Sourcefire VRT Update
Date: 2006-08-09
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack.
The format of the file is:
sid - Message (rule group)
New rules: 7206 <-> Disabled <-> ORACLE DBMS_EXPORT_EXTENSION access attempt (oracle.rules) 7207 <-> Enabled <-> ORACLE DBMS_EXPORT_EXTENSION SQL injection attempt (oracle.rules) 7208 <-> Enabled <-> ORACLE DBMS_EXPORT_EXTENSION.GET_DOMAIN_INDEX_METADATA access attempt (oracle.rules) 7209 <-> Enabled <-> NETBIOS SMB-DS srvsvc NetrPathCanonicalize object call overflow attempt (netbios.rules) 7210 <-> Enabled <-> NETBIOS SMB-DS srvsvc NetrPathCanonicalize little endian overflow attempt (netbios.rules) 7211 <-> Enabled <-> NETBIOS SMB srvsvc NetrPathCanonicalize little endian overflow attempt (netbios.rules) 7212 <-> Enabled <-> NETBIOS SMB-DS v4 srvsvc NetrPathCanonicalize little endian overflow attempt (netbios.rules) 7213 <-> Enabled <-> NETBIOS SMB srvsvc NetrPathCanonicalize unicode little endian overflow attempt (netbios.rules) 7214 <-> Enabled <-> NETBIOS SMB srvsvc NetrPathCanonicalize overflow attempt (netbios.rules) 7215 <-> Enabled <-> NETBIOS SMB-DS v4 srvsvc NetrPathCanonicalize unicode overflow attempt (netbios.rules) 7216 <-> Enabled <-> NETBIOS SMB-DS v4 srvsvc NetrPathCanonicalize WriteAndX little endian overflow attempt (netbios.rules) 7217 <-> Enabled <-> NETBIOS SMB v4 srvsvc NetrPathCanonicalize WriteAndX little endian overflow attempt (netbios.rules) 7218 <-> Enabled <-> NETBIOS SMB v4 srvsvc NetrPathCanonicalize WriteAndX overflow attempt (netbios.rules) 7219 <-> Enabled <-> NETBIOS SMB-DS srvsvc NetrPathCanonicalize overflow attempt (netbios.rules) 7220 <-> Enabled <-> NETBIOS SMB v4 srvsvc NetrPathCanonicalize unicode overflow attempt (netbios.rules) 7221 <-> Enabled <-> NETBIOS SMB v4 srvsvc NetrPathCanonicalize overflow attempt (netbios.rules) 7222 <-> Enabled <-> NETBIOS SMB srvsvc NetrPathCanonicalize WriteAndX unicode object call overflow attempt (netbios.rules) 7223 <-> Enabled <-> NETBIOS SMB srvsvc NetrPathCanonicalize WriteAndX unicode little endian object call overflow attempt (netbios.rules) 7224 <-> Enabled <-> NETBIOS SMB srvsvc NetrPathCanonicalize WriteAndX little endian object call overflow attempt (netbios.rules) 7225 <-> Enabled <-> NETBIOS SMB-DS v4 srvsvc NetrPathCanonicalize WriteAndX unicode little endian overflow attempt (netbios.rules) 7226 <-> Enabled <-> NETBIOS SMB srvsvc NetrPathCanonicalize WriteAndX unicode little endian overflow attempt (netbios.rules) 7227 <-> Enabled <-> NETBIOS SMB-DS srvsvc NetrPathCanonicalize WriteAndX unicode little endian object call overflow attempt (netbios.rules) 7228 <-> Enabled <-> NETBIOS SMB srvsvc NetrPathCanonicalize unicode little endian object call overflow attempt (netbios.rules) 7229 <-> Enabled <-> NETBIOS SMB-DS srvsvc NetrPathCanonicalize unicode object call overflow attempt (netbios.rules) 7230 <-> Enabled <-> NETBIOS SMB srvsvc NetrPathCanonicalize WriteAndX object call overflow attempt (netbios.rules) 7231 <-> Enabled <-> NETBIOS SMB-DS srvsvc NetrPathCanonicalize WriteAndX little endian object call overflow attempt (netbios.rules) 7232 <-> Enabled <-> NETBIOS SMB-DS srvsvc NetrPathCanonicalize WriteAndX object call overflow attempt (netbios.rules) 7233 <-> Enabled <-> NETBIOS SMB v4 srvsvc NetrPathCanonicalize WriteAndX unicode overflow attempt (netbios.rules) 7234 <-> Enabled <-> NETBIOS SMB srvsvc NetrPathCanonicalize WriteAndX unicode overflow attempt (netbios.rules) 7235 <-> Enabled <-> NETBIOS SMB v4 srvsvc NetrPathCanonicalize unicode little endian overflow attempt (netbios.rules) 7236 <-> Enabled <-> NETBIOS SMB-DS srvsvc NetrPathCanonicalize WriteAndX unicode little endian overflow attempt (netbios.rules) 7237 <-> Enabled <-> NETBIOS SMB-DS srvsvc NetrPathCanonicalize unicode overflow attempt (netbios.rules) 7238 <-> Enabled <-> NETBIOS SMB