Sourcefire VRT Update
Date: 2006-12-07
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack.
The format of the file is:
sid - Message (rule group)
New rules: 9324 <-> POLICY TOR Traffic anonymizer server request (policy.rules) 9325 <-> DOS Citrix IMA DOS event data length denial of service attempt (dos.rules) 9427 <-> WEB-CLIENT Acer LunchApp.APlunch ActiveX CLSID access (web-client.rules) 9428 <-> WEB-CLIENT Acer LunchApp.APlunch ActiveX CLSID unicode access (web-client.rules) 9429 <-> WEB-CLIENT Quicktime Movie link scripting security bypass attempt (web-client.rules) 9430 <-> WEB-CLIENT Quicktime Movie link file URI security bypass attempt (web-client.rules) 9431 <-> EXPLOITS Microsoft NNTP response overflow attempt (exploit.rules) 9432 <-> WEB-CLIENT Microsoft Agent buffer overflow attempt (web-client.rules) 9433 <-> WEB-CLIENT Microsoft Agent buffer overflow attempt (web-client.rules) 9434 <-> WEB-CLIENT Ultravox-Max-Msg header integer overflow attempt (web-client.rules) 9435 <-> WEB-CLIENT Ultravox-Max-Msg header integer overflow attempt (web-client.rules) 9436 <-> WEB-CLIENT Ultravox-Max-Msg header integer overflow attempt (web-client.rules) 9437 <-> NETBIOS DCERPC DIRECT brightstor alter context attempt (netbios.rules) 9438 <-> NETBIOS DCERPC DIRECT brightstor little endian alter context attempt (netbios.rules) 9439 <-> NETBIOS DCERPC DIRECT brightstor bind attempt (netbios.rules) 9440 <-> NETBIOS DCERPC DIRECT brightstor little endian bind attempt (netbios.rules) 9441 <-> NETBIOS DCERPC DIRECT brightstor QSIGetQueuePath overflow attempt (netbios.rules) 9442 <-> NETBIOS DCERPC DIRECT v4 brightstor QSIGetQueuePath overflow attempt (netbios.rules) 9443 <-> NETBIOS DCERPC DIRECT v4 brightstor QSIGetQueuePath little endian overflow attempt (netbios.rules) 9444 <-> NETBIOS DCERPC DIRECT brightstor QSIGetQueuePath little endian overflow attempt (netbios.rules) 9445 <-> NETBIOS DCERPC DIRECT brightstor QSIGetQueuePath object call overflow attempt (netbios.rules) 9446 <-> NETBIOS DCERPC DIRECT brightstor QSIGetQueuePath little endian object call overflow attempt (netbios.rules) 9447 <-> NETBIOS SMB-DS ISystemActivator WriteAndX little endian alter context attempt (netbios.rules) 9448 <-> NETBIOS SMB-DS ISystemActivator unicode little endian alter context attempt (netbios.rules) 9449 <-> NETBIOS SMB-DS ISystemActivator WriteAndX unicode alter context attempt (netbios.rules) 9450 <-> NETBIOS SMB ISystemActivator alter context attempt (netbios.rules) 9451 <-> NETBIOS SMB ISystemActivator WriteAndX bind attempt (netbios.rules) 9452 <-> NETBIOS SMB ISystemActivator unicode bind attempt (netbios.rules) 9453 <-> NETBIOS SMB ISystemActivator WriteAndX unicode bind attempt (netbios.rules) 9454 <-> NETBIOS SMB-DS ISystemActivator bind attempt (netbios.rules) 9455 <-> NETBIOS SMB-DS ISystemActivator WriteAndX bind attempt (netbios.rules) 9456 <-> NETBIOS SMB-DS ISystemActivator unicode bind attempt (netbios.rules) 9457 <-> NETBIOS SMB-DS ISystemActivator WriteAndX unicode little endian bind attempt (netbios.rules) 9458 <-> NETBIOS SMB ISystemActivator little endian bind attempt (netbios.rules) 9459 <-> NETBIOS SMB ISystemActivator WriteAndX little endian bind attempt (netbios.rules) 9460 <-> NETBIOS SMB ISystemActivator unicode little endian bind attempt (netbios.rules) 9461 <-> NETBIOS SMB ISystemActivator WriteAndX unicode little endian bind attempt (netbios.rules) 9462 <-> NETBIOS SMB-DS ISystemActivator little endian bind attempt (netbios.rules) 9463 <-> NETBIOS SMB-DS ISystemActivator WriteAndX little endian bind attempt (netbios.rules) 9464 <-> NETBIOS SMB-DS ISystemActivator unicode little endian bind attempt (netbios.rules) 9465 <-> NETBIOS SMB-DS ISystemActivator WriteAndX unicode bind attempt (netbios.rules) 9466 <-> NETBIOS SMB ISystemActivator bind attempt (netbios.rules) 9467 <-> NETBIOS SMB ISystemActivator unicode andx alter context attempt (netbios.rules) 9468 <-> NETBIOS SMB ISystemActivator WriteAndX unicode andx alter context attempt (netbios.rules) 9469 <-> NETBIOS SMB-DS ISystemActivator andx alter context attempt (netbios.rules) 9470 <-> NETBIOS SMB-DS ISystemActivator WriteAndX andx alter context attempt (netbios.rules) 9471 <-> NETBIOS SMB-DS ISystemActivator