Sourcefire VRT Rules Update

Date: 2012-10-25

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2.9.3.0.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:24486 <-> DISABLED <-> FILE-PDF Microsoft Windows kernel-mode drivers core font parsing integer overflow attempt (file-pdf.rules)
 * 1:24484 <-> ENABLED <-> FILE-IDENTIFY Embedded Open Type Font file magic detected (file-identify.rules)
 * 1:24485 <-> DISABLED <-> FILE-PDF Microsoft Windows kernel-mode drivers core font parsing integer overflow attempt (file-pdf.rules)
 * 1:24489 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CryptoAPI common name spoofing attempt (os-windows.rules)
 * 1:24490 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CryptoAPI common name spoofing attempt (os-windows.rules)
 * 1:24488 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CryptoAPI common name spoofing attempt (os-windows.rules)
 * 1:24487 <-> DISABLED <-> FILE-PDF Microsoft Windows kernel-mode drivers core font parsing integer overflow attempt (file-pdf.rules)
 * 1:24483 <-> ENABLED <-> FILE-IDENTIFY Embedded Open Type Font file magic detected (file-identify.rules)

Modified Rules:


 * 1:8541 <-> DISABLED <-> SERVER-ORACLE sdo_cs.transform_layer buffer overflow attempt (server-oracle.rules)
 * 1:8545 <-> DISABLED <-> PUA-ADWARE Adware roogoo runtime detection - surfing monitor (pua-adware.rules)
 * 1:8546 <-> DISABLED <-> PUA-ADWARE Adware roogoo runtime detection - show ads (pua-adware.rules)
 * 1:8550 <-> DISABLED <-> SERVER-ORACLE dbms_mview.register_mview buffer overflow attempt (server-oracle.rules)
 * 1:8551 <-> DISABLED <-> SERVER-ORACLE dbms_mview.unregister_mview buffer overflow attempt (server-oracle.rules)
 * 1:856 <-> DISABLED <-> SERVER-WEBAPP environ.cgi access (server-webapp.rules)
 * 1:857 <-> DISABLED <-> SERVER-WEBAPP faxsurvey access (server-webapp.rules)
 * 1:858 <-> DISABLED <-> SERVER-WEBAPP filemail access (server-webapp.rules)
 * 1:859 <-> DISABLED <-> SERVER-WEBAPP man.sh access (server-webapp.rules)
 * 1:860 <-> DISABLED <-> SERVER-WEBAPP snork.bat access (server-webapp.rules)
 * 1:861 <-> DISABLED <-> SERVER-WEBAPP w3-msql access (server-webapp.rules)
 * 1:862 <-> DISABLED <-> SERVER-WEBAPP csh access (server-webapp.rules)
 * 1:863 <-> DISABLED <-> SERVER-WEBAPP day5datacopier.cgi access (server-webapp.rules)
 * 1:864 <-> DISABLED <-> SERVER-WEBAPP day5datanotifier.cgi access (server-webapp.rules)
 * 1:865 <-> DISABLED <-> SERVER-WEBAPP ksh access (server-webapp.rules)
 * 1:866 <-> DISABLED <-> SERVER-WEBAPP post-query access (server-webapp.rules)
 * 1:867 <-> DISABLED <-> SERVER-WEBAPP visadmin.exe access (server-webapp.rules)
 * 1:868 <-> DISABLED <-> SERVER-WEBAPP rsh access (server-webapp.rules)
 * 1:869 <-> DISABLED <-> SERVER-WEBAPP dumpenv.pl access (server-webapp.rules)
 * 1:870 <-> DISABLED <-> SERVER-WEBAPP snorkerz.cmd access (server-webapp.rules)
 * 1:8700 <-> DISABLED <-> SERVER-IIS ASP.NET 2.0 cross-site scripting attempt (server-iis.rules)
 * 1:8707 <-> DISABLED <-> PROTOCOL-FTP WZD-FTPD SITE arbitrary command execution attempt (protocol-ftp.rules)
 * 1:871 <-> DISABLED <-> SERVER-WEBAPP survey.cgi access (server-webapp.rules)
 * 1:872 <-> DISABLED <-> SERVER-WEBAPP tcsh access (server-webapp.rules)
 * 1:8730 <-> DISABLED <-> PROTOCOL-ICMP record route rr denial of service attempt (protocol-icmp.rules)
 * 1:875 <-> DISABLED <-> SERVER-WEBAPP win-c-sample.exe access (server-webapp.rules)
 * 1:877 <-> DISABLED <-> SERVER-WEBAPP rksh access (server-webapp.rules)
 * 1:878 <-> DISABLED <-> SERVER-WEBAPP w3tvars.pm access (server-webapp.rules)
 * 1:879 <-> DISABLED <-> SERVER-WEBAPP admin.pl access (server-webapp.rules)
 * 1:880 <-> DISABLED <-> SERVER-WEBAPP LWGate access (server-webapp.rules)
 * 1:881 <-> DISABLED <-> SERVER-WEBAPP archie access (server-webapp.rules)
 * 1:882 <-> DISABLED <-> SERVER-WEBAPP calendar access (server-webapp.rules)
 * 1:883 <-> DISABLED <-> SERVER-WEBAPP flexform access (server-webapp.rules)
 * 1:885 <-> DISABLED <-> SERVER-WEBAPP bash access (server-webapp.rules)
 * 1:886 <-> DISABLED <-> SERVER-WEBAPP phf access (server-webapp.rules)
 * 1:887 <-> DISABLED <-> SERVER-WEBAPP www-sql access (server-webapp.rules)
 * 1:888 <-> DISABLED <-> SERVER-WEBAPP wwwadmin.pl access (server-webapp.rules)
 * 1:889 <-> DISABLED <-> SERVER-WEBAPP ppdscgi.exe access (server-webapp.rules)
 * 1:890 <-> DISABLED <-> SERVER-WEBAPP sendform.cgi access (server-webapp.rules)
 * 1:891 <-> DISABLED <-> SERVER-WEBAPP upload.pl access (server-webapp.rules)
 * 1:892 <-> DISABLED <-> SERVER-WEBAPP AnyForm2 access (server-webapp.rules)
 * 1:894 <-> DISABLED <-> SERVER-WEBAPP bb-hist.sh access (server-webapp.rules)
 * 1:895 <-> DISABLED <-> SERVER-WEBAPP redirect access (server-webapp.rules)
 * 1:896 <-> DISABLED <-> SERVER-WEBAPP way-board access (server-webapp.rules)
 * 1:897 <-> DISABLED <-> SERVER-WEBAPP pals-cgi access (server-webapp.rules)
 * 1:898 <-> DISABLED <-> SERVER-WEBAPP commerce.cgi access (server-webapp.rules)
 * 1:899 <-> DISABLED <-> SERVER-WEBAPP Amaya templates sendtemp.pl directory traversal attempt (server-webapp.rules)
 * 1:900 <-> DISABLED <-> SERVER-WEBAPP webspirs.cgi directory traversal attempt (server-webapp.rules)
 * 1:901 <-> DISABLED <-> SERVER-WEBAPP webspirs.cgi access (server-webapp.rules)
 * 1:902 <-> DISABLED <-> SERVER-WEBAPP tstisapi.dll access (server-webapp.rules)
 * 1:903 <-> DISABLED <-> SERVER-OTHER Adobe Coldfusion cfcache.map access (server-other.rules)
 * 1:904 <-> DISABLED <-> SERVER-OTHER Adobe Coldfusion exampleapp application.cfm (server-other.rules)
 * 1:905 <-> DISABLED <-> SERVER-OTHER Adobe Coldfusion application.cfm access (server-other.rules)
 * 1:906 <-> DISABLED <-> SERVER-OTHER Adobe Coldfusion getfile.cfm access (server-other.rules)
 * 1:907 <-> DISABLED <-> SERVER-OTHER Adobe Coldfusion addcontent.cfm access (server-other.rules)
 * 1:908 <-> DISABLED <-> SERVER-OTHER Adobe Coldfusion administrator access (server-other.rules)
 * 1:909 <-> DISABLED <-> SERVER-OTHER Adobe Coldfusion datasource username attempt (server-other.rules)
 * 1:910 <-> DISABLED <-> SERVER-OTHER Adobe Coldfusion fileexists.cfm access (server-other.rules)
 * 1:911 <-> DISABLED <-> SERVER-OTHER Adobe Coldfusion exprcalc access (server-other.rules)
 * 1:912 <-> DISABLED <-> SERVER-OTHER Adobe Coldfusion parks access (server-other.rules)
 * 1:913 <-> DISABLED <-> SERVER-OTHER Adobe Coldfusion cfappman access (server-other.rules)
 * 1:914 <-> DISABLED <-> SERVER-OTHER Adobe Coldfusion beaninfo access (server-other.rules)
 * 1:915 <-> DISABLED <-> SERVER-OTHER Adobe Coldfusion evaluate.cfm access (server-other.rules)
 * 1:916 <-> DISABLED <-> SERVER-OTHER Adobe Coldfusion getodbcdsn access (server-other.rules)
 * 1:917 <-> DISABLED <-> SERVER-OTHER Adobe Coldfusion db connections flush attempt (server-other.rules)
 * 1:918 <-> DISABLED <-> SERVER-OTHER Adobe Coldfusion expeval access (server-other.rules)
 * 1:919 <-> DISABLED <-> SERVER-OTHER Adobe Coldfusion datasource passwordattempt (server-other.rules)
 * 1:920 <-> DISABLED <-> SERVER-OTHER Adobe Coldfusion datasource attempt (server-other.rules)
 * 1:921 <-> DISABLED <-> SERVER-OTHER Adobe Coldfusion admin encrypt attempt (server-other.rules)
 * 1:922 <-> DISABLED <-> SERVER-OTHER Adobe Coldfusion displayfile access (server-other.rules)
 * 1:923 <-> DISABLED <-> SERVER-OTHER Adobe Coldfusion getodbcin attempt (server-other.rules)
 * 1:924 <-> DISABLED <-> SERVER-OTHER Adobe Coldfusion admin decrypt attempt (server-other.rules)
 * 1:925 <-> DISABLED <-> SERVER-OTHER Adobe Coldfusion mainframeset access (server-other.rules)
 * 1:926 <-> DISABLED <-> SERVER-OTHER Adobe Coldfusion set odbc ini attempt (server-other.rules)
 * 1:927 <-> DISABLED <-> SERVER-OTHER Adobe Coldfusion settings refresh attempt (server-other.rules)
 * 1:928 <-> DISABLED <-> SERVER-OTHER Adobe Coldfusion exampleapp access (server-other.rules)
 * 1:929 <-> DISABLED <-> SERVER-OTHER Adobe Coldfusion CFUSION_VERIFYMAIL access (server-other.rules)
 * 1:930 <-> DISABLED <-> SERVER-OTHER Adobe Coldfusion snippets attempt (server-other.rules)
 * 1:931 <-> DISABLED <-> SERVER-OTHER Adobe Coldfusion cfmlsyntaxcheck.cfm access (server-other.rules)
 * 1:932 <-> DISABLED <-> SERVER-OTHER Adobe Coldfusion application.cfm access (server-other.rules)
 * 1:933 <-> DISABLED <-> SERVER-OTHER Adobe Coldfusion onrequestend.cfm access (server-other.rules)
 * 1:935 <-> DISABLED <-> SERVER-OTHER Adobe Coldfusion startstop DOS access (server-other.rules)
 * 1:936 <-> DISABLED <-> SERVER-OTHER Adobe Coldfusion gettempdirectory.cfm access  (server-other.rules)
 * 1:9625 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Player ASX file ref href buffer overflow attempt (os-windows.rules)
 * 1:9641 <-> ENABLED <-> OS-WINDOWS Microsoft Windows Media Player ASF simple index object parsing buffer overflow attempt (os-windows.rules)
 * 1:9642 <-> ENABLED <-> OS-WINDOWS Microsoft Windows Media Player ASF codec list object parsing buffer overflow attempt (os-windows.rules)
 * 1:9643 <-> ENABLED <-> OS-WINDOWS Microsoft Windows Media Player ASF marker object parsing buffer overflow attempt (os-windows.rules)
 * 1:9644 <-> DISABLED <-> PUA-ADWARE Adware imnames runtime detection (pua-adware.rules)
 * 1:969 <-> DISABLED <-> SERVER-IIS WebDAV file lock attempt (server-iis.rules)
 * 1:971 <-> DISABLED <-> SERVER-IIS ISAPI .printer access (server-iis.rules)
 * 1:973 <-> DISABLED <-> SERVER-IIS *.idc attempt (server-iis.rules)
 * 1:974 <-> DISABLED <-> SERVER-IIS Directory transversal attempt (server-iis.rules)
 * 1:975 <-> DISABLED <-> SERVER-IIS Alternate Data streams ASP file access attempt (server-iis.rules)
 * 1:977 <-> DISABLED <-> SERVER-IIS .cnf access (server-iis.rules)
 * 1:978 <-> DISABLED <-> SERVER-IIS ASP contents view (server-iis.rules)
 * 1:979 <-> DISABLED <-> SERVER-IIS ASP contents view (server-iis.rules)
 * 1:980 <-> DISABLED <-> SERVER-IIS CGImail.exe access (server-iis.rules)
 * 1:9831 <-> DISABLED <-> PUA-ADWARE Adware u88 runtime detection (pua-adware.rules)
 * 1:984 <-> DISABLED <-> SERVER-IIS JET VBA access (server-iis.rules)
 * 1:9848 <-> ENABLED <-> OS-WINDOWS Microsoft Windows Vector Markup Language recolorinfo tag numfills parameter buffer overflow attempt (os-windows.rules)
 * 1:9849 <-> ENABLED <-> OS-WINDOWS Microsoft Windows Vector Markup Language recolorinfo tag numcolors parameter buffer overflow attempt (os-windows.rules)
 * 1:985 <-> DISABLED <-> SERVER-IIS JET VBA access (server-iis.rules)
 * 1:986 <-> DISABLED <-> SERVER-IIS MSProxy access (server-iis.rules)
 * 1:991 <-> DISABLED <-> SERVER-IIS achg.htr access (server-iis.rules)
 * 1:992 <-> DISABLED <-> SERVER-IIS adctest.asp access (server-iis.rules)
 * 1:993 <-> DISABLED <-> SERVER-IIS iisadmin access (server-iis.rules)
 * 1:994 <-> DISABLED <-> SERVER-IIS /scripts/iisadmin/default.htm access (server-iis.rules)
 * 1:995 <-> DISABLED <-> SERVER-IIS ism.dll access (server-iis.rules)
 * 1:996 <-> DISABLED <-> SERVER-IIS anot.htr access (server-iis.rules)
 * 1:997 <-> DISABLED <-> SERVER-IIS asp-dot attempt (server-iis.rules)
 * 1:998 <-> DISABLED <-> SERVER-IIS asp-srch attempt (server-iis.rules)
 * 1:999 <-> DISABLED <-> SERVER-IIS bdir access (server-iis.rules)
 * 1:2890 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.drop_priority_nchar buffer overflow attempt (server-oracle.rules)
 * 1:854 <-> DISABLED <-> SERVER-WEBAPP classifieds.cgi access (server-webapp.rules)
 * 1:853 <-> DISABLED <-> SERVER-WEBAPP wrap access (server-webapp.rules)
 * 1:852 <-> DISABLED <-> SERVER-WEBAPP wguest.exe access (server-webapp.rules)
 * 1:851 <-> DISABLED <-> SERVER-WEBAPP files.pl access (server-webapp.rules)
 * 1:850 <-> DISABLED <-> SERVER-WEBAPP wais.pl access (server-webapp.rules)
 * 1:8493 <-> DISABLED <-> SERVER-OTHER Adobe Coldfusion sourcewindow.cfm access (server-other.rules)
 * 1:8492 <-> DISABLED <-> SERVER-OTHER Adobe Coldfusion openfile.cfm access (server-other.rules)
 * 1:8491 <-> DISABLED <-> SERVER-OTHER Adobe Coldfusion eval.cfm access (server-other.rules)
 * 1:8490 <-> DISABLED <-> SERVER-OTHER Adobe Coldfusion viewexample.cfm access (server-other.rules)
 * 1:849 <-> DISABLED <-> SERVER-WEBAPP view-source access (server-webapp.rules)
 * 1:8489 <-> DISABLED <-> SERVER-OTHER Adobe Coldfusion CFADMIN_REGISTRY_DELETE access (server-other.rules)
 * 1:8488 <-> DISABLED <-> SERVER-OTHER Adobe Coldfusion CFADMIN_REGISTRY_GET access (server-other.rules)
 * 1:8487 <-> DISABLED <-> SERVER-OTHER Adobe Coldfusion CFADMIN_REGISTRY_SET access (server-other.rules)
 * 1:8486 <-> DISABLED <-> SERVER-OTHER Adobe Coldfusion CFNEWINTERNALREGISTRY access (server-other.rules)
 * 1:8485 <-> DISABLED <-> SERVER-OTHER Adobe Coldfusion CFNEWINTERNALADMINSECURITY access (server-other.rules)
 * 1:8481 <-> DISABLED <-> PROTOCOL-FTP Microsoft NLST * dos attempt (protocol-ftp.rules)
 * 1:848 <-> DISABLED <-> SERVER-WEBAPP view-source directory traversal (server-webapp.rules)
 * 1:847 <-> DISABLED <-> SERVER-WEBAPP campas access (server-webapp.rules)
 * 1:8464 <-> DISABLED <-> PUA-ADWARE Adware henbang runtime detection (pua-adware.rules)
 * 1:846 <-> DISABLED <-> SERVER-WEBAPP bnbform.cgi access (server-webapp.rules)
 * 1:845 <-> DISABLED <-> SERVER-WEBAPP AT-admin.cgi access (server-webapp.rules)
 * 1:844 <-> DISABLED <-> SERVER-WEBAPP args.bat access (server-webapp.rules)
 * 1:843 <-> DISABLED <-> SERVER-WEBAPP anform2 access (server-webapp.rules)
 * 1:842 <-> DISABLED <-> SERVER-WEBAPP aglimpse access (server-webapp.rules)
 * 1:8416 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Vector Markup Language fill method overflow attempt (os-windows.rules)
 * 1:840 <-> DISABLED <-> SERVER-WEBAPP perlshop.cgi access (server-webapp.rules)
 * 1:839 <-> DISABLED <-> SERVER-WEBAPP finger access (server-webapp.rules)
 * 1:838 <-> DISABLED <-> SERVER-WEBAPP webgais access (server-webapp.rules)
 * 1:837 <-> DISABLED <-> SERVER-WEBAPP uploader.exe access (server-webapp.rules)
 * 1:836 <-> DISABLED <-> SERVER-WEBAPP textcounter.pl access (server-webapp.rules)
 * 1:8354 <-> ENABLED <-> PUA-ADWARE Adware desktopmedia runtime detection - surf monitoring (pua-adware.rules)
 * 1:8353 <-> ENABLED <-> PUA-ADWARE Adware desktopmedia runtime detection - auto update (pua-adware.rules)
 * 1:8352 <-> ENABLED <-> PUA-ADWARE Adware desktopmedia runtime detection - ads popup (pua-adware.rules)
 * 1:835 <-> DISABLED <-> SERVER-WEBAPP test-cgi access (server-webapp.rules)
 * 1:8349 <-> DISABLED <-> SERVER-IIS Indexing Service ciRestriction cross-site scripting attempt (server-iis.rules)
 * 1:834 <-> DISABLED <-> SERVER-WEBAPP rwwwshell.pl access (server-webapp.rules)
 * 1:833 <-> DISABLED <-> SERVER-WEBAPP rguest.exe access (server-webapp.rules)
 * 1:832 <-> DISABLED <-> SERVER-WEBAPP perl.exe access (server-webapp.rules)
 * 1:829 <-> DISABLED <-> SERVER-WEBAPP nph-test-cgi access (server-webapp.rules)
 * 1:828 <-> DISABLED <-> SERVER-WEBAPP maillist.pl access (server-webapp.rules)
 * 1:827 <-> DISABLED <-> SERVER-WEBAPP info2www access (server-webapp.rules)
 * 1:826 <-> DISABLED <-> SERVER-WEBAPP htmlscript access (server-webapp.rules)
 * 1:825 <-> DISABLED <-> SERVER-WEBAPP glimpse access (server-webapp.rules)
 * 1:824 <-> DISABLED <-> SERVER-WEBAPP php.cgi access (server-webapp.rules)
 * 1:823 <-> DISABLED <-> SERVER-WEBAPP cvsweb.cgi access (server-webapp.rules)
 * 1:821 <-> DISABLED <-> SERVER-WEBAPP imagemap.exe overflow attempt (server-webapp.rules)
 * 1:820 <-> DISABLED <-> SERVER-WEBAPP anaconda directory transversal attempt (server-webapp.rules)
 * 1:5992 <-> DISABLED <-> BLACKLIST Hijacker getmirar runtime detection - get keyword-related content (blacklist.rules)
 * 1:5990 <-> DISABLED <-> PUA-ADWARE Adware broadcastpc runtime detection - get up-to-date movie/tv/ad information (pua-adware.rules)
 * 1:5989 <-> DISABLED <-> PUA-ADWARE Adware broadcastpc runtime detection - get config (pua-adware.rules)
 * 1:5988 <-> DISABLED <-> BLACKLIST Trackware windupdates-mediagateway runtime detection - post data (blacklist.rules)
 * 1:5986 <-> DISABLED <-> BLACKLIST Trickler teomasearchbar runtime detection (blacklist.rules)
 * 1:5983 <-> DISABLED <-> PUA-ADWARE Adware powerstrip runtime detection (pua-adware.rules)
 * 1:5978 <-> DISABLED <-> BLACKLIST hijacker topfive searchassistant detection - update (blacklist.rules)
 * 1:5977 <-> DISABLED <-> BLACKLIST hijacker topfive searchassistant detection - post user information to server (blacklist.rules)
 * 1:5970 <-> DISABLED <-> BLACKLIST hijacker smart finder detection - keys update (blacklist.rules)
 * 1:5955 <-> DISABLED <-> BLACKLIST Trackware browserpal runtime detection - adblocker function (blacklist.rules)
 * 1:5954 <-> DISABLED <-> BLACKLIST Trackware browserpal runtime detection - post user info to server (blacklist.rules)
 * 1:5948 <-> DISABLED <-> PUA-ADWARE Adware weirdontheweb runtime detection - update notifier (pua-adware.rules)
 * 1:5947 <-> DISABLED <-> PUA-ADWARE Adware weirdontheweb runtime detection - log url (pua-adware.rules)
 * 1:5946 <-> DISABLED <-> PUA-ADWARE Adware weirdontheweb runtime detection - monitor user web activity (pua-adware.rules)
 * 1:5945 <-> DISABLED <-> PUA-ADWARE Adware weirdontheweb runtime detection - track.cgi request (pua-adware.rules)
 * 1:5944 <-> DISABLED <-> PUA-ADWARE Adware free access bar runtime detection 1 (pua-adware.rules)
 * 1:5932 <-> ENABLED <-> PUA-ADWARE Adware cashbar runtime detection - stats track (pua-adware.rules)
 * 1:5930 <-> ENABLED <-> PUA-ADWARE Adware cashbar runtime detection - pop-up ad 2 (pua-adware.rules)
 * 1:5929 <-> DISABLED <-> PUA-ADWARE Adware cashbar runtime detection - pop-up ad 1 (pua-adware.rules)
 * 1:5928 <-> DISABLED <-> PUA-ADWARE Adware cashbar runtime detection - ads request (pua-adware.rules)
 * 1:5927 <-> DISABLED <-> PUA-ADWARE Adware cashbar runtime detection - .smx requests (pua-adware.rules)
 * 1:819 <-> DISABLED <-> SERVER-WEBAPP mmstdod.cgi access (server-webapp.rules)
 * 1:818 <-> DISABLED <-> SERVER-WEBAPP dcforum.cgi access (server-webapp.rules)
 * 1:817 <-> DISABLED <-> SERVER-WEBAPP dcboard.cgi invalid user addition attempt (server-webapp.rules)
 * 1:815 <-> DISABLED <-> SERVER-WEBAPP websendmail access (server-webapp.rules)
 * 1:813 <-> DISABLED <-> SERVER-WEBAPP webplus directory traversal (server-webapp.rules)
 * 1:812 <-> DISABLED <-> SERVER-WEBAPP webplus version access (server-webapp.rules)
 * 1:811 <-> DISABLED <-> SERVER-WEBAPP websitepro path access (server-webapp.rules)
 * 1:810 <-> DISABLED <-> SERVER-WEBAPP whois_raw.cgi access (server-webapp.rules)
 * 1:809 <-> DISABLED <-> SERVER-WEBAPP whois_raw.cgi arbitrary command execution attempt (server-webapp.rules)
 * 1:8084 <-> DISABLED <-> SERVER-WEBAPP CVSTrac filediff function access (server-webapp.rules)
 * 1:808 <-> DISABLED <-> SERVER-WEBAPP webdriver access (server-webapp.rules)
 * 1:807 <-> DISABLED <-> SERVER-WEBAPP /wwwboard/passwd.txt access (server-webapp.rules)
 * 1:806 <-> DISABLED <-> SERVER-WEBAPP yabb directory traversal attempt (server-webapp.rules)
 * 1:8059 <-> DISABLED <-> SERVER-ORACLE SYS.KUPW-WORKER sql injection attempt (server-oracle.rules)
 * 1:8057 <-> DISABLED <-> SERVER-MYSQL Date_Format denial of service attempt (server-mysql.rules)
 * 1:805 <-> DISABLED <-> SERVER-WEBAPP webspeed access (server-webapp.rules)
 * 1:804 <-> DISABLED <-> SERVER-WEBAPP SWSoft ASPSeek Overflow attempt (server-webapp.rules)
 * 1:803 <-> DISABLED <-> SERVER-WEBAPP HyperSeek hsx.cgi directory traversal attempt (server-webapp.rules)
 * 1:7855 <-> DISABLED <-> PUA-ADWARE Adware web-nexus runtime detection - ad url 2 (pua-adware.rules)
 * 1:7854 <-> DISABLED <-> PUA-ADWARE Adware web-nexus runtime detection - config retrieval (pua-adware.rules)
 * 1:7853 <-> DISABLED <-> PUA-ADWARE Adware web-nexus runtime detection - ad url 1 (pua-adware.rules)
 * 1:7838 <-> DISABLED <-> PUA-ADWARE Adware smiley central runtime detection (pua-adware.rules)
 * 1:7832 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - Navhelper (blacklist.rules)
 * 1:7831 <-> DISABLED <-> PUA-ADWARE Adware downloadplus runtime detection (pua-adware.rules)
 * 1:7829 <-> DISABLED <-> PUA-ADWARE Adware gator user-agent detected (pua-adware.rules)
 * 1:7828 <-> DISABLED <-> PUA-ADWARE Adware whenu runtime detection - search request 2 (pua-adware.rules)
 * 1:7827 <-> DISABLED <-> PUA-ADWARE Adware whenu runtime detection - search request 1 (pua-adware.rules)
 * 1:7825 <-> DISABLED <-> PUA-ADWARE Adware whenu.savenow runtime detection (pua-adware.rules)
 * 1:7823 <-> DISABLED <-> PUA-ADWARE Adware whenu runtime detection - datachunksgz (pua-adware.rules)
 * 1:7595 <-> DISABLED <-> PUA-ADWARE Adware comedy planet runtime detection - collect user information (pua-adware.rules)
 * 1:7594 <-> DISABLED <-> PUA-ADWARE Adware comedy planet runtime detection - ads (pua-adware.rules)
 * 1:7587 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - URLBlaze (blacklist.rules)
 * 1:7582 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - Pcast Live (blacklist.rules)
 * 1:7572 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - DigExt (blacklist.rules)
 * 1:7569 <-> DISABLED <-> PUA-ADWARE Adware lordofsearch runtime detection (pua-adware.rules)
 * 1:7563 <-> DISABLED <-> PUA-ADWARE Adware morpheus runtime detection - ad 2 (pua-adware.rules)
 * 1:7562 <-> DISABLED <-> PUA-ADWARE Adware morpheus runtime detection - ad 1 (pua-adware.rules)
 * 1:7554 <-> DISABLED <-> PUA-ADWARE Adware hxdl runtime detection - hxdownload user-agent (pua-adware.rules)
 * 1:7553 <-> DISABLED <-> PUA-ADWARE Adware hxdl runtime detection - hxlogonly user-agent (pua-adware.rules)
 * 1:7550 <-> DISABLED <-> PUA-ADWARE Adware adroar runtime detection (pua-adware.rules)
 * 1:7540 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - http protocol (blacklist.rules)
 * 1:7537 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - Arrow Search (blacklist.rules)
 * 1:7534 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - IEEXPLORE.EXE (blacklist.rules)
 * 1:7533 <-> DISABLED <-> PUA-ADWARE Adware piolet runtime detection - ads request (pua-adware.rules)
 * 1:7532 <-> DISABLED <-> PUA-ADWARE Adware piolet runtime detection - user-agent (pua-adware.rules)
 * 1:7511 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - ed2k edonkey2000 runtime detection (blacklist.rules)
 * 1:7424 <-> DISABLED <-> OS-WINDOWS Microsoft Windows MMC createcab.cmd cross site scripting attempt (os-windows.rules)
 * 1:7423 <-> DISABLED <-> OS-WINDOWS Microsoft Windows MMC mmc.exe cross site scripting attempt (os-windows.rules)
 * 1:7422 <-> DISABLED <-> OS-WINDOWS Microsoft Windows MMC mmcndmgr.dll cross site scripting attempt (os-windows.rules)
 * 1:7421 <-> DISABLED <-> SERVER-ORACLE DBMS_EXPORT_EXTENSION.GET_V2_DOMAIN_INDEX_TABLES access attempt (server-oracle.rules)
 * 1:7208 <-> DISABLED <-> SERVER-ORACLE DBMS_EXPORT_EXTENSION.GET_DOMAIN_INDEX_METADATA access attempt (server-oracle.rules)
 * 1:7207 <-> DISABLED <-> SERVER-ORACLE DBMS_EXPORT_EXTENSION SQL injection attempt (server-oracle.rules)
 * 1:7206 <-> DISABLED <-> SERVER-ORACLE DBMS_EXPORT_EXTENSION access attempt (server-oracle.rules)
 * 1:7195 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - shprrprt-cs- (blacklist.rules)
 * 1:7193 <-> DISABLED <-> PUA-ADWARE Adware trustyfiles v3.1.0.1 runtime detection - startup access (pua-adware.rules)
 * 1:7192 <-> DISABLED <-> PUA-ADWARE Adware trustyfiles v3.1.0.1 runtime detection - sponsor selection (pua-adware.rules)
 * 1:7191 <-> DISABLED <-> PUA-ADWARE Adware trustyfiles v3.1.0.1 runtime detection - url retrieval (pua-adware.rules)
 * 1:7190 <-> DISABLED <-> PUA-ADWARE Adware trustyfiles v3.1.0.1 runtime detection - host retrieval (pua-adware.rules)
 * 1:7187 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - SAH Agent (blacklist.rules)
 * 1:7145 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - adfsgecoiwnf (blacklist.rules)
 * 1:7143 <-> DISABLED <-> PUA-ADWARE Adware digink.com runtime detection (pua-adware.rules)
 * 1:7142 <-> DISABLED <-> PUA-ADWARE Adware ares flash downloader 2.04 runtime detection (pua-adware.rules)
 * 1:7141 <-> DISABLED <-> PUA-ADWARE Adware pay-per-click runtime detection - update (pua-adware.rules)
 * 1:7140 <-> DISABLED <-> PUA-ADWARE Adware pay-per-click runtime detection - configuration (pua-adware.rules)
 * 1:7135 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - IEP (blacklist.rules)
 * 1:7053 <-> DISABLED <-> PUA-ADWARE Adware webredir runtime detection (pua-adware.rules)
 * 1:7029 <-> DISABLED <-> SERVER-IIS Microsoft Office FrontPage server extensions 2002 cross site scripting attempt (server-iis.rules)
 * 1:7028 <-> DISABLED <-> SERVER-IIS Microsoft Office FrontPage server extensions 2002 cross site scripting attempt (server-iis.rules)
 * 1:7027 <-> DISABLED <-> SERVER-IIS Microsoft Office FrontPage server extensions 2002 cross site scripting attempt (server-iis.rules)
 * 1:7022 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Explorer invalid url file overflow attempt (os-windows.rules)
 * 1:6496 <-> DISABLED <-> PUA-ADWARE Adware adpowerzone runtime detection (pua-adware.rules)
 * 1:6494 <-> DISABLED <-> PUA-ADWARE Adware yourenhancement runtime detection (pua-adware.rules)
 * 1:6491 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - snprtzdialno (blacklist.rules)
 * 1:6394 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - CodeguruBrowser (blacklist.rules)
 * 1:6391 <-> DISABLED <-> PUA-ADWARE Adware esyndicate runtime detection - ads popup (pua-adware.rules)
 * 1:6390 <-> DISABLED <-> PUA-ADWARE Adware esyndicate runtime detection - ads popup (pua-adware.rules)
 * 1:6389 <-> DISABLED <-> PUA-ADWARE Adware esyndicate runtime detection - postinstall request (pua-adware.rules)
