIVEX ComponentOne VSFlexGrid ActiveX clsid access (web-activex.rules)
 * 1:14597 <-> DISABLED <-> WEB-ACTIVEX ComponentOne VSFlexGrid ActiveX clsid unicode access (web-activex.rules)
 * 1:14598 <-> DISABLED <-> WEB-ACTIVEX ComponentOne VSFlexGrid ActiveX function call access (web-activex.rules)
 * 1:14599 <-> DISABLED <-> WEB-ACTIVEX ComponentOne VSFlexGrid ActiveX function call unicode access (web-activex.rules)
 * 1:1460 <-> DISABLED <-> WEB-CGI bb-histsvc.sh access (web-cgi.rules)
 * 1:14603 <-> DISABLED <-> WEB-ACTIVEX Data Dynamics ActiveReport ARViewer2 ActiveX clsid access (web-activex.rules)
 * 1:14604 <-> DISABLED <-> WEB-ACTIVEX Data Dynamics ActiveReport ARViewer2 ActiveX clsid unicode access (web-activex.rules)
 * 1:14605 <-> DISABLED <-> WEB-ACTIVEX Data Dynamics ActiveReport ARViewer2 ActiveX function call access (web-activex.rules)
 * 1:14606 <-> DISABLED <-> WEB-ACTIVEX Data Dynamics ActiveReport ARViewer2 ActiveX function call unicode access (web-activex.rules)
 * 1:1461 <-> DISABLED <-> WEB-CGI bb-rep.sh access (web-cgi.rules)
 * 1:14612 <-> DISABLED <-> WEB-ACTIVEX VMWare VMCtl Class ActiveX clsid unicode access (web-activex.rules)
 * 1:14613 <-> DISABLED <-> WEB-ACTIVEX VMWare VMCtl Class ActiveX function call access (web-activex.rules)
 * 1:14614 <-> DISABLED <-> WEB-ACTIVEX VMWare VMCtl Class ActiveX function call unicode access (web-activex.rules)
 * 1:1462 <-> DISABLED <-> WEB-CGI bb-replog.sh access (web-cgi.rules)
 * 1:14628 <-> DISABLED <-> WEB-ACTIVEX Office 2000 and 2002 Web Components Chart ActiveX clsid unicode access (web-activex.rules)
 * 1:14629 <-> DISABLED <-> WEB-ACTIVEX Office 2000 and 2002 Web Components PivotTable ActiveX clsid unicode access (web-activex.rules)
 * 1:14630 <-> DISABLED <-> WEB-ACTIVEX Office 2000 and 2002 Web Components Data Source Control ActiveX clsid unicode access (web-activex.rules)
 * 1:14631 <-> DISABLED <-> WEB-ACTIVEX SystemRequirementsLab ActiveX clsid access (web-activex.rules)
 * 1:14632 <-> DISABLED <-> WEB-ACTIVEX SystemRequirementsLab ActiveX clsid unicode access (web-activex.rules)
 * 1:14633 <-> DISABLED <-> WEB-ACTIVEX PhotoStockPlus ActiveX clsid access (web-activex.rules)
 * 1:14634 <-> DISABLED <-> WEB-ACTIVEX PhotoStockPlus ActiveX clsid unicode access (web-activex.rules)
 * 1:14635 <-> DISABLED <-> WEB-ACTIVEX Microsoft RSClientPrint ActiveX clsid access (web-activex.rules)
 * 1:14636 <-> DISABLED <-> WEB-ACTIVEX Microsoft RSClientPrint ActiveX clsid unicode access (web-activex.rules)
 * 1:14637 <-> DISABLED <-> WEB-ACTIVEX Microsoft PicturePusher ActiveX clsid access (web-activex.rules)
 * 1:14638 <-> DISABLED <-> WEB-ACTIVEX Microsoft PicturePusher ActiveX clsid unicode access (web-activex.rules)
 * 1:14639 <-> DISABLED <-> WEB-ACTIVEX Microsoft PicturePusher ActiveX function call access (web-activex.rules)
 * 1:14640 <-> DISABLED <-> WEB-ACTIVEX Microsoft PicturePusher ActiveX function call unicode access (web-activex.rules)
 * 1:1465 <-> DISABLED <-> WEB-CGI auktion.cgi access (web-cgi.rules)
 * 1:1466 <-> DISABLED <-> WEB-CGI cgiforum.pl access (web-cgi.rules)
 * 1:1467 <-> DISABLED <-> WEB-CGI directorypro.cgi access (web-cgi.rules)
 * 1:1468 <-> DISABLED <-> WEB-CGI Web Shopper shopper.cgi attempt (web-cgi.rules)
 * 1:1469 <-> DISABLED <-> WEB-CGI Web Shopper shopper.cgi access (web-cgi.rules)
 * 1:1470 <-> DISABLED <-> WEB-CGI listrec.pl access (web-cgi.rules)
 * 1:1471 <-> DISABLED <-> WEB-CGI mailnews.cgi access (web-cgi.rules)
 * 1:1472 <-> DISABLED <-> WEB-CGI book.cgi access (web-cgi.rules)
 * 1:1473 <-> DISABLED <-> WEB-CGI newsdesk.cgi access (web-cgi.rules)
 * 1:1474 <-> DISABLED <-> WEB-CGI cal_make.pl access (web-cgi.rules)
 * 1:14742 <-> DISABLED <-> SPECIFIC-THREATS Exchange MODPROPS denial of service PoC attempt (specific-threats.rules)
 * 1:14744 <-> DISABLED <-> WEB-ACTIVEX Hummingbird HostExplorer ActiveX clsid access (web-activex.rules)
 * 1:14745 <-> DISABLED <-> WEB-ACTIVEX Hummingbird HostExplorer ActiveX clsid unicode access (web-activex.rules)
 * 1:14746 <-> DISABLED <-> WEB-ACTIVEX Autodesk DWF Viewer ActiveX clsid access (web-activex.rules)
 * 1:14747 <-> DISABLED <-> WEB-ACTIVEX Autodesk DWF Viewer ActiveX clsid unicode access (web-activex.rules)
 * 1:14749 <-> DISABLED <-> WEB-ACTIVEX Autodesk LiveUpdate ActiveX clsid unicode access (web-activex.rules)
 * 1:1475 <-> DISABLED <-> WEB-CGI mailit.pl access (web-cgi.rules)
 * 1:14750 <-> DISABLED <-> WEB-ACTIVEX Autodesk LiveUpdate ActiveX function call access (web-activex.rules)
 * 1:14751 <-> DISABLED <-> WEB-ACTIVEX Autodesk LiveUpdate ActiveX function call unicode access (web-activex.rules)
 * 1:14752 <-> DISABLED <-> WEB-ACTIVEX Novell ZENworks Desktop Management ActiveX clsid access (web-activex.rules)
 * 1:14753 <-> DISABLED <-> WEB-ACTIVEX Novell ZENworks Desktop Management ActiveX clsid unicode access (web-activex.rules)
 * 1:14754 <-> DISABLED <-> WEB-ACTIVEX Novell ZENworks Desktop Management ActiveX function call access (web-activex.rules)
 * 1:14755 <-> DISABLED <-> WEB-ACTIVEX Novell ZENworks Desktop Management ActiveX function call unicode access (web-activex.rules)
 * 1:14757 <-> DISABLED <-> WEB-ACTIVEX Microsoft SQL Server 2000 Client Components ActiveX clsid unicode access (web-activex.rules)
 * 1:14758 <-> DISABLED <-> WEB-ACTIVEX Microsoft SQL Server 2000 Client Components ActiveX function call access (web-activex.rules)
 * 1:14759 <-> DISABLED <-> WEB-ACTIVEX Microsoft SQL Server 2000 Client Components ActiveX function call unicode access (web-activex.rules)
 * 1:1476 <-> DISABLED <-> WEB-CGI sdbsearch.cgi access (web-cgi.rules)
 * 1:14760 <-> DISABLED <-> WEB-ACTIVEX iseemedia LPViewer ActiveX clsid access (web-activex.rules)
 * 1:14761 <-> DISABLED <-> WEB-ACTIVEX iseemedia LPViewer ActiveX clsid unicode access (web-activex.rules)
 * 1:14762 <-> DISABLED <-> WEB-ACTIVEX iseemedia LPViewer ActiveX function call access (web-activex.rules)
 * 1:14763 <-> DISABLED <-> WEB-ACTIVEX iseemedia LPViewer ActiveX function call unicode access (web-activex.rules)
 * 1:14775 <-> DISABLED <-> EXPLOIT HP OpenView Network Node Manger cdpnode command injection attempt (exploit.rules)
 * 1:14776 <-> DISABLED <-> EXPLOIT HP OpenView Network Node Manager freeIPaddrs command injection attempt (exploit.rules)
 * 1:14777 <-> DISABLED <-> DNS single byte encoded name response (dns.rules)
 * 1:14778 <-> DISABLED <-> WEB-ACTIVEX Dart Communications PowerTCP FTP ActiveX clsid access (web-activex.rules)
 * 1:14779 <-> DISABLED <-> WEB-ACTIVEX Dart Communications PowerTCP FTP ActiveX clsid unicode access (web-activex.rules)
 * 1:1478 <-> DISABLED <-> WEB-CGI swc access (web-cgi.rules)
 * 1:14780 <-> DISABLED <-> WEB-ACTIVEX Dart Communications PowerTCP FTP ActiveX function call access (web-activex.rules)
 * 1:14781 <-> DISABLED <-> WEB-ACTIVEX Dart Communications PowerTCP FTP ActiveX function call unicode access (web-activex.rules)
 * 1:1479 <-> DISABLED <-> WEB-CGI ttawebtop.cgi arbitrary file attempt (web-cgi.rules)
 * 1:1480 <-> DISABLED <-> WEB-CGI ttawebtop.cgi access (web-cgi.rules)
 * 1:1481 <-> DISABLED <-> WEB-CGI upload.cgi access (web-cgi.rules)
 * 1:1482 <-> DISABLED <-> WEB-CGI view_source access (web-cgi.rules)
 * 1:1483 <-> DISABLED <-> WEB-CGI ustorekeeper.pl access (web-cgi.rules)
 * 1:1488 <-> DISABLED <-> WEB-CGI store.cgi directory traversal attempt (web-cgi.rules)
 * 1:14897 <-> DISABLED <-> WEB-ACTIVEX HP Software Update RulesEngine.dll ActiveX function call access (web-activex.rules)
 * 1:14898 <-> DISABLED <-> WEB-ACTIVEX HP Software Update RulesEngine.dll ActiveX function call unicode access (web-activex.rules)
 * 1:1490 <-> DISABLED <-> WEB-PHP Phorum /support/common.php attempt (web-php.rules)
 * 1:14900 <-> ENABLED <-> NETBIOS DCERPC NCACN-IP-TCP netdfs NetrDfsEnum overflow attempt (netbios.rules)
 * 1:1491 <-> DISABLED <-> WEB-PHP Phorum /support/common.php access (web-php.rules)
 * 1:1494 <-> DISABLED <-> WEB-CGI SIX webboard generate.cgi attempt (web-cgi.rules)
 * 1:1495 <-> DISABLED <-> WEB-CGI SIX webboard generate.cgi access (web-cgi.rules)
 * 1:1496 <-> DISABLED <-> WEB-CGI spin_client.cgi access (web-cgi.rules)
 * 1:14988 <-> ENABLED <-> NETBIOS DCERPC NCADG-IP-UDP netdfs NetrDfsEnum overflow attempt (netbios.rules)
 * 1:14993 <-> DISABLED <-> WEB-ACTIVEX Visagesoft eXPert PDF Viewer ActiveX clsid access (web-activex.rules)
 * 1:14994 <-> DISABLED <-> WEB-ACTIVEX Visagesoft eXPert PDF Viewer ActiveX clsid unicode access (web-activex.rules)
 * 1:14995 <-> DISABLED <-> WEB-ACTIVEX Visagesoft eXPert PDF Viewer ActiveX function call access (web-activex.rules)
 * 1:14177 <-> DISABLED <-> WEB-ACTIVEX Aurigma unspecified 45 ActiveX clsid unicode access (web-activex.rules)
 * 1:14996 <-> DISABLED <-> WEB-ACTIVEX Visagesoft eXPert PDF Viewer ActiveX function call unicode access (web-activex.rules)
 * 1:14997 <-> DISABLED <-> WEB-ACTIVEX DjVu MSOffice Converter ActiveX clsid access (web-activex.rules)
 * 1:14998 <-> DISABLED <-> WEB-ACTIVEX DjVu MSOffice Converter ActiveX clsid unicode access (web-activex.rules)
 * 1:14999 <-> DISABLED <-> WEB-ACTIVEX Microsoft Debug Diagnostic Tool ActiveX clsid access (web-activex.rules)
 * 1:15000 <-> DISABLED <-> WEB-ACTIVEX Microsoft Debug Diagnostic Tool ActiveX clsid unicode access (web-activex.rules)
 * 1:15001 <-> DISABLED <-> WEB-ACTIVEX Microsoft Debug Diagnostic Tool ActiveX function call access (web-activex.rules)
 * 1:15002 <-> DISABLED <-> WEB-ACTIVEX Microsoft Debug Diagnostic Tool ActiveX function call unicode access (web-activex.rules)
 * 1:15003 <-> DISABLED <-> WEB-ACTIVEX Chilkat Crypt 2 ActiveX clsid access (web-activex.rules)
 * 1:15004 <-> DISABLED <-> WEB-ACTIVEX Chilkat Crypt 2 ActiveX clsid unicode access (web-activex.rules)
 * 1:15005 <-> DISABLED <-> WEB-ACTIVEX Chilkat Crypt 2 ActiveX function call access (web-activex.rules)
 * 1:15006 <-> DISABLED <-> WEB-ACTIVEX Chilkat Crypt 2 ActiveX function call unicode access (web-activex.rules)
 * 1:15007 <-> DISABLED <-> WEB-ACTIVEX NOS Microsystems / Adobe getPlus Download Manager ActiveX clsid access (web-activex.rules)
 * 1:15008 <-> DISABLED <-> WEB-ACTIVEX NOS Microsystems / Adobe getPlus Download Manager ActiveX clsid unicode access (web-activex.rules)
 * 1:1501 <-> DISABLED <-> WEB-CGI a1stats a1disp3.cgi directory traversal attempt (web-cgi.rules)
 * 1:1502 <-> DISABLED <-> WEB-CGI a1stats a1disp3.cgi access (web-cgi.rules)
 * 1:1503 <-> DISABLED <-> WEB-CGI admentor admin.asp access (web-cgi.rules)
 * 1:1505 <-> DISABLED <-> WEB-CGI alchemy http server PRN arbitrary command execution attempt (web-cgi.rules)
 * 1:1506 <-> DISABLED <-> WEB-CGI alchemy http server NUL arbitrary command execution attempt (web-cgi.rules)
 * 1:15069 <-> DISABLED <-> WEB-ACTIVEX SAP AG SAPgui mdrmsap ActiveX clsid access (web-activex.rules)
 * 1:1507 <-> DISABLED <-> WEB-CGI alibaba.pl arbitrary command execution attempt (web-cgi.rules)
 * 1:15070 <-> DISABLED <-> WEB-ACTIVEX SAP AG SAPgui mdrmsap ActiveX clsid unicode access (web-activex.rules)
 * 1:1508 <-> DISABLED <-> WEB-CGI alibaba.pl access (web-cgi.rules)
 * 1:1509 <-> DISABLED <-> WEB-CGI AltaVista Intranet Search directory traversal attempt (web-cgi.rules)
 * 1:1510 <-> DISABLED <-> WEB-CGI test.bat arbitrary command execution attempt (web-cgi.rules)
 * 1:1511 <-> DISABLED <-> WEB-CGI test.bat access (web-cgi.rules)
 * 1:1512 <-> DISABLED <-> WEB-CGI input.bat arbitrary command execution attempt (web-cgi.rules)
 * 1:15127 <-> DISABLED <-> NETBIOS SMB sp_replwritetovarbin vulnerable function WriteAndX andx attempt (netbios.rules)
 * 1:15128 <-> DISABLED <-> NETBIOS SMB sp_replwritetovarbin vulnerable function WriteAndX attempt (netbios.rules)
 * 1:15129 <-> DISABLED <-> NETBIOS SMB sp_replwritetovarbin vulnerable function WriteAndX unicode andx attempt (netbios.rules)
 * 1:1513 <-> DISABLED <-> WEB-CGI input.bat access (web-cgi.rules)
 * 1:15130 <-> DISABLED <-> NETBIOS SMB sp_replwritetovarbin vulnerable function WriteAndX unicode attempt (netbios.rules)
 * 1:15131 <-> DISABLED <-> NETBIOS SMB sp_replwritetovarbin vulnerable function andx attempt (netbios.rules)
 * 1:15132 <-> DISABLED <-> NETBIOS SMB sp_replwritetovarbin vulnerable function attempt (netbios.rules)
 * 1:15133 <-> DISABLED <-> NETBIOS SMB sp_replwritetovarbin vulnerable function unicode andx attempt (netbios.rules)
 * 1:15134 <-> DISABLED <-> NETBIOS SMB sp_replwritetovarbin vulnerable function unicode attempt (netbios.rules)
 * 1:15135 <-> DISABLED <-> NETBIOS-DG SMB sp_replwritetovarbin vulnerable function WriteAndX andx attempt (netbios.rules)
 * 1:15136 <-> DISABLED <-> NETBIOS-DG SMB sp_replwritetovarbin vulnerable function WriteAndX attempt (netbios.rules)
 * 1:15137 <-> DISABLED <-> NETBIOS-DG SMB sp_replwritetovarbin vulnerable function WriteAndX unicode andx attempt (netbios.rules)
 * 1:15138 <-> DISABLED <-> NETBIOS-DG SMB sp_replwritetovarbin vulnerable function WriteAndX unicode attempt (netbios.rules)
 * 1:15139 <-> DISABLED <-> NETBIOS-DG SMB sp_replwritetovarbin vulnerable function andx attempt (netbios.rules)
 * 1:1514 <-> DISABLED <-> WEB-CGI input2.bat arbitrary command execution attempt (web-cgi.rules)
 * 1:15140 <-> DISABLED <-> NETBIOS-DG SMB sp_replwritetovarbin vulnerable function attempt (netbios.rules)
 * 1:15141 <-> DISABLED <-> NETBIOS-DG SMB sp_replwritetovarbin vulnerable function unicode andx attempt (netbios.rules)
 * 1:15142 <-> DISABLED <-> NETBIOS-DG SMB sp_replwritetovarbin vulnerable function unicode attempt (netbios.rules)
 * 1:1515 <-> DISABLED <-> WEB-CGI input2.bat access (web-cgi.rules)
 * 1:15159 <-> DISABLED <-> WEB-ACTIVEX Evans FTP ActiveX clsid access (web-activex.rules)
 * 1:1516 <-> DISABLED <-> WEB-CGI envout.bat arbitrary command execution attempt (web-cgi.rules)
 * 1:15160 <-> DISABLED <-> WEB-ACTIVEX Evans FTP ActiveX clsid unicode access (web-activex.rules)
 * 1:15161 <-> DISABLED <-> WEB-ACTIVEX Evans FTP ActiveX function call access (web-activex.rules)
 * 1:15162 <-> DISABLED <-> WEB-ACTIVEX Evans FTP ActiveX function call unicode access (web-activex.rules)
 * 1:15167 <-> ENABLED <-> POLICY Suspicious .cn dns query (policy.rules)
 * 1:15168 <-> ENABLED <-> POLICY Suspicious .ru dns query (policy.rules)
 * 1:1517 <-> DISABLED <-> WEB-CGI envout.bat access (web-cgi.rules)
 * 1:15173 <-> DISABLED <-> WEB-ACTIVEX Phoenician Casino ActiveX clsid access (web-activex.rules)
 * 1:15174 <-> DISABLED <-> WEB-ACTIVEX Phoenician Casino ActiveX clsid unicode access (web-activex.rules)
 * 1:15175 <-> DISABLED <-> WEB-ACTIVEX Phoenician Casino ActiveX function call access (web-activex.rules)
 * 1:15176 <-> DISABLED <-> WEB-ACTIVEX Phoenician Casino ActiveX function call unicode access (web-activex.rules)
 * 1:15177 <-> DISABLED <-> WEB-ACTIVEX Trend Micro HouseCall ActiveX clsid access (web-activex.rules)
 * 1:15178 <-> DISABLED <-> WEB-ACTIVEX Trend Micro HouseCall ActiveX clsid unicode access (web-activex.rules)
 * 1:15179 <-> DISABLED <-> WEB-ACTIVEX Trend Micro HouseCall ActiveX function call access (web-activex.rules)
 * 1:15180 <-> DISABLED <-> WEB-ACTIVEX Trend Micro HouseCall ActiveX function call unicode access (web-activex.rules)
 * 1:15181 <-> DISABLED <-> WEB-ACTIVEX SaschArt SasCam Webcam Server ActiveX clsid access (web-activex.rules)
 * 1:15182 <-> DISABLED <-> WEB-ACTIVEX SaschArt SasCam Webcam Server ActiveX clsid unicode access (web-activex.rules)
 * 1:15191 <-> ENABLED <-> SPECIFIC-THREATS Mozilla Firefox animated PNG processing integer overflow (specific-threats.rules)
 * 1:15192 <-> DISABLED <-> WEB-ACTIVEX SizerOne ActiveX clsid access (web-activex.rules)
 * 1:15193 <-> DISABLED <-> WEB-ACTIVEX SizerOne ActiveX clsid unicode access (web-activex.rules)
 * 1:15194 <-> DISABLED <-> WEB-ACTIVEX SizerOne ActiveX function call access (web-activex.rules)
 * 1:15195 <-> DISABLED <-> WEB-ACTIVEX SizerOne ActiveX function call unicode access (web-activex.rules)
 * 1:15228 <-> DISABLED <-> WEB-ACTIVEX Ciansoft PDFBuilderX ActiveX clsid access (web-activex.rules)
 * 1:15229 <-> DISABLED <-> WEB-ACTIVEX Ciansoft PDFBuilderX ActiveX clsid unicode access (web-activex.rules)
 * 1:15231 <-> DISABLED <-> WEB-ACTIVEX Office Viewer 2 ActiveX clsid unicode access (web-activex.rules)
 * 1:15232 <-> DISABLED <-> WEB-ACTIVEX Easy Grid ActiveX clsid access (web-activex.rules)
 * 1:15233 <-> DISABLED <-> WEB-ACTIVEX Easy Grid ActiveX clsid unicode access (web-activex.rules)
 * 1:15234 <-> DISABLED <-> WEB-ACTIVEX Easy Grid ActiveX function call access (web-activex.rules)
 * 1:15235 <-> DISABLED <-> WEB-ACTIVEX Easy Grid ActiveX function call unicode access (web-activex.rules)
 * 1:15238 <-> DISABLED <-> SPECIFIC-THREATS Apple QuickTime for Java toQTPointer function memory corruption attempt (specific-threats.rules)
 * 1:15243 <-> ENABLED <-> WEB-ACTIVEX AXIS Camera ActiveX clsid access (web-activex.rules)
 * 1:15244 <-> DISABLED <-> WEB-ACTIVEX AXIS Camera ActiveX clsid unicode access (web-activex.rules)
 * 1:15245 <-> DISABLED <-> WEB-ACTIVEX AXIS Camera ActiveX function call access (web-activex.rules)
