Sourcefire VRT Rules Update

Date: 2011-12-01

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2.9.1.2.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:20625 <-> DISABLED <-> WEB-PHP Venom Board SQL injection attempt (web-php.rules)
 * 1:20624 <-> DISABLED <-> WEB-PHP Venom Board SQL injection attempt (web-php.rules)
 * 1:20623 <-> DISABLED <-> WEB-PHP Venom Board SQL injection attempt  (web-php.rules)
 * 1:20622 <-> ENABLED <-> SPECIFIC-THREATS Java Applet Rhino script engine remote code execution attempt (specific-threats.rules)
 * 1:20621 <-> ENABLED <-> FILE-IDENTIFY JAR file download request (file-identify.rules)
 * 1:20620 <-> DISABLED <-> WEB-CLIENT CoreHTTP Long buffer overflow attempt (web-client.rules)
 * 1:20619 <-> DISABLED <-> SPECIFIC-THREATS CoreHTTP Long buffer overflow attempt (specific-threats.rules)
 * 1:20618 <-> DISABLED <-> EXPLOIT Sage SalesLogix database credential disclosure attempt (exploit.rules)
 * 1:20617 <-> DISABLED <-> EXPLOIT Sage SalesLogix admin authentication bypass attempt (exploit.rules)
 * 1:20616 <-> DISABLED <-> WEB-CLIENT Peercast Basic HTTP authentication buffer overflow attempt (web-client.rules)
 * 1:20615 <-> DISABLED <-> WEB-PHP Wordcircle SQL injection attempt (web-php.rules)
 * 1:20614 <-> DISABLED <-> EXPLOIT Axigen POP3 server remote format string exploit (exploit.rules)
 * 1:20613 <-> DISABLED <-> DELETED SPECIFIC-THREATS Apache Tomcat Java AJP connector invalid header timeout denial of service attempt (deleted.rules)
 * 1:20612 <-> ENABLED <-> SPECIFIC-THREATS Apache Tomcat Java AJP connector invalid header timeout DOS attempt (specific-threats.rules)
 * 1:20611 <-> DISABLED <-> EXPLOIT BOOTP overflow (exploit.rules)
 * 1:20610 <-> ENABLED <-> WEB-CLIENT Adobe Shockwave Flash Flex authoring tool XSS exploit attempt (web-client.rules)
 * 1:20609 <-> ENABLED <-> EXPLOIT Sunway ForceControl SNMP NetDBServer stack buffer overflow attempt (exploit.rules)
 * 1:20608 <-> ENABLED <-> WEB-CLIENT Novell Groupwise internet agent http uri buffer overflow attempt (web-client.rules)
 * 1:20607 <-> ENABLED <-> WEB-CLIENT Novell Groupwise internet agent http uri buffer overflow attempt (web-client.rules)
 * 1:20606 <-> ENABLED <-> BOTNET-CNC Backdoor.Win32.Domsingx.A connect to cnc-server attempt (botnet-cnc.rules)
 * 1:20605 <-> ENABLED <-> BOTNET-CNC Backdoor.Win32.R2d2.A contact to cnc server attempt (botnet-cnc.rules)
 * 1:20604 <-> ENABLED <-> BOTNET-CNC Trojan.Win32.Buzus.isqy trojan phishing attempt (botnet-cnc.rules)
 * 1:20603 <-> DISABLED <-> EXPLOIT Microsoft Windows RSH daemon buffer overflow (exploit.rules)
 * 1:20602 <-> ENABLED <-> RSERVICES rlogin guest (rservices.rules)
 * 1:20601 <-> ENABLED <-> RSERVICES rlogin nobody (rservices.rules)
 * 1:20600 <-> DISABLED <-> SPECIFIC-THREATS Mozilla Products SVG text content element getCharNumAtPosition use after free attempt (specific-threats.rules)
 * 1:20599 <-> ENABLED <-> BOTNET-CNC Trojan.Win32.Smoaler.A trojan injection attempt (botnet-cnc.rules)
 * 1:20598 <-> ENABLED <-> BOTNET-CNC Trojan.Win32.Smoaler.A trojan injection attempt (botnet-cnc.rules)
 * 1:20597 <-> ENABLED <-> BOTNET-CNC Trojan.Win32.Smoaler.A trojan injection attempt (botnet-cnc.rules)
 * 1:20596 <-> ENABLED <-> BOTNET-CNC Trojan.Win32.Smoaler.A trojan injection attempt (botnet-cnc.rules)
 * 1:20595 <-> ENABLED <-> BOTNET-CNC Backdoor.Win32.Ixeshe.F backdoor access attempt (botnet-cnc.rules)
 * 1:20594 <-> ENABLED <-> ORACLE Outside In CorelDRAW file parser integer overflow attempt (oracle.rules)
 * 1:20593 <-> DISABLED <-> WEB-CLIENT Apple Safari Webkit libxslt arbitrary file creation attempt (web-client.rules)
 * 1:20592 <-> ENABLED <-> WEB-ACTIVEX Flexera InstallShield ISGrid2.dll DoFindReplace heap buffer overlow ActiveX function call access (web-activex.rules)
 * 1:20591 <-> ENABLED <-> WEB-ACTIVEX Flexera InstallShield ISGrid2.dll DoFindReplace heap buffer overlow ActiveX clsid access (web-activex.rules)
 * 1:20590 <-> ENABLED <-> WEB-CLIENT Microsoft Office PowerPoint out of bounds value remote code execution attempt (web-client.rules)

Modified Rules:


 * 1:20034 <-> DISABLED <-> EXPLOIT ESTsoft ALZip MIM File Buffer Overflow Attempt (exploit.rules)
 * 1:20049 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Excel SLK file excessive Picture records exploit attempt (specific-threats.rules)
 * 1:20050 <-> DISABLED <-> SPECIFIC-THREATS Adobe Flash Player memory consumption vulnerability (specific-threats.rules)
 * 1:20053 <-> DISABLED <-> SPECIFIC-THREATS MySQL Database SELECT subquery denial of service attempt (specific-threats.rules)
 * 1:20055 <-> DISABLED <-> SPECIFIC-THREATS Oracle Java runtime JPEGImageReader overflow attempt (specific-threats.rules)
 * 1:20059 <-> DISABLED <-> SPECIFIC-THREATS Apple Quicktime PictureViewer GIF rendering vulnerability (specific-threats.rules)
 * 1:20062 <-> DISABLED <-> EXPLOIT Microsoft Office Excel File Importing Code Execution (exploit.rules)
 * 1:20070 <-> ENABLED <-> FILE-IDENTIFY BIN file download request (file-identify.rules)
 * 1:20073 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (specific-threats.rules)
 * 1:20110 <-> ENABLED <-> EXPLOIT Nullsoft Winamp Ultravox streaming malicious metadata (exploit.rules)
 * 1:20113 <-> ENABLED <-> EXPLOIT Microsoft Sharepoint XSS vulnerability attempt (exploit.rules)
 * 1:20115 <-> ENABLED <-> EXPLOIT Microsoft Sharepoint XML external entity exploit attempt (exploit.rules)
 * 1:20117 <-> ENABLED <-> EXPLOIT Microsoft SharePoint XSS (exploit.rules)
 * 1:20129 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office BpscBulletProof uninitialized pointer dereference attempt (specific-threats.rules)
 * 1:20131 <-> ENABLED <-> SPECIFIC-THREATS Adobe Flash Player ActionScript callMethod type confusion attempt (specific-threats.rules)
 * 1:20134 <-> ENABLED <-> EXPLOIT HP OpenView Storage Data Protector buffer overflow attempt (exploit.rules)
 * 1:20145 <-> ENABLED <-> SPECIFIC-THREATS Adobe Reader embedded PICT parsing corruption attempt (specific-threats.rules)
 * 1:20147 <-> ENABLED <-> SPECIFIC-THREATS Adobe Reader embedded PICT parsing corruption attempt (specific-threats.rules)
 * 1:20148 <-> ENABLED <-> SPECIFIC-THREATS Adobe Reader embedded PICT parsing corruption attempt (specific-threats.rules)
 * 1:20150 <-> DISABLED <-> SPECIFIC-THREATS Adobe Reader embedded PCX parsing corruption attempt (specific-threats.rules)
 * 1:20152 <-> DISABLED <-> SPECIFIC-THREATS Adobe Acrobat GDI object leak memory corruption attempt (specific-threats.rules)
 * 1:20153 <-> DISABLED <-> SPECIFIC-THREAT Adobe Acrobat embedded JPEG file APP0 chunk memory corruption attempt (specific-threats.rules)
 * 1:20173 <-> DISABLED <-> SCADA Cogent DataHub server-side information disclosure (scada.rules)
 * 1:20174 <-> DISABLED <-> SCADA Cogent DataHub server-side information disclosure (scada.rules)
 * 1:20207 <-> ENABLED <-> SCADA Cogent unicode buffer overflow (scada.rules)
 * 1:20208 <-> ENABLED <-> SCADA Cogent unicode buffer overflow (scada.rules)
 * 1:20209 <-> ENABLED <-> SCADA Cogent unicode buffer overflow (scada.rules)
 * 1:20210 <-> ENABLED <-> SCADA Cogent unicode buffer overflow (scada.rules)
 * 1:20223 <-> ENABLED <-> FILE-IDENTIFY SMI file download request (file-identify.rules)
 * 1:20246 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Outlook SMB attach by reference code execution attempt (specific-threats.rules)
 * 1:20247 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Outlook SMB attach by reference code execution attempt (specific-threats.rules)
 * 1:20249 <-> ENABLED <-> SPECIFIC-THREATS Java Web Start BasicService arbitrary command execution attempt (specific-threats.rules)
 * 1:20250 <-> ENABLED <-> EXPLOIT IBM Tivoli Storage Manager Client Remote Heap Buffer Overflow (exploit.rules)
 * 1:20251 <-> ENABLED <-> SPECIFIC-THREATS PointBase 4.6 database DoS (specific-threats.rules)
 * 1:20258 <-> ENABLED <-> EXPLOIT Microsoft Forefront UAG javascript handler in URI XSS attempt (exploit.rules)
 * 1:20260 <-> ENABLED <-> FILE-IDENTIFY Microsoft Client Agent Helper JAR file download request (file-identify.rules)
 * 1:20264 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer selection option and form reset attack (specific-threats.rules)
 * 1:20265 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer null attribute crash (specific-threats.rules)
 * 1:20273 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer jscript9 parsing corruption attempt (specific-threats.rules)
 * 1:20282 <-> ENABLED <-> FILE-IDENTIFY S3M file download request (file-identify.rules)
 * 1:20285 <-> ENABLED <-> WEB-ACTIVEX Black Ice Barcode SDK ActiveX clsid access (web-activex.rules)
 * 1:20286 <-> ENABLED <-> WEB-ACTIVEX Black Ice Barcode SDK ActiveX function call access (web-activex.rules)
 * 1:20287 <-> ENABLED <-> FILE-IDENTIFY QCP file download request (file-identify.rules)
 * 1:20294 <-> DISABLED <-> SPECIFIC-THREATS Metasploit LibTiff Exploit (specific-threats.rules)
 * 1:20295 <-> DISABLED <-> SPECIFIC-THREATS Public LibTiff Exploit (specific-threats.rules)
 * 1:20450 <-> DISABLED <-> FILE-IDENTIFY MPEG video stream file magic detection (file-identify.rules)
 * 1:20451 <-> DISABLED <-> FILE-IDENTIFY MPEG sys stream file magic detection (file-identify.rules)
 * 1:20452 <-> DISABLED <-> FILE-IDENTIFY GZip file magic detection (file-identify.rules)
 * 1:20453 <-> DISABLED <-> FILE-IDENTIFY Script encoder file magic detection (file-identify.rules)
 * 1:20454 <-> DISABLED <-> FILE-IDENTIFY Postscript file magic detection (file-identify.rules)
 * 1:20455 <-> DISABLED <-> FILE-IDENTIFY BinHex file magic detection (file-identify.rules)
 * 1:20456 <-> DISABLED <-> FILE-IDENTIFY RealNetworks Real Media file magic detection (file-identify.rules)
 * 1:20458 <-> DISABLED <-> FILE-IDENTIFY bzip file magic detection (file-identify.rules)
 * 1:20459 <-> DISABLED <-> FILE-IDENTIFY GIF file magic detection (file-identify.rules)
 * 1:20460 <-> DISABLED <-> FILE-IDENTIFY MP3 file magic detection (file-identify.rules)
 * 1:20461 <-> DISABLED <-> FILE-IDENTIFY Microsoft Windows CAB file magic detection (file-identify.rules)
 * 1:20462 <-> DISABLED <-> FILE-IDENTIFY Ogg Stream file magic detection (file-identify.rules)
 * 1:20463 <-> DISABLED <-> FILE-IDENTIFY ZIP file magic detection (file-identify.rules)
 * 1:20464 <-> DISABLED <-> FILE-IDENTIFY ZIP file magic detection (file-identify.rules)
 * 1:20465 <-> DISABLED <-> FILE-IDENTIFY ZIP file magic detection (file-identify.rules)
 * 1:20466 <-> DISABLED <-> FILE-IDENTIFY ZIP file magic detection (file-identify.rules)
 * 1:20467 <-> DISABLED <-> FILE-IDENTIFY ZIP file magic detection (file-identify.rules)
 * 1:20468 <-> DISABLED <-> FILE-IDENTIFY ZIP file magic detection (file-identify.rules)
 * 1:20469 <-> DISABLED <-> FILE-IDENTIFY ZIP file magic detection (file-identify.rules)
 * 1:20474 <-> DISABLED <-> FILE-IDENTIFY Symantec file magic detection (file-identify.rules)
 * 1:20475 <-> DISABLED <-> FILE-IDENTIFY ARJ file magic detection (file-identify.rules)
 * 1:20476 <-> DISABLED <-> FILE-IDENTIFY TNEF file magic detection (file-identify.rules)
 * 1:20477 <-> DISABLED <-> FILE-IDENTIFY ELF file magic detection (file-identify.rules)
 * 1:20478 <-> DISABLED <-> FILE-IDENTIFY PNG file magic detection (file-identify.rules)