srvsvc NetrPathCanonicalize WriteAndX overflow attempt (netbios.rules) 7239 <-> Enabled <-> NETBIOS SMB-DS srvsvc NetrPathCanonicalize WriteAndX little endian overflow attempt (netbios.rules) 7240 <-> Enabled <-> NETBIOS SMB-DS v4 srvsvc NetrPathCanonicalize unicode little endian overflow attempt (netbios.rules) 7241 <-> Enabled <-> NETBIOS SMB-DS v4 srvsvc NetrPathCanonicalize WriteAndX unicode overflow attempt (netbios.rules) 7242 <-> Enabled <-> NETBIOS SMB v4 srvsvc NetrPathCanonicalize WriteAndX unicode little endian overflow attempt (netbios.rules) 7243 <-> Enabled <-> NETBIOS SMB-DS v4 srvsvc NetrPathCanonicalize overflow attempt (netbios.rules) 7244 <-> Enabled <-> NETBIOS SMB srvsvc NetrPathCanonicalize unicode overflow attempt (netbios.rules) 7245 <-> Enabled <-> NETBIOS SMB-DS srvsvc NetrPathCanonicalize WriteAndX overflow attempt (netbios.rules) 7246 <-> Enabled <-> NETBIOS SMB-DS srvsvc NetrPathCanonicalize WriteAndX unicode overflow attempt (netbios.rules) 7247 <-> Enabled <-> NETBIOS SMB-DS srvsvc NetrPathCanonicalize unicode little endian overflow attempt (netbios.rules) 7248 <-> Enabled <-> NETBIOS SMB v4 srvsvc NetrPathCanonicalize little endian overflow attempt (netbios.rules) 7249 <-> Enabled <-> NETBIOS SMB srvsvc NetrPathCanonicalize object call overflow attempt (netbios.rules) 7250 <-> Enabled <-> NETBIOS SMB-DS srvsvc NetrPathCanonicalize WriteAndX unicode object call overflow attempt (netbios.rules) 7251 <-> Enabled <-> NETBIOS SMB srvsvc NetrPathCanonicalize WriteAndX little endian overflow attempt (netbios.rules) 7252 <-> Enabled <-> NETBIOS SMB srvsvc NetrPathCanonicalize unicode object call overflow attempt (netbios.rules) 7253 <-> Enabled <-> NETBIOS SMB-DS v4 srvsvc NetrPathCanonicalize WriteAndX overflow attempt (netbios.rules) 7254 <-> Enabled <-> NETBIOS SMB srvsvc NetrPathCanonicalize little endian object call overflow attempt (netbios.rules) 7255 <-> Enabled <-> NETBIOS SMB-DS srvsvc NetrPathCanonicalize little endian object call overflow attempt (netbios.rules) 7256 <-> Enabled <-> NETBIOS SMB-DS srvsvc NetrPathCanonicalize unicode little endian object call overflow attempt (netbios.rules) 7257 <-> Enabled <-> NETBIOS SMB-DS srvsvc NetrPathCanonicalize andx object call overflow attempt (netbios.rules) 7258 <-> Enabled <-> NETBIOS SMB-DS srvsvc NetrPathCanonicalize little endian andx overflow attempt (netbios.rules) 7259 <-> Enabled <-> NETBIOS SMB srvsvc NetrPathCanonicalize little endian andx overflow attempt (netbios.rules) 7260 <-> Enabled <-> NETBIOS SMB-DS v4 srvsvc NetrPathCanonicalize little endian andx overflow attempt (netbios.rules) 7261 <-> Enabled <-> NETBIOS SMB srvsvc NetrPathCanonicalize unicode little endian andx overflow attempt (netbios.rules) 7262 <-> Enabled <-> NETBIOS SMB srvsvc NetrPathCanonicalize andx overflow attempt (netbios.rules) 7263 <-> Enabled <-> NETBIOS SMB-DS v4 srvsvc NetrPathCanonicalize unicode andx overflow attempt (netbios.rules) 7264 <-> Enabled <-> NETBIOS SMB-DS v4 srvsvc NetrPathCanonicalize WriteAndX little endian andx overflow attempt (netbios.rules) 7265 <-> Enabled <-> NETBIOS SMB v4 srvsvc NetrPathCanonicalize WriteAndX little endian andx overflow attempt (netbios.rules) 7266 <-> Enabled <-> NETBIOS SMB v4 srvsvc NetrPathCanonicalize WriteAndX andx overflow attempt (netbios.rules) 7267 <-> Enabled <-> NETBIOS SMB-DS srvsvc NetrPathCanonicalize andx overflow attempt (netbios.rules) 7268 <-> Enabled <-> NETBIOS SMB v4 srvsvc NetrPathCanonicalize unicode andx overflow attempt (netbios.rules) 7269 <-> Enabled <-> NETBIOS SMB v4 srvsvc NetrPathCanonicalize andx overflow attempt (netbios.rules) 7270 <-> Enabled <-> NETBIOS SMB srvsvc NetrPathCanonicalize WriteAndX unicode andx object call overflow attempt (netbios.rules) 7271 <-> Enabled <-> NETBIOS SMB srvsvc NetrPathCanonicalize WriteAndX unicode little endian andx