 * 1:15246 <-> DISABLED <-> WEB-ACTIVEX AXIS Camera ActiveX function call unicode access (web-activex.rules)
 * 1:15247 <-> DISABLED <-> WEB-ACTIVEX JamDTA ActiveX clsid access (web-activex.rules)
 * 1:15248 <-> DISABLED <-> WEB-ACTIVEX JamDTA ActiveX clsid unicode access (web-activex.rules)
 * 1:15249 <-> DISABLED <-> WEB-ACTIVEX SmartVMD ActiveX clsid access (web-activex.rules)
 * 1:15250 <-> DISABLED <-> WEB-ACTIVEX SmartVMD ActiveX clsid unicode access (web-activex.rules)
 * 1:15251 <-> DISABLED <-> WEB-ACTIVEX MetaProducts MetaTreeX ActiveX clsid access (web-activex.rules)
 * 1:15252 <-> DISABLED <-> WEB-ACTIVEX MetaProducts MetaTreeX ActiveX clsid unicode access (web-activex.rules)
 * 1:15253 <-> DISABLED <-> WEB-ACTIVEX MetaProducts MetaTreeX ActiveX function call access (web-activex.rules)
 * 1:15254 <-> DISABLED <-> WEB-ACTIVEX MetaProducts MetaTreeX ActiveX function call unicode access (web-activex.rules)
 * 1:15259 <-> DISABLED <-> DOS DNS root query traffic amplification attempt (dos.rules)
 * 1:15260 <-> DISABLED <-> DOS DNS root query response traffic amplification attempt (dos.rules)
 * 1:15265 <-> DISABLED <-> WEB-ACTIVEX NCTAudioFile2 ActiveX function call unicode access (web-activex.rules)
 * 1:15266 <-> DISABLED <-> WEB-ACTIVEX MW6 Technologies Barcode ActiveX clsid access (web-activex.rules)
 * 1:15267 <-> DISABLED <-> WEB-ACTIVEX MW6 Technologies Barcode ActiveX clsid unicode access (web-activex.rules)
 * 1:15268 <-> DISABLED <-> WEB-ACTIVEX MW6 Technologies Barcode ActiveX function call access (web-activex.rules)
 * 1:15269 <-> DISABLED <-> WEB-ACTIVEX MW6 Technologies Barcode ActiveX function call unicode access (web-activex.rules)
 * 1:15270 <-> DISABLED <-> WEB-ACTIVEX MW6 Technologies PDF417 ActiveX clsid access (web-activex.rules)
 * 1:15271 <-> DISABLED <-> WEB-ACTIVEX MW6 Technologies PDF417 ActiveX clsid unicode access (web-activex.rules)
 * 1:15272 <-> DISABLED <-> WEB-ACTIVEX MW6 Technologies PDF417 ActiveX function call access (web-activex.rules)
 * 1:15273 <-> DISABLED <-> WEB-ACTIVEX MW6 Technologies PDF417 ActiveX function call unicode access (web-activex.rules)
 * 1:15274 <-> DISABLED <-> WEB-ACTIVEX MW6 Technologies DataMatrix ActiveX clsid access (web-activex.rules)
 * 1:15275 <-> DISABLED <-> WEB-ACTIVEX MW6 Technologies DataMatrix ActiveX clsid unicode access (web-activex.rules)
 * 1:15276 <-> DISABLED <-> WEB-ACTIVEX MW6 Technologies DataMatrix ActiveX function call access (web-activex.rules)
 * 1:15277 <-> DISABLED <-> WEB-ACTIVEX MW6 Technologies DataMatrix ActiveX function call unicode access (web-activex.rules)
 * 1:15278 <-> DISABLED <-> WEB-ACTIVEX MW6 Technologies Aztec ActiveX clsid access (web-activex.rules)
 * 1:15279 <-> DISABLED <-> WEB-ACTIVEX MW6 Technologies Aztec ActiveX clsid unicode access (web-activex.rules)
 * 1:15280 <-> DISABLED <-> WEB-ACTIVEX MW6 Technologies Aztec ActiveX function call access (web-activex.rules)
 * 1:15281 <-> DISABLED <-> WEB-ACTIVEX MW6 Technologies Aztec ActiveX function call unicode access (web-activex.rules)
 * 1:15282 <-> DISABLED <-> WEB-ACTIVEX FlexCell Grid ActiveX clsid access (web-activex.rules)
 * 1:15283 <-> DISABLED <-> WEB-ACTIVEX FlexCell Grid ActiveX clsid unicode access (web-activex.rules)
 * 1:15284 <-> DISABLED <-> WEB-ACTIVEX NCTAudioGrabber2 ActiveX clsid access (web-activex.rules)
 * 1:15285 <-> DISABLED <-> WEB-ACTIVEX NCTAudioGrabber2 ActiveX clsid unicode access (web-activex.rules)
 * 1:15286 <-> DISABLED <-> WEB-ACTIVEX NCTAudioGrabber2 ActiveX function call access (web-activex.rules)
 * 1:15287 <-> DISABLED <-> WEB-ACTIVEX NCTAudioGrabber2 ActiveX function call unicode access (web-activex.rules)
 * 1:15288 <-> DISABLED <-> WEB-ACTIVEX NCTAudioInformation2 ActiveX clsid access (web-activex.rules)
 * 1:15289 <-> DISABLED <-> WEB-ACTIVEX NCTAudioInformation2 ActiveX clsid unicode access (web-activex.rules)
 * 1:15290 <-> DISABLED <-> WEB-ACTIVEX NCTAudioInformation2 ActiveX function call access (web-activex.rules)
 * 1:15291 <-> DISABLED <-> WEB-ACTIVEX NCTAudioInformation2 ActiveX function call unicode access (web-activex.rules)
 * 1:15295 <-> DISABLED <-> BOTNET-CNC Trojan.Bankpatch.C configuration attempt (botnet-cnc.rules)
 * 1:15296 <-> DISABLED <-> BOTNET-CNC Trojan.Bankpatch.C malicious file download attempt (botnet-cnc.rules)
 * 1:15297 <-> DISABLED <-> BOTNET-CNC Trojan.Bankpatch.C report home attempt (botnet-cnc.rules)
 * 1:15307 <-> DISABLED <-> WEB-ACTIVEX Microsoft Animation Control ActiveX clsid access (web-activex.rules)
 * 1:15308 <-> DISABLED <-> WEB-ACTIVEX Microsoft Animation Control ActiveX clsid unicode access (web-activex.rules)
 * 1:15309 <-> DISABLED <-> WEB-ACTIVEX Microsoft Animation Control ActiveX function call access (web-activex.rules)
 * 1:1531 <-> DISABLED <-> WEB-CGI bb-hist.sh attempt (web-cgi.rules)
 * 1:15310 <-> DISABLED <-> WEB-ACTIVEX Microsoft Animation Control ActiveX function call unicode access (web-activex.rules)
 * 1:15312 <-> DISABLED <-> WEB-ACTIVEX Research In Motion AxLoader ActiveX clsid unicode access (web-activex.rules)
 * 1:15313 <-> DISABLED <-> WEB-ACTIVEX Research In Motion AxLoader ActiveX function call access (web-activex.rules)
 * 1:15314 <-> DISABLED <-> WEB-ACTIVEX Research In Motion AxLoader ActiveX function call unicode access (web-activex.rules)
 * 1:15315 <-> DISABLED <-> WEB-ACTIVEX Akamai DownloadManager ActiveX clsid access (web-activex.rules)
 * 1:15316 <-> DISABLED <-> WEB-ACTIVEX Akamai DownloadManager ActiveX clsid unicode access (web-activex.rules)
 * 1:15317 <-> DISABLED <-> WEB-ACTIVEX Akamai DownloadManager ActiveX function call access (web-activex.rules)
 * 1:15318 <-> DISABLED <-> WEB-ACTIVEX Akamai DownloadManager ActiveX function call unicode access (web-activex.rules)
 * 1:15319 <-> ENABLED <-> NETBIOS-DG SMB /sql/query create tree attempt (netbios.rules)
 * 1:1532 <-> DISABLED <-> WEB-CGI bb-hostscv.sh attempt (web-cgi.rules)
 * 1:15320 <-> ENABLED <-> NETBIOS-DG SMB /sql/query unicode create tree attempt (netbios.rules)
 * 1:15321 <-> ENABLED <-> NETBIOS SMB /sql/query create tree attempt (netbios.rules)
 * 1:15322 <-> ENABLED <-> NETBIOS SMB /sql/query unicode create tree attempt (netbios.rules)
 * 1:15323 <-> ENABLED <-> NETBIOS-DG SMB /sql/query andx create tree attempt (netbios.rules)
 * 1:15324 <-> ENABLED <-> NETBIOS-DG SMB /sql/query unicode andx create tree attempt (netbios.rules)
 * 1:15325 <-> ENABLED <-> NETBIOS SMB /sql/query andx create tree attempt (netbios.rules)
 * 1:15326 <-> ENABLED <-> NETBIOS SMB /sql/query unicode andx create tree attempt (netbios.rules)
 * 1:1533 <-> DISABLED <-> WEB-CGI bb-hostscv.sh access (web-cgi.rules)
 * 1:15330 <-> DISABLED <-> WEB-ACTIVEX Nokia Phoenix Service 1 ActiveX clsid access (web-activex.rules)
 * 1:15331 <-> DISABLED <-> WEB-ACTIVEX Nokia Phoenix Service 1 ActiveX clsid unicode access (web-activex.rules)
 * 1:15332 <-> DISABLED <-> WEB-ACTIVEX Nokia Phoenix Service 2 ActiveX clsid access (web-activex.rules)
 * 1:15333 <-> DISABLED <-> WEB-ACTIVEX Nokia Phoenix Service 2 ActiveX clsid unicode access (web-activex.rules)
 * 1:15334 <-> DISABLED <-> WEB-ACTIVEX GeoVision LiveX 7000 ActiveX clsid access (web-activex.rules)
 * 1:15335 <-> DISABLED <-> WEB-ACTIVEX GeoVision LiveX 7000 ActiveX clsid unicode access (web-activex.rules)
 * 1:15336 <-> DISABLED <-> WEB-ACTIVEX GeoVision LiveX 7000 ActiveX function call access (web-activex.rules)
 * 1:15337 <-> DISABLED <-> WEB-ACTIVEX GeoVision LiveX 7000 ActiveX function call unicode access (web-activex.rules)
 * 1:15338 <-> DISABLED <-> WEB-ACTIVEX GeoVision LiveX 8120 ActiveX clsid access (web-activex.rules)
 * 1:15339 <-> DISABLED <-> WEB-ACTIVEX GeoVision LiveX 8120 ActiveX clsid unicode access (web-activex.rules)
 * 1:1534 <-> DISABLED <-> WEB-CGI agora.cgi attempt (web-cgi.rules)
 * 1:15340 <-> DISABLED <-> WEB-ACTIVEX GeoVision LiveX 8120 ActiveX function call access (web-activex.rules)
 * 1:15341 <-> DISABLED <-> WEB-ACTIVEX GeoVision LiveX 8120 ActiveX function call unicode access (web-activex.rules)
 * 1:15342 <-> DISABLED <-> WEB-ACTIVEX GeoVision LiveX 8200 ActiveX clsid access (web-activex.rules)
 * 1:15343 <-> DISABLED <-> WEB-ACTIVEX GeoVision LiveX 8200 ActiveX clsid unicode access (web-activex.rules)
 * 1:15344 <-> DISABLED <-> WEB-ACTIVEX GeoVision LiveX 8200 ActiveX function call access (web-activex.rules)
 * 1:15345 <-> DISABLED <-> WEB-ACTIVEX GeoVision LiveX 8200 ActiveX function call unicode access (web-activex.rules)
 * 1:15346 <-> DISABLED <-> WEB-ACTIVEX Synactis ALL In-The-Box ActiveX clsid access (web-activex.rules)
 * 1:15347 <-> DISABLED <-> WEB-ACTIVEX Synactis ALL In-The-Box ActiveX clsid unicode access (web-activex.rules)
 * 1:15348 <-> DISABLED <-> WEB-ACTIVEX Synactis ALL In-The-Box ActiveX function call access (web-activex.rules)
 * 1:15349 <-> DISABLED <-> WEB-ACTIVEX Synactis ALL In-The-Box ActiveX function call unicode access (web-activex.rules)
 * 1:1535 <-> DISABLED <-> WEB-CGI bizdbsearch access (web-cgi.rules)
 * 1:15350 <-> DISABLED <-> WEB-ACTIVEX Web on Windows ActiveX clsid access (web-activex.rules)
 * 1:15351 <-> DISABLED <-> WEB-ACTIVEX Web on Windows ActiveX clsid unicode access (web-activex.rules)
 * 1:15352 <-> DISABLED <-> WEB-ACTIVEX Web on Windows ActiveX function call access (web-activex.rules)
 * 1:15353 <-> DISABLED <-> WEB-ACTIVEX Web on Windows ActiveX function call unicode access (web-activex.rules)
 * 1:1536 <-> DISABLED <-> WEB-CGI calendar_admin.pl arbitrary command execution attempt (web-cgi.rules)
 * 1:15361 <-> ENABLED <-> POLICY pdf file sent via email (policy.rules)
 * 1:15368 <-> DISABLED <-> WEB-ACTIVEX FathFTP ActiveX clsid access (web-activex.rules)
 * 1:15369 <-> DISABLED <-> WEB-ACTIVEX FathFTP ActiveX clsid unicode access (web-activex.rules)
 * 1:1537 <-> DISABLED <-> WEB-CGI calendar_admin.pl access (web-cgi.rules)
 * 1:15370 <-> DISABLED <-> WEB-ACTIVEX FathFTP ActiveX function call access (web-activex.rules)
 * 1:15371 <-> DISABLED <-> WEB-ACTIVEX FathFTP ActiveX function call unicode access (web-activex.rules)
 * 1:15372 <-> DISABLED <-> WEB-ACTIVEX iDefense COMRaider ActiveX clsid access (web-activex.rules)
 * 1:15373 <-> DISABLED <-> WEB-ACTIVEX iDefense COMRaider ActiveX clsid unicode access (web-activex.rules)
 * 1:15374 <-> DISABLED <-> WEB-ACTIVEX iDefense COMRaider ActiveX function call access (web-activex.rules)
 * 1:15375 <-> DISABLED <-> WEB-ACTIVEX iDefense COMRaider ActiveX function call unicode access (web-activex.rules)
 * 1:15376 <-> DISABLED <-> WEB-ACTIVEX Sopcast SopCore ActiveX clsid access (web-activex.rules)
 * 1:15377 <-> DISABLED <-> WEB-ACTIVEX Sopcast SopCore ActiveX clsid unicode access (web-activex.rules)
 * 1:15378 <-> DISABLED <-> WEB-ACTIVEX Sopcast SopCore ActiveX function call access (web-activex.rules)
 * 1:15379 <-> DISABLED <-> WEB-ACTIVEX Sopcast SopCore ActiveX function call unicode access (web-activex.rules)
 * 1:15380 <-> DISABLED <-> WEB-ACTIVEX HP Virtual Rooms v7 ActiveX clsid access (web-activex.rules)
 * 1:15381 <-> DISABLED <-> WEB-ACTIVEX HP Virtual Rooms v7 ActiveX clsid unicode access (web-activex.rules)
 * 1:15382 <-> ENABLED <-> SPECIFIC-THREATS X.Org X Font Server QueryXBitmaps and QueryXExtents Handlers integer overflow attempt (specific-threats.rules)
 * 1:1539 <-> DISABLED <-> WEB-CGI /cgi-bin/ls access (web-cgi.rules)
 * 1:1540 <-> DISABLED <-> WEB-COLDFUSION ?Mode=debug attempt (web-coldfusion.rules)
 * 1:1542 <-> DISABLED <-> WEB-CGI cgimail access (web-cgi.rules)
 * 1:15423 <-> DISABLED <-> BOTNET-CNC Clampi virus communication detected (botnet-cnc.rules)
 * 1:15424 <-> DISABLED <-> WEB-PHP phpBB mod shoutbox sql injection attempt (web-php.rules)
 * 1:15425 <-> DISABLED <-> WEB-PHP phpBB mod tag board sql injection attempt (web-php.rules)
 * 1:1543 <-> DISABLED <-> WEB-CGI cgiwrap access (web-cgi.rules)
 * 1:15432 <-> DISABLED <-> WEB-PHP wordpress cat parameter arbitrary file execution attempt (web-php.rules)
 * 1:15448 <-> ENABLED <-> NETBIOS DCERPC NCADG-IP-UDP srvsvc NetrShareEnum null policy handle attempt (netbios.rules)
 * 1:1547 <-> DISABLED <-> WEB-CGI csSearch.cgi arbitrary command execution attempt (web-cgi.rules)
 * 1:15476 <-> DISABLED <-> SPYWARE-PUT Waledac spam bot HTTP POST request (spyware-put.rules)
 * 1:1548 <-> DISABLED <-> WEB-CGI csSearch.cgi access (web-cgi.rules)
 * 1:15508 <-> DISABLED <-> SPECIFIC-THREATS DCERPC NCADG-IP-UDP lsarpc LsarLookupSids translated_names overflow attempt (specific-threats.rules)
 * 1:15511 <-> DISABLED <-> SPECIFIC-THREATS Oracle WebLogic Apache Connector buffer overflow attempt (specific-threats.rules)
 * 1:1554 <-> DISABLED <-> WEB-CGI dbman db.cgi access (web-cgi.rules)
 * 1:15543 <-> DISABLED <-> WEB-ACTIVEX Microsoft Communications Control v6 ActiveX clsid access (web-activex.rules)
 * 1:15544 <-> DISABLED <-> WEB-ACTIVEX Microsoft Communications Control v6 ActiveX clsid unicode access (web-activex.rules)
 * 1:15545 <-> DISABLED <-> WEB-ACTIVEX Microsoft Communications Control v6 ActiveX function call access (web-activex.rules)
 * 1:15546 <-> DISABLED <-> WEB-ACTIVEX Microsoft Communications Control v6 ActiveX function call unicode access (web-activex.rules)
 * 1:15547 <-> DISABLED <-> WEB-ACTIVEX eBay Picture Uploads control 1 ActiveX clsid access (web-activex.rules)
 * 1:15548 <-> DISABLED <-> WEB-ACTIVEX eBay Picture Uploads control 1 ActiveX clsid unicode access (web-activex.rules)
 * 1:15549 <-> DISABLED <-> WEB-ACTIVEX eBay Picture Uploads control 1 ActiveX function call access (web-activex.rules)
 * 1:1555 <-> DISABLED <-> WEB-CGI DCShop access (web-cgi.rules)
 * 1:15550 <-> DISABLED <-> WEB-ACTIVEX eBay Picture Uploads control 1 ActiveX function call unicode access (web-activex.rules)
 * 1:15551 <-> DISABLED <-> WEB-ACTIVEX eBay Picture Uploads control 2 ActiveX clsid access (web-activex.rules)
 * 1:15552 <-> DISABLED <-> WEB-ACTIVEX eBay Picture Uploads control 2 ActiveX clsid unicode access (web-activex.rules)
 * 1:15557 <-> DISABLED <-> WEB-ACTIVEX SAP AG SAPgui EnjoySAP ActiveX clsid access (web-activex.rules)
 * 1:15558 <-> DISABLED <-> WEB-ACTIVEX SAP AG SAPgui EnjoySAP ActiveX clsid unicode access (web-activex.rules)
 * 1:1556 <-> DISABLED <-> WEB-CGI DCShop orders.txt access (web-cgi.rules)
 * 1:15568 <-> DISABLED <-> CHAT AIM encrypted login attempt (chat.rules)
 * 1:15569 <-> DISABLED <-> CHAT Yahoo encrypted login attempt (chat.rules)
 * 1:1557 <-> DISABLED <-> WEB-CGI DCShop auth_user_file.txt access (web-cgi.rules)
 * 1:15576 <-> DISABLED <-> CHAT MSN Messenger web client login (chat.rules)
 * 1:15577 <-> DISABLED <-> CHAT MSN Messenger web client activity (chat.rules)
 * 1:15578 <-> DISABLED <-> SPECIFIC-THREATS Slowloris http DoS tool (specific-threats.rules)
 * 1:15579 <-> ENABLED <-> SPECIFIC-THREATS Squid NTLM fakeauth_auth Helper denial of service attempt (specific-threats.rules)
 * 1:15580 <-> ENABLED <-> SPECIFIC-THREATS Squid oversized reply header handling exploit attempt (specific-threats.rules)
 * 1:15584 <-> DISABLED <-> SQL char and sysobjects - possible sql injection recon attempt (sql.rules)
 * 1:15588 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 1 ActiveX clsid access (web-activex.rules)
 * 1:15589 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 1 ActiveX clsid unicode access (web-activex.rules)
 * 1:15590 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 10 ActiveX clsid access (web-activex.rules)
 * 1:15591 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 10 ActiveX clsid unicode access (web-activex.rules)
 * 1:15592 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 11 ActiveX clsid access (web-activex.rules)
 * 1:15593 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 11 ActiveX clsid unicode access (web-activex.rules)
 * 1:15594 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 12 ActiveX clsid access (web-activex.rules)
 * 1:15595 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 12 ActiveX clsid unicode access (web-activex.rules)
 * 1:15596 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 13 ActiveX clsid access (web-activex.rules)
 * 1:15597 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 13 ActiveX clsid unicode access (web-activex.rules)
 * 1:15598 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 14 ActiveX clsid access (web-activex.rules)
 * 1:15599 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 14 ActiveX clsid unicode access (web-activex.rules)
 * 1:15600 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 15 ActiveX clsid access (web-activex.rules)
 * 1:15601 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 15 ActiveX clsid unicode access (web-activex.rules)
 * 1:15602 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 16 ActiveX clsid access (web-activex.rules)
 * 1:15603 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 16 ActiveX clsid unicode access (web-activex.rules)
 * 1:15604 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 17 ActiveX clsid access (web-activex.rules)