unicode andx alter context attempt (netbios.rules) 9472 <-> NETBIOS SMB-DS ISystemActivator WriteAndX unicode little endian andx alter context attempt (netbios.rules) 9473 <-> NETBIOS SMB ISystemActivator little endian andx alter context attempt (netbios.rules) 9474 <-> NETBIOS SMB ISystemActivator WriteAndX little endian andx alter context attempt (netbios.rules) 9475 <-> NETBIOS SMB ISystemActivator unicode little endian andx alter context attempt (netbios.rules) 9476 <-> NETBIOS SMB ISystemActivator WriteAndX andx alter context attempt (netbios.rules) 9477 <-> NETBIOS SMB ISystemActivator WriteAndX unicode little endian andx alter context attempt (netbios.rules) 9478 <-> NETBIOS SMB-DS ISystemActivator little endian andx alter context attempt (netbios.rules) 9479 <-> NETBIOS SMB-DS ISystemActivator WriteAndX little endian andx alter context attempt (netbios.rules) 9480 <-> NETBIOS SMB-DS ISystemActivator unicode little endian andx alter context attempt (netbios.rules) 9481 <-> NETBIOS SMB-DS ISystemActivator WriteAndX unicode andx alter context attempt (netbios.rules) 9482 <-> NETBIOS SMB ISystemActivator andx alter context attempt (netbios.rules) 9483 <-> NETBIOS SMB ISystemActivator WriteAndX andx bind attempt (netbios.rules) 9484 <-> NETBIOS SMB ISystemActivator unicode andx bind attempt (netbios.rules) 9485 <-> NETBIOS SMB ISystemActivator WriteAndX unicode andx bind attempt (netbios.rules) 9486 <-> NETBIOS SMB-DS ISystemActivator andx bind attempt (netbios.rules) 9487 <-> NETBIOS SMB-DS ISystemActivator WriteAndX andx bind attempt (netbios.rules) 9488 <-> NETBIOS SMB-DS ISystemActivator unicode andx bind attempt (netbios.rules) 9489 <-> NETBIOS SMB-DS ISystemActivator WriteAndX unicode little endian andx bind attempt (netbios.rules) 9490 <-> NETBIOS SMB ISystemActivator little endian andx bind attempt (netbios.rules) 9491 <-> NETBIOS SMB ISystemActivator WriteAndX little endian andx bind attempt (netbios.rules) 9492 <-> NETBIOS SMB ISystemActivator unicode little endian andx bind attempt (netbios.rules) 9493 <-> NETBIOS SMB ISystemActivator WriteAndX unicode little endian andx bind attempt (netbios.rules) 9494 <-> NETBIOS SMB-DS ISystemActivator little endian andx bind attempt (netbios.rules) 9495 <-> NETBIOS SMB-DS ISystemActivator WriteAndX little endian andx bind attempt (netbios.rules) 9496 <-> NETBIOS SMB-DS ISystemActivator unicode little endian andx bind attempt (netbios.rules) 9497 <-> NETBIOS SMB-DS ISystemActivator WriteAndX unicode andx bind attempt (netbios.rules) 9498 <-> NETBIOS SMB ISystemActivator andx bind attempt (netbios.rules) 9499 <-> NETBIOS DCERPC DIRECT ISystemActivator little endian alter context attempt (netbios.rules) 9500 <-> NETBIOS DCERPC NCACN-HTTP ISystemActivator little endian alter context attempt (netbios.rules) 9501 <-> NETBIOS DCERPC NCACN-HTTP ISystemActivator alter context attempt (netbios.rules) 9502 <-> NETBIOS DCERPC NCACN-IP-TCP ISystemActivator alter context attempt (netbios.rules) 9503 <-> NETBIOS DCERPC NCADG-IP-UDP ISystemActivator alter context attempt (netbios.rules) 9504 <-> NETBIOS DCERPC NCADG-IP-UDP ISystemActivator little endian alter context attempt (netbios.rules) 9505 <-> NETBIOS DCERPC NCACN-IP-TCP ISystemActivator little endian alter context attempt (netbios.rules) 9506 <-> NETBIOS DCERPC DIRECT ISystemActivator alter context attempt (netbios.rules) 9507 <-> NETBIOS DCERPC DIRECT ISystemActivator little endian bind attempt (netbios.rules) 9508 <-> NETBIOS DCERPC NCACN-HTTP ISystemActivator little endian bind attempt (netbios.rules) 9509 <-> NETBIOS DCERPC NCACN-HTTP ISystemActivator bind attempt (netbios.rules) 9510 <-> NETBIOS DCERPC NCACN-IP-TCP ISystemActivator bind attempt (netbios.rules) 9511 <-> NETBIOS DCERPC NCADG-IP-UDP ISystemActivator bind attempt (netbios.rules) 9512 <-> NETBIOS DCERPC NCADG-IP-UDP ISystemActivator little endian bind attempt (netbios.rules) 9513 <-> NETBIOS DCERPC NCACN-IP-TCP ISystemActivator little endian bind attempt (netbios.rules) 9514 <-> NETBIOS DCERPC DIRECT ISystemActivator bind attempt (netbios.rules) 9515 <-> NETBIOS SMB-DS v4 ISystemActivator RemoteCreateInstance WriteAndX unicode little endian attempt (netbios.rules) 9516 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance unicode attempt (netbios.rules) 9517 <-> NETBIOS SMB-DS v4 ISystemActivator RemoteCreateInstance WriteAndX little endian attempt (netbios.rules) 9518 <-> NETBIOS SMB v4 ISystemActivator RemoteCreateInstance WriteAndX unicode attempt (netbios.rules) 9519 <-> NETBIOS SMB-DS v4 ISystemActivator RemoteCreateInstance WriteAndX attempt (netbios.rules) 9520 <-> NETBIOS SMB v4 ISystemActivator RemoteCreateInstance WriteAndX unicode little endian attempt (netbios.rules) 9521 <-> NETBIOS SMB-DS v4 ISystemActivator RemoteCreateInstance attempt (netbios.rules) 9522 <-> NETBIOS SMB v4 ISystemActivator RemoteCreateInstance unicode attempt (netbios.rules) 9523 <-> NETBIOS SMB-DS v4 ISystemActivator RemoteCreateInstance WriteAndX unicode attempt (netbios.rules) 9524 <-> NETBIOS SMB-DS v4 ISystemActivator RemoteCreateInstance unicode little endian attempt (netbios.rules) 9525 <-> NETBIOS SMB v4 ISystemActivator RemoteCreateInstance WriteAndX attempt (netbios.rules) 9526 <-> NETBIOS SMB v4 ISystemActivator RemoteCreateInstance little endian attempt (netbios.rules) 9527 <-> NETBIOS SMB-DS v4 ISystemActivator RemoteCreateInstance little endian attempt (netbios.rules) 9528 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance WriteAndX little endian attempt (netbios.rules) 9529 <-> NETBIOS SMB v4 ISystemActivator RemoteCreateInstance unicode little endian attempt (netbios.rules) 9530 <-> NETBIOS SMB v4 ISystemActivator RemoteCreateInstance attempt (netbios.rules) 9531 <-> NETBIOS SMB v4 ISystemActivator RemoteCreateInstance WriteAndX little endian attempt (netbios.rules) 9532 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance unicode attempt (netbios.rules) 9533 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance WriteAndX unicode attempt (netbios.rules) 9534 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance WriteAndX attempt (netbios.rules) 9535 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance WriteAndX unicode little endian attempt (netbios.rules) 9536 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance little endian attempt (netbios.rules) 9537 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance WriteAndX unicode little endian attempt (netbios.rules) 9538 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance WriteAndX attempt (netbios.rules) 9539 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance attempt (netbios.rules) 9540 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance object call attempt (netbios.rules) 9541 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance WriteAndX unicode object call attempt (netbios.rules) 9542 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance unicode little endian object call attempt (netbios.rules) 9543 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance little endian object call attempt (netbios.rules) 9544 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance WriteAndX little endian object call attempt (netbios.rules) 9545 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance unicode little endian object call attempt (netbios.rules) 9546 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance unicode object call attempt (netbios.rules) 9547 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance andx attempt (netbios.rules) 9548 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance WriteAndX little endian andx object call attempt (netbios.rules) 9549 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance unicode andx object call attempt (netbios.rules) 9550 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance WriteAndX unicode andx object call attempt (netbios.rules) 9551 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance WriteAndX andx object call attempt (netbios.rules) 9552 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance WriteAndX unicode little endian andx object call attempt (netbios.rules) 9553 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance little endian andx object call attempt (netbios.rules) 9554 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance WriteAndX unicode little endian andx object call attempt (netbios.rules) 9555 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance WriteAndX andx object call attempt (netbios.rules) 9556 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance andx object call attempt (netbios.rules) 9557 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance WriteAndX unicode andx attempt (netbios.rules) 9558 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance unicode little endian andx attempt (netbios.rules) 9559 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance little endian andx attempt (netbios.rules) 9560 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance WriteAndX little endian andx attempt (netbios.rules) 9561 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance unicode little endian andx attempt (netbios.rules) 9562 <-> NETBIOS SMB-DS v4 ISystemActivator RemoteCreateInstance unicode andx attempt (netbios.rules) 9563 <-> NETBIOS SMB-DS v4 ISystemActivator RemoteCreateInstance WriteAndX unicode little endian andx attempt (netbios.rules) 9564 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance unicode andx attempt (netbios.rules) 9565 <-> NETBIOS SMB-DS v4 ISystemActivator RemoteCreateInstance WriteAndX little endian andx attempt (netbios.rules) 9566 <-> NETBIOS SMB v4 ISystemActivator RemoteCreateInstance WriteAndX unicode andx attempt (netbios.rules) 9567 <-> NETBIOS SMB-DS v4 ISystemActivator RemoteCreateInstance WriteAndX andx attempt (netbios.rules) 9568 <-> NETBIOS SMB v4 ISystemActivator RemoteCreateInstance WriteAndX unicode little endian andx attempt (netbios.rules) 9569 <-> NETBIOS SMB-DS v4 ISystemActivator RemoteCreateInstance andx attempt (netbios.rules) 9570 <-> NETBIOS SMB v4 ISystemActivator RemoteCreateInstance unicode andx attempt (netbios.rules) 9571 <-> NETBIOS SMB-DS v4 ISystemActivator RemoteCreateInstance WriteAndX unicode andx attempt (netbios.rules) 9572 <-> NETBIOS SMB-DS v4 ISystemActivator RemoteCreateInstance unicode little endian andx attempt (netbios.rules) 9573 <-> NETBIOS SMB v4 ISystemActivator RemoteCreateInstance WriteAndX andx attempt (netbios.rules) 9574 <-> NETBIOS SMB v4 ISystemActivator RemoteCreateInstance little endian andx attempt (netbios.rules) 9575 <-> NETBIOS SMB-DS v4 ISystemActivator RemoteCreateInstance little endian andx attempt (netbios.rules) 9576 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance WriteAndX little endian andx attempt (netbios.rules) 9577 <-> NETBIOS SMB v4 ISystemActivator RemoteCreateInstance unicode little endian andx attempt (netbios.rules) 9578 <-> NETBIOS SMB v4 ISystemActivator RemoteCreateInstance andx attempt (netbios.rules) 9579 <-> NETBIOS SMB v4 ISystemActivator RemoteCreateInstance WriteAndX little endian andx attempt (netbios.rules) 9580 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance unicode andx attempt (netbios.rules) 9581 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance WriteAndX unicode andx attempt (netbios.rules) 9582 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance WriteAndX andx attempt (netbios.rules) 9583 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance WriteAndX unicode little endian andx attempt (netbios.rules) 9584 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance little endian andx attempt (netbios.rules) 9585 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance WriteAndX unicode little endian andx attempt (netbios.rules) 9586 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance WriteAndX andx attempt (netbios.rules) 9587 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance andx attempt (netbios.rules) 9588 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance andx object call attempt (netbios.rules) 9589 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance WriteAndX unicode andx object call attempt (netbios.rules) 9590 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance unicode little endian andx object call attempt (netbios.rules) 9591 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance little endian andx object call attempt (netbios.rules) 9592 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance WriteAndX little endian andx object call attempt (netbios.rules) 9593 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance unicode little endian andx object call attempt (netbios.rules) 