Talos Rules 2017-10-24
This release adds and modifies rules in several categories.

Talos has added and modified multiple rules in the browser-ie, browser-other, exploit-kit, file-flash, file-identify, file-multimedia, file-office, malware-backdoor, malware-cnc, malware-other, netbios, os-windows, policy-other, protocol-imap, protocol-other, protocol-pop, protocol-rpc, protocol-voip, pua-other, server-mail, server-oracle, server-other and SQL rule sets to provide coverage for emerging threats from these technologies.

Change logs

2017-10-24 15:02:46 UTC

Snort Subscriber Rules Update

Date: 2017-10-24

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091100.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:44643 <-> DISABLED <-> SERVER-OTHER Mikrotik RouterOS denial of service attempt (server-other.rules)
 * 1:44642 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center getSelInsBean Java expression language injection attempt (server-webapp.rules)
 * 1:44641 <-> DISABLED <-> POLICY-OTHER SERVER-WEBAPP Symantec Endpoint Protection Manager authentication lock bypass attempt (policy-other.rules)
 * 1:44640 <-> DISABLED <-> POLICY-OTHER WPA2 key reuse tool attempt (policy-other.rules)
 * 1:44639 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Quimonk variant outbound connection detected (malware-cnc.rules)
 * 1:44638 <-> DISABLED <-> PROTOCOL-RPC Linux kernel nfsd nfsd4_layout_verify out of bounds read attempt (protocol-rpc.rules)
 * 1:44637 <-> DISABLED <-> PROTOCOL-RPC Linux kernel nfsd nfsd4_layout_verify out of bounds read attempt (protocol-rpc.rules)
 * 1:44636 <-> DISABLED <-> BROWSER-IE Microsoft Edge sandbox escape attempt (browser-ie.rules)
 * 1:44635 <-> DISABLED <-> BROWSER-IE Microsoft Edge sandbox escape attempt (browser-ie.rules)
 * 1:44634 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack command injection attempt (server-other.rules)
 * 1:44633 <-> DISABLED <-> SERVER-OTHER Colorado FTP Server directory traversal attempt (server-other.rules)

Modified Rules:


 * 1:23701 <-> ENABLED <-> FILE-IDENTIFY Microsoft SYmbolic LinK file magic detected (file-identify.rules)
 * 1:23695 <-> ENABLED <-> FILE-IDENTIFY Flac file magic detected (file-identify.rules)
 * 1:23691 <-> ENABLED <-> FILE-IDENTIFY dmg file magic detected (file-identify.rules)
 * 1:23687 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file magic detected (file-identify.rules)
 * 1:23685 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23684 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23683 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23682 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23681 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file magic detected (file-identify.rules)
 * 1:23680 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file magic detected (file-identify.rules)
 * 1:23679 <-> ENABLED <-> FILE-IDENTIFY compressed Adobe Shockwave Flash file magic detected (file-identify.rules)
 * 1:23678 <-> ENABLED <-> FILE-IDENTIFY PDF file magic detected (file-identify.rules)
 * 1:23677 <-> ENABLED <-> FILE-IDENTIFY jarpack file magic detected (file-identify.rules)
 * 1:23676 <-> ENABLED <-> FILE-IDENTIFY Universal Binary/Java Bytecode file magic detected (file-identify.rules)
 * 1:23673 <-> ENABLED <-> FILE-IDENTIFY MachO x64 Little Endian file magic detected (file-identify.rules)
 * 1:23670 <-> ENABLED <-> FILE-IDENTIFY RTF file magic detected (file-identify.rules)
 * 1:23667 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detected (file-identify.rules)
 * 1:23666 <-> ENABLED <-> FILE-IDENTIFY MP3 file magic detected (file-identify.rules)
 * 1:23664 <-> ENABLED <-> FILE-IDENTIFY PNG file magic detected (file-identify.rules)
 * 1:23663 <-> ENABLED <-> FILE-IDENTIFY ELF file magic detected (file-identify.rules)
 * 1:23662 <-> ENABLED <-> FILE-IDENTIFY TNEF file magic detected (file-identify.rules)
 * 1:23659 <-> ENABLED <-> FILE-IDENTIFY RAR file magic detected (file-identify.rules)
 * 1:23658 <-> ENABLED <-> FILE-IDENTIFY RIFX file magic detected (file-identify.rules)
 * 1:23657 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:23656 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:23655 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:23654 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:23653 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:23652 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:23651 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:23648 <-> ENABLED <-> FILE-IDENTIFY MP3 file magic detected (file-identify.rules)
 * 1:23647 <-> ENABLED <-> FILE-IDENTIFY GIF file magic detected (file-identify.rules)
 * 1:23645 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Real Media file magic detected (file-identify.rules)
 * 1:23640 <-> ENABLED <-> FILE-IDENTIFY MPEG sys stream file magic detected (file-identify.rules)
 * 1:23639 <-> ENABLED <-> FILE-IDENTIFY MPEG video stream file magic detected (file-identify.rules)
 * 1:23638 <-> ENABLED <-> FILE-IDENTIFY Java .class file attachment detected (file-identify.rules)
 * 1:23637 <-> ENABLED <-> FILE-IDENTIFY Java .class file attachment detected (file-identify.rules)
 * 1:23393 <-> ENABLED <-> SQL IBM SolidDB initial banner (sql.rules)
 * 1:23349 <-> ENABLED <-> FILE-IDENTIFY Lotus file attachment detected (file-identify.rules)
 * 1:23348 <-> ENABLED <-> FILE-IDENTIFY Lotus file attachment detected (file-identify.rules)
 * 1:23347 <-> ENABLED <-> FILE-IDENTIFY Lotus file download request (file-identify.rules)
 * 1:23224 <-> ENABLED <-> EXPLOIT-KIT Redkit exploit kit landing page Requested - 8Digit.html (exploit-kit.rules)
 * 1:23208 <-> ENABLED <-> PROTOCOL-VOIP Digium Asterisk Manager Interface initial banner (protocol-voip.rules)
 * 1:23207 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23206 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23205 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file download request (file-identify.rules)
 * 1:23204 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23203 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23202 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file download request (file-identify.rules)
 * 1:23201 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23200 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23199 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file download request (file-identify.rules)
 * 1:23198 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23197 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23196 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file download request (file-identify.rules)
 * 1:23195 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23194 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23193 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file download request (file-identify.rules)
 * 1:23192 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23191 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23190 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file download request (file-identify.rules)
 * 1:23169 <-> ENABLED <-> FILE-IDENTIFY MPG video stream file attachment detected (file-identify.rules)
 * 1:23168 <-> ENABLED <-> FILE-IDENTIFY MPG video stream file attachment detected (file-identify.rules)
 * 1:23167 <-> ENABLED <-> FILE-IDENTIFY MPG video stream file download request (file-identify.rules)
 * 1:23139 <-> DISABLED <-> SERVER-OTHER Apple CUPS IPP memory corruption attempt (server-other.rules)
 * 1:23138 <-> DISABLED <-> SERVER-OTHER Apple CUPS IPP memory corruption attempt (server-other.rules)
 * 1:23013 <-> ENABLED <-> FILE-IDENTIFY Collada file attachment detected (file-identify.rules)
 * 1:23012 <-> ENABLED <-> FILE-IDENTIFY Collada file attachment detected (file-identify.rules)
 * 1:23011 <-> ENABLED <-> FILE-IDENTIFY Collada file download request (file-identify.rules)
 * 1:23001 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media Player DVR file attachment detected (file-identify.rules)
 * 1:23000 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media Player DVR file attachment detected (file-identify.rules)
 * 1:22999 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows WMF file magic detected (file-identify.rules)
 * 1:22998 <-> ENABLED <-> FILE-IDENTIFY MHTML file attachment detected (file-identify.rules)
 * 1:22997 <-> ENABLED <-> FILE-IDENTIFY MHTML file attachment detected (file-identify.rules)
 * 1:22996 <-> ENABLED <-> FILE-IDENTIFY Apple QuickTime Movie file attachment detected (file-identify.rules)
 * 1:22995 <-> ENABLED <-> FILE-IDENTIFY Apple QuickTime Movie file attachment detected (file-identify.rules)
 * 1:22994 <-> ENABLED <-> FILE-IDENTIFY MP4 file attachment detected (file-identify.rules)
 * 1:22993 <-> ENABLED <-> FILE-IDENTIFY MP4 file attachment detected (file-identify.rules)
 * 1:22980 <-> ENABLED <-> FILE-IDENTIFY M4V file attachment detected (file-identify.rules)
 * 1:22979 <-> ENABLED <-> FILE-IDENTIFY M4V file attachment detected (file-identify.rules)
 * 1:22972 <-> ENABLED <-> FILE-IDENTIFY m3u playlist file file attachment detected (file-identify.rules)
 * 1:22971 <-> ENABLED <-> FILE-IDENTIFY MPEG Layer 3 playlist file attachment detected (file-identify.rules)
 * 1:22966 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealPlayer RT file attachment detected (file-identify.rules)
 * 1:22965 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealPlayer RT file attachment detected (file-identify.rules)
 * 1:22964 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealPlayer RMP file attachment detected (file-identify.rules)
 * 1:22963 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealPlayer RMP file attachment detected (file-identify.rules)
 * 1:22962 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealPlayer RAM file attachment detected (file-identify.rules)
 * 1:22961 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealPlayer RAM file attachment detected (file-identify.rules)
 * 1:22946 <-> ENABLED <-> FILE-IDENTIFY NAB file magic detected (file-identify.rules)
 * 1:22945 <-> ENABLED <-> FILE-IDENTIFY NAB file attachment detected (file-identify.rules)
 * 1:22944 <-> ENABLED <-> FILE-IDENTIFY NAB file attachment detected (file-identify.rules)
 * 1:22943 <-> ENABLED <-> FILE-IDENTIFY NAB file download request (file-identify.rules)
 * 1:21999 <-> ENABLED <-> FILE-IDENTIFY OpenType Font file magic detection (file-identify.rules)
 * 1:21940 <-> ENABLED <-> FILE-IDENTIFY EMF file magic detected (file-identify.rules)
 * 1:21916 <-> ENABLED <-> SERVER-OTHER Novell Groupwise HTTP login request (server-other.rules)
 * 1:21915 <-> ENABLED <-> SERVER-OTHER Novell Groupwise HTTP login request (server-other.rules)
 * 1:21909 <-> ENABLED <-> FILE-IDENTIFY Portable Executable file attachment detected (file-identify.rules)
 * 1:21908 <-> ENABLED <-> FILE-IDENTIFY Portable Executable file attachment detected (file-identify.rules)
 * 1:21895 <-> ENABLED <-> FILE-IDENTIFY SVG file attachment detected (file-identify.rules)
 * 1:21894 <-> ENABLED <-> FILE-IDENTIFY SVG file attachment detected (file-identify.rules)
 * 1:21893 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file attachment detected (file-identify.rules)
 * 1:21892 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file attachment detected (file-identify.rules)
 * 1:21891 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file attachment detected (file-identify.rules)
 * 1:21890 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file attachment detected (file-identify.rules)
 * 1:21889 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Movie Maker file attachment detected (file-identify.rules)
 * 1:21888 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Movie Maker file attachment detected (file-identify.rules)
 * 1:21887 <-> ENABLED <-> FILE-IDENTIFY OpenType Font file attachment detected (file-identify.rules)
 * 1:21886 <-> ENABLED <-> FILE-IDENTIFY OpenType Font file attachment detected (file-identify.rules)
 * 1:21885 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Publisher file attachment detected (file-identify.rules)
 * 1:21884 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Publisher file attachment detected (file-identify.rules)
 * 1:21873 <-> ENABLED <-> FILE-IDENTIFY GIF file attachment detected (file-identify.rules)
 * 1:21872 <-> ENABLED <-> FILE-IDENTIFY GIF file attachment detected (file-identify.rules)
 * 1:21871 <-> ENABLED <-> FILE-IDENTIFY CNT file attachment detected (file-identify.rules)
 * 1:21870 <-> ENABLED <-> FILE-IDENTIFY CNT file attachment detected (file-identify.rules)
 * 1:21868 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Fax Cover page document file attachment detected (file-identify.rules)
 * 1:21867 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Fax Cover page document file attachment detected (file-identify.rules)
 * 1:21866 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Fax Cover page document file attachment detected (file-identify.rules)
 * 1:21865 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Fax Cover page document file attachment detected (file-identify.rules)
 * 1:21864 <-> ENABLED <-> FILE-IDENTIFY Google Chrome extension file attachment detected (file-identify.rules)
 * 1:21863 <-> ENABLED <-> FILE-IDENTIFY Google Chrome extension file attachment detected (file-identify.rules)
 * 1:21862 <-> ENABLED <-> FILE-IDENTIFY WRF file attachment detected (file-identify.rules)
 * 1:21861 <-> ENABLED <-> FILE-IDENTIFY WRF file attachment detected (file-identify.rules)
 * 1:21857 <-> ENABLED <-> FILE-IDENTIFY ZIP file attachment detected (file-identify.rules)
 * 1:21856 <-> ENABLED <-> FILE-IDENTIFY ZIP file attachment detected (file-identify.rules)
 * 1:21855 <-> ENABLED <-> FILE-IDENTIFY LNK file attachment detected (file-identify.rules)
 * 1:21854 <-> ENABLED <-> FILE-IDENTIFY LNK file attachment detected (file-identify.rules)
 * 1:21816 <-> ENABLED <-> FILE-IDENTIFY LZH file attachment detected (file-identify.rules)
 * 1:21815 <-> ENABLED <-> FILE-IDENTIFY LZH file attachment detected (file-identify.rules)
 * 1:21814 <-> ENABLED <-> FILE-IDENTIFY Apple Quicktime FLIC file magic detected (file-identify.rules)
 * 1:21813 <-> ENABLED <-> FILE-IDENTIFY Apple Quicktime FLIC animation file file attachment detected (file-identify.rules)
 * 1:21812 <-> ENABLED <-> FILE-IDENTIFY Apple Quicktime FLIC animation file file attachment detected (file-identify.rules)
 * 1:21811 <-> ENABLED <-> FILE-IDENTIFY Apple Quicktime FLIC animation file file download request (file-identify.rules)
 * 1:21810 <-> ENABLED <-> FILE-IDENTIFY Adobe Download Manager aom file magic detected (file-identify.rules)
 * 1:21809 <-> ENABLED <-> FILE-IDENTIFY Adobe Download Manager aom file attachment detected (file-identify.rules)
 * 1:21808 <-> ENABLED <-> FILE-IDENTIFY Adobe Download Manager aom file attachment detected (file-identify.rules)
 * 1:21807 <-> ENABLED <-> FILE-IDENTIFY Adobe Download Manager aom file download request (file-identify.rules)
 * 1:21751 <-> ENABLED <-> FILE-IDENTIFY HPJ file magic detected (file-identify.rules)
 * 1:21750 <-> ENABLED <-> FILE-IDENTIFY HPJ file attachment detected (file-identify.rules)
 * 1:21749 <-> ENABLED <-> FILE-IDENTIFY HPJ file attachment detected (file-identify.rules)
 * 1:21748 <-> ENABLED <-> FILE-IDENTIFY HPJ file download request (file-identify.rules)
 * 1:21747 <-> ENABLED <-> FILE-IDENTIFY RTF file attachment detected (file-identify.rules)
 * 1:21746 <-> ENABLED <-> FILE-IDENTIFY RTF file attachment detected (file-identify.rules)
 * 1:21745 <-> ENABLED <-> FILE-IDENTIFY AVI file attachment detected (file-identify.rules)
 * 1:21744 <-> ENABLED <-> FILE-IDENTIFY AVI file attachment detected (file-identify.rules)
 * 1:21743 <-> ENABLED <-> FILE-IDENTIFY Embedded Open Type Font file attachment detected (file-identify.rules)
 * 1:21742 <-> ENABLED <-> FILE-IDENTIFY Embedded Open Type Font file attachment detected (file-identify.rules)