 * 1:20479 <-> DISABLED <-> FILE-IDENTIFY CryptFF file magic detection (file-identify.rules)
 * 1:20480 <-> DISABLED <-> FILE-IDENTIFY JPEG file magic detection (file-identify.rules)
 * 1:20481 <-> DISABLED <-> FILE-IDENTIFY MP3 file magic detection (file-identify.rules)
 * 1:20483 <-> DISABLED <-> FILE-IDENTIFY JPEG file magic detection (file-identify.rules)
 * 1:20484 <-> DISABLED <-> FILE-IDENTIFY SIS file magic detection (file-identify.rules)
 * 1:20485 <-> DISABLED <-> FILE-IDENTIFY SIP log file magic detection (file-identify.rules)
 * 1:20486 <-> DISABLED <-> FILE-IDENTIFY RTF file magic detection (file-identify.rules)
 * 1:20487 <-> DISABLED <-> FILE-IDENTIFY 7zip file magic detection (file-identify.rules)
 * 1:20488 <-> DISABLED <-> FILE-IDENTIFY MachO Little Endian file magic detection (file-identify.rules)
 * 1:20489 <-> DISABLED <-> FILE-IDENTIFY MachO x64 Little Endian file magic detection (file-identify.rules)
 * 1:20490 <-> DISABLED <-> FILE-IDENTIFY MachO Big Endian file magic detection (file-identify.rules)
 * 1:20491 <-> DISABLED <-> FILE-IDENTIFY MachO x64 Big Endian file magic detection (file-identify.rules)
 * 1:20492 <-> DISABLED <-> FILE-IDENTIFY Universal Binary/Java Bytecode file magic detection (file-identify.rules)
 * 1:20493 <-> DISABLED <-> FILE-IDENTIFY jarpack file magic detection (file-identify.rules)
 * 1:20494 <-> DISABLED <-> FILE-IDENTIFY PDF file magic detection (file-identify.rules)
 * 1:20498 <-> DISABLED <-> FILE-IDENTIFY Microsoft Office Word file magic detection (file-identify.rules)
 * 1:20499 <-> DISABLED <-> FILE-IDENTIFY Microsoft Office Word file magic detection (file-identify.rules)
 * 1:20500 <-> DISABLED <-> FILE-IDENTIFY MOV file magic detection (file-identify.rules)
 * 1:20501 <-> DISABLED <-> FILE-IDENTIFY MOV file magic detection (file-identify.rules)
 * 1:20502 <-> DISABLED <-> FILE-IDENTIFY MOV file magic detection (file-identify.rules)
 * 1:20503 <-> DISABLED <-> FILE-IDENTIFY MOV file magic detection (file-identify.rules)
 * 1:20504 <-> DISABLED <-> FILE-IDENTIFY MOV file magic detection (file-identify.rules)
 * 1:20513 <-> DISABLED <-> FILE-IDENTIFY ffmpeg file magic detection (file-identify.rules)
 * 1:20514 <-> DISABLED <-> FILE-IDENTIFY dmg file magic detection (file-identify.rules)
 * 1:20515 <-> DISABLED <-> FILE-IDENTIFY ivr file magic detection (file-identify.rules)
 * 1:20516 <-> DISABLED <-> FILE-IDENTIFY caff file magic detection (file-identify.rules)
 * 1:20518 <-> DISABLED <-> FILE-IDENTIFY rmf file download attempt (file-identify.rules)
 * 1:20519 <-> DISABLED <-> FILE-IDENTIFY vmd file download attempt (file-identify.rules)
 * 1:20520 <-> DISABLED <-> FILE-IDENTIFY vmd file magic detection (file-identify.rules)
 * 1:20521 <-> DISABLED <-> FILE-IDENTIFY Flac file magic detection (file-identify.rules)
 * 1:20522 <-> DISABLED <-> FILE-IDENTIFY VideoLAN VLC file magic detection (file-identify.rules)
 * 1:20544 <-> ENABLED <-> FILE-IDENTIFY Adobe Flash Player FLV file download request (file-identify.rules)
 * 1:20549 <-> ENABLED <-> SPECIFIC-THREATS Adobe Flash Player ActionScript bytecode type confusion attempt (specific-threats.rules)
 * 1:20551 <-> ENABLED <-> SPECIFIC-THREATS Adobe Flash Player Stage 3D texture format overflow attempt (specific-threats.rules)
 * 1:20556 <-> ENABLED <-> SPECIFIC-THREATS Adobe Flash Player PlaceObjectX null pointer dereference attempt (specific-threats.rules)
 * 1:20557 <-> ENABLED <-> SPECIFIC-THREATS Adobe Flash Player ActionDefineFunction2 length overflow attempt (specific-threats.rules)
 * 1:20563 <-> DISABLED <-> FILE-IDENTIFY amf file download attempt (file-identify.rules)
 * 1:20564 <-> DISABLED <-> FILE-IDENTIFY amf file magic detection (file-identify.rules)
 * 1:2104 <-> ENABLED <-> ATTACK-RESPONSES rexec username too long response (attack-responses.rules)
 * 1:2419 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer .ram playlist file download request (file-identify.rules)
 * 1:2420 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer .rmp playlist file download request (file-identify.rules)
 * 1:2422 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer .rt playlist file download request (file-identify.rules)
 * 1:2423 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer .rp playlist file download request (file-identify.rules)
 * 1:2435 <-> ENABLED <-> FILE-IDENTIFY Microsoft emf file download request (file-identify.rules)
 * 1:2436 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Audio wmf file download request (file-identify.rules)
 * 1:2550 <-> DISABLED <-> EXPLOIT winamp XM module name overflow (exploit.rules)
 * 1:2633 <-> DISABLED <-> ORACLE sys.dbms_rectifier_diff.rectify buffer overflow attempt (oracle.rules)
 * 1:2686 <-> DISABLED <-> ORACLE sys.dbms_rectifier_diff.differences buffer overflow attempt (oracle.rules)
 * 1:2707 <-> DISABLED <-> WEB-CLIENT JPEG parser multipacket heap overflow (web-client.rules)
 * 1:3017 <-> DISABLED <-> EXPLOIT Microsoft Windows WINS overflow attempt (exploit.rules)
 * 1:3084 <-> DISABLED <-> EXPLOIT Veritas backup overflow attempt (exploit.rules)
 * 1:3085 <-> DISABLED <-> EXPLOIT AIM goaway message buffer overflow attempt (exploit.rules)
 * 1:3199 <-> DISABLED <-> EXPLOIT Microsoft Windows WINS name query overflow attempt TCP (exploit.rules)
 * 1:3200 <-> DISABLED <-> EXPLOIT Microsoft Windows WINS name query overflow attempt UDP (exploit.rules)
 * 1:3457 <-> DISABLED <-> EXPLOIT Arkeia backup client type 77 overflow attempt (exploit.rules)
 * 1:3458 <-> DISABLED <-> EXPLOIT Arkeia backup client type 84 overflow attempt (exploit.rules)
 * 1:3526 <-> DISABLED <-> ORACLE XDB FTP UNLOCK overflow attempt (oracle.rules)
 * 1:3529 <-> DISABLED <-> EXPLOIT Computer Associates license GETCONFIG client overflow attempt (exploit.rules)
 * 1:3536 <-> ENABLED <-> WEB-CLIENT Mozilla GIF multipacket heap overflow - NETSCAPE2.0 (web-client.rules)
 * 1:3551 <-> ENABLED <-> FILE-IDENTIFY HTA file download request (file-identify.rules)
 * 1:3664 <-> DISABLED <-> EXPLOIT PPTP echo request buffer overflow attempt (exploit.rules)
 * 1:3819 <-> ENABLED <-> FILE-IDENTIFY CHM file download request (file-identify.rules)
 * 1:4131 <-> DISABLED <-> EXPLOIT SHOUTcast URI format string attempt (exploit.rules)
 * 1:4136 <-> DISABLED <-> WEB-CLIENT Microsoft Internet Explorer JPEG heap overflow multipacket attempt (web-client.rules)
 * 1:5317 <-> DISABLED <-> EXPLOIT pcAnywhere buffer overflow attempt (exploit.rules)
 * 1:5740 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows HTML help workshop file download request (file-identify.rules)
 * 1:604 <-> ENABLED <-> RSERVICES rsh froot (rservices.rules)
 * 1:6503 <-> ENABLED <-> WEB-CLIENT Mozilla GIF multipacket heap overflow - ANIMEXTS1.0 (web-client.rules)
 * 1:6689 <-> DISABLED <-> WEB-CLIENT Microsoft Windows Media Player Malformed PNG detected cHRM overflow attempt (web-client.rules)
 * 1:6690 <-> DISABLED <-> WEB-CLIENT Microsoft Windows Media Player Malformed PNG detected iCCP overflow attempt (web-client.rules)
 * 1:6691 <-> DISABLED <-> WEB-CLIENT Microsoft Windows Media Player Malformed PNG detected sBIT overflow attempt (web-client.rules)
 * 1:6692 <-> DISABLED <-> WEB-CLIENT Microsoft Windows Media Player Malformed PNG detected sRGB overflow attempt (web-client.rules)
 * 1:6693 <-> DISABLED <-> WEB-CLIENT Microsoft Windows Media Player Malformed PNG detected bKGD overflow attempt (web-client.rules)
 * 1:6694 <-> DISABLED <-> WEB-CLIENT Microsoft Windows Media Player Malformed PNG detected hIST overflow attempt (web-client.rules)
 * 1:6695 <-> DISABLED <-> WEB-CLIENT Microsoft Windows Media Player Malformed PNG detected tRNS overflow attempt (web-client.rules)
 * 1:6696 <-> DISABLED <-> WEB-CLIENT Microsoft Windows Media Player Malformed PNG detected pHYs overflow attempt (web-client.rules)
 * 1:6697 <-> DISABLED <-> WEB-CLIENT Microsoft Windows Media Player Malformed PNG detected sPLT overflow attempt (web-client.rules)
 * 1:6698 <-> DISABLED <-> WEB-CLIENT Microsoft Windows Media Player Malformed PNG detected tIME overflow attempt (web-client.rules)
 * 1:6699 <-> DISABLED <-> WEB-CLIENT Microsoft Windows Media Player Malformed PNG detected iTXt overflow attempt (web-client.rules)
 * 1:6700 <-> DISABLED <-> WEB-CLIENT Microsoft Multiple Products malformed PNG detected tEXt overflow attempt (web-client.rules)
 * 1:6701 <-> DISABLED <-> WEB-CLIENT Microsoft Windows Media Player Malformed PNG detected zTXt overflow attempt (web-client.rules)
 * 1:7118 <-> ENABLED <-> BACKDOOR y3k 1.2 runtime detection - user-agent string detected (backdoor.rules)
 * 1:7422 <-> DISABLED <-> EXPLOIT Microsoft Windows MMC mmcndmgr.dll cross site scripting attempt (exploit.rules)
 * 1:7423 <-> DISABLED <-> EXPLOIT Microsoft Windows MMC mmc.exe cross site scripting attempt (exploit.rules)
 * 1:7424 <-> DISABLED <-> EXPLOIT Microsoft Windows MMC createcab.cmd cross site scripting attempt (exploit.rules)
 * 1:8541 <-> ENABLED <-> ORACLE sdo_cs.transform_layer buffer overflow attempt (oracle.rules)
 * 1:8550 <-> ENABLED <-> ORACLE dbms_mview.register_mview buffer overflow attempt (oracle.rules)
 * 1:8551 <-> ENABLED <-> ORACLE dbms_mview.unregister_mview buffer overflow attempt (oracle.rules)
 * 1:8706 <-> DISABLED <-> EXPLOIT YPOPS buffer overflow attempt (exploit.rules)
 * 1:9341 <-> DISABLED <-> SPECIFIC-THREATS sasser open ftp command shell (specific-threats.rules)
 * 1:9401 <-> DISABLED <-> SPECIFIC-THREATS gokar http propagation detectiot (specific-threats.rules)
 * 1:9419 <-> DISABLED <-> SPECIFIC-THREATS sasser attempt (specific-threats.rules)
 * 1:9420 <-> DISABLED <-> SPECIFIC-THREATS korgo attempt (specific-threats.rules)
 * 1:9421 <-> DISABLED <-> SPECIFIC-THREATS zotob attempt (specific-threats.rules)
 * 1:9422 <-> DISABLED <-> SPECIFIC-THREATS msblast attempt (specific-threats.rules)
 * 1:9423 <-> DISABLED <-> SPECIFIC-THREATS lovegate attempt (specific-threats.rules)
 * 1:9424 <-> DISABLED <-> SPECIFIC-THREATS /winnt/explorer.exe unicode klez infection attempt attempt (specific-threats.rules)
 * 1:9431 <-> DISABLED <-> EXPLOIT Microsoft Outlook Express NNTP response overflow attempt (exploit.rules)
 * 1:9801 <-> DISABLED <-> WEB-CLIENT Microsoft Windows Media Player or Explorer Malformed RIFF File DOS attempt (web-client.rules)
 * 1:9813 <-> DISABLED <-> EXPLOIT Symantec NetBackup connect_options buffer overflow attempt (exploit.rules)
 * 1:9845 <-> ENABLED <-> FILE-IDENTIFY M3U file magic detection (file-identify.rules)
 * 1:987 <-> DISABLED <-> FILE-IDENTIFY .htr access file download request (file-identify.rules)
 * 1:18770 <-> ENABLED <-> SPECIFIC-THREATS Apple Safari WebKit Range Object Remote Code Execution (specific-threats.rules)
 * 1:18765 <-> ENABLED <-> SPECIFIC-THREATS Majordomo2 smtp directory traversal attempt (specific-threats.rules)
 * 1:18755 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Visio Data Type Memory Corruption  (specific-threats.rules)
 * 1:18740 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Excel sheet object type confusion exploit attempt  (specific-threats.rules)
 * 1:18710 <-> ENABLED <-> SPECIFIC-THREATS McAfee ePolicy Orchestrator Framework Services buffer overflow attempt (specific-threats.rules)