9594 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance unicode andx object call attempt (netbios.rules) 9595 <-> NETBIOS DCERPC NCACN-IP-TCP v4 ISystemActivator RemoteCreateInstance attempt (netbios.rules) 9596 <-> NETBIOS DCERPC NCACN-HTTP v4 ISystemActivator RemoteCreateInstance attempt (netbios.rules) 9597 <-> NETBIOS DCERPC DIRECT v4 ISystemActivator RemoteCreateInstance little endian attempt (netbios.rules) 9598 <-> NETBIOS DCERPC DIRECT v4 ISystemActivator RemoteCreateInstance attempt (netbios.rules) 9599 <-> NETBIOS DCERPC NCADG-IP-UDP v4 ISystemActivator RemoteCreateInstance attempt (netbios.rules) 9600 <-> NETBIOS DCERPC NCADG-IP-UDP v4 ISystemActivator RemoteCreateInstance little endian attempt (netbios.rules) 9601 <-> NETBIOS DCERPC NCACN-IP-TCP ISystemActivator RemoteCreateInstance little endian attempt (netbios.rules) 9602 <-> NETBIOS DCERPC DIRECT ISystemActivator RemoteCreateInstance little endian attempt (netbios.rules) 9603 <-> NETBIOS DCERPC NCACN-HTTP ISystemActivator RemoteCreateInstance little endian attempt (netbios.rules) 9604 <-> NETBIOS DCERPC NCACN-HTTP v4 ISystemActivator RemoteCreateInstance little endian attempt (netbios.rules) 9605 <-> NETBIOS DCERPC NCACN-IP-TCP v4 ISystemActivator RemoteCreateInstance little endian attempt (netbios.rules) 9606 <-> NETBIOS DCERPC NCACN-HTTP ISystemActivator RemoteCreateInstance attempt (netbios.rules) 9607 <-> NETBIOS DCERPC NCACN-IP-TCP ISystemActivator RemoteCreateInstance attempt (netbios.rules) 9608 <-> NETBIOS DCERPC DIRECT ISystemActivator RemoteCreateInstance attempt (netbios.rules) 9609 <-> NETBIOS DCERPC NCADG-IP-UDP ISystemActivator RemoteCreateInstance attempt (netbios.rules) 9610 <-> NETBIOS DCERPC NCADG-IP-UDP ISystemActivator RemoteCreateInstance little endian attempt (netbios.rules) 9611 <-> NETBIOS DCERPC NCACN-IP-TCP ISystemActivator RemoteCreateInstance little endian object call attempt (netbios.rules) 9612 <-> NETBIOS DCERPC DIRECT ISystemActivator RemoteCreateInstance little endian object call attempt (netbios.rules) 9613 <-> NETBIOS DCERPC NCACN-HTTP ISystemActivator RemoteCreateInstance little endian object call attempt (netbios.rules) 9614 <-> NETBIOS DCERPC NCACN-HTTP ISystemActivator RemoteCreateInstance object call attempt (netbios.rules) 9615 <-> NETBIOS DCERPC NCACN-IP-TCP ISystemActivator RemoteCreateInstance object call attempt (netbios.rules) 9616 <-> NETBIOS DCERPC DIRECT ISystemActivator RemoteCreateInstance object call attempt (netbios.rules) 9617 <-> NETBIOS DCERPC NCADG-IP-UDP ISystemActivator RemoteCreateInstance object call attempt (netbios.rules) 9618 <-> NETBIOS DCERPC NCADG-IP-UDP ISystemActivator RemoteCreateInstance little endian object call attempt (netbios.rules) 9619 <-> WEB-CLIENT Gnu gv buffer overflow attempt (web-client.rules) 9620 <-> WEB-MISC pajax call_dispatcher remote exec attempt (web-misc.rules) 9621 <-> TFTP 3COM server transport mode buffer overflow attempt (tftp.rules) Updated rules: 1007 <-> WEB-IIS Form_JScript.asp access (web-iis.rules) 1380 <-> WEB-IIS Form_VBScript.asp access (web-iis.rules) 1812 <-> EXPLOIT gobbles SSH exploit attempt (exploit.rules) 1993 <-> IMAP login literal buffer overflow attempt (imap.rules) 2192 <-> NETBIOS SMB ISystemActivator unicode alter context attempt (netbios.rules) 2193 <-> NETBIOS SMB ISystemActivator WriteAndX unicode alter context attempt (netbios.rules) 2350 <-> NETBIOS SMB-DS ISystemActivator alter context attempt (netbios.rules) 2351 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance unicode little endian attempt (netbios.rules) 2352 <-> NETBIOS SMB-DS v4 ISystemActivator RemoteCreateInstance unicode attempt (netbios.rules) 2491 <-> NETBIOS SMB-DS ISystemActivator WriteAndX alter context attempt (netbios.rules) 2492 <-> NETBIOS SMB-DS ISystemActivator unicode alter context attempt (netbios.rules) 2493 <-> NETBIOS SMB-DS ISystemActivator WriteAndX unicode little endian alter context attempt (netbios.rules) 3197 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance little endian attempt (netbios.rules) 3198 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance WriteAndX little endian attempt (netbios.rules) 3275 <-> NETBIOS SMB ISystemActivator little endian alter context attempt (netbios.rules) 3276 <-> NETBIOS SMB ISystemActivator WriteAndX little endian alter context attempt (netbios.rules) 3393 <-> NETBIOS SMB ISystemActivator unicode little endian alter context attempt (netbios.rules) 3394 <-> NETBIOS SMB ISystemActivator WriteAndX alter context attempt (netbios.rules) 3395 <-> NETBIOS SMB ISystemActivator WriteAndX unicode little endian alter context attempt (netbios.rules) 3396 <-> NETBIOS SMB-DS ISystemActivator little endian alter context attempt (netbios.rules) 3397 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance attempt (netbios.rules) 3398 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance WriteAndX little endian object call attempt (netbios.rules) 3399 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance unicode object call attempt (netbios.rules) 3400 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance WriteAndX unicode object call attempt (netbios.rules) 3401 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance WriteAndX object call attempt (netbios.rules) 3402 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance WriteAndX unicode little endian object call attempt (netbios.rules) 3403 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance little endian object call attempt (netbios.rules) 3404 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance WriteAndX unicode little endian object call attempt (netbios.rules) 3405 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance WriteAndX object call attempt (netbios.rules) 3406 <-> NETBIOS SMB ISystemActivator RemoteCreateInstance object call attempt (netbios.rules) 3407 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance WriteAndX unicode attempt (netbios.rules) 3408 <-> NETBIOS SMB-DS ISystemActivator RemoteCreateInstance unicode little endian attempt (netbios.rules) 8727 <-> WEB-CLIENT XMLHTTP 4.0 ActiveX CLSID access (web-client.rules) 8728 <-> WEB-CLIENT XMLHTTP 4.0 ActiveX CLSID unicode access (web-client.rules) 9027 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 overflow attempt (netbios.rules) 9028 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 WriteAndX overflow attempt (netbios.rules) 9029 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 unicode object call overflow attempt (netbios.rules) 9030 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 WriteAndX unicode little endian object call overflow attempt (netbios.rules) 9031 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 little endian object call overflow attempt (netbios.rules) 9032 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 WriteAndX little endian object call overflow attempt (netbios.rules) 9033 <-> NETBIOS SMB wkssvc NetrJoinDomain2 WriteAndX unicode little endian overflow attempt (netbios.rules) 9034 <-> NETBIOS SMB wkssvc NetrJoinDomain2 object call overflow attempt (netbios.rules) 9035 <-> NETBIOS SMB v4 wkssvc NetrJoinDomain2 WriteAndX unicode overflow attempt (netbios.rules) 9036 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 WriteAndX unicode little endian overflow attempt (netbios.rules) 9037 <-> NETBIOS SMB wkssvc NetrJoinDomain2 WriteAndX little endian object call overflow attempt (netbios.rules) 9038 <-> NETBIOS SMB-DS v4 wkssvc NetrJoinDomain2 unicode little endian overflow attempt (netbios.rules) 9039 <-> NETBIOS SMB v4 wkssvc NetrJoinDomain2 unicode overflow attempt (netbios.rules) 9040 <-> NETBIOS SMB-DS v4 wkssvc NetrJoinDomain2 unicode overflow attempt (netbios.rules) 9041 <-> NETBIOS SMB wkssvc NetrJoinDomain2 unicode overflow attempt (netbios.rules) 9042 <-> NETBIOS SMB wkssvc NetrJoinDomain2 WriteAndX little endian overflow attempt (netbios.rules) 9043 <-> NETBIOS SMB wkssvc NetrJoinDomain2 little endian overflow attempt (netbios.rules) 9044 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 unicode little endian overflow attempt (netbios.rules) 9045 <-> NETBIOS SMB wkssvc NetrJoinDomain2 WriteAndX unicode overflow attempt (netbios.rules) 9046 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 WriteAndX unicode overflow attempt (netbios.rules) 9047 <-> NETBIOS SMB wkssvc NetrJoinDomain2 WriteAndX overflow attempt (netbios.rules) 9048 <-> NETBIOS SMB wkssvc NetrJoinDomain2 overflow attempt (netbios.rules) 