 * 1:21741 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media asx file attachment detected (file-identify.rules)
 * 1:21740 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media asx file attachment detected (file-identify.rules)
 * 1:21739 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21738 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21737 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21736 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21735 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21734 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21733 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21732 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21731 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21730 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21729 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21728 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21727 <-> ENABLED <-> FILE-IDENTIFY ANI file magic detection (file-identify.rules)
 * 1:21726 <-> ENABLED <-> FILE-IDENTIFY ANI file attachment detected (file-identify.rules)
 * 1:21725 <-> ENABLED <-> FILE-IDENTIFY ANI file attachment detected (file-identify.rules)
 * 1:21724 <-> ENABLED <-> FILE-IDENTIFY ANI file download request (file-identify.rules)
 * 1:21723 <-> ENABLED <-> FILE-IDENTIFY AFM file attachment detected (file-identify.rules)
 * 1:21722 <-> ENABLED <-> FILE-IDENTIFY AFM file attachment detected (file-identify.rules)
 * 1:21721 <-> ENABLED <-> FILE-IDENTIFY AFM file download request (file-identify.rules)
 * 1:21720 <-> ENABLED <-> FILE-IDENTIFY PFM file attachment detected (file-identify.rules)
 * 1:21719 <-> ENABLED <-> FILE-IDENTIFY PFM file attachment detected (file-identify.rules)
 * 1:21718 <-> ENABLED <-> FILE-IDENTIFY PFM file download request (file-identify.rules)
 * 1:21717 <-> ENABLED <-> FILE-IDENTIFY PFB file attachment detected (file-identify.rules)
 * 1:21716 <-> ENABLED <-> FILE-IDENTIFY PFB file attachment detected (file-identify.rules)
 * 1:21715 <-> ENABLED <-> FILE-IDENTIFY PFB file download request (file-identify.rules)
 * 1:21714 <-> ENABLED <-> FILE-IDENTIFY PFA file attachment detected (file-identify.rules)
 * 1:21713 <-> ENABLED <-> FILE-IDENTIFY PFA file attachment detected (file-identify.rules)
 * 1:21712 <-> ENABLED <-> FILE-IDENTIFY PFA file magic detected (file-identify.rules)
 * 1:21711 <-> ENABLED <-> FILE-IDENTIFY PFA file download request (file-identify.rules)
 * 1:21710 <-> ENABLED <-> FILE-IDENTIFY AIFF file attachment detected (file-identify.rules)
 * 1:21709 <-> ENABLED <-> FILE-IDENTIFY AIFF file attachment detected (file-identify.rules)
 * 1:21706 <-> ENABLED <-> FILE-IDENTIFY BitTorrent torrent file attachment detected (file-identify.rules)
 * 1:21705 <-> ENABLED <-> FILE-IDENTIFY BitTorrent torrent file attachment detected (file-identify.rules)
 * 1:21704 <-> ENABLED <-> FILE-IDENTIFY 4XM file attachment detected (file-identify.rules)
 * 1:21703 <-> ENABLED <-> FILE-IDENTIFY 4XM file attachment detected (file-identify.rules)
 * 1:21702 <-> ENABLED <-> FILE-IDENTIFY FlashPix file attachment detected (file-identify.rules)
 * 1:21701 <-> ENABLED <-> FILE-IDENTIFY FlashPix file attachment detected (file-identify.rules)
 * 1:21700 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel xlw file attachment detected (file-identify.rules)
 * 1:21699 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel xlw file attachment detected (file-identify.rules)
 * 1:21698 <-> ENABLED <-> FILE-IDENTIFY SAMI file attachment detected (file-identify.rules)
 * 1:21697 <-> ENABLED <-> FILE-IDENTIFY SAMI file attachment detected (file-identify.rules)
 * 1:21696 <-> ENABLED <-> FILE-IDENTIFY SMI file attachment detected (file-identify.rules)
 * 1:21695 <-> ENABLED <-> FILE-IDENTIFY SMI file attachment detected (file-identify.rules)
 * 1:21694 <-> ENABLED <-> FILE-IDENTIFY FLAC file attachment detected (file-identify.rules)
 * 1:21693 <-> ENABLED <-> FILE-IDENTIFY FLAC file attachment detected (file-identify.rules)
 * 1:21692 <-> ENABLED <-> FILE-IDENTIFY SMIL file attachment detected (file-identify.rules)
 * 1:21691 <-> ENABLED <-> FILE-IDENTIFY SMIL file attachment detected (file-identify.rules)
 * 1:21688 <-> ENABLED <-> FILE-IDENTIFY PLS file attachment detected (file-identify.rules)
 * 1:21687 <-> ENABLED <-> FILE-IDENTIFY PLS file attachment detected (file-identify.rules)
 * 1:21652 <-> ENABLED <-> FILE-IDENTIFY QuickDraw/PICT file attachment detected (file-identify.rules)
 * 1:21651 <-> ENABLED <-> FILE-IDENTIFY QuickDraw/PICT file attachment detected (file-identify.rules)
 * 1:21650 <-> ENABLED <-> FILE-IDENTIFY QuickDraw/PICT file download request (file-identify.rules)
 * 1:21649 <-> ENABLED <-> FILE-IDENTIFY QuickDraw/PICT file attachment detected (file-identify.rules)
 * 1:21648 <-> ENABLED <-> FILE-IDENTIFY QuickDraw/PICT file attachment detected (file-identify.rules)
 * 1:21628 <-> ENABLED <-> FILE-IDENTIFY SUM file attachment detected (file-identify.rules)
 * 1:21627 <-> ENABLED <-> FILE-IDENTIFY SUM file attachment detected (file-identify.rules)
 * 1:21626 <-> ENABLED <-> FILE-IDENTIFY POR file attachment detected (file-identify.rules)
 * 1:21625 <-> ENABLED <-> FILE-IDENTIFY POR file attachment detected (file-identify.rules)
 * 1:21624 <-> ENABLED <-> FILE-IDENTIFY QUO file attachment detected (file-identify.rules)
 * 1:21623 <-> ENABLED <-> FILE-IDENTIFY QUO file attachment detected (file-identify.rules)
 * 1:21621 <-> ENABLED <-> FILE-IDENTIFY AVI file magic detected (file-identify.rules)
 * 1:21620 <-> ENABLED <-> FILE-IDENTIFY WAV file magic detected (file-identify.rules)
 * 1:21618 <-> ENABLED <-> FILE-IDENTIFY RT file attachment detected (file-identify.rules)
 * 1:21617 <-> ENABLED <-> FILE-IDENTIFY RT file attachment detected (file-identify.rules)
 * 1:21616 <-> ENABLED <-> FILE-IDENTIFY WMF file attachment detected (file-identify.rules)
 * 1:21615 <-> ENABLED <-> FILE-IDENTIFY WMF file attachment detected (file-identify.rules)
 * 1:21614 <-> ENABLED <-> FILE-IDENTIFY PNG file attachment detected (file-identify.rules)
 * 1:21613 <-> ENABLED <-> FILE-IDENTIFY PNG file attachment detected (file-identify.rules)
 * 1:21612 <-> ENABLED <-> FILE-IDENTIFY RAT file attachment detected (file-identify.rules)
 * 1:21611 <-> ENABLED <-> FILE-IDENTIFY RAT file attachment detected (file-identify.rules)
 * 1:21500 <-> ENABLED <-> FILE-IDENTIFY XML file attachment detected (file-identify.rules)
 * 1:21499 <-> ENABLED <-> FILE-IDENTIFY XML file attachment detected (file-identify.rules)
 * 1:21498 <-> ENABLED <-> FILE-IDENTIFY XML file magic detected (file-identify.rules)
 * 1:21480 <-> ENABLED <-> FILE-IDENTIFY XML file magic detected (file-identify.rules)
 * 1:21434 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Mentor variant outbound connection (malware-cnc.rules)
 * 1:21412 <-> ENABLED <-> FILE-IDENTIFY paq8o file attachment detected (file-identify.rules)
 * 1:21411 <-> ENABLED <-> FILE-IDENTIFY paq8o file attachment detected (file-identify.rules)
 * 1:21410 <-> ENABLED <-> FILE-IDENTIFY paq8o file download request (file-identify.rules)
 * 1:21288 <-> ENABLED <-> FILE-IDENTIFY XML download detected (file-identify.rules)
 * 1:21287 <-> ENABLED <-> FILE-IDENTIFY XSLT file attachment detected (file-identify.rules)
 * 1:21286 <-> ENABLED <-> FILE-IDENTIFY XSLT file attachment detected (file-identify.rules)
 * 1:21285 <-> ENABLED <-> FILE-IDENTIFY XSLT file download request (file-identify.rules)
 * 1:21284 <-> ENABLED <-> FILE-IDENTIFY XSL file attachment detected (file-identify.rules)
 * 1:21283 <-> ENABLED <-> FILE-IDENTIFY XSL file attachment detected (file-identify.rules)
 * 1:21282 <-> ENABLED <-> FILE-IDENTIFY XSL file download request (file-identify.rules)
 * 1:21174 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealPlayer realtext file download request (file-identify.rules)
 * 1:21153 <-> ENABLED <-> FILE-IDENTIFY S3M file attachment detected (file-identify.rules)
 * 1:21152 <-> ENABLED <-> FILE-IDENTIFY S3M file attachment detected (file-identify.rules)
 * 1:21113 <-> ENABLED <-> FILE-IDENTIFY Cisco Webex Player .wrf file magic detected (file-identify.rules)
 * 1:21111 <-> ENABLED <-> FILE-IDENTIFY MPEG video stream file attachment detected (file-identify.rules)
 * 1:21110 <-> ENABLED <-> FILE-IDENTIFY MPEG video stream file attachment detected (file-identify.rules)
 * 1:21109 <-> ENABLED <-> FILE-IDENTIFY MPEG video stream file download request (file-identify.rules)
 * 1:21062 <-> ENABLED <-> FILE-IDENTIFY AVI file attachment detected (file-identify.rules)
 * 1:21061 <-> ENABLED <-> FILE-IDENTIFY AVI file attachment detected (file-identify.rules)
 * 1:21059 <-> ENABLED <-> FILE-IDENTIFY AVI Video file magic detected (file-identify.rules)
 * 1:21036 <-> ENABLED <-> FILE-IDENTIFY PDF file attachment detected (file-identify.rules)
 * 1:21035 <-> ENABLED <-> FILE-IDENTIFY PDF file attachment detected (file-identify.rules)
 * 1:21018 <-> ENABLED <-> FILE-IDENTIFY cyb Cytel Studio file download request (file-identify.rules)
 * 1:21017 <-> ENABLED <-> FILE-IDENTIFY cyb Cytel Studio file attachment detected (file-identify.rules)
 * 1:21016 <-> ENABLED <-> FILE-IDENTIFY Cytel Studio cyb file attachment detected (file-identify.rules)
 * 1:21015 <-> ENABLED <-> FILE-IDENTIFY cy3 Cytel Studio file magic detected (file-identify.rules)
 * 1:21014 <-> ENABLED <-> FILE-IDENTIFY Cytel Studio cy3 file attachment detected (file-identify.rules)
 * 1:21013 <-> ENABLED <-> FILE-IDENTIFY Cytel Studio cy3 file attachment detected (file-identify.rules)
 * 1:21012 <-> ENABLED <-> FILE-IDENTIFY Cytel Studio cy3 file download request (file-identify.rules)
 * 1:21011 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office PowerPoint file magic detected (file-identify.rules)
 * 1:21007 <-> ENABLED <-> FILE-IDENTIFY Microsoft Money file magic detected (file-identify.rules)
 * 1:20992 <-> ENABLED <-> FILE-IDENTIFY SAMI file magic detected (file-identify.rules)
 * 1:20991 <-> ENABLED <-> FILE-IDENTIFY TTF file magic detected (file-identify.rules)
 * 1:20987 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word docx file attachment detected (file-identify.rules)
 * 1:20986 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word docx file attachment detected (file-identify.rules)
 * 1:20983 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office PowerPoint file attachment detected (file-identify.rules)
 * 1:20982 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office PowerPoint file attachment detected (file-identify.rules)
 * 1:20981 <-> ENABLED <-> FILE-IDENTIFY OTF file attachment detected (file-identify.rules)
 * 1:20980 <-> ENABLED <-> FILE-IDENTIFY OTF file attachment detected (file-identify.rules)
 * 1:20979 <-> ENABLED <-> FILE-IDENTIFY TTE file attachment detected (file-identify.rules)
 * 1:20978 <-> ENABLED <-> FILE-IDENTIFY TTE file attachment detected (file-identify.rules)
 * 1:20977 <-> ENABLED <-> FILE-IDENTIFY SKM file download request (file-identify.rules)
 * 1:20976 <-> ENABLED <-> FILE-IDENTIFY K3G file download request (file-identify.rules)
 * 1:20975 <-> ENABLED <-> FILE-IDENTIFY 3G2 file download request (file-identify.rules)
 * 1:20974 <-> ENABLED <-> FILE-IDENTIFY 3GP file download request (file-identify.rules)
 * 1:20973 <-> ENABLED <-> FILE-IDENTIFY M4B file download request (file-identify.rules)
 * 1:20972 <-> ENABLED <-> FILE-IDENTIFY M4V file magic request (file-identify.rules)
 * 1:20971 <-> ENABLED <-> FILE-IDENTIFY M4R file download request (file-identify.rules)
 * 1:20970 <-> ENABLED <-> FILE-IDENTIFY M4P file download request (file-identify.rules)
 * 1:20969 <-> ENABLED <-> FILE-IDENTIFY M4A file download request (file-identify.rules)
 * 1:20968 <-> ENABLED <-> FILE-IDENTIFY Apple disk image file download request (file-identify.rules)
 * 1:20967 <-> ENABLED <-> FILE-IDENTIFY JPEG file download request (file-identify.rules)
 * 1:20966 <-> ENABLED <-> FILE-IDENTIFY JPEG file download request (file-identify.rules)
 * 1:20965 <-> ENABLED <-> FILE-IDENTIFY JPEG file download request (file-identify.rules)
 * 1:20964 <-> ENABLED <-> FILE-IDENTIFY SAMI file download request (file-identify.rules)
 * 1:20963 <-> ENABLED <-> FILE-IDENTIFY DIB file download request (file-identify.rules)
 * 1:20962 <-> ENABLED <-> FILE-IDENTIFY OTF file download request (file-identify.rules)
 * 1:20961 <-> ENABLED <-> FILE-IDENTIFY TTE file download request (file-identify.rules)
 * 1:20960 <-> ENABLED <-> FILE-IDENTIFY Flac file download request (file-identify.rules)
 * 1:20959 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20958 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20957 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20956 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20955 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20954 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20953 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20952 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20951 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20950 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20948 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20947 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20946 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20945 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20944 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20943 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20942 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20941 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20940 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file download request (file-identify.rules)
 * 1:20939 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file download request (file-identify.rules)
 * 1:20938 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file download request (file-identify.rules)
 * 1:20937 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file download request (file-identify.rules)
 * 1:20936 <-> ENABLED <-> FILE-IDENTIFY QCP file attachment detected (file-identify.rules)
 * 1:20935 <-> ENABLED <-> FILE-IDENTIFY QCP file attachment detected (file-identify.rules)
 * 1:20934 <-> ENABLED <-> FILE-IDENTIFY MKA file attachment detected (file-identify.rules)
 * 1:20933 <-> ENABLED <-> FILE-IDENTIFY MKA file attachment detected (file-identify.rules)
 * 1:20932 <-> ENABLED <-> FILE-IDENTIFY MKS file attachment detected (file-identify.rules)
 * 1:20931 <-> ENABLED <-> FILE-IDENTIFY MKS file attachment detected (file-identify.rules)
 * 1:20930 <-> ENABLED <-> FILE-IDENTIFY MKV file attachment detected (file-identify.rules)
 * 1:20929 <-> ENABLED <-> FILE-IDENTIFY MKV file attachment detected (file-identify.rules)
 * 1:20928 <-> ENABLED <-> FILE-IDENTIFY SMIL file magic detected (file-identify.rules)
 * 1:20926 <-> ENABLED <-> FILE-IDENTIFY Adobe Pagemaker file attachment detected (file-identify.rules)
 * 1:20925 <-> ENABLED <-> FILE-IDENTIFY Adobe Pagemaker file attachment detected (file-identify.rules)
 * 1:20924 <-> ENABLED <-> FILE-IDENTIFY PLS file magic detected (file-identify.rules)
 * 1:20914 <-> ENABLED <-> FILE-IDENTIFY XML Shareable Playlist Format file attachment detected (file-identify.rules)
 * 1:20913 <-> ENABLED <-> FILE-IDENTIFY XML Shareable Playlist Format file attachment detected (file-identify.rules)
 * 1:20910 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media ASF file attachment detected (file-identify.rules)
 * 1:20909 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media ASF file attachment detected (file-identify.rules)
 * 1:20908 <-> ENABLED <-> FILE-IDENTIFY DXF file attachment detected (file-identify.rules)
 * 1:20907 <-> ENABLED <-> FILE-IDENTIFY DXF file attachment detected (file-identify.rules)
 * 1:20906 <-> ENABLED <-> FILE-IDENTIFY X PixMap file attachment detected (file-identify.rules)
 * 1:20905 <-> ENABLED <-> FILE-IDENTIFY X PixMap file attachment detected (file-identify.rules)
 * 1:20899 <-> ENABLED <-> FILE-IDENTIFY MIDI file attachment detected (file-identify.rules)