 * 1:18679 <-> ENABLED <-> EXPLOIT Oracle Java Applet2ClassLoader Remote Code Execution (exploit.rules)
 * 1:18675 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Fax Cover page document file download request (file-identify.rules)
 * 1:18645 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Windows GDI+ arbitrary code execution attempt  (specific-threats.rules)
 * 1:18644 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Windows OpenType Fonts CompactFontFormat FontMatrix tranform memory corruption attempt  (specific-threats.rules)
 * 1:18643 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Word Converter sprmTTextFflow overflow attempt  (specific-threats.rules)
 * 1:18642 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Word Converter sprmTSplit overflow attempt  (specific-threats.rules)
 * 1:18639 <-> ENABLED <-> EXPLOIT Microsoft Office Excel CatSerRange record exploit attempt (exploit.rules)
 * 1:18638 <-> ENABLED <-> EXPLOIT Microsoft Office Excel OfficeArtSpContainer record exploit attempt (exploit.rules)
 * 1:18635 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office PowerPoint malformed record call to freed object attempt  (specific-threats.rules)
 * 1:18624 <-> ENABLED <-> EXPLOIT Microsoft Windows .NET framework optimizer escalation attempt (exploit.rules)
 * 1:18617 <-> DISABLED <-> SPECIFIC-THREATS Tecnomatix FactoryLink CSService null pointer attempt (specific-threats.rules)
 * 1:18600 <-> ENABLED <-> SPECIFIC-THREATS QuickTime PictureViewer buffer overflow attempt (specific-threats.rules)
 * 1:18599 <-> ENABLED <-> SPECIFIC-THREATS QuickTime PictureViewer buffer overflow attempt (specific-threats.rules)
 * 1:18593 <-> ENABLED <-> FILE-IDENTIFY BitTorrent torrent file download request (file-identify.rules)
 * 1:18541 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Excel 2007 invalid comments.xml uninitialized pointer access attempt 3 (specific-threats.rules)
 * 1:18540 <-> ENABLED <-> SPECIFIC-THREATS Internet Explorer invalid pointer memory corruption attempt (specific-threats.rules)
 * 1:18538 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Excel PtgName invalid index exploit attempt (specific-threats.rules)
 * 1:18516 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word file download request (file-identify.rules)
 * 1:18515 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Visio VSD file icon memory corruption (specific-threats.rules)
 * 1:18514 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office PowerPoint malformed shapeid arbitrary code execution attempt (specific-threats.rules)
 * 1:18513 <-> ENABLED <-> SPECIFIC-THREATS Oracle MySQL yaSSL SSL Hello Message Buffer Overflow attempt (specific-threats.rules)
 * 1:18512 <-> ENABLED <-> SPECIFIC-THREATS Novell ZENworks Remote Management overflow attempt (specific-threats.rules)
 * 1:18463 <-> ENABLED <-> EXPLOIT Microsoft Windows MPEG Layer-3 audio heap corruption attempt (exploit.rules)
 * 1:18452 <-> ENABLED <-> SPECIFIC-THREATS Adobe malicious IFF memory corruption attempt  (specific-threats.rules)
 * 1:18447 <-> ENABLED <-> EXPLOIT Adobe OpenAction crafted URI action thru Firefox attempt (exploit.rules)
 * 1:18417 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Visio ORMinfo classes length overflow attempt  (specific-threats.rules)
 * 1:18416 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Visio ORMinfo classes length overflow attempt  (specific-threats.rules)
 * 1:18415 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Visio deserialization double free attempt  (specific-threats.rules)
 * 1:18413 <-> ENABLED <-> EXPLOIT Microsoft Windoss WMI tracing api integer truncation attempt (exploit.rules)
 * 1:18408 <-> ENABLED <-> EXPLOIT Microsoft Windows WMI tracing api integer truncation attempt (exploit.rules)
 * 1:18407 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Windows Server 2003 update service principal name spn dos attempt  (specific-threats.rules)
 * 1:18406 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Windows Server 2003 update service principal name spn dos executable attempt  (specific-threats.rules)
 * 1:18396 <-> ENABLED <-> WEB-CLIENT Microsoft Windows Hypervisor DOS vfd download attempt (web-client.rules)
 * 1:1838 <-> DISABLED <-> EXPLOIT SSH server banner overflow (exploit.rules)
 * 1:18319 <-> ENABLED <-> SPECIFIC-THREATS NETBIOS DCERPC NCACN-IP-TCP lsarpc LsarLookupSids lsa_io_trans_name heap overflow attempt (specific-threats.rules)
 * 1:18283 <-> DISABLED <-> SPECIFIC-THREATS Oracle WebLogic Apache Connector buffer overflow attempt (specific-threats.rules)
 * 1:18275 <-> ENABLED <-> FILE-IDENTIFY HyperText Markup Language file download request (file-identify.rules)
 * 1:18274 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Mail file download request (file-identify.rules)
 * 1:18273 <-> ENABLED <-> FILE-IDENTIFY BAT file download request (file-identify.rules)
 * 1:18245 <-> ENABLED <-> SPECIFIC-THREATS Oracle Java browser plugin docbase overflow attempt (specific-threats.rules)
 * 1:18238 <-> ENABLED <-> EXPLOIT Microsoft Sharepoint document conversion remote code excution attempt (exploit.rules)
 * 1:18234 <-> ENABLED <-> FILE-IDENTIFY QuickDraw/PICT file download request (file-identify.rules)
 * 1:18230 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Publisher memory corruption attempt  (specific-threats.rules)
 * 1:18219 <-> ENABLED <-> WEB-CLIENT Microsoft Windows ATMFD font driver remote code execution attempt (web-client.rules)
 * 1:18207 <-> ENABLED <-> NETBIOS Microsoft Windows Address Book msoeres32.dll dll-load exploit attempt (netbios.rules)
 * 1:18206 <-> ENABLED <-> NETBIOS Microsoft Windows Address Book wab32res.dll dll-load exploit attempt (netbios.rules)
 * 1:18205 <-> ENABLED <-> WEB-CLIENT Microsoft Windows Address Book msoeres32.dll dll-load exploit attempt (web-client.rules)
 * 1:18204 <-> ENABLED <-> WEB-CLIENT Microsoft Windows Address Book wab32res.dll dll-load exploit attempt (web-client.rules)
 * 1:18201 <-> ENABLED <-> EXPLOIT Microsoft Office TIFF filter remote code execution attempt (exploit.rules)
 * 1:18200 <-> ENABLED <-> EXPLOIT Microsoft Office .CGM file cell array heap overflow attempt (exploit.rules)
 * 1:1811 <-> DISABLED <-> SPECIFIC-THREATS successful gobbles ssh exploit uname (specific-threats.rules)
 * 1:1810 <-> DISABLED <-> SPECIFIC-THREATS successful gobbles ssh exploit GOBBLE (specific-threats.rules)
 * 1:18068 <-> ENABLED <-> EXPLOIT Microsoft Office Excel malformed MsoDrawingObject record attempt (exploit.rules)
 * 1:18065 <-> ENABLED <-> EXPLOIT Microsoft Office PowerPoint converter bad indirection remote code execution attempt (exploit.rules)
 * 1:17809 <-> ENABLED <-> FILE-IDENTIFY Apple Quicktime qt file download request (file-identify.rules)
 * 1:17777 <-> ENABLED <-> SPECIFIC-THREATS IBM Lotus Notes WPD attachment handling buffer overflow (specific-threats.rules)
 * 1:17774 <-> ENABLED <-> EXPLOIT Microsoft Internet Explorer 8 CSS XSRF exploit attempt (exploit.rules)
 * 1:17773 <-> ENABLED <-> EXPLOIT Microsoft Windows Media Player Firefox plugin memory corruption attempt (exploit.rules)
 * 1:17771 <-> ENABLED <-> EXPLOIT Microsoft Internet Explorer cross-domain information disclosure attempt (exploit.rules)
 * 1:17769 <-> ENABLED <-> EXPLOIT Microsoft Internet Explorer 8 CSS invalid mapping exploit attempt (exploit.rules)
 * 1:17768 <-> ENABLED <-> EXPLOIT Microsoft Internet Explorer 8 object event handler use after free exploit attempt (exploit.rules)
 * 1:17767 <-> ENABLED <-> EXPLOIT Microsoft Internet Explorer 8 tostaticHTML CSS import vulnerability (exploit.rules)
 * 1:17766 <-> ENABLED <-> EXPLOIT Microsoft Internet Explorer 8 XSS in toStaticHTML API attempt (exploit.rules)
 * 1:17764 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Excel PtgName invalid index exploit attempt  (specific-threats.rules)
 * 1:17763 <-> ENABLED <-> EXPLOIT Microsoft Office Excel GhostRw record exploit attempt (exploit.rules)
 * 1:17760 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Excel RealTimeData record exploit attempt  (specific-threats.rules)
 * 1:17759 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Excel invalid SerAr object exploit attempt  (specific-threats.rules)
 * 1:17758 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Excel PtgExtraArray data parsing vulnerability exploit attempt  (specific-threats.rules)
 * 1:17755 <-> ENABLED <-> EXPLOIT Microsoft Office Word unchecked index value remote code execution attempt (exploit.rules)
 * 1:17754 <-> ENABLED <-> EXPLOIT Microsoft Office Word bookmark bound check remote code execution attempt (exploit.rules)
 * 1:17752 <-> ENABLED <-> EXPLOIT OpenType Font file parsing denial of service attempt (exploit.rules)
 * 1:17751 <-> ENABLED <-> FILE-IDENTIFY OpenType Font file download request (file-identify.rules)
 * 1:17747 <-> ENABLED <-> EXPLOIT Microsoft Internet Explorer compressed HDMX font processing integer overflow attempt (exploit.rules)
 * 1:17743 <-> ENABLED <-> EXPLOIT Microsoft Office Word RTF parsing memory corruption (exploit.rules)
 * 1:17742 <-> ENABLED <-> EXPLOIT Microsoft Office Word remote code execution attempt (exploit.rules)
 * 1:17739 <-> ENABLED <-> FILE-IDENTIFY FlashPix file download request (file-identify.rules)
 * 1:17735 <-> ENABLED <-> SPECIFIC-THREATS Adobe Pagemaker Font Name Buffer Overflow attempt (specific-threats.rules)
 * 1:17733 <-> ENABLED <-> FILE-IDENTIFY XML file download request (file-identify.rules)
 * 1:17724 <-> ENABLED <-> SPECIFIC-THREATS malicious ASP file upload attempt (specific-threats.rules)
 * 1:17721 <-> ENABLED <-> EXPLOIT Microsoft Windows WINS replication inform2 request memory corruption attempt (exploit.rules)
 * 1:17713 <-> DISABLED <-> EXPLOIT Novell NetMail NMAP STOR buffer overflow attempt (exploit.rules)
 * 1:17691 <-> ENABLED <-> EXPLOIT Microsoft Office Word remote code execution attempt (exploit.rules)
 * 1:17690 <-> ENABLED <-> EXPLOIT Microsoft Office Word remote code execution attempt (exploit.rules)
 * 1:17687 <-> ENABLED <-> EXPLOIT Microsoft Internet Explorer invalid pointer memory corruption attempt (exploit.rules)
 * 1:17686 <-> ENABLED <-> EXPLOIT Microsoft Internet Explorer invalid pointer memory corruption attempt (exploit.rules)
 * 1:17685 <-> ENABLED <-> EXPLOIT Microsoft Internet Explorer invalid pointer memory corruption attempt (exploit.rules)
 * 1:17679 <-> ENABLED <-> FILE-IDENTIFY Apple disk image file download request (file-identify.rules)
 * 1:17659 <-> ENABLED <-> ORACLE xdb.dbms_xmlschema buffer overflow attempt (oracle.rules)
 * 1:17650 <-> ENABLED <-> SPECIFIC-THREATS Adobe Pagemaker Key Strings Stack Buffer Overflow attempt (specific-threats.rules)
 * 1:17624 <-> ENABLED <-> SPECIFIC-THREATS Oracle Java Runtime Environment Type1 Font parsing integer overflow attempt (specific-threats.rules)
 * 1:17623 <-> ENABLED <-> SPECIFIC-THREATS Oracle Java Runtime Environment Type1 Font parsing integer overflow attempt (specific-threats.rules)
 * 1:17602 <-> ENABLED <-> WEB-CLIENT ClamAV antivirus CHM file handling DOS (web-client.rules)
 * 1:17600 <-> ENABLED <-> FILE-IDENTIFY XUL file download request (file-identify.rules)
 * 1:17599 <-> ENABLED <-> SPECIFIC-THREATS IBM DB2 Universal Database rdbname denial of service attempt (specific-threats.rules)