 * 1:15605 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 17 ActiveX clsid unicode access (web-activex.rules)
 * 1:15606 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 18 ActiveX clsid access (web-activex.rules)
 * 1:15607 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 18 ActiveX clsid unicode access (web-activex.rules)
 * 1:15608 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 19 ActiveX clsid access (web-activex.rules)
 * 1:15609 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 19 ActiveX clsid unicode access (web-activex.rules)
 * 1:15610 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 2 ActiveX clsid access (web-activex.rules)
 * 1:15611 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 2 ActiveX clsid unicode access (web-activex.rules)
 * 1:15612 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 20 ActiveX clsid access (web-activex.rules)
 * 1:15613 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 20 ActiveX clsid unicode access (web-activex.rules)
 * 1:15614 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 21 ActiveX clsid access (web-activex.rules)
 * 1:15615 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 21 ActiveX clsid unicode access (web-activex.rules)
 * 1:15616 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 22 ActiveX clsid access (web-activex.rules)
 * 1:15617 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 22 ActiveX clsid unicode access (web-activex.rules)
 * 1:15618 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 23 ActiveX clsid access (web-activex.rules)
 * 1:15619 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 23 ActiveX clsid unicode access (web-activex.rules)
 * 1:15620 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 24 ActiveX clsid access (web-activex.rules)
 * 1:15621 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 24 ActiveX clsid unicode access (web-activex.rules)
 * 1:15622 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 25 ActiveX clsid access (web-activex.rules)
 * 1:15623 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 25 ActiveX clsid unicode access (web-activex.rules)
 * 1:15624 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 26 ActiveX clsid access (web-activex.rules)
 * 1:15625 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 26 ActiveX clsid unicode access (web-activex.rules)
 * 1:15626 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 27 ActiveX clsid access (web-activex.rules)
 * 1:15627 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 27 ActiveX clsid unicode access (web-activex.rules)
 * 1:15628 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 28 ActiveX clsid access (web-activex.rules)
 * 1:15629 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 28 ActiveX clsid unicode access (web-activex.rules)
 * 1:15630 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 29 ActiveX clsid access (web-activex.rules)
 * 1:15631 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 29 ActiveX clsid unicode access (web-activex.rules)
 * 1:15632 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 3 ActiveX clsid access (web-activex.rules)
 * 1:15633 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 3 ActiveX clsid unicode access (web-activex.rules)
 * 1:15634 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 30 ActiveX clsid access (web-activex.rules)
 * 1:15635 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 30 ActiveX clsid unicode access (web-activex.rules)
 * 1:15636 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 31 ActiveX clsid access (web-activex.rules)
 * 1:15637 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 31 ActiveX clsid unicode access (web-activex.rules)
 * 1:15638 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 32 ActiveX clsid access (web-activex.rules)
 * 1:15639 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 32 ActiveX clsid unicode access (web-activex.rules)
 * 1:15640 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 33 ActiveX clsid access (web-activex.rules)
 * 1:15641 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 33 ActiveX clsid unicode access (web-activex.rules)
 * 1:15642 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 34 ActiveX clsid access (web-activex.rules)
 * 1:15643 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 34 ActiveX clsid unicode access (web-activex.rules)
 * 1:15644 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 35 ActiveX clsid access (web-activex.rules)
 * 1:15645 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 35 ActiveX clsid unicode access (web-activex.rules)
 * 1:15646 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 36 ActiveX clsid access (web-activex.rules)
 * 1:15647 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 36 ActiveX clsid unicode access (web-activex.rules)
 * 1:15648 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 37 ActiveX clsid access (web-activex.rules)
 * 1:15649 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 37 ActiveX clsid unicode access (web-activex.rules)
 * 1:1565 <-> DISABLED <-> WEB-CGI eshop.pl arbitrary command execution attempt (web-cgi.rules)
 * 1:15650 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 38 ActiveX clsid access (web-activex.rules)
 * 1:15651 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 38 ActiveX clsid unicode access (web-activex.rules)
 * 1:15652 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 39 ActiveX clsid access (web-activex.rules)
 * 1:15653 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 39 ActiveX clsid unicode access (web-activex.rules)
 * 1:15654 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 4 ActiveX clsid access (web-activex.rules)
 * 1:15655 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 4 ActiveX clsid unicode access (web-activex.rules)
 * 1:15656 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 40 ActiveX clsid access (web-activex.rules)
 * 1:15657 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 40 ActiveX clsid unicode access (web-activex.rules)
 * 1:15658 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 41 ActiveX clsid access (web-activex.rules)
 * 1:15659 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 41 ActiveX clsid unicode access (web-activex.rules)
 * 1:1566 <-> DISABLED <-> WEB-CGI eshop.pl access (web-cgi.rules)
 * 1:15660 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 42 ActiveX clsid access (web-activex.rules)
 * 1:15661 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 42 ActiveX clsid unicode access (web-activex.rules)
 * 1:15662 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 43 ActiveX clsid access (web-activex.rules)
 * 1:15663 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 43 ActiveX clsid unicode access (web-activex.rules)
 * 1:15664 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 44 ActiveX clsid access (web-activex.rules)
 * 1:15665 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 44 ActiveX clsid unicode access (web-activex.rules)
 * 1:15666 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 45 ActiveX clsid access (web-activex.rules)
 * 1:15667 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 45 ActiveX clsid unicode access (web-activex.rules)
 * 1:15668 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 5 ActiveX clsid access (web-activex.rules)
 * 1:15669 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 5 ActiveX clsid unicode access (web-activex.rules)
 * 1:15674 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 8 ActiveX clsid access (web-activex.rules)
 * 1:15675 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 8 ActiveX clsid unicode access (web-activex.rules)
 * 1:15676 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 9 ActiveX clsid access (web-activex.rules)
 * 1:15677 <-> DISABLED <-> WEB-ACTIVEX Microsoft Video 9 ActiveX clsid unicode access (web-activex.rules)
 * 1:15679 <-> ENABLED <-> SPECIFIC-THREATS Microsoft DirectShow ActiveX exploit via JavaScript - unicode encoding (specific-threats.rules)
 * 1:1569 <-> DISABLED <-> WEB-CGI loadpage.cgi directory traversal attempt (web-cgi.rules)
 * 1:1570 <-> DISABLED <-> WEB-CGI loadpage.cgi access (web-cgi.rules)
 * 1:15701 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Windows 2000 domain authentication bypass attempt (specific-threats.rules)
 * 1:1571 <-> DISABLED <-> WEB-CGI dcforum.cgi directory traversal attempt (web-cgi.rules)
 * 1:1572 <-> DISABLED <-> WEB-CGI commerce.cgi arbitrary file access attempt (web-cgi.rules)
 * 1:1573 <-> DISABLED <-> WEB-CGI cgiforum.pl attempt (web-cgi.rules)
 * 1:1574 <-> DISABLED <-> WEB-CGI directorypro.cgi attempt (web-cgi.rules)
 * 1:15852 <-> DISABLED <-> WEB-ACTIVEX Microsoft Office Web Components Datasource ActiveX clsid access (web-activex.rules)
 * 1:15853 <-> DISABLED <-> WEB-ACTIVEX Microsoft Office Web Components Datasource ActiveX clsid unicode access (web-activex.rules)
 * 1:15855 <-> DISABLED <-> WEB-ACTIVEX Microsoft Office Spreadsheet 10.0 ActiveX function call access (web-activex.rules)
 * 1:15856 <-> DISABLED <-> WEB-ACTIVEX Microsoft Office Spreadsheet 10.0 ActiveX function call unicode access (web-activex.rules)
 * 1:15858 <-> DISABLED <-> WEB-ACTIVEX Microsoft Office Web Components Spreadsheet ActiveX clsid access (web-activex.rules)
 * 1:15859 <-> DISABLED <-> WEB-ACTIVEX Microsoft Office Web Components Spreadsheet ActiveX clsid unicode access (web-activex.rules)
 * 1:15874 <-> DISABLED <-> SQL union select - possible sql injection attempt - POST parameter (sql.rules)
 * 1:15875 <-> DISABLED <-> SQL generic sql insert injection atttempt - POST parameter (sql.rules)
 * 1:15876 <-> DISABLED <-> SQL generic sql update injection attempt - POST parameter (sql.rules)
 * 1:15877 <-> DISABLED <-> SQL generic sql exec injection attempt - POST parameter (sql.rules)
 * 1:15878 <-> DISABLED <-> WEB-ACTIVEX AcerCtrls.APlunch ActiveX clsid access (web-activex.rules)
 * 1:15879 <-> DISABLED <-> WEB-ACTIVEX AcerCtrls.APlunch ActiveX clsid unicode access (web-activex.rules)
 * 1:15880 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer popup window object tag code execution attempt (specific-threats.rules)
 * 1:15881 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP spoolss EnumPrinters Name Field attempt (netbios.rules)
 * 1:15883 <-> DISABLED <-> EXPLOIT SAPLPD 0x01 command buffer overflow attempt (exploit.rules)
 * 1:15884 <-> DISABLED <-> EXPLOIT SAPLPD 0x02 command buffer overflow attempt (exploit.rules)
 * 1:15885 <-> DISABLED <-> EXPLOIT SAPLPD 0x03 command buffer overflow attempt (exploit.rules)
 * 1:15886 <-> DISABLED <-> EXPLOIT SAPLPD 0x04 command buffer overflow attempt (exploit.rules)
 * 1:15887 <-> DISABLED <-> EXPLOIT SAPLPD 0x05 command buffer overflow attempt (exploit.rules)
 * 1:15888 <-> DISABLED <-> EXPLOIT SAPLPD 0x31 command buffer overflow attempt (exploit.rules)
 * 1:15889 <-> DISABLED <-> EXPLOIT SAPLPD 0x32 command buffer overflow attempt (exploit.rules)
 * 1:15890 <-> DISABLED <-> EXPLOIT SAPLPD 0x33 command buffer overflow attempt (exploit.rules)
 * 1:15891 <-> DISABLED <-> EXPLOIT SAPLPD 0x34 command buffer overflow attempt (exploit.rules)
 * 1:15892 <-> DISABLED <-> DOS SAPLPD 0x53 command denial of service attempt (dos.rules)
 * 1:15894 <-> DISABLED <-> SPECIFIC-THREATS Microsoft Color Management Module remote code execution attempt (specific-threats.rules)
 * 1:1590 <-> DISABLED <-> WEB-CGI faqmanager.cgi arbitrary file access attempt (web-cgi.rules)
 * 1:1591 <-> DISABLED <-> WEB-CGI faqmanager.cgi access (web-cgi.rules)
 * 1:15911 <-> ENABLED <-> NETBIOS DCERPC NCACN-IP-TCP spoolss RouteRefreshPrinterChangeNotification attempt (netbios.rules)
 * 1:1592 <-> DISABLED <-> WEB-CGI /fcgi-bin/echo.exe access (web-cgi.rules)
 * 1:15923 <-> DISABLED <-> WEB-ACTIVEX DHTML Editing ActiveX clsid unicode access (web-activex.rules)
 * 1:15924 <-> DISABLED <-> WEB-ACTIVEX DHTML Editing ActiveX function call access (web-activex.rules)
 * 1:15925 <-> DISABLED <-> WEB-ACTIVEX DHTML Editing ActiveX function call unicode access (web-activex.rules)
 * 1:15926 <-> DISABLED <-> WEB-ACTIVEX PPStream PPSMediaList ActiveX clsid access (web-activex.rules)
 * 1:15927 <-> DISABLED <-> WEB-ACTIVEX PPStream PPSMediaList ActiveX clsid unicode access (web-activex.rules)
 * 1:15928 <-> DISABLED <-> WEB-ACTIVEX PPStream PPSMediaList ActiveX function call access (web-activex.rules)
 * 1:15929 <-> DISABLED <-> WEB-ACTIVEX PPStream PPSMediaList ActiveX function call unicode access (web-activex.rules)
 * 1:1593 <-> DISABLED <-> WEB-CGI FormHandler.cgi external site redirection attempt (web-cgi.rules)
 * 1:15934 <-> DISABLED <-> DNS dns response for rfc1918 172.16/12 address detected (dns.rules)
 * 1:15935 <-> DISABLED <-> DNS dns response for rfc1918 192.168/16 address detected (dns.rules)
 * 1:15936 <-> DISABLED <-> SPECIFIC-THREATS Sendmail identd command parsing vulnerability (specific-threats.rules)
 * 1:1594 <-> DISABLED <-> WEB-CGI FormHandler.cgi access (web-cgi.rules)
 * 1:15941 <-> DISABLED <-> DOS Squid Proxy TRACE request remote DoS attempt (dos.rules)
 * 1:15947 <-> DISABLED <-> SPECIFIC-THREATS Microsoft Outlook Web Access Cross-Site Scripting attempt (specific-threats.rules)
 * 1:15949 <-> DISABLED <-> SPECIFIC-THREATS McAfee LHA file handling overflow attempt (specific-threats.rules)
 * 1:15950 <-> ENABLED <-> SPECIFIC-THREATS McAfee LHA Type-2 file handling overflow attempt (specific-threats.rules)
 * 1:15951 <-> DISABLED <-> SPECIFIC-THREATS MySQL MaxDB Webtool GET command overflow attempt (specific-threats.rules)
 * 1:15954 <-> ENABLED <-> SPECIFIC-THREATS SpamAssassin malformed email header DoS attempt (specific-threats.rules)
 * 1:15960 <-> DISABLED <-> SPECIFIC-THREATS Novell eDirectory MS-DOS device name DoS attempt (specific-threats.rules)
 * 1:15961 <-> ENABLED <-> SPECIFIC-THREATS 3Com Network Supervisor directory traversal attempt (specific-threats.rules)
 * 1:15962 <-> ENABLED <-> SPECIFIC-THREATS Sybase EAServer WebConsole overflow attempt (specific-threats.rules)
 * 1:15963 <-> DISABLED <-> SPECIFIC-THREATS Red Hat Enterprise Linux DNS resolver buffer overflow attempt (specific-threats.rules)
 * 1:15964 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Exchange OWA XSS and spoofing attempt (specific-threats.rules)
 * 1:15965 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Explorer long share name buffer overflow attempt (specific-threats.rules)
 * 1:15966 <-> ENABLED <-> SPECIFIC-THREATS F-Secure Anti-Virus LHA processing buffer overflow attempt (specific-threats.rules)
 * 1:1597 <-> DISABLED <-> WEB-CGI guestbook.cgi access (web-cgi.rules)
 * 1:15972 <-> DISABLED <-> SPECIFIC-THREATS single byte encoded name response (specific-threats.rules)
 * 1:15977 <-> ENABLED <-> SPECIFIC-THREATS PHP strip_tags bypass vulnerability exploit attempt (specific-threats.rules)
 * 1:1598 <-> DISABLED <-> WEB-CGI Home Free search.cgi directory traversal attempt (web-cgi.rules)
 * 1:15981 <-> ENABLED <-> SPECIFIC-THREATS zlib Denial of Service (specific-threats.rules)
 * 1:15983 <-> ENABLED <-> SPECIFIC-THREATS Samba arbitrary file access exploit attempt (specific-threats.rules)
 * 1:15984 <-> ENABLED <-> SPECIFIC-THREATS Samba Printer Change Notification Request DoS attempt (specific-threats.rules)
 * 1:15985 <-> ENABLED <-> SPECIFIC-THREATS Microsoft ASP.NET canonicalization exploit attempt (specific-threats.rules)
 * 1:15986 <-> ENABLED <-> SPECIFIC-THREATS Samba unicode filename buffer overflow attempt (specific-threats.rules)
 * 1:15988 <-> DISABLED <-> SPECIFIC-THREATS Microsoft ISA Server DNS spoofing attempt (specific-threats.rules)
 * 1:15989 <-> DISABLED <-> EXPLOIT Squid ASN.1 header parsing denial of service attempt (exploit.rules)
 * 1:1599 <-> DISABLED <-> WEB-CGI search.cgi access (web-cgi.rules)
 * 1:15992 <-> DISABLED <-> SPECIFIC-THREATS Trend Micro Products Antivirus Library overflow attempt (specific-threats.rules)
 * 1:15994 <-> ENABLED <-> SPECIFIC-THREATS Squid strListGetItem denial of service attempt (specific-threats.rules)
 * 1:15996 <-> DISABLED <-> SPECIFIC-THREATS Microsoft Negotiate SSP buffer overflow attempt (specific-threats.rules)
 * 1:1600 <-> DISABLED <-> WEB-CGI htsearch arbitrary configuration file attempt (web-cgi.rules)
 * 1:16005 <-> DISABLED <-> SPECIFIC-THREATS Mozilla browsers JavaScript argument passing code execution attempt (specific-threats.rules)
 * 1:16006 <-> DISABLED <-> SPECIFIC-THREATS Quicktime color table id memory corruption attempt (specific-threats.rules)
 * 1:16007 <-> DISABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer colgroup tag uninitialized memory exploit attempt (specific-threats.rules)
 * 1:1601 <-> DISABLED <-> WEB-CGI htsearch arbitrary file read attempt (web-cgi.rules)
 * 1:16010 <-> DISABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer Javascript Page update race condition attempt (specific-threats.rules)
 * 1:16011 <-> DISABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer CSS property method handling memory corruption attempt (specific-threats.rules)