 * 1:20898 <-> ENABLED <-> FILE-IDENTIFY MIDI file attachment detected (file-identify.rules)
 * 1:20897 <-> ENABLED <-> FILE-IDENTIFY MIDI file magic detected (file-identify.rules)
 * 1:20874 <-> ENABLED <-> SERVER-OTHER IBM Tivoli Storage Manager Express Backup initialization packet (server-other.rules)
 * 1:20855 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Visio file attachment detected (file-identify.rules)
 * 1:20854 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Visio file attachment detected (file-identify.rules)
 * 1:20851 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows EMF metafile file attachment detected (file-identify.rules)
 * 1:20850 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows EMF metafile file attachment detected (file-identify.rules)
 * 1:20841 <-> ENABLED <-> FILE-IDENTIFY eSignal .sum file download request (file-identify.rules)
 * 1:20840 <-> ENABLED <-> FILE-IDENTIFY eSignal .por file download request (file-identify.rules)
 * 1:20839 <-> ENABLED <-> FILE-IDENTIFY eSignal .quo file download request (file-identify.rules)
 * 1:20801 <-> ENABLED <-> FILE-IDENTIFY MIME file type file attachment detected (file-identify.rules)
 * 1:20800 <-> ENABLED <-> FILE-IDENTIFY MIME file type file attachment detected (file-identify.rules)
 * 1:20799 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20798 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20796 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word file attachment detected (file-identify.rules)
 * 1:20795 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word file attachment detected (file-identify.rules)
 * 1:20793 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file attachment detected (file-identify.rules)
 * 1:20792 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file attachment detected (file-identify.rules)
 * 1:20733 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media Player DVR file download request (file-identify.rules)
 * 1:20723 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word docx file download request (file-identify.rules)
 * 1:20621 <-> ENABLED <-> FILE-IDENTIFY JAR file download request (file-identify.rules)
 * 1:20554 <-> ENABLED <-> PUA-OTHER Microsoft MSN Messenger and Windows Live Messenger Code Execution attempt (pua-other.rules)
 * 1:20544 <-> ENABLED <-> FILE-IDENTIFY Adobe Flash Player FLV file download request (file-identify.rules)
 * 1:20522 <-> ENABLED <-> FILE-IDENTIFY VideoLAN VLC file magic detected (file-identify.rules)
 * 1:20521 <-> ENABLED <-> FILE-IDENTIFY Flac file magic detected (file-identify.rules)
 * 1:20518 <-> ENABLED <-> FILE-IDENTIFY rmf file download request (file-identify.rules)
 * 1:20514 <-> ENABLED <-> FILE-IDENTIFY dmg file magic detected (file-identify.rules)
 * 1:20507 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file magic detected (file-identify.rules)
 * 1:20503 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20502 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20501 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20500 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20497 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file magic detected (file-identify.rules)
 * 1:20496 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file magic detected (file-identify.rules)
 * 1:20495 <-> ENABLED <-> FILE-IDENTIFY compressed Adobe Shockwave Flash file magic detected (file-identify.rules)
 * 1:20494 <-> ENABLED <-> FILE-IDENTIFY PDF file magic detected (file-identify.rules)
 * 1:20493 <-> ENABLED <-> FILE-IDENTIFY jarpack file magic detected (file-identify.rules)
 * 1:20492 <-> ENABLED <-> FILE-IDENTIFY Universal Binary/Java Bytecode file magic detected (file-identify.rules)
 * 1:20489 <-> ENABLED <-> FILE-IDENTIFY MachO x64 Little Endian file magic detected (file-identify.rules)
 * 1:20486 <-> ENABLED <-> FILE-IDENTIFY RTF file magic detected (file-identify.rules)
 * 1:20483 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detected (file-identify.rules)
 * 1:20481 <-> ENABLED <-> FILE-IDENTIFY MP3 file magic detected (file-identify.rules)
 * 1:20480 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detection (file-identify.rules)
 * 1:20478 <-> ENABLED <-> FILE-IDENTIFY PNG file magic detected (file-identify.rules)
 * 1:20477 <-> ENABLED <-> FILE-IDENTIFY ELF file magic detected (file-identify.rules)
 * 1:20476 <-> ENABLED <-> FILE-IDENTIFY TNEF file magic detected (file-identify.rules)
 * 1:20472 <-> ENABLED <-> FILE-IDENTIFY RAR file magic detected (file-identify.rules)
 * 1:20471 <-> ENABLED <-> FILE-IDENTIFY RIFX file magic detected (file-identify.rules)
 * 1:20469 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:20468 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:20467 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:20466 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:20465 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:20464 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:20463 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:20460 <-> ENABLED <-> FILE-IDENTIFY MP3 file magic detected (file-identify.rules)
 * 1:20459 <-> ENABLED <-> FILE-IDENTIFY GIF file magic detected (file-identify.rules)
 * 1:20456 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Real Media file magic detected (file-identify.rules)
 * 1:20451 <-> ENABLED <-> FILE-IDENTIFY MPEG sys stream file magic detected (file-identify.rules)
 * 1:20450 <-> ENABLED <-> FILE-IDENTIFY MPEG video stream file magic detected (file-identify.rules)
 * 1:20287 <-> ENABLED <-> FILE-IDENTIFY QCP file download request (file-identify.rules)
 * 1:20282 <-> ENABLED <-> FILE-IDENTIFY S3M file download request (file-identify.rules)
 * 1:20260 <-> ENABLED <-> FILE-IDENTIFY Microsoft Client Agent Helper JAR file download request (file-identify.rules)
 * 1:20223 <-> ENABLED <-> FILE-IDENTIFY SMI file download request (file-identify.rules)
 * 1:20032 <-> ENABLED <-> FILE-IDENTIFY MIME file type file download request (file-identify.rules)
 * 1:19907 <-> ENABLED <-> FILE-IDENTIFY PICT file magic detected (file-identify.rules)
 * 1:19430 <-> ENABLED <-> FILE-IDENTIFY MIDI file download request (file-identify.rules)
 * 1:19425 <-> ENABLED <-> FILE-IDENTIFY MKS file download request (file-identify.rules)
 * 1:19424 <-> ENABLED <-> FILE-IDENTIFY MKA file download request (file-identify.rules)
 * 1:19423 <-> ENABLED <-> FILE-IDENTIFY MKV file download request (file-identify.rules)
 * 1:19422 <-> ENABLED <-> FILE-IDENTIFY matroska file magic detected (file-identify.rules)
 * 1:19323 <-> ENABLED <-> SERVER-OTHER Novell ZENworks Handheld Management ZfHIPCND.exe buffer overflow attempt (server-other.rules)
 * 1:19289 <-> ENABLED <-> FILE-IDENTIFY MHTML file download request (file-identify.rules)
 * 1:19224 <-> ENABLED <-> FILE-IDENTIFY Cisco Webex wrf file download request (file-identify.rules)
 * 1:19218 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Fax Cover page document file download request (file-identify.rules)
 * 1:19215 <-> ENABLED <-> FILE-IDENTIFY Google Chrome extension file download request (file-identify.rules)
 * 1:19211 <-> ENABLED <-> FILE-IDENTIFY ZIP archive file download request (file-identify.rules)
 * 1:19190 <-> ENABLED <-> NETBIOS SMB-DS Trans2 Distributed File System GET_DFS_REFERRAL request (netbios.rules)
 * 1:19166 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file magic detected (file-identify.rules)
 * 1:19129 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer .r1m file magic detected (file-identify.rules)
 * 1:19128 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer REC file magic detected (file-identify.rules)
 * 1:18675 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Fax Cover page document file download request (file-identify.rules)
 * 1:18593 <-> ENABLED <-> FILE-IDENTIFY BitTorrent torrent file download request (file-identify.rules)
 * 1:18516 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word file download request (file-identify.rules)
 * 1:18234 <-> ENABLED <-> FILE-IDENTIFY QuickDraw/PICT file download request (file-identify.rules)
 * 1:17809 <-> ENABLED <-> FILE-IDENTIFY Apple Quicktime qt file download request (file-identify.rules)
 * 1:17802 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file download request (file-identify.rules)
 * 1:17801 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file magic detected (file-identify.rules)
 * 1:17751 <-> ENABLED <-> FILE-IDENTIFY OpenType Font file download request (file-identify.rules)
 * 1:17745 <-> ENABLED <-> NETBIOS SMB TRANS2 Find_First2 request attempt (netbios.rules)
 * 1:17739 <-> ENABLED <-> FILE-IDENTIFY FlashPix file download request (file-identify.rules)
 * 1:17733 <-> ENABLED <-> FILE-IDENTIFY XML file download request (file-identify.rules)
 * 1:17732 <-> ENABLED <-> FILE-IDENTIFY TIFF file download request (file-identify.rules)
 * 1:17679 <-> ENABLED <-> FILE-IDENTIFY Apple disk image file download request (file-identify.rules)
 * 1:17600 <-> ENABLED <-> FILE-IDENTIFY XUL file download request (file-identify.rules)
 * 1:17598 <-> ENABLED <-> SERVER-OTHER IBM DB2 Universal Database accsec command without rdbnam (server-other.rules)
 * 1:17552 <-> ENABLED <-> FILE-IDENTIFY Adobe Pagemaker file download request (file-identify.rules)
 * 1:17547 <-> ENABLED <-> FILE-IDENTIFY SMIL file download request (file-identify.rules)
 * 1:17540 <-> ENABLED <-> FILE-IDENTIFY LZH file download request (file-identify.rules)
 * 1:17534 <-> ENABLED <-> SERVER-OTHER IPP Application Content (server-other.rules)
 * 1:17509 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows .NET Manifest file download request (file-identify.rules)
 * 1:17508 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows .NET Application file download request (file-identify.rules)
 * 1:17441 <-> ENABLED <-> FILE-IDENTIFY LNK file download request (file-identify.rules)
 * 1:17426 <-> ENABLED <-> FILE-IDENTIFY RAT file download request (file-identify.rules)
 * 1:17418 <-> ENABLED <-> SERVER-ORACLE Oracle connection established (server-oracle.rules)
 * 1:17396 <-> ENABLED <-> SERVER-OTHER VNC client authentication response (server-other.rules)
 * 1:17394 <-> ENABLED <-> FILE-IDENTIFY GIF file download request (file-identify.rules)
 * 1:17380 <-> ENABLED <-> FILE-IDENTIFY PNG file download request (file-identify.rules)
 * 1:17370 <-> ENABLED <-> SERVER-WEBAPP Squid authentication headers handling denial of service attempt (server-webapp.rules)
 * 1:17364 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Help Workshop CNT Help file download request (file-identify.rules)
 * 1:17359 <-> ENABLED <-> FILE-IDENTIFY XBM image file download request (file-identify.rules)
 * 1:17332 <-> ENABLED <-> SERVER-MAIL Content-Disposition attachment (server-mail.rules)
 * 1:17327 <-> ENABLED <-> SERVER-MAIL Qualcomm WorldMail Server Response (server-mail.rules)
 * 1:17314 <-> ENABLED <-> FILE-IDENTIFY OLE document file magic detected (file-identify.rules)
 * 1:17259 <-> ENABLED <-> FILE-IDENTIFY MOV file download request (file-identify.rules)
 * 1:17241 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media wmv file download request (file-identify.rules)
 * 1:17230 <-> ENABLED <-> FILE-IDENTIFY Tiff big endian file magic detected (file-identify.rules)
 * 1:17229 <-> ENABLED <-> FILE-IDENTIFY Tiff little endian file magic detected (file-identify.rules)
 * 1:17151 <-> ENABLED <-> NETBIOS SMB negotiate protocol request - ascii strings (netbios.rules)
 * 1:17116 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media ASX file download request (file-identify.rules)
 * 1:16761 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand unicode create tree attempt (netbios.rules)
 * 1:16760 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand unicode andx create tree attempt (netbios.rules)
 * 1:16759 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand create tree attempt (netbios.rules)
 * 1:16758 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand andx create tree attempt (netbios.rules)
 * 1:16757 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand unicode create tree attempt (netbios.rules)
 * 1:16756 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand unicode andx create tree attempt (netbios.rules)
 * 1:16755 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand create tree attempt (netbios.rules)
 * 1:16754 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand andx create tree attempt (netbios.rules)
 * 1:16691 <-> ENABLED <-> FILE-IDENTIFY PLF playlist file download request (file-identify.rules)
 * 1:16630 <-> ENABLED <-> FILE-IDENTIFY DAT file download request (file-identify.rules)
 * 1:16594 <-> ENABLED <-> PROTOCOL-POP STAT command (protocol-pop.rules)
 * 1:16529 <-> ENABLED <-> FILE-IDENTIFY JPEG file download request (file-identify.rules)
 * 1:16474 <-> ENABLED <-> FILE-IDENTIFY Microsoft Compound File Binary v3 file magic detected (file-identify.rules)
 * 1:16473 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Movie Maker project file download request (file-identify.rules)
 * 1:16425 <-> ENABLED <-> FILE-IDENTIFY Portable Executable binary file download request (file-identify.rules)
 * 1:16407 <-> ENABLED <-> FILE-IDENTIFY JPEG file download request (file-identify.rules)
 * 1:16406 <-> ENABLED <-> FILE-IDENTIFY JPEG file download request (file-identify.rules)
 * 1:16381 <-> ENABLED <-> NETBIOS SMB session negotiation request (netbios.rules)
 * 1:16286 <-> ENABLED <-> FILE-IDENTIFY TrueType font file download request (file-identify.rules)
 * 1:16219 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file download request (file-identify.rules)
 * 1:16205 <-> ENABLED <-> FILE-IDENTIFY BMP file download request (file-identify.rules)
 * 1:16143 <-> ENABLED <-> FILE-IDENTIFY Microsoft asf file magic detected (file-identify.rules)
 * 1:16061 <-> ENABLED <-> FILE-IDENTIFY X PixMap file download request (file-identify.rules)
 * 1:15987 <-> ENABLED <-> FILE-IDENTIFY DXF file download request (file-identify.rules)
 * 1:15945 <-> ENABLED <-> FILE-IDENTIFY RSS file download request (file-identify.rules)
 * 1:15922 <-> ENABLED <-> FILE-IDENTIFY MP3 file download request (file-identify.rules)
 * 1:15900 <-> ENABLED <-> FILE-IDENTIFY Audio Interchange file download request (file-identify.rules)
 * 1:15870 <-> ENABLED <-> FILE-IDENTIFY 4XM file download request (file-identify.rules)
 * 1:15865 <-> ENABLED <-> FILE-IDENTIFY MP4 file download request (file-identify.rules)
 * 1:15587 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word file download request (file-identify.rules)
 * 1:15586 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office PowerPoint file download request (file-identify.rules)
 * 1:15518 <-> ENABLED <-> FILE-IDENTIFY Embedded Open Type Font file download request (file-identify.rules)
 * 1:15516 <-> ENABLED <-> FILE-IDENTIFY AVI multimedia file download request (file-identify.rules)
 * 1:15483 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file download request (file-identify.rules)
 * 1:15468 <-> ENABLED <-> BROWSER-IE Apple Safari-Internet Explorer SearchPath blended threat dll request (browser-ie.rules)
 * 1:15464 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file download request (file-identify.rules)
 * 1:15463 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file download request (file-identify.rules)
 * 1:15427 <-> ENABLED <-> FILE-IDENTIFY SVG file download request (file-identify.rules)
 * 1:15294 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Visio file download request (file-identify.rules)
 * 1:15240 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealMedia format file download request (file-identify.rules)
 * 1:15239 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealMedia format file download request (file-identify.rules)
 * 1:15237 <-> ENABLED <-> FILE-IDENTIFY Java .class file download request (file-identify.rules)
 * 1:15158 <-> ENABLED <-> FILE-IDENTIFY XML Shareable Playlist Format file download request (file-identify.rules)