 * 1:17598 <-> ENABLED <-> SPECIFIC-THREATS IBM DB2 Universal Database accsec command without rdbnam (specific-threats.rules)
 * 1:17590 <-> ENABLED <-> ORACLE DBMS_ASSERT.simple_sql_name double quote SQL injection attempt (oracle.rules)
 * 1:17585 <-> ENABLED <-> SPECIFIC-THREATS Internet Explorer possible javascript onunload event memory corruption (specific-threats.rules)
 * 1:17584 <-> ENABLED <-> ORACLE UTL_FILE directory traversal attempt (oracle.rules)
 * 1:17578 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Word Section Table Array Buffer Overflow attempt (specific-threats.rules)
 * 1:17574 <-> ENABLED <-> SPECIFIC-THREATS Sophos Anti-Virus Visio File Parsing Buffer Overflow attempt (specific-threats.rules)
 * 1:17565 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office PowerPoint PP7 File Handling Memory Corruption attempt (specific-threats.rules)
 * 1:17563 <-> ENABLED <-> SPECIFIC-THREATS Oracle Java Runtime Environment JAR File Processing Stack Buffer Overflow (specific-threats.rules)
 * 1:17562 <-> ENABLED <-> SPECIFIC-THREATS Oracle Java Runtime Environment Pack200 Decompression Integer Overflow attempt (specific-threats.rules)
 * 1:17561 <-> ENABLED <-> SPECIFIC-THREATS RealNetworks RealPlayer IVR Overly Long Filename Code Execution attempt (specific-threats.rules)
 * 1:17560 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Word Global Array Index Heap Overflow attempt (specific-threats.rules)
 * 1:17556 <-> ENABLED <-> SPECIFIC-THREATS Firebird database invalid state memory corruption (specific-threats.rules)
 * 1:17553 <-> ENABLED <-> SPECIFIC-THREATS Adobe Pagemaker Font Name Buffer Overflow attempt (specific-threats.rules)
 * 1:17552 <-> ENABLED <-> FILE-IDENTIFY Adobe Pagemaker file download request (file-identify.rules)
 * 1:17550 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Word Font Parsing Buffer Overflow attempt (specific-threats.rules)
 * 1:17549 <-> ENABLED <-> SPECIFIC-THREATS Internet Explorer Error Handling Code Execution (specific-threats.rules)
 * 1:17547 <-> ENABLED <-> FILE-IDENTIFY SMIL file download request (file-identify.rules)
 * 1:17543 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Excel Column record handling memory corruption attempt (specific-threats.rules)
 * 1:17542 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Excel MalformedPalete Record Memory Corruption attempt (specific-threats.rules)
 * 1:17540 <-> ENABLED <-> FILE-IDENTIFY LZH file download request (file-identify.rules)
 * 1:17539 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Excel unspecified memory corruption attempt (specific-threats.rules)
 * 1:17538 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Excel unspecified memory corruption attempt (specific-threats.rules)
 * 1:17537 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Excel unspecified memory corruption attempt (specific-threats.rules)
 * 1:17529 <-> ENABLED <-> SPECIFIC-THREATS Adobe RoboHelp Server Arbitrary File Upload and Execute (specific-threats.rules)
 * 1:17528 <-> ENABLED <-> SPECIFIC-THREATS nginx URI parsing buffer overflow attempt (specific-threats.rules)
 * 1:17522 <-> ENABLED <-> SPECIFIC-THREATS Oracle Java Runtime Environment Pack200 Decompression Integer Overflow (specific-threats.rules)
 * 1:17521 <-> ENABLED <-> SPECIFIC-THREATS GoodTech SSH Server SFTP Processing Buffer Overflow (specific-threats.rules)
 * 1:17520 <-> ENABLED <-> EXPLOIT CA ARCserve Backup DB Engine Denial of Service (exploit.rules)
 * 1:17510 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows .NET Deploy file download request (file-identify.rules)
 * 1:17509 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows .NET Manifest file download request (file-identify.rules)
 * 1:17508 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows .NET Application file download request (file-identify.rules)
 * 1:17497 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office PowerPoint malformed NamedShows record code execution attempt (specific-threats.rules)
 * 1:17496 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office PowerPoint malformed NamedShows record code execution attempt (specific-threats.rules)
 * 1:17493 <-> ENABLED <-> SPECIFIC-THREATS ClamAV UPX FileHandling Heap overflow attempt (specific-threats.rules)
 * 1:17492 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Excel Malformed SELECTION Record Code Execution attempt (specific-threats.rules)
 * 1:17491 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Word mso.dll LsCreateLine memory corruption attempt (specific-threats.rules)
 * 1:17490 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Windows itss.dll CHM File Handling Heap Corruption attempt (specific-threats.rules)
 * 1:17489 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Windows Help File Heap Buffer Overflow attempt (specific-threats.rules)
 * 1:17488 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Excel Malformed Range Code Execution attempt (specific-threats.rules)
 * 1:17481 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Exchange and Outlook TNEF Decoding Integer Overflow attempt (specific-threats.rules)
 * 1:17480 <-> ENABLED <-> ORACLE DBMS_CDC_ISUBSCRIBE.CREATE_SUBSCRIPTION arbitrary command execution attempt (oracle.rules)
 * 1:17479 <-> ENABLED <-> ORACLE DBMS_CDC_ISUBSCRIBE.SUBSCRIBE arbitrary command execution attempt (oracle.rules)
 * 1:17478 <-> ENABLED <-> ORACLE DBMS_CDC_SUBSCRIBE.SUBSCRIBE arbitrary command execution attempt (oracle.rules)
 * 1:17477 <-> ENABLED <-> ORACLE DBMS_CDC_SUBSCRIBE.DROP_SUBSCRIPTION arbitrary command execution attempt (oracle.rules)
 * 1:17476 <-> ENABLED <-> ORACLE DBMS_CDC_SUBSCRIBE.PURGE_WINDOW arbitrary command execution attempt (oracle.rules)
 * 1:17475 <-> ENABLED <-> ORACLE DBMS_CDC_SUBSCRIBE.ACTIVATE_SUBSCRIPTION arbitrary command execution attempt (oracle.rules)
 * 1:17474 <-> ENABLED <-> ORACLE DBMS_CDC_SUBSCRIBE.CREATE_SUBSCRIPTION arbitrary command execution attempt (oracle.rules)
 * 1:17473 <-> ENABLED <-> ORACLE DBMS_CDC_SUBSCRIBE.EXTEND_WINDOW arbitrary command execution attempt (oracle.rules)
 * 1:17463 <-> ENABLED <-> SPECIFIC-THREATS Internet Explorer File Download Dialog Box Manipulation (specific-threats.rules)
 * 1:17441 <-> ENABLED <-> FILE-IDENTIFY LNK file download request (file-identify.rules)
 * 1:17431 <-> ENABLED <-> EXPLOIT Microsoft Windows IIS SChannel improper certificate verification (exploit.rules)
 * 1:17426 <-> ENABLED <-> FILE-IDENTIFY RAT file download request (file-identify.rules)
 * 1:17424 <-> ENABLED <-> SPECIFIC-THREATS Mozilla Firefox IconURL Arbitrary Javascript Execution attempt (specific-threats.rules)
 * 1:17415 <-> ENABLED <-> SPECIFIC-THREATS Mozilla Firefox Javascript Engine Information Disclosure attempt (specific-threats.rules)
 * 1:17414 <-> ENABLED <-> SPECIFIC-THREATS Mozilla Firefox Javascript Engine Information Disclosure attempt (specific-threats.rules)
 * 1:17413 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Jet DB Engine Buffer Overflow attempt (specific-threats.rules)
 * 1:17407 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows help file download request (file-identify.rules)
 * 1:17406 <-> ENABLED <-> EXPLOIT Microsoft Office Word Converter XST structure buffer overflow attempt (exploit.rules)
 * 1:17405 <-> ENABLED <-> EXPLOIT Microsoft Office Word Converter XST structure buffer overflow attempt (exploit.rules)
 * 1:17404 <-> ENABLED <-> EXPLOIT Microsoft Office Word Converter XST structure buffer overflow attempt (exploit.rules)
 * 1:17401 <-> ENABLED <-> SPECIFIC-THREATS Internet Explorer nested tag memory corruption attempt - unescaped (specific-threats.rules)
 * 1:17397 <-> ENABLED <-> EXPLOIT VNCViewer Authenticate buffer overflow attempt (exploit.rules)
 * 1:17396 <-> DISABLED <-> EXPLOIT VNC client authentication response (exploit.rules)
 * 1:17395 <-> ENABLED <-> SPECIFIC-THREATS Oracle Java Web Start Splashscreen GIF decoding buffer overflow attempt (specific-threats.rules)
 * 1:17394 <-> ENABLED <-> FILE-IDENTIFY GIF file download request (file-identify.rules)
 * 1:17383 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Publisher Object Handler Validation Code Execution attempted (specific-threats.rules)
 * 1:17382 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Project Invalid Memory Pointer Code Execution attempt (specific-threats.rules)
 * 1:17380 <-> ENABLED <-> FILE-IDENTIFY PNG file download request (file-identify.rules)
 * 1:17379 <-> ENABLED <-> WEB-CLIENT Mozilla Firefox Animated PNG Processing integer overflow (web-client.rules)
 * 1:17378 <-> ENABLED <-> WEB-CLIENT Mozilla Firefox Animated PNG Processing integer overflow (web-client.rules)
 * 1:17374 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Windows HLP File Handling heap overflow attempt (specific-threats.rules)
 * 1:17364 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Help Workshop CNT Help file download request (file-identify.rules)
 * 1:17359 <-> ENABLED <-> FILE-IDENTIFY XBM image file download request (file-identify.rules)
 * 1:17358 <-> DISABLED <-> EXPLOIT ClamAV UPX File Handling Buffer Overflow attempt (exploit.rules)
 * 1:17356 <-> DISABLED <-> EXPLOIT NOD32 Anti-Virus ARJ Archive Handling Buffer Overflow attempt (exploit.rules)
 * 1:17352 <-> DISABLED <-> EXPLOIT ClamAV CHM File Handling Integer Overflow attempt (exploit.rules)
 * 1:17346 <-> ENABLED <-> SPECIFIC-THREATS IBM Lotus Notes Cross Site Scripting attempt (specific-threats.rules)
 * 1:12422 <-> DISABLED <-> EXPLOIT RealNetworks Helix RTSP long describe request exploit attempt (exploit.rules)
 * 1:12362 <-> DISABLED <-> EXPLOIT Squid HTTP Proxy-Authorization overflow (exploit.rules)
 * 1:1233 <-> ENABLED <-> FILE-IDENTIFY Outlook EML file download request (file-identify.rules)
 * 1:12285 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel Workspace file download request (file-identify.rules)
 * 1:12283 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel xlw file magic detection (file-identify.rules)
 * 1:12277 <-> DISABLED <-> EXPLOIT Microsoft Internet Explorer CSS memory corruption exploit (exploit.rules)
 * 1:12218 <-> DISABLED <-> EXPLOIT Borland interbase string length buffer overflow attempt (exploit.rules)
 * 1:12217 <-> DISABLED <-> EXPLOIT Borland interbase string length buffer overflow attempt (exploit.rules)
 * 1:12216 <-> DISABLED <-> EXPLOIT Borland interbase Create Request opcode string length buffer overflow attempt (exploit.rules)
 * 1:12197 <-> DISABLED <-> EXPLOIT CA message queuing server buffer overflow attempt (exploit.rules)
 * 1:17334 <-> ENABLED <-> SPECIFIC-THREATS RealPlayer SWF Flash File buffer overflow attempt (specific-threats.rules)
 * 1:17310 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office PowerPoint Viewer Memory Allocation Code Execution (specific-threats.rules)
 * 1:17306 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Malware Protection Engine file processing denial of service attempt (specific-threats.rules)
 * 1:17293 <-> ENABLED <-> ORACLE sdo_lrs.convert_to_lrs_layer buffer overflow attempt (oracle.rules)
 * 1:17289 <-> ENABLED <-> SPECIFIC-THREATS GNU gzip LZH decompression make_table overflow attempt (specific-threats.rules)
 * 1:17259 <-> ENABLED <-> FILE-IDENTIFY MOV file download request (file-identify.rules)