object call overflow attempt (netbios.rules) 7272 <-> Enabled <-> NETBIOS SMB srvsvc NetrPathCanonicalize WriteAndX little endian andx object call overflow attempt (netbios.rules) 7273 <-> Enabled <-> NETBIOS SMB-DS v4 srvsvc NetrPathCanonicalize WriteAndX unicode little endian andx overflow attempt (netbios.rules) 7274 <-> Enabled <-> NETBIOS SMB srvsvc NetrPathCanonicalize WriteAndX unicode little endian andx overflow attempt (netbios.rules) 7275 <-> Enabled <-> NETBIOS SMB-DS srvsvc NetrPathCanonicalize WriteAndX unicode little endian andx object call overflow attempt (netbios.rules) 7276 <-> Enabled <-> NETBIOS SMB srvsvc NetrPathCanonicalize unicode little endian andx object call overflow attempt (netbios.rules) 7277 <-> Enabled <-> NETBIOS SMB-DS srvsvc NetrPathCanonicalize unicode andx object call overflow attempt (netbios.rules) 7278 <-> Enabled <-> NETBIOS SMB srvsvc NetrPathCanonicalize WriteAndX andx object call overflow attempt (netbios.rules) 7279 <-> Enabled <-> NETBIOS SMB-DS srvsvc NetrPathCanonicalize WriteAndX little endian andx object call overflow attempt (netbios.rules) 7280 <-> Enabled <-> NETBIOS SMB-DS srvsvc NetrPathCanonicalize WriteAndX andx object call overflow attempt (netbios.rules) 7281 <-> Enabled <-> NETBIOS SMB v4 srvsvc NetrPathCanonicalize WriteAndX unicode andx overflow attempt (netbios.rules) 7282 <-> Enabled <-> NETBIOS SMB srvsvc NetrPathCanonicalize WriteAndX unicode andx overflow attempt (netbios.rules) 7283 <-> Enabled <-> NETBIOS SMB v4 srvsvc NetrPathCanonicalize unicode little endian andx overflow attempt (netbios.rules) 7284 <-> Enabled <-> NETBIOS SMB-DS srvsvc NetrPathCanonicalize WriteAndX unicode little endian andx overflow attempt (netbios.rules) 7285 <-> Enabled <-> NETBIOS SMB-DS srvsvc NetrPathCanonicalize unicode andx overflow attempt (netbios.rules) 7286 <-> Enabled <-> NETBIOS SMB srvsvc NetrPathCanonicalize WriteAndX andx overflow attempt (netbios.rules) 7287 <-> Enabled <-> NETBIOS SMB-DS srvsvc NetrPathCanonicalize WriteAndX little endian andx overflow attempt (netbios.rules) 7288 <-> Enabled <-> NETBIOS SMB-DS v4 srvsvc NetrPathCanonicalize unicode little endian andx overflow attempt (netbios.rules) 7289 <-> Enabled <-> NETBIOS SMB-DS v4 srvsvc NetrPathCanonicalize WriteAndX unicode andx overflow attempt (netbios.rules) 7290 <-> Enabled <-> NETBIOS SMB v4 srvsvc NetrPathCanonicalize WriteAndX unicode little endian andx overflow attempt (netbios.rules) 7291 <-> Enabled <-> NETBIOS SMB-DS v4 srvsvc NetrPathCanonicalize andx overflow attempt (netbios.rules) 7292 <-> Enabled <-> NETBIOS SMB srvsvc NetrPathCanonicalize unicode andx overflow attempt (netbios.rules) 7293 <-> Enabled <-> NETBIOS SMB-DS srvsvc NetrPathCanonicalize WriteAndX andx overflow attempt (netbios.rules) 7294 <-> Enabled <-> NETBIOS SMB-DS srvsvc NetrPathCanonicalize WriteAndX unicode andx overflow attempt (netbios.rules) 7295 <-> Enabled <-> NETBIOS SMB-DS srvsvc NetrPathCanonicalize unicode little endian andx overflow attempt (netbios.rules) 7296 <-> Enabled <-> NETBIOS SMB v4 srvsvc NetrPathCanonicalize little endian andx overflow attempt (netbios.rules) 7297 <-> Enabled <-> NETBIOS SMB srvsvc NetrPathCanonicalize andx object call overflow attempt (netbios.rules) 7298 <-> Enabled <-> NETBIOS SMB-DS srvsvc NetrPathCanonicalize WriteAndX unicode andx object call overflow attempt (netbios.rules) 7299 <-> Enabled <-> NETBIOS SMB srvsvc NetrPathCanonicalize WriteAndX little endian andx overflow attempt (netbios.rules) 7300 <-> Enabled <-> NETBIOS SMB srvsvc NetrPathCanonicalize unicode andx object call overflow attempt (netbios.rules) 7301 <-> Enabled <-> NETBIOS SMB-DS v4 srvsvc NetrPathCanonicalize WriteAndX andx overflow attempt (netbios.rules) 7302 <-> Enabled <-> NETBIOS SMB srvsvc NetrPathCanonicalize little endian andx object call overflow attempt (netbios.rules) 7303 <-> Enabled <-> NETBIOS SMB-DS srvsvc NetrPathCanonicalize little endian andx object call overflow attempt (netbios.rules) 7304 <-> Enabled <-> NETBIOS SMB-DS srvsvc NetrPathCanonicalize unicode little endian andx object call overflow attempt (netbios.rules) 7305 <-> Enabled <-> NETBIOS SMB srvsvc alter context attempt (netbios.rules) 7306 <-> Enabled <-> NETBIOS SMB-DS srvsvc WriteAndX alter context attempt (netbios.rules) 7307 <-> Enabled <-> NETBIOS SMB-DS srvsvc unicode alter context attempt (netbios.rules) 7308 <-> Enabled <-> NETBIOS SMB srvsvc WriteAndX alter context attempt (netbios.rules) 7309 <-> Enabled <-> NETBIOS SMB-DS srvsvc WriteAndX unicode alter context attempt (netbios.rules) 7310 <-> Enabled <-> NETBIOS-DG SMB srvsvc alter context attempt (netbios.rules) 7311 <-> Enabled <-> NETBIOS-DG SMB srvsvc WriteAndX alter context attempt (netbios.rules) 7312 <-> Enabled <-> NETBIOS-DG SMB srvsvc unicode alter context attempt (netbios.rules) 7313 <-> Enabled <-> NETBIOS SMB srvsvc unicode alter context attempt (netbios.rules) 7314 <-> Enabled <-> NETBIOS SMB srvsvc WriteAndX unicode alter context attempt (netbios.rules) 7315 <-> Enabled <-> NETBIOS SMB-DS srvsvc alter context attempt (netbios.rules) 7316 <-> Enabled <-> NETBIOS-DG SMB srvsvc WriteAndX unicode alter context attempt (netbios.rules) 7317 <-> Enabled <-> NETBIOS SMB srvsvc little endian alter context attempt (netbios.rules) 7318 <-> Enabled <-> NETBIOS SMB srvsvc WriteAndX little endian alter context attempt (netbios.rules) 7319 <-> Enabled <-> NETBIOS SMB srvsvc unicode little endian alter context attempt (netbios.rules) 7320 <-> Enabled <-> NETBIOS SMB srvsvc WriteAndX unicode little endian alter context attempt (netbios.rules) 7321 <-> Enabled <-> NETBIOS SMB-DS srvsvc little endian alter context attempt (netbios.rules) 7322 <-> Enabled <-> NETBIOS SMB-DS srvsvc WriteAndX little endian alter context attempt (netbios.rules) 7323 <-> Enabled <-> NETBIOS SMB-DS srvsvc unicode little endian alter context attempt (netbios.rules) 7324 <-> Enabled <-> NETBIOS SMB-DS srvsvc WriteAndX unicode little endian alter context attempt (netbios.rules) 7325 <-> Enabled <-> NETBIOS-DG SMB srvsvc little endian alter context attempt (netbios.rules) 7326 <-> Enabled <-> NETBIOS-DG SMB srvsvc WriteAndX little endian alter context attempt (netbios.rules) 7327 <-> Enabled <-> NETBIOS-DG SMB srvsvc unicode little endian alter context attempt (netbios.rules) 7328 <-> Enabled <-> NETBIOS-DG SMB srvsvc WriteAndX unicode little endian alter context attempt (netbios.rules) 7329 <-> Enabled <-> NETBIOS SMB srvsvc bind attempt (netbios.rules) 7330 <-> Enabled <-> NETBIOS SMB srvsvc WriteAndX bind attempt (netbios.rules) 7331 <-> Enabled <-> NETBIOS SMB srvsvc unicode bind attempt (netbios.rules) 7332 <-> Enabled <-> NETBIOS SMB srvsvc WriteAndX unicode bind attempt (netbios.rules) 7333 <-> Enabled <-> NETBIOS SMB-DS srvsvc bind attempt (netbios.rules) 7334 <-> Enabled <-> NETBIOS SMB-DS srvsvc WriteAndX bind attempt (netbios.rules) 7335 <-> Enabled <-> NETBIOS SMB-DS srvsvc unicode bind attempt (netbios.rules) 7336 <-> Enabled <-> NETBIOS SMB-DS srvsvc WriteAndX unicode bind attempt (netbios.rules) 7337 <-> Enabled <-> NETBIOS-DG SMB srvsvc bind attempt (netbios.rules) 7338 <-> Enabled <-> NETBIOS-DG SMB srvsvc WriteAndX bind attempt (netbios.rules) 7339 <-> Enabled <-> NETBIOS-DG SMB srvsvc unicode bind attempt (netbios.rules) 7340 <-> Enabled <-> NETBIOS-DG SMB srvsvc WriteAndX unicode bind attempt (netbios.rules) 7341 <-> Enabled <-> NETBIOS SMB srvsvc little endian bind attempt (netbios.rules) 7342 <-> Enabled <-> NETBIOS SMB srvsvc WriteAndX little endian bind attempt (netbios.rules) 7343 <-> Enabled <-> NETBIOS SMB srvsvc unicode little endian bind attempt (netbios.rules) 7344 <-> Enabled <-> NETBIOS SMB srvsvc WriteAndX unicode little endian bind