Sourcefire VRT Rules Update

Date: 2013-03-26

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2.9.4.0.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:26251 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detected (file-identify.rules)
 * 1:26259 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari SVG Markers Memory Use-After-Free attempt (browser-webkit.rules)
 * 1:26258 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari SVG Markers Memory Use-After-Free attempt (browser-webkit.rules)
 * 1:26257 <-> DISABLED <-> MALWARE-BACKDOOR ANDR-WIN.MSIL variant PC-USB Malicious executable file download (malware-backdoor.rules)
 * 1:26253 <-> ENABLED <-> EXPLOIT-KIT Blackhole exploit kit landing page (exploit-kit.rules)
 * 1:26261 <-> ENABLED <-> MALWARE-OTHER Fake postal receipt HTTP Response phishing attack (malware-other.rules)
 * 1:26255 <-> ENABLED <-> EXPLOIT-KIT Cool exploit kit landing page - specific structure (exploit-kit.rules)
 * 1:26254 <-> ENABLED <-> EXPLOIT-KIT Cool exploit kit redirection page (exploit-kit.rules)
 * 1:26256 <-> ENABLED <-> EXPLOIT-KIT Cool exploit kit malicious jar download (exploit-kit.rules)
 * 1:26260 <-> DISABLED <-> MALWARE-CNC Win.Downloader.Vectmp variant outbound connection (malware-cnc.rules)
 * 1:26252 <-> ENABLED <-> EXPLOIT-KIT Impact exploit kit landing page (exploit-kit.rules)

Modified Rules:


 * 1:3027 <-> DISABLED <-> NETBIOS SMB NT Trans NT CREATE andx SACL overflow attempt (netbios.rules)
 * 1:3028 <-> ENABLED <-> NETBIOS SMB NT Trans NT CREATE unicode SACL overflow attempt (netbios.rules)
 * 1:3029 <-> DISABLED <-> NETBIOS SMB NT Trans NT CREATE unicode andx SACL overflow attempt (netbios.rules)
 * 1:3030 <-> ENABLED <-> NETBIOS SMB-DS NT Trans NT CREATE SACL overflow attempt (netbios.rules)
 * 1:3031 <-> DISABLED <-> NETBIOS SMB-DS NT Trans NT CREATE andx SACL overflow attempt (netbios.rules)
 * 1:3032 <-> ENABLED <-> NETBIOS SMB-DS NT Trans NT CREATE unicode SACL overflow attempt (netbios.rules)
 * 1:3033 <-> DISABLED <-> NETBIOS SMB-DS NT Trans NT CREATE unicode andx SACL overflow attempt (netbios.rules)
 * 1:3034 <-> ENABLED <-> NETBIOS SMB NT Trans NT CREATE DACL overflow attempt (netbios.rules)
 * 1:3035 <-> DISABLED <-> NETBIOS SMB NT Trans NT CREATE andx DACL overflow attempt (netbios.rules)
 * 1:3036 <-> ENABLED <-> NETBIOS SMB NT Trans NT CREATE unicode DACL overflow attempt (netbios.rules)
 * 1:3037 <-> DISABLED <-> NETBIOS SMB NT Trans NT CREATE unicode andx DACL overflow attempt (netbios.rules)
 * 1:3038 <-> ENABLED <-> NETBIOS SMB-DS NT Trans NT CREATE DACL overflow attempt (netbios.rules)
 * 1:3039 <-> DISABLED <-> NETBIOS SMB-DS NT Trans NT CREATE andx DACL overflow attempt (netbios.rules)
 * 1:3040 <-> DISABLED <-> NETBIOS SMB-DS NT Trans NT CREATE unicode DACL overflow attempt (netbios.rules)
 * 1:3041 <-> DISABLED <-> NETBIOS SMB-DS NT Trans NT CREATE unicode andx DACL overflow attempt (netbios.rules)
 * 1:3042 <-> DISABLED <-> NETBIOS SMB NT Trans NT CREATE invalid SACL ace size dos attempt (netbios.rules)
 * 1:3043 <-> DISABLED <-> NETBIOS SMB NT Trans NT CREATE andx invalid SACL ace size dos attempt (netbios.rules)
 * 1:3044 <-> DISABLED <-> NETBIOS SMB NT Trans NT CREATE unicode invalid SACL ace size dos attempt (netbios.rules)
 * 1:3045 <-> DISABLED <-> NETBIOS SMB NT Trans NT CREATE unicode andx invalid SACL ace size dos attempt (netbios.rules)
 * 1:3046 <-> DISABLED <-> NETBIOS SMB-DS NT Trans NT CREATE invalid SACL ace size dos attempt (netbios.rules)
 * 1:3047 <-> DISABLED <-> NETBIOS SMB-DS NT Trans NT CREATE andx invalid SACL ace size dos attempt (netbios.rules)
 * 1:3048 <-> DISABLED <-> NETBIOS SMB-DS NT Trans NT CREATE unicode invalid SACL ace size dos attempt (netbios.rules)
 * 1:3049 <-> DISABLED <-> NETBIOS SMB-DS NT Trans NT CREATE unicode andx invalid SACL ace size dos attempt (netbios.rules)
 * 1:3050 <-> DISABLED <-> NETBIOS SMB NT Trans NT CREATE invalid SACL ace size dos attempt (netbios.rules)
 * 1:3051 <-> DISABLED <-> NETBIOS SMB NT Trans NT CREATE andx invalid SACL ace size dos attempt (netbios.rules)
 * 1:3052 <-> DISABLED <-> NETBIOS SMB NT Trans NT CREATE unicode invalid SACL ace size dos attempt (netbios.rules)
 * 1:3053 <-> DISABLED <-> NETBIOS SMB NT Trans NT CREATE unicode andx invalid SACL ace size dos attempt (netbios.rules)
 * 1:3054 <-> DISABLED <-> NETBIOS SMB-DS NT Trans NT CREATE invalid SACL ace size dos attempt (netbios.rules)
 * 1:3055 <-> DISABLED <-> NETBIOS SMB-DS NT Trans NT CREATE andx invalid SACL ace size dos attempt (netbios.rules)
 * 1:3056 <-> DISABLED <-> NETBIOS SMB-DS NT Trans NT CREATE unicode invalid SACL ace size dos attempt (netbios.rules)
 * 1:3057 <-> DISABLED <-> NETBIOS SMB-DS NT Trans NT CREATE unicode andx invalid SACL ace size dos attempt (netbios.rules)
 * 1:3058 <-> DISABLED <-> PROTOCOL-IMAP copy literal overflow attempt (protocol-imap.rules)
 * 1:3061 <-> DISABLED <-> APP-DETECT distccd remote command execution attempt (app-detect.rules)
 * 1:3062 <-> DISABLED <-> SERVER-WEBAPP NetScreen SA 5000 delhomepage.cgi access (server-webapp.rules)
 * 1:3063 <-> DISABLED <-> MALWARE-BACKDOOR Vampire 1.2 connection request (malware-backdoor.rules)
 * 1:3064 <-> DISABLED <-> MALWARE-BACKDOOR Vampire 1.2 connection confirmation (malware-backdoor.rules)
 * 1:3065 <-> DISABLED <-> PROTOCOL-IMAP append literal overflow attempt (protocol-imap.rules)
 * 1:3066 <-> DISABLED <-> PROTOCOL-IMAP append overflow attempt (protocol-imap.rules)
 * 1:3067 <-> ENABLED <-> PROTOCOL-IMAP examine literal overflow attempt (protocol-imap.rules)
 * 1:3068 <-> ENABLED <-> PROTOCOL-IMAP examine overflow attempt (protocol-imap.rules)
 * 1:3069 <-> ENABLED <-> PROTOCOL-IMAP fetch literal overflow attempt (protocol-imap.rules)
 * 1:3071 <-> DISABLED <-> PROTOCOL-IMAP status literal overflow attempt (protocol-imap.rules)
 * 1:3072 <-> DISABLED <-> PROTOCOL-IMAP status overflow attempt (protocol-imap.rules)
 * 1:3073 <-> ENABLED <-> PROTOCOL-IMAP SUBSCRIBE literal overflow attempt (protocol-imap.rules)
 * 1:3074 <-> ENABLED <-> PROTOCOL-IMAP SUBSCRIBE overflow attempt (protocol-imap.rules)
 * 1:3081 <-> ENABLED <-> MALWARE-BACKDOOR Y3KRAT 1.5 Connect (malware-backdoor.rules)
 * 1:3082 <-> ENABLED <-> MALWARE-BACKDOOR Y3KRAT 1.5 Connect Client Response (malware-backdoor.rules)
 * 1:3083 <-> ENABLED <-> MALWARE-BACKDOOR Y3KRAT 1.5 Connection confirmation (malware-backdoor.rules)
 * 1:3084 <-> DISABLED <-> SERVER-OTHER Veritas backup overflow attempt (server-other.rules)
 * 1:3114 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP llsrpc LlsrConnect overflow attempt (os-windows.rules)
 * 1:3130 <-> DISABLED <-> PUA-OTHER Microsoft MSN Messenger png overflow (pua-other.rules)
 * 1:3131 <-> DISABLED <-> SERVER-WEBAPP mailman directory traversal attempt (server-webapp.rules)
 * 1:3132 <-> DISABLED <-> FILE-IMAGE Microsoft Multiple Products PNG large image width download attempt (file-image.rules)
 * 1:3133 <-> DISABLED <-> FILE-IMAGE Microsoft Multiple Products PNG large image height download attempt (file-image.rules)
 * 1:3134 <-> DISABLED <-> FILE-IMAGE Microsoft PNG large colour depth download attempt (file-image.rules)
 * 1:3135 <-> DISABLED <-> NETBIOS SMB Trans2 QUERY_FILE_INFO attempt (netbios.rules)
 * 1:3136 <-> DISABLED <-> NETBIOS SMB Trans2 QUERY_FILE_INFO andx attempt (netbios.rules)
 * 1:3137 <-> DISABLED <-> NETBIOS SMB-DS Trans2 QUERY_FILE_INFO attempt (netbios.rules)
 * 1:3138 <-> DISABLED <-> NETBIOS SMB-DS Trans2 QUERY_FILE_INFO andx attempt (netbios.rules)
 * 1:3139 <-> DISABLED <-> NETBIOS SMB Trans2 FIND_FIRST2 attempt (netbios.rules)
 * 1:3140 <-> DISABLED <-> NETBIOS SMB Trans2 FIND_FIRST2 andx attempt (netbios.rules)
 * 1:3141 <-> DISABLED <-> NETBIOS SMB-DS Trans2 FIND_FIRST2 attempt (netbios.rules)
 * 1:3142 <-> DISABLED <-> NETBIOS SMB-DS Trans2 FIND_FIRST2 andx attempt (netbios.rules)
 * 1:3143 <-> DISABLED <-> OS-WINDOWS SMB Trans2 FIND_FIRST2 command response overflow attempt (os-windows.rules)
 * 1:3144 <-> DISABLED <-> OS-WINDOWS SMB Trans2 FIND_FIRST2 response andx overflow attempt (os-windows.rules)
 * 1:3145 <-> DISABLED <-> OS-WINDOWS SMB-DS Trans2 FIND_FIRST2 response overflow attempt (os-windows.rules)
 * 1:3146 <-> DISABLED <-> OS-WINDOWS SMB-DS Trans2 FIND_FIRST2 response andx overflow attempt (os-windows.rules)
 * 1:3147 <-> DISABLED <-> TELNET login buffer overflow attempt (telnet.rules)
 * 1:3148 <-> DISABLED <-> OS-WINDOWS Microsoft Windows winhelp clsid attempt (os-windows.rules)
 * 1:3149 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 5/6 object type overflow attempt (browser-ie.rules)
 * 1:3150 <-> DISABLED <-> SERVER-IIS SQLXML content type overflow (server-iis.rules)
 * 1:3151 <-> DISABLED <-> PROTOCOL-FINGER / execution attempt (protocol-finger.rules)
 * 1:3152 <-> DISABLED <-> SQL sa brute force failed login attempt (sql.rules)
 * 1:3153 <-> DISABLED <-> DNS TCP inverse query overflow (dns.rules)
 * 1:3154 <-> DISABLED <-> DNS UDP inverse query overflow (dns.rules)
 * 1:3155 <-> DISABLED <-> MALWARE-BACKDOOR BackOrifice 2000 Inbound Traffic (malware-backdoor.rules)
 * 1:3158 <-> ENABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP ISystemActivator CoGetInstanceFromFile attempt (os-windows.rules)
 * 1:3159 <-> ENABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP ISystemActivator CoGetInstanceFromFile attempt (os-windows.rules)
 * 1:3171 <-> ENABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP msqueue function 4 overflow attempt (os-windows.rules)
 * 1:3192 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Player directory traversal via Content-Disposition attempt (os-windows.rules)
 * 1:3193 <-> DISABLED <-> SERVER-IIS .cmd executable file parsing attack (server-iis.rules)
 * 1:3194 <-> DISABLED <-> SERVER-IIS .bat executable file parsing attack (server-iis.rules)
 * 1:3195 <-> DISABLED <-> OS-WINDOWS name query overflow attempt TCP (os-windows.rules)
 * 1:3196 <-> DISABLED <-> OS-WINDOWS name query overflow attempt UDP (os-windows.rules)
 * 1:3199 <-> DISABLED <-> OS-WINDOWS Microsoft Windows WINS name query overflow attempt TCP (os-windows.rules)
 * 1:3200 <-> DISABLED <-> OS-WINDOWS Microsoft Windows WINS name query overflow attempt UDP (os-windows.rules)
 * 1:3201 <-> DISABLED <-> SERVER-IIS httpodbc.dll access - nimda (server-iis.rules)
 * 1:3218 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP winreg OpenKey overflow attempt (os-windows.rules)
 * 1:3234 <-> DISABLED <-> OS-WINDOWS Messenger message little endian overflow attempt (os-windows.rules)
 * 1:3235 <-> DISABLED <-> OS-WINDOWS Messenger message overflow attempt (os-windows.rules)
 * 1:3238 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP irot IrotIsRunning/Revoke overflow attempt (os-windows.rules)
 * 1:3239 <-> DISABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP irot IrotIsRunning/Revoke overflow attempt (os-windows.rules)
 * 1:3273 <-> DISABLED <-> SQL sa brute force failed login unicode attempt (sql.rules)
 * 1:3274 <-> DISABLED <-> TELNET login buffer non-evasive overflow attempt (telnet.rules)
 * 1:3397 <-> ENABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP ISystemActivator RemoteCreateInstance attempt (os-windows.rules)
 * 1:3398 <-> ENABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP ISystemActivator RemoteCreateInstance attempt (os-windows.rules)
 * 1:3409 <-> ENABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP IActivation remoteactivation overflow attempt (os-windows.rules)
 * 1:3441 <-> DISABLED <-> PROTOCOL-FTP PORT bounce attempt (protocol-ftp.rules)
 * 1:3442 <-> DISABLED <-> DOS WIN32 TCP print service overflow attempt (dos.rules)
 * 1:3453 <-> DISABLED <-> SERVER-OTHER Arkeia client backup system info probe (server-other.rules)
 * 1:3454 <-> DISABLED <-> SERVER-OTHER Arkeia client backup generic info probe (server-other.rules)
 * 1:3455 <-> DISABLED <-> SERVER-OTHER Bontago Game Server Nickname buffer overflow (server-other.rules)
 * 1:3456 <-> DISABLED <-> SERVER-MYSQL 4.0 root login attempt (server-mysql.rules)
 * 1:3457 <-> DISABLED <-> SERVER-OTHER Arkeia backup client type 77 overflow attempt (server-other.rules)
 * 1:3458 <-> DISABLED <-> SERVER-OTHER Arkeia backup client type 84 overflow attempt (server-other.rules)
 * 1:3459 <-> DISABLED <-> PUA-P2P Manolito Search Query (pua-p2p.rules)
 * 1:3460 <-> DISABLED <-> PROTOCOL-FTP REST with numeric argument (protocol-ftp.rules)
 * 1:3461 <-> DISABLED <-> SERVER-MAIL Content-Type overflow attempt (server-mail.rules)
 * 1:3462 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Content-Encoding overflow attempt (browser-ie.rules)
 * 1:3463 <-> DISABLED <-> SERVER-WEBAPP awstats access (server-webapp.rules)
 * 1:3464 <-> DISABLED <-> SERVER-WEBAPP awstats.pl command execution attempt (server-webapp.rules)
 * 1:3026 <-> ENABLED <-> NETBIOS SMB NT Trans NT CREATE SACL overflow attempt (netbios.rules)
 * 1:3025 <-> DISABLED <-> NETBIOS SMB-DS NT Trans NT CREATE unicode andx oversized Security Descriptor attempt (netbios.rules)
 * 1:3024 <-> ENABLED <-> NETBIOS SMB-DS NT Trans NT CREATE unicode oversized Security Descriptor attempt (netbios.rules)
 * 1:3023 <-> DISABLED <-> NETBIOS SMB-DS NT Trans NT CREATE andx oversized Security Descriptor attempt (netbios.rules)
 * 1:3022 <-> ENABLED <-> NETBIOS SMB-DS NT Trans NT CREATE oversized Security Descriptor attempt (netbios.rules)
 * 1:3021 <-> DISABLED <-> NETBIOS SMB NT Trans NT CREATE unicode andx oversized Security Descriptor attempt (netbios.rules)
 * 1:3020 <-> ENABLED <-> NETBIOS SMB NT Trans NT CREATE unicode oversized Security Descriptor attempt (netbios.rules)
 * 1:3019 <-> DISABLED <-> NETBIOS SMB NT Trans NT CREATE andx oversized Security Descriptor attempt (netbios.rules)
 * 1:3018 <-> ENABLED <-> NETBIOS SMB NT Trans NT CREATE oversized Security Descriptor attempt (netbios.rules)
 * 1:3017 <-> DISABLED <-> OS-WINDOWS Microsoft Windows WINS overflow attempt (os-windows.rules)
 * 1:3016 <-> DISABLED <-> MALWARE-CNC Insane Network 4.0 connection port 63536 (malware-cnc.rules)
 * 1:3015 <-> DISABLED <-> MALWARE-CNC Insane Network 4.0 connection (malware-cnc.rules)
 * 1:3014 <-> DISABLED <-> MALWARE-CNC Asylum 0.1 connection (malware-cnc.rules)
 * 1:3013 <-> DISABLED <-> MALWARE-CNC Asylum 0.1 connection request (malware-cnc.rules)
 * 1:3012 <-> DISABLED <-> MALWARE-CNC RUX the Tick upload/execute arbitrary file (malware-cnc.rules)
 * 1:3011 <-> DISABLED <-> MALWARE-CNC RUX the Tick get system directory (malware-cnc.rules)
 * 1:3010 <-> DISABLED <-> MALWARE-CNC RUX the Tick get windows directory (malware-cnc.rules)
 * 1:3004 <-> DISABLED <-> OS-WINDOWS SMB-DS Session Setup NTMLSSP andx asn1 overflow attempt (os-windows.rules)
 * 1:3003 <-> DISABLED <-> OS-WINDOWS SMB-DS Session Setup NTMLSSP unicode asn1 overflow attempt (os-windows.rules)
 * 1:3002 <-> DISABLED <-> OS-WINDOWS SMB Session Setup NTMLSSP unicode andx asn1 overflow attempt (os-windows.rules)
 * 1:3001 <-> DISABLED <-> OS-WINDOWS SMB Session Setup NTMLSSP andx asn1 overflow attempt (os-windows.rules)
 * 1:2942 <-> ENABLED <-> NETBIOS DCERPC NCACN-IP-TCP winreg InitiateSystemShutdown attempt (netbios.rules)
 * 1:2936 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP nddeapi NDdeSetTrustedShareW overflow attempt (os-windows.rules)
 * 1:2927 <-> DISABLED <-> OS-WINDOWS Microsoft Windows XPAT pattern overflow attempt (os-windows.rules)
 * 1:2926 <-> DISABLED <-> SERVER-WEBAPP PhpGedView PGV base directory manipulation (server-webapp.rules)
 * 1:2924 <-> DISABLED <-> NETBIOS SMB-DS repeated logon failure (netbios.rules)
 * 1:2923 <-> DISABLED <-> NETBIOS SMB repeated logon failure (netbios.rules)
 * 1:2922 <-> DISABLED <-> DNS TCP inverse query (dns.rules)
 * 1:2921 <-> DISABLED <-> DNS UDP inverse query (dns.rules)
 * 1:2919 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_untrusted.register_snapshot_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2918 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_sna.validate_for_local_flavor buffer overflow attempt (server-oracle.rules)
 * 1:2917 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_sna_utl.switch_snapshot_master buffer overflow attempt (server-oracle.rules)
 * 1:2916 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_sna.unregister_snapshot_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2915 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_sna.switch_snapshot_master buffer overflow attempt (server-oracle.rules)
 * 1:2914 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_sna.set_local_flavor buffer overflow attempt (server-oracle.rules)
 * 1:2913 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_sna.repcat_import_check buffer overflow attempt (server-oracle.rules)
 * 1:2912 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_sna.register_snapshot_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2911 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_sna.refresh_snapshot_repschema buffer overflow attempt (server-oracle.rules)
 * 1:2910 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_sna.refresh_snapshot_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2909 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_sna.generate_snapshot_support buffer overflow attempt (server-oracle.rules)
 * 1:2908 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_sna.drop_snapshot_repschema buffer overflow attempt (server-oracle.rules)
 * 1:2907 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_sna.drop_snapshot_repobject buffer overflow attempt (server-oracle.rules)
 * 1:2906 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_sna.drop_snapshot_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2905 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_sna.create_snapshot_repschema buffer overflow attempt (server-oracle.rules)
 * 1:2904 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_sna.create_snapshot_repobject buffer overflow attempt (server-oracle.rules)
 * 1:2903 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_sna.create_snapshot_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2902 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_sna.alter_snapshot_propagation buffer overflow attempt (server-oracle.rules)
 * 1:2901 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.register_statistics buffer overflow attempt (server-oracle.rules)
 * 1:2900 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.purge_statistics buffer overflow attempt (server-oracle.rules)
 * 1:2728 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.add_priority_raw buffer overflow attempt (server-oracle.rules)
 * 1:2727 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.add_priority_nvarchar2 buffer overflow attempt (server-oracle.rules)
 * 1:2726 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.add_priority_number buffer overflow attempt (server-oracle.rules)
 * 1:2725 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.add_priority_nchar buffer overflow attempt (server-oracle.rules)
 * 1:2724 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.add_priority_date buffer overflow attempt (server-oracle.rules)
 * 1:2723 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.add_priority_char buffer overflow attempt (server-oracle.rules)
 * 1:2722 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.add_object_to_flavor buffer overflow attempt (server-oracle.rules)
 * 1:2721 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.add_columns_to_flavor buffer overflow attempt (server-oracle.rules)
 * 1:2720 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.add_column_group_to_flavor buffer overflow attempt (server-oracle.rules)
 * 1:2719 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.abort_flavor_definition buffer overflow attempt (server-oracle.rules)
 * 1:2718 <-> DISABLED <-> SERVER-ORACLE dbms_rectifier_diff.rectify buffer overflow attempt (server-oracle.rules)
 * 1:2717 <-> DISABLED <-> SERVER-ORACLE dbms_rectifier_diff.differences buffer overflow attempt (server-oracle.rules)
 * 1:2716 <-> DISABLED <-> SERVER-ORACLE dbms_offline_snapshot.end_load buffer overflow attempt (server-oracle.rules)
 * 1:2715 <-> DISABLED <-> SERVER-ORACLE dbms_offline_snapshot.begin_load buffer overflow attempt (server-oracle.rules)
 * 1:2714 <-> DISABLED <-> SERVER-ORACLE dbms_offline_og.resume_subset_of_masters buffer overflow attempt (server-oracle.rules)
 * 1:2713 <-> DISABLED <-> SERVER-ORACLE dbms_offline_og.end_load buffer overflow attempt (server-oracle.rules)
 * 1:2712 <-> DISABLED <-> SERVER-ORACLE dbms_offline_og.end_instantiation buffer overflow attempt (server-oracle.rules)
 * 1:2711 <-> DISABLED <-> SERVER-ORACLE dbms_offline_og.end_flavor_change buffer overflow attempt (server-oracle.rules)
 * 1:2709 <-> DISABLED <-> SERVER-ORACLE dbms_offline_og.begin_instantiation buffer overflow attempt (server-oracle.rules)
 * 1:2708 <-> DISABLED <-> SERVER-ORACLE dbms_offline_og.begin_flavor_change buffer overflow attempt (server-oracle.rules)
 * 1:2707 <-> DISABLED <-> FILE-IMAGE JPEG parser multipacket heap overflow (file-image.rules)
 * 1:2899 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.drop_update_resolution buffer overflow attempt (server-oracle.rules)
 * 1:2898 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.drop_unique_resolution buffer overflow attempt (server-oracle.rules)
 * 1:2897 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.drop_site_priority buffer overflow attempt (server-oracle.rules)