 * 1:15079 <-> ENABLED <-> FILE-IDENTIFY WAV file download request (file-identify.rules)
 * 1:15013 <-> ENABLED <-> FILE-IDENTIFY PDF file download request (file-identify.rules)
 * 1:14018 <-> ENABLED <-> FILE-IDENTIFY PLS multimedia playlist file download request (file-identify.rules)
 * 1:14017 <-> ENABLED <-> FILE-IDENTIFY MPEG Layer 3 playlist file download request (file-identify.rules)
 * 1:13801 <-> ENABLED <-> FILE-IDENTIFY RTF file download request (file-identify.rules)
 * 1:13585 <-> ENABLED <-> FILE-IDENTIFY Microsoft SYmbolic LinK file magic detected (file-identify.rules)
 * 1:13583 <-> ENABLED <-> FILE-IDENTIFY Microsoft SYmbolic LinK file download request (file-identify.rules)
 * 1:13515 <-> ENABLED <-> FILE-MULTIMEDIA Apple QuickTime user agent (file-multimedia.rules)
 * 1:13473 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Publisher file download request (file-identify.rules)
 * 1:13465 <-> ENABLED <-> FILE-IDENTIFY Microsoft Works file download request (file-identify.rules)
 * 1:12972 <-> ENABLED <-> FILE-IDENTIFY Microsoft Media Player asf/wmv/wma file magic detected (file-identify.rules)
 * 1:12455 <-> ENABLED <-> FILE-IDENTIFY SAP Crystal Reports file download request (file-identify.rules)
 * 1:12454 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media ASF file magic detected (file-identify.rules)
 * 1:12283 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel xlw file magic detected (file-identify.rules)
 * 1:12182 <-> ENABLED <-> FILE-IDENTIFY Adobe Flash Video file magic detected (file-identify.rules)
 * 1:11835 <-> ENABLED <-> FILE-IDENTIFY Visio file magic detected (file-identify.rules)
 * 1:11004 <-> ENABLED <-> PROTOCOL-IMAP CRAM-MD5 authentication request detected (protocol-imap.rules)
 * 1:24708 <-> ENABLED <-> FILE-IDENTIFY Netop Remote Control file download request (file-identify.rules)
 * 1:24709 <-> ENABLED <-> FILE-IDENTIFY Netop Remote Control file attachment detected (file-identify.rules)
 * 1:24710 <-> ENABLED <-> FILE-IDENTIFY Netop Remote Control file attachment detected (file-identify.rules)
 * 1:24719 <-> ENABLED <-> PROTOCOL-VOIP Digium Asterisk SCCP call state message offhook (protocol-voip.rules)
 * 1:24816 <-> ENABLED <-> FILE-IDENTIFY MP4 file magic detected (file-identify.rules)
 * 1:24817 <-> ENABLED <-> FILE-IDENTIFY MP4 file magic detected (file-identify.rules)
 * 1:24818 <-> ENABLED <-> FILE-IDENTIFY M4V file magic detected (file-identify.rules)
 * 1:24819 <-> ENABLED <-> FILE-IDENTIFY M4V file magic detected (file-identify.rules)
 * 1:24820 <-> ENABLED <-> FILE-IDENTIFY Computer Graphics Metafile file download request (file-identify.rules)
 * 1:24821 <-> ENABLED <-> FILE-IDENTIFY Computer Graphics Metafile file attachment detected (file-identify.rules)
 * 1:24822 <-> ENABLED <-> FILE-IDENTIFY Computer Graphics Metafile file attachment detected (file-identify.rules)
 * 1:24824 <-> ENABLED <-> FILE-IDENTIFY RealPlayer skin file download request (file-identify.rules)
 * 1:24825 <-> ENABLED <-> FILE-IDENTIFY RealPlayer skin file attachment detected (file-identify.rules)
 * 1:24826 <-> ENABLED <-> FILE-IDENTIFY RealPlayer skin file attachment detected (file-identify.rules)
 * 1:24901 <-> ENABLED <-> FILE-IDENTIFY JNLP file download request (file-identify.rules)
 * 1:24902 <-> ENABLED <-> FILE-IDENTIFY JNLP file attachment detected (file-identify.rules)
 * 1:24903 <-> ENABLED <-> FILE-IDENTIFY JNLP file attachment detected (file-identify.rules)
 * 1:25032 <-> ENABLED <-> FILE-IDENTIFY Microsoft Silverlight application file download request (file-identify.rules)
 * 1:25033 <-> ENABLED <-> FILE-IDENTIFY Microsoft Silverlight application file attachment detected (file-identify.rules)
 * 1:25034 <-> ENABLED <-> FILE-IDENTIFY Microsoft Silverlight application file attachment detected (file-identify.rules)
 * 1:25041 <-> ENABLED <-> EXPLOIT-KIT Java User-Agent flowbit set (exploit-kit.rules)
 * 1:25305 <-> ENABLED <-> FILE-IDENTIFY Adobe Audition Session file magic detected (file-identify.rules)
 * 1:25306 <-> ENABLED <-> FILE-IDENTIFY Adobe Audition Session file download request (file-identify.rules)
 * 1:25307 <-> ENABLED <-> FILE-IDENTIFY Adobe Audition Session file attachment detected (file-identify.rules)
 * 1:25308 <-> ENABLED <-> FILE-IDENTIFY Adobe Audition Session file attachment detected (file-identify.rules)
 * 1:25513 <-> ENABLED <-> FILE-IDENTIFY Portable Executable download detected (file-identify.rules)
 * 1:25514 <-> ENABLED <-> FILE-IDENTIFY Portable Executable download detected (file-identify.rules)
 * 1:25515 <-> ENABLED <-> FILE-IDENTIFY Portable Executable binary file magic detected (file-identify.rules)
 * 1:25602 <-> ENABLED <-> SERVER-OTHER Sybase Open Server TDS login request (server-other.rules)
 * 1:26057 <-> ENABLED <-> FILE-IDENTIFY ZIP file download detected (file-identify.rules)
 * 1:26058 <-> ENABLED <-> FILE-IDENTIFY ZIP file attachment detected (file-identify.rules)
 * 1:26063 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word docm file download request (file-identify.rules)
 * 1:26064 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word docm file attachment detected (file-identify.rules)
 * 1:26065 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word docm file attachment detected (file-identify.rules)
 * 1:26083 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file download request (file-identify.rules)
 * 1:26084 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file attachment detected (file-identify.rules)
 * 1:26085 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file attachment detected (file-identify.rules)
 * 1:26251 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detected (file-identify.rules)
 * 1:26429 <-> ENABLED <-> FILE-FLASH Adobe Flash Player RTMP malformed onStatus message type confusion attempt (file-flash.rules)
 * 1:26456 <-> ENABLED <-> FILE-IDENTIFY Stream redirector file attachment detected (file-identify.rules)
 * 1:26457 <-> ENABLED <-> FILE-IDENTIFY Stream redirector file attachment detected (file-identify.rules)
 * 1:26458 <-> ENABLED <-> FILE-IDENTIFY Stream redirector file download request (file-identify.rules)
 * 1:26465 <-> ENABLED <-> FILE-IDENTIFY XUL file attachment detected (file-identify.rules)
 * 1:26466 <-> ENABLED <-> FILE-IDENTIFY XUL file attachment detected (file-identify.rules)
 * 1:26492 <-> ENABLED <-> FILE-IDENTIFY KingView KingMessage log file download request (file-identify.rules)
 * 1:26493 <-> ENABLED <-> FILE-IDENTIFY KingView KingMessage log file attachment detected (file-identify.rules)
 * 1:26494 <-> ENABLED <-> FILE-IDENTIFY KingView KingMessage log file attachment detected (file-identify.rules)
 * 1:27121 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector - initiate connection (server-other.rules)
 * 1:27542 <-> ENABLED <-> FILE-IDENTIFY Python bytecode file magic detected (file-identify.rules)
 * 1:27543 <-> ENABLED <-> FILE-IDENTIFY Python bytecode file magic detected (file-identify.rules)
 * 1:27741 <-> ENABLED <-> EXPLOIT-KIT Zip file downloaded by Java (exploit-kit.rules)
 * 1:28367 <-> ENABLED <-> FILE-IDENTIFY CIS file magic detected (file-identify.rules)
 * 1:28368 <-> ENABLED <-> FILE-IDENTIFY CIS file magic detected (file-identify.rules)
 * 1:28369 <-> ENABLED <-> FILE-IDENTIFY CIS file attachment detected (file-identify.rules)
 * 1:28370 <-> ENABLED <-> FILE-IDENTIFY CIS file attachment detected (file-identify.rules)
 * 1:28425 <-> ENABLED <-> OS-WINDOWS Microsoft Windows SMB Microsoft Windows Remote Administration Protocol usage attempt (os-windows.rules)
 * 1:28497 <-> ENABLED <-> FILE-IDENTIFY WordPerfect file magic detected (file-identify.rules)
 * 1:28570 <-> ENABLED <-> FILE-IDENTIFY FDF file magic detected (file-identify.rules)
 * 1:28571 <-> ENABLED <-> FILE-IDENTIFY FDF file attachment detected (file-identify.rules)
 * 1:28572 <-> ENABLED <-> FILE-IDENTIFY FDF file attachment detected (file-identify.rules)
 * 1:28573 <-> ENABLED <-> FILE-IDENTIFY FDF file magic detected (file-identify.rules)
 * 1:28574 <-> ENABLED <-> FILE-IDENTIFY FDF file download request (file-identify.rules)
 * 1:28610 <-> ENABLED <-> EXPLOIT-KIT Sakura exploit kit exploit payload retreive attempt (exploit-kit.rules)
 * 1:28894 <-> ENABLED <-> FILE-IDENTIFY eSignal .ets file attachment detected (file-identify.rules)
 * 1:28895 <-> ENABLED <-> FILE-IDENTIFY eSignal .por file attachment detected (file-identify.rules)
 * 1:28896 <-> ENABLED <-> FILE-IDENTIFY eSignal .quo file attachment detected (file-identify.rules)
 * 1:28897 <-> ENABLED <-> FILE-IDENTIFY eSignal .sum file attachment detected (file-identify.rules)
 * 1:28898 <-> ENABLED <-> FILE-IDENTIFY eSignal .ets file attachment detected (file-identify.rules)
 * 1:28899 <-> ENABLED <-> FILE-IDENTIFY eSignal .por file attachment detected (file-identify.rules)
 * 1:28900 <-> ENABLED <-> FILE-IDENTIFY eSignal .sum file attachment detected (file-identify.rules)
 * 1:28901 <-> ENABLED <-> FILE-IDENTIFY eSignal .ets file download request (file-identify.rules)
 * 1:29162 <-> ENABLED <-> FILE-IDENTIFY CIS file download request (file-identify.rules)
 * 1:29274 <-> ENABLED <-> FILE-IDENTIFY XFDL file attachment detected (file-identify.rules)
 * 1:29275 <-> ENABLED <-> FILE-IDENTIFY XFDL file attachment detected (file-identify.rules)
 * 1:29276 <-> ENABLED <-> FILE-IDENTIFY XFDL file download request (file-identify.rules)
 * 1:29384 <-> ENABLED <-> FILE-IDENTIFY Adobe AIR file download request (file-identify.rules)
 * 1:29385 <-> ENABLED <-> FILE-IDENTIFY Adobe AIR file attachment detected (file-identify.rules)
 * 1:29386 <-> ENABLED <-> FILE-IDENTIFY Adobe AIR file attachment detected (file-identify.rules)
 * 1:29405 <-> ENABLED <-> FILE-IDENTIFY Microsoft Internet Shortcut file attachment detected (file-identify.rules)
 * 1:29406 <-> ENABLED <-> FILE-IDENTIFY Microsoft Internet Shortcut file attachment detected (file-identify.rules)
 * 1:29407 <-> ENABLED <-> FILE-IDENTIFY Microsoft Internet Shortcut file download request (file-identify.rules)
 * 1:29439 <-> ENABLED <-> FILE-IDENTIFY MSI file download request (file-identify.rules)
 * 1:29514 <-> ENABLED <-> OS-WINDOWS Microsoft Windows SMB Microsoft Windows Remote Administration Protocol usage attempt (os-windows.rules)
 * 1:29607 <-> ENABLED <-> SERVER-OTHER Novell ZENworks Handheld Management ZfHIPCND.exe buffer overflow attempt (server-other.rules)
 * 1:23696 <-> ENABLED <-> FILE-IDENTIFY VideoLAN VLC file magic detected (file-identify.rules)
 * 1:23697 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel xlw file magic detected (file-identify.rules)
 * 1:23698 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media ASF file magic detected (file-identify.rules)
 * 1:23703 <-> ENABLED <-> FILE-IDENTIFY Microsoft asf file magic detected (file-identify.rules)
 * 1:23707 <-> ENABLED <-> FILE-IDENTIFY Microsoft Compound File Binary v3 file magic detected (file-identify.rules)
 * 1:23709 <-> ENABLED <-> FILE-IDENTIFY Tiff little endian file magic detected (file-identify.rules)
 * 1:23710 <-> ENABLED <-> FILE-IDENTIFY Tiff big endian file magic detected (file-identify.rules)
 * 1:23711 <-> ENABLED <-> FILE-IDENTIFY OLE Document file magic detected (file-identify.rules)
 * 1:23712 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file magic detected (file-identify.rules)
 * 1:23720 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer REC file magic detected (file-identify.rules)
 * 1:23721 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer .r1m file magic detected (file-identify.rules)
 * 1:23723 <-> ENABLED <-> FILE-IDENTIFY M3U file magic detected (file-identify.rules)
 * 1:23724 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file magic detected (file-identify.rules)
 * 1:23727 <-> ENABLED <-> FILE-IDENTIFY Adobe Flash Video file magic detected (file-identify.rules)
 * 1:23728 <-> ENABLED <-> FILE-IDENTIFY matroska file magic detected (file-identify.rules)
 * 1:23729 <-> ENABLED <-> FILE-IDENTIFY PICT file magic detected (file-identify.rules)
 * 1:23732 <-> ENABLED <-> FILE-IDENTIFY Microsoft Media Player .asf file magic detected (file-identify.rules)
 * 1:23735 <-> ENABLED <-> FILE-IDENTIFY MIDI file magic detected (file-identify.rules)
 * 1:23736 <-> ENABLED <-> FILE-IDENTIFY PLS file magic detected (file-identify.rules)
 * 1:23737 <-> ENABLED <-> FILE-IDENTIFY SMIL file magic detected (file-identify.rules)
 * 1:23738 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23739 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23740 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23741 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23742 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23743 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23744 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23745 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23746 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23747 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23748 <-> ENABLED <-> FILE-IDENTIFY TTF file magic detected (file-identify.rules)
 * 1:23749 <-> ENABLED <-> FILE-IDENTIFY SAMI file magic detected (file-identify.rules)
 * 1:23750 <-> ENABLED <-> FILE-IDENTIFY Microsoft Money file magic detected (file-identify.rules)
 * 1:23751 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office PowerPoint file magic detected (file-identify.rules)
 * 1:23752 <-> ENABLED <-> FILE-IDENTIFY cy3 Cytel Studio file magic detected (file-identify.rules)
 * 1:23753 <-> ENABLED <-> FILE-IDENTIFY Visio file magic detected (file-identify.rules)
 * 1:23754 <-> ENABLED <-> FILE-IDENTIFY AVI Video file magic detected (file-identify.rules)
 * 1:23755 <-> ENABLED <-> FILE-IDENTIFY Cisco Webex Player .wrf file magic detected (file-identify.rules)
 * 1:23758 <-> ENABLED <-> FILE-IDENTIFY XML file magic detected (file-identify.rules)
 * 1:23759 <-> ENABLED <-> FILE-IDENTIFY XML file magic detected (file-identify.rules)
 * 1:23760 <-> ENABLED <-> FILE-IDENTIFY WAV file magic detected (file-identify.rules)
 * 1:23761 <-> ENABLED <-> FILE-IDENTIFY AVI file magic detected (file-identify.rules)
 * 1:23762 <-> ENABLED <-> FILE-IDENTIFY PFA file magic detected (file-identify.rules)
 * 1:23763 <-> ENABLED <-> FILE-IDENTIFY HPJ file magic detected (file-identify.rules)
 * 1:23764 <-> ENABLED <-> FILE-IDENTIFY Adobe Download Manager aom file magic detected (file-identify.rules)
 * 1:23765 <-> ENABLED <-> FILE-IDENTIFY Apple Quicktime FLIC file magic detected (file-identify.rules)
 * 1:23766 <-> ENABLED <-> FILE-IDENTIFY EMF file magic detected (file-identify.rules)
 * 1:23774 <-> ENABLED <-> FILE-IDENTIFY NAB file magic detected (file-identify.rules)
 * 1:23807 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file download request (file-identify.rules)
 * 1:23808 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23809 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23810 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file download request (file-identify.rules)
 * 1:23811 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23812 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23813 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file download request (file-identify.rules)
 * 1:23814 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23815 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23816 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file download request (file-identify.rules)
 * 1:23817 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23818 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23819 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file download request (file-identify.rules)
 * 1:23820 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23821 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23822 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file magic detected (file-identify.rules)
 * 1:23823 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file magic detected (file-identify.rules)