 * 1:16012 <-> DISABLED <-> WEB-ACTIVEX Symantec SupportSoft SmartIssue ActiveX function call unicode access (web-activex.rules)
 * 1:16014 <-> DISABLED <-> DOS Novell eDirectory HTTP headers denial of service attempt (dos.rules)
 * 1:16015 <-> DISABLED <-> SPECIFIC-THREATS Norton Internet Security NBNS response processing stack overflow attempt (specific-threats.rules)
 * 1:16016 <-> ENABLED <-> SPECIFIC-THREATS Microsoft client for netware overflow attempt (specific-threats.rules)
 * 1:1602 <-> DISABLED <-> WEB-CGI htsearch access (web-cgi.rules)
 * 1:16021 <-> DISABLED <-> SPECIFIC-THREATS Apache http Server mod_tcl format string attempt (specific-threats.rules)
 * 1:16022 <-> DISABLED <-> SPECIFIC-THREATS Windows Vista Windows mail file execution attempt (specific-threats.rules)
 * 1:16024 <-> DISABLED <-> SPECIFIC-THREATS Mozilla Firefox Javascript Function focus overflow attempt (specific-threats.rules)
 * 1:16025 <-> DISABLED <-> SPECIFIC-THREATS MailEnable SMTP service SPF lookup buffer overflow attempt (specific-threats.rules)
 * 1:16029 <-> DISABLED <-> SPECIFIC-THREATS Microsoft Windows DNS client ATMA buffer overrun attempt (specific-threats.rules)
 * 1:16030 <-> DISABLED <-> SPECIFIC-THREATS Microsoft Windows DNS client TXT buffer overrun attempt (specific-threats.rules)
 * 1:16033 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer compressed content attempt (specific-threats.rules)
 * 1:16041 <-> DISABLED <-> SPECIFIC-THREATS Apple QuickTime FLIC animation file buffer overflow attempt (specific-threats.rules)
 * 1:16042 <-> DISABLED <-> SPECIFIC-THREATS Mozilla browsers CSS moz-binding cross domain scripting attempt (specific-threats.rules)
 * 1:16045 <-> DISABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer cross domain information disclosure attempt (specific-threats.rules)
 * 1:16047 <-> DISABLED <-> SPECIFIC-THREATS Mozilla Firefox layout frame constructor memory corruption attempt (specific-threats.rules)
 * 1:16049 <-> DISABLED <-> SPECIFIC-THREATS GNU Radius SQL accounting format string exploit attempt (specific-threats.rules)
 * 1:16057 <-> DISABLED <-> SPECIFIC-THREATS sendmail smtp timeout buffer overflow attempt (specific-threats.rules)
 * 1:16058 <-> DISABLED <-> SPECIFIC-THREATS Samba WINS Server Name Registration handling stack buffer overflow attempt (specific-threats.rules)
 * 1:1606 <-> DISABLED <-> WEB-CGI icat access (web-cgi.rules)
 * 1:16060 <-> DISABLED <-> SPECIFIC-THREATS IBM Lotus Domino LDAP server memory exception attempt (specific-threats.rules)
 * 1:16061 <-> DISABLED <-> MISC X PixMap file download (misc.rules)
 * 1:16064 <-> DISABLED <-> SPECIFIC-THREATS internet explorer onBeforeUnload address bar spoofing attempt (specific-threats.rules)
 * 1:16068 <-> ENABLED <-> SPECIFIC-THREATS Yahoo Music Jukebox ActiveX exploit (specific-threats.rules)
 * 1:1607 <-> DISABLED <-> WEB-CGI HyperSeek hsx.cgi access (web-cgi.rules)
 * 1:16077 <-> ENABLED <-> SPECIFIC-THREATS Tripwire format string vulnerability ftp exploit attempt (specific-threats.rules)
 * 1:16078 <-> DISABLED <-> SPECIFIC-THREATS PHP memory_limit vulnerability exploit attempt (specific-threats.rules)
 * 1:16079 <-> DISABLED <-> WEB-CGI uselang code injection (web-cgi.rules)
 * 1:1608 <-> DISABLED <-> WEB-CGI htmlscript attempt (web-cgi.rules)
 * 1:16087 <-> ENABLED <-> SPECIFIC-THREATS Multiple vendor AV gateway virus detection bypass attempt (specific-threats.rules)
 * 1:16089 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Windows embedded web font handling buffer overflow attempt (specific-threats.rules)
 * 1:16090 <-> DISABLED <-> SPECIFIC-THREATS Microsoft Core XML core services XMLHTTP control open method code execution attempt (specific-threats.rules)
 * 1:16091 <-> DISABLED <-> SPECIFIC-THREATS Macromedia Flash Media Server administration service denial of service attempt (specific-threats.rules)
 * 1:16098 <-> ENABLED <-> BACKDOOR win32.cekar variant runtime detection (backdoor.rules)
 * 1:1610 <-> DISABLED <-> WEB-CGI formmail arbitrary command execution attempt (web-cgi.rules)
 * 1:1611 <-> DISABLED <-> WEB-CGI eXtropia webstore access (web-cgi.rules)
 * 1:16141 <-> ENABLED <-> SPECIFIC-THREATS Kaspersky Online Scanner trojaned Dll download attempt (specific-threats.rules)
 * 1:16147 <-> DISABLED <-> SPECIFIC-THREATS Microsoft IIS malformed URL .dll denial of service attempt (specific-threats.rules)
 * 1:16148 <-> DISABLED <-> SPECIFIC-THREATS Apple QuickTime and iTunes heap memory corruption attempt (specific-threats.rules)
 * 1:16159 <-> DISABLED <-> WEB-ACTIVEX Microsoft Excel Add-in for SQL Analysis Services 1 ActiveX clsid access (web-activex.rules)
 * 1:1616 <-> DISABLED <-> DNS named version attempt (dns.rules)
 * 1:16160 <-> DISABLED <-> WEB-ACTIVEX Microsoft Excel Add-in for SQL Analysis Services 1 ActiveX clsid unicode access (web-activex.rules)
 * 1:16161 <-> DISABLED <-> WEB-ACTIVEX Microsoft Excel Add-in for SQL Analysis Services 2 ActiveX clsid access (web-activex.rules)
 * 1:16162 <-> DISABLED <-> WEB-ACTIVEX Microsoft Excel Add-in for SQL Analysis Services 2 ActiveX clsid unicode access (web-activex.rules)
 * 1:16163 <-> DISABLED <-> WEB-ACTIVEX Microsoft Excel Add-in for SQL Analysis Services 3 ActiveX clsid access (web-activex.rules)
 * 1:16164 <-> DISABLED <-> WEB-ACTIVEX Microsoft Excel Add-in for SQL Analysis Services 3 ActiveX clsid unicode access (web-activex.rules)
 * 1:16165 <-> DISABLED <-> WEB-ACTIVEX Microsoft Excel Add-in for SQL Analysis Services 4 ActiveX clsid access (web-activex.rules)
 * 1:16166 <-> DISABLED <-> WEB-ACTIVEX Microsoft Excel Add-in for SQL Analysis Services 4 ActiveX clsid unicode access (web-activex.rules)
 * 1:1617 <-> DISABLED <-> WEB-CGI Bugzilla doeditvotes.cgi access (web-cgi.rules)
 * 1:16197 <-> DISABLED <-> SPECIFIC-THREATS OpenLDAP ber_get_next BER decoding denial of service attempt (specific-threats.rules)
 * 1:16198 <-> DISABLED <-> SPECIFIC-THREATS Apache mod_auth_pgsql module logging facility format string exploit attempt (specific-threats.rules)
 * 1:16199 <-> DISABLED <-> SPECIFIC-THREATS SpamAssassin long message header denial of service attempt (specific-threats.rules)
 * 1:16200 <-> DISABLED <-> SPECIFIC-THREATS Firefox command line URL shell command injection attempt (specific-threats.rules)
 * 1:16201 <-> DISABLED <-> SPECIFIC-THREATS Ipswitch Collaboration Suite SMTP format string exploit attempt (specific-threats.rules)
 * 1:16206 <-> DISABLED <-> SPECIFIC-THREATS Microsoft Windows DNS server spoofing attempt (specific-threats.rules)
 * 1:16209 <-> DISABLED <-> DOS FreeRADIUS RADIUS server rad_decode remote denial of service attempt (dos.rules)
 * 1:16213 <-> ENABLED <-> EXPLOIT Red Hat Directory Server Accept-Language HTTP header parsing buffer overflow attempt (exploit.rules)
 * 1:16216 <-> ENABLED <-> SPECIFIC-THREATS IBM Tivoli Provisioning Manager for OS deployment HTTP server buffer attempt (specific-threats.rules)
 * 1:1628 <-> DISABLED <-> WEB-CGI FormHandler.cgi directory traversal attempt attempt (web-cgi.rules)
 * 1:16305 <-> DISABLED <-> WEB-ACTIVEX Symantec Altiris Deployment Solution ActiveX clsid access (web-activex.rules)
 * 1:16306 <-> DISABLED <-> WEB-ACTIVEX Symantec Altiris Deployment Solution ActiveX clsid unicode access (web-activex.rules)
 * 1:16307 <-> DISABLED <-> WEB-ACTIVEX Symantec Altiris Deployment Solution ActiveX function call access (web-activex.rules)
 * 1:16308 <-> DISABLED <-> WEB-ACTIVEX Symantec Altiris Deployment Solution ActiveX function call unicode access (web-activex.rules)
 * 1:16344 <-> DISABLED <-> SPECIFIC-THREATS Mozilla Firefox top-level script object offset calculation memory corruption attempt (specific-threats.rules)
 * 1:16350 <-> DISABLED <-> MISC ntp mode 7 denial of service attempt (misc.rules)
 * 1:16354 <-> DISABLED <-> POLICY Adobe PDF start-of-file alternate header obfuscation attempt (policy.rules)
 * 1:16363 <-> ENABLED <-> POLICY potentially executable file upload via FTP (policy.rules)
 * 1:1637 <-> DISABLED <-> WEB-CGI yabb access (web-cgi.rules)
 * 1:16379 <-> DISABLED <-> WEB-ACTIVEX SAP AG SAPgui sapirrfc ActiveX clsid access (web-activex.rules)
 * 1:16380 <-> DISABLED <-> WEB-ACTIVEX SAP AG SAPgui sapirrfc ActiveX clsid unicode access (web-activex.rules)
 * 1:16381 <-> ENABLED <-> NETBIOS SMB session negotiation request (netbios.rules)
 * 1:16390 <-> ENABLED <-> POLICY Adobe PDF alternate file magic obfuscation (policy.rules)
 * 1:1642 <-> DISABLED <-> WEB-CGI document.d2w access (web-cgi.rules)
 * 1:16424 <-> DISABLED <-> WEB-ACTIVEX Windows Script Host Shell Object ActiveX clsid access (web-activex.rules)
 * 1:1643 <-> DISABLED <-> WEB-CGI db2www access (web-cgi.rules)
 * 1:16431 <-> DISABLED <-> SQL generic sql with comments injection attempt - GET parameter (sql.rules)
 * 1:16432 <-> DISABLED <-> WEB-ACTIVEX Trend Micro Web Deployment ActiveX clsid access (web-activex.rules)
 * 1:16434 <-> ENABLED <-> POLICY Ultimate Packer for Executables/UPX v0.51-v0.61 packed file download attempt (policy.rules)
 * 1:16435 <-> ENABLED <-> POLICY Ultimate Packer for Executables/UPX v0.62-v1.22 packed file download attempt (policy.rules)
 * 1:16436 <-> ENABLED <-> POLICY Ultimate Packer for Executables/UPX v2.90,v2.93-3.00 packed file download attempt (policy.rules)
 * 1:16439 <-> DISABLED <-> BOTNET-CNC Possible Zeus User-Agent - _TEST_ (botnet-cnc.rules)
 * 1:1644 <-> DISABLED <-> WEB-CGI test-cgi attempt (web-cgi.rules)
 * 1:16440 <-> DISABLED <-> BOTNET-CNC Possible Zeus User-Agent - ie (botnet-cnc.rules)
 * 1:16441 <-> DISABLED <-> BOTNET-CNC Possible Zeus User-Agent - Download (botnet-cnc.rules)
 * 1:16442 <-> DISABLED <-> BOTNET-CNC Possible Zeus User-Agent - Mozilla (botnet-cnc.rules)
 * 1:1645 <-> DISABLED <-> WEB-CGI testcgi access (web-cgi.rules)
 * 1:1646 <-> DISABLED <-> WEB-CGI test.cgi access (web-cgi.rules)
 * 1:1648 <-> DISABLED <-> WEB-CGI perl.exe command attempt (web-cgi.rules)
 * 1:16483 <-> ENABLED <-> BOTNET-CNC Koobface worm submission of collected data to C&C server attempt (botnet-cnc.rules)
 * 1:1649 <-> DISABLED <-> WEB-CGI perl command attempt (web-cgi.rules)
 * 1:1650 <-> DISABLED <-> WEB-CGI tst.bat access (web-cgi.rules)
 * 1:1651 <-> DISABLED <-> WEB-CGI environ.pl access (web-cgi.rules)
 * 1:1652 <-> DISABLED <-> WEB-CGI campas attempt (web-cgi.rules)
 * 1:16525 <-> ENABLED <-> CHAT MSN Messenger web login attempt (chat.rules)
 * 1:1654 <-> DISABLED <-> WEB-CGI cart32.exe access (web-cgi.rules)
 * 1:1655 <-> DISABLED <-> WEB-CGI pfdispaly.cgi arbitrary command execution attempt (web-cgi.rules)
 * 1:16556 <-> DISABLED <-> SPECIFIC-THREATS 2imaegshack/lmageshack IM worm get request attempt (specific-threats.rules)
 * 1:16557 <-> DISABLED <-> SPECIFIC-THREATS 2imaegshack/lmageshack IM worm inbound communication attempt (specific-threats.rules)
 * 1:1656 <-> DISABLED <-> WEB-CGI pfdispaly.cgi access (web-cgi.rules)
 * 1:16565 <-> DISABLED <-> WEB-ACTIVEX Ultra Shareware Office ActiveX clsid access (web-activex.rules)
 * 1:16566 <-> DISABLED <-> WEB-ACTIVEX Tumbleweed SecureTransport ActiveX clsid access (web-activex.rules)
 * 1:16567 <-> DISABLED <-> WEB-ACTIVEX Tumbleweed SecureTransport ActiveX clsid unicode access (web-activex.rules)
 * 1:16568 <-> DISABLED <-> WEB-ACTIVEX Altnet Download Manager ADM4 ActiveX clsid access (web-activex.rules)
 * 1:16569 <-> DISABLED <-> WEB-ACTIVEX EnjoySAP kweditcontrol ActiveX clsid access (web-activex.rules)
 * 1:1657 <-> DISABLED <-> WEB-CGI pagelog.cgi directory traversal attempt (web-cgi.rules)
 * 1:16570 <-> DISABLED <-> WEB-ACTIVEX EnjoySAP kweditcontrol ActiveX clsid unicode access (web-activex.rules)
 * 1:16571 <-> DISABLED <-> WEB-ACTIVEX EnjoySAP kweditcontrol ActiveX function call access (web-activex.rules)
 * 1:16572 <-> DISABLED <-> WEB-ACTIVEX EnjoySAP kweditcontrol ActiveX function call unicode access (web-activex.rules)
 * 1:16573 <-> ENABLED <-> WEB-ACTIVEX obfuscated ActiveX object instantiation via unescape (web-activex.rules)
 * 1:16574 <-> ENABLED <-> WEB-ACTIVEX obfuscated ActiveX object instantiation via fromCharCode (web-activex.rules)
 * 1:16575 <-> DISABLED <-> SPECIFIC-THREATS RKD Software BarCode ActiveX buffer overflow attempt (specific-threats.rules)
 * 1:16579 <-> ENABLED <-> CHAT mIRC IRC URL buffer overflow attempt (chat.rules)
 * 1:1658 <-> DISABLED <-> WEB-CGI pagelog.cgi access (web-cgi.rules)
 * 1:16580 <-> DISABLED <-> SPECIFIC-THREATS NCTAudioFile2 ActiveX clsid access via object tag (specific-threats.rules)
 * 1:16581 <-> DISABLED <-> SPECIFIC-THREATS Persits Software XUpload ActiveX clsid unsafe function access attempt (specific-threats.rules)
 * 1:16587 <-> DISABLED <-> SPECIFIC-THREATS Symantec multiple products AeXNSConsoleUtilities buffer overflow attempt (specific-threats.rules)
 * 1:1659 <-> DISABLED <-> WEB-COLDFUSION sendmail.cfm access (web-coldfusion.rules)
 * 1:16590 <-> ENABLED <-> SPECIFIC-THREATS EasyMail Objects ActiveX exploit attempt - 1 (specific-threats.rules)
 * 1:16591 <-> ENABLED <-> SPECIFIC-THREATS EasyMail Objects ActiveX exploit attempt - 2 (specific-threats.rules)
 * 1:16600 <-> DISABLED <-> BACKDOOR Otlard Trojan activity (backdoor.rules)
 * 1:16602 <-> DISABLED <-> SPECIFIC-THREATS Microsoft DirectShow 3 ActiveX exploit via JavaScript (specific-threats.rules)
 * 1:16607 <-> DISABLED <-> SPECIFIC-THREATS RealPlayer RAM Download Handler ActiveX exploit attempt (specific-threats.rules)
 * 1:16608 <-> DISABLED <-> SPECIFIC-THREATS HP Mercury Quality Center SPIDERLib ActiveX buffer overflow attempt (specific-threats.rules)
 * 1:16609 <-> DISABLED <-> SPECIFIC-THREATS RealPlayer ActiveX Import playlist name buffer overflow attempt (specific-threats.rules)
 * 1:16610 <-> DISABLED <-> SPECIFIC-THREATS IBM Access Support ActiveX GetXMLValue method buffer overflow attempt (specific-threats.rules)
 * 1:16629 <-> DISABLED <-> POLICY download of .bin file (policy.rules)
 * 1:16630 <-> DISABLED <-> POLICY download of .dat file (policy.rules)
 * 1:16635 <-> DISABLED <-> WEB-ACTIVEX Microsoft Internet Explorer 8 Developer Tool ActiveX clsid access (web-activex.rules)
 * 1:16671 <-> ENABLED <-> SPECIFIC-THREATS IBM Lotus Domino Web Access ActiveX exploit attempt (specific-threats.rules)
 * 1:16675 <-> ENABLED <-> SPECIFIC-THREATS CA BrightStor ListCtrl ActiveX exploit attempt (specific-threats.rules)
 * 1:16676 <-> ENABLED <-> SPECIFIC-THREATS Adobe Reader malformed FlateDecode colors declaration (specific-threats.rules)
 * 1:16678 <-> ENABLED <-> WEB-PHP Tandberg VCS local file disclosure attempt (web-php.rules)
 * 1:1668 <-> DISABLED <-> WEB-CGI /cgi-bin/ access (web-cgi.rules)
 * 1:16680 <-> DISABLED <-> POLICY Tandberg VCS SSH default key (policy.rules)
 * 1:16684 <-> ENABLED <-> DOS Samba smbd Session Setup AndX security blob length dos attempt  (dos.rules)
 * 1:16687 <-> DISABLED <-> WEB-ACTIVEX Juniper Networks SSL-VPN Client JuniperSetup ActiveX control buffer overflow attempt (web-activex.rules)
 * 1:1669 <-> DISABLED <-> WEB-CGI /cgi-dos/ access (web-cgi.rules)
 * 1:16690 <-> DISABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer createTextRange code execution attempt (specific-threats.rules)
 * 1:16694 <-> DISABLED <-> DOS RealNetworks Helix Server RTSP SETUP request denial of service attempt (dos.rules)
 * 1:16718 <-> DISABLED <-> EXPLOIT Skype URI handler input validation exploit attempt (exploit.rules)
 * 1:16725 <-> DISABLED <-> SPECIFIC-THREATS ActivePDF WebGrabber APWebGrb.ocx GetStatus method overflow attempt (specific-threats.rules)
 * 1:16735 <-> ENABLED <-> SPECIFIC-THREATS URSoft W32Dasm Import/Export function buffer overflow attempt (specific-threats.rules)
 * 1:16737 <-> ENABLED <-> SPECIFIC-THREATS Xenorate Media Player XPL file handling overflow attempt - 1 (specific-threats.rules)
 * 1:16747 <-> DISABLED <-> WEB-ACTIVEX IBM Access Support ActiveX clsid unicode access (web-activex.rules)
 * 1:16748 <-> DISABLED <-> WEB-ACTIVEX IBM Access Support ActiveX function call access (web-activex.rules)
 * 1:16749 <-> DISABLED <-> WEB-ACTIVEX IBM Access Support ActiveX function call unicode access (web-activex.rules)
 * 1:16754 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand andx create tree attempt (netbios.rules)
 * 1:16755 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand create tree attempt (netbios.rules)
 * 1:16756 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand unicode andx create tree attempt (netbios.rules)
 * 1:16757 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand unicode create tree attempt (netbios.rules)
 * 1:16758 <-> ENABLED <-> NETBIOS-DG SMB /PlughNTCommand andx create tree attempt (netbios.rules)
 * 1:16759 <-> ENABLED <-> NETBIOS-DG SMB /PlughNTCommand create tree attempt (netbios.rules)
 * 1:16760 <-> ENABLED <-> NETBIOS-DG SMB /PlughNTCommand unicode andx create tree attempt (netbios.rules)
 * 1:16761 <-> ENABLED <-> NETBIOS-DG SMB /PlughNTCommand unicode create tree attempt (netbios.rules)
 * 1:16767 <-> ENABLED <-> WEB-ACTIVEX AwingSoft Web3D Player ActiveX clsid access (web-activex.rules)