9049 <-> NETBIOS SMB wkssvc NetrJoinDomain2 unicode little endian overflow attempt (netbios.rules) 9050 <-> NETBIOS SMB v4 wkssvc NetrJoinDomain2 WriteAndX little endian overflow attempt (netbios.rules) 9051 <-> NETBIOS SMB-DS v4 wkssvc NetrJoinDomain2 WriteAndX unicode overflow attempt (netbios.rules) 9052 <-> NETBIOS SMB v4 wkssvc NetrJoinDomain2 little endian overflow attempt (netbios.rules) 9053 <-> NETBIOS SMB-DS v4 wkssvc NetrJoinDomain2 overflow attempt (netbios.rules) 9054 <-> NETBIOS SMB v4 wkssvc NetrJoinDomain2 WriteAndX overflow attempt (netbios.rules) 9055 <-> NETBIOS SMB-DS v4 wkssvc NetrJoinDomain2 WriteAndX overflow attempt (netbios.rules) 9056 <-> NETBIOS SMB v4 wkssvc NetrJoinDomain2 overflow attempt (netbios.rules) 9057 <-> NETBIOS SMB v4 wkssvc NetrJoinDomain2 unicode little endian overflow attempt (netbios.rules) 9058 <-> NETBIOS SMB-DS v4 wkssvc NetrJoinDomain2 WriteAndX unicode little endian overflow attempt (netbios.rules) 9059 <-> NETBIOS SMB-DS v4 wkssvc NetrJoinDomain2 WriteAndX little endian overflow attempt (netbios.rules) 9060 <-> NETBIOS SMB-DS v4 wkssvc NetrJoinDomain2 little endian overflow attempt (netbios.rules) 9061 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 unicode overflow attempt (netbios.rules) 9062 <-> NETBIOS SMB v4 wkssvc NetrJoinDomain2 WriteAndX unicode little endian overflow attempt (netbios.rules) 9063 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 little endian overflow attempt (netbios.rules) 9064 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 WriteAndX little endian overflow attempt (netbios.rules) 9065 <-> NETBIOS SMB wkssvc NetrJoinDomain2 WriteAndX unicode little endian object call overflow attempt (netbios.rules) 9066 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 object call overflow attempt (netbios.rules) 9067 <-> NETBIOS SMB wkssvc NetrJoinDomain2 unicode object call overflow attempt (netbios.rules) 9068 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 unicode little endian object call overflow attempt (netbios.rules) 9069 <-> NETBIOS SMB wkssvc NetrJoinDomain2 little endian object call overflow attempt (netbios.rules) 9070 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 WriteAndX unicode object call overflow attempt (netbios.rules) 9071 <-> NETBIOS SMB wkssvc NetrJoinDomain2 WriteAndX unicode object call overflow attempt (netbios.rules) 9072 <-> NETBIOS SMB wkssvc NetrJoinDomain2 WriteAndX object call overflow attempt (netbios.rules) 9073 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 WriteAndX object call overflow attempt (netbios.rules) 9074 <-> NETBIOS SMB wkssvc NetrJoinDomain2 unicode little endian object call overflow attempt (netbios.rules) 9075 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 andx overflow attempt (netbios.rules) 9076 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 WriteAndX andx overflow attempt (netbios.rules) 9077 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 unicode andx object call overflow attempt (netbios.rules) 9078 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 WriteAndX unicode little endian andx object call overflow attempt (netbios.rules) 9079 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 little endian andx object call overflow attempt (netbios.rules) 9080 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 WriteAndX little endian andx object call overflow attempt (netbios.rules) 9081 <-> NETBIOS SMB wkssvc NetrJoinDomain2 WriteAndX unicode little endian andx overflow attempt (netbios.rules) 9082 <-> NETBIOS SMB wkssvc NetrJoinDomain2 andx object call overflow attempt (netbios.rules) 9083 <-> NETBIOS SMB v4 wkssvc NetrJoinDomain2 WriteAndX unicode andx overflow attempt (netbios.rules) 9084 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 WriteAndX unicode little endian andx overflow attempt (netbios.rules) 9085 <-> NETBIOS SMB wkssvc NetrJoinDomain2 WriteAndX little endian andx object call overflow attempt (netbios.rules) 9086 <-> NETBIOS SMB-DS v4 wkssvc NetrJoinDomain2 unicode little endian andx overflow attempt (netbios.rules) 9087 <-> NETBIOS SMB v4 wkssvc NetrJoinDomain2 unicode andx overflow attempt (netbios.rules) 9088 <-> NETBIOS SMB-DS v4 wkssvc NetrJoinDomain2 unicode andx