 * 1:23839 <-> ENABLED <-> OS-WINDOWS Microsoft Windows SMB RAP API NetServerEnum2 long server name buffer overflow attempt (os-windows.rules)
 * 1:24004 <-> ENABLED <-> FILE-OFFICE Microsoft Office MSCOMCTL ActiveX control tabstrip method access (file-office.rules)
 * 1:24005 <-> ENABLED <-> FILE-OFFICE Microsoft Office MSCOMCTL ActiveX control tabstrip method access (file-office.rules)
 * 1:24074 <-> ENABLED <-> FILE-IDENTIFY MP3 file download request (file-identify.rules)
 * 1:24075 <-> ENABLED <-> FILE-IDENTIFY MP3 file attachment detected (file-identify.rules)
 * 1:24076 <-> ENABLED <-> FILE-IDENTIFY MP3 file attachment detected (file-identify.rules)
 * 1:24078 <-> ENABLED <-> FILE-IDENTIFY RMF file attachment detected (file-identify.rules)
 * 1:24079 <-> ENABLED <-> FILE-IDENTIFY RMF file attachment detected (file-identify.rules)
 * 1:24080 <-> ENABLED <-> FILE-IDENTIFY Microsoft Works file attachment detected (file-identify.rules)
 * 1:24081 <-> ENABLED <-> FILE-IDENTIFY Microsoft Works file attachment detected (file-identify.rules)
 * 1:24089 <-> ENABLED <-> OS-WINDOWS Microsoft WebDAV PROPFIND request (os-windows.rules)
 * 1:24100 <-> ENABLED <-> FILE-IDENTIFY PLF file attachment detected (file-identify.rules)
 * 1:24101 <-> ENABLED <-> FILE-IDENTIFY PLF file attachment detected (file-identify.rules)
 * 1:2419 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer .ram playlist file download request (file-identify.rules)
 * 1:24190 <-> ENABLED <-> FILE-IDENTIFY X PixMap file magic detected (file-identify.rules)
 * 1:2420 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer .rmp playlist file download request (file-identify.rules)
 * 1:24206 <-> ENABLED <-> FILE-IDENTIFY LZH archive file magic detected (file-identify.rules)
 * 1:24213 <-> ENABLED <-> FILE-IDENTIFY MP4 file magic detected (file-identify.rules)
 * 1:24218 <-> ENABLED <-> FILE-IDENTIFY SMIL file magic detected (file-identify.rules)
 * 1:24219 <-> ENABLED <-> FILE-IDENTIFY SMIL file magic detected (file-identify.rules)
 * 1:2422 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer .rt playlist file download request (file-identify.rules)
 * 1:2423 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer .rp playlist file download request (file-identify.rules)
 * 1:24313 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Operations Agent request attempt (server-webapp.rules)
 * 1:2436 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Audio wmf file download request (file-identify.rules)
 * 1:24455 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detected (file-identify.rules)
 * 1:24456 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detected (file-identify.rules)
 * 1:24457 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detected (file-identify.rules)
 * 1:24458 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detected (file-identify.rules)
 * 1:24463 <-> ENABLED <-> FILE-IDENTIFY TIFF file attachment detected (file-identify.rules)
 * 1:24464 <-> ENABLED <-> FILE-IDENTIFY TIFF file attachment detected (file-identify.rules)
 * 1:24465 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows WMF file magic detected (file-identify.rules)
 * 1:24472 <-> ENABLED <-> FILE-IDENTIFY FLV file attachment detected (file-identify.rules)
 * 1:24473 <-> ENABLED <-> FILE-IDENTIFY FLV file attachment detected (file-identify.rules)
 * 1:24483 <-> ENABLED <-> FILE-IDENTIFY Embedded Open Type Font file magic detected (file-identify.rules)
 * 1:24484 <-> ENABLED <-> FILE-IDENTIFY Embedded Open Type Font file magic detected (file-identify.rules)
 * 1:24554 <-> ENABLED <-> FILE-IDENTIFY Apple QuickTime PICT v2.0 Image header (file-identify.rules)
 * 1:24555 <-> ENABLED <-> FILE-IDENTIFY Apple QuickTime PICT v2.0 Image header (file-identify.rules)
 * 1:24599 <-> ENABLED <-> FILE-IDENTIFY Alt-N MDaemon IMAP Server (file-identify.rules)
 * 1:29612 <-> ENABLED <-> FILE-IDENTIFY XPS file attachment detected (file-identify.rules)
 * 1:29613 <-> ENABLED <-> FILE-IDENTIFY XPS file attachment detected (file-identify.rules)
 * 1:29614 <-> ENABLED <-> FILE-IDENTIFY XPS file download request (file-identify.rules)
 * 1:30014 <-> ENABLED <-> FILE-IDENTIFY OS/2 Metafile file magic detected (file-identify.rules)
 * 1:30015 <-> ENABLED <-> FILE-IDENTIFY OS/2 Metafile file attachment detected (file-identify.rules)
 * 1:30016 <-> ENABLED <-> FILE-IDENTIFY OS/2 Metafile file attachment detected (file-identify.rules)
 * 1:30017 <-> ENABLED <-> FILE-IDENTIFY OS/2 Metafile file magic detected (file-identify.rules)
 * 1:30018 <-> ENABLED <-> FILE-IDENTIFY OS/2 Metafile file download request (file-identify.rules)
 * 1:3081 <-> ENABLED <-> MALWARE-BACKDOOR Y3KRAT 1.5 Connect (malware-backdoor.rules)
 * 1:30969 <-> ENABLED <-> EXPLOIT-KIT CritX exploit kit outbound request for Microsoft Internet Explorer landing page (exploit-kit.rules)
 * 1:30972 <-> ENABLED <-> EXPLOIT-KIT CritX exploit kit outbound request for Microsoft Silverlight landing page (exploit-kit.rules)
 * 1:3135 <-> ENABLED <-> NETBIOS SMB Trans2 QUERY_FILE_INFO attempt (netbios.rules)
 * 1:3136 <-> ENABLED <-> NETBIOS SMB Trans2 QUERY_FILE_INFO andx attempt (netbios.rules)
 * 1:3137 <-> ENABLED <-> NETBIOS SMB-DS Trans2 QUERY_FILE_INFO attempt (netbios.rules)
 * 1:3138 <-> ENABLED <-> NETBIOS SMB-DS Trans2 QUERY_FILE_INFO andx attempt (netbios.rules)
 * 1:3139 <-> ENABLED <-> NETBIOS SMB Trans2 FIND_FIRST2 attempt (netbios.rules)
 * 1:3140 <-> ENABLED <-> NETBIOS SMB Trans2 FIND_FIRST2 andx attempt (netbios.rules)
 * 1:3141 <-> ENABLED <-> NETBIOS SMB-DS Trans2 FIND_FIRST2 attempt (netbios.rules)
 * 1:3142 <-> ENABLED <-> NETBIOS SMB-DS Trans2 FIND_FIRST2 andx attempt (netbios.rules)
 * 1:31701 <-> ENABLED <-> EXPLOIT-KIT Hanjuan exploit kit Silverlight exploit request (exploit-kit.rules)
 * 1:31702 <-> ENABLED <-> FILE-IDENTIFY Microsoft Silverlight application file magic detected (file-identify.rules)
 * 1:31703 <-> ENABLED <-> FILE-IDENTIFY Microsoft Silverlight application file magic detected (file-identify.rules)
 * 1:31773 <-> ENABLED <-> FILE-IDENTIFY BitTorrent torrent file attachment detected (file-identify.rules)
 * 1:31774 <-> ENABLED <-> FILE-IDENTIFY BitTorrent torrent file attachment detected (file-identify.rules)
 * 1:31775 <-> ENABLED <-> FILE-IDENTIFY BitTorrent torrent file attachment detected (file-identify.rules)
 * 1:31776 <-> ENABLED <-> FILE-IDENTIFY BitTorrent torrent file attachment detected (file-identify.rules)
 * 1:31831 <-> ENABLED <-> POLICY-OTHER QLogic Switch 5600/5800 default ftp login attempt (policy-other.rules)
 * 1:31871 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detection (file-identify.rules)
 * 1:32005 <-> ENABLED <-> MALWARE-BACKDOOR AlienSpy RAT outbound connection (malware-backdoor.rules)
 * 1:32134 <-> ENABLED <-> FILE-IDENTIFY XBM file attachment detected (file-identify.rules)
 * 1:32135 <-> ENABLED <-> FILE-IDENTIFY XBM file attachment detected (file-identify.rules)
 * 1:32165 <-> ENABLED <-> FILE-IDENTIFY SVG file magic detected (file-identify.rules)
 * 1:32251 <-> ENABLED <-> FILE-IDENTIFY Basic Control Engine file attachment detected (file-identify.rules)
 * 1:32252 <-> ENABLED <-> FILE-IDENTIFY Basic Control Engine file attachment detected (file-identify.rules)
 * 1:32253 <-> ENABLED <-> FILE-IDENTIFY Basic Control Engine file download request (file-identify.rules)
 * 1:32345 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector - initiate connection (server-other.rules)
 * 1:32378 <-> ENABLED <-> FILE-IDENTIFY bmp file attachment detected (file-identify.rules)
 * 1:32380 <-> ENABLED <-> FILE-IDENTIFY dib file attachment detected (file-identify.rules)
 * 1:32525 <-> ENABLED <-> BROWSER-OTHER FreeBSD tnftp client detected (browser-other.rules)
 * 1:32877 <-> ENABLED <-> EXPLOIT-KIT Nuclear exploit kit outbound Adobe Flash exploit request (exploit-kit.rules)
 * 1:32878 <-> ENABLED <-> EXPLOIT-KIT Nuclear exploit kit outbound Adobe Flash exploit request (exploit-kit.rules)
 * 1:32880 <-> ENABLED <-> EXPLOIT-KIT Nuclear exploit kit outbound payload request (exploit-kit.rules)
 * 1:33026 <-> ENABLED <-> FILE-IDENTIFY Publish-iT PUI file attachment detected (file-identify.rules)
 * 1:33027 <-> ENABLED <-> FILE-IDENTIFY Publish-iT PUI file attachment detected (file-identify.rules)
 * 1:33028 <-> ENABLED <-> FILE-IDENTIFY Publish-iT PUI file download request (file-identify.rules)
 * 1:33221 <-> ENABLED <-> MALWARE-CNC Win.Trojan.HawkEye Keylogger exfiltration attempt - clipboard and screenshot (malware-cnc.rules)
 * 1:35432 <-> ENABLED <-> FILE-IDENTIFY M4A file magic detected (file-identify.rules)
 * 1:35433 <-> ENABLED <-> FILE-IDENTIFY M4A file magic detected (file-identify.rules)
 * 1:35455 <-> ENABLED <-> FILE-IDENTIFY Adobe LZMA compressed Flash file magic detected (file-identify.rules)
 * 1:35456 <-> ENABLED <-> FILE-IDENTIFY Adobe LZMA compressed Flash file attachment detected (file-identify.rules)
 * 1:35457 <-> ENABLED <-> FILE-IDENTIFY Adobe LZMA compressed Flash file attachment detected (file-identify.rules)
 * 1:35458 <-> ENABLED <-> FILE-IDENTIFY Adobe LZMA compressed Flash file magic detected (file-identify.rules)
 * 1:35459 <-> ENABLED <-> FILE-IDENTIFY Adobe LZMA compressed Flash file download request (file-identify.rules)
 * 1:3551 <-> ENABLED <-> FILE-IDENTIFY HTA file download request (file-identify.rules)
 * 1:35688 <-> ENABLED <-> PROTOCOL-OTHER MiniUPNP rootdesc.xml file request (protocol-other.rules)
 * 1:35852 <-> ENABLED <-> FILE-IDENTIFY JPEG file upload detected (file-identify.rules)
 * 1:36058 <-> ENABLED <-> FILE-IDENTIFY OLE Document upload detected (file-identify.rules)
 * 1:36531 <-> ENABLED <-> FILE-IDENTIFY Oracle Java JMX management loading mlet detected (file-identify.rules)
 * 1:36711 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows .NET Application file attachment detected (file-identify.rules)
 * 1:36748 <-> ENABLED <-> FILE-IDENTIFY TTF file attachment detected (file-identify.rules)
 * 1:36826 <-> ENABLED <-> SERVER-OTHER Java Library CommonsCollection unauthorized serialized object attempt (server-other.rules)
 * 1:37546 <-> ENABLED <-> SERVER-OTHER Veritas NetBackup Volume Manager connection attempt (server-other.rules)
 * 1:37784 <-> ENABLED <-> FILE-IDENTIFY Adobe Texture Format file magic detected (file-identify.rules)
 * 1:37785 <-> ENABLED <-> FILE-IDENTIFY Adobe Texture Format file attachment detected (file-identify.rules)
 * 1:37786 <-> ENABLED <-> FILE-IDENTIFY Adobe Texture Format file attachment detected (file-identify.rules)
 * 1:37787 <-> ENABLED <-> FILE-IDENTIFY Adobe Texture Format file magic detected (file-identify.rules)
 * 1:37788 <-> ENABLED <-> FILE-IDENTIFY Adobe Texture Format file download request (file-identify.rules)
 * 1:38461 <-> ENABLED <-> OS-WINDOWS DCERPC Bind auth level packet privacy connection detected (os-windows.rules)
 * 1:38862 <-> ENABLED <-> FILE-IDENTIFY Hancom Hangul Office Document file download request (file-identify.rules)
 * 1:38863 <-> ENABLED <-> FILE-IDENTIFY Hancom Hangul Office Document file attachment detected (file-identify.rules)
 * 1:38864 <-> ENABLED <-> FILE-IDENTIFY Hancom Hangul Office Document file attachment detected (file-identify.rules)
 * 1:38865 <-> ENABLED <-> FILE-IDENTIFY Hancom Hangul Office Document file magic detected (file-identify.rules)
 * 1:38866 <-> ENABLED <-> FILE-IDENTIFY Hancom Hangul Office Document file magic detected (file-identify.rules)
 * 1:40017 <-> ENABLED <-> FILE-IDENTIFY Hierarchal Data Format file download request (file-identify.rules)
 * 1:40018 <-> ENABLED <-> FILE-IDENTIFY Hierarchal Data Format file attachment detected (file-identify.rules)
 * 1:40019 <-> ENABLED <-> FILE-IDENTIFY Hierarchal Data Format file attachment detected (file-identify.rules)
 * 1:40020 <-> ENABLED <-> FILE-IDENTIFY Hierarchal Data Format file magic detected (file-identify.rules)
 * 1:40021 <-> ENABLED <-> FILE-IDENTIFY Hierarchal Data Format file magic detected (file-identify.rules)
 * 1:40035 <-> ENABLED <-> FILE-IDENTIFY XLSB file magic detected (file-identify.rules)
 * 1:40036 <-> ENABLED <-> FILE-IDENTIFY XLSB file magic detected (file-identify.rules)
 * 1:40118 <-> ENABLED <-> FILE-IDENTIFY Microsoft Excel XLSB file download request (file-identify.rules)
 * 1:40119 <-> ENABLED <-> FILE-IDENTIFY Microsoft Excel XLSB file attachment detected (file-identify.rules)
 * 1:40120 <-> ENABLED <-> FILE-IDENTIFY Microsoft Excel XLSB file attachment detected (file-identify.rules)
 * 1:40235 <-> ENABLED <-> MALWARE-CNC Installation Keylogger Osx.Trojan.Mokes ping request (malware-cnc.rules)
 * 1:40519 <-> ENABLED <-> MALWARE-CNC Unix.Trojan.Mirai variant post compromise download (malware-cnc.rules)
 * 1:40520 <-> ENABLED <-> MALWARE-CNC Unix.Trojan.Mirai variant post compromise download (malware-cnc.rules)
 * 1:40521 <-> ENABLED <-> MALWARE-CNC Unix.Trojan.Mirai variant post compromise download (malware-cnc.rules)
 * 1:40979 <-> ENABLED <-> FILE-IDENTIFY ico file download request (file-identify.rules)
 * 1:40980 <-> ENABLED <-> FILE-IDENTIFY ico file attachment detected (file-identify.rules)
 * 1:40981 <-> ENABLED <-> FILE-IDENTIFY ico file attachment detected (file-identify.rules)
 * 1:4143 <-> ENABLED <-> SERVER-OTHER lpd receive printer job cascade adaptor protocol request (server-other.rules)
 * 1:42332 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Doublepulsar variant ping command (malware-cnc.rules)
 * 1:42363 <-> ENABLED <-> FILE-IDENTIFY bzip2 compressed file detected (file-identify.rules)
 * 1:42364 <-> ENABLED <-> FILE-IDENTIFY bzip2 compressed file detected (file-identify.rules)
 * 1:42365 <-> ENABLED <-> FILE-IDENTIFY bzip2 compressed file detected (file-identify.rules)
 * 1:42366 <-> ENABLED <-> FILE-IDENTIFY XZ compressed file detected (file-identify.rules)
 * 1:42367 <-> ENABLED <-> FILE-IDENTIFY XZ compressed file detected (file-identify.rules)
 * 1:42368 <-> ENABLED <-> FILE-IDENTIFY XZ compressed file detected (file-identify.rules)
 * 1:42369 <-> ENABLED <-> FILE-IDENTIFY gzip compressed file detected (file-identify.rules)
 * 1:42370 <-> ENABLED <-> FILE-IDENTIFY gzip compressed file detected (file-identify.rules)
 * 1:42371 <-> ENABLED <-> FILE-IDENTIFY gzip compressed file detected (file-identify.rules)
 * 1:43002 <-> ENABLED <-> PROTOCOL-OTHER NETBIOS SMB IPC share access attempt (protocol-other.rules)
 * 1:43003 <-> ENABLED <-> PROTOCOL-OTHER NETBIOS SMB IPC share access attempt (protocol-other.rules)
 * 1:43363 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Audio wmf file magic detected (file-identify.rules)
 * 1:43364 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Audio wmf file magic detected (file-identify.rules)
 * 1:43891 <-> ENABLED <-> MALWARE-OTHER Win.Malware.Emotet variant lateral propagation (malware-other.rules)
 * 1:44030 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office PowerPoint ppt file attachment detected file attachment detected (file-identify.rules)
 * 1:44231 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word doc file attachment detected (file-identify.rules)
 * 1:44275 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file attachment detected (file-identify.rules)
 * 1:44388 <-> ENABLED <-> SERVER-WEBAPP D-Link getcfg.php credential disclosure attempt (server-webapp.rules)
 * 1:6010 <-> ENABLED <-> SERVER-OTHER VERITAS NetBackup vnetd connection attempt (server-other.rules)
 * 1:6404 <-> ENABLED <-> SERVER-OTHER Veritas NetBackup Volume Manager connection attempt (server-other.rules)
 * 1:6469 <-> ENABLED <-> SERVER-OTHER RealVNC connection attempt (server-other.rules)
 * 1:7111 <-> ENABLED <-> MALWARE-BACKDOOR fearless lite 1.01 runtime detection (malware-backdoor.rules)
 * 1:8355 <-> ENABLED <-> MALWARE-OTHER Keylogger spybuddy 3.72 runtime detection (malware-other.rules)
 * 1:9845 <-> ENABLED <-> FILE-IDENTIFY M3U file magic detected (file-identify.rules)

2017-10-24 15:02:46 UTC

Snort Subscriber Rules Update

Date: 2017-10-24

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2990.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:44643 <-> DISABLED <-> SERVER-OTHER Mikrotik RouterOS denial of service attempt (server-other.rules)