 * 1:17255 <-> ENABLED <-> EXPLOIT Microsoft Windows IIS FastCGI heap overflow attempt (exploit.rules)
 * 1:17250 <-> ENABLED <-> EXPLOIT Microsoft Windows WordPad sprmTSetBrc80 SPRM overflow attempt (exploit.rules)
 * 1:1725 <-> DISABLED <-> WEB-IIS +.htr code fragment attempt (web-iis.rules)
 * 1:17249 <-> ENABLED <-> EXPLOIT Microsoft Windows LSASS integer overflow attempt (exploit.rules)
 * 1:17243 <-> DISABLED <-> EXPLOIT MIT Kerberos V5 krb5_recvauth double free attempt (exploit.rules)
 * 1:17241 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media wmv file download request (file-identify.rules)
 * 1:17225 <-> ENABLED <-> SPECIFIC-THREATS Alt-N MDaemon WorldClient invalid user (specific-threats.rules)
 * 1:17198 <-> ENABLED <-> EXPLOIT Adobe Director file exploit attempt (exploit.rules)
 * 1:17197 <-> ENABLED <-> EXPLOIT Adobe Director file exploit attempt (exploit.rules)
 * 1:17196 <-> ENABLED <-> EXPLOIT Adobe Director file exploit attempt (exploit.rules)
 * 1:17194 <-> ENABLED <-> EXPLOIT Adobe Director file tSAC tag exploit attempt (exploit.rules)
 * 1:17193 <-> ENABLED <-> EXPLOIT Adobe Director remote code execution attempt (exploit.rules)
 * 1:17192 <-> ENABLED <-> EXPLOIT Adobe Director remote code execution attempt (exploit.rules)
 * 1:17191 <-> ENABLED <-> EXPLOIT Adobe Director remote code execution attempt (exploit.rules)
 * 1:17190 <-> ENABLED <-> EXPLOIT Adobe Director remote code execution attempt (exploit.rules)
 * 1:17142 <-> ENABLED <-> EXPLOIT Adobe Flash Player SWF ActionScript exploit attempt (exploit.rules)
 * 1:17141 <-> ENABLED <-> EXPLOIT Adobe Flash invalid data precision arbitrary code execution exploit attempt (exploit.rules)
 * 1:17136 <-> ENABLED <-> EXPLOIT Microsoft Internet Explorer 6 race condition exploit attempt (exploit.rules)
 * 1:17135 <-> ENABLED <-> EXPLOIT Microsoft Windows Movie Maker string size overflow attempt (exploit.rules)
 * 1:17132 <-> ENABLED <-> EXPLOIT Microsoft Internet Explorer invalid object access attempt (exploit.rules)
 * 1:17128 <-> ENABLED <-> EXPLOIT Cinepak Codec VIDC decompression remote code execution attempt (exploit.rules)
 * 1:17119 <-> ENABLED <-> EXPLOIT Microsoft Office Word sprmCMajority SPRM overflow attempt (exploit.rules)
 * 1:17117 <-> ENABLED <-> EXPLOIT Microsoft Windows MPEG Layer-3 audio heap corruption attempt (exploit.rules)
 * 1:17116 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media ASX file download request (file-identify.rules)
 * 1:17109 <-> DISABLED <-> SPECIFIC-THREATS Oracle Java Web Console logging functionality format string exploit attempt (specific-threats.rules)
 * 1:17077 <-> ENABLED <-> SPECIFIC-THREATS Ask Toolbar AskJeevesToolBar.SettingsPlugin.1 ActiveX control buffer overflow attempt (specific-threats.rules)
 * 1:17039 <-> ENABLED <-> EXPLOIT Microsoft Office Access ACCWIZ library release after free attempt - 2 (exploit.rules)
 * 1:17038 <-> ENABLED <-> EXPLOIT Microsoft Office Access ACCWIZ library release after free attempt - 1 (exploit.rules)
 * 1:16801 <-> ENABLED <-> EXPLOIT Adobe Reader CoolType.dll remote memory corruption denial of service attempt (exploit.rules)
 * 1:16800 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Excel FRTWrapper record buffer overflow attempt  (specific-threats.rules)
 * 1:16798 <-> DISABLED <-> SPECIFIC-THREATS Orbit Downloader long URL buffer overflow attempt (specific-threats.rules)
 * 1:16787 <-> ENABLED <-> SPECIFIC-THREATS Symantec multiple products AeXNSConsoleUtilities RunCMD buffer overflow attempt (specific-threats.rules)
 * 1:16785 <-> ENABLED <-> SPECIFIC-THREATS AwingSoft Winds3D Player SceneURL method command execution attempt (specific-threats.rules)
 * 1:16771 <-> ENABLED <-> SPECIFIC-THREATS AwingSoft Web3D Player WindsPlayerIE.View.1 ActiveX SceneURL method overflow attempt (specific-threats.rules)
 * 1:1675 <-> ENABLED <-> ORACLE misparsed login response (oracle.rules)
 * 1:16742 <-> ENABLED <-> FILE-IDENTIFY remote desktop configuration file download request (file-identify.rules)
 * 1:16716 <-> ENABLED <-> WEB-CLIENT Oracle Java Web Start Splashscreen PNG processing buffer overflow attempt (web-client.rules)
 * 1:16691 <-> ENABLED <-> FILE-IDENTIFY PLF playlist file download request (file-identify.rules)
 * 1:16690 <-> DISABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer createTextRange code execution attempt (specific-threats.rules)
 * 1:16671 <-> ENABLED <-> SPECIFIC-THREATS IBM Lotus Domino Web Access ActiveX exploit attempt (specific-threats.rules)
 * 1:16661 <-> ENABLED <-> EXPLOIT quartz.dll MJPEG content processing memory corruption attempt (exploit.rules)
 * 1:1666 <-> ENABLED <-> ATTACK-RESPONSES index of /cgi-bin/ response (attack-responses.rules)
 * 1:16648 <-> ENABLED <-> EXPLOIT Microsoft Office Excel RealTimeData record heap memory corruption attempt - 1 (exploit.rules)
 * 1:16646 <-> ENABLED <-> EXPLOIT Microsoft Office Excel RealTimeData record stack buffer overflow attempt (exploit.rules)
 * 1:16645 <-> ENABLED <-> EXPLOIT Microsoft Office Excel SxView record memory pointer corruption attempt (exploit.rules)
 * 1:16644 <-> ENABLED <-> EXPLOIT Microsoft Office Excel WOpt record memory corruption attempt (exploit.rules)
 * 1:16637 <-> ENABLED <-> EXPLOIT Microsoft Internet Explorer security zone restriction bypass attempt (exploit.rules)
 * 1:16608 <-> DISABLED <-> SPECIFIC-THREATS HP Mercury Quality Center SPIDERLib ActiveX buffer overflow attempt (specific-threats.rules)
 * 1:16607 <-> DISABLED <-> SPECIFIC-THREATS RealPlayer RAM Download Handler ActiveX exploit attempt (specific-threats.rules)
 * 1:16605 <-> ENABLED <-> SPECIFIC-THREATS Internet Explorer nested SPAN tag memory corruption attempt (specific-threats.rules)
 * 1:16591 <-> ENABLED <-> SPECIFIC-THREATS EasyMail Objects ActiveX exploit attempt - 2 (specific-threats.rules)
 * 1:16590 <-> ENABLED <-> SPECIFIC-THREATS EasyMail Objects ActiveX exploit attempt - 1 (specific-threats.rules)
 * 1:16588 <-> ENABLED <-> SPECIFIC-THREATS iseemedia LPViewer ActiveX exploit attempt (specific-threats.rules)
 * 1:16587 <-> DISABLED <-> SPECIFIC-THREATS Symantec multiple products AeXNSConsoleUtilities buffer overflow attempt (specific-threats.rules)
 * 1:16581 <-> DISABLED <-> SPECIFIC-THREATS Persits Software XUpload ActiveX clsid unsafe function access attempt (specific-threats.rules)
 * 1:16576 <-> DISABLED <-> EXPLOIT RealNetworks Helix AgentX receive_agentx stack buffer overflow attempt (exploit.rules)
 * 1:16553 <-> ENABLED <-> EXPLOIT Microsoft Office Excel ptg index parsing code execution attempt (exploit.rules)
 * 1:16546 <-> ENABLED <-> EXPLOIT Adobe Reader/Acrobat Pro CFF font parsing heap overflow attempt (exploit.rules)
 * 1:16542 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Publisher 2007 and earlier stack buffer overflow attempt  (specific-threats.rules)
 * 1:16541 <-> ENABLED <-> EXPLOIT Microsoft Windows Media Service stack overflow attempt (exploit.rules)
 * 1:16537 <-> ENABLED <-> EXPLOIT Windows Media Player ActiveX unknow compression algorithm use arbitrary code execution attempt (exploit.rules)
 * 1:16536 <-> ENABLED <-> EXPLOIT Microsoft Office Visio off-by-one in array index code execution attempt (exploit.rules)
 * 1:16535 <-> ENABLED <-> EXPLOIT Microsoft Office Visio improper attribute code execution attempt (exploit.rules)
 * 1:16529 <-> ENABLED <-> FILE-IDENTIFY JPEG file download request (file-identify.rules)
 * 1:16512 <-> ENABLED <-> EXPLOIT Microsoft Internet Explorer malformed span/div html document heap corruption attempt (exploit.rules)
 * 1:16503 <-> ENABLED <-> EXPLOIT Microsoft Internet Explorer event handling remote code execution attempt (exploit.rules)
 * 1:16478 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Powerpoint .MSProducerBF file download request (file-identify.rules)
 * 1:16477 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Powerpoint .MSProducerZ file download request (file-identify.rules)
 * 1:16476 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Powerpoint .MSProducer file download request (file-identify.rules)
 * 1:16473 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Movie Maker project file download request (file-identify.rules)
 * 1:16468 <-> ENABLED <-> EXPLOIT Microsoft Office Excel 2007 invalid comments.xml uninitialized pointer access attempt 2 (exploit.rules)
 * 1:16467 <-> ENABLED <-> EXPLOIT Microsoft Office Excel 2007 invalid comments.xml uninitialized pointer access attempt 1 (exploit.rules)
 * 1:16466 <-> ENABLED <-> EXPLOIT Microsoft Office Excel uninitialized stack variable code execution attempt (exploit.rules)
 * 1:16463 <-> ENABLED <-> EXPLOIT Microsoft Office Excel BIFF5 formulas from records parsing code execution attempt (exploit.rules)
 * 1:16462 <-> ENABLED <-> EXPLOIT Microsoft Office Excel BIFF8 formulas from records parsing code execution attempt (exploit.rules)
 * 1:16461 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Excel EntExU2 write access violation attempt  (specific-threats.rules)
 * 1:16438 <-> ENABLED <-> ORACLE WebLogic Server Node Manager arbitrary command execution attempt (oracle.rules)
 * 1:16425 <-> ENABLED <-> FILE-IDENTIFY Portable Executable binary file download request (file-identify.rules)
 * 1:16422 <-> ENABLED <-> EXPLOIT Microsoft Windows Paint JPEG with malformed SOFx field (exploit.rules)
 * 1:16421 <-> ENABLED <-> EXPLOIT Microsoft Office PowerPoint out of bounds value remote code execution attempt (exploit.rules)
 * 1:16407 <-> ENABLED <-> FILE-IDENTIFY JPEG file download request (file-identify.rules)
 * 1:16406 <-> ENABLED <-> FILE-IDENTIFY JPEG file download request (file-identify.rules)
 * 1:16393 <-> DISABLED <-> EXPLOIT Postgresql bit substring buffer overflow (exploit.rules)
 * 1:16377 <-> ENABLED <-> EXPLOIT Microsoft Internet Explorer DOM mergeAttributes memory corruption attempt (exploit.rules)
 * 1:16376 <-> ENABLED <-> EXPLOIT Microsoft Internet Explorer onPropertyChange deleteTable memory corruption attempt (exploit.rules)
 * 1:16369 <-> ENABLED <-> EXPLOIT Microsoft Internet Explorer deleted object access memory corruption attempt - public exploit (exploit.rules)
 * 1:16366 <-> ENABLED <-> EXPLOIT Microsoft Windows embedded OpenType font engine LZX decompression buffer overflow attempt (exploit.rules)
 * 1:16365 <-> ENABLED <-> SPYWARE-PUT OnlineGames download atttempt (spyware-put.rules)
 * 1:16349 <-> ENABLED <-> SPECIFIC-THREATS Oracle MySQL database Procedure Analyse denial of service attempt - 2 (specific-threats.rules)
 * 1:16348 <-> ENABLED <-> SPECIFIC-THREATS Oracle MySQL database PROCEDURE ANALYSE denial of service attempt - 1 (specific-threats.rules)
 * 1:16340 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Windows Media Player DHTML Editing ActiveX clsid access (specific-threats.rules)
 * 1:16328 <-> ENABLED <-> EXPLOIT Microsoft Office Project file parsing arbitrary memory access attempt (exploit.rules)
 * 1:16327 <-> ENABLED <-> EXPLOIT Microsoft Windows GDI+ TIFF RLE compressed data buffer overflow attempt (exploit.rules)
 * 1:16326 <-> ENABLED <-> EXPLOIT Microsoft Internet Explorer 8 DOM memory corruption attempt (exploit.rules)
 * 1:16323 <-> ENABLED <-> EXPLOIT Adobe JPEG2k uninitialized QCC memory corruption attempt (exploit.rules)