 * 1:16768 <-> ENABLED <-> WEB-ACTIVEX AwingSoft Web3D Player ActiveX clsid unicode access (web-activex.rules)
 * 1:16769 <-> ENABLED <-> WEB-ACTIVEX AwingSoft Web3D Player ActiveX function call access (web-activex.rules)
 * 1:16770 <-> ENABLED <-> WEB-ACTIVEX AwingSoft Web3D Player ActiveX function call unicode access (web-activex.rules)
 * 1:16772 <-> DISABLED <-> WEB-ACTIVEX EMC Captiva QuickScan Pro ActiveX clsid access (web-activex.rules)
 * 1:16773 <-> DISABLED <-> WEB-ACTIVEX EMC Captiva QuickScan Pro ActiveX clsid unicode access (web-activex.rules)
 * 1:16774 <-> DISABLED <-> WEB-ACTIVEX EMC Captiva QuickScan Pro ActiveX function call access (web-activex.rules)
 * 1:16775 <-> DISABLED <-> WEB-ACTIVEX EMC Captiva QuickScan Pro ActiveX function call unicode access (web-activex.rules)
 * 1:16779 <-> DISABLED <-> WEB-ACTIVEX EasyMail IMAP4 ActiveX clsid access (web-activex.rules)
 * 1:16780 <-> DISABLED <-> WEB-ACTIVEX EasyMail IMAP4 ActiveX clsid unicode access (web-activex.rules)
 * 1:16781 <-> DISABLED <-> WEB-ACTIVEX EasyMail IMAP4 ActiveX function call access (web-activex.rules)
 * 1:16782 <-> DISABLED <-> WEB-ACTIVEX EasyMail IMAP4 ActiveX function call unicode access (web-activex.rules)
 * 1:16783 <-> DISABLED <-> WEB-ACTIVEX Autodesk iDrop ActiveX clsid access (web-activex.rules)
 * 1:16784 <-> DISABLED <-> WEB-ACTIVEX Autodesk iDrop ActiveX function call access (web-activex.rules)
 * 1:16787 <-> ENABLED <-> SPECIFIC-THREATS Symantec multiple products AeXNSConsoleUtilities RunCMD buffer overflow attempt (specific-threats.rules)
 * 1:16791 <-> DISABLED <-> WEB-ACTIVEX SAP AG SAPgui EAI WebViewer3D ActiveX clsid access (web-activex.rules)
 * 1:16792 <-> DISABLED <-> WEB-ACTIVEX SAP AG SAPgui EAI WebViewer3D ActiveX clsid unicode access (web-activex.rules)
 * 1:16793 <-> DISABLED <-> WEB-ACTIVEX SAP AG SAPgui EAI WebViewer3D ActiveX function call access (web-activex.rules)
 * 1:16794 <-> DISABLED <-> WEB-ACTIVEX SAP AG SAPgui EAI WebViewer3D ActiveX function call unicode access (web-activex.rules)
 * 1:16795 <-> DISABLED <-> DOS Google Chrome FTP handling out-of-bounds array index denial of service attempt (dos.rules)
 * 1:16798 <-> DISABLED <-> SPECIFIC-THREATS Orbit Downloader long URL buffer overflow attempt (specific-threats.rules)
 * 1:16802 <-> DISABLED <-> WEB-ACTIVEX WinDVD IASystemInfo.dll ActiveX clsid access (web-activex.rules)
 * 1:16803 <-> DISABLED <-> WEB-ACTIVEX WinDVD IASystemInfo.dll ActiveX clsid unicode access (web-activex.rules)
 * 1:16809 <-> DISABLED <-> BOTNET-CNC known command and control channel traffic (botnet-cnc.rules)
 * 1:16810 <-> DISABLED <-> BOTNET-CNC known command and control channel traffic (botnet-cnc.rules)
 * 1:16811 <-> DISABLED <-> BOTNET-CNC known command and control channel traffic (botnet-cnc.rules)
 * 1:16812 <-> DISABLED <-> BOTNET-CNC known command and control channel traffic (botnet-cnc.rules)
 * 1:16813 <-> DISABLED <-> BOTNET-CNC known command and control channel traffic (botnet-cnc.rules)
 * 1:16814 <-> DISABLED <-> BOTNET-CNC known command and control channel traffic (botnet-cnc.rules)
 * 1:16815 <-> DISABLED <-> BOTNET-CNC known command and control channel traffic (botnet-cnc.rules)
 * 1:16816 <-> DISABLED <-> BOTNET-CNC known command and control channel traffic (botnet-cnc.rules)
 * 1:16817 <-> DISABLED <-> BOTNET-CNC known command and control channel traffic (botnet-cnc.rules)
 * 1:16818 <-> DISABLED <-> BOTNET-CNC known command and control channel traffic (botnet-cnc.rules)
 * 1:16819 <-> DISABLED <-> BOTNET-CNC known command and control channel traffic (botnet-cnc.rules)
 * 1:16820 <-> DISABLED <-> BOTNET-CNC known command and control channel traffic (botnet-cnc.rules)
 * 1:16821 <-> DISABLED <-> BOTNET-CNC known command and control channel traffic (botnet-cnc.rules)
 * 1:16822 <-> DISABLED <-> BOTNET-CNC known command and control channel traffic (botnet-cnc.rules)
 * 1:16823 <-> DISABLED <-> BOTNET-CNC known command and control channel traffic (botnet-cnc.rules)
 * 1:16824 <-> DISABLED <-> BOTNET-CNC known command and control channel traffic (botnet-cnc.rules)
 * 1:16825 <-> DISABLED <-> BOTNET-CNC known command and control channel traffic (botnet-cnc.rules)
 * 1:16826 <-> DISABLED <-> BOTNET-CNC known command and control channel traffic (botnet-cnc.rules)
 * 1:16827 <-> DISABLED <-> BOTNET-CNC known command and control channel traffic (botnet-cnc.rules)
 * 1:16828 <-> DISABLED <-> BOTNET-CNC known command and control channel traffic (botnet-cnc.rules)
 * 1:16829 <-> DISABLED <-> BOTNET-CNC known command and control channel traffic (botnet-cnc.rules)
 * 1:16830 <-> DISABLED <-> BOTNET-CNC known command and control channel traffic (botnet-cnc.rules)
 * 1:16831 <-> DISABLED <-> BOTNET-CNC known command and control channel traffic (botnet-cnc.rules)
 * 1:16832 <-> DISABLED <-> BOTNET-CNC known command and control channel traffic (botnet-cnc.rules)
 * 1:16833 <-> DISABLED <-> BOTNET-CNC known command and control channel traffic (botnet-cnc.rules)
 * 1:16834 <-> DISABLED <-> BLACKLIST DNS request for known malware domain qd.netkill.com.cn - Trojan-Downloader.Win32.Adload.rzx (blacklist.rules)
 * 1:16835 <-> DISABLED <-> BLACKLIST DNS request for known malware domain exe.146843.com - Trojan.Win32.Opeg.a (blacklist.rules)
 * 1:16836 <-> DISABLED <-> BLACKLIST DNS request for known malware domain ra03.e5732.com - Trojan-Clicker.Win32.Small.afg (blacklist.rules)
 * 1:16837 <-> DISABLED <-> BLACKLIST DNS request for known malware domain dangercheats.com.br - Trojan.Win32.Refroso.arnq (blacklist.rules)
 * 1:16838 <-> DISABLED <-> BLACKLIST DNS request for known malware domain xlm.ppvsr.com - Trojan-GameThief.Win32.OnLineGames.wwcf (blacklist.rules)
 * 1:16839 <-> DISABLED <-> BLACKLIST DNS request for known malware domain sh16.e8753.com - Trojan.Win32.Scar.ccqb (blacklist.rules)
 * 1:16840 <-> DISABLED <-> BLACKLIST DNS request for known malware domain rx11.e6532.com - Trojan.Win32.Opeg.a (blacklist.rules)
 * 1:16841 <-> DISABLED <-> BLACKLIST DNS request for known malware domain podgorz.org - Trojan-Spy.Win32.Zbot.gen (blacklist.rules)
 * 1:16842 <-> DISABLED <-> BLACKLIST DNS request for known malware domain sp19.e4578.com - Trojan-Downloader.Win32.Genome.njz (blacklist.rules)
 * 1:16843 <-> DISABLED <-> BLACKLIST DNS request for known malware domain 1.7zsm.com - Trojan-Downloader.Win32.Agent.dtuo (blacklist.rules)
 * 1:16844 <-> DISABLED <-> BLACKLIST DNS request for known malware domain rm08.e4562.com - Trojan-Downloader.Win32.Agent.dngx (blacklist.rules)
 * 1:16845 <-> DISABLED <-> BLACKLIST DNS request for known malware domain rc04.e6532.com - Trojan-Downloader.Win32.Genome.awld (blacklist.rules)
 * 1:16846 <-> DISABLED <-> BLACKLIST DNS request for known malware domain bedayton.com - Trojan-Downloader.Win32.Agent.dlhe (blacklist.rules)
 * 1:16847 <-> DISABLED <-> BLACKLIST DNS request for known malware domain rz12.e6805.com - Trojan-Downloader.Win32.Genome.awld (blacklist.rules)
 * 1:16848 <-> DISABLED <-> BLACKLIST DNS request for known malware domain in.chinaitlm.cn - Trojan.VBS.HideIcon.d (blacklist.rules)
 * 1:16849 <-> DISABLED <-> BLACKLIST DNS request for known malware domain re05.e6532.com - Trojan-Downloader.Win32.Genome.awld (blacklist.rules)
 * 1:16850 <-> DISABLED <-> BLACKLIST DNS request for known malware domain kldmten.net - Trojan-Spy.Win32.Zbot.akra (blacklist.rules)
 * 1:16851 <-> DISABLED <-> BLACKLIST DNS request for known malware domain forelc.cc - Trojan-Ransom.Win32.XBlocker.ahe (blacklist.rules)
 * 1:16852 <-> DISABLED <-> BLACKLIST DNS request for known malware domain v.yao63.com - Trojan-Downloader.Win32.Agent.dqns (blacklist.rules)
 * 1:16853 <-> DISABLED <-> BLACKLIST DNS request for known malware domain vh26.e4578.com - Trojan.Win32.Opeg.a (blacklist.rules)
 * 1:16854 <-> DISABLED <-> BLACKLIST DNS request for known malware domain up1.give2sms.com - Trojan-Downloader.Win32.Genome.est (blacklist.rules)
 * 1:16855 <-> DISABLED <-> BLACKLIST DNS request for known malware domain d.123kuaihuo.com - Trojan.Win32.Scar.clbx (blacklist.rules)
 * 1:16856 <-> DISABLED <-> BLACKLIST DNS request for known malware domain andy.cd - Backdoor.Win32.Agent.auto (blacklist.rules)
 * 1:16857 <-> DISABLED <-> BLACKLIST DNS request for known malware domain site.mynet.com - Trojan.Win32.Buzus.dxsr (blacklist.rules)
 * 1:16858 <-> DISABLED <-> BLACKLIST DNS request for known malware domain charter-x.biz - Packed.Win32.Krap.ae (blacklist.rules)
 * 1:16859 <-> DISABLED <-> BLACKLIST DNS request for known malware domain gerherber.com - Trojan-Spy.Win32.Zbot.akdw (blacklist.rules)
 * 1:16860 <-> DISABLED <-> BLACKLIST DNS request for known malware domain urodinam.net - Trojan.Win32.TDSS.azsj (blacklist.rules)
 * 1:16861 <-> DISABLED <-> BLACKLIST DNS request for known malware domain gite-eguisheim.com - Trojan-Downloader.Win32.Piker.clp (blacklist.rules)
 * 1:16862 <-> DISABLED <-> BLACKLIST DNS request for known malware domain phaizeipeu.ru - Packed.Win32.Krap.gx (blacklist.rules)
 * 1:16863 <-> DISABLED <-> BLACKLIST DNS request for known malware domain teendx.com - Trojan-Spy.Win32.Zbot.gen (blacklist.rules)
 * 1:16864 <-> DISABLED <-> BLACKLIST DNS request for known malware domain taiping2033.2288.org - Trojan-Downloader.Win32.Selvice.afy (blacklist.rules)
 * 1:16865 <-> DISABLED <-> BLACKLIST DNS request for known malware domain cnfg.maxsitesrevenues.net - Trojan.Win32.BHO.afke (blacklist.rules)
 * 1:16866 <-> DISABLED <-> BLACKLIST DNS request for known malware domain members.multimania.co.uk - Trojan.Win32.Inject.ahqv (blacklist.rules)
 * 1:16867 <-> DISABLED <-> BLACKLIST DNS request for known malware domain down.toopc.com - Trojan-Dropper.Win32.Clons.hai (blacklist.rules)
 * 1:16868 <-> DISABLED <-> BLACKLIST DNS request for known malware domain hostshack.net - Trojan.Win32.Buzus.empl (blacklist.rules)
 * 1:16869 <-> DISABLED <-> BLACKLIST DNS request for known malware domain tt.vv49.com - Trojan-GameThief.Win32.OnLineGames.bnkb (blacklist.rules)
 * 1:16870 <-> DISABLED <-> BLACKLIST DNS request for known malware domain search.sidegreen.com - Backdoor.Win32.Agent.arqi (blacklist.rules)
 * 1:16871 <-> DISABLED <-> BLACKLIST DNS request for known malware domain parfaitpournous.com - Trojan-Spy.Win32.Zbot.gen (blacklist.rules)
 * 1:16872 <-> DISABLED <-> BLACKLIST DNS request for known malware domain postmetoday.ru - Packed.Win32.Katusha.j (blacklist.rules)
 * 1:16873 <-> DISABLED <-> BLACKLIST DNS request for known malware domain youword.cn - Trojan.Win32.Scar.bvgu (blacklist.rules)
 * 1:16874 <-> DISABLED <-> BLACKLIST DNS request for known malware domain ophaeghaev.ru - Trojan-Spy.Win32.Zbot.akmi (blacklist.rules)
 * 1:16875 <-> DISABLED <-> BLACKLIST DNS request for known malware domain up1.free-sms.co.kr - Trojan.Win32.Vilsel.akp (blacklist.rules)
 * 1:16876 <-> DISABLED <-> BLACKLIST DNS request for known malware domain c.softdowns.info - Trojan.BAT.Agent.yn (blacklist.rules)
 * 1:16877 <-> DISABLED <-> BLACKLIST DNS request for known malware domain ddkom.biz - Trojan.Win32.Scar.ckhr (blacklist.rules)
 * 1:16878 <-> DISABLED <-> BLACKLIST DNS request for known malware domain vopret.ru - Trojan.Win32.FraudPack.axwn (blacklist.rules)
 * 1:16879 <-> DISABLED <-> BLACKLIST DNS request for known malware domain dnfpomo.dnfranran.com - Trojan-GameThief.Win32.OnLineGames.bnkx (blacklist.rules)
 * 1:16880 <-> DISABLED <-> BLACKLIST DNS request for known malware domain dnfuu.3322.org - Trojan-Downloader.Win32.Genome.asrx (blacklist.rules)
 * 1:16881 <-> DISABLED <-> BLACKLIST DNS request for known malware domain sex-gifts.ru - Trojan-Spy.Win32.Zbot.gen (blacklist.rules)
 * 1:16882 <-> DISABLED <-> BLACKLIST DNS request for known malware domain 111.168lala.com - Backdoor.Win32.Popwin.cyn (blacklist.rules)
 * 1:16883 <-> DISABLED <-> BLACKLIST DNS request for known malware domain mcafee-registry.ru - Trojan-Spy.Win32.Zbot.akgb (blacklist.rules)
 * 1:16884 <-> DISABLED <-> BLACKLIST DNS request for known malware domain bits4ever.ru - Trojan-Spy.Win32.Zbot.aknt (blacklist.rules)
 * 1:16885 <-> DISABLED <-> BLACKLIST DNS request for known malware domain monicaecarlos.com - Trojan-Downloader.Win32.Genome.awxv (blacklist.rules)
 * 1:16886 <-> DISABLED <-> BLACKLIST DNS request for known malware domain d.trymedia.com - Trojan-Dropper.Win32.Delf.fkk (blacklist.rules)
 * 1:16887 <-> DISABLED <-> BLACKLIST DNS request for known malware domain hesneclimi.ru - Packed.Win32.Krap.ae (blacklist.rules)
 * 1:16888 <-> DISABLED <-> BLACKLIST DNS request for known malware domain dbtte.com - Trojan-Banker.Win32.Banz.crk (blacklist.rules)
 * 1:16889 <-> DISABLED <-> BLACKLIST DNS request for known malware domain h1.ripway.com - Trojan.Win32.Refroso.bcdq (blacklist.rules)
 * 1:16890 <-> DISABLED <-> BLACKLIST DNS request for known malware domain in6cs.com - Trojan.Win32.Tdss.beea (blacklist.rules)
 * 1:16891 <-> DISABLED <-> BLACKLIST DNS request for known malware domain solo1928.ru - Trojan-Spy.Win32.Zbot.gen (blacklist.rules)
 * 1:16892 <-> DISABLED <-> BLACKLIST DNS request for known malware domain fg545633.host.zgridc.com - Trojan.Win32.Pincav.abub (blacklist.rules)
 * 1:16893 <-> DISABLED <-> BLACKLIST DNS request for known malware domain primusdns.ru - Backdoor.Win32.Havar.eh (blacklist.rules)
 * 1:16894 <-> DISABLED <-> BLACKLIST DNS request for known malware domain eq.pccppc.com - Trojan-Downloader.Win32.Pher.fkl (blacklist.rules)
 * 1:16895 <-> DISABLED <-> BLACKLIST DNS request for known malware domain alodh.in - Backdoor.Win32.Delf.vde (blacklist.rules)
 * 1:16896 <-> DISABLED <-> BLACKLIST DNS request for known malware domain reward.pnshop.co.kr - Backdoor.Win32.Agent.ahra (blacklist.rules)
 * 1:16897 <-> DISABLED <-> BLACKLIST DNS request for known malware domain sympathy.hdnews.net - Trojan-Spy.Win32.Zbot.gen (blacklist.rules)
 * 1:16898 <-> DISABLED <-> BLACKLIST DNS request for known malware domain sx21.e4578.com - Trojan.Win32.Scar.ccqb (blacklist.rules)
 * 1:16899 <-> DISABLED <-> BLACKLIST DNS request for known malware domain downloadering.9966.org - Trojan.Win32.Vilsel.adxv (blacklist.rules)
 * 1:16900 <-> DISABLED <-> BLACKLIST DNS request for known malware domain reportes201.com - Trojan-Downloader.Win32.Genome.ashe (blacklist.rules)
 * 1:16901 <-> DISABLED <-> BLACKLIST DNS request for known malware domain local.1140.co.kr - Trojan-Downloader.Win32.Genome.aobm (blacklist.rules)
 * 1:16902 <-> DISABLED <-> BLACKLIST DNS request for known malware domain promojoy.net - Packed.Win32.Krap.gx (blacklist.rules)
 * 1:16903 <-> DISABLED <-> BLACKLIST DNS request for known malware domain gpwg.ws - Worm.Win32.AutoRun.bjca (blacklist.rules)
 * 1:16904 <-> DISABLED <-> BLACKLIST DNS request for known malware domain xoomer.alice.it - Trojan-Downloader.Win32.Banload.kdu (blacklist.rules)
 * 1:16905 <-> DISABLED <-> BLACKLIST DNS request for known malware domain xoomer.virgilio.it - Backdoor.Win32.Clar.d (blacklist.rules)
 * 1:16906 <-> DISABLED <-> BLACKLIST DNS request for known malware domain down.p2pplay.com - Trojan-GameThief.Win32.OnLineGames.wgkv (blacklist.rules)
 * 1:16907 <-> DISABLED <-> BLACKLIST DNS request for known malware domain livetrust.info - Trojan-Spy.Win32.Zbot.akku (blacklist.rules)
 * 1:16908 <-> DISABLED <-> BLACKLIST DNS request for known malware domain ootaivilei.ru - Trojan-Spy.Win32.Zbot.akme (blacklist.rules)
 * 1:16909 <-> DISABLED <-> BLACKLIST DNS request for known malware domain babah20122012.com - Trojan-Spy.Win32.Zbot.akbb (blacklist.rules)
 * 1:16910 <-> DISABLED <-> BLACKLIST DNS request for known malware domain pattern - 0-0-0-0-0-0-0.info (blacklist.rules)
 * 1:16911 <-> DISABLED <-> BLACKLIST URI request for known malicious URI - ucsp0416.exe?t= (blacklist.rules)
 * 1:16912 <-> DISABLED <-> BLACKLIST URI request for known malicious URI - net/cfg2.bin (blacklist.rules)
 * 1:16913 <-> DISABLED <-> BLACKLIST URI request for known malicious URI - count_log/log/boot.php?p= (blacklist.rules)
 * 1:16914 <-> DISABLED <-> BLACKLIST URI request for known malicious URI - .bin?ucsp (blacklist.rules)
 * 1:16915 <-> DISABLED <-> BLACKLIST URI request for known malicious URI - /MNG/Download/?File=AZF (blacklist.rules)
 * 1:16916 <-> DISABLED <-> BLACKLIST URI request for known malicious URI - /jarun/jezerce (blacklist.rules)
 * 1:16917 <-> DISABLED <-> BLACKLIST URI request for known malicious URI - /ekaterina/velika (blacklist.rules)
 * 1:16918 <-> DISABLED <-> BLACKLIST URI request for known malicious URI - /ultimate/fight (blacklist.rules)
 * 1:16919 <-> DISABLED <-> BLACKLIST URI request for known malicious URI - /tmp/pm.exe?t= (blacklist.rules)
 * 1:16920 <-> DISABLED <-> BLACKLIST URI request for known malicious URI - /DownLoadFile/BaePo/ver (blacklist.rules)
 * 1:16921 <-> DISABLED <-> BLACKLIST URI request for known malicious URI - /s1/launcher/update/Update/data/ (blacklist.rules)
 * 1:16922 <-> DISABLED <-> BLACKLIST URI request for known malicious URI - /cgi-bin/rd.cgi?f=/vercfg.dat?AgentID= (blacklist.rules)