 * 1:2896 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.drop_site_priority_site buffer overflow attempt (server-oracle.rules)
 * 1:2895 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.drop_priority_varchar2 buffer overflow attempt (server-oracle.rules)
 * 1:2894 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.drop_priority buffer overflow attempt (server-oracle.rules)
 * 1:2893 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.drop_priority_raw buffer overflow attempt (server-oracle.rules)
 * 1:2892 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.drop_priority_nvarchar2 buffer overflow attempt (server-oracle.rules)
 * 1:2891 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.drop_priority_number buffer overflow attempt (server-oracle.rules)
 * 1:2890 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.drop_priority_nchar buffer overflow attempt (server-oracle.rules)
 * 1:2889 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.drop_priority_date buffer overflow attempt (server-oracle.rules)
 * 1:2888 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.drop_priority_char buffer overflow attempt (server-oracle.rules)
 * 1:2887 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.drop_delete_resolution buffer overflow attempt (server-oracle.rules)
 * 1:2886 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.define_site_priority buffer overflow attempt (server-oracle.rules)
 * 1:2885 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.define_priority_group buffer overflow attempt (server-oracle.rules)
 * 1:2884 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.comment_on_update_resolution buffer overflow attempt (server-oracle.rules)
 * 1:2883 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.comment_on_unique_resolution buffer overflow attempt (server-oracle.rules)
 * 1:2882 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.comment_on_site_priority buffer overflow attempt (server-oracle.rules)
 * 1:2881 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.comment_on_priority_group buffer overflow attempt (server-oracle.rules)
 * 1:2880 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.comment_on_delete_resolution buffer overflow attempt (server-oracle.rules)
 * 1:2879 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.cancel_statistics buffer overflow attempt (server-oracle.rules)
 * 1:2878 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.alter_site_priority buffer overflow attempt (server-oracle.rules)
 * 1:2877 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.alter_site_priority_site buffer overflow attempt (server-oracle.rules)
 * 1:2876 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.alter_priority_varchar2 buffer overflow attempt (server-oracle.rules)
 * 1:2875 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.alter_priority buffer overflow attempt (server-oracle.rules)
 * 1:2874 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.alter_priority_raw buffer overflow attempt (server-oracle.rules)
 * 1:2873 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.alter_priority_nvarchar2 buffer overflow attempt (server-oracle.rules)
 * 1:2872 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.alter_priority_number buffer overflow attempt (server-oracle.rules)
 * 1:2871 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.alter_priority_nchar buffer overflow attempt (server-oracle.rules)
 * 1:2870 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.alter_priority_date buffer overflow attempt (server-oracle.rules)
 * 1:2869 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.alter_priority_char buffer overflow attempt (server-oracle.rules)
 * 1:2868 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.add_update_resolution buffer overflow attempt (server-oracle.rules)
 * 1:2867 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.add_unique_resolution buffer overflow attempt (server-oracle.rules)
 * 1:2866 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.add_site_priority_site buffer overflow attempt (server-oracle.rules)
 * 1:2865 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.add_priority_varchar2 buffer overflow attempt (server-oracle.rules)
 * 1:2864 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.add_priority_raw buffer overflow attempt (server-oracle.rules)
 * 1:2863 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.add_priority_nvarchar2 buffer overflow attempt (server-oracle.rules)
 * 1:2862 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.add_priority_number buffer overflow attempt (server-oracle.rules)
 * 1:2861 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.add_priority_nchar buffer overflow attempt (server-oracle.rules)
 * 1:2860 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.add_priority_date buffer overflow attempt (server-oracle.rules)
 * 1:2859 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.add_priority_char buffer overflow attempt (server-oracle.rules)
 * 1:2858 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_conf.add_delete_resolution buffer overflow attempt (server-oracle.rules)
 * 1:2857 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.switch_snapshot_master buffer overflow attempt (server-oracle.rules)
 * 1:2856 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.switch_mview_master buffer overflow attempt (server-oracle.rules)
 * 1:2855 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.remove_master_databases buffer overflow attempt (server-oracle.rules)
 * 1:2854 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.generate_snapshot_support buffer overflow attempt (server-oracle.rules)
 * 1:2853 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.generate_replication_trigger buffer overflow attempt (server-oracle.rules)
 * 1:2852 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.generate_mview_support buffer overflow attempt (server-oracle.rules)
 * 1:2851 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.create_snapshot_repobject buffer overflow attempt (server-oracle.rules)
 * 1:2850 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.create_mview_repobject buffer overflow attempt (server-oracle.rules)
 * 1:2849 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_utl.drop_an_object buffer overflow attempt (server-oracle.rules)
 * 1:2848 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_utl4.drop_master_repobject buffer overflow attempt (server-oracle.rules)
 * 1:2847 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_sna_utl.unregister_snapshot_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2846 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_sna_utl.repcat_import_check buffer overflow attempt (server-oracle.rules)
 * 1:2845 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_sna_utl.register_snapshot_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2844 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_sna_utl.refresh_snapshot_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2843 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_sna_utl.drop_snapshot_repobject buffer overflow attempt (server-oracle.rules)
 * 1:2842 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_sna_utl.drop_snapshot_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2841 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_sna_utl.create_snapshot_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2840 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_sna_utl.alter_snapshot_propagation buffer overflow attempt (server-oracle.rules)
 * 1:2839 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_mas.suspend_master_activity buffer overflow attempt (server-oracle.rules)
 * 1:2838 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_mas.resume_master_activity buffer overflow attempt (server-oracle.rules)
 * 1:2837 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_mas.rename_shadow_column_group buffer overflow attempt (server-oracle.rules)
 * 1:2836 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_mas.relocate_masterdef buffer overflow attempt (server-oracle.rules)
 * 1:2835 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_mas.purge_master_log buffer overflow attempt (server-oracle.rules)
 * 1:2834 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_mas.generate_replication_package buffer overflow attempt (server-oracle.rules)
 * 1:2833 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_mas.drop_master_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2832 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_mas.do_deferred_repcat_admin buffer overflow attempt (server-oracle.rules)
 * 1:2831 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_mas.create_master_repobject buffer overflow attempt (server-oracle.rules)
 * 1:2830 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_mas.create_master_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2829 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_mas.comment_on_repobject buffer overflow attempt (server-oracle.rules)
 * 1:2828 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_mas.comment_on_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2827 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_mas.alter_master_repobject buffer overflow attempt (server-oracle.rules)
 * 1:2826 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_fla.validate_for_local_flavor buffer overflow attempt (server-oracle.rules)
 * 1:2825 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_fla.validate_flavor_definition buffer overflow attempt (server-oracle.rules)
 * 1:2824 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_fla.set_local_flavor buffer overflow attempt (server-oracle.rules)
 * 1:2823 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_fla_mas.purge_flavor_definition buffer overflow attempt (server-oracle.rules)
 * 1:2822 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_fla_mas.publish_flavor_definition buffer overflow attempt (server-oracle.rules)
 * 1:2821 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_fla_mas.obsolete_flavor_definition buffer overflow attempt (server-oracle.rules)
 * 1:2820 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_fla_mas.drop_columns_from_flavor buffer overflow attempt (server-oracle.rules)
 * 1:2819 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_fla_mas.drop_column_group_from_flavor buffer overflow attempt (server-oracle.rules)
 * 1:2818 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_fla_mas.add_columns_to_flavor buffer overflow attempt (server-oracle.rules)
 * 1:2817 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_fla_mas.add_column_group_to_flavor buffer overflow attempt (server-oracle.rules)
 * 1:2816 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_fla.drop_object_from_flavor buffer overflow attempt (server-oracle.rules)
 * 1:2815 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_fla.begin_flavor_definition buffer overflow attempt (server-oracle.rules)
 * 1:2814 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_fla.add_object_to_flavor buffer overflow attempt (server-oracle.rules)
 * 1:2813 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_fla.abort_flavor_definition buffer overflow attempt (server-oracle.rules)
 * 1:2812 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.validate_for_local_flavor buffer overflow attempt (server-oracle.rules)
 * 1:2811 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.validate_flavor_definition buffer overflow attempt (server-oracle.rules)
 * 1:2810 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.unregister_snapshot_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2809 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.unregister_mview_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2808 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.suspend_master_activity buffer overflow attempt (server-oracle.rules)
 * 1:2807 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.specify_new_masters buffer overflow attempt (server-oracle.rules)
 * 1:2806 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.set_local_flavor buffer overflow attempt (server-oracle.rules)
 * 1:2805 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.set_columns buffer overflow attempt (server-oracle.rules)
 * 1:2804 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.send_and_compare_old_values buffer overflow attempt (server-oracle.rules)
 * 1:2803 <-> DISABLED <-> SERVER-ORACLE dbms_repcat_rgt.drop_site_instantiation buffer overflow attempt (server-oracle.rules)
 * 1:2802 <-> DISABLED <-> SERVER-ORACLE dbms_repcat_rgt.check_ddl_text buffer overflow attempt (server-oracle.rules)
 * 1:2801 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.resume_master_activity buffer overflow attempt (server-oracle.rules)
 * 1:2800 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.rename_shadow_column_group buffer overflow attempt (server-oracle.rules)
 * 1:2799 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.relocate_masterdef buffer overflow attempt (server-oracle.rules)
 * 1:2798 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.register_statistics buffer overflow attempt (server-oracle.rules)
 * 1:2797 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.register_snapshot_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2796 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.register_mview_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2795 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.refresh_snapshot_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2794 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.refresh_mview_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2793 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.purge_statistics buffer overflow attempt (server-oracle.rules)
 * 1:2792 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.purge_master_log buffer overflow attempt (server-oracle.rules)
 * 1:2791 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.purge_flavor_definition buffer overflow attempt (server-oracle.rules)
 * 1:2790 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.publish_flavor_definition buffer overflow attempt (server-oracle.rules)
 * 1:2789 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.obsolete_flavor_definition buffer overflow attempt (server-oracle.rules)
 * 1:2788 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.make_column_group buffer overflow attempt (server-oracle.rules)
 * 1:2787 <-> DISABLED <-> SERVER-ORACLE dbms_repcat_instantiate.instantiate_online buffer overflow attempt (server-oracle.rules)
 * 1:2786 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.generate_replication_package buffer overflow attempt (server-oracle.rules)
 * 1:2785 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.execute_ddl buffer overflow attempt (server-oracle.rules)
 * 1:2784 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.drop_update_resolution buffer overflow attempt (server-oracle.rules)
 * 1:2783 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.drop_unique_resolution buffer overflow attempt (server-oracle.rules)
 * 1:2782 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.drop_snapshot_repobject buffer overflow attempt (server-oracle.rules)
 * 1:2781 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.drop_snapshot_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2780 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.drop_site_priority buffer overflow attempt (server-oracle.rules)
 * 1:2779 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.drop_site_priority_site buffer overflow attempt (server-oracle.rules)
 * 1:2778 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.drop_priority_varchar2 buffer overflow attempt (server-oracle.rules)
 * 1:2777 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.drop_priority buffer overflow attempt (server-oracle.rules)
 * 1:2776 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.drop_priority_raw buffer overflow attempt (server-oracle.rules)
 * 1:2775 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.drop_priority_nvarchar2 buffer overflow attempt (server-oracle.rules)
 * 1:2774 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.drop_priority_number buffer overflow attempt (server-oracle.rules)
 * 1:2773 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.drop_priority_nchar buffer overflow attempt (server-oracle.rules)
 * 1:2772 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.drop_priority_date buffer overflow attempt (server-oracle.rules)
 * 1:2771 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.drop_priority_char buffer overflow attempt (server-oracle.rules)
 * 1:2770 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.drop_object_from_flavor buffer overflow attempt (server-oracle.rules)
 * 1:2769 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.drop_mview_repobject buffer overflow attempt (server-oracle.rules)
 * 1:2768 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.drop_grouped_column buffer overflow attempt (server-oracle.rules)
 * 1:2767 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.drop_delete_resolution buffer overflow attempt (server-oracle.rules)
 * 1:2766 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.drop_columns_from_flavor buffer overflow attempt (server-oracle.rules)
 * 1:2765 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.drop_column_group buffer overflow attempt (server-oracle.rules)
 * 1:2764 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.drop_column_group_from_flavor buffer overflow attempt (server-oracle.rules)
 * 1:2763 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.do_deferred_repcat_admin buffer overflow attempt (server-oracle.rules)
 * 1:2762 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.define_site_priority buffer overflow attempt (server-oracle.rules)
 * 1:2761 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.define_priority_group buffer overflow attempt (server-oracle.rules)
 * 1:2760 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.define_column_group buffer overflow attempt (server-oracle.rules)
 * 1:2759 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.create_snapshot_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2758 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.create_master_repobject buffer overflow attempt (server-oracle.rules)
 * 1:2757 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.create_master_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2756 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.comment_on_update_resolution buffer overflow attempt (server-oracle.rules)
 * 1:2755 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.comment_on_unique_resolution buffer overflow attempt (server-oracle.rules)
 * 1:2754 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.comment_on_site_priority buffer overflow attempt (server-oracle.rules)
 * 1:2753 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.comment_on_repsites buffer overflow attempt (server-oracle.rules)
 * 1:2752 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.comment_on_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2751 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.comment_on_priority_group buffer overflow attempt (server-oracle.rules)
 * 1:2750 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.comment_on_mview_repsites buffer overflow attempt (server-oracle.rules)
 * 1:2749 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.comment_on_delete_resolution buffer overflow attempt (server-oracle.rules)
 * 1:2748 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.comment_on_column_group buffer overflow attempt (server-oracle.rules)
 * 1:2747 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.begin_flavor_definition buffer overflow attempt (server-oracle.rules)
 * 1:2746 <-> DISABLED <-> SERVER-ORACLE dbms_repcat_auth.revoke_surrogate_repcat buffer overflow attempt (server-oracle.rules)
 * 1:2745 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.alter_snapshot_propagation buffer overflow attempt (server-oracle.rules)
 * 1:2744 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.alter_site_priority buffer overflow attempt (server-oracle.rules)
 * 1:2743 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.alter_site_priority_site buffer overflow attempt (server-oracle.rules)
 * 1:2742 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.alter_priority_varchar2 buffer overflow attempt (server-oracle.rules)
 * 1:2741 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.alter_priority buffer overflow attempt (server-oracle.rules)
 * 1:2740 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.alter_priority_raw buffer overflow attempt (server-oracle.rules)
 * 1:2739 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.alter_priority_nvarchar2 buffer overflow attempt (server-oracle.rules)
 * 1:2738 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.alter_priority_number buffer overflow attempt (server-oracle.rules)
 * 1:2737 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.alter_priority_nchar buffer overflow attempt (server-oracle.rules)
 * 1:2736 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.alter_priority_date buffer overflow attempt (server-oracle.rules)
 * 1:2735 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.alter_priority_char buffer overflow attempt (server-oracle.rules)
 * 1:2734 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.alter_mview_propagation buffer overflow attempt (server-oracle.rules)