 * 1:16317 <-> ENABLED <-> EXPLOIT Microsoft Internet Explorer mouse move during refresh memory corruption attempt (exploit.rules)
 * 1:16314 <-> ENABLED <-> EXPLOIT Microsoft Windows WordPad and Office text converter integer overflow attempt (exploit.rules)
 * 1:16309 <-> ENABLED <-> ORACLE auth_sesskey buffer overflow attempt (oracle.rules)
 * 1:16294 <-> ENABLED <-> EXPLOIT Microsoft Windows TCP stack zero window size exploit attempt (exploit.rules)
 * 1:16288 <-> ENABLED <-> SPECIFIC-THREATS Oracle Java Runtime AWT setDiffICM stack buffer overflow attempt (specific-threats.rules)
 * 1:16286 <-> ENABLED <-> FILE-IDENTIFY TrueType font file download request (file-identify.rules)
 * 1:16240 <-> ENABLED <-> EXPLOIT Microsoft Office Excel file Window/Pane record exploit attempt (exploit.rules)
 * 1:16235 <-> ENABLED <-> EXPLOIT Microsoft Office Excel file SXDB record exploit attempt (exploit.rules)
 * 1:16233 <-> ENABLED <-> EXPLOIT Microsoft Office Excel oversized ptgFuncVar cparams value buffer overflow attempt (exploit.rules)
 * 1:16226 <-> ENABLED <-> EXPLOIT Microsoft Office Excel integer field in row record improper validation remote code execution attempt (exploit.rules)
 * 1:16225 <-> ENABLED <-> EXPLOIT Adobe Shockwave Flash arbitrary memory access attempt (exploit.rules)
 * 1:16221 <-> ENABLED <-> EXPLOIT Microsoft ISA and Forefront Threat Management Web Proxy TCP Listener denial of service attempt (exploit.rules)
 * 1:16205 <-> ENABLED <-> FILE-IDENTIFY BMP file download request (file-identify.rules)
 * 1:16187 <-> ENABLED <-> EXPLOIT Microsoft Windows DirectShow MJPEG arbitrary code execution attempt (exploit.rules)
 * 1:16185 <-> ENABLED <-> EXPLOIT Microsoft Windows GDI+ compressed TIFF file parsing remote code execution attempt (exploit.rules)
 * 1:16184 <-> ENABLED <-> EXPLOIT Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (exploit.rules)
 * 1:16178 <-> ENABLED <-> EXPLOIT Microsoft Windows GDI+ Excel file Office Art Property Table remote code execution attempt (exploit.rules)
 * 1:16177 <-> ENABLED <-> EXPLOIT Microsoft Windows GDI+ Word file Office Art Property Table remote code execution attempt (exploit.rules)
 * 1:16176 <-> ENABLED <-> EXPLOIT Adobe collab.addStateModel remote corruption attempt (exploit.rules)
 * 1:16175 <-> ENABLED <-> EXPLOIT Adobe collab.removeStateModel denial of service attempt (exploit.rules)
 * 1:16174 <-> ENABLED <-> EXPLOIT Adobe Acrobat Reader U3D progressive mesh continuation off by one index attempt (exploit.rules)
 * 1:16173 <-> ENABLED <-> EXPLOIT Adobe Acrobat Reader U3D progressive mesh continuation pointer overwrite attempt (exploit.rules)
 * 1:16172 <-> ENABLED <-> EXPLOIT Adobe Acrobat Reader U3D line set heap corruption attempt (exploit.rules)
 * 1:16152 <-> ENABLED <-> EXPLOIT Microsoft Internet Explorer table layout unitialized or deleted object access attempt (exploit.rules)
 * 1:16149 <-> ENABLED <-> EXPLOIT Microsoft Internet Explorer data stream header remote code execution attempt (exploit.rules)
 * 1:16147 <-> DISABLED <-> SPECIFIC-THREATS Microsoft Windows IIS malformed URL .dll denial of service attempt (specific-threats.rules)
 * 1:16143 <-> ENABLED <-> FILE-IDENTIFY Microsoft asf file magic detection (file-identify.rules)
 * 1:16073 <-> ENABLED <-> SPECIFIC-THREATS MS-SQL convert function unicode overflow (specific-threats.rules)
 * 1:16072 <-> DISABLED <-> SPECIFIC-THREATS CUPS server query metacharacter buffer overflow attempt (specific-threats.rules)
 * 1:16071 <-> ENABLED <-> EXPLOIT CA ARCServe Backup Discovery Service denial of service attempt (exploit.rules)
 * 1:16069 <-> DISABLED <-> EXPLOIT IBM Informix server argument processing overflow attempt (exploit.rules)
 * 1:16066 <-> DISABLED <-> EXPLOIT Microsoft Windows Server driver crafted SMB data denial of service (exploit.rules)
 * 1:16065 <-> DISABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer location.replace memory corruption attempt (specific-threats.rules)
 * 1:16064 <-> DISABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer onBeforeUnload address bar spoofing attempt (specific-threats.rules)
 * 1:16061 <-> ENABLED <-> FILE-IDENTIFY X PixMap file download request (file-identify.rules)
 * 1:16059 <-> DISABLED <-> SPECIFIC-THREATS Microsoft Office Excel malformed file format parsing code execution attempt (specific-threats.rules)
 * 1:16057 <-> DISABLED <-> SPECIFIC-THREATS sendmail smtp timeout buffer overflow attempt (specific-threats.rules)
 * 1:16051 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Publisher 2007 conversion library code execution attempt (specific-threats.rules)
 * 1:16028 <-> DISABLED <-> SPECIFIC-THREATS Groupwise Messenger parameters invalid memory access (specific-threats.rules)
 * 1:16020 <-> ENABLED <-> SPECIFIC-THREATS Oracle MySQL login handshake information disclosure attempt (specific-threats.rules)
 * 1:16018 <-> DISABLED <-> SPECIFIC-THREATS HP OpenView network node manager buffer overflow (specific-threats.rules)
 * 1:16016 <-> ENABLED <-> SPECIFIC-THREATS Microsoft client for netware overflow attempt (specific-threats.rules)
 * 1:15995 <-> ENABLED <-> EXPLOIT Microsoft Windows DirectX malformed avi file mjpeg compression arbitrary code execution attempt (exploit.rules)
 * 1:15987 <-> ENABLED <-> FILE-IDENTIFY DXF file download request (file-identify.rules)
 * 1:15951 <-> DISABLED <-> SPECIFIC-THREATS Oracle MySQL MaxDB Webtool GET command overflow attempt (specific-threats.rules)
 * 1:15945 <-> ENABLED <-> FILE-IDENTIFY RSS file download request (file-identify.rules)
 * 1:15937 <-> DISABLED <-> SPECIFIC-THREATS protos h323 buffer overflow (specific-threats.rules)
 * 1:15936 <-> DISABLED <-> SPECIFIC-THREATS Sendmail identd command parsing vulnerability (specific-threats.rules)
 * 1:15922 <-> ENABLED <-> FILE-IDENTIFY MP3 file download request (file-identify.rules)
 * 1:15921 <-> ENABLED <-> FILE-IDENTIFY Microsoft multimedia format file download request (file-identify.rules)
 * 1:15910 <-> ENABLED <-> EXPLOIT Microsoft Internet Explorer getElementById object corruption (exploit.rules)
 * 1:15900 <-> ENABLED <-> FILE-IDENTIFY Audio Interchange file download request (file-identify.rules)
 * 1:15870 <-> ENABLED <-> FILE-IDENTIFY 4XM file download request (file-identify.rules)
 * 1:15865 <-> ENABLED <-> FILE-IDENTIFY MP4 file download request (file-identify.rules)
 * 1:15850 <-> ENABLED <-> EXPLOIT Remote Desktop orderType remote code execution attempt (exploit.rules)
 * 1:15849 <-> ENABLED <-> EXPLOIT Microsoft Windows WINS replication inform2 request memory corruption attempt (exploit.rules)
 * 1:15732 <-> ENABLED <-> EXPLOIT Microsoft Internet Explorer CSS handling memory corruption attempt (exploit.rules)
 * 1:15731 <-> ENABLED <-> EXPLOIT Microsoft Internet Explorer javascript deleted reference arbitrary code execution attempt (exploit.rules)
 * 1:15681 <-> ENABLED <-> EXPLOIT Microsoft Office Publisher 2007 file format arbitrary code execution attempt (exploit.rules)
 * 1:15680 <-> ENABLED <-> EXPLOIT Microsoft DirectShow QuickTime file atom size parsing heap corruption attempt (exploit.rules)
 * 1:15587 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word file download request (file-identify.rules)
 * 1:15586 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Powerpoint file download request (file-identify.rules)
 * 1:15582 <-> ENABLED <-> FILE-IDENTIFY ARJ format file download request (file-identify.rules)
 * 1:15578 <-> DISABLED <-> SPECIFIC-THREATS Slowloris http DoS tool (specific-threats.rules)
 * 1:15527 <-> ENABLED <-> EXPLOIT Microsoft Windows Active Directory LDAP denial of service attempt (exploit.rules)
 * 1:15526 <-> ENABLED <-> EXPLOIT Microsoft Works 4.x converter font name buffer overflow attempt (exploit.rules)
 * 1:15525 <-> ENABLED <-> EXPLOIT Microsoft Office Word remote code execution attempt (exploit.rules)
 * 1:15524 <-> ENABLED <-> EXPLOIT Microsoft Office Word remote code execution attempt (exploit.rules)
 * 1:15523 <-> ENABLED <-> EXPLOIT Microsoft Windows srvsvc NetrShareEnum netname overflow attempt (exploit.rules)
 * 1:15518 <-> ENABLED <-> FILE-IDENTIFY Embedded Open Type Font file download request (file-identify.rules)
 * 1:15511 <-> DISABLED <-> SPECIFIC-THREATS Oracle WebLogic Apache Connector buffer overflow attempt (specific-threats.rules)
 * 1:15482 <-> DISABLED <-> EXPLOIT Oracle Java System sockd authentication buffer overflow attempt (exploit.rules)
 * 1:15467 <-> ENABLED <-> EXPLOIT Microsoft WordPad and Office Text Converters PlcPcd aCP buffer overflow attempt (exploit.rules)
 * 1:15466 <-> ENABLED <-> EXPLOIT Microsoft WordPad WordPerfect 6.x converter buffer overflow attempt (exploit.rules)
 * 1:15464 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file download request (file-identify.rules)
 * 1:15463 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file download request (file-identify.rules)
 * 1:15460 <-> ENABLED <-> EXPLOIT Microsoft Internet Explorer ActiveX load/unload race condition attempt (exploit.rules)
 * 1:15459 <-> ENABLED <-> EXPLOIT Microsoft Internet Explorer deleted/unitialized object memory corruption attempt (exploit.rules)
 * 1:15458 <-> ENABLED <-> EXPLOIT Microsoft Internet Explorer navigating between pages race condition attempt (exploit.rules)
 * 1:15457 <-> ENABLED <-> EXPLOIT Microsoft Windows DirectShow MJPEG arbitrary code execution attempt (exploit.rules)
 * 1:15455 <-> ENABLED <-> EXPLOIT Microsoft WordPad and Office Text Converters XST parsing buffer overflow attempt (exploit.rules)
 * 1:15444 <-> ENABLED <-> FILE-IDENTIFY Core Audio Format file download request (file-identify.rules)
 * 1:15427 <-> ENABLED <-> FILE-IDENTIFY SVG file download request (file-identify.rules)
 * 1:15426 <-> ENABLED <-> FILE-IDENTIFY MAKI file download request (file-identify.rules)
 * 1:15385 <-> DISABLED <-> FILE-IDENTIFY VQF file download request (file-identify.rules)
 * 1:15306 <-> ENABLED <-> FILE-IDENTIFY Portable Executable binary file magic detection (file-identify.rules)
 * 1:15294 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Visio file download request (file-identify.rules)
 * 1:15237 <-> ENABLED <-> FILE-IDENTIFY Java .class file download request (file-identify.rules)
 * 1:15163 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Visio Object Header Buffer Overflow attempt (specific-threats.rules)
 * 1:15158 <-> ENABLED <-> FILE-IDENTIFY XML Shareable Playlist Format file download request (file-identify.rules)
 * 1:15083 <-> ENABLED <-> EXPLOIT Microsoft Office Word .rtf file double free attempt (exploit.rules)
 * 1:15082 <-> ENABLED <-> EXPLOIT Microsoft Office Word rtf malformed dpcallout buffer overflow attempt (exploit.rules)
 * 1:15079 <-> ENABLED <-> FILE-IDENTIFY WAV file download request (file-identify.rules)
 * 1:15013 <-> ENABLED <-> FILE-IDENTIFY PDF file download request (file-identify.rules)
 * 1:14773 <-> DISABLED <-> SPECIFIC-THREATS CA ARCserve LGServer handshake buffer overflow attempt (specific-threats.rules)
 * 1:14742 <-> DISABLED <-> SPECIFIC-THREATS Microsoft Exchange MODPROPS denial of service PoC attempt (specific-threats.rules)
 * 1:1464 <-> DISABLED <-> ATTACK-RESPONSES oracle one hour install (attack-responses.rules)