 * 1:44636 <-> DISABLED <-> BROWSER-IE Microsoft Edge sandbox escape attempt (browser-ie.rules)
 * 1:44639 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Quimonk variant outbound connection detected (malware-cnc.rules)
 * 1:44638 <-> DISABLED <-> PROTOCOL-RPC Linux kernel nfsd nfsd4_layout_verify out of bounds read attempt (protocol-rpc.rules)
 * 1:44633 <-> DISABLED <-> SERVER-OTHER Colorado FTP Server directory traversal attempt (server-other.rules)
 * 1:44640 <-> DISABLED <-> POLICY-OTHER WPA2 key reuse tool attempt (policy-other.rules)
 * 1:44642 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center getSelInsBean Java expression language injection attempt (server-webapp.rules)
 * 1:44637 <-> DISABLED <-> PROTOCOL-RPC Linux kernel nfsd nfsd4_layout_verify out of bounds read attempt (protocol-rpc.rules)
 * 1:44635 <-> DISABLED <-> BROWSER-IE Microsoft Edge sandbox escape attempt (browser-ie.rules)
 * 1:44641 <-> DISABLED <-> POLICY-OTHER SERVER-WEBAPP Symantec Endpoint Protection Manager authentication lock bypass attempt (policy-other.rules)
 * 1:44634 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack command injection attempt (server-other.rules)

Modified Rules:


 * 1:9845 <-> ENABLED <-> FILE-IDENTIFY M3U file magic detected (file-identify.rules)
 * 1:8355 <-> ENABLED <-> MALWARE-OTHER Keylogger spybuddy 3.72 runtime detection (malware-other.rules)
 * 1:7111 <-> ENABLED <-> MALWARE-BACKDOOR fearless lite 1.01 runtime detection (malware-backdoor.rules)
 * 1:6469 <-> ENABLED <-> SERVER-OTHER RealVNC connection attempt (server-other.rules)
 * 1:6404 <-> ENABLED <-> SERVER-OTHER Veritas NetBackup Volume Manager connection attempt (server-other.rules)
 * 1:6010 <-> ENABLED <-> SERVER-OTHER VERITAS NetBackup vnetd connection attempt (server-other.rules)
 * 1:44388 <-> ENABLED <-> SERVER-WEBAPP D-Link getcfg.php credential disclosure attempt (server-webapp.rules)
 * 1:44275 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file attachment detected (file-identify.rules)
 * 1:44231 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word doc file attachment detected (file-identify.rules)
 * 1:44030 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office PowerPoint ppt file attachment detected file attachment detected (file-identify.rules)
 * 1:43891 <-> ENABLED <-> MALWARE-OTHER Win.Malware.Emotet variant lateral propagation (malware-other.rules)
 * 1:43364 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Audio wmf file magic detected (file-identify.rules)
 * 1:43363 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Audio wmf file magic detected (file-identify.rules)
 * 1:43003 <-> ENABLED <-> PROTOCOL-OTHER NETBIOS SMB IPC share access attempt (protocol-other.rules)
 * 1:43002 <-> ENABLED <-> PROTOCOL-OTHER NETBIOS SMB IPC share access attempt (protocol-other.rules)
 * 1:42371 <-> ENABLED <-> FILE-IDENTIFY gzip compressed file detected (file-identify.rules)
 * 1:42370 <-> ENABLED <-> FILE-IDENTIFY gzip compressed file detected (file-identify.rules)
 * 1:42369 <-> ENABLED <-> FILE-IDENTIFY gzip compressed file detected (file-identify.rules)
 * 1:42368 <-> ENABLED <-> FILE-IDENTIFY XZ compressed file detected (file-identify.rules)
 * 1:42367 <-> ENABLED <-> FILE-IDENTIFY XZ compressed file detected (file-identify.rules)
 * 1:42366 <-> ENABLED <-> FILE-IDENTIFY XZ compressed file detected (file-identify.rules)
 * 1:42365 <-> ENABLED <-> FILE-IDENTIFY bzip2 compressed file detected (file-identify.rules)
 * 1:42364 <-> ENABLED <-> FILE-IDENTIFY bzip2 compressed file detected (file-identify.rules)
 * 1:42363 <-> ENABLED <-> FILE-IDENTIFY bzip2 compressed file detected (file-identify.rules)
 * 1:42332 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Doublepulsar variant ping command (malware-cnc.rules)
 * 1:4143 <-> ENABLED <-> SERVER-OTHER lpd receive printer job cascade adaptor protocol request (server-other.rules)
 * 1:40981 <-> ENABLED <-> FILE-IDENTIFY ico file attachment detected (file-identify.rules)
 * 1:40980 <-> ENABLED <-> FILE-IDENTIFY ico file attachment detected (file-identify.rules)
 * 1:40979 <-> ENABLED <-> FILE-IDENTIFY ico file download request (file-identify.rules)
 * 1:40521 <-> ENABLED <-> MALWARE-CNC Unix.Trojan.Mirai variant post compromise download (malware-cnc.rules)
 * 1:40520 <-> ENABLED <-> MALWARE-CNC Unix.Trojan.Mirai variant post compromise download (malware-cnc.rules)
 * 1:40519 <-> ENABLED <-> MALWARE-CNC Unix.Trojan.Mirai variant post compromise download (malware-cnc.rules)
 * 1:40235 <-> ENABLED <-> MALWARE-CNC Installation Keylogger Osx.Trojan.Mokes ping request (malware-cnc.rules)
 * 1:40120 <-> ENABLED <-> FILE-IDENTIFY Microsoft Excel XLSB file attachment detected (file-identify.rules)
 * 1:40119 <-> ENABLED <-> FILE-IDENTIFY Microsoft Excel XLSB file attachment detected (file-identify.rules)
 * 1:40118 <-> ENABLED <-> FILE-IDENTIFY Microsoft Excel XLSB file download request (file-identify.rules)
 * 1:40036 <-> ENABLED <-> FILE-IDENTIFY XLSB file magic detected (file-identify.rules)
 * 1:40035 <-> ENABLED <-> FILE-IDENTIFY XLSB file magic detected (file-identify.rules)
 * 1:40021 <-> ENABLED <-> FILE-IDENTIFY Hierarchal Data Format file magic detected (file-identify.rules)
 * 1:40020 <-> ENABLED <-> FILE-IDENTIFY Hierarchal Data Format file magic detected (file-identify.rules)
 * 1:40019 <-> ENABLED <-> FILE-IDENTIFY Hierarchal Data Format file attachment detected (file-identify.rules)
 * 1:40018 <-> ENABLED <-> FILE-IDENTIFY Hierarchal Data Format file attachment detected (file-identify.rules)
 * 1:40017 <-> ENABLED <-> FILE-IDENTIFY Hierarchal Data Format file download request (file-identify.rules)
 * 1:38866 <-> ENABLED <-> FILE-IDENTIFY Hancom Hangul Office Document file magic detected (file-identify.rules)
 * 1:38865 <-> ENABLED <-> FILE-IDENTIFY Hancom Hangul Office Document file magic detected (file-identify.rules)
 * 1:38864 <-> ENABLED <-> FILE-IDENTIFY Hancom Hangul Office Document file attachment detected (file-identify.rules)
 * 1:38863 <-> ENABLED <-> FILE-IDENTIFY Hancom Hangul Office Document file attachment detected (file-identify.rules)
 * 1:38862 <-> ENABLED <-> FILE-IDENTIFY Hancom Hangul Office Document file download request (file-identify.rules)
 * 1:38461 <-> ENABLED <-> OS-WINDOWS DCERPC Bind auth level packet privacy connection detected (os-windows.rules)
 * 1:37788 <-> ENABLED <-> FILE-IDENTIFY Adobe Texture Format file download request (file-identify.rules)
 * 1:37787 <-> ENABLED <-> FILE-IDENTIFY Adobe Texture Format file magic detected (file-identify.rules)
 * 1:37786 <-> ENABLED <-> FILE-IDENTIFY Adobe Texture Format file attachment detected (file-identify.rules)
 * 1:37785 <-> ENABLED <-> FILE-IDENTIFY Adobe Texture Format file attachment detected (file-identify.rules)
 * 1:37784 <-> ENABLED <-> FILE-IDENTIFY Adobe Texture Format file magic detected (file-identify.rules)
 * 1:37546 <-> ENABLED <-> SERVER-OTHER Veritas NetBackup Volume Manager connection attempt (server-other.rules)
 * 1:36826 <-> ENABLED <-> SERVER-OTHER Java Library CommonsCollection unauthorized serialized object attempt (server-other.rules)
 * 1:36748 <-> ENABLED <-> FILE-IDENTIFY TTF file attachment detected (file-identify.rules)
 * 1:36711 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows .NET Application file attachment detected (file-identify.rules)
 * 1:36531 <-> ENABLED <-> FILE-IDENTIFY Oracle Java JMX management loading mlet detected (file-identify.rules)
 * 1:36058 <-> ENABLED <-> FILE-IDENTIFY OLE Document upload detected (file-identify.rules)
 * 1:35852 <-> ENABLED <-> FILE-IDENTIFY JPEG file upload detected (file-identify.rules)
 * 1:35688 <-> ENABLED <-> PROTOCOL-OTHER MiniUPNP rootdesc.xml file request (protocol-other.rules)
 * 1:3551 <-> ENABLED <-> FILE-IDENTIFY HTA file download request (file-identify.rules)
 * 1:35459 <-> ENABLED <-> FILE-IDENTIFY Adobe LZMA compressed Flash file download request (file-identify.rules)
 * 1:35458 <-> ENABLED <-> FILE-IDENTIFY Adobe LZMA compressed Flash file magic detected (file-identify.rules)
 * 1:35457 <-> ENABLED <-> FILE-IDENTIFY Adobe LZMA compressed Flash file attachment detected (file-identify.rules)
 * 1:35456 <-> ENABLED <-> FILE-IDENTIFY Adobe LZMA compressed Flash file attachment detected (file-identify.rules)
 * 1:35455 <-> ENABLED <-> FILE-IDENTIFY Adobe LZMA compressed Flash file magic detected (file-identify.rules)
 * 1:35433 <-> ENABLED <-> FILE-IDENTIFY M4A file magic detected (file-identify.rules)
 * 1:35432 <-> ENABLED <-> FILE-IDENTIFY M4A file magic detected (file-identify.rules)
 * 1:33221 <-> ENABLED <-> MALWARE-CNC Win.Trojan.HawkEye Keylogger exfiltration attempt - clipboard and screenshot (malware-cnc.rules)
 * 1:33028 <-> ENABLED <-> FILE-IDENTIFY Publish-iT PUI file download request (file-identify.rules)
 * 1:33027 <-> ENABLED <-> FILE-IDENTIFY Publish-iT PUI file attachment detected (file-identify.rules)
 * 1:33026 <-> ENABLED <-> FILE-IDENTIFY Publish-iT PUI file attachment detected (file-identify.rules)
 * 1:32880 <-> ENABLED <-> EXPLOIT-KIT Nuclear exploit kit outbound payload request (exploit-kit.rules)
 * 1:32878 <-> ENABLED <-> EXPLOIT-KIT Nuclear exploit kit outbound Adobe Flash exploit request (exploit-kit.rules)
 * 1:32877 <-> ENABLED <-> EXPLOIT-KIT Nuclear exploit kit outbound Adobe Flash exploit request (exploit-kit.rules)
 * 1:32525 <-> ENABLED <-> BROWSER-OTHER FreeBSD tnftp client detected (browser-other.rules)
 * 1:32380 <-> ENABLED <-> FILE-IDENTIFY dib file attachment detected (file-identify.rules)
 * 1:32378 <-> ENABLED <-> FILE-IDENTIFY bmp file attachment detected (file-identify.rules)
 * 1:32345 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector - initiate connection (server-other.rules)
 * 1:32253 <-> ENABLED <-> FILE-IDENTIFY Basic Control Engine file download request (file-identify.rules)
 * 1:32252 <-> ENABLED <-> FILE-IDENTIFY Basic Control Engine file attachment detected (file-identify.rules)
 * 1:32251 <-> ENABLED <-> FILE-IDENTIFY Basic Control Engine file attachment detected (file-identify.rules)
 * 1:32165 <-> ENABLED <-> FILE-IDENTIFY SVG file magic detected (file-identify.rules)
 * 1:32135 <-> ENABLED <-> FILE-IDENTIFY XBM file attachment detected (file-identify.rules)
 * 1:32134 <-> ENABLED <-> FILE-IDENTIFY XBM file attachment detected (file-identify.rules)
 * 1:32005 <-> ENABLED <-> MALWARE-BACKDOOR AlienSpy RAT outbound connection (malware-backdoor.rules)
 * 1:31871 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detection (file-identify.rules)
 * 1:31831 <-> ENABLED <-> POLICY-OTHER QLogic Switch 5600/5800 default ftp login attempt (policy-other.rules)
 * 1:31776 <-> ENABLED <-> FILE-IDENTIFY BitTorrent torrent file attachment detected (file-identify.rules)
 * 1:31775 <-> ENABLED <-> FILE-IDENTIFY BitTorrent torrent file attachment detected (file-identify.rules)
 * 1:31774 <-> ENABLED <-> FILE-IDENTIFY BitTorrent torrent file attachment detected (file-identify.rules)
 * 1:31773 <-> ENABLED <-> FILE-IDENTIFY BitTorrent torrent file attachment detected (file-identify.rules)
 * 1:31703 <-> ENABLED <-> FILE-IDENTIFY Microsoft Silverlight application file magic detected (file-identify.rules)
 * 1:31702 <-> ENABLED <-> FILE-IDENTIFY Microsoft Silverlight application file magic detected (file-identify.rules)
 * 1:31701 <-> ENABLED <-> EXPLOIT-KIT Hanjuan exploit kit Silverlight exploit request (exploit-kit.rules)
 * 1:3142 <-> ENABLED <-> NETBIOS SMB-DS Trans2 FIND_FIRST2 andx attempt (netbios.rules)
 * 1:3141 <-> ENABLED <-> NETBIOS SMB-DS Trans2 FIND_FIRST2 attempt (netbios.rules)
 * 1:3140 <-> ENABLED <-> NETBIOS SMB Trans2 FIND_FIRST2 andx attempt (netbios.rules)
 * 1:3139 <-> ENABLED <-> NETBIOS SMB Trans2 FIND_FIRST2 attempt (netbios.rules)
 * 1:3138 <-> ENABLED <-> NETBIOS SMB-DS Trans2 QUERY_FILE_INFO andx attempt (netbios.rules)
 * 1:3137 <-> ENABLED <-> NETBIOS SMB-DS Trans2 QUERY_FILE_INFO attempt (netbios.rules)
 * 1:3136 <-> ENABLED <-> NETBIOS SMB Trans2 QUERY_FILE_INFO andx attempt (netbios.rules)
 * 1:3135 <-> ENABLED <-> NETBIOS SMB Trans2 QUERY_FILE_INFO attempt (netbios.rules)
 * 1:30972 <-> ENABLED <-> EXPLOIT-KIT CritX exploit kit outbound request for Microsoft Silverlight landing page (exploit-kit.rules)
 * 1:30969 <-> ENABLED <-> EXPLOIT-KIT CritX exploit kit outbound request for Microsoft Internet Explorer landing page (exploit-kit.rules)
 * 1:3081 <-> ENABLED <-> MALWARE-BACKDOOR Y3KRAT 1.5 Connect (malware-backdoor.rules)
 * 1:30018 <-> ENABLED <-> FILE-IDENTIFY OS/2 Metafile file download request (file-identify.rules)
 * 1:30017 <-> ENABLED <-> FILE-IDENTIFY OS/2 Metafile file magic detected (file-identify.rules)
 * 1:30016 <-> ENABLED <-> FILE-IDENTIFY OS/2 Metafile file attachment detected (file-identify.rules)
 * 1:30015 <-> ENABLED <-> FILE-IDENTIFY OS/2 Metafile file attachment detected (file-identify.rules)
 * 1:30014 <-> ENABLED <-> FILE-IDENTIFY OS/2 Metafile file magic detected (file-identify.rules)
 * 1:29614 <-> ENABLED <-> FILE-IDENTIFY XPS file download request (file-identify.rules)
 * 1:29613 <-> ENABLED <-> FILE-IDENTIFY XPS file attachment detected (file-identify.rules)
 * 1:29612 <-> ENABLED <-> FILE-IDENTIFY XPS file attachment detected (file-identify.rules)
 * 1:29607 <-> ENABLED <-> SERVER-OTHER Novell ZENworks Handheld Management ZfHIPCND.exe buffer overflow attempt (server-other.rules)
 * 1:29514 <-> ENABLED <-> OS-WINDOWS Microsoft Windows SMB Microsoft Windows Remote Administration Protocol usage attempt (os-windows.rules)
 * 1:29439 <-> ENABLED <-> FILE-IDENTIFY MSI file download request (file-identify.rules)
 * 1:29407 <-> ENABLED <-> FILE-IDENTIFY Microsoft Internet Shortcut file download request (file-identify.rules)
 * 1:29406 <-> ENABLED <-> FILE-IDENTIFY Microsoft Internet Shortcut file attachment detected (file-identify.rules)
 * 1:29405 <-> ENABLED <-> FILE-IDENTIFY Microsoft Internet Shortcut file attachment detected (file-identify.rules)
 * 1:29386 <-> ENABLED <-> FILE-IDENTIFY Adobe AIR file attachment detected (file-identify.rules)
 * 1:29385 <-> ENABLED <-> FILE-IDENTIFY Adobe AIR file attachment detected (file-identify.rules)
 * 1:29384 <-> ENABLED <-> FILE-IDENTIFY Adobe AIR file download request (file-identify.rules)
 * 1:29276 <-> ENABLED <-> FILE-IDENTIFY XFDL file download request (file-identify.rules)
 * 1:29275 <-> ENABLED <-> FILE-IDENTIFY XFDL file attachment detected (file-identify.rules)
 * 1:29274 <-> ENABLED <-> FILE-IDENTIFY XFDL file attachment detected (file-identify.rules)
 * 1:29162 <-> ENABLED <-> FILE-IDENTIFY CIS file download request (file-identify.rules)
 * 1:28901 <-> ENABLED <-> FILE-IDENTIFY eSignal .ets file download request (file-identify.rules)
 * 1:28900 <-> ENABLED <-> FILE-IDENTIFY eSignal .sum file attachment detected (file-identify.rules)
 * 1:28899 <-> ENABLED <-> FILE-IDENTIFY eSignal .por file attachment detected (file-identify.rules)
 * 1:28898 <-> ENABLED <-> FILE-IDENTIFY eSignal .ets file attachment detected (file-identify.rules)
 * 1:28897 <-> ENABLED <-> FILE-IDENTIFY eSignal .sum file attachment detected (file-identify.rules)
 * 1:28896 <-> ENABLED <-> FILE-IDENTIFY eSignal .quo file attachment detected (file-identify.rules)
 * 1:28895 <-> ENABLED <-> FILE-IDENTIFY eSignal .por file attachment detected (file-identify.rules)
 * 1:28894 <-> ENABLED <-> FILE-IDENTIFY eSignal .ets file attachment detected (file-identify.rules)
 * 1:28610 <-> ENABLED <-> EXPLOIT-KIT Sakura exploit kit exploit payload retreive attempt (exploit-kit.rules)
 * 1:28574 <-> ENABLED <-> FILE-IDENTIFY FDF file download request (file-identify.rules)
 * 1:28573 <-> ENABLED <-> FILE-IDENTIFY FDF file magic detected (file-identify.rules)
 * 1:28572 <-> ENABLED <-> FILE-IDENTIFY FDF file attachment detected (file-identify.rules)
 * 1:28571 <-> ENABLED <-> FILE-IDENTIFY FDF file attachment detected (file-identify.rules)
 * 1:28570 <-> ENABLED <-> FILE-IDENTIFY FDF file magic detected (file-identify.rules)
 * 1:28497 <-> ENABLED <-> FILE-IDENTIFY WordPerfect file magic detected (file-identify.rules)
