Snort :: Changes 2007-04-13

Sourcefire VRT Update

Date: 2007-04-13

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack.
The format of the file is:
sid - Message (rule group)
New rules:
10476 <-> WEB-CLIENT MarkAny MaPrintModule_WORK ActiveX clsid access (web-client.rules)
10477 <-> WEB-CLIENT MarkAny MaPrintModule_WORK ActiveX clsid unicode access (web-client.rules)
10478 <-> WEB-CLIENT MarkAny MaPrintModule_WORK ActiveX function call access (web-client.rules)
10479 <-> WEB-CLIENT MarkAny MaPrintModule_WORK ActiveX function call unicode access (web-client.rules)
10482 <-> RPC portmap CA BrightStor ARCserve tcp request (rpc.rules)
10483 <-> RPC portmap CA BrightStor ARCserve udp request (rpc.rules)
10484 <-> RPC portmap CA BrightStor ARCserve tcp procedure 191 attempt (rpc.rules)
10485 <-> RPC portmap CA BrightStor ARCserve udp procedure 191 attempt (rpc.rules)
10486 <-> NETBIOS DCERPC DIRECT brightstor-arc function 15 little endian attempt (netbios.rules)
10487 <-> NETBIOS DCERPC DIRECT brightstor-arc function 15 attempt (netbios.rules)
10488 <-> NETBIOS DCERPC DIRECT v4 brightstor-arc function 15 little endian attempt (netbios.rules)
10489 <-> NETBIOS DCERPC DIRECT v4 brightstor-arc function 15 attempt (netbios.rules)
10490 <-> NETBIOS DCERPC DIRECT brightstor-arc function 15 little endian object call attempt (netbios.rules)
10491 <-> NETBIOS DCERPC DIRECT brightstor-arc function 15 object call attempt (netbios.rules)
10492 <-> NETBIOS DCERPC DIRECT v4 brightstor-arc function 16 attempt (netbios.rules)
10493 <-> NETBIOS DCERPC DIRECT v4 brightstor-arc function 16 little endian attempt (netbios.rules)
10494 <-> NETBIOS DCERPC DIRECT brightstor-arc function 16 little endian attempt (netbios.rules)
10495 <-> NETBIOS DCERPC DIRECT brightstor-arc function 16 attempt (netbios.rules)
10496 <-> NETBIOS DCERPC DIRECT brightstor-arc function 16 little endian object call attempt (netbios.rules)
10497 <-> NETBIOS DCERPC DIRECT brightstor-arc function 16 object call attempt (netbios.rules)
10498 <-> NETBIOS DCERPC DIRECT brightstor-arc function 17 attempt (netbios.rules)
10499 <-> NETBIOS DCERPC DIRECT brightstor-arc function 17 little endian attempt (netbios.rules)
10500 <-> NETBIOS DCERPC DIRECT v4 brightstor-arc function 17 little endian attempt (netbios.rules)
10501 <-> NETBIOS DCERPC DIRECT v4 brightstor-arc function 17 attempt (netbios.rules)
10502 <-> NETBIOS DCERPC DIRECT brightstor-arc function 17 object call attempt (netbios.rules)
10503 <-> NETBIOS DCERPC DIRECT brightstor-arc function 17 little endian object call attempt (netbios.rules)
10504 <-> SHELLCODE unescape encoded shellcode (shellcode.rules)
10505 <-> SHELLCODE unescape encoded shellcode (shellcode.rules)
10506 <-> SHELLCODE Canvas shellcode basic encoder (shellcode.rules)
10507 <-> SHELLCODE Canvas shellcode basic encoder (shellcode.rules)