 * 1:6371 <-> DISABLED <-> PUA-ADWARE Adware flashtrack media/spoton runtime detection - pop up ads (pua-adware.rules)
 * 1:6368 <-> DISABLED <-> PUA-ADWARE Adware flashtrack media/spoton runtime detection - update request (pua-adware.rules)
 * 1:6366 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - eAnthMngr (blacklist.rules)
 * 1:6364 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - iMeshBar (blacklist.rules)
 * 1:6363 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - SAcc (blacklist.rules)
 * 1:6362 <-> DISABLED <-> BLACKLIST Hijacker microgaming runtime detection (blacklist.rules)
 * 1:6361 <-> DISABLED <-> PUA-ADWARE Adware altnet runtime detection - status report (pua-adware.rules)
 * 1:6360 <-> DISABLED <-> PUA-ADWARE Adware altnet runtime detection - update (pua-adware.rules)
 * 1:6359 <-> DISABLED <-> PUA-ADWARE Adware altnet runtime detection - initial retrieval (pua-adware.rules)
 * 1:6357 <-> DISABLED <-> BLACKLIST Hijacker need2find initial configuration detection (blacklist.rules)
 * 1:6354 <-> DISABLED <-> BLACKLIST Trickler wsearch runtime detection - auto update (blacklist.rules)
 * 1:6347 <-> DISABLED <-> PUA-ADWARE Adware stationripper ad display detection (pua-adware.rules)
 * 1:6346 <-> DISABLED <-> PUA-ADWARE Adware stationripper update detection (pua-adware.rules)
 * 1:6345 <-> DISABLED <-> PUA-ADWARE Adware excite search bar runtime detection - search (pua-adware.rules)
 * 1:6344 <-> DISABLED <-> PUA-ADWARE Adware excite search bar runtime detection - config (pua-adware.rules)
 * 1:6343 <-> DISABLED <-> PUA-ADWARE Adware targetsaver runtime detection (pua-adware.rules)
 * 1:6341 <-> DISABLED <-> BLACKLIST Hijacker spediabar user-agent string detected (blacklist.rules)
 * 1:6281 <-> DISABLED <-> BLACKLIST Hijacker yoursitebar runtime detection (blacklist.rules)
 * 1:6274 <-> DISABLED <-> BLACKLIST Trickler clickalchemy runtime detection (blacklist.rules)
 * 1:6270 <-> DISABLED <-> BLACKLIST Hijacker topicks runtime detection (blacklist.rules)
 * 1:6260 <-> DISABLED <-> PUA-ADWARE Adware overpro runtime detection (pua-adware.rules)
 * 1:6259 <-> DISABLED <-> PUA-ADWARE Adware searchsquire runtime detection - search forward (pua-adware.rules)
 * 1:6258 <-> DISABLED <-> PUA-ADWARE Adware searchsquire runtime detection - get engine file (pua-adware.rules)
 * 1:6257 <-> DISABLED <-> PUA-ADWARE Adware searchsquire runtime detection - testgeonew query (pua-adware.rules)
 * 1:6256 <-> DISABLED <-> PUA-ADWARE Adware searchsquire installtime/auto-update (pua-adware.rules)
 * 1:6251 <-> DISABLED <-> PUA-ADWARE Adware hotbar runtime detection - hostie user-agent (pua-adware.rules)
 * 1:6250 <-> DISABLED <-> PUA-ADWARE Adware hotbar runtime detection - hotbar user-agent (pua-adware.rules)
 * 1:6249 <-> DISABLED <-> PUA-ADWARE Adware ezula toptext runtime detection - redirect (pua-adware.rules)
 * 1:6248 <-> DISABLED <-> PUA-ADWARE Adware ezula toptext runtime detection - popup (pua-adware.rules)
 * 1:6247 <-> DISABLED <-> PUA-ADWARE Adware ezula toptext runtime detection - help redirect (pua-adware.rules)
 * 1:6241 <-> DISABLED <-> PUA-ADWARE Adware lop runtime detection - ie autosearch hijack (pua-adware.rules)
 * 1:6240 <-> DISABLED <-> PUA-ADWARE Adware lop runtime detection - pop up ads (pua-adware.rules)
 * 1:6239 <-> DISABLED <-> PUA-ADWARE Adware lop runtime detection - collect info request 2 (pua-adware.rules)
 * 1:6238 <-> DISABLED <-> PUA-ADWARE Adware lop runtime detection - collect info request 1 (pua-adware.rules)
 * 1:6237 <-> DISABLED <-> PUA-ADWARE Adware lop runtime detection - check update request (pua-adware.rules)
 * 1:6236 <-> DISABLED <-> PUA-ADWARE Adware lop runtime detection - pass info to server (pua-adware.rules)
 * 1:6234 <-> DISABLED <-> PUA-ADWARE Adware mirar runtime detection - ads (pua-adware.rules)
 * 1:6233 <-> DISABLED <-> PUA-ADWARE Adware mirar runtime detection - delayed (pua-adware.rules)
 * 1:6232 <-> DISABLED <-> PUA-ADWARE Adware mirar runtime detection - thumbnail (pua-adware.rules)
 * 1:6223 <-> DISABLED <-> PUA-ADWARE Adware delfin media viewer runtime detection - retrieve schedule (pua-adware.rules)
 * 1:6222 <-> DISABLED <-> PUA-ADWARE Adware delfin media viewer runtime detection - contact server (pua-adware.rules)
 * 1:6219 <-> DISABLED <-> PUA-ADWARE Adware bonzibuddy runtime detection (pua-adware.rules)
 * 1:6218 <-> DISABLED <-> PUA-ADWARE Adware aornum/iwon copilot runtime detection - ads (pua-adware.rules)
 * 1:6216 <-> DISABLED <-> PUA-ADWARE Adware aornum/iwon copilot runtime detection - config (pua-adware.rules)
 * 1:6212 <-> DISABLED <-> PUA-ADWARE Adware commonname runtime detection (pua-adware.rules)
 * 1:6211 <-> DISABLED <-> PUA-ADWARE Adware deskwizz runtime detection - pop-up ad request (pua-adware.rules)
 * 1:6209 <-> DISABLED <-> PUA-ADWARE Adware deskwizz/zquest runtime detection - get config information / ad banner (pua-adware.rules)
 * 1:6202 <-> DISABLED <-> BLACKLIST Trickler farmmext installtime/update request (blacklist.rules)
 * 1:6201 <-> DISABLED <-> PUA-ADWARE Adware twaintec runtime detection (pua-adware.rules)
 * 1:6198 <-> DISABLED <-> BLACKLIST Trackware squaretrade side bar runtime detection - collect user information (blacklist.rules)
 * 1:6197 <-> DISABLED <-> BLACKLIST Hijacker smart shopper runtime detection - track/upgrade/report activities (blacklist.rules)
 * 1:6195 <-> DISABLED <-> PUA-ADWARE Adware seekmo runtime detection - download .cab (pua-adware.rules)
 * 1:6194 <-> DISABLED <-> PUA-ADWARE Adware seekmo runtime detection - config upload (pua-adware.rules)
 * 1:6193 <-> DISABLED <-> PUA-ADWARE Adware seekmo runtime detection - pop up ads (pua-adware.rules)
 * 1:6192 <-> DISABLED <-> PUA-ADWARE Adware seekmo runtime detection - reporting keyword (pua-adware.rules)
 * 1:6188 <-> DISABLED <-> PUA-ADWARE Adware ISTBar runtime detection - bar (pua-adware.rules)
 * 1:6187 <-> DISABLED <-> PUA-ADWARE Adware ISTBar runtime detection - scripts (pua-adware.rules)
 * 1:6186 <-> DISABLED <-> BLACKLIST Other-Technologies SpywareStrike Runtime Detection (blacklist.rules)
 * 1:6185 <-> DISABLED <-> PUA-ADWARE Adware 180Search assistant runtime detection - reporting keyword (pua-adware.rules)
 * 1:6184 <-> DISABLED <-> PUA-ADWARE Adware 180Search assistant runtime detection - config upload (pua-adware.rules)
 * 1:6183 <-> DISABLED <-> PUA-ADWARE Adware 180Search assistant runtime detection - tracked event URL (pua-adware.rules)
 * 1:5996 <-> DISABLED <-> PUA-ADWARE Adware offeragent runtime detection - ads request (pua-adware.rules)
 * 1:5995 <-> DISABLED <-> PUA-ADWARE Adware offeragent runtime detection - information checking (pua-adware.rules)
 * 1:5926 <-> DISABLED <-> PUA-ADWARE Adware active shopper runtime detection - collect information (pua-adware.rules)
 * 1:5925 <-> DISABLED <-> PUA-ADWARE Adware active shopper runtime detection - check (pua-adware.rules)
 * 1:5924 <-> DISABLED <-> PUA-ADWARE Adware active shopper runtime detection - redirect (pua-adware.rules)
 * 1:5923 <-> DISABLED <-> PUA-ADWARE Adware active shopper runtime detection - side search request (pua-adware.rules)
 * 1:5913 <-> DISABLED <-> BLACKLIST Trickler smasoft webdownloader runtime detection (blacklist.rules)
 * 1:5911 <-> DISABLED <-> PUA-ADWARE Adware smartpops runtime detection (pua-adware.rules)
 * 1:5906 <-> ENABLED <-> PUA-ADWARE Adware download accelerator plus runtime detection - update (pua-adware.rules)
 * 1:5905 <-> ENABLED <-> PUA-ADWARE Adware download accelerator plus runtime detection - games center request (pua-adware.rules)
 * 1:5904 <-> ENABLED <-> PUA-ADWARE Adware download accelerator plus runtime detection - download files (pua-adware.rules)
 * 1:5903 <-> ENABLED <-> PUA-ADWARE Adware download accelerator plus runtime detection - get ads (pua-adware.rules)
 * 1:5902 <-> DISABLED <-> PUA-ADWARE Adware download accelerator plus runtime detection - startup (pua-adware.rules)
 * 1:5901 <-> ENABLED <-> BLACKLIST Trackware adtools-communicator runtime detection - download self-update (blacklist.rules)
 * 1:5900 <-> ENABLED <-> BLACKLIST User-Agent known malicious user agent - Async HTTP Agent (blacklist.rules)
 * 1:5899 <-> DISABLED <-> BLACKLIST Trackware adtools-screenmate runtime detection - generate desktop alert (blacklist.rules)
 * 1:5898 <-> DISABLED <-> BLACKLIST Trackware adtools runtime detection - track user activity (blacklist.rules)
 * 1:5865 <-> DISABLED <-> PUA-ADWARE Adware zapspot runtime detection - pop up ads (pua-adware.rules)
 * 1:5857 <-> DISABLED <-> BLACKLIST Hijacker funbuddyicons runtime detection - mysaconfg request (blacklist.rules)
 * 1:5854 <-> DISABLED <-> PUA-ADWARE Adware warez_p2p runtime detection - pass user information (pua-adware.rules)
 * 1:5853 <-> DISABLED <-> PUA-ADWARE Adware warez_p2p runtime detection - download ads (pua-adware.rules)
 * 1:5852 <-> DISABLED <-> PUA-ADWARE Adware warez_p2p runtime detection - cache.dat request (pua-adware.rules)
 * 1:5851 <-> DISABLED <-> PUA-ADWARE Adware warez_p2p runtime detection - .txt .dat and .lst requests (pua-adware.rules)
 * 1:5850 <-> DISABLED <-> PUA-ADWARE Adware warez_p2p runtime detection - check update (pua-adware.rules)
 * 1:5849 <-> DISABLED <-> PUA-ADWARE Adware warez_p2p runtime detection - update request (pua-adware.rules)
 * 1:5848 <-> DISABLED <-> PUA-ADWARE Adware warez_p2p runtime detection - ip.php request (pua-adware.rules)
 * 1:5847 <-> DISABLED <-> PUA-ADWARE Adware warez_p2p runtime detection - p2p client home (pua-adware.rules)
 * 1:5838 <-> DISABLED <-> BLACKLIST Trackware ucmore runtime detection - get sponsor/ad links (blacklist.rules)
 * 1:5837 <-> DISABLED <-> BLACKLIST Trackware ucmore runtime detection - track activity (blacklist.rules)
 * 1:5835 <-> DISABLED <-> PUA-ADWARE Adware gamespy_arcade runtime detection (pua-adware.rules)
 * 1:5834 <-> DISABLED <-> BLACKLIST Trickler conscorr runtime detection (blacklist.rules)
 * 1:5828 <-> DISABLED <-> PUA-ADWARE Adware broadcasturban tuner runtime detection - connect to station (pua-adware.rules)
 * 1:5827 <-> DISABLED <-> PUA-ADWARE Adware broadcasturban tuner runtime detection - get gateway (pua-adware.rules)
 * 1:5826 <-> DISABLED <-> PUA-ADWARE Adware broadcasturban tuner runtime detection - pass user info to server (pua-adware.rules)
 * 1:5825 <-> DISABLED <-> PUA-ADWARE Adware broadcasturban tuner runtime detection - start tuner (pua-adware.rules)
 * 1:5824 <-> DISABLED <-> BLACKLIST Dialer stripplayer runtime detection (blacklist.rules)
 * 1:5808 <-> ENABLED <-> BLACKLIST Hijacker shop at home search merchant redirect check (blacklist.rules)
 * 1:5800 <-> ENABLED <-> BLACKLIST Trackware myway speedbar runtime detection - request config (blacklist.rules)
 * 1:5798 <-> DISABLED <-> PUA-ADWARE Adware mydailyhoroscope runtime detection (pua-adware.rules)
 * 1:5796 <-> DISABLED <-> PUA-ADWARE Adware keenvalue runtime detection (pua-adware.rules)
 * 1:5795 <-> DISABLED <-> PUA-ADWARE Adware ist powerscan runtime detection (pua-adware.rules)
 * 1:5789 <-> DISABLED <-> BLACKLIST keylogger pc actmon pro runtime detection - http (blacklist.rules)
 * 1:5787 <-> DISABLED <-> PUA-ADWARE Adware hithopper runtime detection - search (pua-adware.rules)
 * 1:5786 <-> DISABLED <-> PUA-ADWARE Adware hithopper runtime detection - redirect (pua-adware.rules)
 * 1:5785 <-> DISABLED <-> PUA-ADWARE Adware hithopper runtime detection - get xml setting (pua-adware.rules)
 * 1:5774 <-> DISABLED <-> BLACKLIST Hijacker freescratch runtime detection - get card (blacklist.rules)
 * 1:5773 <-> DISABLED <-> PUA-ADWARE Adware forbes runtime detection (pua-adware.rules)
 * 1:5770 <-> DISABLED <-> BLACKLIST Snoopware casinoonnet runtime detection (blacklist.rules)
 * 1:5760 <-> DISABLED <-> BLACKLIST Hijacker marketscore runtime detection (blacklist.rules)
 * 1:5753 <-> DISABLED <-> PUA-ADWARE Adware exactsearch runtime detection - topsearches (pua-adware.rules)
 * 1:5752 <-> DISABLED <-> PUA-ADWARE Adware exactsearch runtime detection - switch search engine 2 (pua-adware.rules)
 * 1:5751 <-> DISABLED <-> PUA-ADWARE Adware exactsearch runtime detection - switch search engine 1 (pua-adware.rules)
 * 1:5715 <-> DISABLED <-> SERVER-APACHE Apache malformed ipv6 uri overflow attempt (server-apache.rules)
 * 1:5713 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Metafile invalid header size integer overflow (os-windows.rules)
 * 1:5710 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Player Plugin for Non-IE browsers buffer overflow attempt (os-windows.rules)
 * 1:5695 <-> DISABLED <-> SERVER-IIS web agent redirect overflow attempt (server-iis.rules)
 * 1:5319 <-> DISABLED <-> OS-WINDOWS Microsoft Windows picture and fax viewer wmf arbitrary code execution attempt (os-windows.rules)
 * 1:491 <-> DISABLED <-> PROTOCOL-FTP Bad login (protocol-ftp.rules)
 * 1:489 <-> DISABLED <-> PROTOCOL-FTP no password (protocol-ftp.rules)
 * 1:4677 <-> DISABLED <-> SERVER-ORACLE Enterprise Manager Application Server Control GET Parameter Overflow Attempt (server-oracle.rules)
 * 1:4676 <-> DISABLED <-> SERVER-ORACLE Enterprise Manager Application Server Control POST Parameter Overflow Attempt (server-oracle.rules)
 * 1:4649 <-> DISABLED <-> SERVER-MYSQL create function buffer overflow attempt (server-mysql.rules)
 * 1:4644 <-> DISABLED <-> OS-WINDOWS Microsoft Windows malformed shortcut file with comment buffer overflow attempt (os-windows.rules)
 * 1:4642 <-> DISABLED <-> SERVER-ORACLE sys.pbsde.init buffer overflow attempt (server-oracle.rules)
 * 1:4144 <-> DISABLED <-> OS-SOLARIS Oracle Solaris lpd control file upload attempt (os-solaris.rules)
 * 1:4142 <-> DISABLED <-> SERVER-ORACLE reports servlet command execution attempt (server-oracle.rules)
 * 1:4128 <-> DISABLED <-> SERVER-WEBAPP 4DWebstar ShellExample.cgi information disclosure (server-webapp.rules)
 * 1:3813 <-> DISABLED <-> SERVER-WEBAPP awstats.pl configdir command execution attempt (server-webapp.rules)
 * 1:3690 <-> DISABLED <-> SERVER-WEBAPP Nucleus CMS action.php itemid SQL injection (server-webapp.rules)
 * 1:3674 <-> DISABLED <-> SERVER-WEBAPP db4web_c directory traversal attempt (server-webapp.rules)
 * 1:3672 <-> DISABLED <-> SERVER-MYSQL client overflow attempt (server-mysql.rules)
 * 1:3671 <-> DISABLED <-> SERVER-MYSQL protocol 41 client overflow attempt (server-mysql.rules)
 * 1:3670 <-> DISABLED <-> SERVER-MYSQL secure client overflow attempt (server-mysql.rules)
 * 1:3669 <-> DISABLED <-> SERVER-MYSQL protocol 41 secure client overflow attempt (server-mysql.rules)
 * 1:3668 <-> DISABLED <-> SERVER-MYSQL client authentication bypass attempt (server-mysql.rules)
 * 1:3667 <-> DISABLED <-> SERVER-MYSQL protocol 41 client authentication bypass attempt (server-mysql.rules)
 * 1:3666 <-> DISABLED <-> SERVER-MYSQL server greeting finished (server-mysql.rules)
 * 1:3665 <-> DISABLED <-> SERVER-MYSQL server greeting (server-mysql.rules)
 * 1:3657 <-> DISABLED <-> SERVER-ORACLE ctxsys.driload attempt (server-oracle.rules)
 * 1:3638 <-> DISABLED <-> SERVER-WEBAPP SoftCart.exe CGI buffer overflow attempt (server-webapp.rules)
 * 1:3631 <-> DISABLED <-> SERVER-ORACLE ftp user name buffer overflow attempt (server-oracle.rules)
 * 1:3630 <-> DISABLED <-> SERVER-ORACLE ftp TEST command buffer overflow attempt (server-oracle.rules)
 * 1:362 <-> DISABLED <-> PROTOCOL-FTP tar parameters (protocol-ftp.rules)
 * 1:361 <-> DISABLED <-> PROTOCOL-FTP SITE EXEC attempt (protocol-ftp.rules)
 * 1:360 <-> DISABLED <-> PROTOCOL-FTP serv-u directory transversal (protocol-ftp.rules)
 * 1:359 <-> DISABLED <-> PROTOCOL-FTP satan scan (protocol-ftp.rules)
 * 1:358 <-> DISABLED <-> PROTOCOL-FTP saint scan (protocol-ftp.rules)
 * 1:357 <-> DISABLED <-> PROTOCOL-FTP piss scan (protocol-ftp.rules)
 * 1:356 <-> DISABLED <-> PROTOCOL-FTP passwd retrieval attempt (protocol-ftp.rules)
 * 1:3552 <-> DISABLED <-> OS-WINDOWS Microsoft Windows OLE32 MSHTA masquerade attempt (os-windows.rules)
 * 1:355 <-> DISABLED <-> PROTOCOL-FTP pass wh00t (protocol-ftp.rules)
 * 1:354 <-> DISABLED <-> PROTOCOL-FTP iss scan (protocol-ftp.rules)
 * 1:3532 <-> DISABLED <-> SERVER-ORACLE ftp password buffer overflow attempt (server-oracle.rules)
 * 1:353 <-> DISABLED <-> PROTOCOL-FTP adm scan (protocol-ftp.rules)
 * 1:3528 <-> DISABLED <-> SERVER-MYSQL create function access attempt (server-mysql.rules)
 * 1:3527 <-> DISABLED <-> OS-SOLARIS Oracle Solaris LPD overflow attempt (os-solaris.rules)
 * 1:3526 <-> DISABLED <-> SERVER-ORACLE XDB FTP UNLOCK overflow attempt (server-oracle.rules)
 * 1:3523 <-> DISABLED <-> PROTOCOL-FTP SITE INDEX format string attempt (protocol-ftp.rules)
 * 1:3519 <-> DISABLED <-> SERVER-MYSQL MaxDB WebSQL wppassword buffer overflow default port (server-mysql.rules)
 * 1:3518 <-> DISABLED <-> SERVER-MYSQL MaxDB WebSQL wppassword buffer overflow (server-mysql.rules)
 * 1:3516 <-> DISABLED <-> SERVER-ORACLE utl_file.frename directory traversal attempt (server-oracle.rules)
 * 1:3515 <-> DISABLED <-> SERVER-ORACLE utl_file.fremove directory traversal attempt (server-oracle.rules)
 * 1:3514 <-> DISABLED <-> SERVER-ORACLE utl_file.fopen directory traversal attempt (server-oracle.rules)
 * 1:3513 <-> DISABLED <-> SERVER-ORACLE utl_file.fopen_nchar directory traversal attempt (server-oracle.rules)
 * 1:3512 <-> DISABLED <-> SERVER-ORACLE utl_file.fcopy directory traversal attempt (server-oracle.rules)
 * 1:3469 <-> DISABLED <-> SERVER-WEBAPP Ipswitch WhatsUp Gold dos attempt (server-webapp.rules)
 * 1:3468 <-> DISABLED <-> SERVER-WEBAPP math_sum.mscgi access (server-webapp.rules)
 * 1:3465 <-> DISABLED <-> SERVER-WEBAPP RiSearch show.pl proxy attempt (server-webapp.rules)
 * 1:3464 <-> DISABLED <-> SERVER-WEBAPP awstats.pl command execution attempt (server-webapp.rules)
 * 1:3463 <-> DISABLED <-> SERVER-WEBAPP awstats access (server-webapp.rules)
 * 1:3460 <-> DISABLED <-> PROTOCOL-FTP REST with numeric argument (protocol-ftp.rules)
 * 1:3456 <-> DISABLED <-> SERVER-MYSQL 4.0 root login attempt (server-mysql.rules)
 * 1:3441 <-> DISABLED <-> PROTOCOL-FTP PORT bounce attempt (protocol-ftp.rules)
 * 1:336 <-> DISABLED <-> PROTOCOL-FTP CWD ~root attempt (protocol-ftp.rules)
 * 1:335 <-> DISABLED <-> PROTOCOL-FTP .rhosts (protocol-ftp.rules)
 * 1:334 <-> DISABLED <-> PROTOCOL-FTP .forward (protocol-ftp.rules)
 * 1:3201 <-> DISABLED <-> SERVER-IIS httpodbc.dll access - nimda (server-iis.rules)
 * 1:3200 <-> DISABLED <-> OS-WINDOWS Microsoft Windows WINS name query overflow attempt UDP (os-windows.rules)
 * 1:3199 <-> DISABLED <-> OS-WINDOWS Microsoft Windows WINS name query overflow attempt TCP (os-windows.rules)
 * 1:3194 <-> DISABLED <-> SERVER-IIS .bat executable file parsing attack (server-iis.rules)
 * 1:3193 <-> DISABLED <-> SERVER-IIS .cmd executable file parsing attack (server-iis.rules)
 * 1:3192 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Player directory traversal via Content-Disposition attempt (os-windows.rules)
 * 1:3150 <-> DISABLED <-> SERVER-IIS SQLXML content type overflow (server-iis.rules)
 * 1:3148 <-> DISABLED <-> OS-WINDOWS Microsoft Windows winhelp clsid attempt (os-windows.rules)
 * 1:3131 <-> DISABLED <-> SERVER-WEBAPP mailman directory traversal attempt (server-webapp.rules)
 * 1:3087 <-> DISABLED <-> SERVER-IIS w3who.dll buffer overflow attempt (server-iis.rules)
 * 1:3062 <-> DISABLED <-> SERVER-WEBAPP NetScreen SA 5000 delhomepage.cgi access (server-webapp.rules)
 * 1:300 <-> DISABLED <-> OS-SOLARIS Oracle Solaris npls x86 overflow (os-solaris.rules)
 * 1:2927 <-> DISABLED <-> OS-WINDOWS Microsoft Windows XPAT pattern overflow attempt (os-windows.rules)
 * 1:2919 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_untrusted.register_snapshot_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2918 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_sna.validate_for_local_flavor buffer overflow attempt (server-oracle.rules)
 * 1:2917 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_sna_utl.switch_snapshot_master buffer overflow attempt (server-oracle.rules)
 * 1:2916 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_sna.unregister_snapshot_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2915 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_sna.switch_snapshot_master buffer overflow attempt (server-oracle.rules)
 * 1:2914 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_sna.set_local_flavor buffer overflow attempt (server-oracle.rules)
 * 1:2913 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_sna.repcat_import_check buffer overflow attempt (server-oracle.rules)
 * 1:2912 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_sna.register_snapshot_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2911 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_sna.refresh_snapshot_repschema buffer overflow attempt (server-oracle.rules)
 * 1:2910 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_sna.refresh_snapshot_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2909 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_sna.generate_snapshot_support buffer overflow attempt (server-oracle.rules)
 * 1:2889 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.drop_priority_date buffer overflow attempt (server-oracle.rules)
 * 1:2887 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.drop_delete_resolution buffer overflow attempt (server-oracle.rules)
 * 1:2888 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.drop_priority_char buffer overflow attempt (server-oracle.rules)
 * 1:2886 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.define_site_priority buffer overflow attempt (server-oracle.rules)
 * 1:2882 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.comment_on_site_priority buffer overflow attempt (server-oracle.rules)
 * 1:2881 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.comment_on_priority_group buffer overflow attempt (server-oracle.rules)
 * 1:2908 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_sna.drop_snapshot_repschema buffer overflow attempt (server-oracle.rules)
 * 1:2907 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_sna.drop_snapshot_repobject buffer overflow attempt (server-oracle.rules)
 * 1:2906 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_sna.drop_snapshot_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2904 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_sna.create_snapshot_repobject buffer overflow attempt (server-oracle.rules)
 * 1:2905 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_sna.create_snapshot_repschema buffer overflow attempt (server-oracle.rules)
 * 1:2903 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_sna.create_snapshot_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2902 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_sna.alter_snapshot_propagation buffer overflow attempt (server-oracle.rules)
 * 1:2901 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.register_statistics buffer overflow attempt (server-oracle.rules)
 * 1:2899 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.drop_update_resolution buffer overflow attempt (server-oracle.rules)
 * 1:2900 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.purge_statistics buffer overflow attempt (server-oracle.rules)
 * 1:2898 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.drop_unique_resolution buffer overflow attempt (server-oracle.rules)
 * 1:2897 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.drop_site_priority buffer overflow attempt (server-oracle.rules)
 * 1:2896 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.drop_site_priority_site buffer overflow attempt (server-oracle.rules)
 * 1:2894 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.drop_priority buffer overflow attempt (server-oracle.rules)
 * 1:2895 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.drop_priority_varchar2 buffer overflow attempt (server-oracle.rules)
 * 1:2883 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.comment_on_unique_resolution buffer overflow attempt (server-oracle.rules)
 * 1:2885 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.define_priority_group buffer overflow attempt (server-oracle.rules)
 * 1:2893 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.drop_priority_raw buffer overflow attempt (server-oracle.rules)
 * 1:2892 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.drop_priority_nvarchar2 buffer overflow attempt (server-oracle.rules)
 * 1:2884 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.comment_on_update_resolution buffer overflow attempt (server-oracle.rules)
 * 1:2891 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.drop_priority_number buffer overflow attempt (server-oracle.rules)
 * 1:1000 <-> DISABLED <-> SERVER-IIS bdir.htr access (server-iis.rules)
 * 1:1002 <-> ENABLED <-> SERVER-IIS cmd.exe access (server-iis.rules)
 * 1:1003 <-> DISABLED <-> SERVER-IIS cmd? access (server-iis.rules)
 * 1:1004 <-> DISABLED <-> SERVER-IIS codebrowser Exair access (server-iis.rules)
 * 1:1005 <-> DISABLED <-> SERVER-IIS codebrowser SDK access (server-iis.rules)
 * 1:1007 <-> DISABLED <-> SERVER-IIS Form_JScript.asp access (server-iis.rules)
 * 1:1008 <-> DISABLED <-> SERVER-IIS del attempt (server-iis.rules)
 * 1:1009 <-> DISABLED <-> SERVER-IIS directory listing (server-iis.rules)
 * 1:10094 <-> DISABLED <-> PUA-ADWARE Adware borlan runtime detection (pua-adware.rules)
 * 1:1010 <-> DISABLED <-> SERVER-IIS encoding access (server-iis.rules)
 * 1:1011 <-> DISABLED <-> SERVER-IIS exec-src access (server-iis.rules)
 * 1:1012 <-> DISABLED <-> SERVER-IIS fpcount attempt (server-iis.rules)
 * 1:1013 <-> DISABLED <-> SERVER-IIS fpcount access (server-iis.rules)
 * 1:10136 <-> DISABLED <-> OS-SOLARIS Oracle Solaris login environment variable authentication bypass attempt (os-solaris.rules)
 * 1:1015 <-> DISABLED <-> SERVER-IIS getdrvs.exe access (server-iis.rules)