 * 1:2733 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.alter_master_propagation buffer overflow attempt (server-oracle.rules)
 * 1:2732 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.add_update_resolution buffer overflow attempt (server-oracle.rules)
 * 1:2731 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.add_unique_resolution buffer overflow attempt (server-oracle.rules)
 * 1:2730 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.add_site_priority_site buffer overflow attempt (server-oracle.rules)
 * 1:2729 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.add_priority_varchar2 buffer overflow attempt (server-oracle.rules)
 * 1:2705 <-> DISABLED <-> FILE-IMAGE Microsoft Multiple Products JPEG parser heap overflow attempt (file-image.rules)
 * 1:2704 <-> DISABLED <-> SERVER-WEBAPP Oracle 10g iSQLPlus login.unix connectID overflow attempt (server-webapp.rules)
 * 1:2703 <-> DISABLED <-> SERVER-WEBAPP Oracle iSQLPlus login.uix username overflow attempt (server-webapp.rules)
 * 1:2702 <-> DISABLED <-> SERVER-WEBAPP Oracle iSQLPlus username overflow attempt (server-webapp.rules)
 * 1:2701 <-> DISABLED <-> SERVER-WEBAPP Oracle iSQLPlus sid overflow attempt (server-webapp.rules)
 * 1:2699 <-> DISABLED <-> SERVER-ORACLE TO_CHAR buffer overflow attempt (server-oracle.rules)
 * 1:2698 <-> DISABLED <-> SERVER-ORACLE create file buffer overflow attempt (server-oracle.rules)
 * 1:2697 <-> DISABLED <-> SERVER-ORACLE alter file buffer overflow attempt (server-oracle.rules)
 * 1:2696 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_utl.is_master buffer overflow attempt (server-oracle.rules)
 * 1:2695 <-> DISABLED <-> SERVER-ORACLE sys.dbms_aq_import_internal.aq_table_defn_update buffer overflow attempt (server-oracle.rules)
 * 1:2694 <-> DISABLED <-> SERVER-ORACLE sys.dbms_aqadm.verify_queue_types_get_nrp buffer overflow attempt (server-oracle.rules)
 * 1:2693 <-> DISABLED <-> SERVER-ORACLE sys.dbms_aqadm.verify_queue_types_no_queue buffer overflow attempt (server-oracle.rules)
 * 1:2692 <-> DISABLED <-> SERVER-ORACLE sys.dbms_aqadm_sys.verify_queue_types buffer overflow attempt (server-oracle.rules)
 * 1:2691 <-> DISABLED <-> SERVER-ORACLE sys.dbms_defer_internal_sys.parallel_push_recovery buffer overflow attempt (server-oracle.rules)
 * 1:2690 <-> DISABLED <-> SERVER-ORACLE sys.dbms_defer_repcat.enable_propagation_to_dblink buffer overflow attempt (server-oracle.rules)
 * 1:2689 <-> DISABLED <-> SERVER-ORACLE sys.dbms_internal_repcat.disable_receiver_trace buffer overflow attempt (server-oracle.rules)
 * 1:2688 <-> DISABLED <-> SERVER-ORACLE sys.dbms_internal_repcat.enable_receiver_trace buffer overflow attempt (server-oracle.rules)
 * 1:2687 <-> DISABLED <-> SERVER-ORACLE sys.dbms_internal_repcat.validate buffer overflow attempt (server-oracle.rules)
 * 1:2686 <-> DISABLED <-> SERVER-ORACLE sys.dbms_rectifier_diff.differences buffer overflow attempt (server-oracle.rules)
 * 1:2685 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_rq.add_column buffer overflow attempt (server-oracle.rules)
 * 1:2684 <-> DISABLED <-> SERVER-ORACLE sys.ltutil.pushdeferredtxns buffer overflow attempt (server-oracle.rules)
 * 1:2683 <-> DISABLED <-> SERVER-ORACLE mdsys.md2.sdo_code_size buffer overflow attempt (server-oracle.rules)
 * 1:2682 <-> DISABLED <-> SERVER-ORACLE mdsys.md2.validate_geom buffer overflow attempt (server-oracle.rules)
 * 1:2681 <-> DISABLED <-> SERVER-ORACLE mdsys.sdo_admin.sdo_code_size buffer overflow attempt (server-oracle.rules)
 * 1:2680 <-> DISABLED <-> SERVER-ORACLE ctxsys.driddlr.subindexpopulate buffer overflow attempt (server-oracle.rules)
 * 1:2679 <-> DISABLED <-> SERVER-ORACLE sys.dbms_system.ksdwrt buffer overflow attempt (server-oracle.rules)
 * 1:2678 <-> DISABLED <-> SERVER-ORACLE ctx_output.start_log buffer overflow attempt (server-oracle.rules)
 * 1:2677 <-> DISABLED <-> SERVER-ORACLE dbms_repcat_rgt.instantiate_online buffer overflow attempt (server-oracle.rules)
 * 1:2675 <-> DISABLED <-> SERVER-ORACLE dbms_repcat_rgt.instantiate_offline buffer overflow attempt (server-oracle.rules)
 * 1:2674 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.add_delete_resolution buffer overflow attempt (server-oracle.rules)
 * 1:2673 <-> DISABLED <-> FILE-IMAGE libpng tRNS overflow attempt (file-image.rules)
 * 1:2672 <-> DISABLED <-> SERVER-WEBAPP sresult.exe access (server-webapp.rules)
 * 1:2671 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer bitmap BitmapOffset integer overflow attempt (browser-ie.rules)
 * 1:2670 <-> DISABLED <-> SERVER-WEBAPP pgpmail.pl access (server-webapp.rules)
 * 1:2669 <-> DISABLED <-> SERVER-WEBAPP ibillpm.pl access (server-webapp.rules)
 * 1:2668 <-> DISABLED <-> SERVER-WEBAPP processit access (server-webapp.rules)
 * 1:2667 <-> DISABLED <-> SERVER-IIS ping.asp access (server-iis.rules)
 * 1:2666 <-> DISABLED <-> PROTOCOL-POP PASS format string attempt (protocol-pop.rules)
 * 1:2665 <-> ENABLED <-> PROTOCOL-IMAP login literal format string attempt (protocol-imap.rules)
 * 1:2664 <-> DISABLED <-> PROTOCOL-IMAP login format string attempt (protocol-imap.rules)
 * 1:2663 <-> DISABLED <-> SERVER-WEBAPP WhatsUpGold instancename overflow attempt (server-webapp.rules)
 * 1:2657 <-> DISABLED <-> SERVER-WEBAPP SSLv2 Client_Hello with pad Challenge Length overflow attempt (server-webapp.rules)
 * 1:2656 <-> DISABLED <-> SERVER-WEBAPP SSLv2 Client_Hello Challenge Length overflow attempt (server-webapp.rules)
 * 1:2655 <-> DISABLED <-> SERVER-OTHER HP Web JetAdmin ExecuteFile admin access (server-other.rules)
 * 1:2654 <-> DISABLED <-> SERVER-WEBAPP PHPNuke Forum viewtopic SQL insertion attempt (server-webapp.rules)
 * 1:2652 <-> DISABLED <-> SERVER-ORACLE dbms_offline_og.begin_load buffer overflow attempt (server-oracle.rules)
 * 1:2651 <-> DISABLED <-> SERVER-ORACLE NUMTODSINTERVAL/NUMTOYMINTERVAL buffer overflow attempt (server-oracle.rules)
 * 1:2650 <-> DISABLED <-> SERVER-ORACLE user name buffer overflow attempt (server-oracle.rules)
 * 1:2649 <-> DISABLED <-> SERVER-ORACLE Oracle 9i TNS Listener SERVICE_NAME Remote Buffer Overflow attempt (server-oracle.rules)
 * 1:2645 <-> DISABLED <-> SERVER-ORACLE dbms_repcat_instantiate.instantiate_offline buffer overflow attempt (server-oracle.rules)
 * 1:2644 <-> DISABLED <-> SERVER-ORACLE from_tz buffer overflow attempt (server-oracle.rules)
 * 1:2643 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_fla.ensure_not_published buffer overflow attempt (server-oracle.rules)
 * 1:2641 <-> DISABLED <-> SERVER-ORACLE dbms_repcat_instantiate.drop_site_instantiation buffer overflow attempt (server-oracle.rules)
 * 1:2639 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.drop_mview_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2637 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.drop_master_repobject buffer overflow attempt (server-oracle.rules)
 * 1:2633 <-> DISABLED <-> SERVER-ORACLE sys.dbms_rectifier_diff.rectify buffer overflow attempt (server-oracle.rules)
 * 1:2629 <-> DISABLED <-> SERVER-ORACLE dbms_repcat_admin.register_user_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2627 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.repcat_import_check buffer overflow attempt (server-oracle.rules)
 * 1:2626 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.send_old_values buffer overflow attempt (server-oracle.rules)
 * 1:2624 <-> DISABLED <-> SERVER-ORACLE dbms_repcat_admin.unregister_user_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2621 <-> DISABLED <-> SERVER-ORACLE dbms_repcat_sna_utl.register_flavor_change buffer overflow attempt (server-oracle.rules)
 * 1:25918 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:25919 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:25916 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:25917 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:25914 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:25915 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:25913 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:25909 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:25908 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:2619 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.alter_master_repobject buffer overflow attempt (server-oracle.rules)
 * 1:2617 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat.alter_mview_propagation buffer overflow attempt (server-oracle.rules)
 * 1:2615 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_auth.grant_surrogate_repcat buffer overflow attempt (server-oracle.rules)
 * 1:2612 <-> DISABLED <-> SERVER-ORACLE sys.dbms_repcat_auth.revoke_surrogate_repcat buffer overflow attempt (server-oracle.rules)
 * 1:2614 <-> DISABLED <-> SERVER-ORACLE time_zone buffer overflow attempt (server-oracle.rules)
 * 1:26118 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Agent variant outbound connection (malware-cnc.rules)
 * 1:2611 <-> DISABLED <-> SERVER-ORACLE LINK metadata buffer overflow attempt (server-oracle.rules)
 * 1:2609 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.cancel_statistics buffer overflow attempt (server-oracle.rules)
 * 1:2608 <-> DISABLED <-> SERVER-ORACLE sysdbms_repcat_rgt.check_ddl_text buffer overflow attempt (server-oracle.rules)
 * 1:2606 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.comment_on_repobject buffer overflow attempt (server-oracle.rules)
 * 1:2605 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.compare_old_values buffer overflow attempt (server-oracle.rules)
 * 1:2603 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.create_mview_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:26010 <-> ENABLED <-> MALWARE-CNC CNC Dirtjumper outbound connection (malware-cnc.rules)
 * 1:2601 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.drop_master_repgroup buffer overflow attempt (server-oracle.rules)
 * 1:2599 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.add_grouped_column buffer overflow attempt (server-oracle.rules)
 * 1:2598 <-> DISABLED <-> SERVER-WEBAPP Samba SWAT Authorization port 901 overflow attempt (server-webapp.rules)
 * 1:2597 <-> DISABLED <-> SERVER-WEBAPP Samba SWAT Authorization overflow attempt (server-webapp.rules)
 * 1:25924 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:25927 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:25926 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:25910 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:25925 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:25912 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:25923 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:25911 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:25922 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:25921 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:25920 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:1000 <-> DISABLED <-> SERVER-IIS bdir.htr access (server-iis.rules)
 * 1:1001 <-> DISABLED <-> SERVER-WEBAPP carbo.dll access (server-webapp.rules)
 * 1:1002 <-> ENABLED <-> SERVER-IIS cmd.exe access (server-iis.rules)
 * 1:1003 <-> DISABLED <-> SERVER-IIS cmd? access (server-iis.rules)
 * 1:1004 <-> DISABLED <-> SERVER-IIS codebrowser Exair access (server-iis.rules)
 * 1:1005 <-> DISABLED <-> SERVER-IIS codebrowser SDK access (server-iis.rules)
 * 1:1007 <-> DISABLED <-> SERVER-IIS Form_JScript.asp access (server-iis.rules)
 * 1:1008 <-> DISABLED <-> SERVER-IIS del attempt (server-iis.rules)
 * 1:1009 <-> DISABLED <-> SERVER-IIS directory listing (server-iis.rules)
 * 1:1010 <-> DISABLED <-> SERVER-IIS encoding access (server-iis.rules)
 * 1:1011 <-> DISABLED <-> SERVER-IIS exec-src access (server-iis.rules)
 * 1:1012 <-> DISABLED <-> SERVER-IIS fpcount attempt (server-iis.rules)
 * 1:1013 <-> DISABLED <-> SERVER-IIS fpcount access (server-iis.rules)
 * 1:1015 <-> DISABLED <-> SERVER-IIS getdrvs.exe access (server-iis.rules)
 * 1:1016 <-> DISABLED <-> SERVER-IIS global.asa access (server-iis.rules)
 * 1:1017 <-> DISABLED <-> SERVER-IIS idc-srch attempt (server-iis.rules)
 * 1:1018 <-> DISABLED <-> SERVER-IIS iisadmpwd attempt (server-iis.rules)
 * 1:1019 <-> DISABLED <-> SERVER-IIS Malformed Hit-Highlighting Argument File Access Attempt (server-iis.rules)
 * 1:1020 <-> DISABLED <-> SERVER-IIS isc$data attempt (server-iis.rules)
 * 1:1021 <-> DISABLED <-> SERVER-IIS ism.dll attempt (server-iis.rules)
 * 1:1022 <-> DISABLED <-> SERVER-IIS jet vba access (server-iis.rules)
 * 1:1023 <-> DISABLED <-> SERVER-IIS msadcs.dll access (server-iis.rules)
 * 1:1024 <-> DISABLED <-> SERVER-IIS newdsn.exe access (server-iis.rules)
 * 1:1025 <-> DISABLED <-> SERVER-IIS perl access (server-iis.rules)
 * 1:1026 <-> DISABLED <-> SERVER-IIS perl-browse newline attempt (server-iis.rules)
 * 1:1027 <-> DISABLED <-> SERVER-IIS perl-browse space attempt (server-iis.rules)
 * 1:1028 <-> DISABLED <-> SERVER-IIS query.asp access (server-iis.rules)
 * 1:1029 <-> DISABLED <-> SERVER-IIS scripts-browse access (server-iis.rules)
 * 1:1030 <-> DISABLED <-> SERVER-IIS search97.vts access (server-iis.rules)
 * 1:1031 <-> DISABLED <-> SERVER-IIS /SiteServer/Publishing/viewcode.asp access (server-iis.rules)
 * 1:1032 <-> DISABLED <-> SERVER-IIS showcode access (server-iis.rules)
 * 1:1033 <-> DISABLED <-> SERVER-IIS viewcode access (server-iis.rules)
 * 1:1034 <-> DISABLED <-> SERVER-IIS viewcode access (server-iis.rules)
 * 1:1035 <-> DISABLED <-> SERVER-IIS viewcode access (server-iis.rules)
 * 1:1036 <-> DISABLED <-> SERVER-IIS viewcode access (server-iis.rules)
 * 1:1037 <-> DISABLED <-> SERVER-IIS showcode.asp access (server-iis.rules)
 * 1:1038 <-> DISABLED <-> SERVER-IIS site server config access (server-iis.rules)
 * 1:1039 <-> DISABLED <-> SERVER-IIS srch.htm access (server-iis.rules)
 * 1:1040 <-> DISABLED <-> SERVER-IIS srchadm access (server-iis.rules)
 * 1:1041 <-> DISABLED <-> SERVER-IIS uploadn.asp access (server-iis.rules)
 * 1:1042 <-> DISABLED <-> SERVER-IIS view source via translate header (server-iis.rules)
 * 1:1043 <-> DISABLED <-> SERVER-IIS viewcode.asp access (server-iis.rules)
 * 1:1044 <-> DISABLED <-> SERVER-IIS webhits access (server-iis.rules)
 * 1:1045 <-> DISABLED <-> SERVER-IIS Unauthorized IP Access Attempt (server-iis.rules)
 * 1:1046 <-> DISABLED <-> SERVER-IIS site/iisamples access (server-iis.rules)
 * 1:1047 <-> DISABLED <-> SERVER-WEBAPP Netscape Enterprise DOS (server-webapp.rules)
 * 1:1048 <-> DISABLED <-> SERVER-WEBAPP Netscape Enterprise directory listing attempt (server-webapp.rules)
 * 1:1050 <-> DISABLED <-> SERVER-WEBAPP iPlanet GETPROPERTIES attempt (server-webapp.rules)
 * 1:1051 <-> DISABLED <-> FILE-OTHER technote main.cgi file directory traversal attempt (file-other.rules)
 * 1:1052 <-> DISABLED <-> SERVER-WEBAPP technote print.cgi directory traversal attempt (server-webapp.rules)
 * 1:1053 <-> DISABLED <-> SERVER-WEBAPP ads.cgi command execution attempt (server-webapp.rules)
 * 1:1054 <-> DISABLED <-> SERVER-WEBAPP weblogic/tomcat .jsp view source attempt (server-webapp.rules)
 * 1:1056 <-> DISABLED <-> SERVER-APACHE Apache Tomcat view source attempt (server-apache.rules)
 * 1:1057 <-> DISABLED <-> SQL ftp attempt (sql.rules)
 * 1:1058 <-> DISABLED <-> SQL xp_enumdsn attempt (sql.rules)
 * 1:1059 <-> DISABLED <-> SQL xp_filelist attempt (sql.rules)
 * 1:1060 <-> DISABLED <-> SQL xp_availablemedia attempt (sql.rules)
 * 1:1061 <-> DISABLED <-> SQL xp_cmdshell attempt (sql.rules)
 * 1:1062 <-> DISABLED <-> SERVER-WEBAPP nc.exe attempt (server-webapp.rules)
 * 1:1064 <-> DISABLED <-> SERVER-WEBAPP wsh attempt (server-webapp.rules)
 * 1:1065 <-> DISABLED <-> SERVER-WEBAPP rcmd attempt (server-webapp.rules)
 * 1:1066 <-> DISABLED <-> SERVER-WEBAPP telnet attempt (server-webapp.rules)
 * 1:1067 <-> DISABLED <-> SERVER-WEBAPP net attempt (server-webapp.rules)
 * 1:1068 <-> DISABLED <-> SERVER-WEBAPP tftp attempt (server-webapp.rules)
 * 1:1069 <-> DISABLED <-> SQL xp_regread attempt (sql.rules)
 * 1:1070 <-> DISABLED <-> SERVER-WEBAPP WebDAV search access (server-webapp.rules)
 * 1:1071 <-> DISABLED <-> SERVER-WEBAPP .htpasswd access (server-webapp.rules)
 * 1:1072 <-> DISABLED <-> SERVER-WEBAPP Lotus Domino directory traversal (server-webapp.rules)
 * 1:1073 <-> DISABLED <-> SERVER-WEBAPP webhits.exe access (server-webapp.rules)
 * 1:1075 <-> DISABLED <-> SERVER-IIS postinfo.asp access (server-iis.rules)
 * 1:1076 <-> DISABLED <-> SERVER-IIS repost.asp access (server-iis.rules)
 * 1:1077 <-> DISABLED <-> SQL queryhit.htm access (sql.rules)
 * 1:1078 <-> DISABLED <-> SQL counter.exe access (sql.rules)
 * 1:1079 <-> DISABLED <-> OS-WINDOWS Microsoft Windows WebDAV propfind access (os-windows.rules)
 * 1:1080 <-> DISABLED <-> SERVER-WEBAPP unify eWave ServletExec upload (server-webapp.rules)
 * 1:1081 <-> DISABLED <-> SERVER-WEBAPP Netscape Servers suite DOS (server-webapp.rules)
 * 1:1082 <-> DISABLED <-> SERVER-WEBAPP amazon 1-click cookie theft (server-webapp.rules)
 * 1:1083 <-> DISABLED <-> SERVER-WEBAPP unify eWave ServletExec DOS (server-webapp.rules)
 * 1:1084 <-> DISABLED <-> SERVER-WEBAPP Allaire JRUN DOS attempt (server-webapp.rules)
 * 1:1085 <-> DISABLED <-> SERVER-WEBAPP strings overflow (server-webapp.rules)
 * 1:1086 <-> DISABLED <-> SERVER-WEBAPP strings overflow (server-webapp.rules)
 * 1:1088 <-> DISABLED <-> SERVER-WEBAPP eXtropia webstore directory traversal (server-webapp.rules)
 * 1:1089 <-> DISABLED <-> SERVER-WEBAPP shopping cart directory traversal (server-webapp.rules)
 * 1:1090 <-> DISABLED <-> SERVER-WEBAPP Allaire Pro Web Shell attempt (server-webapp.rules)
 * 1:1091 <-> DISABLED <-> SERVER-WEBAPP ICQ Webfront HTTP DOS (server-webapp.rules)
 * 1:1092 <-> DISABLED <-> SERVER-WEBAPP Armada Style Master Index directory traversal (server-webapp.rules)
 * 1:1093 <-> DISABLED <-> SERVER-WEBAPP cached_feed.cgi moreover shopping cart directory traversal (server-webapp.rules)
 * 1:1095 <-> DISABLED <-> SERVER-WEBAPP Talentsoft Web+ Source Code view access (server-webapp.rules)
 * 1:1096 <-> DISABLED <-> SERVER-WEBAPP Talentsoft Web+ internal IP Address access (server-webapp.rules)
 * 1:1097 <-> DISABLED <-> SERVER-WEBAPP Talentsoft Web+ exploit attempt (server-webapp.rules)
 * 1:1098 <-> DISABLED <-> SERVER-WEBAPP SmartWin CyberOffice Shopping Cart access (server-webapp.rules)
 * 1:1099 <-> DISABLED <-> SERVER-WEBAPP cybercop scan (server-webapp.rules)
 * 1:1100 <-> DISABLED <-> SCAN L3retriever HTTP Probe (scan.rules)
 * 1:1101 <-> DISABLED <-> SCAN Webtrends HTTP probe (scan.rules)
 * 1:1102 <-> DISABLED <-> SERVER-WEBAPP nessus 1.X 404 probe (server-webapp.rules)
 * 1:1103 <-> DISABLED <-> SERVER-WEBAPP Netscape admin passwd (server-webapp.rules)
 * 1:1105 <-> DISABLED <-> SERVER-WEBAPP BigBrother access (server-webapp.rules)
 * 1:1106 <-> DISABLED <-> SERVER-WEBAPP Poll-it access (server-webapp.rules)
 * 1:1107 <-> DISABLED <-> SERVER-WEBAPP ftp.pl access (server-webapp.rules)
 * 1:1108 <-> DISABLED <-> SERVER-APACHE Apache Tomcat server snoop access (server-apache.rules)
 * 1:1109 <-> DISABLED <-> SERVER-WEBAPP ROXEN directory list attempt (server-webapp.rules)
 * 1:1110 <-> DISABLED <-> SERVER-WEBAPP apache source.asp file access (server-webapp.rules)
 * 1:1111 <-> DISABLED <-> SERVER-APACHE Apache Tomcat server exploit access (server-apache.rules)
 * 1:1115 <-> DISABLED <-> SERVER-WEBAPP ICQ webserver DOS (server-webapp.rules)
 * 1:1116 <-> DISABLED <-> SERVER-WEBAPP Lotus DelDoc attempt (server-webapp.rules)
 * 1:1117 <-> DISABLED <-> SERVER-WEBAPP Lotus EditDoc attempt (server-webapp.rules)
 * 1:1118 <-> DISABLED <-> SERVER-WEBAPP ls%20-l (server-webapp.rules)
 * 1:1119 <-> DISABLED <-> SERVER-WEBAPP mlog.phtml access (server-webapp.rules)
 * 1:1120 <-> DISABLED <-> SERVER-WEBAPP mylog.phtml access (server-webapp.rules)
 * 1:1122 <-> DISABLED <-> SERVER-WEBAPP /etc/passwd file access attempt (server-webapp.rules)
 * 1:1123 <-> DISABLED <-> SERVER-WEBAPP ?PageServices access (server-webapp.rules)
 * 1:1124 <-> DISABLED <-> SERVER-WEBAPP Ecommerce check.txt access (server-webapp.rules)
 * 1:1125 <-> DISABLED <-> SERVER-WEBAPP webcart access (server-webapp.rules)
 * 1:1126 <-> DISABLED <-> SERVER-WEBAPP AuthChangeUrl access (server-webapp.rules)
 * 1:1127 <-> DISABLED <-> SERVER-WEBAPP convert.bas access (server-webapp.rules)
 * 1:1128 <-> DISABLED <-> SERVER-WEBAPP cpshost.dll access (server-webapp.rules)
 * 1:1129 <-> DISABLED <-> SERVER-WEBAPP .htaccess access (server-webapp.rules)
 * 1:1130 <-> DISABLED <-> SERVER-WEBAPP .wwwacl access (server-webapp.rules)
 * 1:1131 <-> DISABLED <-> SERVER-WEBAPP .wwwacl access (server-webapp.rules)
 * 1:1132 <-> DISABLED <-> SERVER-WEBAPP Netscape Unixware overflow (server-webapp.rules)
 * 1:1133 <-> DISABLED <-> SCAN cybercop os probe (scan.rules)
 * 1:1134 <-> DISABLED <-> SERVER-WEBAPP Phorum admin access (server-webapp.rules)
 * 1:1136 <-> DISABLED <-> SERVER-WEBAPP cd.. (server-webapp.rules)
 * 1:1137 <-> DISABLED <-> SERVER-WEBAPP Phorum authentication access (server-webapp.rules)
 * 1:1139 <-> DISABLED <-> SERVER-WEBAPP whisker HEAD/./ (server-webapp.rules)
 * 1:1140 <-> DISABLED <-> SERVER-WEBAPP guestbook.pl access (server-webapp.rules)
 * 1:1141 <-> DISABLED <-> SERVER-WEBAPP handler access (server-webapp.rules)
 * 1:1142 <-> DISABLED <-> SERVER-WEBAPP /.... access (server-webapp.rules)
 * 1:1145 <-> DISABLED <-> SERVER-WEBAPP /~root access (server-webapp.rules)