10508 <-> SHELLCODE Canvas shellcode basic encoder (shellcode.rules)
10509 <-> SHELLCODE Canvas shellcode basic encoder (shellcode.rules)
10510 <-> SHELLCODE Canvas shellcode basic encoder (shellcode.rules)
10511 <-> SHELLCODE Canvas shellcode basic encoder (shellcode.rules)
10512 <-> SHELLCODE Canvas shellcode basic encoder (shellcode.rules)
10513 <-> SHELLCODE Canvas shellcode basic encoder (shellcode.rules)
10514 <-> NETBIOS DCERPC DIRECT dns alter context attempt (netbios.rules)
10515 <-> NETBIOS DCERPC DIRECT dns little endian alter context attempt (netbios.rules)
10516 <-> NETBIOS DCERPC DIRECT dns bind attempt (netbios.rules)
10517 <-> NETBIOS DCERPC DIRECT dns little endian bind attempt (netbios.rules)
10518 <-> NETBIOS DCERPC DIRECT v4 dns R_Dnssrv funcs1 little endian overflow attempt (netbios.rules)
10519 <-> NETBIOS DCERPC DIRECT v4 dns R_Dnssrv funcs1 overflow attempt (netbios.rules)
10520 <-> NETBIOS DCERPC DIRECT dns R_Dnssrv funcs1 overflow attempt (netbios.rules)
10521 <-> NETBIOS DCERPC DIRECT dns R_Dnssrv funcs1 little endian overflow attempt (netbios.rules)
10522 <-> NETBIOS DCERPC DIRECT dns R_Dnssrv funcs1 object call overflow attempt (netbios.rules)
10523 <-> NETBIOS DCERPC DIRECT dns R_Dnssrv funcs1 little endian object call overflow attempt (netbios.rules)
10524 <-> NETBIOS-DG SMB v4 dns R_Dnssrv funcs2 unicode overflow attempt (netbios.rules)
10525 <-> NETBIOS SMB v4 dns R_Dnssrv funcs2 overflow attempt (netbios.rules)
10526 <-> NETBIOS SMB v4 dns R_Dnssrv funcs2 unicode overflow attempt (netbios.rules)
10527 <-> NETBIOS SMB-DS v4 dns R_Dnssrv funcs2 WriteAndX overflow attempt (netbios.rules)
10528 <-> NETBIOS SMB-DS v4 dns R_Dnssrv funcs2 unicode overflow attempt (netbios.rules)
10529 <-> NETBIOS SMB v4 dns R_Dnssrv funcs2 WriteAndX overflow attempt (netbios.rules)
10530 <-> NETBIOS SMB-DS v4 dns R_Dnssrv funcs2 WriteAndX unicode overflow attempt (netbios.rules)
10531 <-> NETBIOS-DG SMB v4 dns R_Dnssrv funcs2 overflow attempt (netbios.rules)
10532 <-> NETBIOS-DG SMB v4 dns R_Dnssrv funcs2 WriteAndX overflow attempt (netbios.rules)
10533 <-> NETBIOS SMB v4 dns R_Dnssrv funcs2 WriteAndX unicode overflow attempt (netbios.rules)
10534 <-> NETBIOS SMB-DS v4 dns R_Dnssrv funcs2 overflow attempt (netbios.rules)
10535 <-> NETBIOS-DG SMB v4 dns R_Dnssrv funcs2 WriteAndX unicode overflow attempt (netbios.rules)
10536 <-> NETBIOS SMB v4 dns R_Dnssrv funcs2 little endian overflow attempt (netbios.rules)
10537 <-> NETBIOS SMB v4 dns R_Dnssrv funcs2 WriteAndX little endian overflow attempt (netbios.rules)
10538 <-> NETBIOS SMB v4 dns R_Dnssrv funcs2 unicode little endian overflow attempt (netbios.rules)
10539 <-> NETBIOS SMB v4 dns R_Dnssrv funcs2 WriteAndX unicode little endian overflow attempt (netbios.rules)