 * 1:1016 <-> DISABLED <-> SERVER-IIS global.asa access (server-iis.rules)
 * 1:10164 <-> DISABLED <-> PUA-ADWARE Adware adclicker-ej runtime detection (pua-adware.rules)
 * 1:1017 <-> DISABLED <-> SERVER-IIS idc-srch attempt (server-iis.rules)
 * 1:10179 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - BysooTB (blacklist.rules)
 * 1:1018 <-> DISABLED <-> SERVER-IIS iisadmpwd attempt (server-iis.rules)
 * 1:10182 <-> DISABLED <-> PUA-ADWARE Adware newweb runtime detection (pua-adware.rules)
 * 1:10188 <-> DISABLED <-> PROTOCOL-FTP Ipswitch Ws_ftp XMD5 overflow attempt (protocol-ftp.rules)
 * 1:1019 <-> DISABLED <-> SERVER-IIS Malformed Hit-Highlighting Argument File Access Attempt (server-iis.rules)
 * 1:1020 <-> DISABLED <-> SERVER-IIS isc$data attempt (server-iis.rules)
 * 1:1021 <-> DISABLED <-> SERVER-IIS ism.dll attempt (server-iis.rules)
 * 1:1022 <-> DISABLED <-> SERVER-IIS jet vba access (server-iis.rules)
 * 1:1023 <-> DISABLED <-> SERVER-IIS msadcs.dll access (server-iis.rules)
 * 1:1024 <-> DISABLED <-> SERVER-IIS newdsn.exe access (server-iis.rules)
 * 1:1025 <-> DISABLED <-> SERVER-IIS perl access (server-iis.rules)
 * 1:1026 <-> DISABLED <-> SERVER-IIS perl-browse newline attempt (server-iis.rules)
 * 1:1027 <-> DISABLED <-> SERVER-IIS perl-browse space attempt (server-iis.rules)
 * 1:1028 <-> DISABLED <-> SERVER-IIS query.asp access (server-iis.rules)
 * 1:1029 <-> DISABLED <-> SERVER-IIS scripts-browse access (server-iis.rules)
 * 1:1030 <-> DISABLED <-> SERVER-IIS search97.vts access (server-iis.rules)
 * 1:1031 <-> DISABLED <-> SERVER-IIS /SiteServer/Publishing/viewcode.asp access (server-iis.rules)
 * 1:1032 <-> DISABLED <-> SERVER-IIS showcode access (server-iis.rules)
 * 1:1033 <-> DISABLED <-> SERVER-IIS viewcode access (server-iis.rules)
 * 1:1034 <-> DISABLED <-> SERVER-IIS viewcode access (server-iis.rules)
 * 1:1035 <-> DISABLED <-> SERVER-IIS viewcode access (server-iis.rules)
 * 1:1036 <-> DISABLED <-> SERVER-IIS viewcode access (server-iis.rules)
 * 1:1037 <-> DISABLED <-> SERVER-IIS showcode.asp access (server-iis.rules)
 * 1:1038 <-> DISABLED <-> SERVER-IIS site server config access (server-iis.rules)
 * 1:1039 <-> DISABLED <-> SERVER-IIS srch.htm access (server-iis.rules)
 * 1:1040 <-> DISABLED <-> SERVER-IIS srchadm access (server-iis.rules)
 * 1:1041 <-> DISABLED <-> SERVER-IIS uploadn.asp access (server-iis.rules)
 * 1:10418 <-> DISABLED <-> OS-SOLARIS Oracle Solaris lpd unlink file attempt (os-solaris.rules)
 * 1:1042 <-> DISABLED <-> SERVER-IIS view source via translate header (server-iis.rules)
 * 1:1043 <-> DISABLED <-> SERVER-IIS viewcode.asp access (server-iis.rules)
 * 1:10439 <-> DISABLED <-> PUA-ADWARE Adware mokead runtime detection (pua-adware.rules)
 * 1:1044 <-> DISABLED <-> SERVER-IIS webhits access (server-iis.rules)
 * 1:1045 <-> DISABLED <-> SERVER-IIS Unauthorized IP Access Attempt (server-iis.rules)
 * 1:1046 <-> DISABLED <-> SERVER-IIS site/iisamples access (server-iis.rules)
 * 1:1052 <-> DISABLED <-> SERVER-WEBAPP technote print.cgi directory traversal attempt (server-webapp.rules)
 * 1:1053 <-> DISABLED <-> SERVER-WEBAPP ads.cgi command execution attempt (server-webapp.rules)
 * 1:1056 <-> DISABLED <-> SERVER-APACHE Apache Tomcat view source attempt (server-apache.rules)
 * 1:1075 <-> DISABLED <-> SERVER-IIS postinfo.asp access (server-iis.rules)
 * 1:1076 <-> DISABLED <-> SERVER-IIS repost.asp access (server-iis.rules)
 * 1:1079 <-> DISABLED <-> OS-WINDOWS Microsoft Windows WebDAV propfind access (os-windows.rules)
 * 1:1088 <-> DISABLED <-> SERVER-WEBAPP eXtropia webstore directory traversal (server-webapp.rules)
 * 1:1089 <-> DISABLED <-> SERVER-WEBAPP shopping cart directory traversal (server-webapp.rules)
 * 1:1090 <-> DISABLED <-> SERVER-WEBAPP Allaire Pro Web Shell attempt (server-webapp.rules)
 * 1:1092 <-> DISABLED <-> SERVER-WEBAPP Armada Style Master Index directory traversal (server-webapp.rules)
 * 1:1093 <-> DISABLED <-> SERVER-WEBAPP cached_feed.cgi moreover shopping cart directory traversal (server-webapp.rules)
 * 1:1097 <-> DISABLED <-> SERVER-WEBAPP Talentsoft Web+ exploit attempt (server-webapp.rules)
 * 1:10999 <-> DISABLED <-> SERVER-WEBAPP chetcpasswd access (server-webapp.rules)
 * 1:11000 <-> DISABLED <-> SERVER-ORACLE dbms_snap_internal.delete_refresh_operations buffer overflow attempt (server-oracle.rules)
 * 1:11001 <-> DISABLED <-> SERVER-ORACLE dbms_snap_internal.delete_refresh_operations buffer overflow attempt (server-oracle.rules)
 * 1:11002 <-> DISABLED <-> SERVER-ORACLE dbms_snap_internal.generate_refresh_operations buffer overflow attempt (server-oracle.rules)
 * 1:11003 <-> DISABLED <-> SERVER-ORACLE dbms_snap_internal.generate_refresh_operations buffer overflow attempt (server-oracle.rules)
 * 1:1106 <-> DISABLED <-> SERVER-WEBAPP Poll-it access (server-webapp.rules)
 * 1:1108 <-> DISABLED <-> SERVER-APACHE Apache Tomcat server snoop access (server-apache.rules)
 * 1:1111 <-> DISABLED <-> SERVER-APACHE Apache Tomcat server exploit access (server-apache.rules)
 * 1:11175 <-> DISABLED <-> SERVER-ORACLE dbms_cdc_ipublish.chgtab_cache buffer overflow attempt (server-oracle.rules)
 * 1:11191 <-> DISABLED <-> SERVER-IIS Microsoft Content Management Server memory corruption (server-iis.rules)
 * 1:11203 <-> DISABLED <-> SERVER-ORACLE sys.dbms_apply_user_agent.set_registration_handler access attempt (server-oracle.rules)
 * 1:11204 <-> ENABLED <-> SERVER-ORACLE Oracle Database DBMS_AQADM_SYS package GRANT_TYPE_ACCESS procedure SQL injection attempt (server-oracle.rules)
 * 1:11205 <-> DISABLED <-> SERVER-ORACLE sys.dbms_upgrade_internal access attempt (server-oracle.rules)
 * 1:11263 <-> DISABLED <-> SERVER-APACHE Apache mod_ssl non-SSL connection to SSL port denial of service attempt (server-apache.rules)
 * 1:11272 <-> DISABLED <-> SERVER-APACHE Apache newline exploit attempt (server-apache.rules)
 * 1:11273 <-> DISABLED <-> SERVER-APACHE Apache header parsing space saturation denial of service attempt (server-apache.rules)
 * 1:11308 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - SpyDawn (blacklist.rules)
 * 1:11313 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - Spy-Locked (blacklist.rules)
 * 1:1149 <-> DISABLED <-> SERVER-WEBAPP count.cgi access (server-webapp.rules)
 * 1:1163 <-> DISABLED <-> SERVER-WEBAPP webdist.cgi access (server-webapp.rules)
 * 1:11679 <-> DISABLED <-> SERVER-APACHE Apache mod_rewrite buffer overflow attempt (server-apache.rules)
 * 1:11686 <-> DISABLED <-> OS-WINDOWS Microsoft Windows WebDAV search overflow attempt (os-windows.rules)
 * 1:11687 <-> DISABLED <-> SERVER-APACHE Apache SSI error page cross-site scripting (server-apache.rules)
 * 1:1172 <-> DISABLED <-> SERVER-WEBAPP bigconf.cgi access (server-webapp.rules)
 * 1:1174 <-> DISABLED <-> SERVER-WEBAPP /cgi-bin/jj access (server-webapp.rules)
 * 1:11817 <-> DISABLED <-> SERVER-WEBAPP WhatsUpGold configuration access (server-webapp.rules)
 * 1:11838 <-> DISABLED <-> OS-WINDOWS Microsoft Windows API res buffer overflow attempt (os-windows.rules)
 * 1:1185 <-> DISABLED <-> SERVER-WEBAPP bizdbsearch attempt (server-webapp.rules)
 * 1:1194 <-> DISABLED <-> SERVER-WEBAPP sojourn.cgi File attempt (server-webapp.rules)
 * 1:11947 <-> DISABLED <-> OS-WINDOWS Microsoft Windows schannel security package (os-windows.rules)
 * 1:1195 <-> DISABLED <-> SERVER-WEBAPP sojourn.cgi access (server-webapp.rules)
 * 1:1196 <-> DISABLED <-> SERVER-WEBAPP SGI InfoSearch fname attempt (server-webapp.rules)
 * 1:1204 <-> DISABLED <-> SERVER-WEBAPP ax-admin.cgi access (server-webapp.rules)
 * 1:12043 <-> DISABLED <-> SERVER-IIS Microsoft XML parser IIS WebDAV attack attempt (server-iis.rules)
 * 1:12044 <-> DISABLED <-> SERVER-ORACLE Oracle Web Cache denial of service attempt (server-oracle.rules)
 * 1:12045 <-> DISABLED <-> SERVER-ORACLE Oracle Web Cache denial of service attempt (server-oracle.rules)
 * 1:12047 <-> DISABLED <-> PUA-ADWARE Adware yayad runtime detection (pua-adware.rules)
 * 1:1205 <-> DISABLED <-> SERVER-WEBAPP axs.cgi access (server-webapp.rules)
 * 1:12056 <-> DISABLED <-> SERVER-WEBAPP WhatsUpGold instancename overflow attempt (server-webapp.rules)
 * 1:12057 <-> DISABLED <-> SERVER-WEBAPP WhatsUpGold configuration access (server-webapp.rules)
 * 1:12058 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SPNEGO ASN.1 library heap corruption overflow attempt (os-windows.rules)
 * 1:1206 <-> DISABLED <-> SERVER-WEBAPP cachemgr.cgi access (server-webapp.rules)
 * 1:12064 <-> DISABLED <-> SERVER-IIS w3svc _vti_bin null pointer dereference attempt (server-iis.rules)
 * 1:12069 <-> ENABLED <-> OS-WINDOWS Microsoft Windows Active Directory Crafted LDAP ModifyRequest (os-windows.rules)
 * 1:1208 <-> DISABLED <-> SERVER-WEBAPP responder.cgi access (server-webapp.rules)
 * 1:12080 <-> DISABLED <-> OS-SOLARIS Oracle Solaris printd arbitrary file deletion vulnerability (os-solaris.rules)
 * 1:12082 <-> DISABLED <-> SERVER-ORACLE Oracle 9i TNS denial of service attempt (server-oracle.rules)
 * 1:1211 <-> DISABLED <-> SERVER-WEBAPP web-map.cgi access (server-webapp.rules)
 * 1:12120 <-> DISABLED <-> PUA-ADWARE Adware pprich runtime detection - version check (pua-adware.rules)
 * 1:12121 <-> DISABLED <-> PUA-ADWARE Adware pprich runtime detection - udp info sent out (pua-adware.rules)
 * 1:12138 <-> DISABLED <-> PUA-ADWARE Adware zamingo runtime detection (pua-adware.rules)
 * 1:1215 <-> DISABLED <-> SERVER-WEBAPP ministats admin access (server-webapp.rules)
 * 1:1219 <-> DISABLED <-> SERVER-WEBAPP dfire.cgi access (server-webapp.rules)
 * 1:12198 <-> DISABLED <-> OS-WINDOWS Microsoft Windows getbulk request attempt (os-windows.rules)
 * 1:1222 <-> DISABLED <-> SERVER-WEBAPP pals-cgi arbitrary file access attempt (server-webapp.rules)
 * 1:12224 <-> DISABLED <-> PUA-ADWARE Adware enbrowser snackman runtime detection (pua-adware.rules)
 * 1:12229 <-> DISABLED <-> PUA-ADWARE Adware vroomsearch runtime detection (pua-adware.rules)
 * 1:12231 <-> DISABLED <-> PUA-ADWARE Adware vroomsearch runtime detection (pua-adware.rules)
 * 1:12232 <-> DISABLED <-> PUA-ADWARE Adware errorsafe runtime detection (pua-adware.rules)
 * 1:12255 <-> DISABLED <-> SERVER-WEBAPP CSGuestbook setup attempt (server-webapp.rules)
 * 1:1229 <-> DISABLED <-> PROTOCOL-FTP CWD ... (protocol-ftp.rules)
 * 1:12371 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - SpamBlockerUtility (blacklist.rules)
 * 1:1242 <-> DISABLED <-> SERVER-IIS ISAPI .ida access (server-iis.rules)
 * 1:1243 <-> DISABLED <-> SERVER-IIS ISAPI .ida attempt (server-iis.rules)
 * 1:1244 <-> DISABLED <-> SERVER-IIS ISAPI .idq attempt (server-iis.rules)
 * 1:1245 <-> DISABLED <-> SERVER-IIS ISAPI .idq access (server-iis.rules)
 * 1:12463 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Visual Studio Crystal Reports RPT file handling buffer overflow attempt (os-windows.rules)
 * 1:12465 <-> DISABLED <-> SERVER-APACHE Apache APR memory corruption attempt (server-apache.rules)
 * 1:12482 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - ZOMBIES_HTTP_GET (blacklist.rules)
 * 1:12484 <-> DISABLED <-> PUA-ADWARE Adware instant buzz runtime detection - ads for members (pua-adware.rules)
 * 1:12485 <-> DISABLED <-> PUA-ADWARE Adware instant buzz runtime detection - random text ads (pua-adware.rules)
 * 1:1256 <-> DISABLED <-> SERVER-IIS CodeRed v2 root.exe access (server-iis.rules)
 * 1:12591 <-> DISABLED <-> SERVER-APACHE Apache mod_cache denial of service attempt (server-apache.rules)
 * 1:12595 <-> DISABLED <-> SERVER-IIS malicious ASP file upload attempt (server-iis.rules)
 * 1:12620 <-> DISABLED <-> PUA-ADWARE Adware drive cleaner 1.0.111 runtime detection (pua-adware.rules)
 * 1:12631 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 2000 Kodak Imaging small offset malformed jpeg tables (os-windows.rules)
 * 1:12632 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 2000 Kodak Imaging large offset malformed jpeg tables (os-windows.rules)
 * 1:12643 <-> DISABLED <-> OS-WINDOWS Microsoft Windows URI External handler arbitrary command attempt (os-windows.rules)
 * 1:12656 <-> DISABLED <-> PUA-ADWARE Adware icoo loader 2.5 runtime detection 1 (pua-adware.rules)
 * 1:12657 <-> DISABLED <-> PUA-ADWARE Adware icoo loader 2.5 runtime detection 2 (pua-adware.rules)
 * 1:12658 <-> DISABLED <-> PUA-ADWARE Adware winantivirus pro 2007 runtime detection (pua-adware.rules)
 * 1:12674 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - iebar (blacklist.rules)
 * 1:12677 <-> DISABLED <-> PUA-ADWARE Adware ISTBar runtime detection - softwares (pua-adware.rules)
 * 1:12687 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ShellExecute and IE7 url handling code execution attempt (os-windows.rules)
 * 1:12688 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ShellExecute and IE7 url handling code execution attempt (os-windows.rules)
 * 1:12694 <-> DISABLED <-> PUA-ADWARE Adware avsystemcare runtime detection (pua-adware.rules)
 * 1:12695 <-> DISABLED <-> PUA-ADWARE Adware coopen 3.6.1 runtime detection - initial connection (pua-adware.rules)
 * 1:12696 <-> DISABLED <-> PUA-ADWARE Adware coopen 3.6.1 runtime detection - automatic upgrade (pua-adware.rules)
 * 1:12713 <-> DISABLED <-> SERVER-ORACLE pitrig_dropmetadata buffer overflow attempt (server-oracle.rules)
 * 1:12720 <-> DISABLED <-> PUA-ADWARE Adware pestbot runtime detection - update (pua-adware.rules)
 * 1:12721 <-> DISABLED <-> PUA-ADWARE Adware pestbot runtime detection - purchase (pua-adware.rules)
 * 1:12723 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - WakeSpace (blacklist.rules)
 * 1:12789 <-> DISABLED <-> PUA-ADWARE Adware sunshine spy 1.0 runtime detection - check update (pua-adware.rules)
 * 1:12797 <-> DISABLED <-> PUA-ADWARE Adware x-con spyware destroyer eh 3.2.8 runtime detection (pua-adware.rules)
 * 1:1283 <-> DISABLED <-> SERVER-IIS Microsoft Office Outlook web dos (server-iis.rules)
 * 1:1285 <-> DISABLED <-> SERVER-IIS msdac access (server-iis.rules)
 * 1:1286 <-> DISABLED <-> SERVER-IIS _mem_bin access (server-iis.rules)
 * 1:1304 <-> DISABLED <-> SERVER-WEBAPP txt2html.cgi access (server-webapp.rules)
 * 1:1305 <-> DISABLED <-> SERVER-WEBAPP txt2html.cgi directory traversal attempt (server-webapp.rules)
 * 1:1306 <-> DISABLED <-> SERVER-WEBAPP store.cgi product directory traversal attempt (server-webapp.rules)
 * 1:1307 <-> DISABLED <-> SERVER-WEBAPP store.cgi access (server-webapp.rules)
 * 1:1308 <-> DISABLED <-> SERVER-WEBAPP sendmessage.cgi access (server-webapp.rules)
 * 1:1309 <-> DISABLED <-> SERVER-WEBAPP zsh access (server-webapp.rules)
 * 1:13238 <-> DISABLED <-> PUA-ADWARE Adware adult p2p 1.5 runtime detection (pua-adware.rules)
 * 1:13240 <-> DISABLED <-> PUA-ADWARE Adware live protection 2.1 runtime detection - redirects to purchase page (pua-adware.rules)
 * 1:13241 <-> DISABLED <-> PUA-ADWARE Adware live protection 2.1 runtime detection - application updates (pua-adware.rules)
 * 1:13242 <-> DISABLED <-> PUA-ADWARE Adware netpumper 1.26 runtime detection (pua-adware.rules)
 * 1:13277 <-> DISABLED <-> PUA-ADWARE Adware netword agent runtime detection (pua-adware.rules)
 * 1:13284 <-> DISABLED <-> PUA-ADWARE Adware netguarder web cleaner runtime detection (pua-adware.rules)
 * 1:13286 <-> DISABLED <-> PUA-ADWARE Adware 3wplayer 1.7 runtime detection (pua-adware.rules)
 * 1:13288 <-> DISABLED <-> OS-WINDOWS Microsoft Windows remote kernel tcp/ip icmp vulnerability exploit attempt (os-windows.rules)
 * 1:13302 <-> DISABLED <-> SERVER-APACHE Apache mod_imagemap cross site scripting attempt (server-apache.rules)
 * 1:13343 <-> DISABLED <-> PUA-ADWARE Adware 2005-search loader runtime detection (pua-adware.rules)
 * 1:13344 <-> DISABLED <-> PUA-ADWARE Adware yourprivacyguard runtime detection - presale request (pua-adware.rules)
 * 1:13345 <-> DISABLED <-> PUA-ADWARE Adware yourprivacyguard runtime detection - update (pua-adware.rules)
 * 1:13347 <-> DISABLED <-> PUA-ADWARE Snoopware remote desktop inspector runtime detection - init connection (pua-adware.rules)
 * 1:13357 <-> DISABLED <-> SERVER-MYSQL failed Oracle Mysql login attempt (server-mysql.rules)
 * 1:13358 <-> DISABLED <-> SERVER-MYSQL Oracle Mysql login attempt from unauthorized location (server-mysql.rules)
 * 1:13366 <-> ENABLED <-> SERVER-ORACLE Oracle database SYS.LT.FINDRICSET SQL injection attempt (server-oracle.rules)
 * 1:13448 <-> DISABLED <-> OS-WINDOWS Microsoft Windows vbscript/jscript scripting engine begin buffer overflow attempt (os-windows.rules)
 * 1:13449 <-> DISABLED <-> OS-WINDOWS Microsoft Windows vbscript/jscript scripting engine end buffer overflow attempt (os-windows.rules)
 * 1:13487 <-> DISABLED <-> PUA-ADWARE Adware elite protector runtime detection (pua-adware.rules)
 * 1:13490 <-> DISABLED <-> PUA-ADWARE Adware spy shredder 2.1 runtime detection - presale request (pua-adware.rules)
 * 1:13491 <-> DISABLED <-> PUA-ADWARE Adware spy shredder 2.1 runtime detection - update (pua-adware.rules)
 * 1:13501 <-> DISABLED <-> PUA-ADWARE Adware contravirus runtime detection - presale request (pua-adware.rules)
 * 1:13502 <-> DISABLED <-> PUA-ADWARE Adware contravirus runtime detection - update (pua-adware.rules)
 * 1:13504 <-> DISABLED <-> PUA-ADWARE Adware iedefender runtime detection - presale request (pua-adware.rules)
 * 1:13505 <-> DISABLED <-> PUA-ADWARE Adware iedefender runtime detection - update (pua-adware.rules)
 * 1:13551 <-> DISABLED <-> SERVER-ORACLE Oracle XDB.XDB_PITRIG_PKG sql injection attempt (server-oracle.rules)
 * 1:13561 <-> DISABLED <-> PUA-ADWARE Adware malware alarm runtime detection - presale request (pua-adware.rules)
 * 1:13562 <-> DISABLED <-> PUA-ADWARE Adware malware alarm runtime detection - update request (pua-adware.rules)
 * 1:13563 <-> DISABLED <-> PUA-ADWARE Adware system doctor runtime detection - presale request (pua-adware.rules)
 * 1:13564 <-> DISABLED <-> PUA-ADWARE Adware system doctor runtime detection - update status (pua-adware.rules)
 * 1:13591 <-> ENABLED <-> SERVER-WEBAPP Trend Micro OfficeScan CGI password decryption buffer overflow attempt (server-webapp.rules)
 * 1:13594 <-> DISABLED <-> OS-WINDOWS Microsoft Windows print spooler little endian DoS attempt (os-windows.rules)
 * 1:13613 <-> DISABLED <-> OS-SOLARIS Oracle Solaris username overflow authentication bypass attempt (os-solaris.rules)
 * 1:13619 <-> DISABLED <-> OS-WINDOWS Microsoft Windows getBulkRequest memory corruption attempt (os-windows.rules)
 * 1:13637 <-> DISABLED <-> PUA-ADWARE Adware virus heat runtime detection - presale request (pua-adware.rules)
 * 1:13638 <-> DISABLED <-> PUA-ADWARE Adware virus heat runtime detection - initial database connection (pua-adware.rules)
 * 1:13646 <-> DISABLED <-> PUA-ADWARE Adware registry defender runtime detection - presale request (pua-adware.rules)
 * 1:13647 <-> DISABLED <-> PUA-ADWARE Adware registry defender runtime detection - error report request (pua-adware.rules)
 * 1:13648 <-> DISABLED <-> PUA-ADWARE Hijacker mysearch bar 2.0.2.28 runtime detection (pua-adware.rules)
 * 1:13649 <-> DISABLED <-> PUA-ADWARE Adware spyware stop runtime detection - presale request (pua-adware.rules)
 * 1:13650 <-> DISABLED <-> PUA-ADWARE Adware spyware stop runtime detection - auto updates (pua-adware.rules)
 * 1:13652 <-> DISABLED <-> PUA-ADWARE Keylogger all in one Keylogger runtime detection (pua-adware.rules)
 * 1:13653 <-> DISABLED <-> PUA-ADWARE Adware cashfiesta adbar runtime detection - updates traffic (pua-adware.rules)
 * 1:13714 <-> DISABLED <-> SERVER-MYSQL yaSSL SSLv3 Client Hello Message Cipher Specs Buffer Overflow attempt (server-mysql.rules)
 * 1:13719 <-> DISABLED <-> SERVER-ORACLE database username buffer overflow (server-oracle.rules)
 * 1:13762 <-> DISABLED <-> PUA-ADWARE Adware system defender runtime detection (pua-adware.rules)
 * 1:13765 <-> DISABLED <-> PUA-ADWARE Adware winxdefender runtime detection - presale request (pua-adware.rules)
 * 1:13766 <-> DISABLED <-> PUA-ADWARE Adware winxdefender runtime detection - auto update (pua-adware.rules)
 * 1:1377 <-> DISABLED <-> PROTOCOL-FTP wu-ftp bad file completion attempt (protocol-ftp.rules)
 * 1:13777 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - SysCleaner (blacklist.rules)
 * 1:1378 <-> DISABLED <-> PROTOCOL-FTP wu-ftp bad file completion attempt (protocol-ftp.rules)
 * 1:13782 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - EzReward (blacklist.rules)
 * 1:1380 <-> DISABLED <-> SERVER-IIS Form_VBScript.asp access (server-iis.rules)
 * 1:13808 <-> DISABLED <-> PUA-ADWARE Adware ie antivirus runtime detection - presale request (pua-adware.rules)
 * 1:13809 <-> DISABLED <-> PUA-ADWARE Adware ie antivirus runtime detection - update request (pua-adware.rules)
 * 1:13810 <-> DISABLED <-> PUA-ADWARE Trickler Adware.Win32.Ejik runtime detection - udp payload (pua-adware.rules)
 * 1:13811 <-> DISABLED <-> PUA-ADWARE Adware xp antivirus runtime detection (pua-adware.rules)
 * 1:13847 <-> DISABLED <-> PUA-ADWARE Adware phoenician casino runtime detection (pua-adware.rules)
 * 1:13848 <-> DISABLED <-> PUA-ADWARE Trickler zwinky runtime detection (pua-adware.rules)
 * 1:13850 <-> DISABLED <-> PUA-ADWARE Adware roogoo 2.0 runtime detection - popup ads (pua-adware.rules)
 * 1:13851 <-> DISABLED <-> PUA-ADWARE Adware roogoo 2.0 runtime detection - upgrade (pua-adware.rules)
 * 1:13855 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - SpeedRunner (blacklist.rules)
 * 1:13868 <-> DISABLED <-> PUA-ADWARE Adware antispywaremaster runtime detection - start fake scanning (pua-adware.rules)
 * 1:13869 <-> DISABLED <-> PUA-ADWARE Adware antispywaremaster runtime detection - sale/register request (pua-adware.rules)
 * 1:13870 <-> DISABLED <-> PUA-ADWARE Adware coopen 5.0.0.87 runtime detection - init conn (pua-adware.rules)
 * 1:13871 <-> DISABLED <-> PUA-ADWARE Adware coopen 5.0.0.87 runtime detection - ads (pua-adware.rules)
 * 1:13874 <-> DISABLED <-> PUA-ADWARE Adware malware destructor 4.5 runtime detection - order request (pua-adware.rules)
 * 1:13875 <-> DISABLED <-> PUA-ADWARE Adware malware destructor 4.5 runtime detection - auto update (pua-adware.rules)
 * 1:1388 <-> DISABLED <-> OS-WINDOWS Microsoft Windows UPnP Location overflow attempt (os-windows.rules)
 * 1:1392 <-> DISABLED <-> SERVER-WEBAPP lastlines.cgi access (server-webapp.rules)
 * 1:13925 <-> DISABLED <-> PROTOCOL-FTP Computer Associates eTrust Secure Content Manager PASV stack overflow attempt (protocol-ftp.rules)
 * 1:13931 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - PcPcUpdater (blacklist.rules)
 * 1:13932 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - opera (blacklist.rules)
 * 1:13937 <-> DISABLED <-> PUA-ADWARE Hijacker adware.win32.ejik.ec variant runtime detection - call home (pua-adware.rules)
 * 1:13939 <-> DISABLED <-> PUA-ADWARE Hijacker adware.win32.ejik.ec variant runtime detection - auto update (pua-adware.rules)
 * 1:1395 <-> DISABLED <-> SERVER-WEBAPP zml.cgi attempt (server-webapp.rules)
 * 1:1396 <-> DISABLED <-> SERVER-WEBAPP zml.cgi access (server-webapp.rules)
 * 1:1397 <-> DISABLED <-> SERVER-WEBAPP wayboard attempt (server-webapp.rules)
 * 1:1400 <-> DISABLED <-> SERVER-IIS /scripts/samples/ access (server-iis.rules)
 * 1:1401 <-> DISABLED <-> SERVER-IIS /msadc/samples/ access (server-iis.rules)
 * 1:1402 <-> DISABLED <-> SERVER-IIS iissamples access (server-iis.rules)
 * 1:1405 <-> DISABLED <-> SERVER-WEBAPP AHG search.cgi access (server-webapp.rules)
 * 1:14054 <-> DISABLED <-> PUA-ADWARE Adware AdwareALERT runtime detection - auto update (pua-adware.rules)
 * 1:14057 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - DMFR (blacklist.rules)
 * 1:14059 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - CPUSH_HOMEPAGE (blacklist.rules)
 * 1:1406 <-> DISABLED <-> SERVER-WEBAPP agora.cgi access (server-webapp.rules)
 * 1:14060 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - CPUSH_UPDATER (blacklist.rules)
 * 1:14066 <-> DISABLED <-> PUA-ADWARE Adware winsecuredisc runtime detection (pua-adware.rules)
 * 1:14067 <-> DISABLED <-> PUA-ADWARE Adware swizzor runtime detection (pua-adware.rules)
 * 1:14068 <-> DISABLED <-> PUA-ADWARE Adware rond runtime detection (pua-adware.rules)
 * 1:14069 <-> DISABLED <-> PUA-ADWARE Adware brave sentry runtime detection - order request (pua-adware.rules)
 * 1:14070 <-> DISABLED <-> PUA-ADWARE Adware brave sentry runtime detection - self update (pua-adware.rules)
 * 1:14071 <-> DISABLED <-> PUA-ADWARE Hijacker Adware bho.gen runtime detection - pop-up window traffic #1 (pua-adware.rules)
 * 1:14072 <-> DISABLED <-> PUA-ADWARE Hijacker Adware bho.gen runtime detection - pop-up window traffic #2 (pua-adware.rules)
 * 1:14073 <-> DISABLED <-> PUA-ADWARE Hijacker Adware bho.gen runtime detection - prompt download page (pua-adware.rules)
 * 1:14076 <-> DISABLED <-> PUA-ADWARE Hijacker Adware win32 mostofate runtime detection - hijack search (pua-adware.rules)
 * 1:14077 <-> DISABLED <-> PUA-ADWARE Hijacker Adware win32 mostofate runtime detection - redirect search results (pua-adware.rules)
 * 1:14078 <-> DISABLED <-> PUA-ADWARE Adware winspywareprotect runtime detection - download malicous code (pua-adware.rules)
 * 1:14079 <-> DISABLED <-> PUA-ADWARE Adware winspywareprotect runtime detection - connection to malicious sites (pua-adware.rules)
 * 1:14080 <-> DISABLED <-> PUA-ADWARE Adware winspywareprotect runtime detection - connection to malicious server (pua-adware.rules)
 * 1:1410 <-> DISABLED <-> SERVER-WEBAPP dcboard.cgi access (server-webapp.rules)
 * 1:14261 <-> DISABLED <-> OS-WINDOWS Microsoft Windows GDI VML gradient size heap overflow attempt (os-windows.rules)
 * 1:144 <-> DISABLED <-> PROTOCOL-FTP ADMw0rm ftp login attempt (protocol-ftp.rules)