 * 1:1146 <-> DISABLED <-> SERVER-WEBAPP Ecommerce import.txt access (server-webapp.rules)
 * 1:1147 <-> DISABLED <-> SERVER-WEBAPP cat%20 access (server-webapp.rules)
 * 1:1148 <-> DISABLED <-> SERVER-WEBAPP Ecommerce import.txt access (server-webapp.rules)
 * 1:1149 <-> DISABLED <-> SERVER-WEBAPP count.cgi access (server-webapp.rules)
 * 1:1150 <-> DISABLED <-> SERVER-WEBAPP Domino catalog.nsf access (server-webapp.rules)
 * 1:1151 <-> DISABLED <-> SERVER-WEBAPP Domino domcfg.nsf access (server-webapp.rules)
 * 1:1152 <-> DISABLED <-> SERVER-WEBAPP Domino domlog.nsf access (server-webapp.rules)
 * 1:1153 <-> DISABLED <-> SERVER-WEBAPP Domino log.nsf access (server-webapp.rules)
 * 1:1154 <-> DISABLED <-> SERVER-WEBAPP Domino names.nsf access (server-webapp.rules)
 * 1:1155 <-> DISABLED <-> SERVER-WEBAPP Ecommerce checks.txt access (server-webapp.rules)
 * 1:1156 <-> DISABLED <-> SERVER-WEBAPP apache directory disclosure attempt (server-webapp.rules)
 * 1:1157 <-> DISABLED <-> SERVER-WEBAPP Netscape PublishingXpert access (server-webapp.rules)
 * 1:1158 <-> DISABLED <-> SERVER-WEBAPP windmail.exe access (server-webapp.rules)
 * 1:1159 <-> DISABLED <-> SERVER-WEBAPP webplus access (server-webapp.rules)
 * 1:1160 <-> DISABLED <-> SERVER-WEBAPP Netscape dir index wp (server-webapp.rules)
 * 1:1161 <-> DISABLED <-> SERVER-WEBAPP piranha passwd.php3 access (server-webapp.rules)
 * 1:1162 <-> DISABLED <-> SERVER-WEBAPP cart 32 AdminPwd access (server-webapp.rules)
 * 1:1163 <-> DISABLED <-> SERVER-WEBAPP webdist.cgi access (server-webapp.rules)
 * 1:1164 <-> DISABLED <-> SERVER-WEBAPP shopping cart access (server-webapp.rules)
 * 1:1165 <-> DISABLED <-> SERVER-WEBAPP Novell Groupwise gwweb.exe access (server-webapp.rules)
 * 1:1166 <-> DISABLED <-> SERVER-WEBAPP ws_ftp.ini access (server-webapp.rules)
 * 1:1167 <-> DISABLED <-> SERVER-WEBAPP rpm_query access (server-webapp.rules)
 * 1:1168 <-> DISABLED <-> SERVER-WEBAPP mall log order access (server-webapp.rules)
 * 1:1172 <-> DISABLED <-> SERVER-WEBAPP bigconf.cgi access (server-webapp.rules)
 * 1:1173 <-> DISABLED <-> SERVER-WEBAPP architext_query.pl access (server-webapp.rules)
 * 1:1174 <-> DISABLED <-> SERVER-WEBAPP /cgi-bin/jj access (server-webapp.rules)
 * 1:1175 <-> DISABLED <-> SERVER-WEBAPP wwwboard.pl access (server-webapp.rules)
 * 1:1177 <-> DISABLED <-> SERVER-WEBAPP Netscape Enterprise Server directory view (server-webapp.rules)
 * 1:1178 <-> DISABLED <-> SERVER-WEBAPP Phorum read access (server-webapp.rules)
 * 1:1179 <-> DISABLED <-> SERVER-WEBAPP Phorum violation access (server-webapp.rules)
 * 1:1180 <-> DISABLED <-> SERVER-WEBAPP get32.exe access (server-webapp.rules)
 * 1:1181 <-> DISABLED <-> SERVER-WEBAPP Annex Terminal DOS attempt (server-webapp.rules)
 * 1:1183 <-> DISABLED <-> SERVER-WEBAPP Netscape Enterprise Server directory view (server-webapp.rules)
 * 1:1184 <-> DISABLED <-> SERVER-WEBAPP Netscape Enterprise Server directory view (server-webapp.rules)
 * 1:1185 <-> DISABLED <-> SERVER-WEBAPP bizdbsearch attempt (server-webapp.rules)
 * 1:1186 <-> DISABLED <-> SERVER-WEBAPP Netscape Enterprise Server directory view (server-webapp.rules)
 * 1:1187 <-> DISABLED <-> SERVER-WEBAPP SalesLogix Eviewer web command attempt (server-webapp.rules)
 * 1:1188 <-> DISABLED <-> SERVER-WEBAPP Netscape Enterprise Server directory view (server-webapp.rules)
 * 1:1189 <-> DISABLED <-> SERVER-WEBAPP Netscape Enterprise Server directory view (server-webapp.rules)
 * 1:1190 <-> DISABLED <-> SERVER-WEBAPP Netscape Enterprise Server directory view (server-webapp.rules)
 * 1:1191 <-> DISABLED <-> SERVER-WEBAPP Netscape Enterprise Server directory view (server-webapp.rules)
 * 1:1192 <-> DISABLED <-> SERVER-WEBAPP Trend Micro OfficeScan access (server-webapp.rules)
 * 1:1193 <-> DISABLED <-> SERVER-WEBAPP oracle web arbitrary command execution attempt (server-webapp.rules)
 * 1:1194 <-> DISABLED <-> SERVER-WEBAPP sojourn.cgi File attempt (server-webapp.rules)
 * 1:1195 <-> DISABLED <-> SERVER-WEBAPP sojourn.cgi access (server-webapp.rules)
 * 1:1196 <-> DISABLED <-> SERVER-WEBAPP SGI InfoSearch fname attempt (server-webapp.rules)
 * 1:1197 <-> DISABLED <-> SERVER-WEBAPP Phorum code access (server-webapp.rules)
 * 1:1198 <-> DISABLED <-> SERVER-WEBAPP Netscape Enterprise Server directory view (server-webapp.rules)
 * 1:1199 <-> DISABLED <-> SERVER-WEBAPP Compaq Insight directory traversal (server-webapp.rules)
 * 1:1200 <-> DISABLED <-> INDICATOR-COMPROMISE Invalid URL (indicator-compromise.rules)
 * 1:1201 <-> DISABLED <-> INDICATOR-COMPROMISE 403 Forbidden (indicator-compromise.rules)
 * 1:1202 <-> DISABLED <-> SERVER-WEBAPP search.vts access (server-webapp.rules)
 * 1:1204 <-> DISABLED <-> SERVER-WEBAPP ax-admin.cgi access (server-webapp.rules)
 * 1:1205 <-> DISABLED <-> SERVER-WEBAPP axs.cgi access (server-webapp.rules)
 * 1:1206 <-> DISABLED <-> SERVER-WEBAPP cachemgr.cgi access (server-webapp.rules)
 * 1:1207 <-> DISABLED <-> SERVER-WEBAPP htgrep access (server-webapp.rules)
 * 1:1208 <-> DISABLED <-> SERVER-WEBAPP responder.cgi access (server-webapp.rules)
 * 1:1209 <-> DISABLED <-> SERVER-WEBAPP .nsconfig access (server-webapp.rules)
 * 1:1211 <-> DISABLED <-> SERVER-WEBAPP web-map.cgi access (server-webapp.rules)
 * 1:1212 <-> DISABLED <-> SERVER-WEBAPP Admin_files access (server-webapp.rules)
 * 1:1213 <-> DISABLED <-> SERVER-WEBAPP backup access (server-webapp.rules)
 * 1:1214 <-> DISABLED <-> SERVER-WEBAPP intranet access (server-webapp.rules)
 * 1:1215 <-> DISABLED <-> SERVER-WEBAPP ministats admin access (server-webapp.rules)
 * 1:1216 <-> DISABLED <-> SERVER-WEBAPP filemail access (server-webapp.rules)
 * 1:1217 <-> DISABLED <-> SERVER-WEBAPP plusmail access (server-webapp.rules)
 * 1:1218 <-> DISABLED <-> SERVER-WEBAPP adminlogin access (server-webapp.rules)
 * 1:1219 <-> DISABLED <-> SERVER-WEBAPP dfire.cgi access (server-webapp.rules)
 * 1:1220 <-> DISABLED <-> SERVER-WEBAPP ultraboard access (server-webapp.rules)
 * 1:1221 <-> DISABLED <-> SERVER-WEBAPP Muscat Empower cgi access (server-webapp.rules)
 * 1:1222 <-> DISABLED <-> SERVER-WEBAPP pals-cgi arbitrary file access attempt (server-webapp.rules)
 * 1:1224 <-> DISABLED <-> SERVER-WEBAPP ROADS search.pl attempt (server-webapp.rules)
 * 1:1225 <-> DISABLED <-> X11 MIT Magic Cookie detected (x11.rules)
 * 1:1226 <-> DISABLED <-> X11 xopen (x11.rules)
 * 1:1229 <-> DISABLED <-> PROTOCOL-FTP CWD ... (protocol-ftp.rules)
 * 1:1230 <-> DISABLED <-> SERVER-WEBAPP VirusWall FtpSave access (server-webapp.rules)
 * 1:1231 <-> DISABLED <-> SERVER-WEBAPP VirusWall catinfo access (server-webapp.rules)
 * 1:1232 <-> DISABLED <-> SERVER-WEBAPP VirusWall catinfo access (server-webapp.rules)
 * 1:1234 <-> DISABLED <-> SERVER-WEBAPP VirusWall FtpSaveCSP access (server-webapp.rules)
 * 1:1235 <-> DISABLED <-> SERVER-WEBAPP VirusWall FtpSaveCVP access (server-webapp.rules)
 * 1:1239 <-> ENABLED <-> OS-WINDOWS RFParalyze Attempt (os-windows.rules)
 * 1:1240 <-> DISABLED <-> SERVER-OTHER MDBMS overflow (server-other.rules)
 * 1:1241 <-> DISABLED <-> SERVER-WEBAPP SWEditServlet directory traversal attempt (server-webapp.rules)
 * 1:1242 <-> DISABLED <-> SERVER-IIS ISAPI .ida access (server-iis.rules)
 * 1:1243 <-> DISABLED <-> SERVER-IIS ISAPI .ida attempt (server-iis.rules)
 * 1:1244 <-> DISABLED <-> SERVER-IIS ISAPI .idq attempt (server-iis.rules)
 * 1:1245 <-> DISABLED <-> SERVER-IIS ISAPI .idq access (server-iis.rules)
 * 1:1248 <-> DISABLED <-> SERVER-OTHER Microsoft Frontpage rad fp30reg.dll access (server-other.rules)
 * 1:1249 <-> DISABLED <-> SERVER-OTHER Microsoft Frontpage rad fp4areg.dll access (server-other.rules)
 * 1:1250 <-> DISABLED <-> SERVER-WEBAPP Cisco IOS HTTP configuration attempt (server-webapp.rules)
 * 1:1252 <-> DISABLED <-> TELNET bsd telnet exploit response (telnet.rules)
 * 1:1253 <-> DISABLED <-> TELNET bsd exploit client finishing (telnet.rules)
 * 1:1254 <-> DISABLED <-> SERVER-WEBAPP PHPLIB remote command attempt (server-webapp.rules)
 * 1:1255 <-> DISABLED <-> SERVER-WEBAPP PHPLIB remote command attempt (server-webapp.rules)
 * 1:1256 <-> DISABLED <-> SERVER-IIS CodeRed v2 root.exe access (server-iis.rules)
 * 1:1257 <-> DISABLED <-> DOS Winnuke attack (dos.rules)
 * 1:1259 <-> DISABLED <-> SERVER-WEBAPP SWEditServlet access (server-webapp.rules)
 * 1:1261 <-> DISABLED <-> SERVER-OTHER AIX pdnsd overflow (server-other.rules)
 * 1:1262 <-> DISABLED <-> RPC portmap admind request TCP (rpc.rules)
 * 1:1263 <-> DISABLED <-> RPC portmap amountd request TCP (rpc.rules)
 * 1:1264 <-> DISABLED <-> RPC portmap bootparam request TCP (rpc.rules)
 * 1:1265 <-> DISABLED <-> RPC portmap cmsd request TCP (rpc.rules)
 * 1:1267 <-> DISABLED <-> RPC portmap nisd request TCP (rpc.rules)
 * 1:1268 <-> DISABLED <-> RPC portmap pcnfsd request TCP (rpc.rules)
 * 1:1269 <-> DISABLED <-> RPC portmap rexd request TCP (rpc.rules)
 * 1:1270 <-> DISABLED <-> RPC portmap rstatd request TCP (rpc.rules)
 * 1:1271 <-> DISABLED <-> RPC portmap rusers request TCP (rpc.rules)
 * 1:1272 <-> DISABLED <-> RPC portmap sadmind request TCP (rpc.rules)
 * 1:1273 <-> DISABLED <-> RPC portmap selection_svc request TCP (rpc.rules)
 * 1:1274 <-> DISABLED <-> RPC portmap ttdbserv request TCP (rpc.rules)
 * 1:1275 <-> DISABLED <-> RPC portmap yppasswd request TCP (rpc.rules)
 * 1:1276 <-> DISABLED <-> RPC portmap ypserv request TCP (rpc.rules)
 * 1:1277 <-> DISABLED <-> RPC portmap ypupdated request UDP (rpc.rules)
 * 1:1279 <-> DISABLED <-> RPC portmap snmpXdmi request UDP (rpc.rules)
 * 1:1280 <-> DISABLED <-> RPC portmap listing UDP 111 (rpc.rules)
 * 1:1281 <-> DISABLED <-> RPC portmap listing UDP 32771 (rpc.rules)
 * 1:1283 <-> DISABLED <-> SERVER-IIS Microsoft Office Outlook web dos (server-iis.rules)
 * 1:1284 <-> DISABLED <-> WEB-CLIENT readme.eml download attempt (web-client.rules)
 * 1:1285 <-> DISABLED <-> SERVER-IIS msdac access (server-iis.rules)
 * 1:1286 <-> DISABLED <-> SERVER-IIS _mem_bin access (server-iis.rules)
 * 1:1288 <-> DISABLED <-> SERVER-OTHER Microsoft Frontpage /_vti_bin/ access (server-other.rules)
 * 1:1289 <-> DISABLED <-> TFTP GET Admin.dll (tftp.rules)
 * 1:1290 <-> DISABLED <-> WEB-CLIENT readme.eml autoload attempt (web-client.rules)
 * 1:1291 <-> DISABLED <-> SERVER-WEBAPP sml3com access (server-webapp.rules)
 * 1:1292 <-> DISABLED <-> INDICATOR-COMPROMISE directory listing (indicator-compromise.rules)
 * 1:1295 <-> DISABLED <-> INDICATOR-COMPROMISE nimda RICHED20.DLL (indicator-compromise.rules)
 * 1:1300 <-> DISABLED <-> SERVER-WEBAPP admin.php file upload attempt (server-webapp.rules)
 * 1:1301 <-> DISABLED <-> SERVER-WEBAPP admin.php access (server-webapp.rules)
 * 1:1302 <-> DISABLED <-> SERVER-WEBAPP console.exe access (server-webapp.rules)
 * 1:1303 <-> DISABLED <-> SERVER-WEBAPP cs.exe access (server-webapp.rules)
 * 1:1304 <-> DISABLED <-> SERVER-WEBAPP txt2html.cgi access (server-webapp.rules)
 * 1:1305 <-> DISABLED <-> SERVER-WEBAPP txt2html.cgi directory traversal attempt (server-webapp.rules)
 * 1:1306 <-> DISABLED <-> SERVER-WEBAPP store.cgi product directory traversal attempt (server-webapp.rules)
 * 1:1307 <-> DISABLED <-> SERVER-WEBAPP store.cgi access (server-webapp.rules)
 * 1:1308 <-> DISABLED <-> SERVER-WEBAPP sendmessage.cgi access (server-webapp.rules)
 * 1:1309 <-> DISABLED <-> SERVER-WEBAPP zsh access (server-webapp.rules)
 * 1:1323 <-> DISABLED <-> SERVER-OTHER rwhoisd format string attempt (server-other.rules)
 * 1:1324 <-> DISABLED <-> INDICATOR-SHELLCODE ssh CRC32 overflow /bin/sh (indicator-shellcode.rules)
 * 1:1325 <-> DISABLED <-> INDICATOR-SHELLCODE ssh CRC32 overflow filler (indicator-shellcode.rules)
 * 1:1326 <-> DISABLED <-> INDICATOR-SHELLCODE ssh CRC32 overflow NOOP (indicator-shellcode.rules)
 * 1:1327 <-> DISABLED <-> INDICATOR-SHELLCODE ssh CRC32 overflow (indicator-shellcode.rules)
 * 1:13552 <-> DISABLED <-> SERVER-OTHER Symantec VERITAS Storage Foundation Suite buffer overflow attempt (server-other.rules)
 * 1:1374 <-> DISABLED <-> SERVER-WEBAPP .htgroup access (server-webapp.rules)
 * 1:1375 <-> DISABLED <-> SERVER-WEBAPP sadmind worm access (server-webapp.rules)
 * 1:1376 <-> DISABLED <-> SERVER-WEBAPP jrun directory browse attempt (server-webapp.rules)
 * 1:1377 <-> DISABLED <-> PROTOCOL-FTP wu-ftp bad file completion attempt (protocol-ftp.rules)
 * 1:1378 <-> DISABLED <-> PROTOCOL-FTP wu-ftp bad file completion attempt (protocol-ftp.rules)
 * 1:1379 <-> DISABLED <-> PROTOCOL-FTP STAT overflow attempt (protocol-ftp.rules)
 * 1:1380 <-> DISABLED <-> SERVER-IIS Form_VBScript.asp access (server-iis.rules)
 * 1:1381 <-> DISABLED <-> SERVER-WEBAPP Trend Micro OfficeScan attempt (server-webapp.rules)
 * 1:1382 <-> DISABLED <-> EXPLOIT CHAT IRC Ettercap parse overflow attempt (exploit.rules)
 * 1:1384 <-> DISABLED <-> DOS UPnP malformed advertisement (dos.rules)
 * 1:1385 <-> DISABLED <-> SERVER-WEBAPP mod-plsql administration access (server-webapp.rules)
 * 1:1386 <-> DISABLED <-> SERVER-MSSQL raiserror possible buffer overflow (server-mssql.rules)
 * 1:1387 <-> DISABLED <-> SQL raiserror possible buffer overflow (sql.rules)
 * 1:1388 <-> DISABLED <-> OS-WINDOWS Microsoft Windows UPnP Location overflow attempt (os-windows.rules)
 * 1:1390 <-> DISABLED <-> INDICATOR-SHELLCODE x86 inc ebx NOOP (indicator-shellcode.rules)
 * 1:1392 <-> DISABLED <-> SERVER-WEBAPP lastlines.cgi access (server-webapp.rules)
 * 1:1393 <-> DISABLED <-> POLICY-SOCIAL AIM AddGame attempt (policy-social.rules)
 * 1:1394 <-> DISABLED <-> INDICATOR-SHELLCODE x86 inc ecx NOOP (indicator-shellcode.rules)
 * 1:1395 <-> DISABLED <-> SERVER-WEBAPP zml.cgi attempt (server-webapp.rules)
 * 1:1396 <-> DISABLED <-> SERVER-WEBAPP zml.cgi access (server-webapp.rules)
 * 1:1397 <-> DISABLED <-> SERVER-WEBAPP wayboard attempt (server-webapp.rules)
 * 1:1398 <-> DISABLED <-> SERVER-OTHER CDE dtspcd exploit attempt (server-other.rules)
 * 1:1399 <-> DISABLED <-> SERVER-WEBAPP PHP-Nuke remote file include attempt (server-webapp.rules)
 * 1:1400 <-> DISABLED <-> SERVER-IIS /scripts/samples/ access (server-iis.rules)
 * 1:1401 <-> DISABLED <-> SERVER-IIS /msadc/samples/ access (server-iis.rules)
 * 1:1402 <-> DISABLED <-> SERVER-IIS iissamples access (server-iis.rules)
 * 1:1405 <-> DISABLED <-> SERVER-WEBAPP AHG search.cgi access (server-webapp.rules)
 * 1:1406 <-> DISABLED <-> SERVER-WEBAPP agora.cgi access (server-webapp.rules)
 * 1:1407 <-> DISABLED <-> SERVER-WEBAPP smssend.php access (server-webapp.rules)
 * 1:1408 <-> DISABLED <-> DOS MSDTC attempt (dos.rules)
 * 1:1409 <-> DISABLED <-> SNMP community string buffer overflow attempt (snmp.rules)
 * 1:1410 <-> DISABLED <-> SERVER-WEBAPP dcboard.cgi access (server-webapp.rules)
 * 1:1411 <-> DISABLED <-> SNMP public access udp (snmp.rules)
 * 1:1412 <-> DISABLED <-> SNMP public access tcp (snmp.rules)
 * 1:1413 <-> DISABLED <-> SNMP private access udp (snmp.rules)
 * 1:1414 <-> DISABLED <-> SNMP private access tcp (snmp.rules)
 * 1:1415 <-> DISABLED <-> SNMP Broadcast request (snmp.rules)
 * 1:1416 <-> DISABLED <-> SNMP broadcast trap (snmp.rules)
 * 1:1417 <-> DISABLED <-> SNMP request udp (snmp.rules)
 * 1:1418 <-> DISABLED <-> SNMP request tcp (snmp.rules)
 * 1:1419 <-> DISABLED <-> SNMP trap udp (snmp.rules)
 * 1:1420 <-> DISABLED <-> SNMP trap tcp (snmp.rules)
 * 1:1421 <-> DISABLED <-> SNMP AgentX/tcp request (snmp.rules)
 * 1:1422 <-> DISABLED <-> SNMP community string buffer overflow attempt with evasion (snmp.rules)
 * 1:1423 <-> DISABLED <-> SERVER-WEBAPP content-disposition memchr overflow (server-webapp.rules)
 * 1:1425 <-> DISABLED <-> SERVER-WEBAPP content-disposition file upload attempt (server-webapp.rules)
 * 1:1426 <-> DISABLED <-> SNMP PROTOS test-suite-req-app attempt (snmp.rules)
 * 1:1427 <-> DISABLED <-> SNMP PROTOS test-suite-trap-app attempt (snmp.rules)
 * 1:1428 <-> DISABLED <-> POLICY-MULTIMEDIA audio galaxy keepalive (policy-multimedia.rules)
 * 1:1432 <-> DISABLED <-> PUA-P2P GNUTella client request (pua-p2p.rules)
 * 1:1433 <-> DISABLED <-> SERVER-WEBAPP .history access (server-webapp.rules)
 * 1:1434 <-> DISABLED <-> SERVER-WEBAPP .bash_history access (server-webapp.rules)
 * 1:1435 <-> DISABLED <-> DNS named authors attempt (dns.rules)
 * 1:1436 <-> DISABLED <-> POLICY-MULTIMEDIA Apple Quicktime User Agent access (policy-multimedia.rules)
 * 1:1437 <-> DISABLED <-> FILE-IDENTIFY Microsoft Windows Media download detected (file-identify.rules)
 * 1:1439 <-> DISABLED <-> POLICY-MULTIMEDIA Shoutcast playlist redirection (policy-multimedia.rules)
 * 1:1440 <-> DISABLED <-> POLICY-MULTIMEDIA Icecast playlist redirection (policy-multimedia.rules)
 * 1:1441 <-> DISABLED <-> TFTP GET nc.exe (tftp.rules)
 * 1:1442 <-> DISABLED <-> TFTP GET shadow (tftp.rules)
 * 1:1443 <-> DISABLED <-> TFTP GET passwd (tftp.rules)
 * 1:1444 <-> DISABLED <-> TFTP Get (tftp.rules)
 * 1:1445 <-> DISABLED <-> INDICATOR-COMPROMISE FTP file_id.diz access possible warez site (indicator-compromise.rules)
 * 1:1446 <-> DISABLED <-> SERVER-MAIL vrfy root (server-mail.rules)
 * 1:1447 <-> DISABLED <-> POLICY-OTHER Microsoft Windows Terminal server RDP attempt (policy-other.rules)
 * 1:1448 <-> DISABLED <-> POLICY-OTHER Microsoft Windows Terminal server request attempt (policy-other.rules)
 * 1:1450 <-> DISABLED <-> SERVER-MAIL Vintra Mailserver expn *@ (server-mail.rules)
 * 1:1451 <-> DISABLED <-> SERVER-WEBAPP NPH-maillist access (server-webapp.rules)
 * 1:1452 <-> DISABLED <-> SERVER-WEBAPP args.cmd access (server-webapp.rules)
 * 1:1453 <-> DISABLED <-> SERVER-WEBAPP AT-generated.cgi access (server-webapp.rules)
 * 1:1454 <-> DISABLED <-> SERVER-WEBAPP wwwwais access (server-webapp.rules)
 * 1:1455 <-> DISABLED <-> SERVER-WEBAPP calendar.pl access (server-webapp.rules)
 * 1:1456 <-> DISABLED <-> SERVER-WEBAPP calender_admin.pl access (server-webapp.rules)
 * 1:1457 <-> DISABLED <-> SERVER-WEBAPP user_update_admin.pl access (server-webapp.rules)
 * 1:1458 <-> DISABLED <-> SERVER-WEBAPP user_update_passwd.pl access (server-webapp.rules)
 * 1:1459 <-> DISABLED <-> SERVER-WEBAPP bb-histlog.sh access (server-webapp.rules)
 * 1:1460 <-> DISABLED <-> SERVER-WEBAPP bb-histsvc.sh access (server-webapp.rules)
 * 1:1461 <-> DISABLED <-> SERVER-WEBAPP bb-rep.sh access (server-webapp.rules)
 * 1:1462 <-> DISABLED <-> SERVER-WEBAPP bb-replog.sh access (server-webapp.rules)
 * 1:1463 <-> DISABLED <-> POLICY-SOCIAL IRC message (policy-social.rules)
 * 1:1464 <-> DISABLED <-> INDICATOR-COMPROMISE oracle one hour install (indicator-compromise.rules)
 * 1:1465 <-> DISABLED <-> SERVER-WEBAPP auktion.cgi access (server-webapp.rules)
 * 1:1466 <-> DISABLED <-> SERVER-WEBAPP cgiforum.pl access (server-webapp.rules)
 * 1:1467 <-> DISABLED <-> SERVER-WEBAPP directorypro.cgi access (server-webapp.rules)
 * 1:1468 <-> DISABLED <-> SERVER-WEBAPP Web Shopper shopper.cgi attempt (server-webapp.rules)
 * 1:1469 <-> DISABLED <-> SERVER-WEBAPP Web Shopper shopper.cgi access (server-webapp.rules)
 * 1:1470 <-> DISABLED <-> SERVER-WEBAPP listrec.pl access (server-webapp.rules)
 * 1:1471 <-> DISABLED <-> SERVER-WEBAPP mailnews.cgi access (server-webapp.rules)
 * 1:1472 <-> DISABLED <-> SERVER-WEBAPP book.cgi access (server-webapp.rules)
 * 1:1473 <-> DISABLED <-> SERVER-WEBAPP newsdesk.cgi access (server-webapp.rules)
 * 1:1474 <-> DISABLED <-> SERVER-WEBAPP cal_make.pl access (server-webapp.rules)
 * 1:1475 <-> DISABLED <-> SERVER-WEBAPP mailit.pl access (server-webapp.rules)
 * 1:1476 <-> DISABLED <-> SERVER-WEBAPP sdbsearch.cgi access (server-webapp.rules)
 * 1:1478 <-> DISABLED <-> SERVER-WEBAPP swc access (server-webapp.rules)
 * 1:1479 <-> DISABLED <-> SERVER-WEBAPP ttawebtop.cgi arbitrary file attempt (server-webapp.rules)
 * 1:1480 <-> DISABLED <-> SERVER-WEBAPP ttawebtop.cgi access (server-webapp.rules)
 * 1:1481 <-> DISABLED <-> SERVER-WEBAPP upload.cgi access (server-webapp.rules)
 * 1:1482 <-> DISABLED <-> SERVER-WEBAPP view_source access (server-webapp.rules)
 * 1:1483 <-> DISABLED <-> SERVER-WEBAPP ustorekeeper.pl access (server-webapp.rules)
 * 1:1485 <-> DISABLED <-> SERVER-IIS mkilog.exe access (server-iis.rules)
 * 1:1486 <-> DISABLED <-> SERVER-IIS ctss.idc access (server-iis.rules)
 * 1:1487 <-> DISABLED <-> SERVER-IIS /iisadmpwd/aexp2.htr access (server-iis.rules)
 * 1:1488 <-> DISABLED <-> SERVER-WEBAPP store.cgi directory traversal attempt (server-webapp.rules)
 * 1:1489 <-> DISABLED <-> SERVER-WEBAPP /~nobody access (server-webapp.rules)
 * 1:1490 <-> DISABLED <-> SERVER-WEBAPP Phorum /support/common.php attempt (server-webapp.rules)
 * 1:1491 <-> DISABLED <-> SERVER-WEBAPP Phorum /support/common.php access (server-webapp.rules)
 * 1:1492 <-> DISABLED <-> SERVER-WEBAPP RBS ISP /newuser  directory traversal attempt (server-webapp.rules)
 * 1:1493 <-> DISABLED <-> SERVER-WEBAPP RBS ISP /newuser access (server-webapp.rules)
 * 1:1494 <-> DISABLED <-> SERVER-WEBAPP SIX webboard generate.cgi attempt (server-webapp.rules)
 * 1:1495 <-> DISABLED <-> SERVER-WEBAPP SIX webboard generate.cgi access (server-webapp.rules)
 * 1:1496 <-> DISABLED <-> SERVER-WEBAPP spin_client.cgi access (server-webapp.rules)
 * 1:1499 <-> DISABLED <-> SERVER-WEBAPP SiteScope Service access (server-webapp.rules)
 * 1:1500 <-> DISABLED <-> SERVER-WEBAPP ExAir access (server-webapp.rules)
 * 1:1501 <-> DISABLED <-> SERVER-WEBAPP a1stats a1disp3.cgi directory traversal attempt (server-webapp.rules)
 * 1:1502 <-> DISABLED <-> SERVER-WEBAPP a1stats a1disp3.cgi access (server-webapp.rules)
 * 1:1503 <-> DISABLED <-> SERVER-WEBAPP admentor admin.asp access (server-webapp.rules)