overflow attempt (netbios.rules) 9089 <-> NETBIOS SMB wkssvc NetrJoinDomain2 unicode andx overflow attempt (netbios.rules) 9090 <-> NETBIOS SMB wkssvc NetrJoinDomain2 WriteAndX little endian andx overflow attempt (netbios.rules) 9091 <-> NETBIOS SMB wkssvc NetrJoinDomain2 little endian andx overflow attempt (netbios.rules) 9092 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 unicode little endian andx overflow attempt (netbios.rules) 9093 <-> NETBIOS SMB wkssvc NetrJoinDomain2 WriteAndX unicode andx overflow attempt (netbios.rules) 9094 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 WriteAndX unicode andx overflow attempt (netbios.rules) 9095 <-> NETBIOS SMB wkssvc NetrJoinDomain2 WriteAndX andx overflow attempt (netbios.rules) 9096 <-> NETBIOS SMB wkssvc NetrJoinDomain2 andx overflow attempt (netbios.rules) 9097 <-> NETBIOS SMB wkssvc NetrJoinDomain2 unicode little endian andx overflow attempt (netbios.rules) 9098 <-> NETBIOS SMB v4 wkssvc NetrJoinDomain2 WriteAndX little endian andx overflow attempt (netbios.rules) 9099 <-> NETBIOS SMB-DS v4 wkssvc NetrJoinDomain2 WriteAndX unicode andx overflow attempt (netbios.rules) 9100 <-> NETBIOS SMB v4 wkssvc NetrJoinDomain2 little endian andx overflow attempt (netbios.rules) 9101 <-> NETBIOS SMB-DS v4 wkssvc NetrJoinDomain2 andx overflow attempt (netbios.rules) 9102 <-> NETBIOS SMB v4 wkssvc NetrJoinDomain2 WriteAndX andx overflow attempt (netbios.rules) 9103 <-> NETBIOS SMB-DS v4 wkssvc NetrJoinDomain2 WriteAndX andx overflow attempt (netbios.rules) 9104 <-> NETBIOS SMB v4 wkssvc NetrJoinDomain2 andx overflow attempt (netbios.rules) 9105 <-> NETBIOS SMB v4 wkssvc NetrJoinDomain2 unicode little endian andx overflow attempt (netbios.rules) 9106 <-> NETBIOS SMB-DS v4 wkssvc NetrJoinDomain2 WriteAndX unicode little endian andx overflow attempt (netbios.rules) 9107 <-> NETBIOS SMB-DS v4 wkssvc NetrJoinDomain2 WriteAndX little endian andx overflow attempt (netbios.rules) 9108 <-> NETBIOS SMB-DS v4 wkssvc NetrJoinDomain2 little endian andx overflow attempt (netbios.rules) 9109 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 unicode andx overflow attempt (netbios.rules) 9110 <-> NETBIOS SMB v4 wkssvc NetrJoinDomain2 WriteAndX unicode little endian andx overflow attempt (netbios.rules) 9111 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 little endian andx overflow attempt (netbios.rules) 9112 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 WriteAndX little endian andx overflow attempt (netbios.rules) 9113 <-> NETBIOS SMB wkssvc NetrJoinDomain2 WriteAndX unicode little endian andx object call overflow attempt (netbios.rules) 9114 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 andx object call overflow attempt (netbios.rules) 9115 <-> NETBIOS SMB wkssvc NetrJoinDomain2 unicode andx object call overflow attempt (netbios.rules) 9116 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 unicode little endian andx object call overflow attempt (netbios.rules) 9117 <-> NETBIOS SMB wkssvc NetrJoinDomain2 little endian andx object call overflow attempt (netbios.rules) 9118 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 WriteAndX unicode andx object call overflow attempt (netbios.rules) 9119 <-> NETBIOS SMB wkssvc NetrJoinDomain2 WriteAndX unicode andx object call overflow attempt (netbios.rules) 9120 <-> NETBIOS SMB wkssvc NetrJoinDomain2 WriteAndX andx object call overflow attempt (netbios.rules) 9121 <-> NETBIOS SMB-DS wkssvc NetrJoinDomain2 WriteAndX andx object call overflow attempt (netbios.rules) 9122 <-> NETBIOS SMB wkssvc NetrJoinDomain2 unicode little endian andx object call overflow attempt (netbios.rules) 9123 <-> NETBIOS DCERPC DIRECT v4 wkssvc NetrJoinDomain2 little endian overflow attempt (netbios.rules) 9124 <-> NETBIOS DCERPC DIRECT v4 wkssvc NetrJoinDomain2 overflow attempt (netbios.rules) 9125 <-> NETBIOS DCERPC DIRECT wkssvc NetrJoinDomain2 little endian overflow attempt (netbios.rules) 9126 <-> NETBIOS DCERPC DIRECT wkssvc NetrJoinDomain2 overflow attempt (netbios.rules) 9127 <-> NETBIOS DCERPC DIRECT wkssvc NetrJoinDomain2 little endian object call overflow attempt (netbios.rules) 9128 <-> NETBIOS DCERPC DIRECT wkssvc NetrJoinDomain2 object call overflow attempt (netbios.rules)