 * 1:1451 <-> DISABLED <-> SERVER-WEBAPP NPH-maillist access (server-webapp.rules)
 * 1:1452 <-> DISABLED <-> SERVER-WEBAPP args.cmd access (server-webapp.rules)
 * 1:1453 <-> DISABLED <-> SERVER-WEBAPP AT-generated.cgi access (server-webapp.rules)
 * 1:1454 <-> DISABLED <-> SERVER-WEBAPP wwwwais access (server-webapp.rules)
 * 1:1455 <-> DISABLED <-> SERVER-WEBAPP calendar.pl access (server-webapp.rules)
 * 1:1456 <-> DISABLED <-> SERVER-WEBAPP calender_admin.pl access (server-webapp.rules)
 * 1:1457 <-> DISABLED <-> SERVER-WEBAPP user_update_admin.pl access (server-webapp.rules)
 * 1:1458 <-> DISABLED <-> SERVER-WEBAPP user_update_passwd.pl access (server-webapp.rules)
 * 1:1459 <-> DISABLED <-> SERVER-WEBAPP bb-histlog.sh access (server-webapp.rules)
 * 1:1460 <-> DISABLED <-> SERVER-WEBAPP bb-histsvc.sh access (server-webapp.rules)
 * 1:1461 <-> DISABLED <-> SERVER-WEBAPP bb-rep.sh access (server-webapp.rules)
 * 1:1462 <-> DISABLED <-> SERVER-WEBAPP bb-replog.sh access (server-webapp.rules)
 * 1:1465 <-> DISABLED <-> SERVER-WEBAPP auktion.cgi access (server-webapp.rules)
 * 1:1466 <-> DISABLED <-> SERVER-WEBAPP cgiforum.pl access (server-webapp.rules)
 * 1:1467 <-> DISABLED <-> SERVER-WEBAPP directorypro.cgi access (server-webapp.rules)
 * 1:1468 <-> DISABLED <-> SERVER-WEBAPP Web Shopper shopper.cgi attempt (server-webapp.rules)
 * 1:1469 <-> DISABLED <-> SERVER-WEBAPP Web Shopper shopper.cgi access (server-webapp.rules)
 * 1:1470 <-> DISABLED <-> SERVER-WEBAPP listrec.pl access (server-webapp.rules)
 * 1:1471 <-> DISABLED <-> SERVER-WEBAPP mailnews.cgi access (server-webapp.rules)
 * 1:1472 <-> DISABLED <-> SERVER-WEBAPP book.cgi access (server-webapp.rules)
 * 1:1473 <-> DISABLED <-> SERVER-WEBAPP newsdesk.cgi access (server-webapp.rules)
 * 1:1474 <-> DISABLED <-> SERVER-WEBAPP cal_make.pl access (server-webapp.rules)
 * 1:14743 <-> DISABLED <-> PROTOCOL-FTP RNTO directory traversal attempt (protocol-ftp.rules)
 * 1:1475 <-> DISABLED <-> SERVER-WEBAPP mailit.pl access (server-webapp.rules)
 * 1:1476 <-> DISABLED <-> SERVER-WEBAPP sdbsearch.cgi access (server-webapp.rules)
 * 1:14770 <-> DISABLED <-> PROTOCOL-FTP Ipswitch WS_FTP client format string attempt (protocol-ftp.rules)
 * 1:14771 <-> DISABLED <-> SERVER-APACHE BEA WebLogic Apache Oracle connector Transfer-Encoding buffer overflow (server-apache.rules)
 * 1:1478 <-> DISABLED <-> SERVER-WEBAPP swc access (server-webapp.rules)
 * 1:1479 <-> DISABLED <-> SERVER-WEBAPP ttawebtop.cgi arbitrary file attempt (server-webapp.rules)
 * 1:1480 <-> DISABLED <-> SERVER-WEBAPP ttawebtop.cgi access (server-webapp.rules)
 * 1:1481 <-> DISABLED <-> SERVER-WEBAPP upload.cgi access (server-webapp.rules)
 * 1:1482 <-> DISABLED <-> SERVER-WEBAPP view_source access (server-webapp.rules)
 * 1:1483 <-> DISABLED <-> SERVER-WEBAPP ustorekeeper.pl access (server-webapp.rules)
 * 1:1485 <-> DISABLED <-> SERVER-IIS mkilog.exe access (server-iis.rules)
 * 1:1486 <-> DISABLED <-> SERVER-IIS ctss.idc access (server-iis.rules)
 * 1:1487 <-> DISABLED <-> SERVER-IIS /iisadmpwd/aexp2.htr access (server-iis.rules)
 * 1:1488 <-> DISABLED <-> SERVER-WEBAPP store.cgi directory traversal attempt (server-webapp.rules)
 * 1:1494 <-> DISABLED <-> SERVER-WEBAPP SIX webboard generate.cgi attempt (server-webapp.rules)
 * 1:1495 <-> DISABLED <-> SERVER-WEBAPP SIX webboard generate.cgi access (server-webapp.rules)
 * 1:1496 <-> DISABLED <-> SERVER-WEBAPP spin_client.cgi access (server-webapp.rules)
 * 1:1501 <-> DISABLED <-> SERVER-WEBAPP a1stats a1disp3.cgi directory traversal attempt (server-webapp.rules)
 * 1:1502 <-> DISABLED <-> SERVER-WEBAPP a1stats a1disp3.cgi access (server-webapp.rules)
 * 1:1503 <-> DISABLED <-> SERVER-WEBAPP admentor admin.asp access (server-webapp.rules)
 * 1:1505 <-> DISABLED <-> SERVER-WEBAPP alchemy http server PRN arbitrary command execution attempt (server-webapp.rules)
 * 1:1506 <-> DISABLED <-> SERVER-WEBAPP alchemy http server NUL arbitrary command execution attempt (server-webapp.rules)
 * 1:1507 <-> DISABLED <-> SERVER-WEBAPP alibaba.pl arbitrary command execution attempt (server-webapp.rules)
 * 1:1508 <-> DISABLED <-> SERVER-WEBAPP alibaba.pl access (server-webapp.rules)
 * 1:1509 <-> DISABLED <-> SERVER-WEBAPP AltaVista Intranet Search directory traversal attempt (server-webapp.rules)
 * 1:1510 <-> DISABLED <-> SERVER-WEBAPP test.bat arbitrary command execution attempt (server-webapp.rules)
 * 1:1511 <-> DISABLED <-> SERVER-WEBAPP test.bat access (server-webapp.rules)
 * 1:15115 <-> DISABLED <-> OS-WINDOWS Microsoft Windows WebDAV pathname buffer overflow attempt (os-windows.rules)
 * 1:15116 <-> ENABLED <-> OS-WINDOWS Microsoft Windows search protocol handler access attempt (os-windows.rules)
 * 1:1512 <-> DISABLED <-> SERVER-WEBAPP input.bat arbitrary command execution attempt (server-webapp.rules)
 * 1:1513 <-> DISABLED <-> SERVER-WEBAPP input.bat access (server-webapp.rules)
 * 1:1514 <-> DISABLED <-> SERVER-WEBAPP input2.bat arbitrary command execution attempt (server-webapp.rules)
 * 1:1515 <-> DISABLED <-> SERVER-WEBAPP input2.bat access (server-webapp.rules)
 * 1:1516 <-> DISABLED <-> SERVER-WEBAPP envout.bat arbitrary command execution attempt (server-webapp.rules)
 * 1:1517 <-> DISABLED <-> SERVER-WEBAPP envout.bat access (server-webapp.rules)
 * 1:15255 <-> ENABLED <-> SERVER-ORACLE Secure Backup msgid 0x901 username field overflow attempt (server-oracle.rules)
 * 1:15256 <-> ENABLED <-> SERVER-ORACLE BPEL process manager XSS injection attempt (server-oracle.rules)
 * 1:15257 <-> ENABLED <-> SERVER-ORACLE Secure Backup common.php variable based command injection attempt (server-oracle.rules)
 * 1:15258 <-> ENABLED <-> SERVER-ORACLE Secure Backup login.php variable based command injection attempt (server-oracle.rules)
 * 1:15261 <-> ENABLED <-> SERVER-ORACLE Secure Backup exec_qr command injection attempt (server-oracle.rules)
 * 1:15262 <-> ENABLED <-> SERVER-ORACLE Secure Backup POST exec_qr command injection attempt (server-oracle.rules)
 * 1:15264 <-> ENABLED <-> SERVER-WEBAPP Oracle TimesTen In-Memory Database evtdump CGI module format string exploit attempt (server-webapp.rules)
 * 1:1531 <-> DISABLED <-> SERVER-WEBAPP bb-hist.sh attempt (server-webapp.rules)
 * 1:1532 <-> DISABLED <-> SERVER-WEBAPP bb-hostscv.sh attempt (server-webapp.rules)
 * 1:1533 <-> DISABLED <-> SERVER-WEBAPP bb-hostscv.sh access (server-webapp.rules)
 * 1:1534 <-> DISABLED <-> SERVER-WEBAPP agora.cgi attempt (server-webapp.rules)
 * 1:1535 <-> DISABLED <-> SERVER-WEBAPP bizdbsearch access (server-webapp.rules)
 * 1:1536 <-> DISABLED <-> SERVER-WEBAPP calendar_admin.pl arbitrary command execution attempt (server-webapp.rules)
 * 1:1537 <-> DISABLED <-> SERVER-WEBAPP calendar_admin.pl access (server-webapp.rules)
 * 1:15386 <-> ENABLED <-> OS-WINDOWS Microsoft Windows wpad dynamic update request  (os-windows.rules)
 * 1:1539 <-> DISABLED <-> SERVER-WEBAPP /cgi-bin/ls access (server-webapp.rules)
 * 1:1540 <-> DISABLED <-> SERVER-OTHER Adobe Coldfusion ?Mode=debug attempt (server-other.rules)
 * 1:1542 <-> DISABLED <-> SERVER-WEBAPP cgimail access (server-webapp.rules)
 * 1:1543 <-> DISABLED <-> SERVER-WEBAPP cgiwrap access (server-webapp.rules)
 * 1:15442 <-> ENABLED <-> SERVER-MYSQL XML Functions ExtractValue Scalar XPath denial of service attempt (server-mysql.rules)
 * 1:15443 <-> ENABLED <-> SERVER-MYSQL XML Functions UpdateXML Scalar XPath denial of service attempt (server-mysql.rules)
 * 1:15445 <-> ENABLED <-> SERVER-ORACLE Application Server BPEL module cross site scripting attempt (server-oracle.rules)
 * 1:15457 <-> ENABLED <-> OS-WINDOWS Microsoft Windows DirectShow MJPEG arbitrary code execution attempt (os-windows.rules)
 * 1:1547 <-> DISABLED <-> SERVER-WEBAPP csSearch.cgi arbitrary command execution attempt (server-webapp.rules)
 * 1:15475 <-> ENABLED <-> OS-WINDOWS Microsoft Windows ISA Server cross-site scripting attempt (os-windows.rules)
 * 1:1548 <-> DISABLED <-> SERVER-WEBAPP csSearch.cgi access (server-webapp.rules)
 * 1:15511 <-> DISABLED <-> SERVER-APACHE Oracle WebLogic Apache Connector buffer overflow attempt (server-apache.rules)
 * 1:15515 <-> ENABLED <-> SERVER-ORACLE Oracle Database Server RollbackWorkspace SQL injection attempt (server-oracle.rules)
 * 1:15523 <-> ENABLED <-> OS-WINDOWS Microsoft Windows srvsvc NetrShareEnum netname overflow attempt (os-windows.rules)
 * 1:15527 <-> ENABLED <-> OS-WINDOWS Microsoft Windows Active Directory LDAP denial of service attempt (os-windows.rules)
 * 1:1554 <-> DISABLED <-> SERVER-WEBAPP dbman db.cgi access (server-webapp.rules)
 * 1:1555 <-> DISABLED <-> SERVER-WEBAPP DCShop access (server-webapp.rules)
 * 1:15554 <-> DISABLED <-> SERVER-ORACLE Application Server 10g OPMN service format string vulnerability exploit attempt (server-oracle.rules)
 * 1:1556 <-> DISABLED <-> SERVER-WEBAPP DCShop orders.txt access (server-webapp.rules)
 * 1:1557 <-> DISABLED <-> SERVER-WEBAPP DCShop auth_user_file.txt access (server-webapp.rules)
 * 1:1565 <-> DISABLED <-> SERVER-WEBAPP eshop.pl arbitrary command execution attempt (server-webapp.rules)
 * 1:1566 <-> DISABLED <-> SERVER-WEBAPP eshop.pl access (server-webapp.rules)
 * 1:1567 <-> DISABLED <-> SERVER-IIS /exchange/root.asp attempt (server-iis.rules)
 * 1:1568 <-> DISABLED <-> SERVER-IIS /exchange/root.asp access (server-iis.rules)
 * 1:1569 <-> DISABLED <-> SERVER-WEBAPP loadpage.cgi directory traversal attempt (server-webapp.rules)
 * 1:1570 <-> DISABLED <-> SERVER-WEBAPP loadpage.cgi access (server-webapp.rules)
 * 1:15701 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 2000 domain authentication bypass attempt (os-windows.rules)
 * 1:1571 <-> DISABLED <-> SERVER-WEBAPP dcforum.cgi directory traversal attempt (server-webapp.rules)
 * 1:1572 <-> DISABLED <-> SERVER-WEBAPP commerce.cgi arbitrary file access attempt (server-webapp.rules)
 * 1:15723 <-> ENABLED <-> SERVER-ORACLE Oracle database server CompressWorkspaceTree SQL injection attempt (server-oracle.rules)
 * 1:15724 <-> ENABLED <-> SERVER-ORACLE Oracle database server MergeWorkspace SQL injection attempt (server-oracle.rules)
 * 1:15725 <-> ENABLED <-> SERVER-ORACLE Oracle database server RemoveWorkspace SQL injection attempt (server-oracle.rules)
 * 1:1573 <-> DISABLED <-> SERVER-WEBAPP cgiforum.pl attempt (server-webapp.rules)
 * 1:1574 <-> DISABLED <-> SERVER-WEBAPP directorypro.cgi attempt (server-webapp.rules)
 * 1:15849 <-> ENABLED <-> OS-WINDOWS Microsoft Windows WINS replication inform2 request memory corruption attempt (os-windows.rules)
 * 1:1590 <-> DISABLED <-> SERVER-WEBAPP faqmanager.cgi arbitrary file access attempt (server-webapp.rules)
 * 1:1591 <-> DISABLED <-> SERVER-WEBAPP faqmanager.cgi access (server-webapp.rules)
 * 1:15913 <-> ENABLED <-> OS-WINDOWS Microsoft Windows javascript arguments keyword override rce attempt (os-windows.rules)
 * 1:1592 <-> DISABLED <-> SERVER-WEBAPP /fcgi-bin/echo.exe access (server-webapp.rules)
 * 1:1593 <-> DISABLED <-> SERVER-WEBAPP FormHandler.cgi external site redirection attempt (server-webapp.rules)
 * 1:15930 <-> ENABLED <-> OS-WINDOWS Microsoft Windows SMB malformed process ID high field remote code execution attempt (os-windows.rules)
 * 1:15932 <-> DISABLED <-> PROTOCOL-FTP LIST globbing denial of service attack (protocol-ftp.rules)
 * 1:1594 <-> DISABLED <-> SERVER-WEBAPP FormHandler.cgi access (server-webapp.rules)
 * 1:15944 <-> ENABLED <-> OS-WINDOWS Microsoft Windows Active Directory crafted LDAP request denial of service attempt (os-windows.rules)
 * 1:1595 <-> DISABLED <-> SERVER-IIS htimage.exe access (server-iis.rules)
 * 1:15951 <-> DISABLED <-> SERVER-MYSQL MaxDB Webtool GET command overflow attempt (server-mysql.rules)
 * 1:15952 <-> ENABLED <-> SERVER-MYSQL create function libc arbitrary code execution attempt (server-mysql.rules)
 * 1:15955 <-> ENABLED <-> SERVER-ORACLE Application Server 9i Webcache file corruption attempt (server-oracle.rules)
 * 1:15956 <-> ENABLED <-> SERVER-ORACLE http Server mod_access restriction bypass attempt (server-oracle.rules)
 * 1:1597 <-> DISABLED <-> SERVER-WEBAPP guestbook.cgi access (server-webapp.rules)
 * 1:1598 <-> DISABLED <-> SERVER-WEBAPP Home Free search.cgi directory traversal attempt (server-webapp.rules)
 * 1:15980 <-> DISABLED <-> SERVER-APACHE Apache mod_ssl hook functions format string attempt (server-apache.rules)
 * 1:1599 <-> DISABLED <-> SERVER-WEBAPP search.cgi access (server-webapp.rules)
 * 1:1600 <-> DISABLED <-> SERVER-WEBAPP htsearch arbitrary configuration file attempt (server-webapp.rules)
 * 1:1601 <-> DISABLED <-> SERVER-WEBAPP htsearch arbitrary file read attempt (server-webapp.rules)
 * 1:1602 <-> DISABLED <-> SERVER-WEBAPP htsearch access (server-webapp.rules)
 * 1:16020 <-> DISABLED <-> SERVER-MYSQL login handshake information disclosure attempt (server-mysql.rules)
 * 1:16021 <-> DISABLED <-> SERVER-APACHE Apache http Server mod_tcl format string attempt (server-apache.rules)
 * 1:16029 <-> DISABLED <-> OS-WINDOWS Microsoft Windows DNS client ATMA buffer overrun attempt (os-windows.rules)
 * 1:16030 <-> DISABLED <-> OS-WINDOWS Microsoft Windows DNS client TXT buffer overrun attempt (os-windows.rules)
 * 1:1606 <-> DISABLED <-> SERVER-WEBAPP icat access (server-webapp.rules)
 * 1:16066 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Server driver crafted SMB data denial of service (os-windows.rules)
 * 1:1607 <-> DISABLED <-> SERVER-WEBAPP HyperSeek hsx.cgi access (server-webapp.rules)
 * 1:16079 <-> DISABLED <-> SERVER-WEBAPP uselang code injection (server-webapp.rules)
 * 1:1608 <-> DISABLED <-> SERVER-WEBAPP htmlscript attempt (server-webapp.rules)
 * 1:16089 <-> DISABLED <-> OS-WINDOWS Microsoft Windows embedded web font handling buffer overflow attempt (os-windows.rules)
 * 1:1610 <-> DISABLED <-> SERVER-WEBAPP formmail arbitrary command execution attempt (server-webapp.rules)
 * 1:1611 <-> DISABLED <-> SERVER-WEBAPP eXtropia webstore access (server-webapp.rules)
 * 1:16118 <-> DISABLED <-> PUA-ADWARE Adware winreanimator runtime detection - register request (pua-adware.rules)
 * 1:16119 <-> DISABLED <-> PUA-ADWARE Adware winreanimator runtime detection - daily update (pua-adware.rules)
 * 1:16127 <-> DISABLED <-> PUA-ADWARE Adware superiorads runtime detection (pua-adware.rules)
 * 1:16134 <-> DISABLED <-> PUA-ADWARE Adware spyware guard 2008 runtime detection - contacts remote server (pua-adware.rules)
 * 1:16135 <-> DISABLED <-> PUA-ADWARE Adware spyware guard 2008 runtime detection - purchase page (pua-adware.rules)
 * 1:16147 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS malformed URL .dll denial of service attempt (server-iis.rules)
 * 1:16157 <-> ENABLED <-> OS-WINDOWS Microsoft Windows malformed ASF voice codec memory corruption attempt (os-windows.rules)
 * 1:1617 <-> DISABLED <-> SERVER-WEBAPP Bugzilla doeditvotes.cgi access (server-webapp.rules)
 * 1:1618 <-> DISABLED <-> SERVER-IIS .asp chunked Transfer-Encoding (server-iis.rules)
 * 1:16181 <-> ENABLED <-> OS-WINDOWS Microsoft Windows CryptoAPI ASN.1 integer overflow attempt (os-windows.rules)
 * 1:16185 <-> ENABLED <-> OS-WINDOWS Microsoft Windows GDI+ compressed TIFF file parsing remote code execution attempt (os-windows.rules)
 * 1:16187 <-> ENABLED <-> OS-WINDOWS Microsoft Windows DirectShow MJPEG arbitrary code execution attempt (os-windows.rules)
 * 1:16189 <-> ENABLED <-> SERVER-ORACLE Database REPCAT_RPC.VALIDATE_REMOTE_RC SQL injection attempt (server-oracle.rules)
 * 1:16190 <-> ENABLED <-> SERVER-ORACLE Oracle Secure Backup Administration server property_box.php command injection attempt (server-oracle.rules)
 * 1:16191 <-> ENABLED <-> SERVER-ORACLE Oracle Secure Backup Administration server authentication bypass attempt - via GET (server-oracle.rules)
 * 1:16192 <-> ENABLED <-> SERVER-ORACLE Secure Backup Administration server authentication bypass attempt - via POST (server-oracle.rules)
 * 1:16198 <-> DISABLED <-> SERVER-APACHE Apache mod_auth_pgsql module logging facility format string exploit attempt (server-apache.rules)
 * 1:16206 <-> DISABLED <-> OS-WINDOWS Microsoft Windows DNS server spoofing attempt (os-windows.rules)
 * 1:16215 <-> ENABLED <-> SERVER-ORACLE Oracle Application Server Portal cross site scripting attempt (server-oracle.rules)
 * 1:1622 <-> DISABLED <-> PROTOCOL-FTP RNFR ././ attempt (protocol-ftp.rules)
 * 1:1623 <-> DISABLED <-> PROTOCOL-FTP invalid MODE (protocol-ftp.rules)
 * 1:16231 <-> DISABLED <-> FILE-PDF Microsoft Windows kernel-mode drivers core font parsing integer overflow attempt (file-pdf.rules)
 * 1:1626 <-> DISABLED <-> SERVER-IIS /StoreCSVS/InstantOrder.asmx request (server-iis.rules)
 * 1:1628 <-> DISABLED <-> SERVER-WEBAPP FormHandler.cgi directory traversal attempt attempt (server-webapp.rules)
 * 1:16290 <-> ENABLED <-> SERVER-ORACLE Oracle database server CREATE_TABLES SQL injection attempt (server-oracle.rules)
 * 1:16294 <-> DISABLED <-> OS-WINDOWS Microsoft Windows TCP stack zero window size exploit attempt (os-windows.rules)
 * 1:16309 <-> ENABLED <-> SERVER-ORACLE auth_sesskey buffer overflow attempt (server-oracle.rules)
 * 1:16312 <-> ENABLED <-> SERVER-IIS ADFS custom header arbitrary code execution attempt  (server-iis.rules)
 * 1:16327 <-> ENABLED <-> OS-WINDOWS Microsoft Windows GDI+ TIFF RLE compressed data buffer overflow attempt (os-windows.rules)
 * 1:16348 <-> ENABLED <-> SERVER-MYSQL database PROCEDURE ANALYSE denial of service attempt - 1 (server-mysql.rules)
 * 1:16349 <-> ENABLED <-> SERVER-MYSQL database Procedure Analyse denial of service attempt - 2 (server-mysql.rules)
 * 1:16356 <-> ENABLED <-> SERVER-IIS multiple extension code execution attempt (server-iis.rules)
 * 1:16357 <-> ENABLED <-> PROTOCOL-FTP multiple extension code execution attempt (protocol-ftp.rules)
 * 1:16366 <-> DISABLED <-> OS-WINDOWS Microsoft Windows embedded OpenType font engine LZX decompression buffer overflow attempt (os-windows.rules)
 * 1:1637 <-> DISABLED <-> SERVER-WEBAPP yabb access (server-webapp.rules)
 * 1:16383 <-> DISABLED <-> SERVER-ORACLE MDSYS drop table trigger injection attempt (server-oracle.rules)
 * 1:16385 <-> ENABLED <-> SERVER-MYSQL yaSSL library cert parsing stack overflow attempt (server-mysql.rules)
 * 1:16414 <-> ENABLED <-> OS-WINDOWS Microsoft Windows Shell Handler remote code execution attempt (os-windows.rules)
 * 1:1642 <-> DISABLED <-> SERVER-WEBAPP document.d2w access (server-webapp.rules)
 * 1:1643 <-> DISABLED <-> SERVER-WEBAPP db2www access (server-webapp.rules)
 * 1:16438 <-> ENABLED <-> SERVER-ORACLE WebLogic Server Node Manager arbitrary command execution attempt (server-oracle.rules)
 * 1:1644 <-> DISABLED <-> SERVER-WEBAPP test-cgi attempt (server-webapp.rules)
 * 1:1645 <-> DISABLED <-> SERVER-WEBAPP testcgi access (server-webapp.rules)
 * 1:1646 <-> DISABLED <-> SERVER-WEBAPP test.cgi access (server-webapp.rules)
 * 1:16479 <-> ENABLED <-> SERVER-APACHE Apache mod_isapi dangling pointer exploit attempt - public shell code (server-apache.rules)
 * 1:1648 <-> DISABLED <-> SERVER-WEBAPP perl.exe command attempt (server-webapp.rules)
 * 1:16480 <-> ENABLED <-> SERVER-APACHE Apache mod_isapi dangling pointer exploit attempt (server-apache.rules)
 * 1:1649 <-> DISABLED <-> SERVER-WEBAPP perl command attempt (server-webapp.rules)
 * 1:16497 <-> ENABLED <-> BLACKLIST User-Agent known malicious user agent - Tear Application (blacklist.rules)
 * 1:1650 <-> DISABLED <-> SERVER-WEBAPP tst.bat access (server-webapp.rules)
 * 1:1651 <-> DISABLED <-> SERVER-WEBAPP environ.pl access (server-webapp.rules)
 * 1:16516 <-> ENABLED <-> SERVER-ORACLE Database sys.olapimpl_t package odcitablestart overflow attempt (server-oracle.rules)
 * 1:1652 <-> DISABLED <-> SERVER-WEBAPP campas attempt (server-webapp.rules)
 * 1:16524 <-> ENABLED <-> PROTOCOL-FTP ProFTPD username sql injection attempt (protocol-ftp.rules)
 * 1:1654 <-> DISABLED <-> SERVER-WEBAPP cart32.exe access (server-webapp.rules)
 * 1:1655 <-> DISABLED <-> SERVER-WEBAPP pfdispaly.cgi arbitrary command execution attempt (server-webapp.rules)
 * 1:16551 <-> ENABLED <-> BLACKLIST User-Agent known malicious user agent - malware (blacklist.rules)
 * 1:1656 <-> DISABLED <-> SERVER-WEBAPP pfdispaly.cgi access (server-webapp.rules)
 * 1:1657 <-> DISABLED <-> SERVER-WEBAPP pagelog.cgi directory traversal attempt (server-webapp.rules)
 * 1:16578 <-> ENABLED <-> OS-WINDOWS Microsoft Windows Media Encoder 9 ActiveX buffer overflow attempt (os-windows.rules)
 * 1:1658 <-> DISABLED <-> SERVER-WEBAPP pagelog.cgi access (server-webapp.rules)
 * 1:1659 <-> DISABLED <-> SERVER-OTHER Adobe Coldfusion sendmail.cfm access (server-other.rules)
 * 1:1660 <-> DISABLED <-> SERVER-IIS trace.axd access (server-iis.rules)
 * 1:16606 <-> DISABLED <-> SERVER-ORACLE BEA WebLogic Server Plug-ins Certificate overflow attempt (server-oracle.rules)
 * 1:1661 <-> ENABLED <-> SERVER-IIS cmd32.exe access (server-iis.rules)
 * 1:16611 <-> DISABLED <-> SERVER-APACHE Apache 413 error HTTP request method cross-site scripting attack (server-apache.rules)
 * 1:16665 <-> ENABLED <-> OS-WINDOWS Microsoft Windows Help Centre escape sequence XSS attempt (os-windows.rules)
 * 1:16679 <-> ENABLED <-> OS-WINDOWS Microsoft Windows GDIplus integer overflow attempt (os-windows.rules)
 * 1:1668 <-> DISABLED <-> SERVER-WEBAPP /cgi-bin/ access (server-webapp.rules)
 * 1:1669 <-> DISABLED <-> SERVER-WEBAPP /cgi-dos/ access (server-webapp.rules)
 * 1:16697 <-> DISABLED <-> PROTOCOL-FTP httpdx USER null byte denial of service (protocol-ftp.rules)
 * 1:16698 <-> DISABLED <-> PROTOCOL-FTP httpdx PASS null byte denial of service (protocol-ftp.rules)
 * 1:16703 <-> ENABLED <-> SERVER-MYSQL Database COM_FIELD_LIST Buffer Overflow attempt (server-mysql.rules)
 * 1:16707 <-> DISABLED <-> SERVER-MYSQL mysql_log COM_CREATE_DB format string vulnerability exploit attempt (server-mysql.rules)
 * 1:16708 <-> DISABLED <-> SERVER-MYSQL mysql_log COM_DROP_DB format string vulnerability exploit attempt (server-mysql.rules)
 * 1:16717 <-> ENABLED <-> SERVER-ORACLE Oracle Secure Enterprise Search search_p_groups cross-site scripting attempt (server-oracle.rules)
 * 1:1672 <-> DISABLED <-> PROTOCOL-FTP CWD ~ attempt (protocol-ftp.rules)
 * 1:16722 <-> ENABLED <-> SERVER-ORACLE Oracle Database Server DBMS_CDC_PUBLISH.DROP_CHANGE_SOURCE procedure SQL injection attempt (server-oracle.rules)
 * 1:16723 <-> ENABLED <-> SERVER-ORACLE Oracle Database Server DBMS_CDC_PUBLISH.ALTER_CHANGE_SOURCE procedure SQL injection attempt (server-oracle.rules)
 * 1:1673 <-> DISABLED <-> SERVER-ORACLE EXECUTE_SYSTEM attempt (server-oracle.rules)
 * 1:1674 <-> DISABLED <-> SERVER-ORACLE connect_data remote version detection attempt (server-oracle.rules)
 * 1:1675 <-> DISABLED <-> SERVER-ORACLE misparsed login response (server-oracle.rules)
 * 1:1676 <-> DISABLED <-> SERVER-ORACLE select union attempt (server-oracle.rules)
 * 1:1677 <-> DISABLED <-> SERVER-ORACLE select like '%' attempt (server-oracle.rules)
 * 1:16777 <-> ENABLED <-> SERVER-ORACLE Secure Backup NDMP packet handling DoS attempt (server-oracle.rules)
 * 1:16778 <-> ENABLED <-> SERVER-ORACLE Secure Backup NDMP packet handling DoS attempt (server-oracle.rules)
 * 1:1678 <-> DISABLED <-> SERVER-ORACLE select like '%' attempt backslash escaped (server-oracle.rules)
 * 1:1679 <-> DISABLED <-> SERVER-ORACLE describe attempt (server-oracle.rules)
 * 1:1680 <-> DISABLED <-> SERVER-ORACLE all_constraints access (server-oracle.rules)
 * 1:1681 <-> DISABLED <-> SERVER-ORACLE all_views access (server-oracle.rules)
 * 1:1682 <-> DISABLED <-> SERVER-ORACLE all_source access (server-oracle.rules)
 * 1:1683 <-> DISABLED <-> SERVER-ORACLE all_tables access (server-oracle.rules)
 * 1:1684 <-> DISABLED <-> SERVER-ORACLE all_tab_columns access (server-oracle.rules)
 * 1:1685 <-> DISABLED <-> SERVER-ORACLE all_tab_privs access (server-oracle.rules)
 * 1:1686 <-> DISABLED <-> SERVER-ORACLE dba_tablespace access (server-oracle.rules)
 * 1:1687 <-> DISABLED <-> SERVER-ORACLE dba_tables access (server-oracle.rules)
 * 1:1688 <-> DISABLED <-> SERVER-ORACLE user_tablespace access (server-oracle.rules)
 * 1:1689 <-> DISABLED <-> SERVER-ORACLE sys.all_users access (server-oracle.rules)
 * 1:1690 <-> DISABLED <-> SERVER-ORACLE grant attempt (server-oracle.rules)
 * 1:1691 <-> DISABLED <-> SERVER-ORACLE ALTER USER attempt (server-oracle.rules)
 * 1:1692 <-> DISABLED <-> SERVER-ORACLE drop table attempt (server-oracle.rules)
 * 1:1693 <-> DISABLED <-> SERVER-ORACLE create table attempt (server-oracle.rules)
 * 1:16934 <-> DISABLED <-> POLICY-SPAM pku-edp.cn known spam email attempt (policy-spam.rules)
 * 1:16935 <-> DISABLED <-> POLICY-SPAM sjtu-edp.cn known spam email attempt (policy-spam.rules)
 * 1:16936 <-> DISABLED <-> POLICY-SPAM xoposuhop.cn xoposuhop.cn known spam email attempt (policy-spam.rules)
 * 1:16937 <-> DISABLED <-> POLICY-SPAM bestdrug-store.com known spam email attempt (policy-spam.rules)
 * 1:16938 <-> DISABLED <-> POLICY-SPAM pharmrik66y.ru known spam email attempt (policy-spam.rules)
 * 1:16939 <-> DISABLED <-> POLICY-SPAM refillleonardo59y.ru known spam email attempt (policy-spam.rules)
 * 1:1694 <-> DISABLED <-> SERVER-ORACLE alter table attempt (server-oracle.rules)
 * 1:16940 <-> DISABLED <-> POLICY-SPAM medfreddie55a.ru known spam email attempt (policy-spam.rules)
 * 1:16941 <-> DISABLED <-> POLICY-SPAM drugshershel38w.ru known spam email attempt (policy-spam.rules)
 * 1:16942 <-> DISABLED <-> POLICY-SPAM drugshayyim77n.ru known spam email attempt (policy-spam.rules)
 * 1:16943 <-> DISABLED <-> POLICY-SPAM erectguthry99c.ru known spam email attempt (policy-spam.rules)
 * 1:16944 <-> DISABLED <-> POLICY-SPAM pilldory92n.ru known spam email attempt (policy-spam.rules)