 * 1:1504 <-> DISABLED <-> POLICY-OTHER AFS access (policy-other.rules)
 * 1:1505 <-> DISABLED <-> SERVER-WEBAPP alchemy http server PRN arbitrary command execution attempt (server-webapp.rules)
 * 1:1506 <-> DISABLED <-> SERVER-WEBAPP alchemy http server NUL arbitrary command execution attempt (server-webapp.rules)
 * 1:1507 <-> DISABLED <-> SERVER-WEBAPP alibaba.pl arbitrary command execution attempt (server-webapp.rules)
 * 1:1508 <-> DISABLED <-> SERVER-WEBAPP alibaba.pl access (server-webapp.rules)
 * 1:1509 <-> DISABLED <-> SERVER-WEBAPP AltaVista Intranet Search directory traversal attempt (server-webapp.rules)
 * 1:1510 <-> DISABLED <-> SERVER-WEBAPP test.bat arbitrary command execution attempt (server-webapp.rules)
 * 1:1511 <-> DISABLED <-> SERVER-WEBAPP test.bat access (server-webapp.rules)
 * 1:1512 <-> DISABLED <-> SERVER-WEBAPP input.bat arbitrary command execution attempt (server-webapp.rules)
 * 1:1513 <-> DISABLED <-> SERVER-WEBAPP input.bat access (server-webapp.rules)
 * 1:1514 <-> DISABLED <-> SERVER-WEBAPP input2.bat arbitrary command execution attempt (server-webapp.rules)
 * 1:1515 <-> DISABLED <-> SERVER-WEBAPP input2.bat access (server-webapp.rules)
 * 1:1516 <-> DISABLED <-> SERVER-WEBAPP envout.bat arbitrary command execution attempt (server-webapp.rules)
 * 1:1517 <-> DISABLED <-> SERVER-WEBAPP envout.bat access (server-webapp.rules)
 * 1:1518 <-> DISABLED <-> SERVER-WEBAPP nstelemetry.adp access (server-webapp.rules)
 * 1:1519 <-> DISABLED <-> SERVER-WEBAPP apache ?M=D directory list attempt (server-webapp.rules)
 * 1:1520 <-> DISABLED <-> SERVER-WEBAPP server-info access (server-webapp.rules)
 * 1:1521 <-> DISABLED <-> SERVER-WEBAPP server-status access (server-webapp.rules)
 * 1:1522 <-> DISABLED <-> SERVER-WEBAPP ans.pl attempt (server-webapp.rules)
 * 1:1523 <-> DISABLED <-> SERVER-WEBAPP ans.pl access (server-webapp.rules)
 * 1:1524 <-> DISABLED <-> SERVER-WEBAPP Axis Storpoint CD attempt (server-webapp.rules)
 * 1:1525 <-> DISABLED <-> SERVER-WEBAPP Axis Storpoint CD access (server-webapp.rules)
 * 1:1526 <-> DISABLED <-> SERVER-WEBAPP basilix sendmail.inc access (server-webapp.rules)
 * 1:1527 <-> DISABLED <-> SERVER-WEBAPP basilix mysql.class access (server-webapp.rules)
 * 1:1528 <-> DISABLED <-> SERVER-WEBAPP BBoard access (server-webapp.rules)
 * 1:1529 <-> DISABLED <-> PROTOCOL-FTP SITE overflow attempt (protocol-ftp.rules)
 * 1:1531 <-> DISABLED <-> SERVER-WEBAPP bb-hist.sh attempt (server-webapp.rules)
 * 1:1532 <-> DISABLED <-> SERVER-WEBAPP bb-hostscv.sh attempt (server-webapp.rules)
 * 1:1533 <-> DISABLED <-> SERVER-WEBAPP bb-hostscv.sh access (server-webapp.rules)
 * 1:1534 <-> DISABLED <-> SERVER-WEBAPP agora.cgi attempt (server-webapp.rules)
 * 1:1535 <-> DISABLED <-> SERVER-WEBAPP bizdbsearch access (server-webapp.rules)
 * 1:1536 <-> DISABLED <-> SERVER-WEBAPP calendar_admin.pl arbitrary command execution attempt (server-webapp.rules)
 * 1:1537 <-> DISABLED <-> SERVER-WEBAPP calendar_admin.pl access (server-webapp.rules)
 * 1:1538 <-> DISABLED <-> NNTP AUTHINFO USER overflow attempt (nntp.rules)
 * 1:1539 <-> DISABLED <-> SERVER-WEBAPP /cgi-bin/ls access (server-webapp.rules)
 * 1:1540 <-> DISABLED <-> SERVER-OTHER Adobe Coldfusion ?Mode=debug attempt (server-other.rules)
 * 1:1541 <-> DISABLED <-> PROTOCOL-FINGER version query (protocol-finger.rules)
 * 1:1542 <-> DISABLED <-> SERVER-WEBAPP cgimail access (server-webapp.rules)
 * 1:1543 <-> DISABLED <-> SERVER-WEBAPP cgiwrap access (server-webapp.rules)
 * 1:1544 <-> DISABLED <-> SERVER-WEBAPP Cisco Catalyst command execution attempt (server-webapp.rules)
 * 1:1545 <-> DISABLED <-> DOS Cisco denial of service attempt (dos.rules)
 * 1:1546 <-> DISABLED <-> SERVER-WEBAPP Cisco /%% DOS attempt (server-webapp.rules)
 * 1:1547 <-> DISABLED <-> SERVER-WEBAPP csSearch.cgi arbitrary command execution attempt (server-webapp.rules)
 * 1:1548 <-> DISABLED <-> SERVER-WEBAPP csSearch.cgi access (server-webapp.rules)
 * 1:1549 <-> DISABLED <-> SERVER-MAIL HELO overflow attempt (server-mail.rules)
 * 1:1550 <-> DISABLED <-> SERVER-MAIL ETRN overflow attempt (server-mail.rules)
 * 1:1551 <-> DISABLED <-> SERVER-WEBAPP /CVS/Entries access (server-webapp.rules)
 * 1:1552 <-> DISABLED <-> SERVER-WEBAPP cvsweb version access (server-webapp.rules)
 * 1:1554 <-> DISABLED <-> SERVER-WEBAPP dbman db.cgi access (server-webapp.rules)
 * 1:1555 <-> DISABLED <-> SERVER-WEBAPP DCShop access (server-webapp.rules)
 * 1:1556 <-> DISABLED <-> SERVER-WEBAPP DCShop orders.txt access (server-webapp.rules)
 * 1:1557 <-> DISABLED <-> SERVER-WEBAPP DCShop auth_user_file.txt access (server-webapp.rules)
 * 1:1558 <-> DISABLED <-> SERVER-WEBAPP Delegate whois overflow attempt (server-webapp.rules)
 * 1:1559 <-> DISABLED <-> SERVER-WEBAPP /doc/packages access (server-webapp.rules)
 * 1:1560 <-> DISABLED <-> SERVER-WEBAPP /doc/ access (server-webapp.rules)
 * 1:1562 <-> DISABLED <-> PROTOCOL-FTP SITE CHOWN overflow attempt (protocol-ftp.rules)
 * 1:1563 <-> DISABLED <-> SERVER-WEBAPP login.htm attempt (server-webapp.rules)
 * 1:1564 <-> DISABLED <-> SERVER-WEBAPP login.htm access (server-webapp.rules)
 * 1:1565 <-> DISABLED <-> SERVER-WEBAPP eshop.pl arbitrary command execution attempt (server-webapp.rules)
 * 1:1566 <-> DISABLED <-> SERVER-WEBAPP eshop.pl access (server-webapp.rules)
 * 1:1567 <-> DISABLED <-> SERVER-IIS /exchange/root.asp attempt (server-iis.rules)
 * 1:15672 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 7 ActiveX clsid access (browser-plugins.rules)
 * 1:1568 <-> DISABLED <-> SERVER-IIS /exchange/root.asp access (server-iis.rules)
 * 1:1569 <-> DISABLED <-> SERVER-WEBAPP loadpage.cgi directory traversal attempt (server-webapp.rules)
 * 1:1570 <-> DISABLED <-> SERVER-WEBAPP loadpage.cgi access (server-webapp.rules)
 * 1:1571 <-> DISABLED <-> SERVER-WEBAPP dcforum.cgi directory traversal attempt (server-webapp.rules)
 * 1:1572 <-> DISABLED <-> SERVER-WEBAPP commerce.cgi arbitrary file access attempt (server-webapp.rules)
 * 1:1573 <-> DISABLED <-> SERVER-WEBAPP cgiforum.pl attempt (server-webapp.rules)
 * 1:1574 <-> DISABLED <-> SERVER-WEBAPP directorypro.cgi attempt (server-webapp.rules)
 * 1:1575 <-> DISABLED <-> SERVER-WEBAPP Domino mab.nsf access (server-webapp.rules)
 * 1:1576 <-> DISABLED <-> SERVER-WEBAPP Domino cersvr.nsf access (server-webapp.rules)
 * 1:1577 <-> DISABLED <-> SERVER-WEBAPP Domino setup.nsf access (server-webapp.rules)
 * 1:1578 <-> DISABLED <-> SERVER-WEBAPP Domino statrep.nsf access (server-webapp.rules)
 * 1:1579 <-> DISABLED <-> SERVER-WEBAPP Domino webadmin.nsf access (server-webapp.rules)
 * 1:1580 <-> DISABLED <-> SERVER-WEBAPP Domino events4.nsf access (server-webapp.rules)
 * 1:1581 <-> DISABLED <-> SERVER-WEBAPP Domino ntsync4.nsf access (server-webapp.rules)
 * 1:1582 <-> DISABLED <-> SERVER-WEBAPP Domino collect4.nsf access (server-webapp.rules)
 * 1:1583 <-> DISABLED <-> SERVER-WEBAPP Domino mailw46.nsf access (server-webapp.rules)
 * 1:1584 <-> DISABLED <-> SERVER-WEBAPP Domino bookmark.nsf access (server-webapp.rules)
 * 1:1585 <-> DISABLED <-> SERVER-WEBAPP Domino agentrunner.nsf access (server-webapp.rules)
 * 1:1586 <-> DISABLED <-> SERVER-WEBAPP Domino mail.box access (server-webapp.rules)
 * 1:1587 <-> DISABLED <-> SERVER-WEBAPP cgitest.exe access (server-webapp.rules)
 * 1:1588 <-> DISABLED <-> SERVER-WEBAPP SalesLogix Eviewer access (server-webapp.rules)
 * 1:1589 <-> DISABLED <-> SERVER-WEBAPP musicat empower attempt (server-webapp.rules)
 * 1:1590 <-> DISABLED <-> SERVER-WEBAPP faqmanager.cgi arbitrary file access attempt (server-webapp.rules)
 * 1:1591 <-> DISABLED <-> SERVER-WEBAPP faqmanager.cgi access (server-webapp.rules)
 * 1:1592 <-> DISABLED <-> SERVER-WEBAPP /fcgi-bin/echo.exe access (server-webapp.rules)
 * 1:1593 <-> DISABLED <-> SERVER-WEBAPP FormHandler.cgi external site redirection attempt (server-webapp.rules)
 * 1:1594 <-> DISABLED <-> SERVER-WEBAPP FormHandler.cgi access (server-webapp.rules)
 * 1:1595 <-> DISABLED <-> SERVER-IIS htimage.exe access (server-iis.rules)
 * 1:1597 <-> DISABLED <-> SERVER-WEBAPP guestbook.cgi access (server-webapp.rules)
 * 1:1598 <-> DISABLED <-> SERVER-WEBAPP Home Free search.cgi directory traversal attempt (server-webapp.rules)
 * 1:1599 <-> DISABLED <-> SERVER-WEBAPP search.cgi access (server-webapp.rules)
 * 1:1600 <-> DISABLED <-> SERVER-WEBAPP htsearch arbitrary configuration file attempt (server-webapp.rules)
 * 1:1601 <-> DISABLED <-> SERVER-WEBAPP htsearch arbitrary file read attempt (server-webapp.rules)
 * 1:1602 <-> DISABLED <-> SERVER-WEBAPP htsearch access (server-webapp.rules)
 * 1:1603 <-> DISABLED <-> SERVER-WEBAPP DELETE attempt (server-webapp.rules)
 * 1:1604 <-> DISABLED <-> SERVER-WEBAPP iChat directory traversal attempt (server-webapp.rules)
 * 1:1605 <-> DISABLED <-> DOS iParty DOS attempt (dos.rules)
 * 1:1606 <-> DISABLED <-> SERVER-WEBAPP icat access (server-webapp.rules)
 * 1:1607 <-> DISABLED <-> SERVER-WEBAPP HyperSeek hsx.cgi access (server-webapp.rules)
 * 1:1608 <-> DISABLED <-> SERVER-WEBAPP htmlscript attempt (server-webapp.rules)
 * 1:1610 <-> DISABLED <-> SERVER-WEBAPP formmail arbitrary command execution attempt (server-webapp.rules)
 * 1:1611 <-> DISABLED <-> SERVER-WEBAPP eXtropia webstore access (server-webapp.rules)
 * 1:1612 <-> DISABLED <-> SERVER-WEBAPP ftp.pl attempt (server-webapp.rules)
 * 1:1613 <-> DISABLED <-> SERVER-WEBAPP handler attempt (server-webapp.rules)
 * 1:1614 <-> DISABLED <-> SERVER-WEBAPP Novell Groupwise gwweb.exe attempt (server-webapp.rules)
 * 1:1615 <-> DISABLED <-> SERVER-WEBAPP htgrep attempt (server-webapp.rules)
 * 1:1616 <-> DISABLED <-> DNS named version attempt (dns.rules)
 * 1:1617 <-> DISABLED <-> SERVER-WEBAPP Bugzilla doeditvotes.cgi access (server-webapp.rules)
 * 1:1618 <-> DISABLED <-> SERVER-IIS .asp chunked Transfer-Encoding (server-iis.rules)
 * 1:1621 <-> DISABLED <-> PROTOCOL-FTP CMD overflow attempt (protocol-ftp.rules)
 * 1:1622 <-> DISABLED <-> PROTOCOL-FTP RNFR ././ attempt (protocol-ftp.rules)
 * 1:1623 <-> DISABLED <-> PROTOCOL-FTP invalid MODE (protocol-ftp.rules)
 * 1:1624 <-> DISABLED <-> PROTOCOL-FTP PWD overflow attempt (protocol-ftp.rules)
 * 1:1625 <-> DISABLED <-> PROTOCOL-FTP SYST overflow attempt (protocol-ftp.rules)
 * 1:1626 <-> DISABLED <-> SERVER-IIS /StoreCSVS/InstantOrder.asmx request (server-iis.rules)
 * 1:1628 <-> DISABLED <-> SERVER-WEBAPP FormHandler.cgi directory traversal attempt attempt (server-webapp.rules)
 * 1:1631 <-> DISABLED <-> POLICY-SOCIAL AIM login (policy-social.rules)
 * 1:1633 <-> DISABLED <-> POLICY-SOCIAL AIM receive message (policy-social.rules)
 * 1:1634 <-> DISABLED <-> PROTOCOL-POP PASS overflow attempt (protocol-pop.rules)
 * 1:1635 <-> DISABLED <-> PROTOCOL-POP APOP overflow attempt (protocol-pop.rules)
 * 1:1636 <-> DISABLED <-> SERVER-OTHER Xtramail Username overflow attempt (server-other.rules)
 * 1:1637 <-> DISABLED <-> SERVER-WEBAPP yabb access (server-webapp.rules)
 * 1:1638 <-> DISABLED <-> SCAN SSH Version map attempt (scan.rules)
 * 1:1639 <-> DISABLED <-> POLICY-SOCIAL IRC DCC file transfer request (policy-social.rules)
 * 1:1640 <-> DISABLED <-> POLICY-SOCIAL IRC DCC chat request (policy-social.rules)
 * 1:1641 <-> DISABLED <-> DOS DB2 dos attempt (dos.rules)
 * 1:1642 <-> DISABLED <-> SERVER-WEBAPP document.d2w access (server-webapp.rules)
 * 1:1643 <-> DISABLED <-> SERVER-WEBAPP db2www access (server-webapp.rules)
 * 1:1644 <-> DISABLED <-> SERVER-WEBAPP test-cgi attempt (server-webapp.rules)
 * 1:1645 <-> DISABLED <-> SERVER-WEBAPP testcgi access (server-webapp.rules)
 * 1:1646 <-> DISABLED <-> SERVER-WEBAPP test.cgi access (server-webapp.rules)
 * 1:1648 <-> DISABLED <-> SERVER-WEBAPP perl.exe command attempt (server-webapp.rules)
 * 1:1649 <-> DISABLED <-> SERVER-WEBAPP perl command attempt (server-webapp.rules)
 * 1:1650 <-> DISABLED <-> SERVER-WEBAPP tst.bat access (server-webapp.rules)
 * 1:1651 <-> DISABLED <-> SERVER-WEBAPP environ.pl access (server-webapp.rules)
 * 1:1652 <-> DISABLED <-> SERVER-WEBAPP campas attempt (server-webapp.rules)
 * 1:1654 <-> DISABLED <-> SERVER-WEBAPP cart32.exe access (server-webapp.rules)
 * 1:1655 <-> DISABLED <-> SERVER-WEBAPP pfdispaly.cgi arbitrary command execution attempt (server-webapp.rules)
 * 1:1656 <-> DISABLED <-> SERVER-WEBAPP pfdispaly.cgi access (server-webapp.rules)
 * 1:1657 <-> DISABLED <-> SERVER-WEBAPP pagelog.cgi directory traversal attempt (server-webapp.rules)
 * 1:1658 <-> DISABLED <-> SERVER-WEBAPP pagelog.cgi access (server-webapp.rules)
 * 1:1659 <-> DISABLED <-> SERVER-OTHER Adobe Coldfusion sendmail.cfm access (server-other.rules)
 * 1:1660 <-> DISABLED <-> SERVER-IIS trace.axd access (server-iis.rules)
 * 1:1661 <-> ENABLED <-> SERVER-IIS cmd32.exe access (server-iis.rules)
 * 1:1662 <-> DISABLED <-> SERVER-WEBAPP /~ftp access (server-webapp.rules)
 * 1:1663 <-> DISABLED <-> SERVER-WEBAPP *%20.pl access (server-webapp.rules)
 * 1:1664 <-> DISABLED <-> SERVER-WEBAPP mkplog.exe access (server-webapp.rules)
 * 1:1666 <-> DISABLED <-> INDICATOR-COMPROMISE index of /cgi-bin/ response (indicator-compromise.rules)
 * 1:1667 <-> DISABLED <-> SERVER-WEBAPP cross site scripting HTML Image tag set to javascript attempt (server-webapp.rules)
 * 1:1668 <-> DISABLED <-> SERVER-WEBAPP /cgi-bin/ access (server-webapp.rules)
 * 1:1669 <-> DISABLED <-> SERVER-WEBAPP /cgi-dos/ access (server-webapp.rules)
 * 1:1670 <-> DISABLED <-> SERVER-WEBAPP /home/ftp access (server-webapp.rules)
 * 1:1671 <-> DISABLED <-> SERVER-WEBAPP /home/www access (server-webapp.rules)
 * 1:1672 <-> DISABLED <-> PROTOCOL-FTP CWD ~ attempt (protocol-ftp.rules)
 * 1:1673 <-> DISABLED <-> SERVER-ORACLE EXECUTE_SYSTEM attempt (server-oracle.rules)
 * 1:16734 <-> DISABLED <-> FILE-OTHER UltraISO CUE file handling stack buffer overflow attempt (file-other.rules)
 * 1:1674 <-> DISABLED <-> SERVER-ORACLE connect_data remote version detection attempt (server-oracle.rules)
 * 1:1675 <-> DISABLED <-> SERVER-ORACLE misparsed login response (server-oracle.rules)
 * 1:1676 <-> DISABLED <-> SERVER-ORACLE select union attempt (server-oracle.rules)
 * 1:1677 <-> DISABLED <-> SERVER-ORACLE select like '%' attempt (server-oracle.rules)
 * 1:1678 <-> DISABLED <-> SERVER-ORACLE select like '%' attempt backslash escaped (server-oracle.rules)
 * 1:1679 <-> DISABLED <-> SERVER-ORACLE describe attempt (server-oracle.rules)
 * 1:1680 <-> DISABLED <-> SERVER-ORACLE all_constraints access (server-oracle.rules)
 * 1:1681 <-> DISABLED <-> SERVER-ORACLE all_views access (server-oracle.rules)
 * 1:1682 <-> DISABLED <-> SERVER-ORACLE all_source access (server-oracle.rules)
 * 1:1683 <-> DISABLED <-> SERVER-ORACLE all_tables access (server-oracle.rules)
 * 1:1684 <-> DISABLED <-> SERVER-ORACLE all_tab_columns access (server-oracle.rules)
 * 1:1685 <-> DISABLED <-> SERVER-ORACLE all_tab_privs access (server-oracle.rules)
 * 1:1686 <-> DISABLED <-> SERVER-ORACLE dba_tablespace access (server-oracle.rules)
 * 1:1687 <-> DISABLED <-> SERVER-ORACLE dba_tables access (server-oracle.rules)
 * 1:1688 <-> DISABLED <-> SERVER-ORACLE user_tablespace access (server-oracle.rules)
 * 1:1689 <-> DISABLED <-> SERVER-ORACLE sys.all_users access (server-oracle.rules)
 * 1:1690 <-> DISABLED <-> SERVER-ORACLE grant attempt (server-oracle.rules)
 * 1:1691 <-> DISABLED <-> SERVER-ORACLE ALTER USER attempt (server-oracle.rules)
 * 1:1692 <-> DISABLED <-> SERVER-ORACLE drop table attempt (server-oracle.rules)
 * 1:1693 <-> DISABLED <-> SERVER-ORACLE create table attempt (server-oracle.rules)
 * 1:1694 <-> DISABLED <-> SERVER-ORACLE alter table attempt (server-oracle.rules)
 * 1:1695 <-> DISABLED <-> SERVER-ORACLE truncate table attempt (server-oracle.rules)
 * 1:1696 <-> DISABLED <-> SERVER-ORACLE create database attempt (server-oracle.rules)
 * 1:1697 <-> DISABLED <-> SERVER-ORACLE alter database attempt (server-oracle.rules)
 * 1:1700 <-> DISABLED <-> SERVER-WEBAPP imagemap.exe access (server-webapp.rules)
 * 1:1701 <-> DISABLED <-> SERVER-WEBAPP calendar-admin.pl access (server-webapp.rules)
 * 1:1702 <-> DISABLED <-> SERVER-WEBAPP Amaya templates sendtemp.pl access (server-webapp.rules)
 * 1:1703 <-> DISABLED <-> SERVER-WEBAPP auktion.cgi directory traversal attempt (server-webapp.rules)
 * 1:1704 <-> DISABLED <-> SERVER-WEBAPP cal_make.pl directory traversal attempt (server-webapp.rules)
 * 1:1705 <-> DISABLED <-> SERVER-WEBAPP echo.bat arbitrary command execution attempt (server-webapp.rules)
 * 1:1706 <-> DISABLED <-> SERVER-WEBAPP echo.bat access (server-webapp.rules)
 * 1:1707 <-> DISABLED <-> SERVER-WEBAPP hello.bat arbitrary command execution attempt (server-webapp.rules)
 * 1:1708 <-> DISABLED <-> SERVER-WEBAPP hello.bat access (server-webapp.rules)
 * 1:1709 <-> DISABLED <-> SERVER-WEBAPP ad.cgi access (server-webapp.rules)
 * 1:1710 <-> DISABLED <-> SERVER-WEBAPP bbs_forum.cgi access (server-webapp.rules)
 * 1:1711 <-> DISABLED <-> SERVER-WEBAPP bsguest.cgi access (server-webapp.rules)
 * 1:1712 <-> DISABLED <-> SERVER-WEBAPP bslist.cgi access (server-webapp.rules)
 * 1:1713 <-> DISABLED <-> SERVER-WEBAPP cgforum.cgi access (server-webapp.rules)
 * 1:1714 <-> DISABLED <-> SERVER-WEBAPP newdesk access (server-webapp.rules)
 * 1:1715 <-> DISABLED <-> SERVER-WEBAPP register.cgi access (server-webapp.rules)
 * 1:1716 <-> DISABLED <-> SERVER-WEBAPP gbook.cgi access (server-webapp.rules)
 * 1:1717 <-> DISABLED <-> SERVER-WEBAPP simplestguest.cgi access (server-webapp.rules)
 * 1:1718 <-> DISABLED <-> SERVER-WEBAPP statsconfig.pl access (server-webapp.rules)
 * 1:1719 <-> DISABLED <-> SERVER-WEBAPP talkback.cgi directory traversal attempt (server-webapp.rules)
 * 1:1720 <-> DISABLED <-> SERVER-WEBAPP talkback.cgi access (server-webapp.rules)
 * 1:1721 <-> DISABLED <-> SERVER-WEBAPP adcycle access (server-webapp.rules)
 * 1:1722 <-> DISABLED <-> SERVER-WEBAPP MachineInfo access (server-webapp.rules)
 * 1:1723 <-> DISABLED <-> SERVER-WEBAPP emumail.cgi NULL attempt (server-webapp.rules)
 * 1:1724 <-> DISABLED <-> SERVER-WEBAPP emumail.cgi access (server-webapp.rules)
 * 1:1725 <-> DISABLED <-> SERVER-IIS +.htr code fragment attempt (server-iis.rules)
 * 1:1726 <-> DISABLED <-> SERVER-IIS doctodep.btr access (server-iis.rules)
 * 1:1727 <-> DISABLED <-> SERVER-WEBAPP SGI InfoSearch fname access (server-webapp.rules)
 * 1:1729 <-> DISABLED <-> POLICY-SOCIAL IRC channel join (policy-social.rules)
 * 1:1730 <-> DISABLED <-> SERVER-WEBAPP ustorekeeper.pl directory traversal attempt (server-webapp.rules)
 * 1:1731 <-> DISABLED <-> SERVER-WEBAPP a1stats access (server-webapp.rules)
 * 1:1732 <-> DISABLED <-> RPC portmap rwalld request UDP (rpc.rules)
 * 1:1733 <-> DISABLED <-> RPC portmap rwalld request TCP (rpc.rules)
 * 1:1734 <-> DISABLED <-> PROTOCOL-FTP USER overflow attempt (protocol-ftp.rules)
 * 1:1735 <-> DISABLED <-> WEB-CLIENT XMLHttpRequest attempt (web-client.rules)
 * 1:1736 <-> DISABLED <-> SERVER-WEBAPP squirrel mail spell-check arbitrary command attempt (server-webapp.rules)
 * 1:1737 <-> DISABLED <-> SERVER-WEBAPP squirrel mail theme arbitrary command attempt (server-webapp.rules)
 * 1:1738 <-> DISABLED <-> SERVER-WEBAPP global.inc access (server-webapp.rules)
 * 1:1739 <-> DISABLED <-> SERVER-WEBAPP DNSTools administrator authentication bypass attempt (server-webapp.rules)
 * 1:1740 <-> DISABLED <-> SERVER-WEBAPP DNSTools authentication bypass attempt (server-webapp.rules)
 * 1:1741 <-> DISABLED <-> SERVER-WEBAPP DNSTools access (server-webapp.rules)
 * 1:1742 <-> DISABLED <-> SERVER-WEBAPP Blahz-DNS dostuff.php modify user attempt (server-webapp.rules)
 * 1:1743 <-> DISABLED <-> SERVER-WEBAPP Blahz-DNS dostuff.php access (server-webapp.rules)
 * 1:1744 <-> DISABLED <-> SERVER-WEBAPP SecureSite authentication bypass attempt (server-webapp.rules)
 * 1:1745 <-> DISABLED <-> SERVER-WEBAPP Messagerie supp_membre.php access (server-webapp.rules)
 * 1:1746 <-> DISABLED <-> RPC portmap cachefsd request UDP (rpc.rules)
 * 1:1747 <-> DISABLED <-> RPC portmap cachefsd request TCP (rpc.rules)
 * 1:1750 <-> DISABLED <-> SERVER-IIS users.xml access (server-iis.rules)
 * 1:1751 <-> DISABLED <-> SERVER-OTHER cachefsd buffer overflow attempt (server-other.rules)
 * 1:1752 <-> DISABLED <-> POLICY-SOCIAL AIM AddExternalApp attempt (policy-social.rules)
 * 1:1753 <-> DISABLED <-> SERVER-IIS as_web.exe access (server-iis.rules)
 * 1:1754 <-> DISABLED <-> SERVER-IIS as_web4.exe access (server-iis.rules)
 * 1:1755 <-> DISABLED <-> PROTOCOL-IMAP partial body buffer overflow attempt (protocol-imap.rules)
 * 1:1756 <-> DISABLED <-> SERVER-IIS NewsPro administration authentication attempt (server-iis.rules)
 * 1:1757 <-> DISABLED <-> SERVER-WEBAPP b2 arbitrary command execution attempt (server-webapp.rules)
 * 1:1759 <-> DISABLED <-> SQL xp_cmdshell program execution 445 (sql.rules)
 * 1:1762 <-> DISABLED <-> SERVER-WEBAPP phf arbitrary command execution attempt (server-webapp.rules)
 * 1:1763 <-> DISABLED <-> SERVER-WEBAPP Nortel Contivity cgiproc DOS attempt (server-webapp.rules)
 * 1:1764 <-> DISABLED <-> SERVER-WEBAPP Nortel Contivity cgiproc DOS attempt (server-webapp.rules)
 * 1:1765 <-> DISABLED <-> SERVER-WEBAPP Nortel Contivity cgiproc access (server-webapp.rules)
 * 1:1766 <-> DISABLED <-> SERVER-WEBAPP search.dll directory listing attempt (server-webapp.rules)
 * 1:1767 <-> DISABLED <-> SERVER-WEBAPP search.dll access (server-webapp.rules)
 * 1:1769 <-> DISABLED <-> SERVER-WEBAPP .DS_Store access (server-webapp.rules)
 * 1:1770 <-> DISABLED <-> SERVER-WEBAPP .FBCIndex access (server-webapp.rules)