 * 1:14615 <-> ENABLED <-> EXPLOIT Oracle Java web console format string attempt (exploit.rules)
 * 1:14018 <-> ENABLED <-> FILE-IDENTIFY PLS multimedia playlist file download request (file-identify.rules)
 * 1:14017 <-> ENABLED <-> FILE-IDENTIFY MPEG Layer 3 playlist file download request (file-identify.rules)
 * 1:13983 <-> ENABLED <-> FILE-IDENTIFY EPS file download request (file-identify.rules)
 * 1:13928 <-> ENABLED <-> SPECIFIC-THREATS Adobe RoboHelp r0 SQL injection attempt (specific-threats.rules)
 * 1:13916 <-> ENABLED <-> EXPLOIT Alt-N SecurityGateway username buffer overflow attempt (exploit.rules)
 * 1:13915 <-> ENABLED <-> FILE-IDENTIFY BAK file download request (file-identify.rules)
 * 1:13911 <-> ENABLED <-> FILE-IDENTIFY Microsoft search file download request (file-identify.rules)
 * 1:13902 <-> ENABLED <-> EXPLOIT IBM Lotus Sametime multiplexer stack buffer overflow attempt (exploit.rules)
 * 1:1388 <-> DISABLED <-> EXPLOIT Microsoft Windows UPnP Location overflow attempt (exploit.rules)
 * 1:13801 <-> ENABLED <-> FILE-IDENTIFY RTF file download request (file-identify.rules)
 * 1:13797 <-> ENABLED <-> FILE-IDENTIFY Portable Executable compact binary file magic detection (file-identify.rules)
 * 1:13719 <-> DISABLED <-> ORACLE database username buffer overflow (oracle.rules)
 * 1:13694 <-> DISABLED <-> EXPLOIT RealNetworks Helix RTSP long get request exploit attempt (exploit.rules)
 * 1:13678 <-> DISABLED <-> FILE-IDENTIFY Microsoft EMF metafile access detected (file-identify.rules)
 * 1:13677 <-> ENABLED <-> EXPLOIT Microsoft Internet Explorer data stream memory corruption attempt (exploit.rules)
 * 1:13619 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Windows getBulkRequest memory corruption attempt (specific-threats.rules)
 * 1:13618 <-> DISABLED <-> SPECIFIC-THREATS Oracle database version 9 username buffer overflow attempt (specific-threats.rules)
 * 1:13617 <-> ENABLED <-> SPECIFIC-THREATS Oracle database version 8 username buffer overflow attempt (specific-threats.rules)
 * 1:13613 <-> DISABLED <-> SPECIFIC-THREATS Solaris username overflow authentication bypass attempt (specific-threats.rules)
 * 1:13594 <-> DISABLED <-> SPECIFIC-THREATS Microsoft Windows print spooler little endian DoS attempt (specific-threats.rules)
 * 1:13584 <-> ENABLED <-> FILE-IDENTIFY CSV file download request (file-identify.rules)
 * 1:13583 <-> ENABLED <-> FILE-IDENTIFY Microsoft SYmbolic LinK file download request (file-identify.rules)
 * 1:13522 <-> ENABLED <-> EXPLOIT Firebird Database Server username handling buffer overflow (exploit.rules)
 * 1:13521 <-> ENABLED <-> EXPLOIT Nullsoft Winamp Ultravox streaming malicious metadata (exploit.rules)
 * 1:13520 <-> ENABLED <-> EXPLOIT Nullsoft Winamp Ultravox streaming malicious metadata (exploit.rules)
 * 1:13517 <-> ENABLED <-> EXPLOIT Apple QTIF malformed idsc atom (exploit.rules)
 * 1:13473 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Publisher file download request (file-identify.rules)
 * 1:13472 <-> DISABLED <-> EXPLOIT Microsoft Works invalid chunk size (exploit.rules)
 * 1:13470 <-> ENABLED <-> EXPLOIT Microsoft Office Publisher memory corruption attempt (exploit.rules)
 * 1:13465 <-> ENABLED <-> FILE-IDENTIFY Microsoft Works file download request (file-identify.rules)
 * 1:13363 <-> ENABLED <-> EXPLOIT Cisco Unified Communications Manager heap overflow attempt (exploit.rules)
 * 1:13362 <-> DISABLED <-> EXPLOIT ClamAV MEW PE file integer overflow attempt (exploit.rules)
 * 1:13361 <-> DISABLED <-> EXPLOIT ClamAV MEW PE file integer overflow attempt (exploit.rules)
 * 1:13292 <-> ENABLED <-> EXPLOIT Skype skype4com URI handler memory corruption attempt (exploit.rules)
 * 1:13161 <-> ENABLED <-> EXPLOIT HP OpenView CGI parameter buffer overflow attempt (exploit.rules)
 * 1:12971 <-> DISABLED <-> EXPLOIT Microsoft Windows DirectX directshow wav file overflow attempt (exploit.rules)
 * 1:12770 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Windows obfuscated RDS.Dataspace ActiveX exploit attempt (specific-threats.rules)
 * 1:12746 <-> ENABLED <-> EXPLOIT Apple QuickTime STSD atom overflow attempt (exploit.rules)
 * 1:12713 <-> ENABLED <-> ORACLE pitrig_dropmetadata buffer overflow attempt (oracle.rules)
 * 1:12710 <-> ENABLED <-> SPECIFIC-THREATS ASN.1 constructed bit string (specific-threats.rules)
 * 1:12709 <-> ENABLED <-> SPECIFIC-THREATS ASN.1 constructed bit string (specific-threats.rules)
 * 1:12685 <-> DISABLED <-> EXPLOIT IBM Tivoli Storage Manger Express CAD Host buffer overflow (exploit.rules)
 * 1:12666 <-> DISABLED <-> EXPLOIT HP OpenView OVTrace buffer overflow attempt (exploit.rules)
 * 1:12665 <-> DISABLED <-> EXPLOIT CA BrightStor LGSever username buffer overflow attempt (exploit.rules)
 * 1:12634 <-> ENABLED <-> EXPLOIT Microsoft Windows 2000 Kodak Imaging large offset malformed tiff 2 (exploit.rules)
 * 1:12633 <-> ENABLED <-> EXPLOIT Microsoft Windows 2000 Kodak Imaging small offset malformed tiff (exploit.rules)
 * 1:12632 <-> DISABLED <-> EXPLOIT Microsoft Windows 2000 Kodak Imaging large offset malformed jpeg tables (exploit.rules)
 * 1:12631 <-> DISABLED <-> EXPLOIT Microsoft Windows 2000 Kodak Imaging small offset malformed jpeg tables (exploit.rules)
 * 1:12619 <-> DISABLED <-> EXPLOIT Microsoft Exchange ical/vcal malformed property (exploit.rules)
 * 1:12596 <-> DISABLED <-> EXPLOIT CA BrightStor LGServer username buffer overflow attempt (exploit.rules)
 * 1:12593 <-> DISABLED <-> EXPLOIT Firefox Quicktime chrome exploit (exploit.rules)
 * 1:12465 <-> DISABLED <-> EXPLOIT Apache APR memory corruption attempt (exploit.rules)
 * 1:12463 <-> DISABLED <-> EXPLOIT Microsoft Windows Visual Studio Crystal Reports RPT file handling buffer overflow attempt (exploit.rules)
 * 1:12455 <-> DISABLED <-> FILE-IDENTIFY Crystal Reports file download request (file-identify.rules)
 * 1:12454 <-> DISABLED <-> FILE-IDENTIFY Microsoft Windows Media ASF file magic detection (file-identify.rules)
 * 1:12183 <-> DISABLED <-> EXPLOIT Adobe FLV long string script data buffer overflow (exploit.rules)
 * 1:12182 <-> ENABLED <-> FILE-IDENTIFY Adobe Flash Player FLV file magic detection (file-identify.rules)
 * 1:12070 <-> DISABLED <-> EXPLOIT Microsoft Office Excel malformed version field (exploit.rules)
 * 1:12058 <-> DISABLED <-> SPECIFIC-THREATS Microsoft Windows SPNEGO ASN.1 library heap corruption overflow attempt (specific-threats.rules)
 * 1:1201 <-> ENABLED <-> ATTACK-RESPONSES 403 Forbidden (attack-responses.rules)
 * 1:1200 <-> ENABLED <-> ATTACK-RESPONSES Invalid URL (attack-responses.rules)
 * 1:11686 <-> DISABLED <-> SPECIFIC-THREATS Microsoft Windows WebDAV search overflow attempt (specific-threats.rules)
 * 1:11684 <-> DISABLED <-> EXPLOIT Microsoft Windows WINS overflow attempt (exploit.rules)
 * 1:11681 <-> DISABLED <-> EXPLOIT Openview Omni II command bypass attempt (exploit.rules)
 * 1:11670 <-> DISABLED <-> EXPLOIT Symantec Discovery logging buffer overflow (exploit.rules)
 * 1:11205 <-> ENABLED <-> ORACLE sys.dbms_upgrade_internal access attempt (oracle.rules)
 * 1:11203 <-> ENABLED <-> ORACLE sys.dbms_apply_user_agent.set_registration_handler access attempt (oracle.rules)
 * 1:11175 <-> DISABLED <-> ORACLE dbms_cdc_ipublish.chgtab_cache buffer overflow attempt (oracle.rules)
 * 1:11003 <-> DISABLED <-> ORACLE dbms_snap_internal.generate_refresh_operations buffer overflow attempt (oracle.rules)
 * 1:11002 <-> DISABLED <-> ORACLE dbms_snap_internal.generate_refresh_operations buffer overflow attempt (oracle.rules)
 * 1:11001 <-> DISABLED <-> ORACLE dbms_snap_internal.delete_refresh_operations buffer overflow attempt (oracle.rules)
 * 1:11000 <-> ENABLED <-> ORACLE dbms_snap_internal.delete_refresh_operations buffer overflow attempt (oracle.rules)
 * 1:10998 <-> ENABLED <-> EXPLOIT Novell GroupWise WebAccess authentication overflow (exploit.rules)
 * 1:10407 <-> DISABLED <-> EXPLOIT RealNetworks Helix Server LoadTestPassword buffer overflow attempt (exploit.rules)
 * 1:10187 <-> ENABLED <-> EXPLOIT HP Mercury Loadrunner command line buffer overflow (exploit.rules)
 * 1:1016 <-> DISABLED <-> WEB-IIS global.asa access (web-iis.rules)
 * 1:10126 <-> ENABLED <-> WEB-CLIENT  QuickTime JPEG Huffman Table integer underflow attempt (web-client.rules)
 * 1:10115 <-> ENABLED <-> WEB-CLIENT Microsoft Windows WMF DOS attempt (web-client.rules)
 * 1:10064 <-> ENABLED <-> EXPLOIT Peercast URL Parameter overflow attempt (exploit.rules)
 * 1:10062 <-> DISABLED <-> WEB-CLIENT Java Virtual Machine malformed GIF buffer overflow attempt (web-client.rules)
 * 1:18771 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Excel ADO Object Parsing Code Execution  (specific-threats.rules)
 * 1:18772 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Excel ADO Object Parsing Code Execution  (specific-threats.rules)
 * 1:18790 <-> DISABLED <-> EXPLOIT Novell ZENworks Handheld Management ZfHIPCND.exe overflow attempt (exploit.rules)
 * 1:18791 <-> DISABLED <-> EXPLOIT Novell ZENworks Configuration Management Preboot service code overflow attempt (exploit.rules)
 * 1:18805 <-> ENABLED <-> EXPLOIT Adobe Flash Player undefined tag exploit attempt (exploit.rules)
 * 1:18806 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Excel RealTimeData record exploit attempt  (specific-threats.rules)
 * 1:1894 <-> DISABLED <-> EXPLOIT kadmind buffer overflow attempt (exploit.rules)
 * 1:1895 <-> DISABLED <-> EXPLOIT kadmind buffer overflow attempt (exploit.rules)
 * 1:1896 <-> DISABLED <-> EXPLOIT kadmind buffer overflow attempt (exploit.rules)
 * 1:18967 <-> ENABLED <-> SPECIFIC-THREATS Adobe ActionScript argumentCount download attempt (specific-threats.rules)
 * 1:1897 <-> DISABLED <-> EXPLOIT kadmind buffer overflow attempt (exploit.rules)
 * 1:1898 <-> DISABLED <-> EXPLOIT kadmind buffer overflow attempt (exploit.rules)
 * 1:1899 <-> DISABLED <-> EXPLOIT kadmind buffer overflow attempt (exploit.rules)
 * 1:1900 <-> DISABLED <-> SPECIFIC-THREATS successful kadmind buffer overflow attempt (specific-threats.rules)
 * 1:19000 <-> DISABLED <-> SPECIFIC-THREATS Oracle MySQL Database CASE NULL argument denial of service attempt (specific-threats.rules)
 * 1:1901 <-> DISABLED <-> SPECIFIC-THREATS successful kadmind buffer overflow attempt (specific-threats.rules)
 * 1:19064 <-> DISABLED <-> SPECIFIC-THREATS Microsoft OpenType font index remote code execution attempt (specific-threats.rules)
 * 1:19072 <-> ENABLED <-> EXPLOIT RealNetworks Helix Server NTLM authentication heap overflow attempt (exploit.rules)
 * 1:19091 <-> DISABLED <-> SPECIFIC-THREATS OpenSSL ssl3_get_key_exchange use-after-free attempt (specific-threats.rules)
 * 1:19092 <-> DISABLED <-> SPECIFIC-THREATS OpenSSL ssl3_get_key_exchange use-after-free attempt (specific-threats.rules)
 * 1:19093 <-> ENABLED <-> SPECIFIC-THREATS Oracle MySQL Database unique set column denial of service attempt (specific-threats.rules)
 * 1:19094 <-> ENABLED <-> SPECIFIC-THREATS Oracle MySQL Database unique set column denial of service attempt (specific-threats.rules)
 * 1:19101 <-> ENABLED <-> SPECIFIC-THREATS Oracle Java Web Server Admin Server denial of service attempt (specific-threats.rules)
 * 1:19104 <-> ENABLED <-> EXPLOIT HP OpenView Storage Data Protector Cell Manager heap overflow attempt (exploit.rules)