 * 1:16945 <-> DISABLED <-> POLICY-SPAM tabwinn77t.ru known spam email attempt (policy-spam.rules)
 * 1:16946 <-> DISABLED <-> POLICY-SPAM pillrenault15j.ru known spam email attempt (policy-spam.rules)
 * 1:16947 <-> DISABLED <-> POLICY-SPAM pharmrolland95h.ru known spam email attempt (policy-spam.rules)
 * 1:16948 <-> DISABLED <-> POLICY-SPAM onlineheindrick60i.ru known spam email attempt (policy-spam.rules)
 * 1:16949 <-> DISABLED <-> POLICY-SPAM erectnormie71a.ru known spam email attempt (policy-spam.rules)
 * 1:1695 <-> DISABLED <-> SERVER-ORACLE truncate table attempt (server-oracle.rules)
 * 1:16950 <-> DISABLED <-> POLICY-SPAM tabscotti71i.ru known spam email attempt (policy-spam.rules)
 * 1:16951 <-> DISABLED <-> POLICY-SPAM drugsjudd45f.ru known spam email attempt (policy-spam.rules)
 * 1:16952 <-> DISABLED <-> POLICY-SPAM pharmharman55y.ru known spam email attempt (policy-spam.rules)
 * 1:16953 <-> DISABLED <-> POLICY-SPAM medgaultiero11e.ru known spam email attempt (policy-spam.rules)
 * 1:16954 <-> DISABLED <-> POLICY-SPAM pillgaylor21n.ru known spam email attempt (policy-spam.rules)
 * 1:16955 <-> DISABLED <-> POLICY-SPAM drugspenn84f.ru known spam email attempt (policy-spam.rules)
 * 1:16956 <-> DISABLED <-> POLICY-SPAM medebeneser68c.ru known spam email attempt (policy-spam.rules)
 * 1:16957 <-> DISABLED <-> POLICY-SPAM tabmario94r.ru known spam email attempt (policy-spam.rules)
 * 1:16958 <-> DISABLED <-> POLICY-SPAM tablennard88q.ru known spam email attempt (policy-spam.rules)
 * 1:16959 <-> DISABLED <-> POLICY-SPAM medforster79j.ru known spam email attempt (policy-spam.rules)
 * 1:1696 <-> DISABLED <-> SERVER-ORACLE create database attempt (server-oracle.rules)
 * 1:16960 <-> DISABLED <-> POLICY-SPAM erectvincent21v.ru known spam email attempt (policy-spam.rules)
 * 1:16961 <-> DISABLED <-> POLICY-SPAM drugsdemott21o.ru known spam email attempt (policy-spam.rules)
 * 1:16962 <-> DISABLED <-> POLICY-SPAM onlinelovell30p.ru known spam email attempt (policy-spam.rules)
 * 1:16963 <-> DISABLED <-> POLICY-SPAM erecttaylor49i.ru known spam email attempt (policy-spam.rules)
 * 1:16964 <-> DISABLED <-> POLICY-SPAM smellexact.ru known spam email attempt (policy-spam.rules)
 * 1:16965 <-> DISABLED <-> POLICY-SPAM givehome.ru known spam email attempt (policy-spam.rules)
 * 1:16966 <-> DISABLED <-> POLICY-SPAM thingpath.ru known spam email attempt (policy-spam.rules)
 * 1:16967 <-> DISABLED <-> POLICY-SPAM wereif.ru known spam email attempt (policy-spam.rules)
 * 1:16968 <-> DISABLED <-> POLICY-SPAM bassmax.ru known spam email attempt (policy-spam.rules)
 * 1:16969 <-> DISABLED <-> POLICY-SPAM steadfig.ru known spam email attempt (policy-spam.rules)
 * 1:1697 <-> DISABLED <-> SERVER-ORACLE alter database attempt (server-oracle.rules)
 * 1:16970 <-> DISABLED <-> POLICY-SPAM drugsmayne5a.ru known spam email attempt (policy-spam.rules)
 * 1:16971 <-> DISABLED <-> POLICY-SPAM mystick.ru known spam email attempt (policy-spam.rules)
 * 1:16972 <-> DISABLED <-> POLICY-SPAM drugsrey95a.ru known spam email attempt (policy-spam.rules)
 * 1:16973 <-> DISABLED <-> POLICY-SPAM milklowly.ru known spam email attempt (policy-spam.rules)
 * 1:16974 <-> DISABLED <-> POLICY-SPAM numberenough.ru known spam email attempt (policy-spam.rules)
 * 1:16975 <-> DISABLED <-> POLICY-SPAM oldsheer.ru known spam email attempt (policy-spam.rules)
 * 1:16976 <-> DISABLED <-> POLICY-SPAM logzest.ru known spam email attempt (policy-spam.rules)
 * 1:16977 <-> DISABLED <-> POLICY-SPAM energypotent.ru known spam email attempt (policy-spam.rules)
 * 1:16978 <-> DISABLED <-> POLICY-SPAM outhave.ru known spam email attempt (policy-spam.rules)
 * 1:16979 <-> DISABLED <-> POLICY-SPAM solvecalm.ru known spam email attempt (policy-spam.rules)
 * 1:16980 <-> DISABLED <-> POLICY-SPAM stillvisit.ru known spam email attempt (policy-spam.rules)
 * 1:16981 <-> DISABLED <-> POLICY-SPAM livelycall.ru known spam email attempt (policy-spam.rules)
 * 1:16982 <-> DISABLED <-> POLICY-SPAM 64.com1.ru known spam email attempt (policy-spam.rules)
 * 1:16983 <-> DISABLED <-> POLICY-SPAM heatsettle.ru known spam email attempt (policy-spam.rules)
 * 1:16984 <-> DISABLED <-> POLICY-SPAM freshmuch.ru known spam email attempt (policy-spam.rules)
 * 1:16985 <-> DISABLED <-> POLICY-SPAM extoleye.ru known spam email attempt (policy-spam.rules)
 * 1:16987 <-> DISABLED <-> POLICY-SPAM tabemmerich86b.ru known spam email attempt (policy-spam.rules)
 * 1:16988 <-> DISABLED <-> POLICY-SPAM moderneight.ru known spam email attempt (policy-spam.rules)
 * 1:16989 <-> DISABLED <-> POLICY-SPAM tabferd49a.ru known spam email attempt (policy-spam.rules)
 * 1:16990 <-> DISABLED <-> POLICY-SPAM nextmail.ru known spam email attempt (policy-spam.rules)
 * 1:16991 <-> DISABLED <-> POLICY-SPAM fruitone.ru known spam email attempt (policy-spam.rules)
 * 1:16992 <-> DISABLED <-> POLICY-SPAM liquideat.ru known spam email attempt (policy-spam.rules)
 * 1:16993 <-> DISABLED <-> POLICY-SPAM tabwinn2a.ru known spam email attempt (policy-spam.rules)
 * 1:16994 <-> DISABLED <-> POLICY-SPAM abletool.ru known spam email attempt (policy-spam.rules)
 * 1:16995 <-> DISABLED <-> POLICY-SPAM miltyrefil.ru known spam email attempt (policy-spam.rules)
 * 1:16996 <-> DISABLED <-> POLICY-SPAM quincytab.ru known spam email attempt (policy-spam.rules)
 * 1:16997 <-> DISABLED <-> POLICY-SPAM giacoporx.ru known spam email attempt (policy-spam.rules)
 * 1:16998 <-> DISABLED <-> POLICY-SPAM drugsnevile.ru known spam email attempt (policy-spam.rules)
 * 1:16999 <-> DISABLED <-> POLICY-SPAM jasemed.ru known spam email attempt (policy-spam.rules)
 * 1:1700 <-> DISABLED <-> SERVER-WEBAPP imagemap.exe access (server-webapp.rules)
 * 1:17000 <-> DISABLED <-> POLICY-SPAM ximenezdrug.ru known spam email attempt (policy-spam.rules)
 * 1:17001 <-> DISABLED <-> POLICY-SPAM dillonline.ru known spam email attempt (policy-spam.rules)
 * 1:17002 <-> DISABLED <-> POLICY-SPAM swellliquid.ru known spam email attempt (policy-spam.rules)
 * 1:17003 <-> DISABLED <-> POLICY-SPAM younglaugh.ru known spam email attempt (policy-spam.rules)
 * 1:17004 <-> DISABLED <-> POLICY-SPAM 2047757.kaskad-travel.ru known spam email attempt (policy-spam.rules)
 * 1:17005 <-> DISABLED <-> POLICY-SPAM paintwater.ru known spam email attempt (policy-spam.rules)
 * 1:17006 <-> DISABLED <-> POLICY-SPAM lovingover.ru known spam email attempt (policy-spam.rules)
 * 1:17007 <-> DISABLED <-> POLICY-SPAM pharmerastus.ru known spam email attempt (policy-spam.rules)
 * 1:17008 <-> DISABLED <-> POLICY-SPAM hisoffer.ru known spam email attempt (policy-spam.rules)
 * 1:17009 <-> DISABLED <-> POLICY-SPAM butleft.ru known spam email attempt (policy-spam.rules)
 * 1:1701 <-> DISABLED <-> SERVER-WEBAPP calendar-admin.pl access (server-webapp.rules)
 * 1:17010 <-> DISABLED <-> POLICY-SPAM starknow.ru known spam email attempt (policy-spam.rules)
 * 1:17011 <-> DISABLED <-> POLICY-SPAM beginwisdom.ru known spam email attempt (policy-spam.rules)
 * 1:17012 <-> DISABLED <-> POLICY-SPAM oneus.ru known spam email attempt (policy-spam.rules)
 * 1:17013 <-> DISABLED <-> POLICY-SPAM reapcomfy.ru known spam email attempt (policy-spam.rules)
 * 1:17014 <-> DISABLED <-> POLICY-SPAM rowsay.ru known spam email attempt (policy-spam.rules)
 * 1:17015 <-> DISABLED <-> POLICY-SPAM pamperletter.ru known spam email attempt (policy-spam.rules)
 * 1:17016 <-> DISABLED <-> POLICY-SPAM boxdouble.ru known spam email attempt (policy-spam.rules)
 * 1:17017 <-> DISABLED <-> POLICY-SPAM beatmoon.ru known spam email attempt (policy-spam.rules)
 * 1:17018 <-> DISABLED <-> POLICY-SPAM ensureequate.ru known spam email attempt (policy-spam.rules)
 * 1:1702 <-> DISABLED <-> SERVER-WEBAPP Amaya templates sendtemp.pl access (server-webapp.rules)
 * 1:17020 <-> DISABLED <-> POLICY-SPAM sheerwheel.ru known spam email attempt (policy-spam.rules)
 * 1:17021 <-> DISABLED <-> POLICY-SPAM nearpass.ru known spam email attempt (policy-spam.rules)
 * 1:17022 <-> DISABLED <-> POLICY-SPAM thatmile.ru known spam email attempt (policy-spam.rules)
 * 1:17023 <-> DISABLED <-> POLICY-SPAM hillfoot.ru known spam email attempt (policy-spam.rules)
 * 1:17024 <-> DISABLED <-> POLICY-SPAM writeobject.ru known spam email attempt (policy-spam.rules)
 * 1:17025 <-> DISABLED <-> POLICY-SPAM thoughthese.ru known spam email attempt (policy-spam.rules)
 * 1:17026 <-> DISABLED <-> POLICY-SPAM redlead.ru known spam email attempt (policy-spam.rules)
 * 1:17027 <-> DISABLED <-> POLICY-SPAM scoreenjoy.ru known spam email attempt (policy-spam.rules)
 * 1:17029 <-> DISABLED <-> POLICY-SPAM tenderpower.ru known spam email attempt (policy-spam.rules)
 * 1:1703 <-> DISABLED <-> SERVER-WEBAPP auktion.cgi directory traversal attempt (server-webapp.rules)
 * 1:17030 <-> DISABLED <-> POLICY-SPAM fewvalley.ru known spam email attempt (policy-spam.rules)
 * 1:17031 <-> DISABLED <-> POLICY-SPAM burnshy.ru known spam email attempt (policy-spam.rules)
 * 1:17032 <-> DISABLED <-> POLICY-SPAM centtry.ru known spam email attempt (policy-spam.rules)
 * 1:17033 <-> DISABLED <-> POLICY-SPAM signpearl.ru known spam email attempt (policy-spam.rules)
 * 1:1704 <-> DISABLED <-> SERVER-WEBAPP cal_make.pl directory traversal attempt (server-webapp.rules)
 * 1:1705 <-> DISABLED <-> SERVER-WEBAPP echo.bat arbitrary command execution attempt (server-webapp.rules)
 * 1:17059 <-> DISABLED <-> PROTOCOL-FTP Vermillion 1.31 vftpd port command memory corruption (protocol-ftp.rules)
 * 1:1706 <-> DISABLED <-> SERVER-WEBAPP echo.bat access (server-webapp.rules)
 * 1:1707 <-> DISABLED <-> SERVER-WEBAPP hello.bat arbitrary command execution attempt (server-webapp.rules)
 * 1:1708 <-> DISABLED <-> SERVER-WEBAPP hello.bat access (server-webapp.rules)
 * 1:1709 <-> DISABLED <-> SERVER-WEBAPP ad.cgi access (server-webapp.rules)
 * 1:1710 <-> DISABLED <-> SERVER-WEBAPP bbs_forum.cgi access (server-webapp.rules)
 * 1:17103 <-> DISABLED <-> SERVER-IIS IIS 5.1 alternate data stream authentication bypass attempt (server-iis.rules)
 * 1:17107 <-> DISABLED <-> SERVER-APACHE Apache Tomcat JK Web Server Connector long URL stack overflow attempt - 1 (server-apache.rules)
 * 1:1711 <-> DISABLED <-> SERVER-WEBAPP bsguest.cgi access (server-webapp.rules)
 * 1:1712 <-> DISABLED <-> SERVER-WEBAPP bslist.cgi access (server-webapp.rules)
 * 1:1713 <-> DISABLED <-> SERVER-WEBAPP cgforum.cgi access (server-webapp.rules)
 * 1:17133 <-> DISABLED <-> OS-WINDOWS Microsoft Windows MSXML2 ActiveX malformed HTTP response (os-windows.rules)
 * 1:1714 <-> DISABLED <-> SERVER-WEBAPP newdesk access (server-webapp.rules)
 * 1:1715 <-> DISABLED <-> SERVER-WEBAPP register.cgi access (server-webapp.rules)
 * 1:17156 <-> ENABLED <-> SERVER-APACHE HP Performance Manager Apache Tomcat policy bypass attempt (server-apache.rules)
 * 1:1716 <-> DISABLED <-> SERVER-WEBAPP gbook.cgi access (server-webapp.rules)
 * 1:1717 <-> DISABLED <-> SERVER-WEBAPP simplestguest.cgi access (server-webapp.rules)
 * 1:1718 <-> DISABLED <-> SERVER-WEBAPP statsconfig.pl access (server-webapp.rules)
 * 1:1719 <-> DISABLED <-> SERVER-WEBAPP talkback.cgi directory traversal attempt (server-webapp.rules)
 * 1:1720 <-> DISABLED <-> SERVER-WEBAPP talkback.cgi access (server-webapp.rules)
 * 1:1721 <-> DISABLED <-> SERVER-WEBAPP adcycle access (server-webapp.rules)
 * 1:1722 <-> DISABLED <-> SERVER-WEBAPP MachineInfo access (server-webapp.rules)
 * 1:17228 <-> ENABLED <-> OS-WINDOWS Microsoft Windows Media Player skin decompression code execution attempt (os-windows.rules)
 * 1:1723 <-> DISABLED <-> SERVER-WEBAPP emumail.cgi NULL attempt (server-webapp.rules)
 * 1:1724 <-> DISABLED <-> SERVER-WEBAPP emumail.cgi access (server-webapp.rules)
 * 1:1725 <-> DISABLED <-> SERVER-IIS +.htr code fragment attempt (server-iis.rules)
 * 1:17252 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Print Spooler arbitrary file write attempt (os-windows.rules)
 * 1:17254 <-> ENABLED <-> SERVER-IIS Microsoft Windows IIS stack exhaustion DoS attempt (server-iis.rules)
 * 1:17256 <-> ENABLED <-> OS-WINDOWS Microsoft Windows uniscribe fonts parsing memory corruption attempt (os-windows.rules)
 * 1:1726 <-> DISABLED <-> SERVER-IIS doctodep.btr access (server-iis.rules)
 * 1:17264 <-> ENABLED <-> SERVER-ORACLE Permission declaration exploit attempt (server-oracle.rules)
 * 1:1727 <-> DISABLED <-> SERVER-WEBAPP SGI InfoSearch fname access (server-webapp.rules)
 * 1:17270 <-> ENABLED <-> SERVER-ORACLE DBMS_METADATA Package SQL Injection attempt (server-oracle.rules)
 * 1:17293 <-> ENABLED <-> SERVER-ORACLE sdo_lrs.convert_to_lrs_layer buffer overflow attempt (server-oracle.rules)
 * 1:1730 <-> DISABLED <-> SERVER-WEBAPP ustorekeeper.pl directory traversal attempt (server-webapp.rules)
 * 1:1731 <-> DISABLED <-> SERVER-WEBAPP a1stats access (server-webapp.rules)
 * 1:17313 <-> ENABLED <-> SERVER-ORACLE database server crafted view privelege escalation attempt (server-oracle.rules)
 * 1:17316 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Folder GUID Code Execution attempt (os-windows.rules)
 * 1:17347 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Color Management Module buffer overflow attempt (os-windows.rules)
 * 1:17348 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Color Management Module buffer overflow attempt (os-windows.rules)
 * 1:17349 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Color Management Module buffer overflow attempt (os-windows.rules)
 * 1:17350 <-> ENABLED <-> SERVER-ORACLE Application Server Forms Arbitrary System Command Execution Attempt (server-oracle.rules)
 * 1:17353 <-> DISABLED <-> OS-SOLARIS Oracle Solaris printd Daemon Arbitrary File Deletion attempt (os-solaris.rules)
 * 1:17354 <-> DISABLED <-> SERVER-APACHE Apache Byte-Range Filter denial of service attempt (server-apache.rules)
 * 1:17387 <-> DISABLED <-> SERVER-APACHE Apache Tomcat allowLinking URIencoding directory traversal attempt (server-apache.rules)
 * 1:17391 <-> ENABLED <-> SERVER-APACHE Apache Tomcat UNIX platform directory traversal (server-apache.rules)
 * 1:17408 <-> DISABLED <-> OS-WINDOWS Microsoft Windows DirectX Targa image file heap overflow attempt (os-windows.rules)
 * 1:17412 <-> ENABLED <-> SERVER-MYSQL create function mysql.func arbitrary library injection attempt (server-mysql.rules)
 * 1:17416 <-> ENABLED <-> SERVER-ORACLE Database Intermedia Denial of Service Attempt (server-oracle.rules)
 * 1:17417 <-> ENABLED <-> SERVER-ORACLE Database Intermedia Denial of Service Attempt (server-oracle.rules)
 * 1:17418 <-> DISABLED <-> SERVER-ORACLE Oracle connection established (server-oracle.rules)
 * 1:17419 <-> ENABLED <-> SERVER-ORACLE Oracle database SQL compiler read-only join auth bypass attempt (server-oracle.rules)
 * 1:17428 <-> ENABLED <-> OS-WINDOWS Microsoft Windows ASP.NET information disclosure attempt (os-windows.rules)
 * 1:17429 <-> ENABLED <-> OS-WINDOWS Microsoft Windows ASP.NET information disclosure attempt (os-windows.rules)
 * 1:17431 <-> ENABLED <-> SERVER-IIS Microsoft Windows IIS SChannel improper certificate verification (server-iis.rules)
 * 1:17433 <-> DISABLED <-> OS-SOLARIS Oracle Solaris DHCP Client Arbitrary Code Execution attempt (os-solaris.rules)
 * 1:17440 <-> DISABLED <-> SERVER-IIS RSA authentication agent for web redirect buffer overflow attempt (server-iis.rules)
 * 1:17467 <-> ENABLED <-> OS-WINDOWS Microsoft Windows ShellExecute and IE7 snews url handling code execution attempt (os-windows.rules)
 * 1:17468 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ShellExecute and IE7 snews url handling code execution attempt (os-windows.rules)
 * 1:17470 <-> ENABLED <-> FILE-MULTIMEDIA Apple QuickTime STSD JPEG atom heap corruption attempt (file-multimedia.rules)
 * 1:17473 <-> ENABLED <-> SERVER-ORACLE DBMS_CDC_SUBSCRIBE.EXTEND_WINDOW arbitrary command execution attempt (server-oracle.rules)
 * 1:17474 <-> ENABLED <-> SERVER-ORACLE DBMS_CDC_SUBSCRIBE.CREATE_SUBSCRIPTION arbitrary command execution attempt (server-oracle.rules)
 * 1:17475 <-> ENABLED <-> SERVER-ORACLE DBMS_CDC_SUBSCRIBE.ACTIVATE_SUBSCRIPTION arbitrary command execution attempt (server-oracle.rules)
 * 1:17476 <-> ENABLED <-> SERVER-ORACLE DBMS_CDC_SUBSCRIBE.PURGE_WINDOW arbitrary command execution attempt (server-oracle.rules)
 * 1:17477 <-> ENABLED <-> SERVER-ORACLE DBMS_CDC_SUBSCRIBE.DROP_SUBSCRIPTION arbitrary command execution attempt (server-oracle.rules)
 * 1:17478 <-> ENABLED <-> SERVER-ORACLE DBMS_CDC_SUBSCRIBE.SUBSCRIBE arbitrary command execution attempt (server-oracle.rules)
 * 1:17479 <-> ENABLED <-> SERVER-ORACLE DBMS_CDC_ISUBSCRIBE.SUBSCRIBE arbitrary command execution attempt (server-oracle.rules)
 * 1:17480 <-> ENABLED <-> SERVER-ORACLE DBMS_CDC_ISUBSCRIBE.CREATE_SUBSCRIPTION arbitrary command execution attempt (server-oracle.rules)
 * 1:17498 <-> ENABLED <-> SERVER-APACHE Apache Tomcat UNIX platform directory traversal (server-apache.rules)
 * 1:17499 <-> ENABLED <-> SERVER-APACHE Apache Tomcat UNIX platform directory traversal (server-apache.rules)
 * 1:1750 <-> DISABLED <-> SERVER-IIS users.xml access (server-iis.rules)
 * 1:17500 <-> ENABLED <-> SERVER-APACHE Apache Tomcat UNIX platform directory traversal (server-apache.rules)
 * 1:17501 <-> ENABLED <-> SERVER-APACHE Apache Tomcat UNIX platform directory traversal (server-apache.rules)
 * 1:17502 <-> ENABLED <-> SERVER-APACHE Apache Tomcat UNIX platform directory traversal (server-apache.rules)
 * 1:17518 <-> DISABLED <-> PROTOCOL-FTP FlashGet PWD command stack buffer overflow attempt (protocol-ftp.rules)
 * 1:17525 <-> ENABLED <-> SERVER-IIS Microsoft Windows IIS 5.0 WebDav Request Directory Security Bypass (server-iis.rules)
 * 1:1753 <-> DISABLED <-> SERVER-IIS as_web.exe access (server-iis.rules)
 * 1:17533 <-> ENABLED <-> SERVER-APACHE Apache Struts Information Disclosure Attempt (server-apache.rules)
 * 1:1754 <-> DISABLED <-> SERVER-IIS as_web4.exe access (server-iis.rules)
 * 1:1756 <-> DISABLED <-> SERVER-IIS NewsPro administration authentication attempt (server-iis.rules)
 * 1:17564 <-> ENABLED <-> SERVER-IIS WebDAV Request Directory Security Bypass attempt (server-iis.rules)
 * 1:17584 <-> ENABLED <-> SERVER-ORACLE UTL_FILE directory traversal attempt (server-oracle.rules)
 * 1:17590 <-> ENABLED <-> SERVER-ORACLE DBMS_ASSERT.simple_sql_name double quote SQL injection attempt (server-oracle.rules)
 * 1:17605 <-> ENABLED <-> SERVER-WEBAPP Trend Micro OfficeScan CGI password decryption buffer overflow attempt (server-webapp.rules)
 * 1:17618 <-> DISABLED <-> OS-WINDOWS Microsoft Windows hraphics engine EMF rendering vulnerability (os-windows.rules)
 * 1:17619 <-> ENABLED <-> SERVER-ORACLE database server crafted view privelege escalation attempt (server-oracle.rules)
 * 1:1762 <-> DISABLED <-> SERVER-WEBAPP phf arbitrary command execution attempt (server-webapp.rules)
 * 1:17625 <-> DISABLED <-> SERVER-ORACLE Database Core RDBMS component denial of service attempt (server-oracle.rules)
 * 1:17626 <-> DISABLED <-> OS-WINDOWS Microsoft Windows embedded web font handling buffer overflow attempt (os-windows.rules)
 * 1:1763 <-> DISABLED <-> SERVER-WEBAPP Nortel Contivity cgiproc DOS attempt (server-webapp.rules)
 * 1:17638 <-> ENABLED <-> SERVER-ORACLE Secure Backup Administration Server login.php Cookies Command Injection attempt (server-oracle.rules)
 * 1:1764 <-> DISABLED <-> SERVER-WEBAPP Nortel Contivity cgiproc DOS attempt (server-webapp.rules)
 * 1:17648 <-> DISABLED <-> SERVER-IIS source code disclosure attempt (server-iis.rules)
 * 1:1765 <-> DISABLED <-> SERVER-WEBAPP Nortel Contivity cgiproc access (server-webapp.rules)
 * 1:17652 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS source code disclosure attempt (server-iis.rules)
 * 1:17653 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS source code disclosure attempt (server-iis.rules)
 * 1:17656 <-> DISABLED <-> SERVER-APACHE Apache HTTP server mod_rewrite module LDAP scheme handling buffer overflow attempt (server-apache.rules)
 * 1:17659 <-> ENABLED <-> SERVER-ORACLE xdb.dbms_xmlschema buffer overflow attempt (server-oracle.rules)
 * 1:17662 <-> DISABLED <-> OS-SOLARIS Oracle Solaris DHCP Client Arbitrary Code Execution attempt (os-solaris.rules)
 * 1:17705 <-> DISABLED <-> SERVER-IIS web agent chunked encoding overflow attempt (server-iis.rules)
 * 1:17711 <-> ENABLED <-> OS-WINDOWS Microsoft Windows ASF parsing memory corruption attempt (os-windows.rules)
 * 1:1772 <-> DISABLED <-> SERVER-IIS pbserver access (server-iis.rules)
 * 1:17721 <-> ENABLED <-> OS-WINDOWS Microsoft Windows WINS replication inform2 request memory corruption attempt (os-windows.rules)
 * 1:17722 <-> DISABLED <-> SERVER-ORACLE XDB.XDB_PITRIG_PKG buffer overflow attempt (server-oracle.rules)
 * 1:17731 <-> ENABLED <-> OS-WINDOWS Microsoft Windows wpad dynamic update request  (os-windows.rules)
 * 1:1775 <-> DISABLED <-> SERVER-MYSQL root login attempt (server-mysql.rules)
 * 1:17750 <-> DISABLED <-> SERVER-IIS Microsoft IIS 7.5 client verify null pointer attempt (server-iis.rules)
 * 1:1776 <-> DISABLED <-> SERVER-MYSQL show databases attempt (server-mysql.rules)
 * 1:1777 <-> DISABLED <-> PROTOCOL-FTP EXPLOIT STAT * dos attempt (protocol-ftp.rules)
 * 1:1778 <-> DISABLED <-> PROTOCOL-FTP EXPLOIT STAT ? dos attempt (protocol-ftp.rules)
 * 1:1787 <-> DISABLED <-> SERVER-WEBAPP csPassword.cgi access (server-webapp.rules)
 * 1:1788 <-> DISABLED <-> SERVER-WEBAPP csPassword password.cgi.tmp access (server-webapp.rules)
 * 1:17918 <-> DISABLED <-> POLICY-SPAM aaof.onlinelewiss22r.ru known spam email attempt (policy-spam.rules)
 * 1:17919 <-> DISABLED <-> POLICY-SPAM akiq.onlinetommie54y.ru known spam email attempt (policy-spam.rules)
 * 1:17920 <-> DISABLED <-> POLICY-SPAM aobuii.onlinelewiss22r.ru known spam email attempt (policy-spam.rules)
 * 1:17921 <-> DISABLED <-> POLICY-SPAM argue.medrayner44c.ru known spam email attempt (policy-spam.rules)
 * 1:17922 <-> DISABLED <-> POLICY-SPAM ava.refilleldredge89r.ru known spam email attempt (policy-spam.rules)
 * 1:17923 <-> DISABLED <-> POLICY-SPAM axoseb.medicdrugsxck.ru known spam email attempt (policy-spam.rules)
 * 1:17924 <-> DISABLED <-> POLICY-SPAM azo.onlinetommie54y.ru known spam email attempt (policy-spam.rules)
 * 1:17925 <-> DISABLED <-> POLICY-SPAM back.pharmroyce83b.ru known spam email attempt (policy-spam.rules)
 * 1:17926 <-> DISABLED <-> POLICY-SPAM by.pharmroyce83b.ru known spam email attempt (policy-spam.rules)
 * 1:17927 <-> DISABLED <-> POLICY-SPAM cardinals.refilldud86o.ru known spam email attempt (policy-spam.rules)
 * 1:17928 <-> DISABLED <-> POLICY-SPAM chemist.onlineruggiero33q.ru known spam email attempt (policy-spam.rules)
 * 1:17929 <-> DISABLED <-> POLICY-SPAM chula.pharmroyce83b.ru known spam email attempt (policy-spam.rules)
 * 1:17930 <-> DISABLED <-> POLICY-SPAM classification.refillreade47j.ru known spam email attempt (policy-spam.rules)
 * 1:17931 <-> DISABLED <-> POLICY-SPAM compensate.refilldud86o.ru known spam email attempt (policy-spam.rules)
 * 1:17932 <-> DISABLED <-> POLICY-SPAM cswjlxey.ru known spam email attempt (policy-spam.rules)
 * 1:17933 <-> DISABLED <-> POLICY-SPAM current.refillreade47j.ru known spam email attempt (policy-spam.rules)
 * 1:17934 <-> DISABLED <-> POLICY-SPAM cyacaz.pilltodd73p.ru known spam email attempt (policy-spam.rules)
 * 1:17935 <-> DISABLED <-> POLICY-SPAM deepcenter.ru known spam email attempt (policy-spam.rules)
 * 1:17936 <-> DISABLED <-> POLICY-SPAM delegate.refillreade47j.ru known spam email attempt (policy-spam.rules)
 * 1:17937 <-> DISABLED <-> POLICY-SPAM diet.medrayner44c.ru known spam email attempt (policy-spam.rules)
 * 1:17938 <-> DISABLED <-> POLICY-SPAM direct.refillreade47j.ru known spam email attempt (policy-spam.rules)
 * 1:17939 <-> DISABLED <-> POLICY-SPAM divyo.pillking74s.ru known spam email attempt (policy-spam.rules)
 * 1:17940 <-> DISABLED <-> POLICY-SPAM drugsgeorge65g.ru known spam email attempt (policy-spam.rules)
 * 1:17941 <-> DISABLED <-> POLICY-SPAM dux.erectnoll24k.ru known spam email attempt (policy-spam.rules)
 * 1:17942 <-> DISABLED <-> POLICY-SPAM dypoh.erectjefferey85n.ru known spam email attempt (policy-spam.rules)
 * 1:17943 <-> DISABLED <-> POLICY-SPAM eaihar.refilleldredge89r.ru known spam email attempt (policy-spam.rules)
 * 1:17944 <-> DISABLED <-> POLICY-SPAM eeez.onlinehamel83i.ru known spam email attempt (policy-spam.rules)
 * 1:17945 <-> DISABLED <-> POLICY-SPAM egi.refilleldredge89r.ru known spam email attempt (policy-spam.rules)
 * 1:17946 <-> DISABLED <-> POLICY-SPAM ehyw.cumedicdrugsx.ru known spam email attempt (policy-spam.rules)
 * 1:17947 <-> DISABLED <-> POLICY-SPAM eka.onlinehamel83i.ru known spam email attempt (policy-spam.rules)
 * 1:17948 <-> DISABLED <-> POLICY-SPAM election.refillreade47j.ru known spam email attempt (policy-spam.rules)
 * 1:17949 <-> DISABLED <-> POLICY-SPAM elik.drugslevy46b.ru known spam email attempt (policy-spam.rules)
 * 1:17950 <-> DISABLED <-> POLICY-SPAM epeno.onlinelewiss22r.ru known spam email attempt (policy-spam.rules)
 * 1:17951 <-> DISABLED <-> POLICY-SPAM erectgodart30s.ru known spam email attempt (policy-spam.rules)
 * 1:17952 <-> DISABLED <-> POLICY-SPAM erol.camedicdrugsx.ru known spam email attempt (policy-spam.rules)
 * 1:17953 <-> DISABLED <-> POLICY-SPAM exa.drugslevy46b.ru known spam email attempt (policy-spam.rules)
 * 1:17954 <-> DISABLED <-> POLICY-SPAM eyu.onlinehamel83i.ru known spam email attempt (policy-spam.rules)
 * 1:17955 <-> DISABLED <-> POLICY-SPAM fashionchannel.ru known spam email attempt (policy-spam.rules)
 * 1:17956 <-> DISABLED <-> POLICY-SPAM fauxy.pillking74s.ru known spam email attempt (policy-spam.rules)
 * 1:17957 <-> DISABLED <-> POLICY-SPAM food.refillreade47j.ru known spam email attempt (policy-spam.rules)