 * 1:1771 <-> DISABLED <-> POLICY-OTHER IPSec PGPNet connection attempt (policy-other.rules)
 * 1:1772 <-> DISABLED <-> SERVER-IIS pbserver access (server-iis.rules)
 * 1:1773 <-> DISABLED <-> SERVER-WEBAPP php.exe access (server-webapp.rules)
 * 1:1774 <-> DISABLED <-> SERVER-WEBAPP bb_smilies.php access (server-webapp.rules)
 * 1:1775 <-> DISABLED <-> SERVER-MYSQL root login attempt (server-mysql.rules)
 * 1:1776 <-> DISABLED <-> SERVER-MYSQL show databases attempt (server-mysql.rules)
 * 1:1777 <-> DISABLED <-> PROTOCOL-FTP EXPLOIT STAT * dos attempt (protocol-ftp.rules)
 * 1:1778 <-> DISABLED <-> PROTOCOL-FTP EXPLOIT STAT ? dos attempt (protocol-ftp.rules)
 * 1:1787 <-> DISABLED <-> SERVER-WEBAPP csPassword.cgi access (server-webapp.rules)
 * 1:1788 <-> DISABLED <-> SERVER-WEBAPP csPassword password.cgi.tmp access (server-webapp.rules)
 * 1:1789 <-> DISABLED <-> POLICY-SOCIAL IRC dns request (policy-social.rules)
 * 1:1790 <-> DISABLED <-> POLICY-SOCIAL IRC dns response (policy-social.rules)
 * 1:1792 <-> DISABLED <-> NNTP return code buffer overflow attempt (nntp.rules)
 * 1:1802 <-> DISABLED <-> SERVER-IIS .asa HTTP header buffer overflow attempt (server-iis.rules)
 * 1:1803 <-> DISABLED <-> SERVER-IIS .cer HTTP header buffer overflow attempt (server-iis.rules)
 * 1:1804 <-> DISABLED <-> SERVER-IIS .cdx HTTP header buffer overflow attempt (server-iis.rules)
 * 1:1805 <-> DISABLED <-> SERVER-WEBAPP Oracle reports CGI access (server-webapp.rules)
 * 1:1806 <-> DISABLED <-> SERVER-IIS .htr chunked Transfer-Encoding (server-iis.rules)
 * 1:1807 <-> DISABLED <-> SERVER-WEBAPP Chunked-Encoding transfer attempt (server-webapp.rules)
 * 1:1808 <-> DISABLED <-> SERVER-WEBAPP apache chunked encoding memory corruption exploit attempt (server-webapp.rules)
 * 1:1809 <-> DISABLED <-> SERVER-APACHE Apache Chunked-Encoding worm attempt (server-apache.rules)
 * 1:1810 <-> DISABLED <-> SERVER-OTHER successful gobbles ssh exploit GOBBLE (server-other.rules)
 * 1:1811 <-> DISABLED <-> SERVER-OTHER successful gobbles ssh exploit uname (server-other.rules)
 * 1:1812 <-> DISABLED <-> SERVER-OTHER gobbles SSH exploit attempt (server-other.rules)
 * 1:1813 <-> DISABLED <-> PROTOCOL-ICMP digital island bandwidth query (protocol-icmp.rules)
 * 1:1814 <-> DISABLED <-> SERVER-WEBAPP CISCO VoIP DOS ATTEMPT (server-webapp.rules)
 * 1:1815 <-> DISABLED <-> SERVER-WEBAPP directory.php arbitrary command attempt (server-webapp.rules)
 * 1:1816 <-> DISABLED <-> SERVER-WEBAPP directory.php access (server-webapp.rules)
 * 1:1817 <-> DISABLED <-> SERVER-IIS MS Site Server default login attempt (server-iis.rules)
 * 1:1818 <-> DISABLED <-> SERVER-IIS MS Site Server admin attempt (server-iis.rules)
 * 1:1819 <-> DISABLED <-> SERVER-OTHER Alcatel PABX 4400 connection attempt (server-other.rules)
 * 1:1820 <-> DISABLED <-> SERVER-WEBAPP IBM Net.Commerce orderdspc.d2w access (server-webapp.rules)
 * 1:1821 <-> DISABLED <-> SERVER-OTHER LPD dvips remote command execution attempt (server-other.rules)
 * 1:1822 <-> DISABLED <-> SERVER-WEBAPP alienform.cgi directory traversal attempt (server-webapp.rules)
 * 1:1823 <-> DISABLED <-> SERVER-WEBAPP AlienForm af.cgi directory traversal attempt (server-webapp.rules)
 * 1:1824 <-> DISABLED <-> SERVER-WEBAPP alienform.cgi access (server-webapp.rules)
 * 1:1825 <-> DISABLED <-> SERVER-WEBAPP AlienForm af.cgi access (server-webapp.rules)
 * 1:1826 <-> DISABLED <-> SERVER-WEBAPP WEB-INF access (server-webapp.rules)
 * 1:1827 <-> DISABLED <-> SERVER-APACHE Apache Tomcat servlet mapping cross site scripting attempt (server-apache.rules)
 * 1:1828 <-> DISABLED <-> SERVER-WEBAPP iPlanet Search directory traversal attempt (server-webapp.rules)
 * 1:1829 <-> DISABLED <-> SERVER-APACHE Apache Tomcat TroubleShooter servlet access (server-apache.rules)
 * 1:1830 <-> DISABLED <-> SERVER-APACHE Apache Tomcat SnoopServlet servlet access (server-apache.rules)
 * 1:1831 <-> DISABLED <-> SERVER-WEBAPP jigsaw dos attempt (server-webapp.rules)
 * 1:1832 <-> DISABLED <-> POLICY-SOCIAL ICQ forced user addition (policy-social.rules)
 * 1:1834 <-> DISABLED <-> SERVER-WEBAPP PHP-Wiki cross site scripting attempt (server-webapp.rules)
 * 1:1835 <-> DISABLED <-> SERVER-WEBAPP Macromedia SiteSpring cross site scripting attempt (server-webapp.rules)
 * 1:1838 <-> DISABLED <-> EXPLOIT SSH server banner overflow (exploit.rules)
 * 1:1839 <-> DISABLED <-> SERVER-WEBAPP mailman cross site scripting attempt (server-webapp.rules)
 * 1:1840 <-> DISABLED <-> FILE-OTHER Oracle Javascript document.domain attempt (file-other.rules)
 * 1:1841 <-> DISABLED <-> FILE-OTHER Oracle Javascript URL host spoofing attempt (file-other.rules)
 * 1:1842 <-> DISABLED <-> PROTOCOL-IMAP login buffer overflow attempt (protocol-imap.rules)
 * 1:1843 <-> DISABLED <-> MALWARE-BACKDOOR trinity connection attempt (malware-backdoor.rules)
 * 1:1844 <-> ENABLED <-> PROTOCOL-IMAP authenticate overflow attempt (protocol-imap.rules)
 * 1:1845 <-> DISABLED <-> PROTOCOL-IMAP list literal overflow attempt (protocol-imap.rules)
 * 1:1846 <-> DISABLED <-> POLICY-MULTIMEDIA vncviewer Java applet download attempt (policy-multimedia.rules)
 * 1:1847 <-> DISABLED <-> SERVER-WEBAPP webalizer access (server-webapp.rules)
 * 1:1848 <-> DISABLED <-> SERVER-WEBAPP webcart-lite access (server-webapp.rules)
 * 1:1849 <-> DISABLED <-> SERVER-WEBAPP webfind.exe access (server-webapp.rules)
 * 1:1850 <-> DISABLED <-> SERVER-WEBAPP way-board.cgi access (server-webapp.rules)
 * 1:1851 <-> DISABLED <-> SERVER-WEBAPP active.log access (server-webapp.rules)
 * 1:1852 <-> DISABLED <-> SERVER-WEBAPP robots.txt access (server-webapp.rules)
 * 1:1853 <-> DISABLED <-> MALWARE-BACKDOOR win-trin00 connection attempt (malware-backdoor.rules)
 * 1:1854 <-> DISABLED <-> PROTOCOL-ICMP Stacheldraht handler->agent niggahbitch (protocol-icmp.rules)
 * 1:1855 <-> DISABLED <-> PROTOCOL-ICMP Stacheldraht agent->handler skillz (protocol-icmp.rules)
 * 1:1856 <-> DISABLED <-> PROTOCOL-ICMP Stacheldraht handler->agent ficken (protocol-icmp.rules)
 * 1:1857 <-> DISABLED <-> SERVER-WEBAPP robot.txt access (server-webapp.rules)
 * 1:1858 <-> DISABLED <-> SERVER-WEBAPP CISCO PIX Firewall Manager directory traversal attempt (server-webapp.rules)
 * 1:1859 <-> DISABLED <-> SERVER-WEBAPP Oracle JavaServer default password login attempt (server-webapp.rules)
 * 1:1860 <-> DISABLED <-> SERVER-WEBAPP Linksys router default password login attempt (server-webapp.rules)
 * 1:1861 <-> DISABLED <-> SERVER-WEBAPP Linksys router default username and password login attempt (server-webapp.rules)
 * 1:1862 <-> DISABLED <-> SERVER-WEBAPP mrtg.cgi directory traversal attempt (server-webapp.rules)
 * 1:1864 <-> DISABLED <-> PROTOCOL-FTP SITE NEWER attempt (protocol-ftp.rules)
 * 1:1865 <-> DISABLED <-> SERVER-WEBAPP webdist.cgi arbitrary command attempt (server-webapp.rules)
 * 1:1866 <-> DISABLED <-> PROTOCOL-POP USER overflow attempt (protocol-pop.rules)
 * 1:1867 <-> DISABLED <-> X11 xdmcp info query (x11.rules)
 * 1:1868 <-> DISABLED <-> SERVER-WEBAPP story.pl arbitrary file read attempt (server-webapp.rules)
 * 1:1869 <-> DISABLED <-> SERVER-WEBAPP story.pl access (server-webapp.rules)
 * 1:1870 <-> DISABLED <-> SERVER-WEBAPP siteUserMod.cgi access (server-webapp.rules)
 * 1:1871 <-> DISABLED <-> SERVER-WEBAPP Oracle XSQLConfig.xml access (server-webapp.rules)
 * 1:1872 <-> DISABLED <-> SERVER-WEBAPP Oracle Dynamic Monitoring Services dms access (server-webapp.rules)
 * 1:1873 <-> DISABLED <-> SERVER-WEBAPP globals.jsa access (server-webapp.rules)
 * 1:1874 <-> DISABLED <-> SERVER-WEBAPP Oracle Java Process Manager access (server-webapp.rules)
 * 1:1875 <-> DISABLED <-> SERVER-WEBAPP cgicso access (server-webapp.rules)
 * 1:1876 <-> DISABLED <-> SERVER-WEBAPP nph-publish.cgi access (server-webapp.rules)
 * 1:1877 <-> DISABLED <-> SERVER-WEBAPP printenv access (server-webapp.rules)
 * 1:1878 <-> DISABLED <-> SERVER-WEBAPP sdbsearch.cgi access (server-webapp.rules)
 * 1:1879 <-> DISABLED <-> SERVER-WEBAPP book.cgi arbitrary command execution attempt (server-webapp.rules)
 * 1:1880 <-> DISABLED <-> SERVER-WEBAPP oracle web application server access (server-webapp.rules)
 * 1:1881 <-> DISABLED <-> SERVER-WEBAPP bad HTTP/1.1 request, Potentially worm attack (server-webapp.rules)
 * 1:1882 <-> DISABLED <-> INDICATOR-COMPROMISE id check returned userid (indicator-compromise.rules)
 * 1:1887 <-> DISABLED <-> SERVER-OTHER OpenSSL Worm traffic (server-other.rules)
 * 1:1888 <-> DISABLED <-> PROTOCOL-FTP SITE CPWD overflow attempt (protocol-ftp.rules)
 * 1:1889 <-> DISABLED <-> MALWARE-CNC slapper worm admin traffic (malware-cnc.rules)
 * 1:1890 <-> DISABLED <-> RPC status GHBN format string attack (rpc.rules)
 * 1:1891 <-> DISABLED <-> RPC status GHBN format string attack (rpc.rules)
 * 1:1892 <-> DISABLED <-> SNMP null community string attempt (snmp.rules)
 * 1:1893 <-> DISABLED <-> SNMP missing community string attempt (snmp.rules)
 * 1:1894 <-> DISABLED <-> INDICATOR-SHELLCODE kadmind buffer overflow attempt (indicator-shellcode.rules)
 * 1:1895 <-> DISABLED <-> INDICATOR-SHELLCODE kadmind buffer overflow attempt (indicator-shellcode.rules)
 * 1:1896 <-> DISABLED <-> INDICATOR-SHELLCODE kadmind buffer overflow attempt (indicator-shellcode.rules)
 * 1:1897 <-> DISABLED <-> INDICATOR-SHELLCODE kadmind buffer overflow attempt (indicator-shellcode.rules)
 * 1:1898 <-> DISABLED <-> INDICATOR-SHELLCODE kadmind buffer overflow attempt (indicator-shellcode.rules)
 * 1:1899 <-> DISABLED <-> INDICATOR-SHELLCODE kadmind buffer overflow attempt (indicator-shellcode.rules)
 * 1:1900 <-> DISABLED <-> SERVER-OTHER successful kadmind buffer overflow attempt (server-other.rules)
 * 1:1901 <-> DISABLED <-> SERVER-OTHER successful kadmind buffer overflow attempt (server-other.rules)
 * 1:1902 <-> DISABLED <-> PROTOCOL-IMAP lsub literal overflow attempt (protocol-imap.rules)
 * 1:1903 <-> DISABLED <-> PROTOCOL-IMAP rename overflow attempt (protocol-imap.rules)
 * 1:1904 <-> DISABLED <-> PROTOCOL-IMAP find overflow attempt (protocol-imap.rules)
 * 1:1905 <-> DISABLED <-> RPC AMD UDP amqproc_mount plog overflow attempt (rpc.rules)
 * 1:1906 <-> DISABLED <-> RPC AMD TCP amqproc_mount plog overflow attempt (rpc.rules)
 * 1:1907 <-> DISABLED <-> RPC CMSD UDP CMSD_CREATE buffer overflow attempt (rpc.rules)
 * 1:1908 <-> DISABLED <-> RPC CMSD TCP CMSD_CREATE buffer overflow attempt (rpc.rules)
 * 1:1909 <-> DISABLED <-> RPC CMSD TCP CMSD_INSERT buffer overflow attempt (rpc.rules)
 * 1:1910 <-> DISABLED <-> RPC CMSD udp CMSD_INSERT buffer overflow attempt (rpc.rules)
 * 1:1911 <-> DISABLED <-> RPC sadmind UDP NETMGT_PROC_SERVICE CLIENT_DOMAIN overflow attempt (rpc.rules)
 * 1:1912 <-> DISABLED <-> RPC sadmind TCP NETMGT_PROC_SERVICE CLIENT_DOMAIN overflow attempt (rpc.rules)
 * 1:1913 <-> DISABLED <-> RPC STATD UDP stat mon_name format string exploit attempt (rpc.rules)
 * 1:1914 <-> DISABLED <-> RPC STATD TCP stat mon_name format string exploit attempt (rpc.rules)
 * 1:19141 <-> DISABLED <-> FILE-OFFICE Microsoft Access Wizard control memory corruption ActiveX clsid access (file-office.rules)
 * 1:1915 <-> DISABLED <-> RPC STATD UDP monitor mon_name format string exploit attempt (rpc.rules)
 * 1:1916 <-> DISABLED <-> RPC STATD TCP monitor mon_name format string exploit attempt (rpc.rules)
 * 1:1917 <-> DISABLED <-> SCAN UPnP service discover attempt (scan.rules)
 * 1:1918 <-> DISABLED <-> PROTOCOL-ICMP SolarWinds IP scan attempt (protocol-icmp.rules)
 * 1:1919 <-> DISABLED <-> PROTOCOL-FTP CWD overflow attempt (protocol-ftp.rules)
 * 1:1920 <-> DISABLED <-> PROTOCOL-FTP SITE NEWER overflow attempt (protocol-ftp.rules)
 * 1:1921 <-> DISABLED <-> PROTOCOL-FTP SITE ZIPCHK overflow attempt (protocol-ftp.rules)
 * 1:1922 <-> DISABLED <-> RPC portmap proxy attempt TCP (rpc.rules)
 * 1:1923 <-> DISABLED <-> RPC portmap proxy attempt UDP (rpc.rules)
 * 1:1924 <-> DISABLED <-> RPC mountd UDP export request (rpc.rules)
 * 1:1925 <-> DISABLED <-> RPC mountd TCP exportall request (rpc.rules)
 * 1:1926 <-> DISABLED <-> RPC mountd UDP exportall request (rpc.rules)
 * 1:1927 <-> DISABLED <-> PROTOCOL-FTP authorized_keys (protocol-ftp.rules)
 * 1:1928 <-> DISABLED <-> PROTOCOL-FTP shadow retrieval attempt (protocol-ftp.rules)
 * 1:19295 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word HTML linked objects memory corruption attempt (file-office.rules)
 * 1:1930 <-> ENABLED <-> PROTOCOL-IMAP auth literal overflow attempt (protocol-imap.rules)
 * 1:1931 <-> DISABLED <-> SERVER-WEBAPP rpc-nlog.pl access (server-webapp.rules)
 * 1:1932 <-> DISABLED <-> SERVER-WEBAPP rpc-smb.pl access (server-webapp.rules)
 * 1:1933 <-> DISABLED <-> SERVER-WEBAPP cart.cgi access (server-webapp.rules)
 * 1:1936 <-> DISABLED <-> PROTOCOL-POP AUTH overflow attempt (protocol-pop.rules)
 * 1:1937 <-> DISABLED <-> PROTOCOL-POP LIST overflow attempt (protocol-pop.rules)
 * 1:1938 <-> DISABLED <-> PROTOCOL-POP XTND overflow attempt (protocol-pop.rules)
 * 1:1939 <-> DISABLED <-> SERVER-OTHER bootp hardware address length overflow (server-other.rules)
 * 1:1940 <-> DISABLED <-> SERVER-OTHER bootp invalid hardware type (server-other.rules)
 * 1:1941 <-> ENABLED <-> TFTP GET filename overflow attempt (tftp.rules)
 * 1:1942 <-> DISABLED <-> PROTOCOL-FTP RMDIR overflow attempt (protocol-ftp.rules)
 * 1:1943 <-> DISABLED <-> SERVER-WEBAPP /Carello/add.exe access (server-webapp.rules)
 * 1:1944 <-> DISABLED <-> SERVER-WEBAPP /ecscripts/ecware.exe access (server-webapp.rules)
 * 1:1946 <-> DISABLED <-> SERVER-WEBAPP answerbook2 admin attempt (server-webapp.rules)
 * 1:1947 <-> DISABLED <-> SERVER-WEBAPP answerbook2 arbitrary command execution attempt (server-webapp.rules)
 * 1:1948 <-> DISABLED <-> DNS zone transfer UDP (dns.rules)
 * 1:1949 <-> DISABLED <-> RPC portmap SET attempt TCP 111 (rpc.rules)
 * 1:1950 <-> DISABLED <-> RPC portmap SET attempt UDP 111 (rpc.rules)
 * 1:1951 <-> DISABLED <-> RPC mountd TCP mount request (rpc.rules)
 * 1:1952 <-> DISABLED <-> RPC mountd UDP mount request (rpc.rules)
 * 1:1953 <-> DISABLED <-> RPC AMD TCP pid request (rpc.rules)
 * 1:1954 <-> DISABLED <-> RPC AMD UDP pid request (rpc.rules)
 * 1:1955 <-> DISABLED <-> RPC AMD TCP version request (rpc.rules)
 * 1:1956 <-> DISABLED <-> RPC AMD UDP version request (rpc.rules)
 * 1:1957 <-> DISABLED <-> RPC sadmind UDP PING (rpc.rules)
 * 1:1958 <-> DISABLED <-> RPC sadmind TCP PING (rpc.rules)
 * 1:1959 <-> DISABLED <-> RPC portmap NFS request UDP (rpc.rules)
 * 1:1960 <-> DISABLED <-> RPC portmap NFS request TCP (rpc.rules)
 * 1:1961 <-> DISABLED <-> RPC portmap RQUOTA request UDP (rpc.rules)
 * 1:1962 <-> DISABLED <-> RPC portmap RQUOTA request TCP (rpc.rules)
 * 1:1963 <-> DISABLED <-> RPC RQUOTA getquota overflow attempt UDP (rpc.rules)
 * 1:1964 <-> DISABLED <-> RPC tooltalk UDP overflow attempt (rpc.rules)
 * 1:1965 <-> DISABLED <-> RPC tooltalk TCP overflow attempt (rpc.rules)
 * 1:1966 <-> DISABLED <-> EXPLOIT GlobalSunTech Access Point Information Disclosure attempt (exploit.rules)
 * 1:1967 <-> DISABLED <-> SERVER-WEBAPP phpbb quick-reply.php arbitrary command attempt (server-webapp.rules)
 * 1:1968 <-> DISABLED <-> SERVER-WEBAPP phpbb quick-reply.php access (server-webapp.rules)
 * 1:1969 <-> DISABLED <-> SERVER-WEBAPP ion-p access (server-webapp.rules)
 * 1:1970 <-> DISABLED <-> SERVER-IIS MDAC Content-Type overflow attempt (server-iis.rules)
 * 1:1971 <-> DISABLED <-> PROTOCOL-FTP SITE EXEC format string attempt (protocol-ftp.rules)
 * 1:1972 <-> DISABLED <-> PROTOCOL-FTP PASS overflow attempt (protocol-ftp.rules)
 * 1:1973 <-> DISABLED <-> PROTOCOL-FTP MKD overflow attempt (protocol-ftp.rules)
 * 1:1974 <-> DISABLED <-> PROTOCOL-FTP REST overflow attempt (protocol-ftp.rules)
 * 1:1975 <-> DISABLED <-> PROTOCOL-FTP DELE overflow attempt (protocol-ftp.rules)
 * 1:1976 <-> DISABLED <-> PROTOCOL-FTP RMD overflow attempt (protocol-ftp.rules)
 * 1:1977 <-> DISABLED <-> SERVER-WEBAPP xp_regwrite attempt (server-webapp.rules)
 * 1:1978 <-> DISABLED <-> SERVER-WEBAPP xp_regdeletekey attempt (server-webapp.rules)
 * 1:1979 <-> DISABLED <-> SERVER-WEBAPP perl post attempt (server-webapp.rules)
 * 1:1980 <-> DISABLED <-> MALWARE-BACKDOOR DeepThroat 3.1 Connection (malware-backdoor.rules)
 * 1:1981 <-> DISABLED <-> MALWARE-BACKDOOR DeepThroat 3.1 Connection attempt on port 3150 (malware-backdoor.rules)
 * 1:1982 <-> DISABLED <-> MALWARE-BACKDOOR DeepThroat 3.1 Server Response on port 3150 (malware-backdoor.rules)
 * 1:1983 <-> DISABLED <-> MALWARE-BACKDOOR DeepThroat 3.1 Connection attempt on port 4120 (malware-backdoor.rules)
 * 1:1984 <-> DISABLED <-> MALWARE-BACKDOOR DeepThroat 3.1 Server Response on port 4120 (malware-backdoor.rules)
 * 1:1985 <-> DISABLED <-> MALWARE-BACKDOOR Doly 1.5 server response (malware-backdoor.rules)
 * 1:1986 <-> DISABLED <-> POLICY-SOCIAL Microsoft MSN outbound file transfer request (policy-social.rules)
 * 1:1987 <-> DISABLED <-> SERVER-OTHER xfs overflow attempt (server-other.rules)
 * 1:1988 <-> DISABLED <-> POLICY-SOCIAL Microsoft MSN outbound file transfer accept (policy-social.rules)
 * 1:1989 <-> DISABLED <-> POLICY-SOCIAL Microsoft MSN outbound file transfer rejected (policy-social.rules)
 * 1:1990 <-> DISABLED <-> POLICY-SOCIAL Microsoft MSN user search (policy-social.rules)
 * 1:1991 <-> DISABLED <-> POLICY-SOCIAL Microsoft MSN login attempt (policy-social.rules)
 * 1:1992 <-> DISABLED <-> PROTOCOL-FTP LIST directory traversal attempt (protocol-ftp.rules)
 * 1:1993 <-> DISABLED <-> PROTOCOL-IMAP login literal buffer overflow attempt (protocol-imap.rules)
 * 1:1994 <-> DISABLED <-> SERVER-WEBAPP vpasswd.cgi access (server-webapp.rules)
 * 1:1995 <-> DISABLED <-> SERVER-WEBAPP alya.cgi access (server-webapp.rules)
 * 1:1996 <-> DISABLED <-> SERVER-WEBAPP viralator.cgi access (server-webapp.rules)
 * 1:1997 <-> DISABLED <-> SERVER-WEBAPP read_body.php access attempt (server-webapp.rules)
 * 1:1998 <-> DISABLED <-> SERVER-WEBAPP calendar.php access (server-webapp.rules)
 * 1:1999 <-> DISABLED <-> SERVER-WEBAPP edit_image.php access (server-webapp.rules)
 * 1:2000 <-> DISABLED <-> SERVER-WEBAPP readmsg.php access (server-webapp.rules)
 * 1:2001 <-> DISABLED <-> SERVER-WEBAPP smartsearch.cgi access (server-webapp.rules)
 * 1:2002 <-> DISABLED <-> SERVER-WEBAPP remote include path (server-webapp.rules)
 * 1:2003 <-> DISABLED <-> SQL Worm propagation attempt (sql.rules)
 * 1:2004 <-> DISABLED <-> SQL Worm propagation attempt OUTBOUND (sql.rules)
 * 1:2005 <-> DISABLED <-> RPC portmap kcms_server request UDP (rpc.rules)
 * 1:2006 <-> DISABLED <-> RPC portmap kcms_server request TCP (rpc.rules)
 * 1:2007 <-> ENABLED <-> RPC kcms_server directory traversal attempt (rpc.rules)
 * 1:2008 <-> DISABLED <-> INDICATOR-COMPROMISE CVS invalid user authentication response (indicator-compromise.rules)
 * 1:2009 <-> DISABLED <-> INDICATOR-COMPROMISE CVS invalid repository response (indicator-compromise.rules)
 * 1:2010 <-> DISABLED <-> INDICATOR-COMPROMISE CVS double free exploit attempt response (indicator-compromise.rules)
 * 1:2011 <-> DISABLED <-> INDICATOR-COMPROMISE CVS invalid directory response (indicator-compromise.rules)
 * 1:2012 <-> DISABLED <-> INDICATOR-COMPROMISE CVS missing cvsroot response (indicator-compromise.rules)
 * 1:2013 <-> DISABLED <-> INDICATOR-COMPROMISE CVS invalid module response (indicator-compromise.rules)
 * 1:2014 <-> DISABLED <-> RPC portmap UNSET attempt TCP 111 (rpc.rules)
 * 1:2015 <-> DISABLED <-> RPC portmap UNSET attempt UDP 111 (rpc.rules)
 * 1:2016 <-> DISABLED <-> RPC portmap status request TCP (rpc.rules)
 * 1:2017 <-> DISABLED <-> RPC portmap espd request UDP (rpc.rules)
 * 1:2018 <-> DISABLED <-> RPC mountd TCP dump request (rpc.rules)
 * 1:2019 <-> DISABLED <-> RPC mountd UDP dump request (rpc.rules)
 * 1:2020 <-> DISABLED <-> RPC mountd TCP unmount request (rpc.rules)
 * 1:2021 <-> DISABLED <-> RPC mountd UDP unmount request (rpc.rules)
 * 1:2022 <-> DISABLED <-> RPC mountd TCP unmountall request (rpc.rules)
 * 1:2023 <-> DISABLED <-> RPC mountd UDP unmountall request (rpc.rules)
 * 1:2024 <-> DISABLED <-> RPC RQUOTA getquota overflow attempt TCP (rpc.rules)
 * 1:2025 <-> DISABLED <-> RPC yppasswd username overflow attempt UDP (rpc.rules)
 * 1:2026 <-> DISABLED <-> RPC yppasswd username overflow attempt TCP (rpc.rules)
 * 1:2027 <-> DISABLED <-> RPC yppasswd old password overflow attempt UDP (rpc.rules)
 * 1:2028 <-> DISABLED <-> RPC yppasswd old password overflow attempt TCP (rpc.rules)
 * 1:2029 <-> DISABLED <-> RPC yppasswd new password overflow attempt UDP (rpc.rules)
 * 1:2030 <-> DISABLED <-> RPC yppasswd new password overflow attempt TCP (rpc.rules)
 * 1:2031 <-> DISABLED <-> RPC yppasswd user update UDP (rpc.rules)
 * 1:2032 <-> DISABLED <-> RPC yppasswd user update TCP (rpc.rules)
 * 1:2033 <-> DISABLED <-> RPC ypserv maplist request UDP (rpc.rules)
 * 1:2034 <-> DISABLED <-> RPC ypserv maplist request TCP (rpc.rules)
 * 1:2035 <-> DISABLED <-> RPC portmap network-status-monitor request UDP (rpc.rules)
 * 1:2036 <-> DISABLED <-> RPC portmap network-status-monitor request TCP (rpc.rules)
 * 1:2037 <-> DISABLED <-> RPC network-status-monitor mon-callback request UDP (rpc.rules)
 * 1:2038 <-> DISABLED <-> RPC network-status-monitor mon-callback request TCP (rpc.rules)
 * 1:2039 <-> DISABLED <-> SERVER-OTHER bootp hostname format string attempt (server-other.rules)
 * 1:2040 <-> DISABLED <-> POLICY-OTHER xtacacs login attempt (policy-other.rules)