 * 1:19107 <-> DISABLED <-> SPECIFIC-THREATS Apache mod_isapi dangling pointer code execution attempt (specific-threats.rules)
 * 1:19126 <-> ENABLED <-> SPECIFIC-THREATS RealNetworks RealPlayer IVR handling heap buffer overflow attempt (specific-threats.rules)
 * 1:19127 <-> ENABLED <-> SPECIFIC-THREATS RealNetworks RealPlayer IVR handling heap buffer overflow attempt (specific-threats.rules)
 * 1:19128 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer REC file magic detection (file-identify.rules)
 * 1:19129 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer .r1m file magic detection (file-identify.rules)
 * 1:19130 <-> ENABLED <-> WEB-CLIENT Microsoft Windows MSPaint jpeg with malformed SOFx field exploit attempt (web-client.rules)
 * 1:19131 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office RTD buffer overflow attempt (specific-threats.rules)
 * 1:19132 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office RTD buffer overflow attempt (specific-threats.rules)
 * 1:19133 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Excel EntExU2 write access violation attempt (specific-threats.rules)
 * 1:19134 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Excel PtgExtraArray data parsing vulnerability exploit attempt (specific-threats.rules)
 * 1:19144 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Windows MPEG Layer-3 audio heap corruption attempt (specific-threats.rules)
 * 1:19145 <-> ENABLED <-> SPECIFIC-THREATS Adobe flash player newfunction memory corruption attempt (specific-threats.rules)
 * 1:19146 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Windows DirectX quartz.dll MJPEG content processing memory corruption attempt (specific-threats.rules)
 * 1:19160 <-> DISABLED <-> SPECIFIC-THREATS NetSupport Manager client buffer overflow attempt (specific-threats.rules)
 * 1:19161 <-> DISABLED <-> SPECIFIC-THREATS NetSupport Manager client buffer overflow attempt (specific-threats.rules)
 * 1:19162 <-> ENABLED <-> ORACLE get_domain_index_metadata privilege escalation attempt (oracle.rules)
 * 1:19163 <-> ENABLED <-> ORACLE get_v2_domain_index_tables privilege escalation attempt (oracle.rules)
 * 1:19166 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file magic detection (file-identify.rules)
 * 1:19170 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Windows .NET Framework XAML browser applications stack corruption (specific-threats.rules)
 * 1:19180 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Excel pivot item index boundary corruption attempt (specific-threats.rules)
 * 1:19182 <-> ENABLED <-> SPECIFIC-THREATS strongSwan Certificate and Identification payload overflow attempt (specific-threats.rules)
 * 1:19183 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Windows IIS FastCGI request header buffer overflow attempt (specific-threats.rules)
 * 1:19184 <-> ENABLED <-> EXPLOIT Microsoft Windows OLEAUT32.DLL malicious WMF file remote code execution attempt (exploit.rules)
 * 1:19185 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Windows .NET ArraySegment escape exploit attempt (specific-threats.rules)
 * 1:19188 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (specific-threats.rules)
 * 1:19192 <-> ENABLED <-> SPECIFIC-THREATS Microsoft IIS Repeated Parameter Request denial of service attempt (specific-threats.rules)
 * 1:19210 <-> DISABLED <-> EXPLOIT IBM Informix Dynamic Server set environment buffer overflow attempt (exploit.rules)
 * 1:19211 <-> ENABLED <-> FILE-IDENTIFY ZIP archive file download request (file-identify.rules)
 * 1:19212 <-> DISABLED <-> EXPLOIT Microsoft Windows MFC Document title updating buffer overflow attempt (exploit.rules)
 * 1:19215 <-> ENABLED <-> FILE-IDENTIFY Google Chrome extension file download request (file-identify.rules)
 * 1:19216 <-> DISABLED <-> SPECIFIC-THREATS Google Chrome Uninitialized bug_report Pointer Code Execution (specific-threats.rules)
 * 1:19217 <-> DISABLED <-> SPECIFIC-THREATS Google Chrome Uninitialized bug_report Pointer Code Execution (specific-threats.rules)
 * 1:19218 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Fax Cover page document file download request (file-identify.rules)
 * 1:19224 <-> ENABLED <-> FILE-IDENTIFY Cisco Webex wrf file download request (file-identify.rules)
 * 1:19226 <-> DISABLED <-> SPECIFIC-THREATS Cisco Webex Player .wrf stack buffer overflow (specific-threats.rules)
 * 1:19227 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Excel Scenario heap memory overflow (specific-threats.rules)
 * 1:19229 <-> ENABLED <-> EXPLOIT Microsoft Office Excel SLK file excessive Picture records exploit attempt (exploit.rules)
 * 1:19230 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Excel Selection exploit attempt (specific-threats.rules)
 * 1:19232 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Excel XF record exploit attempt (specific-threats.rules)
 * 1:19233 <-> DISABLED <-> FILE-IDENTIFY Microsoft Windows Visual Studio DISCO file download request (file-identify.rules)
 * 1:19238 <-> ENABLED <-> EXPLOIT Microsoft Internet Explorer 8 self remove from markup vulnerability (exploit.rules)
 * 1:19241 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Windows Vector Markup Language imagedata page deconstruction attempt (specific-threats.rules)
 * 1:19242 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Windows Vector Markup Language imagedata page deconstruction attempt (specific-threats.rules)
 * 1:19252 <-> ENABLED <-> FILE-IDENTIFY language.engtesselate.ln file download request (file-identify.rules)
 * 1:19258 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Excel SxView record memory pointer corruption attempt (specific-threats.rules)
 * 1:19259 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Excel WOpt record memory corruption attempt (specific-threats.rules)
 * 1:19260 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Excel malformed MsoDrawingObject record attempt (specific-threats.rules)
 * 1:19261 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Excel BIFF8 invalid Selection.cref exploit attempt (specific-threats.rules)
 * 1:19289 <-> ENABLED <-> FILE-IDENTIFY MHTML file download request (file-identify.rules)
 * 1:19292 <-> ENABLED <-> SPECIFIC-THREATS Mozilla Firefox appendChild use-after-free attempt (specific-threats.rules)
 * 1:19295 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Word HTML linked objects memory corruption attempt (specific-threats.rules)
 * 1:19297 <-> ENABLED <-> SPECIFIC-THREATS sidename.js script injection (specific-threats.rules)
 * 1:19298 <-> ENABLED <-> SPECIFIC-THREATS cssminibar.js script injection (specific-threats.rules)
 * 1:19299 <-> ENABLED <-> SPECIFIC-THREATS banner.txt access - possible compromised multi-mesh injection server (specific-threats.rules)
 * 1:19303 <-> ENABLED <-> WEB-CLIENT Microsoft Office PowerPoint out of bounds value remote code execution attempt (web-client.rules)
 * 1:19306 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Publisher pubconv.dll corruption attempt (specific-threats.rules)
 * 1:19308 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Windows embedded OpenType EOT font integer overflow attempt (specific-threats.rules)
 * 1:19321 <-> DISABLED <-> EXPLOIT Mozilla Products nsCSSValue Array Index Integer Overflow (exploit.rules)
 * 1:19322 <-> DISABLED <-> SPECIFIC-THREATS Microsoft Internet Explorer and Sharepoint toStaticHTML information disclosure attempt (specific-threats.rules)
 * 1:19403 <-> ENABLED <-> SPECIFIC-THREATS Cinepak Codec VIDC decompression remote code execution attempt (specific-threats.rules)
 * 1:19406 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Outlook SMB attach by reference code execution attempt (specific-threats.rules)
 * 1:19407 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Outlook SMB attach by reference code execution attempt (specific-threats.rules)
 * 1:19412 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Excel RealTimeData record parsing memory corruption (specific-threats.rules)
 * 1:19413 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Publisher 2007 and earlier stack buffer overflow attempt (specific-threats.rules)
 * 1:19414 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Publisher 2007 and earlier stack buffer overflow attempt (specific-threats.rules)
 * 1:19416 <-> DISABLED <-> WEB-CLIENT Apple iOS 4.3.3 jailbreak for iPad download attempt (web-client.rules)
 * 1:19417 <-> DISABLED <-> WEB-CLIENT Apple iOS 4.3.3 jailbreak for iPad download attempt (web-client.rules)
 * 1:19418 <-> DISABLED <-> WEB-CLIENT Apple iOS 4.3.3 jailbreak for iPhone download attempt (web-client.rules)
 * 1:19419 <-> DISABLED <-> WEB-CLIENT Apple iOS 4.3.3 jailbreak for iPod download attempt (web-client.rules)
 * 1:19420 <-> ENABLED <-> SPECIFIC-THREATS VideoLAN VLC Media Player Subtitle StripTags Heap Buffer Overflow (specific-threats.rules)
 * 1:19421 <-> ENABLED <-> SPECIFIC-THREATS VideoLAN VLC Media Player Subtitle StripTags Heap Buffer Overflow (specific-threats.rules)
 * 1:19422 <-> ENABLED <-> FILE-IDENTIFY matroska file magic detection (file-identify.rules)
 * 1:19423 <-> ENABLED <-> FILE-IDENTIFY MKV file download request (file-identify.rules)
 * 1:19424 <-> ENABLED <-> FILE-IDENTIFY MKA file download request (file-identify.rules)
 * 1:19425 <-> ENABLED <-> FILE-IDENTIFY MKS file download request (file-identify.rules)
 * 1:19430 <-> ENABLED <-> FILE-IDENTIFY MID file download request (file-identify.rules)
 * 1:19665 <-> ENABLED <-> EXPLOIT Microsoft Windows Remote Desktop web access cross-site scripting attempt (exploit.rules)
 * 1:19675 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Visio invalid UMLString data length exploit attempt (specific-threats.rules)
 * 1:19676 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Visio invalid UMLDTOptions object exploit attempt (specific-threats.rules)
 * 1:19707 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office Word Converter sprmTSplit overflow attempt (specific-threats.rules)
 * 1:19708 <-> ENABLED <-> SMTP Postfix SMTP Server SASL AUTH Handle Reuse Memory Corruption (smtp.rules)
 * 1:19811 <-> ENABLED <-> SPECIFIC-THREATS Microsoft Office PowerPoint malformed record call to freed object attempt (specific-threats.rules)
 * 1:19825 <-> ENABLED <-> DOS Apache Killer denial of service tool exploit attempt (dos.rules)
 * 1:19907 <-> DISABLED <-> FILE-IDENTIFY PICT file magic detection (file-identify.rules)
 * 1:19938 <-> ENABLED <-> EXPLOIT IBM Tivoli Directory Server ibmslapd.exe Stack Buffer Overflow (exploit.rules)
 * 1:20032 <-> ENABLED <-> FILE-IDENTIFY MIME file type file download request (file-identify.rules)
 * 1:20033 <-> ENABLED <-> FILE-IDENTIFY MIME file type file download request (file-identify.rules)
 * 3:13887 <-> ENABLED <-> BAD-TRAFFIC dns root nameserver poisoning attempt (bad-traffic.rules)
 * 3:17608 <-> ENABLED <-> WEB-CLIENT Apple QuickTime color table atom movie file handling heap corruption attempt (web-client.rules)
 * 3:18220 <-> ENABLED <-> WEB-CLIENT Microsoft Windows ATMFD font driver malformed character glyph remote code execution attempt (web-client.rules)
 * 3:20539 <-> ENABLED <-> WEB-CLIENT Microsoft TrueType font parsing engine sfac_GetSbitBitmap elevation of privileges attempt (web-client.rules)