 * 1:17958 <-> DISABLED <-> POLICY-SPAM generality.onlinehill21q.ru known spam email attempt (policy-spam.rules)
 * 1:17959 <-> DISABLED <-> POLICY-SPAM goyry.ramedicdrugsx.ru known spam email attempt (policy-spam.rules)
 * 1:17960 <-> DISABLED <-> POLICY-SPAM gueepa.erectnoll24k.ru known spam email attempt (policy-spam.rules)
 * 1:17961 <-> DISABLED <-> POLICY-SPAM has.refillreade47j.ru known spam email attempt (policy-spam.rules)
 * 1:17962 <-> DISABLED <-> POLICY-SPAM have.medrayner44c.ru known spam email attempt (policy-spam.rules)
 * 1:17963 <-> DISABLED <-> POLICY-SPAM headtest.ru known spam email attempt (policy-spam.rules)
 * 1:17964 <-> DISABLED <-> POLICY-SPAM huhuh.pilltodd73p.ru known spam email attempt (policy-spam.rules)
 * 1:17965 <-> DISABLED <-> POLICY-SPAM hyem.pilltodd73p.ru known spam email attempt (policy-spam.rules)
 * 1:17966 <-> DISABLED <-> POLICY-SPAM icysa.refilleldredge89r.ru known spam email attempt (policy-spam.rules)
 * 1:17967 <-> DISABLED <-> POLICY-SPAM iiy.refilleldredge89r.ru known spam email attempt (policy-spam.rules)
 * 1:17968 <-> DISABLED <-> POLICY-SPAM iki.onlinetommie54y.ru known spam email attempt (policy-spam.rules)
 * 1:17969 <-> DISABLED <-> POLICY-SPAM iner.medicdrugsxdl.ru known spam email attempt (policy-spam.rules)
 * 1:17970 <-> DISABLED <-> POLICY-SPAM in.onlinehill21q.ru known spam email attempt (policy-spam.rules)
 * 1:17971 <-> DISABLED <-> POLICY-SPAM intelpost.ru known spam email attempt (policy-spam.rules)
 * 1:17972 <-> DISABLED <-> POLICY-SPAM inunuw.medicdrugsxpo.ru known spam email attempt (policy-spam.rules)
 * 1:17973 <-> DISABLED <-> POLICY-SPAM ipiig.drugslevy46b.ru known spam email attempt (policy-spam.rules)
 * 1:17974 <-> DISABLED <-> POLICY-SPAM iqor.pilltodd73p.ru known spam email attempt (policy-spam.rules)
 * 1:17975 <-> DISABLED <-> POLICY-SPAM is.medrayner44c.ru known spam email attempt (policy-spam.rules)
 * 1:17976 <-> DISABLED <-> POLICY-SPAM itaca.erectnoll24k.ru known spam email attempt (policy-spam.rules)
 * 1:17977 <-> DISABLED <-> POLICY-SPAM ive.pilltodd73p.ru known spam email attempt (policy-spam.rules)
 * 1:17978 <-> DISABLED <-> POLICY-SPAM iweqyz.erectjefferey85n.ru known spam email attempt (policy-spam.rules)
 * 1:17979 <-> DISABLED <-> POLICY-SPAM iycyde.medicdrugsxco.ru known spam email attempt (policy-spam.rules)
 * 1:17980 <-> DISABLED <-> POLICY-SPAM iyw.refilleldredge89r.ru known spam email attempt (policy-spam.rules)
 * 1:17981 <-> DISABLED <-> POLICY-SPAM jaecoh.erectnoll24k.ru known spam email attempt (policy-spam.rules)
 * 1:17982 <-> DISABLED <-> POLICY-SPAM jael.pillking74s.ru known spam email attempt (policy-spam.rules)
 * 1:17983 <-> DISABLED <-> POLICY-SPAM jex.remedicdrugsx.ru known spam email attempt (policy-spam.rules)
 * 1:17984 <-> DISABLED <-> POLICY-SPAM john.onlinehill21q.ru known spam email attempt (policy-spam.rules)
 * 1:17985 <-> DISABLED <-> POLICY-SPAM joseph.refillreade47j.ru known spam email attempt (policy-spam.rules)
 * 1:17986 <-> DISABLED <-> POLICY-SPAM jyn.medicdrugsxdl.ru known spam email attempt (policy-spam.rules)
 * 1:17987 <-> DISABLED <-> POLICY-SPAM jyzyv.refilleldredge89r.ru known spam email attempt (policy-spam.rules)
 * 1:17988 <-> DISABLED <-> POLICY-SPAM koosaf.erectnoll24k.ru known spam email attempt (policy-spam.rules)
 * 1:17989 <-> DISABLED <-> POLICY-SPAM lybah.pilltodd73p.ru known spam email attempt (policy-spam.rules)
 * 1:17990 <-> DISABLED <-> POLICY-SPAM manila.onlinephilbert42f.ru known spam email attempt (policy-spam.rules)
 * 1:17991 <-> DISABLED <-> POLICY-SPAM masa.erectjefferey85n.ru known spam email attempt (policy-spam.rules)
 * 1:17992 <-> DISABLED <-> POLICY-SPAM medpenny17j.ru known spam email attempt (policy-spam.rules)
 * 1:17993 <-> DISABLED <-> POLICY-SPAM minionspre.ru known spam email attempt (policy-spam.rules)
 * 1:17994 <-> DISABLED <-> POLICY-SPAM nazuwu.onlinelewiss22r.ru known spam email attempt (policy-spam.rules)
 * 1:17995 <-> DISABLED <-> POLICY-SPAM negotiations.refilldud86o.ru known spam email attempt (policy-spam.rules)
 * 1:17996 <-> DISABLED <-> POLICY-SPAM niqiv.erectjefferey85n.ru known spam email attempt (policy-spam.rules)
 * 1:17997 <-> DISABLED <-> POLICY-SPAM odimys.medicdrugsxlb.ru known spam email attempt (policy-spam.rules)
 * 1:17998 <-> DISABLED <-> POLICY-SPAM odoog.onlinelewiss22r.ru known spam email attempt (policy-spam.rules)
 * 1:17999 <-> DISABLED <-> POLICY-SPAM oekaka.aimedicdrugsx.ru known spam email attempt (policy-spam.rules)
 * 1:18000 <-> DISABLED <-> POLICY-SPAM oeqio.erectnoll24k.ru known spam email attempt (policy-spam.rules)
 * 1:18001 <-> DISABLED <-> POLICY-SPAM of.onlinephilbert42f.ru known spam email attempt (policy-spam.rules)
 * 1:18002 <-> DISABLED <-> POLICY-SPAM of.refilldud86o.ru known spam email attempt (policy-spam.rules)
 * 1:18003 <-> DISABLED <-> POLICY-SPAM of.refillreade47j.ru known spam email attempt (policy-spam.rules)
 * 1:18004 <-> DISABLED <-> POLICY-SPAM oipek.onlinehamel83i.ru known spam email attempt (policy-spam.rules)
 * 1:18005 <-> DISABLED <-> POLICY-SPAM oji.medicdrugsxto.ru known spam email attempt (policy-spam.rules)
 * 1:18006 <-> DISABLED <-> POLICY-SPAM onotye.onlinelewiss22r.ru known spam email attempt (policy-spam.rules)
 * 1:18007 <-> DISABLED <-> POLICY-SPAM opy.erectjefferey85n.ru known spam email attempt (policy-spam.rules)
 * 1:18008 <-> DISABLED <-> POLICY-SPAM orderbuzz.ru known spam email attempt (policy-spam.rules)
 * 1:18009 <-> DISABLED <-> POLICY-SPAM ouu.almedicdrugsx.ru known spam email attempt (policy-spam.rules)
 * 1:18010 <-> DISABLED <-> POLICY-SPAM oxuc.pillking74s.ru known spam email attempt (policy-spam.rules)
 * 1:18011 <-> DISABLED <-> POLICY-SPAM pillrolfe64l.ru known spam email attempt (policy-spam.rules)
 * 1:18012 <-> DISABLED <-> POLICY-SPAM recently.refilldud86o.ru known spam email attempt (policy-spam.rules)
 * 1:18013 <-> DISABLED <-> POLICY-SPAM records.onlinephilbert42f.ru known spam email attempt (policy-spam.rules)
 * 1:18014 <-> DISABLED <-> POLICY-SPAM reobaj.onlinehamel83i.ru known spam email attempt (policy-spam.rules)
 * 1:18015 <-> DISABLED <-> POLICY-SPAM research.onlinehill21q.ru known spam email attempt (policy-spam.rules)
 * 1:18016 <-> DISABLED <-> POLICY-SPAM returning.refillreade47j.ru known spam email attempt (policy-spam.rules)
 * 1:18017 <-> DISABLED <-> POLICY-SPAM right.refillreade47j.ru known spam email attempt (policy-spam.rules)
 * 1:18018 <-> DISABLED <-> POLICY-SPAM riwaro.erectjefferey85n.ru known spam email attempt (policy-spam.rules)
 * 1:18019 <-> DISABLED <-> POLICY-SPAM ruuav.erectnoll24k.ru known spam email attempt (policy-spam.rules)
 * 1:1802 <-> DISABLED <-> SERVER-IIS .asa HTTP header buffer overflow attempt (server-iis.rules)
 * 1:18020 <-> DISABLED <-> POLICY-SPAM ryhux.medicdrugsxpa.ru known spam email attempt (policy-spam.rules)
 * 1:18021 <-> DISABLED <-> POLICY-SPAM software-buyshop-7.ru known spam email attempt (policy-spam.rules)
 * 1:18022 <-> DISABLED <-> POLICY-SPAM specialyou.ru known spam email attempt (policy-spam.rules)
 * 1:18023 <-> DISABLED <-> POLICY-SPAM starring.pharmroyce83b.ru known spam email attempt (policy-spam.rules)
 * 1:18024 <-> DISABLED <-> POLICY-SPAM store-softwarebuy-7.ru known spam email attempt (policy-spam.rules)
 * 1:18025 <-> DISABLED <-> POLICY-SPAM sya.onlinehamel83i.ru known spam email attempt (policy-spam.rules)
 * 1:18026 <-> DISABLED <-> POLICY-SPAM tabdarin80s.ru known spam email attempt (policy-spam.rules)
 * 1:18027 <-> DISABLED <-> POLICY-SPAM tabgordan13n.ru known spam email attempt (policy-spam.rules)
 * 1:18028 <-> DISABLED <-> POLICY-SPAM tablangston19a.ru known spam email attempt (policy-spam.rules)
 * 1:18029 <-> DISABLED <-> POLICY-SPAM tabwebster77c.ru known spam email attempt (policy-spam.rules)
 * 1:1803 <-> DISABLED <-> SERVER-IIS .cer HTTP header buffer overflow attempt (server-iis.rules)
 * 1:18030 <-> DISABLED <-> POLICY-SPAM tanuen.dimedicdrugsx.ru known spam email attempt (policy-spam.rules)
 * 1:18031 <-> DISABLED <-> POLICY-SPAM the.onlinehill21q.ru known spam email attempt (policy-spam.rules)
 * 1:18032 <-> DISABLED <-> POLICY-SPAM the.onlineruggiero33q.ru known spam email attempt (policy-spam.rules)
 * 1:18033 <-> DISABLED <-> POLICY-SPAM to.medrayner44c.ru known spam email attempt (policy-spam.rules)
 * 1:18034 <-> DISABLED <-> POLICY-SPAM trails.pharmroyce83b.ru known spam email attempt (policy-spam.rules)
 * 1:18035 <-> DISABLED <-> POLICY-SPAM trusting-me.ru known spam email attempt (policy-spam.rules)
 * 1:18036 <-> DISABLED <-> POLICY-SPAM twodays.ru known spam email attempt (policy-spam.rules)
 * 1:18037 <-> DISABLED <-> POLICY-SPAM tyqaja.pilltodd73p.ru known spam email attempt (policy-spam.rules)
 * 1:18038 <-> DISABLED <-> POLICY-SPAM uboi.onlinehamel83i.ru known spam email attempt (policy-spam.rules)
 * 1:18039 <-> DISABLED <-> POLICY-SPAM uf.drugslevy46b.ru known spam email attempt (policy-spam.rules)
 * 1:1804 <-> DISABLED <-> SERVER-IIS .cdx HTTP header buffer overflow attempt (server-iis.rules)
 * 1:18040 <-> DISABLED <-> POLICY-SPAM uielij.pillking74s.ru known spam email attempt (policy-spam.rules)
 * 1:18041 <-> DISABLED <-> POLICY-SPAM unasu.medicdrugsxto.ru known spam email attempt (policy-spam.rules)
 * 1:18042 <-> DISABLED <-> POLICY-SPAM upazo.pilltodd73p.ru known spam email attempt (policy-spam.rules)
 * 1:18043 <-> DISABLED <-> POLICY-SPAM utuqaj.pillking74s.ru known spam email attempt (policy-spam.rules)
 * 1:18044 <-> DISABLED <-> POLICY-SPAM uuji.refilleldredge89r.ru known spam email attempt (policy-spam.rules)
 * 1:18045 <-> DISABLED <-> POLICY-SPAM variation.refilldud86o.ru known spam email attempt (policy-spam.rules)
 * 1:18046 <-> DISABLED <-> POLICY-SPAM via.refillreade47j.ru known spam email attempt (policy-spam.rules)
 * 1:18047 <-> DISABLED <-> POLICY-SPAM voiceless.pharmroyce83b.ru known spam email attempt (policy-spam.rules)
 * 1:18048 <-> DISABLED <-> POLICY-SPAM was.medrayner44c.ru known spam email attempt (policy-spam.rules)
 * 1:18049 <-> DISABLED <-> POLICY-SPAM word.onlinephilbert42f.ru known spam email attempt (policy-spam.rules)
 * 1:1805 <-> DISABLED <-> SERVER-WEBAPP Oracle reports CGI access (server-webapp.rules)
 * 1:18050 <-> DISABLED <-> POLICY-SPAM world.onlinehill21q.ru known spam email attempt (policy-spam.rules)
 * 1:18051 <-> DISABLED <-> POLICY-SPAM www.buhni.ru known spam email attempt (policy-spam.rules)
 * 1:18052 <-> DISABLED <-> POLICY-SPAM www.visitcover.ru known spam email attempt (policy-spam.rules)
 * 1:18053 <-> DISABLED <-> POLICY-SPAM xob.erectnoll24k.ru known spam email attempt (policy-spam.rules)
 * 1:18054 <-> DISABLED <-> POLICY-SPAM ygy.onlinetommie54y.ru known spam email attempt (policy-spam.rules)
 * 1:18055 <-> DISABLED <-> POLICY-SPAM yit.medicdrugsxor.ru known spam email attempt (policy-spam.rules)
 * 1:18056 <-> DISABLED <-> POLICY-SPAM ylum.onlinelewiss22r.ru known spam email attempt (policy-spam.rules)
 * 1:18057 <-> DISABLED <-> POLICY-SPAM ymyuto.onlinelewiss22r.ru known spam email attempt (policy-spam.rules)
 * 1:18058 <-> DISABLED <-> POLICY-SPAM yomy.pillking74s.ru known spam email attempt (policy-spam.rules)
 * 1:18059 <-> DISABLED <-> POLICY-SPAM yzugez.pillking74s.ru known spam email attempt (policy-spam.rules)
 * 1:1806 <-> DISABLED <-> SERVER-IIS .htr chunked Transfer-Encoding (server-iis.rules)
 * 1:18060 <-> DISABLED <-> POLICY-SPAM zeroprices.ru known spam email attempt (policy-spam.rules)
 * 1:18061 <-> DISABLED <-> POLICY-SPAM zueuz.onlinehamel83i.ru known spam email attempt (policy-spam.rules)
 * 1:18074 <-> ENABLED <-> OS-WINDOWS Microsoft Windows Forefront UAG URL XSS attempt (os-windows.rules)
 * 1:1809 <-> DISABLED <-> SERVER-APACHE Apache Chunked-Encoding worm attempt (server-apache.rules)
 * 1:18096 <-> DISABLED <-> SERVER-APACHE Apache Tomcat username enumeration attempt (server-apache.rules)
 * 1:1817 <-> DISABLED <-> SERVER-IIS MS Site Server default login attempt (server-iis.rules)
 * 1:1818 <-> DISABLED <-> SERVER-IIS MS Site Server admin attempt (server-iis.rules)
 * 1:18202 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Address Book smmscrpt.dll malicious DLL load (os-windows.rules)
 * 1:18203 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Address Book smmscrpt.dll malicious DLL load (os-windows.rules)
 * 1:18204 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Address Book wab32res.dll dll-load exploit attempt (os-windows.rules)
 * 1:18205 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Address Book msoeres32.dll dll-load exploit attempt (os-windows.rules)
 * 1:18206 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Address Book wab32res.dll dll-load exploit attempt (os-windows.rules)
 * 1:18207 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Address Book msoeres32.dll dll-load exploit attempt (os-windows.rules)
 * 1:18208 <-> DISABLED <-> OS-WINDOWS Microsoft Windows wininet peerdist.dll dll-load exploit attempt (os-windows.rules)
 * 1:18209 <-> DISABLED <-> OS-WINDOWS Microsoft Windows wininet peerdist.dll dll-load exploit attempt (os-windows.rules)
 * 1:1822 <-> DISABLED <-> SERVER-WEBAPP alienform.cgi directory traversal attempt (server-webapp.rules)
 * 1:18222 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder wmerrorenu.dll dll-load exploit attempt (os-windows.rules)
 * 1:18223 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder winietenu.dll dll-load exploit attempt (os-windows.rules)
 * 1:18224 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder asferrorenu.dll dll-load exploit attempt (os-windows.rules)
 * 1:18225 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder wmerrorenu.dll dll-load exploit attempt (os-windows.rules)
 * 1:18226 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder winietenu.dll dll-load exploit attempt (os-windows.rules)
 * 1:18227 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder asferrorenu.dll dll-load exploit attempt (os-windows.rules)
 * 1:1823 <-> DISABLED <-> SERVER-WEBAPP AlienForm af.cgi directory traversal attempt (server-webapp.rules)
 * 1:1824 <-> DISABLED <-> SERVER-WEBAPP alienform.cgi access (server-webapp.rules)
 * 1:18243 <-> ENABLED <-> SERVER-IIS Microsoft Windows 7 IIS7.5 FTPSVC buffer overflow attempt (server-iis.rules)
 * 1:18246 <-> ENABLED <-> OS-WINDOWS Microsoft Windows Fax Services Cover Page Editor overflow attempt (os-windows.rules)
 * 1:1825 <-> DISABLED <-> SERVER-WEBAPP AlienForm af.cgi access (server-webapp.rules)
 * 1:1827 <-> DISABLED <-> SERVER-APACHE Apache Tomcat servlet mapping cross site scripting attempt (server-apache.rules)
 * 1:18277 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Vista Backup Tool fveapi.dll dll-load exploit attempt (os-windows.rules)
 * 1:18278 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Vista Backup Tool fveapi.dll dll-load exploit attempt (os-windows.rules)
 * 1:18283 <-> DISABLED <-> SERVER-APACHE Oracle WebLogic Apache Connector buffer overflow attempt (server-apache.rules)
 * 1:1829 <-> DISABLED <-> SERVER-APACHE Apache Tomcat TroubleShooter servlet access (server-apache.rules)
 * 1:18297 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Comctl32.dll third-party SVG viewer heap overflow attempt (os-windows.rules)
 * 1:1830 <-> DISABLED <-> SERVER-APACHE Apache Tomcat SnoopServlet servlet access (server-apache.rules)
 * 1:18320 <-> DISABLED <-> OS-WINDOWS Microsoft Windows WINS association context validation overflow attempt (os-windows.rules)
 * 1:18326 <-> DISABLED <-> PROTOCOL-FTP ProFTPD mod_site_misc module directory traversal attempt (protocol-ftp.rules)
 * 1:18335 <-> DISABLED <-> OS-WINDOWS Microsoft Windows MHTML XSS attempt (os-windows.rules)
 * 1:18396 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Hypervisor DOS vfd download attempt (os-windows.rules)
 * 1:18462 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 2003 browser election remote heap overflow attempt (os-windows.rules)
 * 1:18464 <-> ENABLED <-> SERVER-WEBAPP Adobe ColdFusion locale directory traversal attempt (server-webapp.rules)
 * 1:18496 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Player and shell extension ehtrace.dll dll-load exploit attempt (os-windows.rules)
 * 1:18497 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Player and shell extension ehtrace.dll dll-load exploit attempt (os-windows.rules)
 * 1:1850 <-> DISABLED <-> SERVER-WEBAPP way-board.cgi access (server-webapp.rules)
 * 1:18513 <-> DISABLED <-> SERVER-MYSQL yaSSL SSL Hello Message Buffer Overflow attempt (server-mysql.rules)
 * 1:1854 <-> DISABLED <-> PROTOCOL-ICMP Stacheldraht handler->agent niggahbitch (protocol-icmp.rules)
 * 1:1855 <-> DISABLED <-> PROTOCOL-ICMP Stacheldraht agent->handler skillz (protocol-icmp.rules)
 * 1:1856 <-> DISABLED <-> PROTOCOL-ICMP Stacheldraht handler->agent ficken (protocol-icmp.rules)
 * 1:18575 <-> DISABLED <-> PROTOCOL-FTP Computer Associates eTrust Secure Content Manager LIST stack overflow attempt (protocol-ftp.rules)
 * 1:18588 <-> DISABLED <-> PROTOCOL-FTP Ipswitch Ws_ftp XCRC overflow attempt (protocol-ftp.rules)
 * 1:1862 <-> DISABLED <-> SERVER-WEBAPP mrtg.cgi directory traversal attempt (server-webapp.rules)
 * 1:1864 <-> DISABLED <-> PROTOCOL-FTP SITE NEWER attempt (protocol-ftp.rules)
 * 1:1865 <-> DISABLED <-> SERVER-WEBAPP webdist.cgi arbitrary command attempt (server-webapp.rules)
 * 1:18655 <-> DISABLED <-> OS-WINDOWS Microsoft Windows LLMNR invalid reverse name lookup stack corruption attempt  (os-windows.rules)
 * 1:1868 <-> DISABLED <-> SERVER-WEBAPP story.pl arbitrary file read attempt (server-webapp.rules)
 * 1:1869 <-> DISABLED <-> SERVER-WEBAPP story.pl access (server-webapp.rules)
 * 1:18691 <-> ENABLED <-> OS-WINDOWS Microsoft Windows AFD.SYS null write attempt (os-windows.rules)
 * 1:1870 <-> DISABLED <-> SERVER-WEBAPP siteUserMod.cgi access (server-webapp.rules)
 * 1:1875 <-> DISABLED <-> SERVER-WEBAPP cgicso access (server-webapp.rules)
 * 1:1876 <-> DISABLED <-> SERVER-WEBAPP nph-publish.cgi access (server-webapp.rules)
 * 1:18761 <-> ENABLED <-> SERVER-WEBAPP Majordomo2 http directory traversal attempt (server-webapp.rules)
 * 1:18764 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager nnmRptConfig.exe multiple parameters buffer overflow attempt (server-webapp.rules)
 * 1:1877 <-> DISABLED <-> SERVER-WEBAPP printenv access (server-webapp.rules)
 * 1:1878 <-> DISABLED <-> SERVER-WEBAPP sdbsearch.cgi access (server-webapp.rules)
 * 1:1879 <-> DISABLED <-> SERVER-WEBAPP book.cgi arbitrary command execution attempt (server-webapp.rules)
 * 1:18929 <-> DISABLED <-> SERVER-ORACLE Oracle Secure Backup Administration objectname variable command injection attempt (server-oracle.rules)
 * 1:18931 <-> ENABLED <-> SERVER-APACHE Apache Struts OGNL parameter interception bypass command execution attempt (server-apache.rules)
 * 1:18950 <-> DISABLED <-> OS-WINDOWS Microsoft WINS service oversize payload exploit attempt (os-windows.rules)
 * 1:18955 <-> DISABLED <-> SERVER-WEBAPP Symantec IM Manager LoggedInUsers.lgx definition file multiple SQL injections attempt (server-webapp.rules)
 * 1:18956 <-> DISABLED <-> SERVER-WEBAPP Symantec IM Manager LoggedInUsers.lgx definition file multiple SQL injections attempt (server-webapp.rules)
 * 1:18960 <-> DISABLED <-> SERVER-WEBAPP Novell GroupWise agents HTTP request remote code execution attempt (server-webapp.rules)
 * 1:18961 <-> DISABLED <-> OS-WINDOWS Microsoft Windows MSXML2 ActiveX malformed HTTP response (os-windows.rules)
 * 1:18962 <-> DISABLED <-> OS-WINDOWS Microsoft Windows MSXML2 ActiveX malformed HTTP response (os-windows.rules)
 * 1:18972 <-> DISABLED <-> SERVER-ORACLE Oracle Secure Backup Administration selector variable command injection attempt (server-oracle.rules)
 * 1:18994 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 2003 browser election remote heap overflow attempt (os-windows.rules)
 * 1:18996 <-> ENABLED <-> SERVER-ORACLE DBMS_JAVA.SET_OUTPUT_TO_JAVA privilege escalation attempt (server-oracle.rules)
 * 1:19000 <-> DISABLED <-> SERVER-MYSQL Database CASE NULL argument denial of service attempt (server-mysql.rules)
 * 1:19001 <-> DISABLED <-> SERVER-MYSQL IN NULL argument denial of service attempt (server-mysql.rules)
 * 1:19015 <-> DISABLED <-> POLICY-SPAM visiopharm-3d.eu known spam email attempt (policy-spam.rules)
 * 1:19047 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - RCleanT (blacklist.rules)
 * 1:19061 <-> DISABLED <-> PUA-ADWARE Adware.Win32.Cashtitan contact to server attempt (pua-adware.rules)
 * 1:19093 <-> DISABLED <-> SERVER-MYSQL Database unique set column denial of service attempt (server-mysql.rules)
 * 1:19094 <-> DISABLED <-> SERVER-MYSQL Database unique set column denial of service attempt (server-mysql.rules)
 * 1:19107 <-> DISABLED <-> SERVER-APACHE Apache mod_isapi dangling pointer code execution attempt (server-apache.rules)
 * 1:19119 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ATMFD font driver remote code execution attempt (os-windows.rules)
 * 1:19122 <-> DISABLED <-> POLICY-SPAM appledownload.com known spam email attempt (policy-spam.rules)
 * 1:19124 <-> ENABLED <-> SERVER-APACHE Apache mod_isapi dangling pointer exploit attempt (server-apache.rules)
 * 1:19162 <-> DISABLED <-> SERVER-ORACLE get_domain_index_metadata privilege escalation attempt (server-oracle.rules)
 * 1:19163 <-> DISABLED <-> SERVER-ORACLE get_v2_domain_index_tables privilege escalation attempt (server-oracle.rules)
 * 1:19174 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Vista feed headlines cross-site scripting attack attempt (os-windows.rules)
 * 1:1918 <-> DISABLED <-> PROTOCOL-ICMP SolarWinds IP scan attempt (protocol-icmp.rules)
 * 1:19183 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS FastCGI request header buffer overflow attempt (server-iis.rules)
 * 1:19184 <-> DISABLED <-> OS-WINDOWS Microsoft Windows OLEAUT32.DLL malicious WMF file remote code execution attempt (os-windows.rules)
 * 1:19185 <-> ENABLED <-> OS-WINDOWS Microsoft Windows .NET ArraySegment escape exploit attempt (os-windows.rules)
 * 1:19188 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (os-windows.rules)
 * 1:19192 <-> ENABLED <-> SERVER-IIS Microsoft Windows IIS stack exhaustion DoS attempt (server-iis.rules)
 * 1:19196 <-> ENABLED <-> OS-WINDOWS Microsoft Windows ATMFD Adobe font driver remote code execution attempt (os-windows.rules)
 * 1:1927 <-> DISABLED <-> PROTOCOL-FTP authorized_keys (protocol-ftp.rules)
 * 1:1928 <-> DISABLED <-> PROTOCOL-FTP shadow retrieval attempt (protocol-ftp.rules)
 * 1:1931 <-> DISABLED <-> SERVER-WEBAPP rpc-nlog.pl access (server-webapp.rules)
 * 1:19311 <-> DISABLED <-> PUA-ADWARE Keylogger aspy v2.12 runtime detection (pua-adware.rules)
 * 1:1932 <-> DISABLED <-> SERVER-WEBAPP rpc-smb.pl access (server-webapp.rules)
 * 1:1933 <-> DISABLED <-> SERVER-WEBAPP cart.cgi access (server-webapp.rules)
 * 1:19460 <-> ENABLED <-> OS-WINDOWS Microsoft Windows CSRSS multiple consoles on a single process attempt (os-windows.rules)
 * 1:19462 <-> ENABLED <-> OS-WINDOWS Microsoft Windows CSRSS negative array index code execution attempt (os-windows.rules)
 * 1:19463 <-> ENABLED <-> OS-WINDOWS Microsoft Windows CSRSS double free attempt (os-windows.rules)
 * 1:19485 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - RAV1 (blacklist.rules)
 * 1:19559 <-> DISABLED <-> SCAN SSH brute force login attempt (scan.rules)
 * 1:19570 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - ie 11.0 sp6 (blacklist.rules)
 * 1:19599 <-> DISABLED <-> SERVER-ORACLE Warehouse builder WE_OLAP_AW_REMOVE_SOLVE_ID SQL Injection attempt (server-oracle.rules)
 * 1:19600 <-> DISABLED <-> SERVER-ORACLE Warehouse builder WE_OLAP_AW_SET_SOLVE_ID SQL Injection attempt (server-oracle.rules)
 * 1:19605 <-> DISABLED <-> SERVER-ORACLE Glass Fish Server malformed username cross site scripting attempt (server-oracle.rules)
 * 1:19665 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Remote Desktop web access cross-site scripting attempt (os-windows.rules)
 * 1:19694 <-> ENABLED <-> SERVER-WEBAPP Microsoft Windows .NET Chart Control directory traversal attempt (server-webapp.rules)
 * 1:1970 <-> DISABLED <-> SERVER-IIS MDAC Content-Type overflow attempt (server-iis.rules)
 * 1:19709 <-> ENABLED <-> SERVER-APACHE Apache APR apr_fn match infinite loop denial of service attempt (server-apache.rules)
 * 1:19786 <-> DISABLED <-> BLACKLIST User-Agent known malicious user agent - Mozilla (blacklist.rules)
 * 1:19825 <-> DISABLED <-> SERVER-APACHE Apache Killer denial of service tool exploit attempt (server-apache.rules)
 * 1:19848 <-> DISABLED <-> PUA-ADWARE Adware.Virtumonde runtime detection (pua-adware.rules)
 * 1:19849 <-> DISABLED <-> PUA-ADWARE Adware.Virtumonde runtime detection (pua-adware.rules)
 * 1:19896 <-> DISABLED <-> PUA-ADWARE Adware.Win32.Frosty Goes Skiing Screen Saver 2.2 Install Detection (pua-adware.rules)
 * 1:1992 <-> DISABLED <-> PROTOCOL-FTP LIST directory traversal attempt (protocol-ftp.rules)
 * 1:1994 <-> DISABLED <-> SERVER-WEBAPP vpasswd.cgi access (server-webapp.rules)
 * 1:1995 <-> DISABLED <-> SERVER-WEBAPP alya.cgi access (server-webapp.rules)
 * 1:1996 <-> DISABLED <-> SERVER-WEBAPP viralator.cgi access (server-webapp.rules)
 * 1:2001 <-> DISABLED <-> SERVER-WEBAPP smartsearch.cgi access (server-webapp.rules)
 * 1:20041 <-> DISABLED <-> PUA-ADWARE Adware.BB outbound connection (pua-adware.rules)
 * 1:20053 <-> DISABLED <-> SERVER-MYSQL Database SELECT subquery denial of service attempt (server-mysql.rules)
 * 1:20073 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (os-windows.rules)
 * 1:20100 <-> DISABLED <-> PUA-ADWARE Adware Arcade Web - installation/update (pua-adware.rules)
 * 1:20101 <-> DISABLED <-> PUA-ADWARE Adware Arcade Web - User-Agent (pua-adware.rules)