attempt (netbios.rules) 7345 <-> Enabled <-> NETBIOS SMB-DS srvsvc little endian bind attempt (netbios.rules) 7346 <-> Enabled <-> NETBIOS SMB-DS srvsvc WriteAndX little endian bind attempt (netbios.rules) 7347 <-> Enabled <-> NETBIOS SMB-DS srvsvc unicode little endian bind attempt (netbios.rules) 7348 <-> Enabled <-> NETBIOS SMB-DS srvsvc WriteAndX unicode little endian bind attempt (netbios.rules) 7349 <-> Enabled <-> NETBIOS-DG SMB srvsvc little endian bind attempt (netbios.rules) 7350 <-> Enabled <-> NETBIOS-DG SMB srvsvc WriteAndX little endian bind attempt (netbios.rules) 7351 <-> Enabled <-> NETBIOS-DG SMB srvsvc unicode little endian bind attempt (netbios.rules) 7352 <-> Enabled <-> NETBIOS-DG SMB srvsvc WriteAndX unicode little endian bind attempt (netbios.rules) 7353 <-> Enabled <-> NETBIOS SMB srvsvc andx alter context attempt (netbios.rules) 7354 <-> Enabled <-> NETBIOS SMB-DS srvsvc WriteAndX andx alter context attempt (netbios.rules) 7355 <-> Enabled <-> NETBIOS SMB-DS srvsvc unicode andx alter context attempt (netbios.rules) 7356 <-> Enabled <-> NETBIOS SMB srvsvc WriteAndX andx alter context attempt (netbios.rules) 7357 <-> Enabled <-> NETBIOS SMB-DS srvsvc WriteAndX unicode andx alter context attempt (netbios.rules) 7358 <-> Enabled <-> NETBIOS-DG SMB srvsvc andx alter context attempt (netbios.rules) 7359 <-> Enabled <-> NETBIOS-DG SMB srvsvc WriteAndX andx alter context attempt (netbios.rules) 7360 <-> Enabled <-> NETBIOS-DG SMB srvsvc unicode andx alter context attempt (netbios.rules) 7361 <-> Enabled <-> NETBIOS SMB srvsvc unicode andx alter context attempt (netbios.rules) 7362 <-> Enabled <-> NETBIOS SMB srvsvc WriteAndX unicode andx alter context attempt (netbios.rules) 7363 <-> Enabled <-> NETBIOS SMB-DS srvsvc andx alter context attempt (netbios.rules) 7364 <-> Enabled <-> NETBIOS-DG SMB srvsvc WriteAndX unicode andx alter context attempt (netbios.rules) 7365 <-> Enabled <-> NETBIOS SMB srvsvc little endian andx alter context attempt (netbios.rules) 7366 <-> Enabled <-> NETBIOS SMB srvsvc WriteAndX little endian andx alter context attempt (netbios.rules) 7367 <-> Enabled <-> NETBIOS SMB srvsvc unicode little endian andx alter context attempt (netbios.rules) 7368 <-> Enabled <-> NETBIOS SMB srvsvc WriteAndX unicode little endian andx alter context attempt (netbios.rules) 7369 <-> Enabled <-> NETBIOS SMB-DS srvsvc little endian andx alter context attempt (netbios.rules) 7370 <-> Enabled <-> NETBIOS SMB-DS srvsvc WriteAndX little endian andx alter context attempt (netbios.rules) 7371 <-> Enabled <-> NETBIOS SMB-DS srvsvc unicode little endian andx alter context attempt (netbios.rules) 7372 <-> Enabled <-> NETBIOS SMB-DS srvsvc WriteAndX unicode little endian andx alter context attempt (netbios.rules) 7373 <-> Enabled <-> NETBIOS-DG SMB srvsvc little endian andx alter context attempt (netbios.rules) 7374 <-> Enabled <-> NETBIOS-DG SMB srvsvc WriteAndX little endian andx alter context attempt (netbios.rules) 7375 <-> Enabled <-> NETBIOS-DG SMB srvsvc unicode little endian andx alter context attempt (netbios.rules) 7376 <-> Enabled <-> NETBIOS-DG SMB srvsvc WriteAndX unicode little endian andx alter context attempt (netbios.rules) 7377 <-> Enabled <-> NETBIOS SMB srvsvc andx bind attempt (netbios.rules) 7378 <-> Enabled <-> NETBIOS SMB srvsvc WriteAndX andx bind attempt (netbios.rules) 7379 <-> Enabled <-> NETBIOS SMB srvsvc unicode andx bind attempt (netbios.rules) 7380 <-> Enabled <-> NETBIOS SMB srvsvc WriteAndX unicode andx bind attempt (netbios.rules) 7381 <-> Enabled <-> NETBIOS SMB-DS srvsvc andx bind attempt (netbios.rules) 7382 <-> Enabled <-> NETBIOS SMB-DS srvsvc WriteAndX andx bind attempt (netbios.rules) 7383 <-> Enabled <-> NETBIOS SMB-DS srvsvc unicode andx bind attempt (netbios.rules) 7384 <-> Enabled <-> NETBIOS SMB-DS srvsvc WriteAndX unicode andx bind attempt (netbios.rules) 7385 <-> Enabled <-> NETBIOS-DG SMB srvsvc andx bind attempt (netbios.rules) 7386 <-> Enabled <-> NETBIOS-DG SMB srvsvc WriteAndX andx bind attempt (netbios.rules) 7387 <-> Enabled <-> NETBIOS-DG SMB srvsvc unicode andx bind attempt (netbios.rules) 7388 <-> Enabled <-> NETBIOS-DG SMB srvsvc WriteAndX unicode andx bind attempt (netbios.rules) 7389 <-> Enabled <-> NETBIOS SMB srvsvc little endian andx bind attempt (netbios.rules) 7390 <-> Enabled <-> NETBIOS SMB srvsvc WriteAndX little endian andx bind attempt (netbios.rules) 7391 <-> Enabled <-> NETBIOS SMB srvsvc unicode little endian andx bind attempt (netbios.rules) 7392 <-> Enabled <-> NETBIOS SMB srvsvc WriteAndX unicode little endian andx bind attempt (netbios.rules) 7393 <-> Enabled <-> NETBIOS SMB-DS srvsvc little endian andx bind attempt (netbios.rules) 7394 <-> Enabled <-> NETBIOS SMB-DS srvsvc WriteAndX little endian andx bind attempt (netbios.rules) 7395 <-> Enabled <-> NETBIOS SMB-DS srvsvc unicode little endian andx bind attempt (netbios.rules) 7396 <-> Enabled <-> NETBIOS SMB-DS srvsvc WriteAndX unicode little endian andx bind attempt (netbios.rules) 7397 <-> Enabled <-> NETBIOS-DG SMB srvsvc little endian andx bind attempt (netbios.rules) 7398 <-> Enabled <-> NETBIOS-DG SMB srvsvc WriteAndX little endian andx bind attempt (netbios.rules) 7399 <-> Enabled <-> NETBIOS-DG SMB srvsvc unicode little endian andx bind attempt (netbios.rules) 7400 <-> Enabled <-> NETBIOS-DG SMB srvsvc WriteAndX unicode little endian andx bind attempt (netbios.rules) 7401 <-> Enabled <-> NETBIOS DCERPC DIRECT srvsvc little endian alter context attempt (netbios.rules) 7402 <-> Enabled <-> NETBIOS DCERPC DIRECT-UDP srvsvc little endian alter context attempt (netbios.rules) 7403 <-> Enabled <-> NETBIOS DCERPC DIRECT-UDP srvsvc alter context attempt (netbios.rules) 7404 <-> Enabled <-> NETBIOS DCERPC NCACN-HTTP srvsvc alter context attempt (netbios.rules) 7405 <-> Enabled <-> NETBIOS DCERPC NCADG-IP-UDP srvsvc alter context attempt (netbios.rules) 7406 <-> Enabled <-> NETBIOS DCERPC NCACN-IP-TCP srvsvc alter context attempt (netbios.rules) 7407 <-> Enabled <-> NETBIOS DCERPC NCACN-HTTP srvsvc little endian alter context attempt (netbios.rules) 7408 <-> Enabled <-> NETBIOS DCERPC NCACN-IP-TCP srvsvc little endian alter context attempt (netbios.rules) 7409 <-> Enabled <-> NETBIOS DCERPC NCADG-IP-UDP srvsvc little endian alter context attempt (netbios.rules) 7410 <-> Enabled <-> NETBIOS DCERPC DIRECT srvsvc alter context attempt (netbios.rules) 7411 <-> Enabled <-> NETBIOS DCERPC DIRECT srvsvc little endian bind attempt (netbios.rules) 7412 <-> Enabled <-> NETBIOS DCERPC DIRECT-UDP srvsvc little endian bind attempt (netbios.rules) 7413 <-> Enabled <-> NETBIOS DCERPC DIRECT-UDP srvsvc bind attempt (netbios.rules) 7414 <-> Enabled <-> NETBIOS DCERPC NCACN-HTTP srvsvc bind attempt (netbios.rules) 7415 <-> Enabled <-> NETBIOS DCERPC NCADG-IP-UDP srvsvc bind attempt (netbios.rules) 7416 <-> Enabled <-> NETBIOS DCERPC NCACN-IP-TCP srvsvc bind attempt (netbios.rules) 7417 <-> Enabled <-> NETBIOS DCERPC NCACN-HTTP srvsvc little endian bind attempt (netbios.rules) 7418 <-> Enabled <-> NETBIOS DCERPC NCACN-IP-TCP srvsvc little endian bind attempt (netbios.rules) 7419 <-> Enabled <-> NETBIOS DCERPC NCADG-IP-UDP srvsvc little endian bind attempt (netbios.rules) 7420 <-> Enabled <-> NETBIOS DCERPC DIRECT srvsvc bind attempt (netbios.rules) 7421 <-> Enabled <-> ORACLE DBMS_EXPORT_EXTENSION.GET_V2_DOMAIN_INDEX_TABLES access attempt (oracle.rules) 7422 <-> Enabled <-> EXPLOIT Microsoft MMC mmcndmgr.dll cross site scripting attempt (exploit.rules) 7423 <-> Enabled <-> EXPLOIT Microsoft MMC mmc.exe cross site scripting attempt (exploit.rules) 7424 <-> Enabled <-> EXPLOIT Microsoft MMC createcab.cmd cross site scripting attempt (exploit.rules) 7425 <-> Enabled <-> WEB-CLIENT 9x8Resize ActiveX CLSID access (web-client.rules) 7426 <-> Enabled <-> WEB-CLIENT 9x8Resize ActiveX CLSID unicode access (web-client.rules) 7427 <-> Enabled <-> WEB-CLIENT Allocator Fix ActiveX CLSID access (web-client.rules) 7428 <-> Enabled <-> WEB-CLIENT Allocator Fix ActiveX CLSID unicode access (web-client.rules) 7429 <-> Enabled <-> WEB-CLIENT Bitmap ActiveX CLSID access (web-client.rules) 7430 <-> Enabled <-> WEB-CLIENT Bitmap ActiveX CLSID unicode access (web-client.rules) 7431 <-> Enabled <-> WEB-CLIENT DirectFrame.DirectControl.1 ActiveX CLSID access (web-client.rules) 7432 <-> Enabled <-> WEB-CLIENT DirectFrame.DirectControl.1 ActiveX CLSID unicode access (web-client.rules) 7433 <-> Enabled <-> WEB-CLIENT DirectX Transform Wrapper Property Page ActiveX CLSID access (web-client.rules) 7434 <-> Enabled <-> WEB-CLIENT DirectX Transform Wrapper Property Page ActiveX CLSID unicode access (web-client.rules) 7435 <-> Enabled <-> WEB-CLIENT Dynamic Casts ActiveX CLSID access (web-client.rules) 7436 <-> Enabled <-> WEB-CLIENT Dynamic Casts ActiveX CLSID unicode access (web-client.rules) 7437 <-> Enabled <-> WEB-CLIENT Frame Eater ActiveX CLSID access (web-client.rules) 7438 <-> Enabled <-> WEB-CLIENT Frame Eater ActiveX CLSID unicode access (web-client.rules) 7439 <-> Enabled <-> WEB-CLIENT HTML Help ActiveX CLSID access (web-client.rules) 7440 <-> Enabled <-> WEB-CLIENT HTML Help ActiveX CLSID unicode access (web-client.rules) 7441 <-> Enabled <-> WEB-CLIENT HTML Help ActiveX CLSID unicode access (web-client.rules) 7442 <-> Enabled <-> WEB-CLIENT mmAEPlugIn.AEPlugIn.1 ActiveX CLSID access (web-client.rules) 7443 <-> Enabled <-> WEB-CLIENT mmAEPlugIn.AEPlugIn.1 ActiveX CLSID unicode access (web-client.rules) 7444 <-> Enabled <-> WEB-CLIENT Mmedia.AsyncMHandler.1 ActiveX CLSID access (web-client.rules) 7445 <-> Enabled <-> WEB-CLIENT Mmedia.AsyncMHandler.1 ActiveX CLSID unicode access (web-client.rules) 7446 <-> Enabled <-> WEB-CLIENT Record Queue ActiveX CLSID access (web-client.rules) 7447 <-> Enabled <-> WEB-CLIENT Record Queue ActiveX CLSID unicode access (web-client.rules) 7448 <-> Enabled <-> WEB-CLIENT ShotDetect ActiveX CLSID access (web-client.rules) 7449 <-> Enabled <-> WEB-CLIENT ShotDetect ActiveX CLSID unicode access (web-client.rules) 7450 <-> Enabled <-> WEB-CLIENT Stetch ActiveX CLSID access (web-client.rules) 7451 <-> Enabled <-> WEB-CLIENT Stetch ActiveX CLSID unicode access (web-client.rules) 7452 <-> Enabled <-> WEB-CLIENT WM Color Converter Filter ActiveX CLSID access (web-client.rules) 7453 <-> Enabled <-> WEB-CLIENT WM Color Converter Filter ActiveX CLSID unicode access (web-client.rules) 7454 <-> Enabled <-> WEB-CLIENT Wmm2ae.dll ActiveX CLSID access (web-client.rules) 7455 <-> Enabled <-> WEB-CLIENT Wmm2ae.dll ActiveX CLSID unicode access (web-client.rules) 7456 <-> Enabled <-> WEB-CLIENT Wmm2fxa.dll ActiveX CLSID access (web-client.rules) 7457 <-> Enabled <-> WEB-CLIENT Wmm2fxa.dll ActiveX CLSID unicode access (web-client.rules) 7458 <-> Enabled <-> WEB-CLIENT Wmm2fxb.dll ActiveX CLSID access (web-client.rules) 7459 <-> Enabled <-> WEB-CLIENT Wmm2fxb.dll ActiveX CLSID unicode access (web-client.rules) 7460 <-> Enabled <-> WEB-CLIENT WMT Audio Analyzer ActiveX CLSID access (web-client.rules) 7461 <-> Enabled <-> WEB-CLIENT WMT Audio Analyzer ActiveX CLSID unicode access (web-client.rules) 7462 <-> Enabled <-> WEB-CLIENT WMT Black Frame Generator ActiveX CLSID access (web-client.rules) 7463 <-> Enabled <-> WEB-CLIENT WMT Black Frame Generator ActiveX CLSID unicode access (web-client.rules) 7464 <-> Enabled <-> WEB-CLIENT WMT DeInterlace Filter ActiveX CLSID access (web-client.rules) 7465 <-> Enabled <-> WEB-CLIENT WMT DeInterlace Filter ActiveX CLSID unicode access (web-client.rules) 7466 <-> Enabled <-> WEB-CLIENT WMT DeInterlace Prop Page ActiveX CLSID