 * 1:16923 <-> DISABLED <-> BLACKLIST URI request for known malicious URI - /search.php?username=coolweb07&keywords= (blacklist.rules)
 * 1:16925 <-> DISABLED <-> BLACKLIST URI request for known malicious URI - /message.php?subid= (blacklist.rules)
 * 1:16926 <-> DISABLED <-> BLACKLIST URI request for known malicious URI - strMode=setup&strID=pcvaccine&strPC= (blacklist.rules)
 * 1:16927 <-> DISABLED <-> BLACKLIST URI request for known malicious URI - MGWEB.php?c=TestUrl (blacklist.rules)
 * 1:16928 <-> DISABLED <-> BLACKLIST URI request for known malicious URI - /stat.html?0dPg0uXTraCSqrOdlrKpmpyorePbz (blacklist.rules)
 * 1:16929 <-> DISABLED <-> BLACKLIST URI request for known malicious URI - gate.php?guid= (blacklist.rules)
 * 1:16930 <-> DISABLED <-> BLACKLIST URI request for known malicious URI - count.asp?mac= (blacklist.rules)
 * 1:16931 <-> DISABLED <-> BLACKLIST URI request for known malicious URI - feedbigfoot.php?m= (blacklist.rules)
 * 1:16932 <-> DISABLED <-> BLACKLIST URI request for known malicious URI - /qqnongchang/qqkj. (blacklist.rules)
 * 1:16933 <-> DISABLED <-> BLACKLIST URI request for known malicious URI - /root/9 frt.rar (blacklist.rules)
 * 1:1700 <-> DISABLED <-> WEB-CGI imagemap.exe access (web-cgi.rules)
 * 1:1701 <-> DISABLED <-> WEB-CGI calendar-admin.pl access (web-cgi.rules)
 * 1:1702 <-> DISABLED <-> WEB-CGI Amaya templates sendtemp.pl access (web-cgi.rules)
 * 1:1703 <-> DISABLED <-> WEB-CGI auktion.cgi directory traversal attempt (web-cgi.rules)
 * 1:1704 <-> DISABLED <-> WEB-CGI cal_make.pl directory traversal attempt (web-cgi.rules)
 * 1:1705 <-> DISABLED <-> WEB-CGI echo.bat arbitrary command execution attempt (web-cgi.rules)
 * 1:17051 <-> DISABLED <-> WEB-ACTIVEX Symantec AppStream Client LaunchObj ActiveX clsid access (web-activex.rules)
 * 1:17052 <-> DISABLED <-> WEB-ACTIVEX Symantec AppStream Client LaunchObj ActiveX clsid unicode access (web-activex.rules)
 * 1:17053 <-> DISABLED <-> WEB-ACTIVEX Symantec AppStream Client LaunchObj ActiveX function call access (web-activex.rules)
 * 1:17054 <-> DISABLED <-> WEB-ACTIVEX Symantec AppStream Client LaunchObj ActiveX function call unicode access (web-activex.rules)
 * 1:17056 <-> DISABLED <-> SPECIFIC-THREATS Novell NetIdentity Agent XTIERRPCPIPE remote code execution attempt (specific-threats.rules)
 * 1:17057 <-> DISABLED <-> SPECIFIC-THREATS Novell Client NetIdentity Agent remote arbitrary pointer dereference code execution attempt (specific-threats.rules)
 * 1:17058 <-> DISABLED <-> SPECIFIC-THREATS Trojan-Downloader.JS.Agent.ewh Javascript download attempt (specific-threats.rules)
 * 1:1706 <-> DISABLED <-> WEB-CGI echo.bat access (web-cgi.rules)
 * 1:17061 <-> ENABLED <-> WEB-ACTIVEX Symantec Norton Personal Firewall 2004 ActiveX clsid access (web-activex.rules)
 * 1:17062 <-> ENABLED <-> WEB-ACTIVEX Symantec Norton Personal Firewall 2004 ActiveX clsid unicode access (web-activex.rules)
 * 1:17063 <-> ENABLED <-> WEB-ACTIVEX Logitech Video Call 1 ActiveX clsid access (web-activex.rules)
 * 1:17064 <-> ENABLED <-> WEB-ACTIVEX Logitech Video Call 1 ActiveX clsid unicode access (web-activex.rules)
 * 1:17065 <-> ENABLED <-> WEB-ACTIVEX Logitech Video Call 2 ActiveX clsid access (web-activex.rules)
 * 1:17066 <-> ENABLED <-> WEB-ACTIVEX Logitech Video Call 2 ActiveX clsid unicode access (web-activex.rules)
 * 1:17067 <-> ENABLED <-> WEB-ACTIVEX Logitech Video Call 3 ActiveX clsid access (web-activex.rules)
 * 1:17068 <-> ENABLED <-> WEB-ACTIVEX Logitech Video Call 3 ActiveX clsid unicode access (web-activex.rules)
 * 1:17069 <-> ENABLED <-> WEB-ACTIVEX Logitech Video Call 4 ActiveX clsid access (web-activex.rules)
 * 1:1707 <-> DISABLED <-> WEB-CGI hello.bat arbitrary command execution attempt (web-cgi.rules)
 * 1:17070 <-> ENABLED <-> WEB-ACTIVEX Logitech Video Call 4 ActiveX clsid unicode access (web-activex.rules)
 * 1:17071 <-> ENABLED <-> WEB-ACTIVEX Logitech Video Call 5 ActiveX clsid access (web-activex.rules)
 * 1:17072 <-> ENABLED <-> WEB-ACTIVEX Logitech Video Call 5 ActiveX clsid unicode access (web-activex.rules)
 * 1:17073 <-> ENABLED <-> WEB-ACTIVEX Ask Toolbar AskJeevesToolBar.SettingsPlugin ActiveX clsid access (web-activex.rules)
 * 1:17074 <-> ENABLED <-> WEB-ACTIVEX Ask Toolbar AskJeevesToolBar.SettingsPlugin ActiveX clsid unicode access (web-activex.rules)
 * 1:17075 <-> ENABLED <-> WEB-ACTIVEX Ask Toolbar AskJeevesToolBar.SettingsPlugin ActiveX function call access (web-activex.rules)
 * 1:17076 <-> ENABLED <-> WEB-ACTIVEX Ask Toolbar AskJeevesToolBar.SettingsPlugin ActiveX function call unicode access (web-activex.rules)
 * 1:17077 <-> ENABLED <-> SPECIFIC-THREATS Ask Toolbar AskJeevesToolBar.SettingsPlugin.1 ActiveX control buffer overflow attempt (specific-threats.rules)
 * 1:17078 <-> DISABLED <-> WEB-ACTIVEX GOM Player GomWeb ActiveX clsid access (web-activex.rules)
 * 1:17079 <-> DISABLED <-> WEB-ACTIVEX GOM Player GomWeb ActiveX clsid unicode access (web-activex.rules)
 * 1:1708 <-> DISABLED <-> WEB-CGI hello.bat access (web-cgi.rules)
 * 1:17080 <-> DISABLED <-> WEB-ACTIVEX GOM Player GomWeb ActiveX function call access (web-activex.rules)
 * 1:17081 <-> DISABLED <-> WEB-ACTIVEX GOM Player GomWeb ActiveX function call unicode access (web-activex.rules)
 * 1:17082 <-> DISABLED <-> WEB-ACTIVEX SonicWALL SSL-VPN NeLaunchCtrl ActiveX clsid access (web-activex.rules)
 * 1:17083 <-> DISABLED <-> WEB-ACTIVEX SonicWALL SSL-VPN NeLaunchCtrl ActiveX clsid unicode access (web-activex.rules)
 * 1:17084 <-> DISABLED <-> WEB-ACTIVEX Creative Software AutoUpdate Engine ActiveX clsid access (web-activex.rules)
 * 1:17085 <-> DISABLED <-> WEB-ACTIVEX Creative Software AutoUpdate Engine ActiveX clsid unicode access (web-activex.rules)
 * 1:17087 <-> DISABLED <-> WEB-ACTIVEX VeryDOC PDF Viewer ActiveX clsid access (web-activex.rules)
 * 1:17088 <-> DISABLED <-> WEB-ACTIVEX VeryDOC PDF Viewer ActiveX clsid unicode access (web-activex.rules)
 * 1:17089 <-> DISABLED <-> WEB-ACTIVEX VeryDOC PDF Viewer ActiveX function call access (web-activex.rules)
 * 1:1709 <-> DISABLED <-> WEB-CGI ad.cgi access (web-cgi.rules)
 * 1:17090 <-> DISABLED <-> WEB-ACTIVEX VeryDOC PDF Viewer ActiveX function call unicode access (web-activex.rules)
 * 1:17096 <-> DISABLED <-> WEB-ACTIVEX AOL WinAmpX ActiveX clsid access (web-activex.rules)
 * 1:17097 <-> DISABLED <-> WEB-ACTIVEX AOL WinAmpX ActiveX clsid unicode access (web-activex.rules)
 * 1:17099 <-> DISABLED <-> WEB-ACTIVEX CommuniCrypt Mail ANSMTP.dll/AOSMTP.dll ActiveX clsid access (web-activex.rules)
 * 1:1710 <-> DISABLED <-> WEB-CGI bbs_forum.cgi access (web-cgi.rules)
 * 1:17100 <-> DISABLED <-> WEB-ACTIVEX CommuniCrypt Mail ANSMTP.dll/AOSMTP.dll ActiveX clsid unicode access (web-activex.rules)
 * 1:17101 <-> DISABLED <-> WEB-ACTIVEX CommuniCrypt Mail ANSMTP.dll/AOSMTP.dll ActiveX function call access (web-activex.rules)
 * 1:17102 <-> DISABLED <-> WEB-ACTIVEX CommuniCrypt Mail ANSMTP.dll/AOSMTP.dll ActiveX function call unicode access (web-activex.rules)
 * 1:1711 <-> DISABLED <-> WEB-CGI bsguest.cgi access (web-cgi.rules)
 * 1:17112 <-> DISABLED <-> SPECIFIC-THREATS DCERPC rpcss2 _RemoteGetClassObject attempt (specific-threats.rules)
 * 1:1712 <-> DISABLED <-> WEB-CGI bslist.cgi access (web-cgi.rules)
 * 1:1713 <-> DISABLED <-> WEB-CGI cgforum.cgi access (web-cgi.rules)
 * 1:1714 <-> DISABLED <-> WEB-CGI newdesk access (web-cgi.rules)
 * 1:17147 <-> DISABLED <-> SPECIFIC-THREATS Adobe Photoshop CS4 ABR file processing buffer overflow attempt (specific-threats.rules)
 * 1:1715 <-> DISABLED <-> WEB-CGI register.cgi access (web-cgi.rules)
 * 1:17151 <-> DISABLED <-> SPECIFIC-THREATS Samba smbd flags2 header parsing denial of service attempt - 1 (specific-threats.rules)
 * 1:17152 <-> DISABLED <-> SPECIFIC-THREATS Samba smbd flags2 header parsing denial of service attempt - 2 (specific-threats.rules)
 * 1:17155 <-> DISABLED <-> SPECIFIC-THREATS Multiple vendors OPIE off-by-one stack buffer overflow attempt (specific-threats.rules)
 * 1:1716 <-> DISABLED <-> WEB-CGI gbook.cgi access (web-cgi.rules)
 * 1:17160 <-> ENABLED <-> SPECIFIC-THREATS Liquid XML Studio LtXmlComHelp8.dll ActiveX OpenFile buffer overflow attempt (specific-threats.rules)
 * 1:17161 <-> DISABLED <-> WEB-ACTIVEX Liquid XML Studio ActiveX clsid access (web-activex.rules)
 * 1:17162 <-> DISABLED <-> WEB-ACTIVEX Liquid XML Studio ActiveX clsid unicode access (web-activex.rules)
 * 1:17163 <-> DISABLED <-> WEB-ACTIVEX Liquid XML Studio ActiveX function call access (web-activex.rules)
 * 1:17164 <-> DISABLED <-> WEB-ACTIVEX Liquid XML Studio ActiveX function call unicode access (web-activex.rules)
 * 1:17167 <-> DISABLED <-> WEB-ACTIVEX Oracle Siebel Option Pack 1 ActiveX clsid access (web-activex.rules)
 * 1:17168 <-> DISABLED <-> WEB-ACTIVEX Oracle Siebel Option Pack 1 ActiveX clsid unicode access (web-activex.rules)
 * 1:17169 <-> DISABLED <-> WEB-ACTIVEX Oracle Siebel Option Pack 2 ActiveX clsid access (web-activex.rules)
 * 1:1717 <-> DISABLED <-> WEB-CGI simplestguest.cgi access (web-cgi.rules)
 * 1:17170 <-> DISABLED <-> WEB-ACTIVEX Oracle Siebel Option Pack 2 ActiveX clsid unicode access (web-activex.rules)
 * 1:17171 <-> DISABLED <-> WEB-ACTIVEX Oracle Siebel Option Pack 3 ActiveX clsid access (web-activex.rules)
 * 1:17172 <-> DISABLED <-> WEB-ACTIVEX Oracle Siebel Option Pack 3 ActiveX clsid unicode access (web-activex.rules)
 * 1:17173 <-> DISABLED <-> WEB-ACTIVEX Oracle Siebel Option Pack 4 ActiveX clsid access (web-activex.rules)
 * 1:17174 <-> DISABLED <-> WEB-ACTIVEX Oracle Siebel Option Pack 4 ActiveX clsid unicode access (web-activex.rules)
 * 1:17175 <-> DISABLED <-> WEB-ACTIVEX Oracle Siebel Option Pack 5 ActiveX clsid access (web-activex.rules)
 * 1:17176 <-> DISABLED <-> WEB-ACTIVEX Oracle Siebel Option Pack 5 ActiveX clsid unicode access (web-activex.rules)
 * 1:17177 <-> DISABLED <-> WEB-ACTIVEX Oracle Siebel Option Pack 6 ActiveX clsid access (web-activex.rules)
 * 1:17178 <-> DISABLED <-> WEB-ACTIVEX Oracle Siebel Option Pack 6 ActiveX clsid unicode access (web-activex.rules)
 * 1:1718 <-> DISABLED <-> WEB-CGI statsconfig.pl access (web-cgi.rules)
 * 1:1719 <-> DISABLED <-> WEB-CGI talkback.cgi directory traversal attempt (web-cgi.rules)
 * 1:1720 <-> DISABLED <-> WEB-CGI talkback.cgi access (web-cgi.rules)
 * 1:1721 <-> DISABLED <-> WEB-CGI adcycle access (web-cgi.rules)
 * 1:17219 <-> ENABLED <-> SPECIFIC-THREATS Firefox domain name handling buffer overflow attempt (specific-threats.rules)
 * 1:1722 <-> DISABLED <-> WEB-CGI MachineInfo access (web-cgi.rules)
 * 1:17220 <-> ENABLED <-> SPECIFIC-THREATS Firefox domain name handling buffer overflow attempt (specific-threats.rules)
 * 1:17221 <-> ENABLED <-> SPECIFIC-THREATS Firefox domain name handling buffer overflow attempt (specific-threats.rules)
 * 1:17222 <-> ENABLED <-> SPECIFIC-THREATS Firefox domain name handling buffer overflow attempt (specific-threats.rules)
 * 1:17223 <-> ENABLED <-> SPECIFIC-THREATS Adobe Flash Player navigateToURL cross-site scripting attempt (specific-threats.rules)
 * 1:17226 <-> ENABLED <-> WEB-ACTIVEX AXIS Camera ActiveX initialization via script (web-activex.rules)
 * 1:1723 <-> DISABLED <-> WEB-CGI emumail.cgi NULL attempt (web-cgi.rules)
 * 1:1724 <-> DISABLED <-> WEB-CGI emumail.cgi access (web-cgi.rules)
 * 1:17244 <-> ENABLED <-> SPECIFIC-THREATS Antivirus ACE file handling buffer overflow attempt (specific-threats.rules)
 * 1:17260 <-> ENABLED <-> SPECIFIC-THREATS Mozilla Firefox Javascript contentWindow in an iframe exploit attempt (specific-threats.rules)
 * 1:17266 <-> ENABLED <-> SPECIFIC-THREATS Multiple vendor malformed ZIP archive Antivirus detection bypass attempt (specific-threats.rules)
 * 1:17267 <-> ENABLED <-> SPECIFIC-THREATS Multiple vendor malformed ZIP archive Antivirus detection bypass attempt (specific-threats.rules)
 * 1:17268 <-> ENABLED <-> SPECIFIC-THREATS Mozilla Firefox sidebar panel arbitrary code execution attempt (specific-threats.rules)
 * 1:1727 <-> DISABLED <-> WEB-CGI SGI InfoSearch fname access (web-cgi.rules)
 * 1:17273 <-> ENABLED <-> SPECIFIC-THREATS MIT Kerberos V5 KDC krb5_unparse_name overflow attempt (specific-threats.rules)
 * 1:17274 <-> ENABLED <-> SPECIFIC-THREATS MIT Kerberos V5 KDC krb5_unparse_name overflow attempt (specific-threats.rules)
 * 1:17275 <-> ENABLED <-> SPECIFIC-THREATS Symantec Brightmail AntiSpam nested Zip handling denial of service attempt (specific-threats.rules)
 * 1:17276 <-> DISABLED <-> WEB-MISC Multiple vendor Antivirus magic byte detection evasion attempt (web-misc.rules)
 * 1:17281 <-> ENABLED <-> SPECIFIC-THREATS Panda Antivirus ZOO archive decompression buffer overflow attempt (specific-threats.rules)
 * 1:17286 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Visual Basic for Applications document properties overflow attempt (specific-threats.rules)
 * 1:17289 <-> ENABLED <-> SPECIFIC-THREATS GNU gzip LZH decompression make_table overflow attempt (specific-threats.rules)
 * 1:1730 <-> DISABLED <-> WEB-CGI ustorekeeper.pl directory traversal attempt (web-cgi.rules)
 * 1:1731 <-> DISABLED <-> WEB-CGI a1stats access (web-cgi.rules)
 * 1:17327 <-> DISABLED <-> IMAP Qualcomm WorldMail Server Response (imap.rules)
 * 1:17334 <-> ENABLED <-> SPECIFIC-THREATS RealPlayer SWF Flash File buffer overflow attempt (specific-threats.rules)
 * 1:1736 <-> DISABLED <-> WEB-PHP squirrel mail spell-check arbitrary command attempt (web-php.rules)
 * 1:17361 <-> ENABLED <-> SPECIFIC-THREATS Adobe Acrobat Reader PDF Catalog Handling denial of service attempt (specific-threats.rules)
 * 1:1737 <-> DISABLED <-> WEB-PHP squirrel mail theme arbitrary command attempt (web-php.rules)
 * 1:17377 <-> ENABLED <-> SPECIFIC-THREATS Microsoft excel Malformed Filter Records Handling Code Execution attempt (specific-threats.rules)
 * 1:17386 <-> ENABLED <-> SPECIFIC-THREATS Lighttpd mod_fastcgi Extension CGI Variable Overwriting Vulnerability attempt (specific-threats.rules)
 * 1:17389 <-> ENABLED <-> SPECIFIC-THREATS mozilla firefox DOMNodeRemoved attack attempt (specific-threats.rules)
 * 1:1739 <-> DISABLED <-> WEB-PHP DNSTools administrator authentication bypass attempt (web-php.rules)
 * 1:1740 <-> DISABLED <-> WEB-PHP DNSTools authentication bypass attempt (web-php.rules)
 * 1:17407 <-> DISABLED <-> WEB-CLIENT Windows help file download request (web-client.rules)
 * 1:1741 <-> DISABLED <-> WEB-PHP DNSTools access (web-php.rules)
 * 1:17411 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer CDF cross-domain scripting attempt (specific-threats.rules)
 * 1:17413 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Jet DB Engine Buffer Overflow attempt (specific-threats.rules)
 * 1:17414 <-> ENABLED <-> SPECIFIC-THREATS Mozilla Firefox Javascript Engine Information Disclosure attempt (specific-threats.rules)
 * 1:17415 <-> ENABLED <-> SPECIFIC-THREATS Mozilla Firefox Javascript Engine Information Disclosure attempt (specific-threats.rules)
 * 1:1742 <-> DISABLED <-> WEB-PHP Blahz-DNS dostuff.php modify user attempt (web-php.rules)
 * 1:17422 <-> ENABLED <-> SPECIFIC-THREATS Firefox defineSetter function pointer memory corruption attempt (specific-threats.rules)
 * 1:17424 <-> ENABLED <-> SPECIFIC-THREATS Mozilla Firefox IconURL Arbitrary Javascript Execution attempt (specific-threats.rules)
 * 1:1743 <-> DISABLED <-> WEB-PHP Blahz-DNS dostuff.php access (web-php.rules)
 * 1:17435 <-> ENABLED <-> NETBIOS DCERPC NCACN-IP-TCP umpnpmgr PNP_GetDeviceList attempt (netbios.rules)
 * 1:17437 <-> ENABLED <-> NETBIOS DCERPC NCACN-IP-TCP umpnpmgr PNP_GetDeviceList attempt (netbios.rules)
 * 1:17446 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer FTP client directory traversal attempt (specific-threats.rules)
 * 1:17448 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer HTTPS proxy information disclosure vulnerability (specific-threats.rules)
 * 1:1745 <-> DISABLED <-> WEB-PHP Messagerie supp_membre.php access (web-php.rules)
 * 1:17461 <-> ENABLED <-> SPECIFIC-THREATS RealNetworks RealPlayer zipped skin file buffer overflow attempt (specific-threats.rules)
 * 1:17464 <-> ENABLED <-> WEB-ACTIVEX AOL Radio AmpX ActiveX clsid access (web-activex.rules)
 * 1:17465 <-> ENABLED <-> WEB-ACTIVEX AOL Radio AmpX ActiveX clsid unicode access (web-activex.rules)
 * 1:17466 <-> ENABLED <-> SPECIFIC-THREATS IBM Lotus Domino Web Access 7 ActiveX exploit attempt (specific-threats.rules)
 * 1:17481 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Exchange and Outlook TNEF Decoding Integer Overflow attempt (specific-threats.rules)
 * 1:17488 <-> ENABLED <-> SPECIFIC-THREATS Excel Malformed Range Code Execution attempt (specific-threats.rules)
 * 1:17489 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Windows Help File Heap Buffer Overflow attempt (specific-threats.rules)
 * 1:17490 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Windows itss.dll CHM File Handling Heap Corruption attempt (specific-threats.rules)