 * 1:20102 <-> DISABLED <-> PUA-ADWARE Adware Arcade Web - X-Arcadeweb header (pua-adware.rules)
 * 1:20103 <-> DISABLED <-> PUA-ADWARE Adware playsushi - User-Agent (pua-adware.rules)
 * 1:20118 <-> DISABLED <-> OS-WINDOWS Microsoft Windows shell extensions deskpan.dll dll-load exploit attempt (os-windows.rules)
 * 1:20119 <-> DISABLED <-> OS-WINDOWS Microsoft Windows shell extensions deskpan.dll dll-load exploit attempt (os-windows.rules)
 * 1:20120 <-> DISABLED <-> OS-WINDOWS Microsoft Windows WINS internal communications on network exploit attempt (os-windows.rules)
 * 1:20143 <-> DISABLED <-> PUA-ADWARE Adware mightymagoo/playpickle/livingplay - User-Agent (pua-adware.rules)
 * 1:20157 <-> DISABLED <-> SERVER-ORACLE Oracle GlassFish Server war file upload attempt (server-oracle.rules)
 * 1:20220 <-> DISABLED <-> PUA-ADWARE Adware.Wizpop outbound connection (pua-adware.rules)
 * 1:2051 <-> DISABLED <-> SERVER-WEBAPP cached_feed.cgi moreover shopping cart access (server-webapp.rules)
 * 1:2052 <-> DISABLED <-> SERVER-WEBAPP overflow.cgi access (server-webapp.rules)
 * 1:20528 <-> DISABLED <-> SERVER-APACHE Apache mod_proxy reverse proxy information disclosure attempt (server-apache.rules)
 * 1:2053 <-> DISABLED <-> SERVER-WEBAPP process_bug.cgi access (server-webapp.rules)
 * 1:2054 <-> DISABLED <-> SERVER-WEBAPP enter_bug.cgi arbitrary command attempt (server-webapp.rules)
 * 1:20543 <-> DISABLED <-> OS-WINDOWS Microsoft Windows IppRateLimitIcmp integer overflow exploit attempt (os-windows.rules)
 * 1:2055 <-> DISABLED <-> SERVER-WEBAPP enter_bug.cgi access (server-webapp.rules)
 * 1:20594 <-> DISABLED <-> SERVER-ORACLE Outside In CorelDRAW file parser integer overflow attempt (server-oracle.rules)
 * 1:20603 <-> DISABLED <-> OS-WINDOWS Microsoft Windows RSH daemon buffer overflow (os-windows.rules)
 * 1:2061 <-> DISABLED <-> SERVER-APACHE Apache Tomcat null byte directory listing attempt (server-apache.rules)
 * 1:20612 <-> DISABLED <-> SERVER-APACHE Apache Tomcat Java AJP connector invalid header timeout DOS attempt (server-apache.rules)
 * 1:20664 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS UNC mapped virtual host file source code access attempt (server-iis.rules)
 * 1:20665 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS UNC mapped virtual host file source code access attempt (server-iis.rules)
 * 1:20671 <-> ENABLED <-> OS-WINDOWS Microsoft Windows Active Directory Crafted LDAP ModifyRequest (os-windows.rules)
 * 1:20675 <-> DISABLED <-> SERVER-IIS Microsoft Active Directory Federation Services code execution attempt (server-iis.rules)
 * 1:20725 <-> DISABLED <-> OS-SOLARIS Oracle Solaris in.rwhod hostname denial of service attempt (os-solaris.rules)
 * 1:20744 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Player DirectShow MPEG-2 memory corruption attempt (os-windows.rules)
 * 1:20820 <-> DISABLED <-> FILE-OTHER Oracle Java JNLP parameter argument injection attempt (file-other.rules)
 * 1:20821 <-> DISABLED <-> SERVER-APACHE Apache APR header memory corruption attempt (server-apache.rules)
 * 1:20828 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS aspx login ReturnURL arbitrary redirect attempt (server-iis.rules)
 * 1:20829 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS .NET null character username truncation attempt (server-iis.rules)
 * 1:2085 <-> DISABLED <-> SERVER-WEBAPP parse_xml.cgi access (server-webapp.rules)
 * 1:2086 <-> DISABLED <-> SERVER-WEBAPP streaming server parse_xml.cgi access (server-webapp.rules)
 * 1:20878 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Embedded Package Object packager.exe file load exploit attempt (os-windows.rules)
 * 1:20879 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Embedded Package Object packager.exe file load exploit attempt (os-windows.rules)
 * 1:2090 <-> DISABLED <-> SERVER-IIS WEBDAV exploit attempt (server-iis.rules)
 * 1:2091 <-> ENABLED <-> SERVER-IIS WEBDAV nessus safe scan attempt (server-iis.rules)
 * 1:21072 <-> ENABLED <-> SERVER-APACHE Apache Struts remote code execution attempt - ExceptionDelegator (server-apache.rules)
 * 1:21073 <-> ENABLED <-> SERVER-APACHE Apache Struts remote code execution attempt - ExceptionDelegator alternate (server-apache.rules)
 * 1:21074 <-> ENABLED <-> SERVER-APACHE Apache Struts remote code execution attempt - CookieInterceptor (server-apache.rules)
 * 1:21075 <-> ENABLED <-> SERVER-APACHE Apache Struts remote code execution attempt - DebuggingInterceptor (server-apache.rules)
 * 1:21088 <-> DISABLED <-> OS-WINDOWS Microsoft Windows remote desktop denial of service attempt (os-windows.rules)
 * 1:21089 <-> DISABLED <-> OS-WINDOWS Microsoft Windows remote desktop oversized cookie attempt (os-windows.rules)
 * 1:2115 <-> DISABLED <-> SERVER-WEBAPP album.pl access (server-webapp.rules)
 * 1:2116 <-> DISABLED <-> SERVER-WEBAPP chipcfg.cgi access (server-webapp.rules)
 * 1:21161 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS5 NTLM and basic authentication bypass attempt (server-iis.rules)
 * 1:2117 <-> DISABLED <-> SERVER-IIS Battleaxe Forum login.asp access (server-iis.rules)
 * 1:21186 <-> DISABLED <-> SERVER-ORACLE MDSYS drop table trigger injection attempt (server-oracle.rules)
 * 1:21214 <-> DISABLED <-> SERVER-APACHE Apache server mod_proxy reverse proxy bypass attempt (server-apache.rules)
 * 1:2125 <-> DISABLED <-> PROTOCOL-FTP CWD Root directory transversal attempt (protocol-ftp.rules)
 * 1:21260 <-> DISABLED <-> SERVER-APACHE Apache Byte-Range Filter denial of service attempt (server-apache.rules)
 * 1:2127 <-> DISABLED <-> SERVER-WEBAPP ikonboard.cgi access (server-webapp.rules)
 * 1:2128 <-> DISABLED <-> SERVER-WEBAPP swsrv.cgi access (server-webapp.rules)
 * 1:21281 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (os-windows.rules)
 * 1:2129 <-> DISABLED <-> SERVER-IIS nsiislog.dll access (server-iis.rules)
 * 1:2130 <-> DISABLED <-> SERVER-IIS IISProtect siteadmin.asp access (server-iis.rules)
 * 1:2131 <-> DISABLED <-> SERVER-IIS IISProtect access (server-iis.rules)
 * 1:2132 <-> DISABLED <-> SERVER-IIS Synchrologic Email Accelerator userid list access attempt (server-iis.rules)
 * 1:2133 <-> DISABLED <-> SERVER-IIS MS BizTalk server access (server-iis.rules)
 * 1:21337 <-> DISABLED <-> SERVER-APACHE Apache XML HMAC truncation authentication bypass attempt (server-apache.rules)
 * 1:2134 <-> DISABLED <-> SERVER-IIS register.asp access (server-iis.rules)
 * 1:21356 <-> DISABLED <-> SERVER-APACHE Apache URI directory traversal attempt (server-apache.rules)
 * 1:21357 <-> DISABLED <-> OS-WINDOWS Microsoft Windows OLEAUT32.DLL malicious WMF file remote code execution attempt (os-windows.rules)
 * 1:21395 <-> DISABLED <-> SERVER-ORACLE 10g iSQLPlus service heap overflow attempt (server-oracle.rules)
 * 1:21396 <-> DISABLED <-> SERVER-ORACLE 10g iSQLPlus service heap overflow attempt (server-oracle.rules)
 * 1:21481 <-> DISABLED <-> FILE-OTHER Oracle Java Web Start arbitrary command execution attempt (file-other.rules)
 * 1:21504 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules)
 * 1:21505 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules)
 * 1:21506 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules)
 * 1:21507 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules)
 * 1:21508 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (os-windows.rules)
 * 1:21515 <-> DISABLED <-> SERVER-APACHE Apache Tomcat Web Application Manager access (server-apache.rules)
 * 1:21522 <-> DISABLED <-> SERVER-APACHE Apache Struts parameters interceptor remote code execution attempt (server-apache.rules)
 * 1:2157 <-> DISABLED <-> SERVER-IIS IISProtect globaladmin.asp access (server-iis.rules)
 * 1:21599 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS 6 multiple executable extension access attempt (server-iis.rules)
 * 1:21600 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS 6 multiple executable extension access attempt (server-iis.rules)
 * 1:21601 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS 6 multiple executable extension access attempt (server-iis.rules)
 * 1:21602 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS 6 multiple executable extension access attempt (server-iis.rules)
 * 1:21603 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS 6 multiple executable extension access attempt (server-iis.rules)
 * 1:21604 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS 6 multiple executable extension access attempt (server-iis.rules)
 * 1:21605 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS 6 multiple executable extension access attempt (server-iis.rules)
 * 1:21606 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS 6 multiple executable extension access attempt (server-iis.rules)
 * 1:21633 <-> DISABLED <-> OS-WINDOWS Microsoft Windows wab32res.dll dll-load exploit attempt (os-windows.rules)
 * 1:21634 <-> DISABLED <-> OS-WINDOWS Microsoft Windows wab32res.dll dll-load exploit attempt (os-windows.rules)
 * 1:21637 <-> ENABLED <-> POLICY-SPAM local user attempted to fill out paypal phishing form (policy-spam.rules)
 * 1:21644 <-> ENABLED <-> PUA-ADWARE Adware.MediaGetInstaller inbound connection - destination ip infected (pua-adware.rules)
 * 1:21645 <-> ENABLED <-> PUA-ADWARE Adware.MediaGetInstaller outbound connection - source ip infected (pua-adware.rules)
 * 1:21656 <-> ENABLED <-> SERVER-APACHE Apache Struts remote code execution attempt ParametersInterceptor (server-apache.rules)
 * 1:21754 <-> DISABLED <-> OS-WINDOWS Microsoft Windows MSXML2 ActiveX malformed HTTP response (os-windows.rules)
 * 1:2178 <-> DISABLED <-> PROTOCOL-FTP USER format string attempt (protocol-ftp.rules)
 * 1:2179 <-> DISABLED <-> PROTOCOL-FTP PASS format string attempt (protocol-ftp.rules)
 * 1:21920 <-> ENABLED <-> SERVER-ORACLE Oracle Outside In CorelDRAW file parser buffer overflow attempt (server-oracle.rules)
 * 1:21921 <-> ENABLED <-> SERVER-ORACLE Oracle Outside In CorelDRAW file parser buffer overflow attempt (server-oracle.rules)
 * 1:21923 <-> DISABLED <-> SERVER-APACHE Apache Tomcat PUT request remote file deployment attempt (server-apache.rules)
 * 1:21924 <-> ENABLED <-> PUA-ADWARE Adware.Downware variant outbound connection attempt (pua-adware.rules)
 * 1:2194 <-> DISABLED <-> SERVER-WEBAPP CSMailto.cgi access (server-webapp.rules)
 * 1:2195 <-> DISABLED <-> SERVER-WEBAPP alert.cgi access (server-webapp.rules)
 * 1:2196 <-> DISABLED <-> SERVER-WEBAPP catgy.cgi access (server-webapp.rules)
 * 1:2197 <-> DISABLED <-> SERVER-WEBAPP cvsview2.cgi access (server-webapp.rules)
 * 1:2198 <-> DISABLED <-> SERVER-WEBAPP cvslog.cgi access (server-webapp.rules)
 * 1:2199 <-> DISABLED <-> SERVER-WEBAPP multidiff.cgi access (server-webapp.rules)
 * 1:2200 <-> DISABLED <-> SERVER-WEBAPP dnewsweb.cgi access (server-webapp.rules)
 * 1:2201 <-> DISABLED <-> SERVER-WEBAPP download.cgi access (server-webapp.rules)
 * 1:2202 <-> DISABLED <-> SERVER-WEBAPP edit_action.cgi access (server-webapp.rules)
 * 1:2203 <-> DISABLED <-> SERVER-WEBAPP everythingform.cgi access (server-webapp.rules)
 * 1:2204 <-> DISABLED <-> SERVER-WEBAPP ezadmin.cgi access (server-webapp.rules)
 * 1:2205 <-> DISABLED <-> SERVER-WEBAPP ezboard.cgi access (server-webapp.rules)
 * 1:2206 <-> DISABLED <-> SERVER-WEBAPP ezman.cgi access (server-webapp.rules)
 * 1:2207 <-> DISABLED <-> SERVER-WEBAPP fileseek.cgi access (server-webapp.rules)
 * 1:2208 <-> DISABLED <-> SERVER-WEBAPP fom.cgi access (server-webapp.rules)
 * 1:2209 <-> DISABLED <-> SERVER-WEBAPP getdoc.cgi access (server-webapp.rules)
 * 1:221 <-> DISABLED <-> PROTOCOL-ICMP TFN Probe (protocol-icmp.rules)
 * 1:2210 <-> DISABLED <-> SERVER-WEBAPP global.cgi access (server-webapp.rules)
 * 1:2211 <-> DISABLED <-> SERVER-WEBAPP guestserver.cgi access (server-webapp.rules)
 * 1:2212 <-> DISABLED <-> SERVER-WEBAPP imageFolio.cgi access (server-webapp.rules)
 * 1:2213 <-> DISABLED <-> SERVER-WEBAPP mailfile.cgi access (server-webapp.rules)
 * 1:2214 <-> DISABLED <-> SERVER-WEBAPP mailview.cgi access (server-webapp.rules)
 * 1:2215 <-> DISABLED <-> SERVER-WEBAPP nsManager.cgi access (server-webapp.rules)
 * 1:2216 <-> DISABLED <-> SERVER-WEBAPP readmail.cgi access (server-webapp.rules)
 * 1:2217 <-> DISABLED <-> SERVER-WEBAPP printmail.cgi access (server-webapp.rules)
 * 1:2218 <-> DISABLED <-> SERVER-WEBAPP service.cgi access (server-webapp.rules)
 * 1:2219 <-> DISABLED <-> SERVER-WEBAPP setpasswd.cgi access (server-webapp.rules)
 * 1:222 <-> DISABLED <-> PROTOCOL-ICMP tfn2k icmp possible communication (protocol-icmp.rules)
 * 1:2220 <-> DISABLED <-> SERVER-WEBAPP simplestmail.cgi access (server-webapp.rules)
 * 1:2221 <-> DISABLED <-> SERVER-WEBAPP ws_mail.cgi access (server-webapp.rules)
 * 1:2222 <-> DISABLED <-> SERVER-WEBAPP nph-exploitscanget.cgi access (server-webapp.rules)
 * 1:2223 <-> DISABLED <-> SERVER-WEBAPP csNews.cgi access (server-webapp.rules)
 * 1:2224 <-> DISABLED <-> SERVER-WEBAPP psunami.cgi access (server-webapp.rules)
 * 1:2225 <-> DISABLED <-> SERVER-WEBAPP gozila.cgi access (server-webapp.rules)
 * 1:224 <-> DISABLED <-> PROTOCOL-ICMP Stacheldraht server spoof (protocol-icmp.rules)
 * 1:2247 <-> DISABLED <-> SERVER-IIS UploadScript11.asp access (server-iis.rules)
 * 1:2248 <-> DISABLED <-> SERVER-IIS DirectoryListing.asp access (server-iis.rules)
 * 1:2249 <-> DISABLED <-> SERVER-IIS /pcadmin/login.asp access (server-iis.rules)
 * 1:225 <-> DISABLED <-> PROTOCOL-ICMP Stacheldraht gag server response (protocol-icmp.rules)
 * 1:226 <-> DISABLED <-> PROTOCOL-ICMP Stacheldraht server response (protocol-icmp.rules)
 * 1:227 <-> DISABLED <-> PROTOCOL-ICMP Stacheldraht client spoofworks (protocol-icmp.rules)
 * 1:228 <-> DISABLED <-> PROTOCOL-ICMP TFN client command BE (protocol-icmp.rules)
 * 1:229 <-> DISABLED <-> PROTOCOL-ICMP Stacheldraht client check skillz (protocol-icmp.rules)
 * 1:23055 <-> DISABLED <-> PROTOCOL-FTP Cisco IOS FTP MKD buffer overflow attempt (protocol-ftp.rules)
 * 1:23115 <-> ENABLED <-> SERVER-MYSQL MySQL/MariaDB client authentication bypass attempt (server-mysql.rules)
 * 1:23178 <-> DISABLED <-> PROTOCOL-ICMP IPv6 router advertisement flood attempt (protocol-icmp.rules)
 * 1:2321 <-> DISABLED <-> SERVER-IIS foxweb.exe access (server-iis.rules)
 * 1:2322 <-> DISABLED <-> SERVER-IIS foxweb.dll access (server-iis.rules)
 * 1:2323 <-> DISABLED <-> SERVER-WEBAPP quickstore.cgi access (server-webapp.rules)
 * 1:2324 <-> DISABLED <-> SERVER-IIS VP-ASP shopsearch.asp access (server-iis.rules)
 * 1:2325 <-> DISABLED <-> SERVER-IIS VP-ASP ShopDisplayProducts.asp access (server-iis.rules)
 * 1:2326 <-> DISABLED <-> SERVER-IIS sgdynamo.exe access (server-iis.rules)
 * 1:2334 <-> DISABLED <-> PROTOCOL-FTP Yak! FTP server default account login attempt (protocol-ftp.rules)
 * 1:2335 <-> DISABLED <-> PROTOCOL-FTP RMD / attempt (protocol-ftp.rules)
 * 1:23360 <-> DISABLED <-> SERVER-IIS tilde character file name discovery attempt (server-iis.rules)
 * 1:23361 <-> DISABLED <-> SERVER-IIS tilde character file name discovery attempt (server-iis.rules)
 * 1:23362 <-> DISABLED <-> SERVER-IIS tilde character file name discovery attempt (server-iis.rules)
 * 1:23369 <-> ENABLED <-> PUA-ADWARE Adware.Phono post infection download attempt (pua-adware.rules)
 * 1:23408 <-> DISABLED <-> OS-WINDOWS Microsoft Windows large image resize denial of service attempt (os-windows.rules)
 * 1:23436 <-> DISABLED <-> OS-WINDOWS Microsoft Windows DirectX IDirectPlay4 denial of service attempt (os-windows.rules)
 * 1:23437 <-> DISABLED <-> OS-WINDOWS Microsoft Windows DirectX IDirectPlay4 denial of service attempt (os-windows.rules)
 * 1:236 <-> DISABLED <-> PROTOCOL-ICMP Stacheldraht client check gag (protocol-icmp.rules)
 * 1:23626 <-> ENABLED <-> SERVER-IIS cmd.exe access (server-iis.rules)
 * 1:23631 <-> ENABLED <-> SERVER-APACHE Apache Struts remote code execution attempt - POST parameter (server-apache.rules)
 * 1:23779 <-> DISABLED <-> SERVER-APACHE Apache WebDAV mod_dav nested entity reference DoS attempt (server-apache.rules)
 * 1:238 <-> DISABLED <-> PROTOCOL-ICMP TFN server response (protocol-icmp.rules)
 * 1:23839 <-> ENABLED <-> OS-WINDOWS SMB Microsoft Windows RAP API NetServerEnum2 long server name buffer overflow attempt (os-windows.rules)
 * 1:23846 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Terminal server RDP freed memory write attempt (os-windows.rules)
 * 1:2386 <-> DISABLED <-> SERVER-IIS NTLM ASN1 vulnerability scan attempt (server-iis.rules)
 * 1:2387 <-> DISABLED <-> SERVER-WEBAPP view_broadcast.cgi access (server-webapp.rules)
 * 1:2388 <-> DISABLED <-> SERVER-WEBAPP streaming server view_broadcast.cgi access (server-webapp.rules)
 * 1:23934 <-> ENABLED <-> SERVER-WEBAPP Symantec Web Gateway blocked.php blind sql injection attempt (server-webapp.rules)
 * 1:23939 <-> DISABLED <-> SERVER-ORACLE FlashTunnelSvc arbitrary file creation attempt (server-oracle.rules)
 * 1:23940 <-> DISABLED <-> SERVER-ORACLE FlashTunnelSvc arbitrary file creation attempt (server-oracle.rules)
 * 1:23958 <-> ENABLED <-> SERVER-WEBAPP HP Operations Agent stack buffer overflow attempt (server-webapp.rules)
 * 1:23959 <-> ENABLED <-> SERVER-WEBAPP HP Operations Agent stack buffer overflow attempt (server-webapp.rules)
 * 1:2396 <-> DISABLED <-> SERVER-WEBAPP CCBill whereami.cgi arbitrary command execution attempt (server-webapp.rules)
 * 1:23960 <-> ENABLED <-> SERVER-WEBAPP HP Operations Agent stack buffer overflow attempt (server-webapp.rules)
 * 1:23961 <-> ENABLED <-> SERVER-WEBAPP HP Operations Agent stack buffer overflow attempt (server-webapp.rules)
 * 1:2397 <-> DISABLED <-> SERVER-WEBAPP CCBill whereami.cgi access (server-webapp.rules)
 * 1:24007 <-> DISABLED <-> OS-WINDOWS SMB Microsoft Windows RAP API NetServerEnum2 long server name buffer overflow attempt (os-windows.rules)
 * 1:24086 <-> ENABLED <-> PUA-ADWARE Adware.AdultAds outbound connection (pua-adware.rules)
 * 1:24090 <-> DISABLED <-> OS-WINDOWS Microsoft Windows WebDAV invalid character argument injection attempt (os-windows.rules)
 * 1:24147 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager nnmRptConfig.exe multiple parameters buffer overflow attempt (server-webapp.rules)
 * 1:2417 <-> DISABLED <-> PROTOCOL-FTP format string attempt (protocol-ftp.rules)
 * 1:24274 <-> ENABLED <-> SERVER-IIS Microsoft Windows IIS stack exhaustion DoS attempt (server-iis.rules)
 * 1:24275 <-> ENABLED <-> SERVER-IIS Microsoft Windows IIS stack exhaustion DoS attempt (server-iis.rules)
 * 1:24276 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS stack exhaustion DoS attempt (server-iis.rules)
 * 1:24291 <-> ENABLED <-> SERVER-WEBAPP HP SiteScope APISiteScopeImpl information disclosure attempt (server-webapp.rules)
 * 1:24292 <-> ENABLED <-> SERVER-WEBAPP HP SiteScope APISiteScopeImpl information disclosure attempt (server-webapp.rules)
 * 1:24306 <-> DISABLED <-> SERVER-APACHE HP Operations Dashboard Apache Tomcat default admin account access attempt (server-apache.rules)
 * 1:24314 <-> ENABLED <-> SERVER-WEBAPP HP Operations Agent stack buffer overflow attempt (server-webapp.rules)
 * 1:24315 <-> ENABLED <-> SERVER-WEBAPP HP Operations Agent stack buffer overflow attempt (server-webapp.rules)
 * 1:24316 <-> ENABLED <-> SERVER-WEBAPP HP Operations Agent stack buffer overflow attempt (server-webapp.rules)
 * 1:24317 <-> ENABLED <-> SERVER-WEBAPP HP Operations Agent stack buffer overflow attempt (server-webapp.rules)
 * 1:24318 <-> ENABLED <-> SERVER-WEBAPP HP Operations Agent stack buffer overflow attempt (server-webapp.rules)
 * 1:24319 <-> ENABLED <-> SERVER-WEBAPP HP Operations Agent stack buffer overflow attempt (server-webapp.rules)
 * 1:24320 <-> ENABLED <-> SERVER-WEBAPP HP Operations Agent stack buffer overflow attempt (server-webapp.rules)
 * 1:2433 <-> DISABLED <-> SERVER-WEBAPP MDaemon form2raw.cgi overflow attempt (server-webapp.rules)
 * 1:24336 <-> DISABLED <-> OS-WINDOWS SMB Microsoft Windows RAP API NetServerEnum2 long comment buffer overflow attempt (os-windows.rules)
 * 1:2434 <-> DISABLED <-> SERVER-WEBAPP MDaemon form2raw.cgi access (server-webapp.rules)
 * 1:24348 <-> DISABLED <-> SERVER-APACHE Apache mod_rpaf x-forwarded-for header denial of service attempt (server-apache.rules)
 * 1:24379 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS FastCGI request header buffer overflow attempt (server-iis.rules)
 * 1:24380 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS FastCGI request header buffer overflow attempt (server-iis.rules)
 * 1:24447 <-> ENABLED <-> SERVER-WEBAPP HP SiteScope DownloadFilesHandler directory traversal attempt (server-webapp.rules)
 * 1:24448 <-> ENABLED <-> SERVER-WEBAPP HP SiteScope UploadFilesHandler directory traversal attempt (server-webapp.rules)
 * 1:251 <-> DISABLED <-> PROTOCOL-ICMP - TFN client command LE (protocol-icmp.rules)
 * 1:2567 <-> DISABLED <-> SERVER-WEBAPP Emumail init.emu access (server-webapp.rules)
 * 1:2568 <-> DISABLED <-> SERVER-WEBAPP Emumail emumail.fcgi access (server-webapp.rules)
 * 1:2571 <-> DISABLED <-> SERVER-IIS SmarterTools SmarterMail frmGetAttachment.aspx access (server-iis.rules)
 * 1:2572 <-> DISABLED <-> SERVER-IIS SmarterTools SmarterMail login.aspx buffer overflow attempt (server-iis.rules)
 * 1:2573 <-> DISABLED <-> SERVER-IIS SmarterTools SmarterMail frmCompose.asp access (server-iis.rules)
 * 1:2574 <-> DISABLED <-> PROTOCOL-FTP RETR format string attempt (protocol-ftp.rules)
 * 1:2576 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.generate_replication_support buffer overflow attempt (server-oracle.rules)
 * 1:2589 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Content-Disposition CLSID command attempt (os-windows.rules)
 * 1:2599 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.add_grouped_column buffer overflow attempt (server-oracle.rules)
 * 1:2601 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.drop_master_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2603 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.create_mview_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2605 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.compare_old_values buffer overflow attempt (server-oracle.rules)
 * 1:2606 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.comment_on_repobject buffer overflow attempt (server-oracle.rules)
 * 1:2608 <-> DISABLED <-> SERVER-ORACLE sysdbms_repcat_rgt.check_ddl_text buffer overflow attempt (server-oracle.rules)
 * 1:2609 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.cancel_statistics buffer overflow attempt (server-oracle.rules)
 * 1:2611 <-> DISABLED <-> SERVER-ORACLE LINK metadata buffer overflow attempt (server-oracle.rules)
 * 1:2612 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_auth.revoke_surrogate_repcat buffer overflow attempt (server-oracle.rules)
 * 1:2614 <-> DISABLED <-> SERVER-ORACLE time_zone buffer overflow attempt (server-oracle.rules)
 * 1:2615 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_auth.grant_surrogate_repcat buffer overflow attempt (server-oracle.rules)
 * 1:2617 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat.alter_mview_propagation buffer overflow attempt (server-oracle.rules)
 * 1:2619 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.alter_master_repobject buffer overflow attempt (server-oracle.rules)
 * 1:2621 <-> DISABLED <-> SERVER-ORACLE dbms_repcat_sna_utl.register_flavor_change buffer overflow attempt (server-oracle.rules)
 * 1:2624 <-> DISABLED <-> SERVER-ORACLE dbms_repcat_admin.unregister_user_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2626 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.send_old_values buffer overflow attempt (server-oracle.rules)
 * 1:2627 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.repcat_import_check buffer overflow attempt (server-oracle.rules)
 * 1:2629 <-> DISABLED <-> SERVER-ORACLE dbms_repcat_admin.register_user_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2633 <-> DISABLED <-> SERVER-ORACLE sys.dbms_rectifier_diff.rectify buffer overflow attempt (server-oracle.rules)
 * 1:2637 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.drop_master_repobject buffer overflow attempt (server-oracle.rules)
 * 1:2639 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.drop_mview_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2641 <-> DISABLED <-> SERVER-ORACLE dbms_repcat_instantiate.drop_site_instantiation buffer overflow attempt (server-oracle.rules)
 * 1:2643 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_fla.ensure_not_published buffer overflow attempt (server-oracle.rules)
 * 1:2644 <-> DISABLED <-> SERVER-ORACLE from_tz buffer overflow attempt (server-oracle.rules)
 * 1:2645 <-> DISABLED <-> SERVER-ORACLE dbms_repcat_instantiate.instantiate_offline buffer overflow attempt (server-oracle.rules)
 * 1:2649 <-> DISABLED <-> SERVER-ORACLE Oracle 9i TNS Listener SERVICE_NAME Remote Buffer Overflow attempt (server-oracle.rules)
 * 1:2650 <-> DISABLED <-> SERVER-ORACLE user name buffer overflow attempt (server-oracle.rules)
 * 1:2651 <-> DISABLED <-> SERVER-ORACLE NUMTODSINTERVAL/NUMTOYMINTERVAL buffer overflow attempt (server-oracle.rules)
 * 1:2652 <-> DISABLED <-> SERVER-ORACLE dbms_offline_og.begin_load buffer overflow attempt (server-oracle.rules)
 * 1:2663 <-> DISABLED <-> SERVER-WEBAPP WhatsUpGold instancename overflow attempt (server-webapp.rules)
 * 1:2667 <-> DISABLED <-> SERVER-IIS ping.asp access (server-iis.rules)
 * 1:2668 <-> DISABLED <-> SERVER-WEBAPP processit access (server-webapp.rules)
 * 1:2669 <-> DISABLED <-> SERVER-WEBAPP ibillpm.pl access (server-webapp.rules)
 * 1:2670 <-> DISABLED <-> SERVER-WEBAPP pgpmail.pl access (server-webapp.rules)
 * 1:2674 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.add_delete_resolution buffer overflow attempt (server-oracle.rules)