 * 1:28425 <-> ENABLED <-> OS-WINDOWS Microsoft Windows SMB Microsoft Windows Remote Administration Protocol usage attempt (os-windows.rules)
 * 1:28370 <-> ENABLED <-> FILE-IDENTIFY CIS file attachment detected (file-identify.rules)
 * 1:28369 <-> ENABLED <-> FILE-IDENTIFY CIS file attachment detected (file-identify.rules)
 * 1:28368 <-> ENABLED <-> FILE-IDENTIFY CIS file magic detected (file-identify.rules)
 * 1:28367 <-> ENABLED <-> FILE-IDENTIFY CIS file magic detected (file-identify.rules)
 * 1:27741 <-> ENABLED <-> EXPLOIT-KIT Zip file downloaded by Java (exploit-kit.rules)
 * 1:27543 <-> ENABLED <-> FILE-IDENTIFY Python bytecode file magic detected (file-identify.rules)
 * 1:27542 <-> ENABLED <-> FILE-IDENTIFY Python bytecode file magic detected (file-identify.rules)
 * 1:27121 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector - initiate connection (server-other.rules)
 * 1:26494 <-> ENABLED <-> FILE-IDENTIFY KingView KingMessage log file attachment detected (file-identify.rules)
 * 1:26493 <-> ENABLED <-> FILE-IDENTIFY KingView KingMessage log file attachment detected (file-identify.rules)
 * 1:26492 <-> ENABLED <-> FILE-IDENTIFY KingView KingMessage log file download request (file-identify.rules)
 * 1:26466 <-> ENABLED <-> FILE-IDENTIFY XUL file attachment detected (file-identify.rules)
 * 1:26465 <-> ENABLED <-> FILE-IDENTIFY XUL file attachment detected (file-identify.rules)
 * 1:26458 <-> ENABLED <-> FILE-IDENTIFY Stream redirector file download request (file-identify.rules)
 * 1:26457 <-> ENABLED <-> FILE-IDENTIFY Stream redirector file attachment detected (file-identify.rules)
 * 1:26456 <-> ENABLED <-> FILE-IDENTIFY Stream redirector file attachment detected (file-identify.rules)
 * 1:26429 <-> ENABLED <-> FILE-FLASH Adobe Flash Player RTMP malformed onStatus message type confusion attempt (file-flash.rules)
 * 1:26251 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detected (file-identify.rules)
 * 1:26085 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file attachment detected (file-identify.rules)
 * 1:26084 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file attachment detected (file-identify.rules)
 * 1:26083 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file download request (file-identify.rules)
 * 1:26065 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word docm file attachment detected (file-identify.rules)
 * 1:26064 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word docm file attachment detected (file-identify.rules)
 * 1:26063 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word docm file download request (file-identify.rules)
 * 1:26058 <-> ENABLED <-> FILE-IDENTIFY ZIP file attachment detected (file-identify.rules)
 * 1:26057 <-> ENABLED <-> FILE-IDENTIFY ZIP file download detected (file-identify.rules)
 * 1:24709 <-> ENABLED <-> FILE-IDENTIFY Netop Remote Control file attachment detected (file-identify.rules)
 * 1:24484 <-> ENABLED <-> FILE-IDENTIFY Embedded Open Type Font file magic detected (file-identify.rules)
 * 1:25602 <-> ENABLED <-> SERVER-OTHER Sybase Open Server TDS login request (server-other.rules)
 * 1:25515 <-> ENABLED <-> FILE-IDENTIFY Portable Executable binary file magic detected (file-identify.rules)
 * 1:25513 <-> ENABLED <-> FILE-IDENTIFY Portable Executable download detected (file-identify.rules)
 * 1:25514 <-> ENABLED <-> FILE-IDENTIFY Portable Executable download detected (file-identify.rules)
 * 1:25308 <-> ENABLED <-> FILE-IDENTIFY Adobe Audition Session file attachment detected (file-identify.rules)
 * 1:25307 <-> ENABLED <-> FILE-IDENTIFY Adobe Audition Session file attachment detected (file-identify.rules)
 * 1:25306 <-> ENABLED <-> FILE-IDENTIFY Adobe Audition Session file download request (file-identify.rules)
 * 1:25305 <-> ENABLED <-> FILE-IDENTIFY Adobe Audition Session file magic detected (file-identify.rules)
 * 1:25041 <-> ENABLED <-> EXPLOIT-KIT Java User-Agent flowbit set (exploit-kit.rules)
 * 1:25034 <-> ENABLED <-> FILE-IDENTIFY Microsoft Silverlight application file attachment detected (file-identify.rules)
 * 1:25033 <-> ENABLED <-> FILE-IDENTIFY Microsoft Silverlight application file attachment detected (file-identify.rules)
 * 1:25032 <-> ENABLED <-> FILE-IDENTIFY Microsoft Silverlight application file download request (file-identify.rules)
 * 1:24903 <-> ENABLED <-> FILE-IDENTIFY JNLP file attachment detected (file-identify.rules)
 * 1:24902 <-> ENABLED <-> FILE-IDENTIFY JNLP file attachment detected (file-identify.rules)
 * 1:24901 <-> ENABLED <-> FILE-IDENTIFY JNLP file download request (file-identify.rules)
 * 1:24826 <-> ENABLED <-> FILE-IDENTIFY RealPlayer skin file attachment detected (file-identify.rules)
 * 1:24555 <-> ENABLED <-> FILE-IDENTIFY Apple QuickTime PICT v2.0 Image header (file-identify.rules)
 * 1:24554 <-> ENABLED <-> FILE-IDENTIFY Apple QuickTime PICT v2.0 Image header (file-identify.rules)
 * 1:24599 <-> ENABLED <-> FILE-IDENTIFY Alt-N MDaemon IMAP Server (file-identify.rules)
 * 1:24825 <-> ENABLED <-> FILE-IDENTIFY RealPlayer skin file attachment detected (file-identify.rules)
 * 1:24710 <-> ENABLED <-> FILE-IDENTIFY Netop Remote Control file attachment detected (file-identify.rules)
 * 1:24708 <-> ENABLED <-> FILE-IDENTIFY Netop Remote Control file download request (file-identify.rules)
 * 1:24821 <-> ENABLED <-> FILE-IDENTIFY Computer Graphics Metafile file attachment detected (file-identify.rules)
 * 1:24719 <-> ENABLED <-> PROTOCOL-VOIP Digium Asterisk SCCP call state message offhook (protocol-voip.rules)
 * 1:24822 <-> ENABLED <-> FILE-IDENTIFY Computer Graphics Metafile file attachment detected (file-identify.rules)
 * 1:24816 <-> ENABLED <-> FILE-IDENTIFY MP4 file magic detected (file-identify.rules)
 * 1:24817 <-> ENABLED <-> FILE-IDENTIFY MP4 file magic detected (file-identify.rules)
 * 1:24824 <-> ENABLED <-> FILE-IDENTIFY RealPlayer skin file download request (file-identify.rules)
 * 1:24483 <-> ENABLED <-> FILE-IDENTIFY Embedded Open Type Font file magic detected (file-identify.rules)
 * 1:24818 <-> ENABLED <-> FILE-IDENTIFY M4V file magic detected (file-identify.rules)
 * 1:24820 <-> ENABLED <-> FILE-IDENTIFY Computer Graphics Metafile file download request (file-identify.rules)
 * 1:24819 <-> ENABLED <-> FILE-IDENTIFY M4V file magic detected (file-identify.rules)
 * 1:11004 <-> ENABLED <-> PROTOCOL-IMAP CRAM-MD5 authentication request detected (protocol-imap.rules)
 * 1:11835 <-> ENABLED <-> FILE-IDENTIFY Visio file magic detected (file-identify.rules)
 * 1:12182 <-> ENABLED <-> FILE-IDENTIFY Adobe Flash Video file magic detected (file-identify.rules)
 * 1:12283 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel xlw file magic detected (file-identify.rules)
 * 1:12454 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media ASF file magic detected (file-identify.rules)
 * 1:12455 <-> ENABLED <-> FILE-IDENTIFY SAP Crystal Reports file download request (file-identify.rules)
 * 1:12972 <-> ENABLED <-> FILE-IDENTIFY Microsoft Media Player asf/wmv/wma file magic detected (file-identify.rules)
 * 1:13465 <-> ENABLED <-> FILE-IDENTIFY Microsoft Works file download request (file-identify.rules)
 * 1:13473 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Publisher file download request (file-identify.rules)
 * 1:13515 <-> ENABLED <-> FILE-MULTIMEDIA Apple QuickTime user agent (file-multimedia.rules)
 * 1:13583 <-> ENABLED <-> FILE-IDENTIFY Microsoft SYmbolic LinK file download request (file-identify.rules)
 * 1:13585 <-> ENABLED <-> FILE-IDENTIFY Microsoft SYmbolic LinK file magic detected (file-identify.rules)
 * 1:13801 <-> ENABLED <-> FILE-IDENTIFY RTF file download request (file-identify.rules)
 * 1:14017 <-> ENABLED <-> FILE-IDENTIFY MPEG Layer 3 playlist file download request (file-identify.rules)
 * 1:14018 <-> ENABLED <-> FILE-IDENTIFY PLS multimedia playlist file download request (file-identify.rules)
 * 1:15013 <-> ENABLED <-> FILE-IDENTIFY PDF file download request (file-identify.rules)
 * 1:15079 <-> ENABLED <-> FILE-IDENTIFY WAV file download request (file-identify.rules)
 * 1:15158 <-> ENABLED <-> FILE-IDENTIFY XML Shareable Playlist Format file download request (file-identify.rules)
 * 1:15237 <-> ENABLED <-> FILE-IDENTIFY Java .class file download request (file-identify.rules)
 * 1:15239 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealMedia format file download request (file-identify.rules)
 * 1:15240 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealMedia format file download request (file-identify.rules)
 * 1:15294 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Visio file download request (file-identify.rules)
 * 1:15427 <-> ENABLED <-> FILE-IDENTIFY SVG file download request (file-identify.rules)
 * 1:15463 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file download request (file-identify.rules)
 * 1:15464 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file download request (file-identify.rules)
 * 1:15468 <-> ENABLED <-> BROWSER-IE Apple Safari-Internet Explorer SearchPath blended threat dll request (browser-ie.rules)
 * 1:15483 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file download request (file-identify.rules)
 * 1:15516 <-> ENABLED <-> FILE-IDENTIFY AVI multimedia file download request (file-identify.rules)
 * 1:15518 <-> ENABLED <-> FILE-IDENTIFY Embedded Open Type Font file download request (file-identify.rules)
 * 1:15586 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office PowerPoint file download request (file-identify.rules)
 * 1:15587 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word file download request (file-identify.rules)
 * 1:15865 <-> ENABLED <-> FILE-IDENTIFY MP4 file download request (file-identify.rules)
 * 1:15870 <-> ENABLED <-> FILE-IDENTIFY 4XM file download request (file-identify.rules)
 * 1:15900 <-> ENABLED <-> FILE-IDENTIFY Audio Interchange file download request (file-identify.rules)
 * 1:15922 <-> ENABLED <-> FILE-IDENTIFY MP3 file download request (file-identify.rules)
 * 1:15945 <-> ENABLED <-> FILE-IDENTIFY RSS file download request (file-identify.rules)
 * 1:15987 <-> ENABLED <-> FILE-IDENTIFY DXF file download request (file-identify.rules)
 * 1:16061 <-> ENABLED <-> FILE-IDENTIFY X PixMap file download request (file-identify.rules)
 * 1:16143 <-> ENABLED <-> FILE-IDENTIFY Microsoft asf file magic detected (file-identify.rules)
 * 1:16205 <-> ENABLED <-> FILE-IDENTIFY BMP file download request (file-identify.rules)
 * 1:16219 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file download request (file-identify.rules)
 * 1:16286 <-> ENABLED <-> FILE-IDENTIFY TrueType font file download request (file-identify.rules)
 * 1:16381 <-> ENABLED <-> NETBIOS SMB session negotiation request (netbios.rules)
 * 1:16406 <-> ENABLED <-> FILE-IDENTIFY JPEG file download request (file-identify.rules)
 * 1:16407 <-> ENABLED <-> FILE-IDENTIFY JPEG file download request (file-identify.rules)
 * 1:16425 <-> ENABLED <-> FILE-IDENTIFY Portable Executable binary file download request (file-identify.rules)
 * 1:16473 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Movie Maker project file download request (file-identify.rules)
 * 1:16474 <-> ENABLED <-> FILE-IDENTIFY Microsoft Compound File Binary v3 file magic detected (file-identify.rules)
 * 1:16529 <-> ENABLED <-> FILE-IDENTIFY JPEG file download request (file-identify.rules)
 * 1:16594 <-> ENABLED <-> PROTOCOL-POP STAT command (protocol-pop.rules)
 * 1:16630 <-> ENABLED <-> FILE-IDENTIFY DAT file download request (file-identify.rules)
 * 1:16691 <-> ENABLED <-> FILE-IDENTIFY PLF playlist file download request (file-identify.rules)
 * 1:16754 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand andx create tree attempt (netbios.rules)
 * 1:16755 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand create tree attempt (netbios.rules)
 * 1:16756 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand unicode andx create tree attempt (netbios.rules)
 * 1:16757 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand unicode create tree attempt (netbios.rules)
 * 1:16758 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand andx create tree attempt (netbios.rules)
 * 1:16759 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand create tree attempt (netbios.rules)
 * 1:16760 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand unicode andx create tree attempt (netbios.rules)
 * 1:16761 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand unicode create tree attempt (netbios.rules)
 * 1:17116 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media ASX file download request (file-identify.rules)
 * 1:17151 <-> ENABLED <-> NETBIOS SMB negotiate protocol request - ascii strings (netbios.rules)
 * 1:17229 <-> ENABLED <-> FILE-IDENTIFY Tiff little endian file magic detected (file-identify.rules)
 * 1:17230 <-> ENABLED <-> FILE-IDENTIFY Tiff big endian file magic detected (file-identify.rules)
 * 1:17241 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media wmv file download request (file-identify.rules)
 * 1:17259 <-> ENABLED <-> FILE-IDENTIFY MOV file download request (file-identify.rules)
 * 1:17314 <-> ENABLED <-> FILE-IDENTIFY OLE document file magic detected (file-identify.rules)
 * 1:17327 <-> ENABLED <-> SERVER-MAIL Qualcomm WorldMail Server Response (server-mail.rules)
 * 1:17332 <-> ENABLED <-> SERVER-MAIL Content-Disposition attachment (server-mail.rules)
 * 1:17359 <-> ENABLED <-> FILE-IDENTIFY XBM image file download request (file-identify.rules)
 * 1:17364 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Help Workshop CNT Help file download request (file-identify.rules)
 * 1:17370 <-> ENABLED <-> SERVER-WEBAPP Squid authentication headers handling denial of service attempt (server-webapp.rules)
 * 1:17380 <-> ENABLED <-> FILE-IDENTIFY PNG file download request (file-identify.rules)
 * 1:17394 <-> ENABLED <-> FILE-IDENTIFY GIF file download request (file-identify.rules)
 * 1:17396 <-> ENABLED <-> SERVER-OTHER VNC client authentication response (server-other.rules)
 * 1:17418 <-> ENABLED <-> SERVER-ORACLE Oracle connection established (server-oracle.rules)
 * 1:17426 <-> ENABLED <-> FILE-IDENTIFY RAT file download request (file-identify.rules)
 * 1:17441 <-> ENABLED <-> FILE-IDENTIFY LNK file download request (file-identify.rules)
 * 1:17508 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows .NET Application file download request (file-identify.rules)
 * 1:17509 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows .NET Manifest file download request (file-identify.rules)
 * 1:17534 <-> ENABLED <-> SERVER-OTHER IPP Application Content (server-other.rules)
 * 1:17540 <-> ENABLED <-> FILE-IDENTIFY LZH file download request (file-identify.rules)
 * 1:17547 <-> ENABLED <-> FILE-IDENTIFY SMIL file download request (file-identify.rules)
 * 1:17552 <-> ENABLED <-> FILE-IDENTIFY Adobe Pagemaker file download request (file-identify.rules)
 * 1:17598 <-> ENABLED <-> SERVER-OTHER IBM DB2 Universal Database accsec command without rdbnam (server-other.rules)
 * 1:17600 <-> ENABLED <-> FILE-IDENTIFY XUL file download request (file-identify.rules)
 * 1:17679 <-> ENABLED <-> FILE-IDENTIFY Apple disk image file download request (file-identify.rules)
 * 1:17732 <-> ENABLED <-> FILE-IDENTIFY TIFF file download request (file-identify.rules)
 * 1:17733 <-> ENABLED <-> FILE-IDENTIFY XML file download request (file-identify.rules)
 * 1:17739 <-> ENABLED <-> FILE-IDENTIFY FlashPix file download request (file-identify.rules)
 * 1:17745 <-> ENABLED <-> NETBIOS SMB TRANS2 Find_First2 request attempt (netbios.rules)
 * 1:17751 <-> ENABLED <-> FILE-IDENTIFY OpenType Font file download request (file-identify.rules)
 * 1:17801 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file magic detected (file-identify.rules)
 * 1:17802 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file download request (file-identify.rules)
 * 1:17809 <-> ENABLED <-> FILE-IDENTIFY Apple Quicktime qt file download request (file-identify.rules)