 * 1:2041 <-> DISABLED <-> SCAN xtacacs failed login response (scan.rules)
 * 1:2042 <-> DISABLED <-> POLICY-OTHER xtacacs accepted login response (policy-other.rules)
 * 1:2043 <-> DISABLED <-> SCAN isakmp login failed (scan.rules)
 * 1:2044 <-> DISABLED <-> POLICY-OTHER PPTP Start Control Request attempt (policy-other.rules)
 * 1:2045 <-> DISABLED <-> RPC snmpXdmi overflow attempt UDP (rpc.rules)
 * 1:2046 <-> DISABLED <-> PROTOCOL-IMAP partial body.peek buffer overflow attempt (protocol-imap.rules)
 * 1:2047 <-> DISABLED <-> SERVER-OTHER rsyncd module list access (server-other.rules)
 * 1:2049 <-> DISABLED <-> SQL ping attempt (sql.rules)
 * 1:2050 <-> DISABLED <-> SERVER-MSSQL version overflow attempt (server-mssql.rules)
 * 1:2051 <-> DISABLED <-> SERVER-WEBAPP cached_feed.cgi moreover shopping cart access (server-webapp.rules)
 * 1:2052 <-> DISABLED <-> SERVER-WEBAPP overflow.cgi access (server-webapp.rules)
 * 1:2053 <-> DISABLED <-> SERVER-WEBAPP process_bug.cgi access (server-webapp.rules)
 * 1:2054 <-> DISABLED <-> SERVER-WEBAPP enter_bug.cgi arbitrary command attempt (server-webapp.rules)
 * 1:2055 <-> DISABLED <-> SERVER-WEBAPP enter_bug.cgi access (server-webapp.rules)
 * 1:2056 <-> DISABLED <-> SERVER-WEBAPP TRACE attempt (server-webapp.rules)
 * 1:2057 <-> DISABLED <-> SERVER-WEBAPP helpout.exe access (server-webapp.rules)
 * 1:2058 <-> DISABLED <-> SERVER-WEBAPP MsmMask.exe attempt (server-webapp.rules)
 * 1:2059 <-> DISABLED <-> SERVER-WEBAPP MsmMask.exe access (server-webapp.rules)
 * 1:2060 <-> DISABLED <-> SERVER-WEBAPP DB4Web access (server-webapp.rules)
 * 1:2061 <-> DISABLED <-> SERVER-APACHE Apache Tomcat null byte directory listing attempt (server-apache.rules)
 * 1:2062 <-> DISABLED <-> SERVER-WEBAPP iPlanet .perf access (server-webapp.rules)
 * 1:2063 <-> DISABLED <-> SERVER-WEBAPP Demarc SQL injection attempt (server-webapp.rules)
 * 1:2065 <-> DISABLED <-> SERVER-WEBAPP Lotus Notes .csp script source download attempt (server-webapp.rules)
 * 1:2066 <-> DISABLED <-> SERVER-WEBAPP Lotus Notes .pl script source download attempt (server-webapp.rules)
 * 1:2067 <-> DISABLED <-> SERVER-WEBAPP Lotus Notes .exe script source download attempt (server-webapp.rules)
 * 1:2068 <-> DISABLED <-> SERVER-WEBAPP BitKeeper arbitrary command attempt (server-webapp.rules)
 * 1:2069 <-> DISABLED <-> SERVER-WEBAPP chip.ini access (server-webapp.rules)
 * 1:2070 <-> DISABLED <-> SERVER-WEBAPP post32.exe arbitrary command attempt (server-webapp.rules)
 * 1:2071 <-> DISABLED <-> SERVER-WEBAPP post32.exe access (server-webapp.rules)
 * 1:2072 <-> DISABLED <-> SERVER-WEBAPP lyris.pl access (server-webapp.rules)
 * 1:2073 <-> DISABLED <-> SERVER-WEBAPP globals.pl access (server-webapp.rules)
 * 1:2074 <-> DISABLED <-> SERVER-WEBAPP Mambo uploadimage.php upload php file attempt (server-webapp.rules)
 * 1:2075 <-> DISABLED <-> SERVER-WEBAPP Mambo upload.php upload php file attempt (server-webapp.rules)
 * 1:2076 <-> DISABLED <-> SERVER-WEBAPP Mambo uploadimage.php access (server-webapp.rules)
 * 1:2077 <-> DISABLED <-> SERVER-WEBAPP Mambo upload.php access (server-webapp.rules)
 * 1:2078 <-> DISABLED <-> SERVER-WEBAPP phpBB privmsg.php access (server-webapp.rules)
 * 1:2079 <-> DISABLED <-> RPC portmap nlockmgr request UDP (rpc.rules)
 * 1:2080 <-> DISABLED <-> RPC portmap nlockmgr request TCP (rpc.rules)
 * 1:2081 <-> DISABLED <-> RPC portmap rpc.xfsmd request UDP (rpc.rules)
 * 1:2082 <-> DISABLED <-> RPC portmap rpc.xfsmd request TCP (rpc.rules)
 * 1:2083 <-> DISABLED <-> RPC rpc.xfsmd xfs_export attempt UDP (rpc.rules)
 * 1:2084 <-> DISABLED <-> RPC rpc.xfsmd xfs_export attempt TCP (rpc.rules)
 * 1:2085 <-> DISABLED <-> SERVER-WEBAPP parse_xml.cgi access (server-webapp.rules)
 * 1:2086 <-> DISABLED <-> SERVER-WEBAPP streaming server parse_xml.cgi access (server-webapp.rules)
 * 1:2087 <-> DISABLED <-> SERVER-MAIL From comment overflow attempt (server-mail.rules)
 * 1:2088 <-> DISABLED <-> RPC ypupdated arbitrary command attempt UDP (rpc.rules)
 * 1:2089 <-> DISABLED <-> RPC ypupdated arbitrary command attempt TCP (rpc.rules)
 * 1:2090 <-> DISABLED <-> SERVER-IIS WEBDAV exploit attempt (server-iis.rules)
 * 1:2091 <-> ENABLED <-> SERVER-IIS WEBDAV nessus safe scan attempt (server-iis.rules)
 * 1:2092 <-> DISABLED <-> RPC portmap proxy integer overflow attempt UDP (rpc.rules)
 * 1:2093 <-> DISABLED <-> RPC portmap proxy integer overflow attempt TCP (rpc.rules)
 * 1:2094 <-> DISABLED <-> RPC CMSD UDP CMSD_CREATE array buffer overflow attempt (rpc.rules)
 * 1:2095 <-> DISABLED <-> RPC CMSD TCP CMSD_CREATE array buffer overflow attempt (rpc.rules)
 * 1:2100 <-> DISABLED <-> MALWARE-BACKDOOR SubSeven 2.1 Gold server connection response (malware-backdoor.rules)
 * 1:2101 <-> DISABLED <-> OS-WINDOWS SMB Trans Max Param/Count OS-WINDOWS attempt (os-windows.rules)
 * 1:2103 <-> DISABLED <-> NETBIOS SMB Trans2 OPEN2 unicode maximum param count overflow attempt (netbios.rules)
 * 1:2104 <-> DISABLED <-> INDICATOR-COMPROMISE rexec username too long response (indicator-compromise.rules)
 * 1:2105 <-> DISABLED <-> PROTOCOL-IMAP authenticate literal overflow attempt (protocol-imap.rules)
 * 1:2106 <-> DISABLED <-> PROTOCOL-IMAP lsub overflow attempt (protocol-imap.rules)
 * 1:2107 <-> DISABLED <-> PROTOCOL-IMAP create buffer overflow attempt (protocol-imap.rules)
 * 1:2108 <-> DISABLED <-> PROTOCOL-POP CAPA overflow attempt (protocol-pop.rules)
 * 1:2109 <-> DISABLED <-> PROTOCOL-POP TOP overflow attempt (protocol-pop.rules)
 * 1:2110 <-> DISABLED <-> PROTOCOL-POP STAT overflow attempt (protocol-pop.rules)
 * 1:2111 <-> DISABLED <-> PROTOCOL-POP DELE overflow attempt (protocol-pop.rules)
 * 1:2112 <-> DISABLED <-> PROTOCOL-POP RSET overflow attempt (protocol-pop.rules)
 * 1:2113 <-> DISABLED <-> PROTOCOL-SERVICES rexec username overflow attempt (protocol-services.rules)
 * 1:2114 <-> DISABLED <-> PROTOCOL-SERVICES rexec password overflow attempt (protocol-services.rules)
 * 1:2115 <-> DISABLED <-> SERVER-WEBAPP album.pl access (server-webapp.rules)
 * 1:2116 <-> DISABLED <-> SERVER-WEBAPP chipcfg.cgi access (server-webapp.rules)
 * 1:2117 <-> DISABLED <-> SERVER-IIS Battleaxe Forum login.asp access (server-iis.rules)
 * 1:2118 <-> DISABLED <-> PROTOCOL-IMAP list overflow attempt (protocol-imap.rules)
 * 1:2119 <-> DISABLED <-> PROTOCOL-IMAP rename literal overflow attempt (protocol-imap.rules)
 * 1:2120 <-> DISABLED <-> PROTOCOL-IMAP create literal buffer overflow attempt (protocol-imap.rules)
 * 1:2121 <-> DISABLED <-> PROTOCOL-POP DELE negative argument attempt (protocol-pop.rules)
 * 1:2122 <-> DISABLED <-> PROTOCOL-POP UIDL negative argument attempt (protocol-pop.rules)
 * 1:2123 <-> ENABLED <-> INDICATOR-COMPROMISE Microsoft cmd.exe banner (indicator-compromise.rules)
 * 1:2124 <-> DISABLED <-> MALWARE-BACKDOOR Remote PC Access connection (malware-backdoor.rules)
 * 1:2125 <-> DISABLED <-> PROTOCOL-FTP CWD Root directory transversal attempt (protocol-ftp.rules)
 * 1:2126 <-> DISABLED <-> OS-WINDOWS Microsoft Windows PPTP Start Control Request buffer overflow attempt (os-windows.rules)
 * 1:2127 <-> DISABLED <-> SERVER-WEBAPP ikonboard.cgi access (server-webapp.rules)
 * 1:2128 <-> DISABLED <-> SERVER-WEBAPP swsrv.cgi access (server-webapp.rules)
 * 1:2129 <-> DISABLED <-> SERVER-IIS nsiislog.dll access (server-iis.rules)
 * 1:2130 <-> DISABLED <-> SERVER-IIS IISProtect siteadmin.asp access (server-iis.rules)
 * 1:2131 <-> DISABLED <-> SERVER-IIS IISProtect access (server-iis.rules)
 * 1:2132 <-> DISABLED <-> SERVER-IIS Synchrologic Email Accelerator userid list access attempt (server-iis.rules)
 * 1:2133 <-> DISABLED <-> SERVER-IIS MS BizTalk server access (server-iis.rules)
 * 1:2134 <-> DISABLED <-> SERVER-IIS register.asp access (server-iis.rules)
 * 1:2135 <-> DISABLED <-> SERVER-WEBAPP philboard.mdb access (server-webapp.rules)
 * 1:2136 <-> DISABLED <-> SERVER-WEBAPP philboard_admin.asp authentication bypass attempt (server-webapp.rules)
 * 1:2137 <-> DISABLED <-> SERVER-WEBAPP philboard_admin.asp access (server-webapp.rules)
 * 1:2138 <-> DISABLED <-> SERVER-WEBAPP logicworks.ini access (server-webapp.rules)
 * 1:2139 <-> DISABLED <-> SERVER-WEBAPP /*.shtml access (server-webapp.rules)
 * 1:2140 <-> DISABLED <-> SERVER-WEBAPP p-news.php access (server-webapp.rules)
 * 1:2141 <-> DISABLED <-> SERVER-WEBAPP shoutbox.php directory traversal attempt (server-webapp.rules)
 * 1:2142 <-> DISABLED <-> SERVER-WEBAPP shoutbox.php access (server-webapp.rules)
 * 1:2143 <-> DISABLED <-> SERVER-WEBAPP b2 cafelog gm-2-b2.php remote file include attempt (server-webapp.rules)
 * 1:2144 <-> DISABLED <-> SERVER-WEBAPP b2 cafelog gm-2-b2.php access (server-webapp.rules)
 * 1:2145 <-> DISABLED <-> SERVER-WEBAPP TextPortal admin.php default password admin attempt (server-webapp.rules)
 * 1:2146 <-> DISABLED <-> SERVER-WEBAPP TextPortal admin.php default password 12345 attempt (server-webapp.rules)
 * 1:2147 <-> DISABLED <-> SERVER-WEBAPP BLNews objects.inc.php4 remote file include attempt (server-webapp.rules)
 * 1:2148 <-> DISABLED <-> SERVER-WEBAPP BLNews objects.inc.php4 access (server-webapp.rules)
 * 1:2149 <-> DISABLED <-> SERVER-WEBAPP Turba status.php access (server-webapp.rules)
 * 1:2150 <-> DISABLED <-> SERVER-WEBAPP ttCMS header.php remote file include attempt (server-webapp.rules)
 * 1:2151 <-> DISABLED <-> SERVER-WEBAPP ttCMS header.php access (server-webapp.rules)
 * 1:2152 <-> DISABLED <-> SERVER-WEBAPP test.php access (server-webapp.rules)
 * 1:2153 <-> DISABLED <-> SERVER-WEBAPP autohtml.php directory traversal attempt (server-webapp.rules)
 * 1:2154 <-> DISABLED <-> SERVER-WEBAPP autohtml.php access (server-webapp.rules)
 * 1:2155 <-> DISABLED <-> SERVER-WEBAPP ttforum remote file include attempt (server-webapp.rules)
 * 1:2156 <-> DISABLED <-> SERVER-WEBAPP mod_gzip_status access (server-webapp.rules)
 * 1:2157 <-> DISABLED <-> SERVER-IIS IISProtect globaladmin.asp access (server-iis.rules)
 * 1:2158 <-> DISABLED <-> SERVER-OTHER BGP invalid length (server-other.rules)
 * 1:2159 <-> DISABLED <-> SERVER-OTHER BGP invalid type 0 (server-other.rules)
 * 1:2176 <-> ENABLED <-> OS-WINDOWS SMB startup folder access (os-windows.rules)
 * 1:2177 <-> DISABLED <-> OS-WINDOWS SMB startup folder unicode access (os-windows.rules)
 * 1:2178 <-> DISABLED <-> PROTOCOL-FTP USER format string attempt (protocol-ftp.rules)
 * 1:2179 <-> DISABLED <-> PROTOCOL-FTP PASS format string attempt (protocol-ftp.rules)
 * 1:2180 <-> DISABLED <-> PUA-P2P BitTorrent announce request (pua-p2p.rules)
 * 1:2181 <-> DISABLED <-> PUA-P2P BitTorrent transfer (pua-p2p.rules)
 * 1:2183 <-> DISABLED <-> SERVER-MAIL Content-Transfer-Encoding overflow attempt (server-mail.rules)
 * 1:2184 <-> DISABLED <-> RPC mountd TCP mount path overflow attempt (rpc.rules)
 * 1:2185 <-> DISABLED <-> RPC mountd UDP mount path overflow attempt (rpc.rules)
 * 1:2190 <-> DISABLED <-> NETBIOS DCERPC invalid bind attempt (netbios.rules)
 * 1:2191 <-> DISABLED <-> NETBIOS SMB DCERPC invalid bind attempt (netbios.rules)
 * 1:2194 <-> DISABLED <-> SERVER-WEBAPP CSMailto.cgi access (server-webapp.rules)
 * 1:2195 <-> DISABLED <-> SERVER-WEBAPP alert.cgi access (server-webapp.rules)
 * 1:2196 <-> DISABLED <-> SERVER-WEBAPP catgy.cgi access (server-webapp.rules)
 * 1:2197 <-> DISABLED <-> SERVER-WEBAPP cvsview2.cgi access (server-webapp.rules)
 * 1:2198 <-> DISABLED <-> SERVER-WEBAPP cvslog.cgi access (server-webapp.rules)
 * 1:2199 <-> DISABLED <-> SERVER-WEBAPP multidiff.cgi access (server-webapp.rules)
 * 1:2200 <-> DISABLED <-> SERVER-WEBAPP dnewsweb.cgi access (server-webapp.rules)
 * 1:2201 <-> DISABLED <-> SERVER-WEBAPP download.cgi access (server-webapp.rules)
 * 1:2202 <-> DISABLED <-> SERVER-WEBAPP edit_action.cgi access (server-webapp.rules)
 * 1:2203 <-> DISABLED <-> SERVER-WEBAPP everythingform.cgi access (server-webapp.rules)
 * 1:2204 <-> DISABLED <-> SERVER-WEBAPP ezadmin.cgi access (server-webapp.rules)
 * 1:2205 <-> DISABLED <-> SERVER-WEBAPP ezboard.cgi access (server-webapp.rules)
 * 1:2206 <-> DISABLED <-> SERVER-WEBAPP ezman.cgi access (server-webapp.rules)
 * 1:2207 <-> DISABLED <-> SERVER-WEBAPP fileseek.cgi access (server-webapp.rules)
 * 1:2208 <-> DISABLED <-> SERVER-WEBAPP fom.cgi access (server-webapp.rules)
 * 1:2209 <-> DISABLED <-> SERVER-WEBAPP getdoc.cgi access (server-webapp.rules)
 * 1:2210 <-> DISABLED <-> SERVER-WEBAPP global.cgi access (server-webapp.rules)
 * 1:2211 <-> DISABLED <-> SERVER-WEBAPP guestserver.cgi access (server-webapp.rules)
 * 1:2212 <-> DISABLED <-> SERVER-WEBAPP imageFolio.cgi access (server-webapp.rules)
 * 1:2213 <-> DISABLED <-> SERVER-WEBAPP mailfile.cgi access (server-webapp.rules)
 * 1:2214 <-> DISABLED <-> SERVER-WEBAPP mailview.cgi access (server-webapp.rules)
 * 1:2215 <-> DISABLED <-> SERVER-WEBAPP nsManager.cgi access (server-webapp.rules)
 * 1:2216 <-> DISABLED <-> SERVER-WEBAPP readmail.cgi access (server-webapp.rules)
 * 1:2217 <-> DISABLED <-> SERVER-WEBAPP printmail.cgi access (server-webapp.rules)
 * 1:2218 <-> DISABLED <-> SERVER-WEBAPP service.cgi access (server-webapp.rules)
 * 1:2219 <-> DISABLED <-> SERVER-WEBAPP setpasswd.cgi access (server-webapp.rules)
 * 1:2220 <-> DISABLED <-> SERVER-WEBAPP simplestmail.cgi access (server-webapp.rules)
 * 1:2221 <-> DISABLED <-> SERVER-WEBAPP ws_mail.cgi access (server-webapp.rules)
 * 1:2222 <-> DISABLED <-> SERVER-WEBAPP nph-exploitscanget.cgi access (server-webapp.rules)
 * 1:2223 <-> DISABLED <-> SERVER-WEBAPP csNews.cgi access (server-webapp.rules)
 * 1:2224 <-> DISABLED <-> SERVER-WEBAPP psunami.cgi access (server-webapp.rules)
 * 1:2225 <-> DISABLED <-> SERVER-WEBAPP gozila.cgi access (server-webapp.rules)
 * 1:2226 <-> DISABLED <-> SERVER-WEBAPP pmachine remote file include attempt (server-webapp.rules)
 * 1:2227 <-> DISABLED <-> SERVER-WEBAPP forum_details.php access (server-webapp.rules)
 * 1:2228 <-> DISABLED <-> SERVER-WEBAPP phpMyAdmin db_details_importdocsql.php access (server-webapp.rules)
 * 1:2229 <-> DISABLED <-> SERVER-WEBAPP viewtopic.php access (server-webapp.rules)
 * 1:2230 <-> DISABLED <-> SERVER-WEBAPP NetGear router default password login attempt admin/password (server-webapp.rules)
 * 1:2231 <-> DISABLED <-> SERVER-WEBAPP register.dll access (server-webapp.rules)
 * 1:2232 <-> DISABLED <-> SERVER-WEBAPP ContentFilter.dll access (server-webapp.rules)
 * 1:2233 <-> DISABLED <-> SERVER-WEBAPP SFNofitication.dll access (server-webapp.rules)
 * 1:2234 <-> DISABLED <-> SERVER-WEBAPP TOP10.dll access (server-webapp.rules)
 * 1:2235 <-> DISABLED <-> SERVER-WEBAPP SpamExcp.dll access (server-webapp.rules)
 * 1:2236 <-> DISABLED <-> SERVER-WEBAPP spamrule.dll access (server-webapp.rules)
 * 1:2237 <-> DISABLED <-> SERVER-WEBAPP cgiWebupdate.exe access (server-webapp.rules)
 * 1:2238 <-> DISABLED <-> SERVER-WEBAPP WebLogic ConsoleHelp view source attempt (server-webapp.rules)
 * 1:2239 <-> DISABLED <-> SERVER-WEBAPP redirect.exe access (server-webapp.rules)
 * 1:2240 <-> DISABLED <-> SERVER-WEBAPP changepw.exe access (server-webapp.rules)
 * 1:2241 <-> DISABLED <-> SERVER-WEBAPP cwmail.exe access (server-webapp.rules)
 * 1:2242 <-> DISABLED <-> SERVER-WEBAPP ddicgi.exe access (server-webapp.rules)
 * 1:2243 <-> DISABLED <-> SERVER-WEBAPP ndcgi.exe access (server-webapp.rules)
 * 1:2244 <-> DISABLED <-> SERVER-WEBAPP VsSetCookie.exe access (server-webapp.rules)
 * 1:2245 <-> DISABLED <-> SERVER-WEBAPP Webnews.exe access (server-webapp.rules)
 * 1:2246 <-> DISABLED <-> SERVER-WEBAPP webadmin.dll access (server-webapp.rules)
 * 1:2247 <-> DISABLED <-> SERVER-IIS UploadScript11.asp access (server-iis.rules)
 * 1:2248 <-> DISABLED <-> SERVER-IIS DirectoryListing.asp access (server-iis.rules)
 * 1:2249 <-> DISABLED <-> SERVER-IIS /pcadmin/login.asp access (server-iis.rules)
 * 1:2250 <-> DISABLED <-> PROTOCOL-POP USER format string attempt (protocol-pop.rules)
 * 1:2252 <-> ENABLED <-> OS-WINDOWS SMB-DS DCERPC Remote Activation bind attempt (os-windows.rules)
 * 1:2253 <-> DISABLED <-> SERVER-MAIL XEXCH50 overflow attempt (server-mail.rules)
 * 1:2255 <-> DISABLED <-> RPC sadmind query with root credentials attempt TCP (rpc.rules)
 * 1:2256 <-> ENABLED <-> RPC sadmind query with root credentials attempt UDP (rpc.rules)
 * 1:2257 <-> ENABLED <-> OS-WINDOWS DCERPC Messenger Service buffer overflow attempt (os-windows.rules)
 * 1:2258 <-> ENABLED <-> OS-WINDOWS SMB-DS DCERPC Messenger Service buffer overflow attempt (os-windows.rules)
 * 1:2259 <-> DISABLED <-> SERVER-MAIL EXPN overflow attempt (server-mail.rules)
 * 1:2260 <-> DISABLED <-> SERVER-MAIL VRFY overflow attempt (server-mail.rules)
 * 1:2261 <-> DISABLED <-> SERVER-MAIL Sendmail SEND FROM prescan too many addresses overflow (server-mail.rules)
 * 1:2262 <-> DISABLED <-> SERVER-MAIL Sendmail SEND FROM prescan too long addresses overflow (server-mail.rules)
 * 1:2263 <-> DISABLED <-> SERVER-MAIL Sendmail SAML FROM prescan too many addresses overflow (server-mail.rules)
 * 1:2264 <-> DISABLED <-> SERVER-MAIL Sendmail SAML FROM prescan too long addresses overflow (server-mail.rules)
 * 1:2265 <-> DISABLED <-> SERVER-MAIL Sendmail SOML FROM prescan too many addresses overflow (server-mail.rules)
 * 1:2266 <-> DISABLED <-> SERVER-MAIL Sendmail SOML FROM prescan too long addresses overflow (server-mail.rules)
 * 1:2267 <-> DISABLED <-> SERVER-MAIL Sendmail MAIL FROM prescan too many addresses overflow (server-mail.rules)
 * 1:2268 <-> DISABLED <-> SERVER-MAIL Sendmail MAIL FROM prescan too long addresses overflow (server-mail.rules)
 * 1:2269 <-> DISABLED <-> SERVER-MAIL Sendmail RCPT TO prescan too many addresses overflow (server-mail.rules)
 * 1:2270 <-> DISABLED <-> SERVER-MAIL Sendmail RCPT TO prescan too long addresses overflow (server-mail.rules)
 * 1:2271 <-> DISABLED <-> MALWARE-BACKDOOR FsSniffer connection attempt (malware-backdoor.rules)
 * 1:2272 <-> DISABLED <-> PROTOCOL-FTP LIST integer overflow attempt (protocol-ftp.rules)
 * 1:2273 <-> DISABLED <-> PROTOCOL-IMAP login brute force attempt (protocol-imap.rules)
 * 1:2274 <-> DISABLED <-> PROTOCOL-POP login brute force attempt (protocol-pop.rules)
 * 1:2275 <-> DISABLED <-> SERVER-MAIL AUTH LOGON brute force attempt (server-mail.rules)
 * 1:2276 <-> DISABLED <-> SERVER-WEBAPP oracle portal demo access (server-webapp.rules)
 * 1:2277 <-> DISABLED <-> SERVER-WEBAPP PeopleSoft PeopleBooks psdoccgi access (server-webapp.rules)
 * 1:2278 <-> DISABLED <-> SERVER-WEBAPP client negative Content-Length attempt (server-webapp.rules)
 * 1:2279 <-> DISABLED <-> SERVER-WEBAPP UpdateClasses.php access (server-webapp.rules)
 * 1:2280 <-> DISABLED <-> SERVER-WEBAPP Title.php access (server-webapp.rules)
 * 1:2281 <-> DISABLED <-> SERVER-WEBAPP Setup.php access (server-webapp.rules)
 * 1:2282 <-> DISABLED <-> SERVER-WEBAPP GlobalFunctions.php access (server-webapp.rules)
 * 1:2283 <-> DISABLED <-> SERVER-WEBAPP DatabaseFunctions.php access (server-webapp.rules)
 * 1:2284 <-> DISABLED <-> SERVER-WEBAPP rolis guestbook remote file include attempt (server-webapp.rules)
 * 1:2285 <-> DISABLED <-> SERVER-WEBAPP rolis guestbook access (server-webapp.rules)
 * 1:2286 <-> DISABLED <-> SERVER-WEBAPP friends.php access (server-webapp.rules)
 * 1:2287 <-> DISABLED <-> SERVER-WEBAPP Advanced Poll admin_comment.php access (server-webapp.rules)
 * 1:2288 <-> DISABLED <-> SERVER-WEBAPP Advanced Poll admin_edit.php access (server-webapp.rules)
 * 1:2289 <-> DISABLED <-> SERVER-WEBAPP Advanced Poll admin_embed.php access (server-webapp.rules)
 * 1:2290 <-> DISABLED <-> SERVER-WEBAPP Advanced Poll admin_help.php access (server-webapp.rules)
 * 1:2291 <-> DISABLED <-> SERVER-WEBAPP Advanced Poll admin_license.php access (server-webapp.rules)
 * 1:2292 <-> DISABLED <-> SERVER-WEBAPP Advanced Poll admin_logout.php access (server-webapp.rules)
 * 1:2293 <-> DISABLED <-> SERVER-WEBAPP Advanced Poll admin_password.php access (server-webapp.rules)
 * 1:2294 <-> DISABLED <-> SERVER-WEBAPP Advanced Poll admin_preview.php access (server-webapp.rules)
 * 1:2295 <-> DISABLED <-> SERVER-WEBAPP Advanced Poll admin_settings.php access (server-webapp.rules)
 * 1:2296 <-> DISABLED <-> SERVER-WEBAPP Advanced Poll admin_stats.php access (server-webapp.rules)
 * 1:2297 <-> DISABLED <-> SERVER-WEBAPP Advanced Poll admin_templates_misc.php access (server-webapp.rules)
 * 1:2298 <-> DISABLED <-> SERVER-WEBAPP Advanced Poll admin_templates.php access (server-webapp.rules)
 * 1:2299 <-> DISABLED <-> SERVER-WEBAPP Advanced Poll admin_tpl_misc_new.php access (server-webapp.rules)
 * 1:2300 <-> DISABLED <-> SERVER-WEBAPP Advanced Poll admin_tpl_new.php access (server-webapp.rules)
 * 1:2301 <-> DISABLED <-> SERVER-WEBAPP Advanced Poll booth.php access (server-webapp.rules)
 * 1:2302 <-> DISABLED <-> SERVER-WEBAPP Advanced Poll poll_ssi.php access (server-webapp.rules)
 * 1:2303 <-> DISABLED <-> SERVER-WEBAPP Advanced Poll popup.php access (server-webapp.rules)
 * 1:2304 <-> DISABLED <-> SERVER-WEBAPP files.inc.php access (server-webapp.rules)
 * 1:2305 <-> DISABLED <-> SERVER-WEBAPP chatbox.php access (server-webapp.rules)
 * 1:2306 <-> DISABLED <-> SERVER-WEBAPP gallery remote file include attempt (server-webapp.rules)
 * 1:2307 <-> DISABLED <-> SERVER-WEBAPP PayPal Storefront remote file include attempt (server-webapp.rules)
 * 1:2317 <-> DISABLED <-> INDICATOR-COMPROMISE CVS non-relative path error response (indicator-compromise.rules)
 * 1:2318 <-> DISABLED <-> SERVER-OTHER CVS non-relative path access attempt (server-other.rules)