10540 <-> NETBIOS SMB-DS v4 dns R_Dnssrv funcs2 little endian overflow attempt (netbios.rules)
10541 <-> NETBIOS SMB-DS v4 dns R_Dnssrv funcs2 WriteAndX little endian overflow attempt (netbios.rules)
10542 <-> NETBIOS SMB-DS v4 dns R_Dnssrv funcs2 unicode little endian overflow attempt (netbios.rules)
10543 <-> NETBIOS SMB-DS v4 dns R_Dnssrv funcs2 WriteAndX unicode little endian overflow attempt (netbios.rules)
10544 <-> NETBIOS-DG SMB v4 dns R_Dnssrv funcs2 little endian overflow attempt (netbios.rules)
10545 <-> NETBIOS-DG SMB v4 dns R_Dnssrv funcs2 WriteAndX little endian overflow attempt (netbios.rules)
10546 <-> NETBIOS-DG SMB v4 dns R_Dnssrv funcs2 unicode little endian overflow attempt (netbios.rules)
10547 <-> NETBIOS-DG SMB v4 dns R_Dnssrv funcs2 WriteAndX unicode little endian overflow attempt (netbios.rules)
10548 <-> NETBIOS SMB dns R_Dnssrv funcs2 overflow attempt (netbios.rules)
10549 <-> NETBIOS SMB dns R_Dnssrv funcs2 WriteAndX overflow attempt (netbios.rules)
10550 <-> NETBIOS SMB dns R_Dnssrv funcs2 unicode overflow attempt (netbios.rules)
10551 <-> NETBIOS SMB dns R_Dnssrv funcs2 WriteAndX unicode overflow attempt (netbios.rules)
10552 <-> NETBIOS SMB-DS dns R_Dnssrv funcs2 overflow attempt (netbios.rules)
10553 <-> NETBIOS SMB-DS dns R_Dnssrv funcs2 WriteAndX overflow attempt (netbios.rules)
10554 <-> NETBIOS SMB-DS dns R_Dnssrv funcs2 unicode overflow attempt (netbios.rules)
10555 <-> NETBIOS SMB-DS dns R_Dnssrv funcs2 WriteAndX unicode overflow attempt (netbios.rules)
10556 <-> NETBIOS-DG SMB dns R_Dnssrv funcs2 overflow attempt (netbios.rules)
10557 <-> NETBIOS-DG SMB dns R_Dnssrv funcs2 WriteAndX overflow attempt (netbios.rules)
10558 <-> NETBIOS-DG SMB dns R_Dnssrv funcs2 unicode overflow attempt (netbios.rules)
10559 <-> NETBIOS-DG SMB dns R_Dnssrv funcs2 WriteAndX unicode overflow attempt (netbios.rules)
10560 <-> NETBIOS SMB dns R_Dnssrv funcs2 little endian overflow attempt (netbios.rules)
10561 <-> NETBIOS SMB dns R_Dnssrv funcs2 WriteAndX little endian overflow attempt (netbios.rules)
10562 <-> NETBIOS SMB dns R_Dnssrv funcs2 unicode little endian overflow attempt (netbios.rules)
10563 <-> NETBIOS SMB dns R_Dnssrv funcs2 WriteAndX unicode little endian overflow attempt (netbios.rules)
10564 <-> NETBIOS SMB-DS dns R_Dnssrv funcs2 little endian overflow attempt (netbios.rules)
10565 <-> NETBIOS SMB-DS dns R_Dnssrv funcs2 WriteAndX little endian overflow attempt (netbios.rules)
10566 <-> NETBIOS SMB-DS dns R_Dnssrv funcs2 unicode little endian overflow attempt (netbios.rules)
10567 <-> NETBIOS SMB-DS dns R_Dnssrv funcs2 WriteAndX unicode little endian overflow attempt (netbios.rules)
10568 <-> NETBIOS-DG SMB dns R_Dnssrv funcs2 little endian overflow attempt (netbios.rules)
10569 <-> NETBIOS-DG SMB dns R_Dnssrv funcs2 WriteAndX little endian overflow attempt (netbios.rules)