 * 1:2675 <-> DISABLED <-> SERVER-ORACLE dbms_repcat_rgt.instantiate_offline buffer overflow attempt (server-oracle.rules)
 * 1:2677 <-> DISABLED <-> SERVER-ORACLE dbms_repcat_rgt.instantiate_online buffer overflow attempt (server-oracle.rules)
 * 1:2678 <-> DISABLED <-> SERVER-ORACLE ctx_output.start_log buffer overflow attempt (server-oracle.rules)
 * 1:2679 <-> DISABLED <-> SERVER-ORACLE sys.dbms_system.ksdwrt buffer overflow attempt (server-oracle.rules)
 * 1:2680 <-> DISABLED <-> SERVER-ORACLE ctxsys.driddlr.subindexpopulate buffer overflow attempt (server-oracle.rules)
 * 1:2681 <-> DISABLED <-> SERVER-ORACLE mdsys.sdo_admin.sdo_code_size buffer overflow attempt (server-oracle.rules)
 * 1:2682 <-> DISABLED <-> SERVER-ORACLE mdsys.md2.validate_geom buffer overflow attempt (server-oracle.rules)
 * 1:2683 <-> DISABLED <-> SERVER-ORACLE mdsys.md2.sdo_code_size buffer overflow attempt (server-oracle.rules)
 * 1:2684 <-> DISABLED <-> SERVER-ORACLE sys.ltutil.pushdeferredtxns buffer overflow attempt (server-oracle.rules)
 * 1:2685 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_rq.add_column buffer overflow attempt (server-oracle.rules)
 * 1:2686 <-> DISABLED <-> SERVER-ORACLE sys.dbms_rectifier_diff.differences buffer overflow attempt (server-oracle.rules)
 * 1:2687 <-> DISABLED <-> SERVER-ORACLE sys.dbms_internal_repcat.validate buffer overflow attempt (server-oracle.rules)
 * 1:2688 <-> DISABLED <-> SERVER-ORACLE sys.dbms_internal_repcat.enable_receiver_trace buffer overflow attempt (server-oracle.rules)
 * 1:2689 <-> DISABLED <-> SERVER-ORACLE sys.dbms_internal_repcat.disable_receiver_trace buffer overflow attempt (server-oracle.rules)
 * 1:2690 <-> DISABLED <-> SERVER-ORACLE sys.dbms_defer_repcat.enable_propagation_to_dblink buffer overflow attempt (server-oracle.rules)
 * 1:2691 <-> DISABLED <-> SERVER-ORACLE sys.dbms_defer_internal_sys.parallel_push_recovery buffer overflow attempt (server-oracle.rules)
 * 1:2692 <-> DISABLED <-> SERVER-ORACLE sys.dbms_aqadm_sys.verify_queue_types buffer overflow attempt (server-oracle.rules)
 * 1:2693 <-> DISABLED <-> SERVER-ORACLE sys.dbms_aqadm.verify_queue_types_no_queue buffer overflow attempt (server-oracle.rules)
 * 1:2694 <-> DISABLED <-> SERVER-ORACLE sys.dbms_aqadm.verify_queue_types_get_nrp buffer overflow attempt (server-oracle.rules)
 * 1:2695 <-> DISABLED <-> SERVER-ORACLE sys.dbms_aq_import_internal.aq_table_defn_update buffer overflow attempt (server-oracle.rules)
 * 1:2696 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_utl.is_master buffer overflow attempt (server-oracle.rules)
 * 1:2697 <-> DISABLED <-> SERVER-ORACLE alter file buffer overflow attempt (server-oracle.rules)
 * 1:2698 <-> DISABLED <-> SERVER-ORACLE create file buffer overflow attempt (server-oracle.rules)
 * 1:2699 <-> DISABLED <-> SERVER-ORACLE TO_CHAR buffer overflow attempt (server-oracle.rules)
 * 1:2708 <-> DISABLED <-> SERVER-ORACLE dbms_offline_og.begin_flavor_change buffer overflow attempt (server-oracle.rules)
 * 1:2709 <-> DISABLED <-> SERVER-ORACLE dbms_offline_og.begin_instantiation buffer overflow attempt (server-oracle.rules)
 * 1:2711 <-> DISABLED <-> SERVER-ORACLE dbms_offline_og.end_flavor_change buffer overflow attempt (server-oracle.rules)
 * 1:2712 <-> DISABLED <-> SERVER-ORACLE dbms_offline_og.end_instantiation buffer overflow attempt (server-oracle.rules)
 * 1:2713 <-> DISABLED <-> SERVER-ORACLE dbms_offline_og.end_load buffer overflow attempt (server-oracle.rules)
 * 1:2714 <-> DISABLED <-> SERVER-ORACLE dbms_offline_og.resume_subset_of_masters buffer overflow attempt (server-oracle.rules)
 * 1:2715 <-> DISABLED <-> SERVER-ORACLE dbms_offline_snapshot.begin_load buffer overflow attempt (server-oracle.rules)
 * 1:2716 <-> DISABLED <-> SERVER-ORACLE dbms_offline_snapshot.end_load buffer overflow attempt (server-oracle.rules)
 * 1:2717 <-> DISABLED <-> SERVER-ORACLE dbms_rectifier_diff.differences buffer overflow attempt (server-oracle.rules)
 * 1:2718 <-> DISABLED <-> SERVER-ORACLE dbms_rectifier_diff.rectify buffer overflow attempt (server-oracle.rules)
 * 1:2719 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.abort_flavor_definition buffer overflow attempt (server-oracle.rules)
 * 1:2720 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.add_column_group_to_flavor buffer overflow attempt (server-oracle.rules)
 * 1:2721 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.add_columns_to_flavor buffer overflow attempt (server-oracle.rules)
 * 1:2722 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.add_object_to_flavor buffer overflow attempt (server-oracle.rules)
 * 1:2723 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.add_priority_char buffer overflow attempt (server-oracle.rules)
 * 1:2724 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.add_priority_date buffer overflow attempt (server-oracle.rules)
 * 1:2725 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.add_priority_nchar buffer overflow attempt (server-oracle.rules)
 * 1:2726 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.add_priority_number buffer overflow attempt (server-oracle.rules)
 * 1:2727 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.add_priority_nvarchar2 buffer overflow attempt (server-oracle.rules)
 * 1:2728 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.add_priority_raw buffer overflow attempt (server-oracle.rules)
 * 1:2729 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.add_priority_varchar2 buffer overflow attempt (server-oracle.rules)
 * 1:2730 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.add_site_priority_site buffer overflow attempt (server-oracle.rules)
 * 1:2731 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.add_unique_resolution buffer overflow attempt (server-oracle.rules)
 * 1:2732 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.add_update_resolution buffer overflow attempt (server-oracle.rules)
 * 1:2733 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.alter_master_propagation buffer overflow attempt (server-oracle.rules)
 * 1:2734 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.alter_mview_propagation buffer overflow attempt (server-oracle.rules)
 * 1:2735 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.alter_priority_char buffer overflow attempt (server-oracle.rules)
 * 1:2736 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.alter_priority_date buffer overflow attempt (server-oracle.rules)
 * 1:2737 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.alter_priority_nchar buffer overflow attempt (server-oracle.rules)
 * 1:2738 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.alter_priority_number buffer overflow attempt (server-oracle.rules)
 * 1:2739 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.alter_priority_nvarchar2 buffer overflow attempt (server-oracle.rules)
 * 1:274 <-> DISABLED <-> PROTOCOL-ICMP ath (protocol-icmp.rules)
 * 1:2740 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.alter_priority_raw buffer overflow attempt (server-oracle.rules)
 * 1:2741 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.alter_priority buffer overflow attempt (server-oracle.rules)
 * 1:2742 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.alter_priority_varchar2 buffer overflow attempt (server-oracle.rules)
 * 1:2743 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.alter_site_priority_site buffer overflow attempt (server-oracle.rules)
 * 1:2744 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.alter_site_priority buffer overflow attempt (server-oracle.rules)
 * 1:2745 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.alter_snapshot_propagation buffer overflow attempt (server-oracle.rules)
 * 1:2746 <-> DISABLED <-> SERVER-ORACLE dbms_repcat_auth.revoke_surrogate_repcat buffer overflow attempt (server-oracle.rules)
 * 1:2747 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.begin_flavor_definition buffer overflow attempt (server-oracle.rules)
 * 1:2748 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.comment_on_column_group buffer overflow attempt (server-oracle.rules)
 * 1:2749 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.comment_on_delete_resolution buffer overflow attempt (server-oracle.rules)
 * 1:2750 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.comment_on_mview_repsites buffer overflow attempt (server-oracle.rules)
 * 1:2751 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.comment_on_priority_group buffer overflow attempt (server-oracle.rules)
 * 1:2752 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.comment_on_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2753 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.comment_on_repsites buffer overflow attempt (server-oracle.rules)
 * 1:2754 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.comment_on_site_priority buffer overflow attempt (server-oracle.rules)
 * 1:2755 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.comment_on_unique_resolution buffer overflow attempt (server-oracle.rules)
 * 1:2756 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.comment_on_update_resolution buffer overflow attempt (server-oracle.rules)
 * 1:2757 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.create_master_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2758 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.create_master_repobject buffer overflow attempt (server-oracle.rules)
 * 1:2759 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.create_snapshot_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2760 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.define_column_group buffer overflow attempt (server-oracle.rules)
 * 1:2761 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.define_priority_group buffer overflow attempt (server-oracle.rules)
 * 1:2762 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.define_site_priority buffer overflow attempt (server-oracle.rules)
 * 1:2763 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.do_deferred_repcat_admin buffer overflow attempt (server-oracle.rules)
 * 1:2764 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.drop_column_group_from_flavor buffer overflow attempt (server-oracle.rules)
 * 1:2765 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.drop_column_group buffer overflow attempt (server-oracle.rules)
 * 1:2766 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.drop_columns_from_flavor buffer overflow attempt (server-oracle.rules)
 * 1:2767 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.drop_delete_resolution buffer overflow attempt (server-oracle.rules)
 * 1:2768 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.drop_grouped_column buffer overflow attempt (server-oracle.rules)
 * 1:2769 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.drop_mview_repobject buffer overflow attempt (server-oracle.rules)
 * 1:2770 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.drop_object_from_flavor buffer overflow attempt (server-oracle.rules)
 * 1:2771 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.drop_priority_char buffer overflow attempt (server-oracle.rules)
 * 1:2772 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.drop_priority_date buffer overflow attempt (server-oracle.rules)
 * 1:2773 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.drop_priority_nchar buffer overflow attempt (server-oracle.rules)
 * 1:2774 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.drop_priority_number buffer overflow attempt (server-oracle.rules)
 * 1:2775 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.drop_priority_nvarchar2 buffer overflow attempt (server-oracle.rules)
 * 1:2776 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.drop_priority_raw buffer overflow attempt (server-oracle.rules)
 * 1:2777 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.drop_priority buffer overflow attempt (server-oracle.rules)
 * 1:2778 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.drop_priority_varchar2 buffer overflow attempt (server-oracle.rules)
 * 1:2779 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.drop_site_priority_site buffer overflow attempt (server-oracle.rules)
 * 1:2780 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.drop_site_priority buffer overflow attempt (server-oracle.rules)
 * 1:2781 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.drop_snapshot_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2782 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.drop_snapshot_repobject buffer overflow attempt (server-oracle.rules)
 * 1:2783 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.drop_unique_resolution buffer overflow attempt (server-oracle.rules)
 * 1:2784 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.drop_update_resolution buffer overflow attempt (server-oracle.rules)
 * 1:2785 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.execute_ddl buffer overflow attempt (server-oracle.rules)
 * 1:2786 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.generate_replication_package buffer overflow attempt (server-oracle.rules)
 * 1:2787 <-> DISABLED <-> SERVER-ORACLE dbms_repcat_instantiate.instantiate_online buffer overflow attempt (server-oracle.rules)
 * 1:2788 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.make_column_group buffer overflow attempt (server-oracle.rules)
 * 1:2789 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.obsolete_flavor_definition buffer overflow attempt (server-oracle.rules)
 * 1:2790 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.publish_flavor_definition buffer overflow attempt (server-oracle.rules)
 * 1:2791 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.purge_flavor_definition buffer overflow attempt (server-oracle.rules)
 * 1:2792 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.purge_master_log buffer overflow attempt (server-oracle.rules)
 * 1:2793 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.purge_statistics buffer overflow attempt (server-oracle.rules)
 * 1:2794 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.refresh_mview_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2795 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.refresh_snapshot_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2796 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.register_mview_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2797 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.register_snapshot_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2798 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.register_statistics buffer overflow attempt (server-oracle.rules)
 * 1:2799 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.relocate_masterdef buffer overflow attempt (server-oracle.rules)
 * 1:2800 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.rename_shadow_column_group buffer overflow attempt (server-oracle.rules)
 * 1:2801 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.resume_master_activity buffer overflow attempt (server-oracle.rules)
 * 1:2802 <-> DISABLED <-> SERVER-ORACLE dbms_repcat_rgt.check_ddl_text buffer overflow attempt (server-oracle.rules)
 * 1:2803 <-> DISABLED <-> SERVER-ORACLE dbms_repcat_rgt.drop_site_instantiation buffer overflow attempt (server-oracle.rules)
 * 1:2804 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.send_and_compare_old_values buffer overflow attempt (server-oracle.rules)
 * 1:2805 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.set_columns buffer overflow attempt (server-oracle.rules)
 * 1:2806 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.set_local_flavor buffer overflow attempt (server-oracle.rules)
 * 1:2807 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.specify_new_masters buffer overflow attempt (server-oracle.rules)
 * 1:2808 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.suspend_master_activity buffer overflow attempt (server-oracle.rules)
 * 1:2809 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.unregister_mview_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2810 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.unregister_snapshot_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2811 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.validate_flavor_definition buffer overflow attempt (server-oracle.rules)
 * 1:2812 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.validate_for_local_flavor buffer overflow attempt (server-oracle.rules)
 * 1:2813 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_fla.abort_flavor_definition buffer overflow attempt (server-oracle.rules)
 * 1:2814 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_fla.add_object_to_flavor buffer overflow attempt (server-oracle.rules)
 * 1:2815 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_fla.begin_flavor_definition buffer overflow attempt (server-oracle.rules)
 * 1:2816 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_fla.drop_object_from_flavor buffer overflow attempt (server-oracle.rules)
 * 1:2817 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_fla_mas.add_column_group_to_flavor buffer overflow attempt (server-oracle.rules)
 * 1:2818 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_fla_mas.add_columns_to_flavor buffer overflow attempt (server-oracle.rules)
 * 1:2819 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_fla_mas.drop_column_group_from_flavor buffer overflow attempt (server-oracle.rules)
 * 1:2820 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_fla_mas.drop_columns_from_flavor buffer overflow attempt (server-oracle.rules)
 * 1:2821 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_fla_mas.obsolete_flavor_definition buffer overflow attempt (server-oracle.rules)
 * 1:2822 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_fla_mas.publish_flavor_definition buffer overflow attempt (server-oracle.rules)
 * 1:2823 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_fla_mas.purge_flavor_definition buffer overflow attempt (server-oracle.rules)
 * 1:2824 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_fla.set_local_flavor buffer overflow attempt (server-oracle.rules)
 * 1:2825 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_fla.validate_flavor_definition buffer overflow attempt (server-oracle.rules)
 * 1:2826 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_fla.validate_for_local_flavor buffer overflow attempt (server-oracle.rules)
 * 1:2827 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_mas.alter_master_repobject buffer overflow attempt (server-oracle.rules)
 * 1:2828 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_mas.comment_on_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2829 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_mas.comment_on_repobject buffer overflow attempt (server-oracle.rules)
 * 1:2830 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_mas.create_master_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2831 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_mas.create_master_repobject buffer overflow attempt (server-oracle.rules)
 * 1:2832 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_mas.do_deferred_repcat_admin buffer overflow attempt (server-oracle.rules)
 * 1:2833 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_mas.drop_master_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2834 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_mas.generate_replication_package buffer overflow attempt (server-oracle.rules)
 * 1:2835 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_mas.purge_master_log buffer overflow attempt (server-oracle.rules)
 * 1:2836 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_mas.relocate_masterdef buffer overflow attempt (server-oracle.rules)
 * 1:2837 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_mas.rename_shadow_column_group buffer overflow attempt (server-oracle.rules)
 * 1:2838 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_mas.resume_master_activity buffer overflow attempt (server-oracle.rules)
 * 1:2839 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_mas.suspend_master_activity buffer overflow attempt (server-oracle.rules)
 * 1:2840 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_sna_utl.alter_snapshot_propagation buffer overflow attempt (server-oracle.rules)
 * 1:2841 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_sna_utl.create_snapshot_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2842 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_sna_utl.drop_snapshot_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2843 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_sna_utl.drop_snapshot_repobject buffer overflow attempt (server-oracle.rules)
 * 1:2844 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_sna_utl.refresh_snapshot_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2845 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_sna_utl.register_snapshot_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2846 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_sna_utl.repcat_import_check buffer overflow attempt (server-oracle.rules)
 * 1:2847 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_sna_utl.unregister_snapshot_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2848 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_utl4.drop_master_repobject buffer overflow attempt (server-oracle.rules)
 * 1:2849 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_utl.drop_an_object buffer overflow attempt (server-oracle.rules)
 * 1:2850 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.create_mview_repobject buffer overflow attempt (server-oracle.rules)
 * 1:2851 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.create_snapshot_repobject buffer overflow attempt (server-oracle.rules)
 * 1:2852 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.generate_mview_support buffer overflow attempt (server-oracle.rules)
 * 1:2853 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.generate_replication_trigger buffer overflow attempt (server-oracle.rules)
 * 1:2854 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.generate_snapshot_support buffer overflow attempt (server-oracle.rules)
 * 1:2855 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.remove_master_databases buffer overflow attempt (server-oracle.rules)
 * 1:2856 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.switch_mview_master buffer overflow attempt (server-oracle.rules)
 * 1:2857 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.switch_snapshot_master buffer overflow attempt (server-oracle.rules)
 * 1:2858 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.add_delete_resolution buffer overflow attempt (server-oracle.rules)
 * 1:2859 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.add_priority_char buffer overflow attempt (server-oracle.rules)
 * 1:2860 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.add_priority_date buffer overflow attempt (server-oracle.rules)
 * 1:2861 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.add_priority_nchar buffer overflow attempt (server-oracle.rules)
 * 1:2862 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.add_priority_number buffer overflow attempt (server-oracle.rules)
 * 1:2863 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.add_priority_nvarchar2 buffer overflow attempt (server-oracle.rules)
 * 1:2864 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.add_priority_raw buffer overflow attempt (server-oracle.rules)
 * 1:2865 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.add_priority_varchar2 buffer overflow attempt (server-oracle.rules)
 * 1:2866 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.add_site_priority_site buffer overflow attempt (server-oracle.rules)
 * 1:2867 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.add_unique_resolution buffer overflow attempt (server-oracle.rules)
 * 1:2868 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.add_update_resolution buffer overflow attempt (server-oracle.rules)
 * 1:2869 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.alter_priority_char buffer overflow attempt (server-oracle.rules)
 * 1:2870 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.alter_priority_date buffer overflow attempt (server-oracle.rules)
 * 1:2871 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.alter_priority_nchar buffer overflow attempt (server-oracle.rules)
 * 1:2872 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.alter_priority_number buffer overflow attempt (server-oracle.rules)
 * 1:2873 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.alter_priority_nvarchar2 buffer overflow attempt (server-oracle.rules)
 * 1:2874 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.alter_priority_raw buffer overflow attempt (server-oracle.rules)
 * 1:2875 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.alter_priority buffer overflow attempt (server-oracle.rules)
 * 1:2876 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.alter_priority_varchar2 buffer overflow attempt (server-oracle.rules)
 * 1:2877 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.alter_site_priority_site buffer overflow attempt (server-oracle.rules)
 * 1:2878 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.alter_site_priority buffer overflow attempt (server-oracle.rules)
 * 1:2879 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.cancel_statistics buffer overflow attempt (server-oracle.rules)
 * 1:2880 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.comment_on_delete_resolution buffer overflow attempt (server-oracle.rules)
 * 3:17647 <-> ENABLED <-> WEB-CLIENT Adobe Flash Player multimedia file DefineSceneAndFrameLabelData code execution attempt (web-client.rules)