 * 1:17491 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Word mso.dll LsCreateLine memory corruption attempt (specific-threats.rules)
 * 1:17492 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Excel Malformed SELECTION Record Code Execution attempt (specific-threats.rules)
 * 1:17493 <-> ENABLED <-> SPECIFIC-THREATS ClamAV UPX FileHandling Heap overflow attempt (specific-threats.rules)
 * 1:17496 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Powerpoint malformed NamedShows record code execution attempt (specific-threats.rules)
 * 1:17497 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Powerpoint malformed NamedShows record code execution attempt (specific-threats.rules)
 * 1:17541 <-> ENABLED <-> SPECIFIC-THREATS Avast! Antivirus Engine Remote LHA buffer overflow attempt (specific-threats.rules)
 * 1:17550 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Word Font Parsing Buffer Overflow attempt (specific-threats.rules)
 * 1:17553 <-> ENABLED <-> SPECIFIC-THREATS Adobe Pagemaker Font Name Buffer Overflow attempt (specific-threats.rules)
 * 1:17554 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer DOM object cache management memory corruption attempt (specific-threats.rules)
 * 1:17557 <-> ENABLED <-> WEB-ACTIVEX Novell iPrint ActiveX operation parameter overflow (web-activex.rules)
 * 1:17559 <-> ENABLED <-> SPECIFIC-THREATS IBM Lotus Notes Applix Graphics Parsing Buffer Overflow (specific-threats.rules)
 * 1:17574 <-> ENABLED <-> SPECIFIC-THREATS Sophos Anti-Virus Visio File Parsing Buffer Overflow attempt (specific-threats.rules)
 * 1:17575 <-> ENABLED <-> WEB-ACTIVEX SizerOne 2 ActiveX clsid access (web-activex.rules)
 * 1:17576 <-> ENABLED <-> WEB-ACTIVEX SizerOne 2 ActiveX clsid unicode access (web-activex.rules)
 * 1:17578 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Word Section Table Array Buffer Overflow attempt (specific-threats.rules)
 * 1:17579 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Drawing Record msofbtOPT Code Execution attempt (specific-threats.rules)
 * 1:17580 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer span tag memory corruption attempt (specific-threats.rules)
 * 1:17581 <-> ENABLED <-> SPECIFIC-THREATS Mozilla Firefox tag order memory corruption attempt (specific-threats.rules)
 * 1:17582 <-> ENABLED <-> WEB-ACTIVEX Symantec Norton AntiVirus CcErrDisp ActiveX function call access (web-activex.rules)
 * 1:17583 <-> ENABLED <-> WEB-ACTIVEX Symantec Norton AntiVirus CcErrDisp ActiveX function call unicode access (web-activex.rules)
 * 1:17585 <-> ENABLED <-> SPECIFIC-THREATS Internet Explorer possible javascript onunload event memory corruption (specific-threats.rules)
 * 1:17587 <-> ENABLED <-> SPECIFIC-THREATS AcroPDF.PDF ActiveX exploit attempt (specific-threats.rules)
 * 1:17588 <-> ENABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Install Engine ActiveX clsid access (web-activex.rules)
 * 1:17589 <-> ENABLED <-> WEB-ACTIVEX Microsoft Internet Explorer Install Engine ActiveX clsid unicode access (web-activex.rules)
 * 1:17592 <-> ENABLED <-> WEB-ACTIVEX Microsoft MyInfo.dll ActiveX clsid access (web-activex.rules)
 * 1:17604 <-> ENABLED <-> SPECIFIC-THREATS Java AWT ConvolveOp memory corruption attempt (specific-threats.rules)
 * 1:1762 <-> DISABLED <-> WEB-CGI phf arbitrary command execution attempt (web-cgi.rules)
 * 1:17622 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer object reference memory corruption attempt (specific-threats.rules)
 * 1:17626 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Windows embedded web font handling buffer overflow attempt (specific-threats.rules)
 * 1:1763 <-> DISABLED <-> WEB-CGI Nortel Contivity cgiproc DOS attempt (web-cgi.rules)
 * 1:17634 <-> ENABLED <-> NETBIOS DCERPC NCACN-IP-TCPbrightstor-arc function 0 little endian object call overflow attempt (netbios.rules)
 * 1:17635 <-> ENABLED <-> NETBIOS DCERPC NCACN-IP-TCPbrightstor-arc function 0 little endian overflow attempt (netbios.rules)
 * 1:17636 <-> ENABLED <-> NETBIOS DCERPC NCACN-IP-TCPbrightstor-arc function 0 object call overflow attempt (netbios.rules)
 * 1:17637 <-> ENABLED <-> NETBIOS DCERPC NCACN-IP-TCPbrightstor-arc function 0 overflow attempt (netbios.rules)
 * 1:1764 <-> DISABLED <-> WEB-CGI Nortel Contivity cgiproc DOS attempt (web-cgi.rules)
 * 1:17640 <-> ENABLED <-> NETBIOS DCERPC NCACN-IP-TCP brightstor opnum 43 overflow attempt (netbios.rules)
 * 1:1765 <-> DISABLED <-> WEB-CGI Nortel Contivity cgiproc access (web-cgi.rules)
 * 1:17651 <-> ENABLED <-> SPECIFIC-THREATS Multiple AV vendor invalid archive checksum bypass attempt (specific-threats.rules)
 * 1:17658 <-> ENABLED <-> SPECIFIC-THREATS Adobe Flash frame type identifier memory corruption attempt (specific-threats.rules)
 * 1:17662 <-> ENABLED <-> BAD-TRAFFIC Sun Solaris DHCP Client Arbitrary Code Execution attempt (bad-traffic.rules)
 * 1:17670 <-> ENABLED <-> WEB-ACTIVEX BigAnt Office Manager ActiveX clsid access (web-activex.rules)
 * 1:17671 <-> ENABLED <-> WEB-ACTIVEX BigAnt Office Manager ActiveX clsid unicode access (web-activex.rules)
 * 1:17672 <-> ENABLED <-> WEB-ACTIVEX BigAnt Office Manager ActiveX function call access (web-activex.rules)
 * 1:17673 <-> ENABLED <-> WEB-ACTIVEX BigAnt Office Manager ActiveX function call unicode access (web-activex.rules)
 * 1:17674 <-> ENABLED <-> WEB-ACTIVEX Skype Extras Manager ActiveX clsid access (web-activex.rules)
 * 1:17675 <-> ENABLED <-> WEB-ACTIVEX Skype Extras Manager ActiveX clsid unicode access (web-activex.rules)
 * 1:17676 <-> ENABLED <-> WEB-ACTIVEX Skype Extras Manager ActiveX function call access (web-activex.rules)
 * 1:17677 <-> ENABLED <-> WEB-ACTIVEX Skype Extras Manager ActiveX function call unicode access (web-activex.rules)
 * 1:17698 <-> ENABLED <-> SPECIFIC-THREATS RealNetworks RealPlayer wav chunk string overflow attempt in email (specific-threats.rules)
 * 1:17703 <-> ENABLED <-> SPECIFIC-THREATS Internet Explorer popup title bar spoofing attempt (specific-threats.rules)
 * 1:17704 <-> ENABLED <-> SPECIFIC-THREATS McAfee LHA file parsing buffer overflow attempt (specific-threats.rules)
 * 1:17707 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP trend-serverprotect trend_req_num buffer overflow attempt (netbios.rules)
 * 1:17712 <-> ENABLED <-> SPECIFIC-THREATS TFTP PUT Microsoft RIS filename overwrite attempt (specific-threats.rules)
 * 1:17714 <-> ENABLED <-> NETBIOS DCERPC NCACN-IP-TCP trend-serverprotect CMON_ActiveUpdate attempt (netbios.rules)
 * 1:17715 <-> ENABLED <-> NETBIOS DCERPC NCACN-IP-TCP trend-serverprotect CMON_ActiveUpdate attempt (netbios.rules)
 * 1:17716 <-> ENABLED <-> SPECIFIC-THREATS IBM Lotus Notes DOC attachment viewer buffer overflow (specific-threats.rules)
 * 1:17724 <-> ENABLED <-> SPECIFIC-THREATS malicious ASP file upload attempt (specific-threats.rules)
 * 1:17726 <-> ENABLED <-> SPECIFIC-THREATS Internet Explorer address bar spoofing attempt (specific-threats.rules)
 * 1:17727 <-> ENABLED <-> SPECIFIC-THREATS Sun JDK image parsing library ICC buffer overflow attempt (specific-threats.rules)
 * 1:1773 <-> DISABLED <-> WEB-PHP php.exe access (web-php.rules)
 * 1:17736 <-> ENABLED <-> SPECIFIC-THREATS McAfee LHA Type-2 file handling overflow attempt (specific-threats.rules)
 * 1:1774 <-> DISABLED <-> WEB-PHP bb_smilies.php access (web-php.rules)
 * 1:17745 <-> ENABLED <-> NETBIOS SMB TRANS2 Find_First2 request attempt (netbios.rules)
 * 1:1775 <-> DISABLED <-> MYSQL root login attempt (mysql.rules)
 * 1:1776 <-> DISABLED <-> MYSQL show databases attempt (mysql.rules)
 * 1:17777 <-> ENABLED <-> SPECIFIC-THREATS IBM Lotus Notes WPD attachment handling buffer overflow (specific-threats.rules)
 * 1:17818 <-> DISABLED <-> BLACKLIST DNS request for known malware domain ktr.t134.net (blacklist.rules)
 * 1:17819 <-> DISABLED <-> BLACKLIST DNS request for known malware domain motuh.com (blacklist.rules)
 * 1:17820 <-> DISABLED <-> BLACKLIST DNS request for known malware domain myanimalclips.com (blacklist.rules)
 * 1:17821 <-> DISABLED <-> BLACKLIST DNS request for known malware domain ketsymbol.com (blacklist.rules)
 * 1:17822 <-> DISABLED <-> BLACKLIST DNS request for known malware domain ics.hotbar.com (blacklist.rules)
 * 1:17823 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.myroitracking.com (blacklist.rules)
 * 1:17824 <-> DISABLED <-> BLACKLIST DNS request for known malware domain teenxmovs.net (blacklist.rules)
 * 1:17825 <-> DISABLED <-> BLACKLIST DNS request for known malware domain px.smowtion.com (blacklist.rules)
 * 1:17826 <-> DISABLED <-> BLACKLIST DNS request for known malware domain cheaps1.info (blacklist.rules)
 * 1:17827 <-> DISABLED <-> BLACKLIST DNS request for known malware domain sexmoviesland.net (blacklist.rules)
 * 1:17828 <-> DISABLED <-> BLACKLIST DNS request for known malware domain 67.201.36.16 (blacklist.rules)
 * 1:17829 <-> DISABLED <-> BLACKLIST DNS request for known malware domain c7.zxxds.net (blacklist.rules)
 * 1:17830 <-> DISABLED <-> BLACKLIST DNS request for known malware domain dickvsclit.net (blacklist.rules)
 * 1:17831 <-> DISABLED <-> BLACKLIST DNS request for known malware domain edrichfinearts.com (blacklist.rules)
 * 1:17832 <-> DISABLED <-> BLACKLIST DNS request for known malware domain img100.xvideos.com (blacklist.rules)
 * 1:17833 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.dsnextgen.com (blacklist.rules)
 * 1:17834 <-> DISABLED <-> BLACKLIST DNS request for known malware domain 343.boolans.com (blacklist.rules)
 * 1:17835 <-> DISABLED <-> BLACKLIST DNS request for known malware domain xpresdnet.com (blacklist.rules)
 * 1:17836 <-> DISABLED <-> BLACKLIST DNS request for known malware domain gbsup.com (blacklist.rules)
 * 1:17837 <-> DISABLED <-> BLACKLIST DNS request for known malware domain xxsmovies.com (blacklist.rules)
 * 1:17838 <-> DISABLED <-> BLACKLIST DNS request for known malware domain vc.iwriteweb.com (blacklist.rules)
 * 1:17839 <-> DISABLED <-> BLACKLIST DNS request for known malware domain js.222233.com (blacklist.rules)
 * 1:17840 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.grannyplanet.com (blacklist.rules)
 * 1:17841 <-> DISABLED <-> BLACKLIST DNS request for known malware domain coop.crwdcntrl.net (blacklist.rules)
 * 1:17842 <-> DISABLED <-> BLACKLIST DNS request for known malware domain extrahotx.net (blacklist.rules)
 * 1:16576 <-> DISABLED <-> EXPLOIT RealNetworks Helix AgentX receive_agentx stack buffer overflow attempt (exploit.rules)
 * 1:17843 <-> DISABLED <-> BLACKLIST DNS request for known malware domain extralargevideos.com (blacklist.rules)
 * 1:17844 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.derquda.com (blacklist.rules)
 * 1:17845 <-> DISABLED <-> BLACKLIST DNS request for known malware domain aahydrogen.com (blacklist.rules)
 * 1:17846 <-> DISABLED <-> BLACKLIST DNS request for known malware domain trumpetlicks.com (blacklist.rules)
 * 1:17847 <-> DISABLED <-> BLACKLIST DNS request for known malware domain mskla.com (blacklist.rules)
 * 1:17848 <-> DISABLED <-> BLACKLIST DNS request for known malware domain play.unionsky.cn (blacklist.rules)
 * 1:17849 <-> DISABLED <-> BLACKLIST DNS request for known malware domain fuckersucker.com (blacklist.rules)
 * 1:17850 <-> DISABLED <-> BLACKLIST DNS request for known malware domain pornfucklist.com (blacklist.rules)
 * 1:17851 <-> DISABLED <-> BLACKLIST DNS request for known malware domain game.685faiudeme.com (blacklist.rules)
 * 1:17852 <-> DISABLED <-> BLACKLIST DNS request for known malware domain 447.cc (blacklist.rules)
 * 1:17853 <-> DISABLED <-> BLACKLIST DNS request for known malware domain dommonview.com (blacklist.rules)
 * 1:17854 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.lamiaexragazza.com (blacklist.rules)
 * 1:17855 <-> DISABLED <-> BLACKLIST DNS request for known malware domain acofinder.com (blacklist.rules)
 * 1:17856 <-> DISABLED <-> BLACKLIST DNS request for known malware domain fuckfuckvids.com (blacklist.rules)
 * 1:17857 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.cnhack.cn (blacklist.rules)
 * 1:17858 <-> DISABLED <-> BLACKLIST DNS request for known malware domain kingsizematures.com (blacklist.rules)
 * 1:17859 <-> DISABLED <-> BLACKLIST DNS request for known malware domain promotds.com (blacklist.rules)
 * 1:17860 <-> DISABLED <-> BLACKLIST DNS request for known malware domain mejac.com (blacklist.rules)
 * 1:17861 <-> DISABLED <-> BLACKLIST DNS request for known malware domain zq2.9wee.com (blacklist.rules)
 * 1:17862 <-> DISABLED <-> BLACKLIST DNS request for known malware domain 122.770304123.cn (blacklist.rules)
 * 1:17863 <-> DISABLED <-> BLACKLIST DNS request for known malware domain rpt2.21civ.com (blacklist.rules)
 * 1:17864 <-> DISABLED <-> BLACKLIST DNS request for known malware domain tubexxxmatures.com (blacklist.rules)
 * 1:17865 <-> DISABLED <-> BLACKLIST DNS request for known malware domain 110.770304123.cn (blacklist.rules)
 * 1:17866 <-> DISABLED <-> BLACKLIST DNS request for known malware domain aebankonline.com (blacklist.rules)
 * 1:17867 <-> DISABLED <-> BLACKLIST DNS request for known malware domain utm.trk.myfuncards.com (blacklist.rules)
 * 1:17868 <-> DISABLED <-> BLACKLIST DNS request for known malware domain a.qq2233.com (blacklist.rules)
 * 1:17869 <-> DISABLED <-> BLACKLIST DNS request for known malware domain px.mgplatform.com (blacklist.rules)
 * 1:1787 <-> DISABLED <-> WEB-CGI csPassword.cgi access (web-cgi.rules)
 * 1:17870 <-> DISABLED <-> BLACKLIST DNS request for known malware domain trojan8.com (blacklist.rules)
 * 1:17871 <-> DISABLED <-> BLACKLIST DNS request for known malware domain brutalxvideos.com (blacklist.rules)
 * 1:17872 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www3.sexown.com (blacklist.rules)
 * 1:17873 <-> DISABLED <-> BLACKLIST DNS request for known malware domain mummimpegs.com (blacklist.rules)
 * 1:17874 <-> DISABLED <-> BLACKLIST DNS request for known malware domain f19dd4abb8b8bdf2.cn (blacklist.rules)
 * 1:17875 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.very-young-boys.com (blacklist.rules)
 * 1:17876 <-> DISABLED <-> BLACKLIST DNS request for known malware domain 91629.com (blacklist.rules)
 * 1:17877 <-> DISABLED <-> BLACKLIST DNS request for known malware domain animal36.com (blacklist.rules)
 * 1:17878 <-> DISABLED <-> BLACKLIST DNS request for known malware domain ayb.host127-0-0-1.com (blacklist.rules)
 * 1:17879 <-> DISABLED <-> BLACKLIST DNS request for known malware domain cfg.353wanwan.com (blacklist.rules)
 * 1:1788 <-> DISABLED <-> WEB-CGI csPassword password.cgi.tmp access (web-cgi.rules)
 * 1:17880 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.027dj.com (blacklist.rules)
 * 1:17881 <-> DISABLED <-> BLACKLIST DNS request for known malware domain fucktosky.com (blacklist.rules)
 * 1:17882 <-> DISABLED <-> BLACKLIST DNS request for known malware domain procca.com (blacklist.rules)
 * 1:17883 <-> DISABLED <-> BLACKLIST DNS request for known malware domain autouploaders.net (blacklist.rules)
 * 1:17884 <-> DISABLED <-> BLACKLIST DNS request for known malware domain gimmemyporn.com (blacklist.rules)
 * 1:17885 <-> DISABLED <-> BLACKLIST DNS request for known malware domain waytoall.com (blacklist.rules)
 * 1:17886 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.spamature.com (blacklist.rules)
 * 1:17887 <-> DISABLED <-> BLACKLIST DNS request for known malware domain info.collectionerrorreport.com (blacklist.rules)
 * 1:17888 <-> DISABLED <-> BLACKLIST DNS request for known malware domain bn.xp1.ru4.com (blacklist.rules)
 * 1:17889 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.ajie520.com (blacklist.rules)
 * 1:17890 <-> DISABLED <-> BLACKLIST DNS request for known malware domain 114search1.118114.cn (blacklist.rules)
 * 1:17891 <-> DISABLED <-> BLACKLIST DNS request for known malware domain bestkind.ru (blacklist.rules)
 * 1:17892 <-> DISABLED <-> BLACKLIST DNS request for known malware domain clickpotato.tv (blacklist.rules)
 * 1:17893 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.zxc0001.com (blacklist.rules)
 * 1:17894 <-> DISABLED <-> BLACKLIST DNS request for known malware domain streq.cn (blacklist.rules)
 * 1:17895 <-> DISABLED <-> BLACKLIST DNS request for known malware domain pyow.prixi-soft.ir (blacklist.rules)
 * 1:17896 <-> DISABLED <-> BLACKLIST DNS request for known malware domain 113552url.cptgt.com (blacklist.rules)
 * 1:17897 <-> DISABLED <-> BLACKLIST DNS request for known malware domain www.moneytw8.com (blacklist.rules)
 * 1:17898 <-> DISABLED <-> BLACKLIST URI request for known malicious URI - /get2.php?c=VTOXUGUI&d= (blacklist.rules)
 * 1:17899 <-> DISABLED <-> BLACKLIST URI request for known malicious URI - /reques0.asp?kind=006&mac= (blacklist.rules)
 * 1:17900 <-> DISABLED <-> BLACKLIST URI request for known malicious URI - /basic/cn3c2/c.*dll (blacklist.rules)
 * 1:17901 <-> DISABLED <-> BLACKLIST URI request for known malicious URI - /mybackup21.rar (blacklist.rules)
 * 1:17902 <-> DISABLED <-> BLACKLIST URI request for known malicious URI - /?getexe=loader.exe (blacklist.rules)