10570 <-> NETBIOS-DG SMB dns R_Dnssrv funcs2 unicode little endian overflow attempt (netbios.rules)
10571 <-> NETBIOS-DG SMB dns R_Dnssrv funcs2 WriteAndX unicode little endian overflow attempt (netbios.rules)
10572 <-> NETBIOS SMB dns R_Dnssrv funcs2 object call overflow attempt (netbios.rules)
10573 <-> NETBIOS SMB dns R_Dnssrv funcs2 WriteAndX object call overflow attempt (netbios.rules)
10574 <-> NETBIOS SMB dns R_Dnssrv funcs2 unicode object call overflow attempt (netbios.rules)
10575 <-> NETBIOS SMB dns R_Dnssrv funcs2 WriteAndX unicode object call overflow attempt (netbios.rules)
10576 <-> NETBIOS SMB-DS dns R_Dnssrv funcs2 object call overflow attempt (netbios.rules)
10577 <-> NETBIOS SMB-DS dns R_Dnssrv funcs2 WriteAndX object call overflow attempt (netbios.rules)
10578 <-> NETBIOS SMB-DS dns R_Dnssrv funcs2 unicode object call overflow attempt (netbios.rules)
10579 <-> NETBIOS SMB-DS dns R_Dnssrv funcs2 WriteAndX unicode object call overflow attempt (netbios.rules)
10580 <-> NETBIOS-DG SMB dns R_Dnssrv funcs2 object call overflow attempt (netbios.rules)
10581 <-> NETBIOS-DG SMB dns R_Dnssrv funcs2 WriteAndX object call overflow attempt (netbios.rules)
10582 <-> NETBIOS-DG SMB dns R_Dnssrv funcs2 unicode object call overflow attempt (netbios.rules)
10583 <-> NETBIOS-DG SMB dns R_Dnssrv funcs2 WriteAndX unicode object call overflow attempt (netbios.rules)
10584 <-> NETBIOS SMB dns R_Dnssrv funcs2 little endian object call overflow attempt (netbios.rules)
10585 <-> NETBIOS SMB dns R_Dnssrv funcs2 WriteAndX little endian object call overflow attempt (netbios.rules)
10586 <-> NETBIOS SMB dns R_Dnssrv funcs2 unicode little endian object call overflow attempt (netbios.rules)
10587 <-> NETBIOS SMB dns R_Dnssrv funcs2 WriteAndX unicode little endian object call overflow attempt (netbios.rules)
10588 <-> NETBIOS SMB-DS dns R_Dnssrv funcs2 little endian object call overflow attempt (netbios.rules)
10589 <-> NETBIOS SMB-DS dns R_Dnssrv funcs2 WriteAndX little endian object call overflow attempt (netbios.rules)
10590 <-> NETBIOS SMB-DS dns R_Dnssrv funcs2 unicode little endian object call overflow attempt (netbios.rules)
10591 <-> NETBIOS SMB-DS dns R_Dnssrv funcs2 WriteAndX unicode little endian object call overflow attempt (netbios.rules)
10592 <-> NETBIOS-DG SMB dns R_Dnssrv funcs2 little endian object call overflow attempt (netbios.rules)
10593 <-> NETBIOS-DG SMB dns R_Dnssrv funcs2 WriteAndX little endian object call overflow attempt (netbios.rules)
10594 <-> NETBIOS-DG SMB dns R_Dnssrv funcs2 unicode little endian object call overflow attempt (netbios.rules)
10595 <-> NETBIOS-DG SMB dns R_Dnssrv funcs2 WriteAndX unicode little endian object call overflow attempt (netbios.rules)
10596 <-> NETBIOS-DG SMB v4 dns R_Dnssrv funcs2 unicode andx overflow attempt (netbios.rules)
10597 <-> NETBIOS SMB v4 dns R_Dnssrv funcs2 andx overflow attempt (netbios.rules)