 * 1:2319 <-> DISABLED <-> SERVER-OTHER ebola PASS overflow attempt (server-other.rules)
 * 1:2320 <-> DISABLED <-> SERVER-OTHER ebola USER overflow attempt (server-other.rules)
 * 1:2321 <-> DISABLED <-> SERVER-IIS foxweb.exe access (server-iis.rules)
 * 1:2322 <-> DISABLED <-> SERVER-IIS foxweb.dll access (server-iis.rules)
 * 1:2323 <-> DISABLED <-> SERVER-WEBAPP quickstore.cgi access (server-webapp.rules)
 * 1:2324 <-> DISABLED <-> SERVER-IIS VP-ASP shopsearch.asp access (server-iis.rules)
 * 1:2325 <-> DISABLED <-> SERVER-IIS VP-ASP ShopDisplayProducts.asp access (server-iis.rules)
 * 1:2326 <-> DISABLED <-> SERVER-IIS sgdynamo.exe access (server-iis.rules)
 * 1:2327 <-> DISABLED <-> SERVER-WEBAPP bsml.pl access (server-webapp.rules)
 * 1:2328 <-> DISABLED <-> SERVER-WEBAPP authentication_index.php access (server-webapp.rules)
 * 1:2329 <-> DISABLED <-> SERVER-MSSQL probe response overflow attempt (server-mssql.rules)
 * 1:2330 <-> ENABLED <-> PROTOCOL-IMAP auth overflow attempt (protocol-imap.rules)
 * 1:2331 <-> DISABLED <-> SERVER-WEBAPP MatrikzGB privilege escalation attempt (server-webapp.rules)
 * 1:2332 <-> DISABLED <-> PROTOCOL-FTP MKD format string attempt (protocol-ftp.rules)
 * 1:2333 <-> DISABLED <-> PROTOCOL-FTP RENAME format string attempt (protocol-ftp.rules)
 * 1:2334 <-> DISABLED <-> PROTOCOL-FTP Yak! FTP server default account login attempt (protocol-ftp.rules)
 * 1:2335 <-> DISABLED <-> PROTOCOL-FTP RMD / attempt (protocol-ftp.rules)
 * 1:2337 <-> DISABLED <-> TFTP PUT filename overflow attempt (tftp.rules)
 * 1:2338 <-> DISABLED <-> PROTOCOL-FTP LIST buffer overflow attempt (protocol-ftp.rules)
 * 1:2339 <-> DISABLED <-> TFTP NULL command attempt (tftp.rules)
 * 1:2340 <-> DISABLED <-> PROTOCOL-FTP SITE CHMOD overflow attempt (protocol-ftp.rules)
 * 1:2341 <-> DISABLED <-> SERVER-WEBAPP DCP-Portal remote file include editor script attempt (server-webapp.rules)
 * 1:2342 <-> DISABLED <-> SERVER-WEBAPP DCP-Portal remote file include lib script attempt (server-webapp.rules)
 * 1:2343 <-> DISABLED <-> PROTOCOL-FTP STOR overflow attempt (protocol-ftp.rules)
 * 1:2344 <-> DISABLED <-> PROTOCOL-FTP XCWD overflow attempt (protocol-ftp.rules)
 * 1:2345 <-> DISABLED <-> SERVER-WEBAPP PhpGedView search.php access (server-webapp.rules)
 * 1:2346 <-> DISABLED <-> SERVER-WEBAPP myPHPNuke chatheader.php access (server-webapp.rules)
 * 1:2347 <-> DISABLED <-> SERVER-WEBAPP myPHPNuke partner.php access (server-webapp.rules)
 * 1:2349 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP spoolss EnumPrinters attempt (netbios.rules)
 * 1:2353 <-> DISABLED <-> SERVER-WEBAPP IdeaBox cord.php file include (server-webapp.rules)
 * 1:2354 <-> DISABLED <-> SERVER-WEBAPP IdeaBox notification.php file include (server-webapp.rules)
 * 1:2355 <-> DISABLED <-> SERVER-WEBAPP Invision Board emailer.php file include (server-webapp.rules)
 * 1:2356 <-> DISABLED <-> SERVER-WEBAPP WebChat db_mysql.php file include (server-webapp.rules)
 * 1:2357 <-> DISABLED <-> SERVER-WEBAPP WebChat english.php file include (server-webapp.rules)
 * 1:2358 <-> DISABLED <-> SERVER-WEBAPP Typo3 translations.php file include (server-webapp.rules)
 * 1:2359 <-> DISABLED <-> SERVER-WEBAPP Invision Board ipchat.php file include (server-webapp.rules)
 * 1:2360 <-> DISABLED <-> SERVER-WEBAPP myphpPagetool pt_config.inc file include (server-webapp.rules)
 * 1:2361 <-> DISABLED <-> SERVER-WEBAPP news.php file include (server-webapp.rules)
 * 1:2362 <-> DISABLED <-> SERVER-WEBAPP YaBB SE packages.php file include (server-webapp.rules)
 * 1:2363 <-> DISABLED <-> SERVER-WEBAPP Cyboards default_header.php access (server-webapp.rules)
 * 1:2364 <-> DISABLED <-> SERVER-WEBAPP Cyboards options_form.php access (server-webapp.rules)
 * 1:2365 <-> DISABLED <-> SERVER-WEBAPP newsPHP Language file include attempt (server-webapp.rules)
 * 1:2366 <-> DISABLED <-> SERVER-WEBAPP PhpGedView PGV authentication_index.php base directory manipulation attempt (server-webapp.rules)
 * 1:2367 <-> DISABLED <-> SERVER-WEBAPP PhpGedView PGV functions.php base directory manipulation attempt (server-webapp.rules)
 * 1:2368 <-> DISABLED <-> SERVER-WEBAPP PhpGedView PGV config_gedcom.php base directory manipulation attempt (server-webapp.rules)
 * 1:2369 <-> DISABLED <-> SERVER-WEBAPP ISAPISkeleton.dll access (server-webapp.rules)
 * 1:2370 <-> DISABLED <-> SERVER-WEBAPP BugPort config.conf file access (server-webapp.rules)
 * 1:2371 <-> DISABLED <-> SERVER-WEBAPP Sample_showcode.html access (server-webapp.rules)
 * 1:2372 <-> DISABLED <-> SERVER-WEBAPP Photopost PHP Pro showphoto.php access (server-webapp.rules)
 * 1:2373 <-> DISABLED <-> PROTOCOL-FTP XMKD overflow attempt (protocol-ftp.rules)
 * 1:2374 <-> ENABLED <-> PROTOCOL-FTP NLST overflow attempt (protocol-ftp.rules)
 * 1:2375 <-> DISABLED <-> MALWARE-CNC DoomJuice/mydoom.a backdoor upload/execute (malware-cnc.rules)
 * 1:2376 <-> DISABLED <-> SERVER-OTHER ISAKMP first payload certificate request length overflow attempt (server-other.rules)
 * 1:2377 <-> DISABLED <-> SERVER-OTHER ISAKMP second payload certificate request length overflow attempt (server-other.rules)
 * 1:2378 <-> DISABLED <-> SERVER-OTHER ISAKMP third payload certificate request length overflow attempt (server-other.rules)
 * 1:23783 <-> ENABLED <-> SERVER-WEBAPP Symantec Web Gateway pbcontrol.php filename parameter command injection attempt (server-webapp.rules)
 * 1:2379 <-> DISABLED <-> SERVER-OTHER ISAKMP forth payload certificate request length overflow attempt (server-other.rules)
 * 1:2380 <-> DISABLED <-> SERVER-OTHER ISAKMP fifth payload certificate request length overflow attempt (server-other.rules)
 * 1:2381 <-> DISABLED <-> SERVER-WEBAPP Checkpoint Firewall-1 HTTP parsing format string vulnerability attempt (server-webapp.rules)
 * 1:2382 <-> DISABLED <-> OS-WINDOWS SMB Session Setup NTMLSSP asn1 overflow attempt (os-windows.rules)
 * 1:2383 <-> DISABLED <-> OS-WINDOWS SMB-DS Session Setup NTMLSSP asn1 overflow attempt (os-windows.rules)
 * 1:2386 <-> DISABLED <-> SERVER-IIS NTLM ASN1 vulnerability scan attempt (server-iis.rules)
 * 1:2387 <-> DISABLED <-> SERVER-WEBAPP view_broadcast.cgi access (server-webapp.rules)
 * 1:2388 <-> DISABLED <-> SERVER-WEBAPP streaming server view_broadcast.cgi access (server-webapp.rules)
 * 1:2389 <-> DISABLED <-> PROTOCOL-FTP RNTO overflow attempt (protocol-ftp.rules)
 * 1:2390 <-> DISABLED <-> PROTOCOL-FTP STOU overflow attempt (protocol-ftp.rules)
 * 1:2391 <-> DISABLED <-> PROTOCOL-FTP APPE overflow attempt (protocol-ftp.rules)
 * 1:2392 <-> DISABLED <-> PROTOCOL-FTP RETR overflow attempt (protocol-ftp.rules)
 * 1:2393 <-> DISABLED <-> SERVER-WEBAPP /_admin access (server-webapp.rules)
 * 1:2394 <-> DISABLED <-> SERVER-WEBAPP Compaq web-based management agent denial of service attempt (server-webapp.rules)
 * 1:2395 <-> DISABLED <-> SERVER-WEBAPP InteractiveQuery.jsp access (server-webapp.rules)
 * 1:2396 <-> DISABLED <-> SERVER-WEBAPP CCBill whereami.cgi arbitrary command execution attempt (server-webapp.rules)
 * 1:2397 <-> DISABLED <-> SERVER-WEBAPP CCBill whereami.cgi access (server-webapp.rules)
 * 1:2398 <-> DISABLED <-> SERVER-WEBAPP WAnewsletter newsletter.php file include attempt (server-webapp.rules)
 * 1:2399 <-> DISABLED <-> SERVER-WEBAPP WAnewsletter db_type.php access (server-webapp.rules)
 * 1:2400 <-> DISABLED <-> SERVER-WEBAPP edittag.pl access (server-webapp.rules)
 * 1:2401 <-> DISABLED <-> NETBIOS SMB Session Setup andx username overflow attempt (netbios.rules)
 * 1:2402 <-> DISABLED <-> NETBIOS SMB-DS Session Setup andx username overflow attempt (netbios.rules)
 * 1:2403 <-> DISABLED <-> NETBIOS SMB Session Setup unicode username overflow attempt (netbios.rules)
 * 1:2404 <-> DISABLED <-> NETBIOS SMB-DS Session Setup unicode andx username overflow attempt (netbios.rules)
 * 1:2405 <-> DISABLED <-> SERVER-WEBAPP phptest.php access (server-webapp.rules)
 * 1:2406 <-> DISABLED <-> TELNET APC SmartSlot default admin account attempt (telnet.rules)
 * 1:2407 <-> DISABLED <-> SERVER-WEBAPP util.pl access (server-webapp.rules)
 * 1:2408 <-> DISABLED <-> SERVER-WEBAPP Invision Power Board search.pl access (server-webapp.rules)
 * 1:2409 <-> DISABLED <-> PROTOCOL-POP APOP USER overflow attempt (protocol-pop.rules)
 * 1:2410 <-> DISABLED <-> SERVER-WEBAPP IGeneric Free Shopping Cart page.php access (server-webapp.rules)
 * 1:2411 <-> DISABLED <-> SERVER-WEBAPP RealNetworks RealSystem Server DESCRIBE buffer overflow attempt (server-webapp.rules)
 * 1:2412 <-> ENABLED <-> INDICATOR-COMPROMISE successful cross site scripting forced download attempt (indicator-compromise.rules)
 * 1:2413 <-> DISABLED <-> SERVER-OTHER ISAKMP delete hash with empty hash attempt (server-other.rules)
 * 1:2414 <-> DISABLED <-> SERVER-OTHER ISAKMP initial contact notification without SPI attempt (server-other.rules)
 * 1:2415 <-> DISABLED <-> SERVER-OTHER ISAKMP second payload initial contact notification without SPI attempt (server-other.rules)
 * 1:2416 <-> DISABLED <-> PROTOCOL-FTP invalid MDTM command attempt (protocol-ftp.rules)
 * 1:2417 <-> DISABLED <-> PROTOCOL-FTP format string attempt (protocol-ftp.rules)
 * 1:2418 <-> DISABLED <-> POLICY-OTHER Microsoft Windows Terminal Server no encryption session initiation attempt (policy-other.rules)
 * 1:2419 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer .ram playlist file download request (file-identify.rules)
 * 1:2420 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer .rmp playlist file download request (file-identify.rules)
 * 1:2422 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer .rt playlist file download request (file-identify.rules)
 * 1:2423 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer .rp playlist file download request (file-identify.rules)
 * 1:2424 <-> DISABLED <-> NNTP sendsys overflow attempt (nntp.rules)
 * 1:2425 <-> DISABLED <-> NNTP senduuname overflow attempt (nntp.rules)
 * 1:2426 <-> DISABLED <-> NNTP version overflow attempt (nntp.rules)
 * 1:2427 <-> DISABLED <-> NNTP checkgroups overflow attempt (nntp.rules)
 * 1:2428 <-> DISABLED <-> NNTP ihave overflow attempt (nntp.rules)
 * 1:2429 <-> DISABLED <-> NNTP sendme overflow attempt (nntp.rules)
 * 1:2430 <-> ENABLED <-> NNTP newgroup overflow attempt (nntp.rules)
 * 1:2431 <-> ENABLED <-> NNTP rmgroup overflow attempt (nntp.rules)
 * 1:2432 <-> DISABLED <-> NNTP article post without path attempt (nntp.rules)
 * 1:2433 <-> DISABLED <-> SERVER-WEBAPP MDaemon form2raw.cgi overflow attempt (server-webapp.rules)
 * 1:2434 <-> DISABLED <-> SERVER-WEBAPP MDaemon form2raw.cgi access (server-webapp.rules)
 * 1:2435 <-> ENABLED <-> FILE-IDENTIFY Microsoft emf file download request (file-identify.rules)
 * 1:24355 <-> ENABLED <-> SERVER-MSSQL Microsoft SQL Server Reporting Services cross site scripting attempt (server-mssql.rules)
 * 1:2436 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Audio wmf file download request (file-identify.rules)
 * 1:2437 <-> DISABLED <-> WEB-CLIENT RealNetworks RealPlayer arbitrary javascript command attempt (web-client.rules)
 * 1:2438 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer playlist file URL overflow attempt (file-multimedia.rules)
 * 1:2439 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer playlist http URL overflow attempt (file-multimedia.rules)
 * 1:2440 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer playlist rtsp URL overflow attempt (file-multimedia.rules)
 * 1:2441 <-> DISABLED <-> SERVER-WEBAPP NetObserve authentication bypass attempt (server-webapp.rules)
 * 1:2442 <-> DISABLED <-> SERVER-WEBAPP generic server user-agent buffer overflow attempt (server-webapp.rules)
 * 1:2446 <-> DISABLED <-> EXPLOIT ICQ SRV_MULTI/SRV_META_USER overflow attempt - ISS Witty Worm (exploit.rules)
 * 1:2447 <-> DISABLED <-> SERVER-WEBAPP ServletManager access (server-webapp.rules)
 * 1:2448 <-> DISABLED <-> SERVER-WEBAPP setinfo.hts access (server-webapp.rules)
 * 1:2449 <-> DISABLED <-> PROTOCOL-FTP ALLO overflow attempt (protocol-ftp.rules)
 * 1:2450 <-> DISABLED <-> POLICY-SOCIAL Yahoo IM successful logon (policy-social.rules)
 * 1:2451 <-> DISABLED <-> POLICY-SOCIAL Yahoo IM voicechat (policy-social.rules)
 * 1:2452 <-> DISABLED <-> POLICY-SOCIAL Yahoo IM ping (policy-social.rules)
 * 1:2453 <-> DISABLED <-> POLICY-SOCIAL Yahoo IM conference invitation (policy-social.rules)
 * 1:2454 <-> DISABLED <-> POLICY-SOCIAL Yahoo IM conference logon success (policy-social.rules)
 * 1:2455 <-> DISABLED <-> POLICY-SOCIAL Yahoo IM conference message (policy-social.rules)
 * 1:2456 <-> DISABLED <-> POLICY-SOCIAL Yahoo Messenger File Transfer Receive Request (policy-social.rules)
 * 1:2457 <-> DISABLED <-> POLICY-SOCIAL Yahoo IM message (policy-social.rules)
 * 1:2458 <-> DISABLED <-> POLICY-SOCIAL Yahoo IM successful chat join (policy-social.rules)
 * 1:2459 <-> DISABLED <-> POLICY-SOCIAL Yahoo IM conference offer invitation (policy-social.rules)
 * 1:2460 <-> DISABLED <-> POLICY-SOCIAL Yahoo IM conference request (policy-social.rules)
 * 1:2461 <-> DISABLED <-> POLICY-SOCIAL Yahoo IM conference watch (policy-social.rules)
 * 1:2462 <-> DISABLED <-> EXPLOIT IGMP IGAP account overflow attempt (exploit.rules)
 * 1:2463 <-> DISABLED <-> EXPLOIT IGMP IGAP message overflow attempt (exploit.rules)
 * 1:2464 <-> DISABLED <-> EXPLOIT EIGRP prefix length overflow attempt (exploit.rules)
 * 1:2474 <-> DISABLED <-> NETBIOS SMB-DS ADMIN$ share access (netbios.rules)
 * 1:2484 <-> DISABLED <-> SERVER-WEBAPP source.jsp access (server-webapp.rules)
 * 1:2485 <-> DISABLED <-> BROWSER-PLUGINS Symantec Norton Internet Security 2004 ActiveX clsid access (browser-plugins.rules)
 * 1:2486 <-> DISABLED <-> DOS ISAKMP invalid identification payload attempt (dos.rules)
 * 1:2487 <-> DISABLED <-> SERVER-MAIL WinZip MIME content-type buffer overflow (server-mail.rules)
 * 1:2488 <-> DISABLED <-> SERVER-MAIL WinZip MIME content-disposition buffer overflow (server-mail.rules)
 * 1:2489 <-> DISABLED <-> SERVER-OTHER esignal STREAMQUOTE buffer overflow attempt (server-other.rules)
 * 1:2490 <-> DISABLED <-> SERVER-OTHER esignal SNAPQUOTE buffer overflow attempt (server-other.rules)
 * 1:2508 <-> ENABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP lsass DsRolerUpgradeDownlevelServer overflow attempt (os-windows.rules)
 * 1:2511 <-> ENABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP lsass DsRolerUpgradeDownlevelServer overflow attempt (os-windows.rules)
 * 1:2515 <-> DISABLED <-> OS-WINDOWS PCT Client_Hello overflow attempt (os-windows.rules)
 * 1:2523 <-> DISABLED <-> DOS BGP spoofed connection reset attempt (dos.rules)
 * 1:2545 <-> DISABLED <-> SERVER-OTHER AFP FPLoginExt username buffer overflow attempt (server-other.rules)
 * 1:2546 <-> DISABLED <-> PROTOCOL-FTP MDTM overflow attempt (protocol-ftp.rules)
 * 1:2547 <-> DISABLED <-> SERVER-OTHER HP Web JetAdmin remote file upload attempt (server-other.rules)
 * 1:2548 <-> DISABLED <-> SERVER-OTHER HP Web JetAdmin setinfo access (server-other.rules)
 * 1:2549 <-> DISABLED <-> SERVER-OTHER HP Web JetAdmin file write attempt (server-other.rules)
 * 1:2550 <-> DISABLED <-> FILE-OTHER Nullsoft Winamp XM file buffer overflow attempt (file-other.rules)
 * 1:2551 <-> DISABLED <-> SERVER-OTHER Oracle Web Cache GET overflow attempt (server-other.rules)
 * 1:2552 <-> DISABLED <-> SERVER-OTHER Oracle Web Cache HEAD overflow attempt (server-other.rules)
 * 1:2553 <-> DISABLED <-> SERVER-OTHER Oracle Web Cache PUT overflow attempt (server-other.rules)
 * 1:2554 <-> DISABLED <-> SERVER-OTHER Oracle Web Cache POST overflow attempt (server-other.rules)
 * 1:2555 <-> DISABLED <-> SERVER-OTHER Oracle Web Cache TRACE overflow attempt (server-other.rules)
 * 1:2556 <-> DISABLED <-> SERVER-OTHER Oracle Web Cache DELETE overflow attempt (server-other.rules)
 * 1:2557 <-> DISABLED <-> SERVER-OTHER Oracle Web Cache LOCK overflow attempt (server-other.rules)
 * 1:2558 <-> DISABLED <-> SERVER-OTHER Oracle Web Cache MKCOL overflow attempt (server-other.rules)
 * 1:2559 <-> DISABLED <-> SERVER-OTHER Oracle Web Cache COPY overflow attempt (server-other.rules)
 * 1:2560 <-> DISABLED <-> SERVER-OTHER Oracle Web Cache MOVE overflow attempt (server-other.rules)
 * 1:2561 <-> DISABLED <-> SERVER-OTHER rsync backup-dir directory traversal attempt (server-other.rules)
 * 1:2562 <-> DISABLED <-> SERVER-WEBAPP McAfee ePO file upload attempt (server-webapp.rules)
 * 1:2563 <-> DISABLED <-> NETBIOS NS lookup response name overflow attempt (netbios.rules)
 * 1:2564 <-> DISABLED <-> NETBIOS NS lookup short response attempt (netbios.rules)
 * 1:2565 <-> DISABLED <-> SERVER-WEBAPP modules.php access (server-webapp.rules)
 * 1:2566 <-> DISABLED <-> SERVER-WEBAPP PHPBB viewforum.php access (server-webapp.rules)
 * 1:2567 <-> DISABLED <-> SERVER-WEBAPP Emumail init.emu access (server-webapp.rules)
 * 1:2568 <-> DISABLED <-> SERVER-WEBAPP Emumail emumail.fcgi access (server-webapp.rules)
 * 1:2569 <-> DISABLED <-> SERVER-WEBAPP cPanel resetpass access (server-webapp.rules)
 * 1:2570 <-> DISABLED <-> SERVER-WEBAPP Invalid HTTP Version String (server-webapp.rules)
 * 1:2571 <-> DISABLED <-> SERVER-IIS SmarterTools SmarterMail frmGetAttachment.aspx access (server-iis.rules)
 * 1:2572 <-> DISABLED <-> SERVER-IIS SmarterTools SmarterMail login.aspx buffer overflow attempt (server-iis.rules)
 * 1:2573 <-> DISABLED <-> SERVER-IIS SmarterTools SmarterMail frmCompose.asp access (server-iis.rules)
 * 1:2574 <-> DISABLED <-> PROTOCOL-FTP RETR format string attempt (protocol-ftp.rules)
 * 1:2575 <-> DISABLED <-> SERVER-WEBAPP Opt-X header.php remote file include attempt (server-webapp.rules)
 * 1:2576 <-> DISABLED <-> SERVER-ORACLE dbms_repcat.generate_replication_support buffer overflow attempt (server-oracle.rules)
 * 1:2577 <-> DISABLED <-> WEB-CLIENT local resource redirection attempt (web-client.rules)
 * 1:2578 <-> DISABLED <-> SERVER-OTHER kerberos principal name overflow UDP (server-other.rules)
 * 1:2579 <-> DISABLED <-> SERVER-OTHER kerberos principal name overflow TCP (server-other.rules)
 * 1:2580 <-> DISABLED <-> SERVER-WEBAPP server negative Content-Length attempt (server-webapp.rules)
 * 1:2581 <-> DISABLED <-> SERVER-WEBAPP SAP Crystal Reports crystalimagehandler.aspx access (server-webapp.rules)
 * 1:2582 <-> DISABLED <-> OS-WINDOWS SAP Crystal Reports crystalImageHandler.asp directory traversal attempt (os-windows.rules)
 * 1:2583 <-> DISABLED <-> SERVER-OTHER CVS Max-dotdot integer overflow attempt (server-other.rules)
 * 1:2584 <-> DISABLED <-> SERVER-OTHER eMule buffer overflow attempt (server-other.rules)
 * 1:2585 <-> ENABLED <-> SERVER-WEBAPP nessus 2.x 404 probe (server-webapp.rules)
 * 1:25869 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:2587 <-> DISABLED <-> PUA-P2P eDonkey server response (pua-p2p.rules)
 * 1:25870 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:25871 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:25872 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:25873 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:25874 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:25875 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:25876 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:25877 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:25878 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:25879 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:2588 <-> DISABLED <-> SERVER-WEBAPP TUTOS path disclosure attempt (server-webapp.rules)
 * 1:25880 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:25881 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:25882 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:25883 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:25884 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:25885 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:25886 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:25887 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:25888 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:25889 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:2589 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Content-Disposition CLSID command attempt (os-windows.rules)
 * 1:25890 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:25891 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:25892 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:25893 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:25894 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:25895 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:25896 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:25897 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:25898 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:25899 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:25900 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:25901 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:25902 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:25903 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:25904 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:25905 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 1:25906 <-> DISABLED <-> MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (malware-tools.rules)
 * 3:15975 <-> ENABLED <-> WEB-CLIENT OpenOffice TIFF file in little endian format parsing integer overflow attempt (web-client.rules)
 * 3:15976 <-> ENABLED <-> WEB-CLIENT OpenOffice TIFF file in big endian format parsing integer overflow attempt (web-client.rules)