access (web-client.rules) 7467 <-> Enabled <-> WEB-CLIENT WMT DeInterlace Prop Page ActiveX CLSID unicode access (web-client.rules) 7468 <-> Enabled <-> WEB-CLIENT WMT DirectX Transform Wrapper ActiveX CLSID access (web-client.rules) 7469 <-> Enabled <-> WEB-CLIENT WMT DirectX Transform Wrapper ActiveX CLSID unicode access (web-client.rules) 7470 <-> Enabled <-> WEB-CLIENT WMT DV Extract Filter ActiveX CLSID access (web-client.rules) 7471 <-> Enabled <-> WEB-CLIENT WMT DV Extract Filter ActiveX CLSID unicode access (web-client.rules) 7472 <-> Enabled <-> WEB-CLIENT WMT FormatConversion Prop Page ActiveX CLSID access (web-client.rules) 7473 <-> Enabled <-> WEB-CLIENT WMT FormatConversion Prop Page ActiveX CLSID unicode access (web-client.rules) 7474 <-> Enabled <-> WEB-CLIENT WMT FormatConversion ActiveX CLSID access (web-client.rules) 7475 <-> Enabled <-> WEB-CLIENT WMT FormatConversion ActiveX CLSID unicode access (web-client.rules) 7476 <-> Enabled <-> WEB-CLIENT WMT Import Filter ActiveX CLSID access (web-client.rules) 7477 <-> Enabled <-> WEB-CLIENT WMT Import Filter ActiveX CLSID unicode access (web-client.rules) 7478 <-> Enabled <-> WEB-CLIENT WMT Interlacer ActiveX CLSID access (web-client.rules) 7479 <-> Enabled <-> WEB-CLIENT WMT Interlacer ActiveX CLSID unicode access (web-client.rules) 7480 <-> Enabled <-> WEB-CLIENT WMT Log Filter ActiveX CLSID access (web-client.rules) 7481 <-> Enabled <-> WEB-CLIENT WMT Log Filter ActiveX CLSID unicode access (web-client.rules) 7482 <-> Enabled <-> WEB-CLIENT WMT MuxDeMux Filter ActiveX CLSID access (web-client.rules) 7483 <-> Enabled <-> WEB-CLIENT WMT MuxDeMux Filter ActiveX CLSID unicode access (web-client.rules) 7484 <-> Enabled <-> WEB-CLIENT WMT Sample Info Filter ActiveX CLSID access (web-client.rules) 7485 <-> Enabled <-> WEB-CLIENT WMT Sample Info Filter ActiveX CLSID unicode access (web-client.rules) 7486 <-> Enabled <-> WEB-CLIENT WMT Screen Capture Filter Task Page ActiveX CLSID access (web-client.rules) 7487 <-> Enabled <-> WEB-CLIENT WMT Screen Capture Filter Task Page ActiveX CLSID unicode access (web-client.rules) 7488 <-> Enabled <-> WEB-CLIENT WMT Screen capture Filter ActiveX CLSID access (web-client.rules) 7489 <-> Enabled <-> WEB-CLIENT WMT Screen capture Filter ActiveX CLSID unicode access (web-client.rules) 7490 <-> Enabled <-> WEB-CLIENT WMT Switch Filter ActiveX CLSID access (web-client.rules) 7491 <-> Enabled <-> WEB-CLIENT WMT Switch Filter ActiveX CLSID unicode access (web-client.rules) 7492 <-> Enabled <-> WEB-CLIENT WMT Virtual Renderer ActiveX CLSID access (web-client.rules) 7493 <-> Enabled <-> WEB-CLIENT WMT Virtual Renderer ActiveX CLSID unicode access (web-client.rules) 7494 <-> Enabled <-> WEB-CLIENT WMT Virtual Source ActiveX CLSID access (web-client.rules) 7495 <-> Enabled <-> WEB-CLIENT WMT Virtual Source ActiveX CLSID unicode access (web-client.rules) 7496 <-> Enabled <-> WEB-CLIENT WMT Volume ActiveX CLSID access (web-client.rules) 7497 <-> Enabled <-> WEB-CLIENT WMT Volume ActiveX CLSID unicode access (web-client.rules) 7498 <-> Enabled <-> WEB-CLIENT WM TV Out Smooth Picture Filter ActiveX CLSID access (web-client.rules) 7499 <-> Enabled <-> WEB-CLIENT WM TV Out Smooth Picture Filter ActiveX CLSID unicode access (web-client.rules) 7500 <-> Enabled <-> WEB-CLIENT WM VIH2 Fix ActiveX CLSID access (web-client.rules) 7501 <-> Enabled <-> WEB-CLIENT WM VIH2 Fix ActiveX CLSID unicode access (web-client.rules) Updated rules: 3682 <-> Disabled <-> SMTP spoofed MIME-Type auto-execution attempt (smtp.rules) 6509 <-> Enabled <-> WEB-CLIENT Internet Explorer mhtml uri href buffer overflow attempt (web-client.rules) 6510 <-> Enabled <-> WEB-CLIENT Internet Explorer mhtml uri shortcut buffer overflow attempt (web-client.rules) 7004 <-> Enabled <-> WEB-CLIENT Internet.HHCtrl.1 ActiveX function call access (web-client.rules)