10598 <-> NETBIOS SMB v4 dns R_Dnssrv funcs2 unicode andx overflow attempt (netbios.rules)
10599 <-> NETBIOS SMB-DS v4 dns R_Dnssrv funcs2 WriteAndX andx overflow attempt (netbios.rules)
10600 <-> NETBIOS SMB-DS v4 dns R_Dnssrv funcs2 unicode andx overflow attempt (netbios.rules)
10601 <-> NETBIOS SMB v4 dns R_Dnssrv funcs2 WriteAndX andx overflow attempt (netbios.rules)
10602 <-> NETBIOS SMB-DS v4 dns R_Dnssrv funcs2 WriteAndX unicode andx overflow attempt (netbios.rules)
10603 <-> NETBIOS-DG SMB v4 dns R_Dnssrv funcs2 andx overflow attempt (netbios.rules)
10604 <-> NETBIOS-DG SMB v4 dns R_Dnssrv funcs2 WriteAndX andx overflow attempt (netbios.rules)
10605 <-> NETBIOS SMB v4 dns R_Dnssrv funcs2 WriteAndX unicode andx overflow attempt (netbios.rules)
10606 <-> NETBIOS SMB-DS v4 dns R_Dnssrv funcs2 andx overflow attempt (netbios.rules)
10607 <-> NETBIOS-DG SMB v4 dns R_Dnssrv funcs2 WriteAndX unicode andx overflow attempt (netbios.rules)
10608 <-> NETBIOS SMB v4 dns R_Dnssrv funcs2 little endian andx overflow attempt (netbios.rules)
10609 <-> NETBIOS SMB v4 dns R_Dnssrv funcs2 WriteAndX little endian andx overflow attempt (netbios.rules)
10610 <-> NETBIOS SMB v4 dns R_Dnssrv funcs2 unicode little endian andx overflow attempt (netbios.rules)
10611 <-> NETBIOS SMB v4 dns R_Dnssrv funcs2 WriteAndX unicode little endian andx overflow attempt (netbios.rules)
10612 <-> NETBIOS SMB-DS v4 dns R_Dnssrv funcs2 little endian andx overflow attempt (netbios.rules)
10613 <-> NETBIOS SMB-DS v4 dns R_Dnssrv funcs2 WriteAndX little endian andx overflow attempt (netbios.rules)
10614 <-> NETBIOS SMB-DS v4 dns R_Dnssrv funcs2 unicode little endian andx overflow attempt (netbios.rules)
10615 <-> NETBIOS SMB-DS v4 dns R_Dnssrv funcs2 WriteAndX unicode little endian andx overflow attempt (netbios.rules)
10616 <-> NETBIOS-DG SMB v4 dns R_Dnssrv funcs2 little endian andx overflow attempt (netbios.rules)
10617 <-> NETBIOS-DG SMB v4 dns R_Dnssrv funcs2 WriteAndX little endian andx overflow attempt (netbios.rules)
10618 <-> NETBIOS-DG SMB v4 dns R_Dnssrv funcs2 unicode little endian andx overflow attempt (netbios.rules)
10619 <-> NETBIOS-DG SMB v4 dns R_Dnssrv funcs2 WriteAndX unicode little endian andx overflow attempt (netbios.rules)
10620 <-> NETBIOS SMB dns R_Dnssrv funcs2 andx overflow attempt (netbios.rules)
10621 <-> NETBIOS SMB dns R_Dnssrv funcs2 WriteAndX andx overflow attempt (netbios.rules)
10622 <-> NETBIOS SMB dns R_Dnssrv funcs2 unicode andx overflow attempt (netbios.rules)
10623 <-> NETBIOS SMB dns R_Dnssrv funcs2 WriteAndX unicode andx overflow attempt (netbios.rules)
10624 <-> NETBIOS SMB-DS dns R_Dnssrv funcs2 andx overflow attempt (netbios.rules)
10625 <-> NETBIOS SMB-DS dns R_Dnssrv funcs2 WriteAndX andx overflow attempt (netbios.rules)