 * 1:17903 <-> DISABLED <-> BLACKLIST URI request for known malicious URI - stid= (blacklist.rules)
 * 1:17904 <-> DISABLED <-> BLACKLIST URI request for known malicious URI - /tongji.js (blacklist.rules)
 * 1:17905 <-> DISABLED <-> BLACKLIST URI request for known malicious URI - 1de49069b6044785e9dfcd4c035cfd0c.php (blacklist.rules)
 * 1:17906 <-> DISABLED <-> BLACKLIST URI request for known malicious URI - 2x/.*php (blacklist.rules)
 * 1:17907 <-> DISABLED <-> BLACKLIST URI request for known malicious URI - /MNG/Download/?File=AZF|DATADIR|Download (blacklist.rules)
 * 1:17908 <-> DISABLED <-> BLACKLIST URI request for known malicious URI - /images/crypt_22.exe (blacklist.rules)
 * 1:17909 <-> DISABLED <-> BLACKLIST URI request for known malicious URI - /images/css/1.exe (blacklist.rules)
 * 1:17910 <-> DISABLED <-> BLACKLIST URI request for known malicious URI - /7xdown.exe (blacklist.rules)
 * 1:17911 <-> DISABLED <-> BLACKLIST URI request for known malicious URI - /winhelper.exe (blacklist.rules)
 * 1:17912 <-> DISABLED <-> BLACKLIST URI request for known malicious URI - /upopwin/count.asp?mac= (blacklist.rules)
 * 1:17913 <-> DISABLED <-> BLACKLIST URI request for known malicious URI - /ok.exe (blacklist.rules)
 * 1:17914 <-> DISABLED <-> BLACKLIST URI request for known malicious URI - /LjBin/Bin.Dll (blacklist.rules)
 * 1:17915 <-> DISABLED <-> BLACKLIST URI request for known malicious URI - /1001ns/cfg3n.bin (blacklist.rules)
 * 1:17916 <-> DISABLED <-> BLACKLIST URI request for known malicious URI - /dh/stats.bin (blacklist.rules)
 * 1:17917 <-> DISABLED <-> BLACKLIST URI request for known malicious URI - /zeus/config.bin (blacklist.rules)
 * 1:1805 <-> DISABLED <-> WEB-CGI Oracle reports CGI access (web-cgi.rules)
 * 1:18079 <-> DISABLED <-> BLACKLIST DNS request for known malware domain jsshmz.gotoip4.com (blacklist.rules)
 * 1:18080 <-> DISABLED <-> BLACKLIST DNS request for known malware domain netrand.house.sina.com.cn (blacklist.rules)
 * 1:18081 <-> DISABLED <-> BLACKLIST DNS request for known malware domain wenyixuan.3322.org (blacklist.rules)
 * 1:18082 <-> ENABLED <-> BLACKLIST DNS request for known malware domain 3q.sbwanwan.com (blacklist.rules)
 * 1:18083 <-> ENABLED <-> BLACKLIST DNS request for known malware domain 863.dclsba.com (blacklist.rules)
 * 1:18084 <-> ENABLED <-> BLACKLIST DNS request for known malware domain drs317a.gotoip4.com (blacklist.rules)
 * 1:18085 <-> ENABLED <-> BLACKLIST DNS request for known malware domain jsshmz.gotoip4.com (blacklist.rules)
 * 1:18086 <-> ENABLED <-> BLACKLIST DNS request for known malware domain qq.sbwanwan.com (blacklist.rules)
 * 1:18087 <-> ENABLED <-> BLACKLIST DNS request for known malware domain tiantianzaixian.gotoip1.com (blacklist.rules)
 * 1:18088 <-> ENABLED <-> BLACKLIST DNS request for known malware domain wenyixuan.3322.org (blacklist.rules)
 * 1:18089 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.auto328.com (blacklist.rules)
 * 1:18090 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.comstelecom.com (blacklist.rules)
 * 1:18091 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.goodfriends.or.kr (blacklist.rules)
 * 1:18092 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.hao1345.com (blacklist.rules)
 * 1:18093 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.opusgame.com (blacklist.rules)
 * 1:18094 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.theoffstage.com (blacklist.rules)
 * 1:18095 <-> ENABLED <-> BLACKLIST DNS request for known malware domain www.wwmei.com (blacklist.rules)
 * 1:18097 <-> ENABLED <-> WEB-ACTIVEX VMWare Remote Console Plug-In ActiveX clsid access (web-activex.rules)
 * 1:18098 <-> ENABLED <-> BLACKLIST URI request for known malicious URI - /set/first.html (blacklist.rules)
 * 1:18099 <-> ENABLED <-> BLACKLIST URI request for known malicious URI - /cfg/*.plug (blacklist.rules)
 * 1:1810 <-> DISABLED <-> SPECIFIC-THREATS successful gobbles ssh exploit GOBBLE (specific-threats.rules)
 * 1:18100 <-> ENABLED <-> BOTNET-CNC Tidserv malware command and control channel traffic (botnet-cnc.rules)
 * 1:18103 <-> ENABLED <-> BLACKLIST DNS request for known malware domain 5yvod.net (blacklist.rules)
 * 1:18104 <-> ENABLED <-> BLACKLIST DNS request for known malware domain b.9s3.info (blacklist.rules)
 * 1:18105 <-> ENABLED <-> BLACKLIST DNS request for known malware domain baidutaobao.gotoip55.com (blacklist.rules)
 * 1:18106 <-> ENABLED <-> BLACKLIST DNS request for known malware domain e.msssm.com (blacklist.rules)
 * 1:10011 <-> DISABLED <-> IMAP Novell NetMail APPEND command buffer overflow attempt (imap.rules)
 * 1:10024 <-> ENABLED <-> NETBIOS DCERPC NCACN-IP-TCP brightstor-arc ClientDBMiniAgentClose attempt (netbios.rules)
 * 1:10030 <-> ENABLED <-> NETBIOS DCERPC NCACN-IP-TCP brightstor QSIGetQueuePath_Function_45 overflow attempt (netbios.rules)
 * 1:10036 <-> ENABLED <-> NETBIOS DCERPC NCACN-IP-TCP brightstor ASRemotePFC overflow attempt (netbios.rules)
 * 1:10084 <-> DISABLED <-> WEB-ACTIVEX NCTAudioFile2 ActiveX clsid access (web-activex.rules)
 * 1:10085 <-> DISABLED <-> WEB-ACTIVEX NCTAudioFile2 ActiveX clsid unicode access (web-activex.rules)
 * 1:10086 <-> DISABLED <-> WEB-ACTIVEX NCTAudioFile2 ActiveX function call access (web-activex.rules)
 * 1:10117 <-> ENABLED <-> NETBIOS DCERPC NCACN-IP-TCP brightstor-arc GetGCBHandleFromGroupName overflow attempt (netbios.rules)
 * 1:10136 <-> DISABLED <-> TELNET Solaris login environment variable authentication bypass attempt (telnet.rules)
 * 3:13471 <-> ENABLED <-> EXPLOIT Microsoft Publisher invalid pathname overwrite (exploit.rules)
 * 3:13571 <-> ENABLED <-> WEB-CLIENT Microsoft Excel dval record arbitrary code excecution attempt (web-client.rules)
 * 3:13677 <-> ENABLED <-> EXPLOIT Microsoft Internet Explorer data stream memory corruption attempt (exploit.rules)
 * 3:13828 <-> ENABLED <-> WEB-ACTIVEX sapi.dll ActiveX clsid access (web-activex.rules)
 * 3:13830 <-> ENABLED <-> WEB-ACTIVEX sapi.dll alternate killbit ActiveX clsid access (web-activex.rules)
 * 3:13832 <-> ENABLED <-> WEB-ACTIVEX backweb ActiveX clsid access (web-activex.rules)
 * 3:13834 <-> ENABLED <-> WEB-CLIENT Microsoft Internet Explorer request header overwrite (web-client.rules)
 * 3:13960 <-> ENABLED <-> WEB-CLIENT Microsoft Internet Explorer static text range overflow attempt (web-client.rules)
 * 3:13964 <-> ENABLED <-> WEB-CLIENT Microsoft Internet Explorer span frontier parsing memory corruption (web-client.rules)
 * 3:13965 <-> ENABLED <-> WEB-ACTIVEX Microsoft Message System ActiveX clsid access (web-activex.rules)
 * 3:13967 <-> ENABLED <-> WEB-ACTIVEX Microsoft Message System ActiveX function call access (web-activex.rules)
 * 3:13979 <-> ENABLED <-> WEB-CLIENT Microsoft Windows Event System Subscription VBScript access (web-client.rules)
 * 3:14261 <-> ENABLED <-> WEB-CLIENT GDI VML gradient size heap overflow attempt (web-client.rules)
 * 3:14645 <-> ENABLED <-> WEB-CLIENT Microsoft Internet Explorer cross domain setExpression exploit attempt (web-client.rules)
 * 3:14710 <-> ENABLED <-> NETBIOS DCERPC NCACN-IP-TCP spoolss EnumJobs attempt (netbios.rules)
 * 3:15011 <-> ENABLED <-> WEB-CLIENT Microsoft XML core services cross-domain information disclosure attempt (web-client.rules)
 * 3:15083 <-> ENABLED <-> EXPLOIT Microsoft Word .rtf file double free attempt (exploit.rules)
 * 3:15088 <-> ENABLED <-> WEB-ACTIVEX Microsoft Visual Basic Charts ActiveX clsid access (web-activex.rules)
 * 3:15090 <-> ENABLED <-> WEB-ACTIVEX Microsoft Visual Basic Charts ActiveX function call access (web-activex.rules)
 * 3:15092 <-> ENABLED <-> WEB-ACTIVEX Microsoft Visual Basic DataGrid ActiveX clsid access (web-activex.rules)
 * 3:15094 <-> ENABLED <-> WEB-ACTIVEX Microsoft Visual Basic DataGrid ActiveX function call access (web-activex.rules)
 * 3:15118 <-> ENABLED <-> WEB-ACTIVEX Microsoft Visual Basic Winsock ActiveX clsid access (web-activex.rules)
 * 3:15120 <-> ENABLED <-> WEB-ACTIVEX Microsoft Visual Basic Winsock ActiveX function call access (web-activex.rules)
 * 3:15305 <-> ENABLED <-> WEB-CLIENT Microsoft Internet Explorer dynamic style update memory corruption attempt (web-client.rules)
 * 3:15451 <-> ENABLED <-> EXPLOIT possible Conficker.C HTTP traffic 1 (exploit.rules)
 * 3:15452 <-> ENABLED <-> EXPLOIT possible Conficker.C HTTP traffic 2 (exploit.rules)
 * 3:15462 <-> ENABLED <-> WEB-CLIENT Multiple web browsers HTTP chunked transfer-encoding memory corruption attempt (web-client.rules)
 * 3:15469 <-> ENABLED <-> WEB-CLIENT Microsoft WordPad and Office text converters integer underflow attempt (web-client.rules)
 * 3:15501 <-> ENABLED <-> WEB-CLIENT Microsoft Powerpoint ParaBuildAtom memory corruption attempt (web-client.rules)
 * 3:15502 <-> ENABLED <-> WEB-CLIENT Microsoft Powerpoint DiagramBuildContainer memory corruption attempt (web-client.rules)
 * 3:15535 <-> ENABLED <-> WEB-CLIENT IE setCapture heap corruption exploit attempt (web-client.rules)
 * 3:15539 <-> ENABLED <-> WEB-CLIENT Microsoft Office Excel Formula record remote code execution attempt (web-client.rules)
 * 3:15695 <-> ENABLED <-> WEB-CLIENT Embedded Open Type Font malformed name table platform type 3 integer overflow attempt  (web-client.rules)
 * 3:15731 <-> ENABLED <-> EXPLOIT javascript deleted reference arbitrary code execution attempt (exploit.rules)
 * 3:16151 <-> ENABLED <-> WEB-CLIENT Internet Explorer unitialized or deleted object access attempt (web-client.rules)
 * 3:16169 <-> ENABLED <-> WEB-CLIENT Microsoft Internet Explorer dynamic style update memory corruption attempt (web-client.rules)
 * 3:16221 <-> ENABLED <-> EXPLOIT Microsoft ISA and Forefront Threat Management Web Proxy TCP Listener denial of service attempt (exploit.rules)
 * 3:16225 <-> ENABLED <-> EXPLOIT Adobe Shockwave arbitrary memory access attempt (exploit.rules)
 * 3:16229 <-> ENABLED <-> WEB-CLIENT Microsoft Excel oversized ib memory corruption attempt (web-client.rules)
 * 3:16235 <-> ENABLED <-> EXPLOIT Microsoft Excel file SXDB record exploit attempt (exploit.rules)
 * 3:16236 <-> ENABLED <-> EXPLOIT Microsoft Excel file SxView record exploit attempt (exploit.rules)
 * 3:16237 <-> ENABLED <-> DOS Microsoft Active Directory NTDSA stack space exhaustion attempt (dos.rules)
 * 3:16240 <-> ENABLED <-> EXPLOIT Microsoft Excel file Window/Pane record exploit attempt (exploit.rules)
 * 3:16294 <-> ENABLED <-> EXPLOIT Microsoft Windows TCP stack zero window size exploit attempt (exploit.rules)
 * 3:16317 <-> ENABLED <-> EXPLOIT Internet Explorer mouse move during refresh memory corruption attempt (exploit.rules)
 * 3:16328 <-> ENABLED <-> EXPLOIT Microsoft Office Project file parsing arbitrary memory access attempt (exploit.rules)
 * 3:16329 <-> ENABLED <-> EXPLOIT Microsoft Internet Authentication Service EAP-MSCHAPv2 authentication bypass attempt (exploit.rules)
 * 3:16366 <-> ENABLED <-> EXPLOIT Microsoft embedded OpenType font engine LZX decompression buffer overflow attempt (exploit.rules)
 * 3:16371 <-> ENABLED <-> WEB-ACTIVEX NOS Microsystems Adobe atl_getcom ActiveX clsid access (web-activex.rules)
 * 3:16386 <-> ENABLED <-> WEB-ACTIVEX AcroPDF.PDF ActiveX clsid access (web-activex.rules)
 * 3:16397 <-> ENABLED <-> NETBIOS SMB andx invalid server name share access (netbios.rules)
 * 3:16398 <-> ENABLED <-> NETBIOS SMB invalid server name share access (netbios.rules)
 * 3:16399 <-> ENABLED <-> NETBIOS SMB unicode andx invalid server name share access (netbios.rules)
 * 3:16400 <-> ENABLED <-> NETBIOS SMB unicode invalid server name share access (netbios.rules)
 * 3:16401 <-> ENABLED <-> NETBIOS-DG SMB andx invalid server name share access (netbios.rules)
 * 3:16402 <-> ENABLED <-> NETBIOS-DG SMB invalid server name share access (netbios.rules)
 * 3:16403 <-> ENABLED <-> NETBIOS-DG SMB unicode andx invalid server name share access (netbios.rules)
 * 3:16404 <-> ENABLED <-> NETBIOS-DG SMB unicode invalid server name share access (netbios.rules)
 * 3:16419 <-> ENABLED <-> WEB-ACTIVEX Microsoft Data Analyzer 3.5 ActiveX clsid access (web-activex.rules)
 * 3:16421 <-> ENABLED <-> EXPLOIT Microsoft PowerPoint out of bounds value remote code execution attempt (exploit.rules)
 * 3:16422 <-> ENABLED <-> EXPLOIT JPEG with malformed SOFx field (exploit.rules)
 * 3:16503 <-> ENABLED <-> EXPLOIT Microsoft Internet Explorer event handling remote code execution attempt (exploit.rules)
 * 3:16504 <-> ENABLED <-> EXPLOIT Microsoft Internet Explorer 7 encoded content handling exploit attempt (exploit.rules)
 * 3:16509 <-> ENABLED <-> EXPLOIT Microsoft Internet Explorer designMode-enabled information disclosure attempt (exploit.rules)
 * 3:16512 <-> ENABLED <-> EXPLOIT IE malformed span/div html document heap corruption attempt (exploit.rules)
 * 3:16534 <-> ENABLED <-> DOS Windows Server2000/2003/2008 SMTP service DNS MX lookup denial of service attempt (dos.rules)
 * 3:16540 <-> ENABLED <-> NETBIOS SMB2 client NetBufferList NULL entry remote code execution attempt (netbios.rules)
 * 3:16542 <-> ENABLED <-> EXPLOIT Microsoft Publisher 2007 and earlier stack buffer overflow attempt (exploit.rules)
 * 3:16561 <-> ENABLED <-> EXPLOIT Adobe Photoshop CS4 TIFF file exploit attempt - 1 (exploit.rules)
 * 3:16562 <-> ENABLED <-> EXPLOIT Adobe Photoshop CS4 TIFF file exploit attempt - 2 (exploit.rules)
 * 3:16563 <-> ENABLED <-> EXPLOIT Adobe Photoshop CS4 TIFF file exploit attempt - 3 (exploit.rules)
 * 3:16564 <-> ENABLED <-> EXPLOIT Adobe Photoshop CS4 TIFF file exploit attempt - 4 (exploit.rules)
 * 3:16577 <-> ENABLED <-> NETBIOS Microsoft Windows SMBv2 compound request DoS attempt (netbios.rules)
 * 3:16659 <-> ENABLED <-> EXPLOIT Microsoft Internet Explorer style sheet array memory corruption attempt (exploit.rules)
 * 3:16660 <-> ENABLED <-> DOS SharePoint Server 2007 help.aspx denial of service attempt (dos.rules)
 * 3:17037 <-> ENABLED <-> WEB-ACTIVEX MS Access multiple control instantiation memory corruption attempt (web-activex.rules)
 * 3:17125 <-> ENABLED <-> NETBIOS SMB Trans2 MaxDataCount overflow attempt (netbios.rules)
 * 3:17126 <-> ENABLED <-> NETBIOS SMB large session length with small packet (netbios.rules)
 * 3:17127 <-> ENABLED <-> NETBIOS BytesIndicated validation dos attempt (netbios.rules)
 * 3:17132 <-> ENABLED <-> EXPLOIT Microsoft Internet Explorer invalid object access attempt (exploit.rules)
 * 3:17255 <-> ENABLED <-> EXPLOIT Microsoft IIS FastCGI heap overflow attempt (exploit.rules)
 * 3:17720 <-> ENABLED <-> WEB-CLIENT Microsoft Internet Explorer static text range overflow attempt (web-client.rules)
 * 3:17750 <-> ENABLED <-> DOS Microsoft IIS 7.5 client verify null pointer attempt (dos.rules)
 * 3:17766 <-> ENABLED <-> EXPLOIT IE8 XSS in toStaticHTML API attempt (exploit.rules)
 * 3:17772 <-> ENABLED <-> WEB-ACTIVEX Microsoft Scriptlet Component ActiveX clsid access (web-activex.rules)
 * 3:18069 <-> ENABLED <-> WEB-CLIENT Microsoft Office Art drawing invalid shape identifier attempt (web-client.rules)
 * 3:18197 <-> ENABLED <-> WEB-ACTIVEX Microsoft COleSite ActiveX memory corruption attempt (web-activex.rules)
 * 3:18198 <-> ENABLED <-> WEB-ACTIVEX Microsoft COleSite ActiveX memory corruption attempt (web-activex.rules)
 * 3:18199 <-> ENABLED <-> WEB-ACTIVEX Microsoft COleSite ActiveX memory corruption attempt (web-activex.rules)
 * 3:18202 <-> ENABLED <-> WEB-CLIENT Windows Address Book smmscrpt.dll malicious DLL load (web-client.rules)
 * 3:18203 <-> ENABLED <-> NETBIOS Windows Address Book smmscrpt.dll malicious DLL load (netbios.rules)
 * 3:18204 <-> ENABLED <-> WEB-CLIENT Windows Address Book wab32res.dll malicious DLL load (web-client.rules)
 * 3:18205 <-> ENABLED <-> WEB-CLIENT Windows Address Book msoeres32.dll malicious DLL load (web-client.rules)
 * 3:18206 <-> ENABLED <-> NETBIOS Windows Address Book wab32res.dll malicious DLL load (netbios.rules)
 * 3:18207 <-> ENABLED <-> NETBIOS Windows Address Book msoeres32.dll malicious DLL load (netbios.rules)
 * 3:18218 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer html time manipulation attempt (specific-threats.rules)
 * 3:18235 <-> ENABLED <-> WEB-CLIENT Microsoft Office PICT graphics converter memory corruption attempt (web-client.rules)
 * 3:18297 <-> ENABLED <-> WEB-CLIENT Microsoft Windows Comctl32.dll third-party SVG viewer heap overflow attempt (web-client.rules)
 * 3:18448 <-> ENABLED <-> SPECIFIC-THREATS Adobe Acrobat Universal 3D stream memory corruption attempt (specific-threats.rules)
 * 3:18449 <-> ENABLED <-> SPECIFIC-THREATS Adobe Acrobat font definition memory corruption attempt (specific-threats.rules)
 * 3:18451 <-> ENABLED <-> SPECIFIC-THREATS Adobe Acrobat ICC color integer overflow attempt (specific-threats.rules)
 * 3:18453 <-> ENABLED <-> SPECIFIC-THREATS Adobe Acrobat universal 3D format memory corruption attempt (specific-threats.rules)
 * 3:18454 <-> ENABLED <-> SPECIFIC-THREATS Adobe Acrobat universal 3D format memory corruption attempt (specific-threats.rules)