10626 <-> NETBIOS SMB-DS dns R_Dnssrv funcs2 unicode andx overflow attempt (netbios.rules)
10627 <-> NETBIOS SMB-DS dns R_Dnssrv funcs2 WriteAndX unicode andx overflow attempt (netbios.rules)
10628 <-> NETBIOS-DG SMB dns R_Dnssrv funcs2 andx overflow attempt (netbios.rules)
10629 <-> NETBIOS-DG SMB dns R_Dnssrv funcs2 WriteAndX andx overflow attempt (netbios.rules)
10630 <-> NETBIOS-DG SMB dns R_Dnssrv funcs2 unicode andx overflow attempt (netbios.rules)
10631 <-> NETBIOS-DG SMB dns R_Dnssrv funcs2 WriteAndX unicode andx overflow attempt (netbios.rules)
10632 <-> NETBIOS SMB dns R_Dnssrv funcs2 little endian andx overflow attempt (netbios.rules)
10633 <-> NETBIOS SMB dns R_Dnssrv funcs2 WriteAndX little endian andx overflow attempt (netbios.rules)
10634 <-> NETBIOS SMB dns R_Dnssrv funcs2 unicode little endian andx overflow attempt (netbios.rules)
10635 <-> NETBIOS SMB dns R_Dnssrv funcs2 WriteAndX unicode little endian andx overflow attempt (netbios.rules)
10636 <-> NETBIOS SMB-DS dns R_Dnssrv funcs2 little endian andx overflow attempt (netbios.rules)
10637 <-> NETBIOS SMB-DS dns R_Dnssrv funcs2 WriteAndX little endian andx overflow attempt (netbios.rules)
10638 <-> NETBIOS SMB-DS dns R_Dnssrv funcs2 unicode little endian andx overflow attempt (netbios.rules)
10639 <-> NETBIOS SMB-DS dns R_Dnssrv funcs2 WriteAndX unicode little endian andx overflow attempt (netbios.rules)
10640 <-> NETBIOS-DG SMB dns R_Dnssrv funcs2 little endian andx overflow attempt (netbios.rules)
10641 <-> NETBIOS-DG SMB dns R_Dnssrv funcs2 WriteAndX little endian andx overflow attempt (netbios.rules)
10642 <-> NETBIOS-DG SMB dns R_Dnssrv funcs2 unicode little endian andx overflow attempt (netbios.rules)
10643 <-> NETBIOS-DG SMB dns R_Dnssrv funcs2 WriteAndX unicode little endian andx overflow attempt (netbios.rules)
10644 <-> NETBIOS SMB dns R_Dnssrv funcs2 andx object call overflow attempt (netbios.rules)
10645 <-> NETBIOS SMB dns R_Dnssrv funcs2 WriteAndX andx object call overflow attempt (netbios.rules)
10646 <-> NETBIOS SMB dns R_Dnssrv funcs2 unicode andx object call overflow attempt (netbios.rules)
10647 <-> NETBIOS SMB dns R_Dnssrv funcs2 WriteAndX unicode andx object call overflow attempt (netbios.rules)
10648 <-> NETBIOS SMB-DS dns R_Dnssrv funcs2 andx object call overflow attempt (netbios.rules)
10649 <-> NETBIOS SMB-DS dns R_Dnssrv funcs2 WriteAndX andx object call overflow attempt (netbios.rules)
10650 <-> NETBIOS SMB-DS dns R_Dnssrv funcs2 unicode andx object call overflow attempt (netbios.rules)
10651 <-> NETBIOS SMB-DS dns R_Dnssrv funcs2 WriteAndX unicode andx object call overflow attempt (netbios.rules)
10652 <-> NETBIOS-DG SMB dns R_Dnssrv funcs2 andx object call overflow attempt (netbios.rules)
10653 <-> NETBIOS-DG SMB dns R_Dnssrv funcs2 WriteAndX andx object call overflow attempt (netbios.rules)
10654 <-> NETBIOS-DG SMB dns R_Dnssrv funcs2 unicode andx object call overflow attempt (netbios.rules)
10655 <-> NETBIOS-DG SMB dns R_Dnssrv funcs2 WriteAndX unicode andx object call overflow attempt (netbios.rules)
10656 <-> NETBIOS SMB dns R_Dnssrv funcs2 little endian andx object call overflow attempt (netbios.rules)
10657 <-> NETBIOS SMB dns R_Dnssrv funcs2 WriteAndX little endian andx object call overflow attempt (netbios.rules)
10658 <-> NETBIOS SMB dns R_Dnssrv funcs2 unicode little endian andx object call overflow attempt (netbios.rules)
10659 <-> NETBIOS SMB dns R_Dnssrv funcs2 WriteAndX unicode little endian andx object call overflow attempt (netbios.rules)
10660 <-> NETBIOS SMB-DS dns R_Dnssrv funcs2 little endian andx object call overflow attempt (netbios.rules)
10661 <-> NETBIOS SMB-DS dns R_Dnssrv funcs2 WriteAndX little endian andx object call overflow attempt (netbios.rules)
10662 <-> NETBIOS SMB-DS dns R_Dnssrv funcs2 unicode little endian andx object call overflow attempt (netbios.rules)
10663 <-> NETBIOS SMB-DS dns R_Dnssrv funcs2 WriteAndX unicode little endian andx object call overflow attempt (netbios.rules)
10664 <-> NETBIOS-DG SMB dns R_Dnssrv funcs2 little endian andx object call overflow attempt (netbios.rules)
10665 <-> NETBIOS-DG SMB dns R_Dnssrv funcs2 WriteAndX little endian andx object call overflow attempt (netbios.rules)
10666 <-> NETBIOS-DG SMB dns R_Dnssrv funcs2 unicode little endian andx object call overflow attempt (netbios.rules)
10667 <-> NETBIOS-DG SMB dns R_Dnssrv funcs2 WriteAndX unicode little endian andx object call overflow attempt (netbios.rules)
10668 <-> NETBIOS DCERPC NCACN-HTTP v4 dns R_Dnssrv funcs2 overflow attempt (netbios.rules)
10669 <-> NETBIOS DCERPC DIRECT dns R_Dnssrv funcs2 little endian overflow attempt (netbios.rules)
10670 <-> NETBIOS DCERPC DIRECT-UDP v4 dns R_Dnssrv funcs2 overflow attempt (netbios.rules)
10671 <-> NETBIOS DCERPC NCADG-IP-UDP v4 dns R_Dnssrv funcs2 overflow attempt (netbios.rules)
10672 <-> NETBIOS DCERPC NCACN-IP-TCP dns R_Dnssrv funcs2 overflow attempt (netbios.rules)
10673 <-> NETBIOS DCERPC NCACN-IP-TCP v4 dns R_Dnssrv funcs2 little endian overflow attempt (netbios.rules)
10674 <-> NETBIOS DCERPC NCACN-IP-TCP v4 dns R_Dnssrv funcs2 overflow attempt (netbios.rules)
10675 <-> NETBIOS DCERPC DIRECT-UDP dns R_Dnssrv funcs2 overflow attempt (netbios.rules)
10676 <-> NETBIOS DCERPC NCADG-IP-UDP dns R_Dnssrv funcs2 overflow attempt (netbios.rules)
10677 <-> NETBIOS DCERPC NCACN-HTTP v4 dns R_Dnssrv funcs2 little endian overflow attempt (netbios.rules)
10678 <-> NETBIOS DCERPC DIRECT-UDP v4 dns R_Dnssrv funcs2 little endian overflow attempt (netbios.rules)
10679 <-> NETBIOS DCERPC NCACN-HTTP dns R_Dnssrv funcs2 overflow attempt (netbios.rules)
10680 <-> NETBIOS DCERPC DIRECT-UDP dns R_Dnssrv funcs2 little endian overflow attempt (netbios.rules)
10681 <-> NETBIOS DCERPC NCACN-IP-TCP dns R_Dnssrv funcs2 little endian overflow attempt (netbios.rules)
10682 <-> NETBIOS DCERPC NCACN-HTTP dns R_Dnssrv funcs2 little endian overflow attempt (netbios.rules)
10683 <-> NETBIOS DCERPC NCADG-IP-UDP v4 dns R_Dnssrv funcs2 little endian overflow attempt (netbios.rules)
10684 <-> NETBIOS DCERPC DIRECT v4 dns R_Dnssrv funcs2 overflow attempt (netbios.rules)
10685 <-> NETBIOS DCERPC NCADG-IP-UDP dns R_Dnssrv funcs2 little endian overflow attempt (netbios.rules)
10686 <-> NETBIOS DCERPC DIRECT dns R_Dnssrv funcs2 overflow attempt (netbios.rules)
10687 <-> NETBIOS DCERPC DIRECT v4 dns R_Dnssrv funcs2 little endian overflow attempt (netbios.rules)
10688 <-> NETBIOS DCERPC DIRECT dns R_Dnssrv funcs2 little endian object call overflow attempt (netbios.rules)
10689 <-> NETBIOS DCERPC NCACN-IP-TCP dns R_Dnssrv funcs2 object call overflow attempt (netbios.rules)
10690 <-> NETBIOS DCERPC DIRECT-UDP dns R_Dnssrv funcs2 object call overflow attempt (netbios.rules)
10691 <-> NETBIOS DCERPC NCADG-IP-UDP dns R_Dnssrv funcs2 object call overflow attempt (netbios.rules)
10692 <-> NETBIOS DCERPC NCACN-HTTP dns R_Dnssrv funcs2 object call overflow attempt (netbios.rules)
10693 <-> NETBIOS DCERPC DIRECT-UDP dns R_Dnssrv funcs2 little endian object call overflow attempt (netbios.rules)
10694 <-> NETBIOS DCERPC NCACN-IP-TCP dns R_Dnssrv funcs2 little endian object call overflow attempt (netbios.rules)
10695 <-> NETBIOS DCERPC NCACN-HTTP dns R_Dnssrv funcs2 little endian object call overflow attempt (netbios.rules)
10696 <-> NETBIOS DCERPC NCADG-IP-UDP dns R_Dnssrv funcs2 little endian object call overflow attempt (netbios.rules)
10697 <-> NETBIOS DCERPC DIRECT dns R_Dnssrv funcs2 object call overflow attempt (netbios.rules)

Updated rules:
 537 <-> NETBIOS SMB IPC$ share access (netbios.rules)
 538 <-> NETBIOS SMB IPC$ unicode share access (netbios.rules)
2465 <-> NETBIOS-DG SMB IPC$ share access (netbios.rules)
2466 <-> NETBIOS-DG SMB IPC$ unicode share access (netbios.rules)
2952 <-> NETBIOS SMB-DS IPC$ share access (netbios.rules)
2953 <-> NETBIOS SMB-DS IPC$ unicode share access (netbios.rules)
2954 <-> NETBIOS SMB IPC$ andx share access (netbios.rules)
2955 <-> NETBIOS SMB IPC$ unicode andx share access (netbios.rules)
4638 <-> EXPLOIT RSVP Protocol zero length object DoS attempt (exploit.rules)
10408 <-> RPC portmap HP-UX Single Logical Screen SLSD tcp request (rpc.rules)
10409 <-> RPC portmap HP-UX Single Logical Screen SLSD udp request (rpc.rules)
10410 <-> RPC portmap HP-UX Single Logical Screen SLSD tcp request (rpc.rules)
10411 <-> RPC portmap HP-UX Single Logical Screen SLSD udp request (rpc.rules)
10475 <-> MISC UPNP notification type overflow attempt (misc.rules)
Snort

Sourcefire VRT Update

Date: 2007-04-13

Snort Links

Community

Sourcefire