 * 1:18234 <-> ENABLED <-> FILE-IDENTIFY QuickDraw/PICT file download request (file-identify.rules)
 * 1:18516 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word file download request (file-identify.rules)
 * 1:18593 <-> ENABLED <-> FILE-IDENTIFY BitTorrent torrent file download request (file-identify.rules)
 * 1:18675 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Fax Cover page document file download request (file-identify.rules)
 * 1:19128 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer REC file magic detected (file-identify.rules)
 * 1:19129 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer .r1m file magic detected (file-identify.rules)
 * 1:19166 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file magic detected (file-identify.rules)
 * 1:19190 <-> ENABLED <-> NETBIOS SMB-DS Trans2 Distributed File System GET_DFS_REFERRAL request (netbios.rules)
 * 1:19211 <-> ENABLED <-> FILE-IDENTIFY ZIP archive file download request (file-identify.rules)
 * 1:19215 <-> ENABLED <-> FILE-IDENTIFY Google Chrome extension file download request (file-identify.rules)
 * 1:19218 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Fax Cover page document file download request (file-identify.rules)
 * 1:19224 <-> ENABLED <-> FILE-IDENTIFY Cisco Webex wrf file download request (file-identify.rules)
 * 1:19289 <-> ENABLED <-> FILE-IDENTIFY MHTML file download request (file-identify.rules)
 * 1:19323 <-> ENABLED <-> SERVER-OTHER Novell ZENworks Handheld Management ZfHIPCND.exe buffer overflow attempt (server-other.rules)
 * 1:19422 <-> ENABLED <-> FILE-IDENTIFY matroska file magic detected (file-identify.rules)
 * 1:19423 <-> ENABLED <-> FILE-IDENTIFY MKV file download request (file-identify.rules)
 * 1:19424 <-> ENABLED <-> FILE-IDENTIFY MKA file download request (file-identify.rules)
 * 1:19425 <-> ENABLED <-> FILE-IDENTIFY MKS file download request (file-identify.rules)
 * 1:19430 <-> ENABLED <-> FILE-IDENTIFY MIDI file download request (file-identify.rules)
 * 1:19907 <-> ENABLED <-> FILE-IDENTIFY PICT file magic detected (file-identify.rules)
 * 1:20032 <-> ENABLED <-> FILE-IDENTIFY MIME file type file download request (file-identify.rules)
 * 1:20223 <-> ENABLED <-> FILE-IDENTIFY SMI file download request (file-identify.rules)
 * 1:20260 <-> ENABLED <-> FILE-IDENTIFY Microsoft Client Agent Helper JAR file download request (file-identify.rules)
 * 1:20282 <-> ENABLED <-> FILE-IDENTIFY S3M file download request (file-identify.rules)
 * 1:20287 <-> ENABLED <-> FILE-IDENTIFY QCP file download request (file-identify.rules)
 * 1:20450 <-> ENABLED <-> FILE-IDENTIFY MPEG video stream file magic detected (file-identify.rules)
 * 1:20451 <-> ENABLED <-> FILE-IDENTIFY MPEG sys stream file magic detected (file-identify.rules)
 * 1:20456 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Real Media file magic detected (file-identify.rules)
 * 1:20459 <-> ENABLED <-> FILE-IDENTIFY GIF file magic detected (file-identify.rules)
 * 1:20460 <-> ENABLED <-> FILE-IDENTIFY MP3 file magic detected (file-identify.rules)
 * 1:20463 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:20464 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:20465 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:20466 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:20467 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:20468 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:20469 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:20471 <-> ENABLED <-> FILE-IDENTIFY RIFX file magic detected (file-identify.rules)
 * 1:20472 <-> ENABLED <-> FILE-IDENTIFY RAR file magic detected (file-identify.rules)
 * 1:20476 <-> ENABLED <-> FILE-IDENTIFY TNEF file magic detected (file-identify.rules)
 * 1:20477 <-> ENABLED <-> FILE-IDENTIFY ELF file magic detected (file-identify.rules)
 * 1:20478 <-> ENABLED <-> FILE-IDENTIFY PNG file magic detected (file-identify.rules)
 * 1:20480 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detection (file-identify.rules)
 * 1:20481 <-> ENABLED <-> FILE-IDENTIFY MP3 file magic detected (file-identify.rules)
 * 1:20483 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detected (file-identify.rules)
 * 1:20486 <-> ENABLED <-> FILE-IDENTIFY RTF file magic detected (file-identify.rules)
 * 1:20489 <-> ENABLED <-> FILE-IDENTIFY MachO x64 Little Endian file magic detected (file-identify.rules)
 * 1:20492 <-> ENABLED <-> FILE-IDENTIFY Universal Binary/Java Bytecode file magic detected (file-identify.rules)
 * 1:20493 <-> ENABLED <-> FILE-IDENTIFY jarpack file magic detected (file-identify.rules)
 * 1:20494 <-> ENABLED <-> FILE-IDENTIFY PDF file magic detected (file-identify.rules)
 * 1:20495 <-> ENABLED <-> FILE-IDENTIFY compressed Adobe Shockwave Flash file magic detected (file-identify.rules)
 * 1:20496 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file magic detected (file-identify.rules)
 * 1:20497 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file magic detected (file-identify.rules)
 * 1:20500 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20501 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20502 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20503 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20507 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file magic detected (file-identify.rules)
 * 1:20514 <-> ENABLED <-> FILE-IDENTIFY dmg file magic detected (file-identify.rules)
 * 1:20518 <-> ENABLED <-> FILE-IDENTIFY rmf file download request (file-identify.rules)
 * 1:20521 <-> ENABLED <-> FILE-IDENTIFY Flac file magic detected (file-identify.rules)
 * 1:20522 <-> ENABLED <-> FILE-IDENTIFY VideoLAN VLC file magic detected (file-identify.rules)
 * 1:20544 <-> ENABLED <-> FILE-IDENTIFY Adobe Flash Player FLV file download request (file-identify.rules)
 * 1:20554 <-> ENABLED <-> PUA-OTHER Microsoft MSN Messenger and Windows Live Messenger Code Execution attempt (pua-other.rules)
 * 1:20621 <-> ENABLED <-> FILE-IDENTIFY JAR file download request (file-identify.rules)
 * 1:20723 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word docx file download request (file-identify.rules)
 * 1:20733 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media Player DVR file download request (file-identify.rules)
 * 1:20792 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file attachment detected (file-identify.rules)
 * 1:20793 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file attachment detected (file-identify.rules)
 * 1:20795 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word file attachment detected (file-identify.rules)
 * 1:20796 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word file attachment detected (file-identify.rules)
 * 1:20798 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20799 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20800 <-> ENABLED <-> FILE-IDENTIFY MIME file type file attachment detected (file-identify.rules)
 * 1:20801 <-> ENABLED <-> FILE-IDENTIFY MIME file type file attachment detected (file-identify.rules)
 * 1:20839 <-> ENABLED <-> FILE-IDENTIFY eSignal .quo file download request (file-identify.rules)
 * 1:20840 <-> ENABLED <-> FILE-IDENTIFY eSignal .por file download request (file-identify.rules)
 * 1:20841 <-> ENABLED <-> FILE-IDENTIFY eSignal .sum file download request (file-identify.rules)
 * 1:20850 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows EMF metafile file attachment detected (file-identify.rules)
 * 1:20851 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows EMF metafile file attachment detected (file-identify.rules)
 * 1:20854 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Visio file attachment detected (file-identify.rules)
 * 1:20855 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Visio file attachment detected (file-identify.rules)
 * 1:20874 <-> ENABLED <-> SERVER-OTHER IBM Tivoli Storage Manager Express Backup initialization packet (server-other.rules)
 * 1:20897 <-> ENABLED <-> FILE-IDENTIFY MIDI file magic detected (file-identify.rules)
 * 1:20898 <-> ENABLED <-> FILE-IDENTIFY MIDI file attachment detected (file-identify.rules)
 * 1:20899 <-> ENABLED <-> FILE-IDENTIFY MIDI file attachment detected (file-identify.rules)
 * 1:20905 <-> ENABLED <-> FILE-IDENTIFY X PixMap file attachment detected (file-identify.rules)
 * 1:20906 <-> ENABLED <-> FILE-IDENTIFY X PixMap file attachment detected (file-identify.rules)
 * 1:20907 <-> ENABLED <-> FILE-IDENTIFY DXF file attachment detected (file-identify.rules)
 * 1:20908 <-> ENABLED <-> FILE-IDENTIFY DXF file attachment detected (file-identify.rules)
 * 1:20909 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media ASF file attachment detected (file-identify.rules)
 * 1:20910 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media ASF file attachment detected (file-identify.rules)
 * 1:20913 <-> ENABLED <-> FILE-IDENTIFY XML Shareable Playlist Format file attachment detected (file-identify.rules)
 * 1:20914 <-> ENABLED <-> FILE-IDENTIFY XML Shareable Playlist Format file attachment detected (file-identify.rules)
 * 1:20924 <-> ENABLED <-> FILE-IDENTIFY PLS file magic detected (file-identify.rules)
 * 1:20925 <-> ENABLED <-> FILE-IDENTIFY Adobe Pagemaker file attachment detected (file-identify.rules)
 * 1:20926 <-> ENABLED <-> FILE-IDENTIFY Adobe Pagemaker file attachment detected (file-identify.rules)
 * 1:20928 <-> ENABLED <-> FILE-IDENTIFY SMIL file magic detected (file-identify.rules)
 * 1:20929 <-> ENABLED <-> FILE-IDENTIFY MKV file attachment detected (file-identify.rules)
 * 1:20930 <-> ENABLED <-> FILE-IDENTIFY MKV file attachment detected (file-identify.rules)
 * 1:20931 <-> ENABLED <-> FILE-IDENTIFY MKS file attachment detected (file-identify.rules)
 * 1:20932 <-> ENABLED <-> FILE-IDENTIFY MKS file attachment detected (file-identify.rules)
 * 1:20933 <-> ENABLED <-> FILE-IDENTIFY MKA file attachment detected (file-identify.rules)
 * 1:20934 <-> ENABLED <-> FILE-IDENTIFY MKA file attachment detected (file-identify.rules)
 * 1:20935 <-> ENABLED <-> FILE-IDENTIFY QCP file attachment detected (file-identify.rules)
 * 1:20936 <-> ENABLED <-> FILE-IDENTIFY QCP file attachment detected (file-identify.rules)
 * 1:20937 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file download request (file-identify.rules)
 * 1:20938 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file download request (file-identify.rules)
 * 1:20939 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file download request (file-identify.rules)
 * 1:20940 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file download request (file-identify.rules)
 * 1:20941 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20942 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20943 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20944 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20945 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20946 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20947 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20948 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20950 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20951 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20952 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20953 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20954 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20955 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20956 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20957 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20958 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20959 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20960 <-> ENABLED <-> FILE-IDENTIFY Flac file download request (file-identify.rules)
 * 1:20961 <-> ENABLED <-> FILE-IDENTIFY TTE file download request (file-identify.rules)
 * 1:20962 <-> ENABLED <-> FILE-IDENTIFY OTF file download request (file-identify.rules)
 * 1:20963 <-> ENABLED <-> FILE-IDENTIFY DIB file download request (file-identify.rules)
 * 1:20964 <-> ENABLED <-> FILE-IDENTIFY SAMI file download request (file-identify.rules)
 * 1:20965 <-> ENABLED <-> FILE-IDENTIFY JPEG file download request (file-identify.rules)
 * 1:20966 <-> ENABLED <-> FILE-IDENTIFY JPEG file download request (file-identify.rules)
 * 1:20967 <-> ENABLED <-> FILE-IDENTIFY JPEG file download request (file-identify.rules)
 * 1:20968 <-> ENABLED <-> FILE-IDENTIFY Apple disk image file download request (file-identify.rules)
 * 1:20969 <-> ENABLED <-> FILE-IDENTIFY M4A file download request (file-identify.rules)
 * 1:20970 <-> ENABLED <-> FILE-IDENTIFY M4P file download request (file-identify.rules)
 * 1:20971 <-> ENABLED <-> FILE-IDENTIFY M4R file download request (file-identify.rules)
 * 1:20972 <-> ENABLED <-> FILE-IDENTIFY M4V file magic request (file-identify.rules)
 * 1:20973 <-> ENABLED <-> FILE-IDENTIFY M4B file download request (file-identify.rules)
 * 1:20974 <-> ENABLED <-> FILE-IDENTIFY 3GP file download request (file-identify.rules)
 * 1:20975 <-> ENABLED <-> FILE-IDENTIFY 3G2 file download request (file-identify.rules)
 * 1:20976 <-> ENABLED <-> FILE-IDENTIFY K3G file download request (file-identify.rules)
 * 1:20977 <-> ENABLED <-> FILE-IDENTIFY SKM file download request (file-identify.rules)
 * 1:20978 <-> ENABLED <-> FILE-IDENTIFY TTE file attachment detected (file-identify.rules)
 * 1:20979 <-> ENABLED <-> FILE-IDENTIFY TTE file attachment detected (file-identify.rules)
 * 1:20980 <-> ENABLED <-> FILE-IDENTIFY OTF file attachment detected (file-identify.rules)
 * 1:20981 <-> ENABLED <-> FILE-IDENTIFY OTF file attachment detected (file-identify.rules)
 * 1:20982 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office PowerPoint file attachment detected (file-identify.rules)
 * 1:20983 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office PowerPoint file attachment detected (file-identify.rules)
 * 1:20986 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word docx file attachment detected (file-identify.rules)
 * 1:20987 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word docx file attachment detected (file-identify.rules)
 * 1:20991 <-> ENABLED <-> FILE-IDENTIFY TTF file magic detected (file-identify.rules)
 * 1:20992 <-> ENABLED <-> FILE-IDENTIFY SAMI file magic detected (file-identify.rules)
 * 1:21007 <-> ENABLED <-> FILE-IDENTIFY Microsoft Money file magic detected (file-identify.rules)
 * 1:21011 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office PowerPoint file magic detected (file-identify.rules)
 * 1:21012 <-> ENABLED <-> FILE-IDENTIFY Cytel Studio cy3 file download request (file-identify.rules)
 * 1:21013 <-> ENABLED <-> FILE-IDENTIFY Cytel Studio cy3 file attachment detected (file-identify.rules)
 * 1:21014 <-> ENABLED <-> FILE-IDENTIFY Cytel Studio cy3 file attachment detected (file-identify.rules)
 * 1:21015 <-> ENABLED <-> FILE-IDENTIFY cy3 Cytel Studio file magic detected (file-identify.rules)
 * 1:21016 <-> ENABLED <-> FILE-IDENTIFY Cytel Studio cyb file attachment detected (file-identify.rules)
 * 1:21017 <-> ENABLED <-> FILE-IDENTIFY cyb Cytel Studio file attachment detected (file-identify.rules)
 * 1:21018 <-> ENABLED <-> FILE-IDENTIFY cyb Cytel Studio file download request (file-identify.rules)
 * 1:21035 <-> ENABLED <-> FILE-IDENTIFY PDF file attachment detected (file-identify.rules)
 * 1:21036 <-> ENABLED <-> FILE-IDENTIFY PDF file attachment detected (file-identify.rules)
 * 1:21059 <-> ENABLED <-> FILE-IDENTIFY AVI Video file magic detected (file-identify.rules)
 * 1:21061 <-> ENABLED <-> FILE-IDENTIFY AVI file attachment detected (file-identify.rules)
 * 1:21062 <-> ENABLED <-> FILE-IDENTIFY AVI file attachment detected (file-identify.rules)
 * 1:21109 <-> ENABLED <-> FILE-IDENTIFY MPEG video stream file download request (file-identify.rules)
 * 1:21110 <-> ENABLED <-> FILE-IDENTIFY MPEG video stream file attachment detected (file-identify.rules)
 * 1:21111 <-> ENABLED <-> FILE-IDENTIFY MPEG video stream file attachment detected (file-identify.rules)
 * 1:21113 <-> ENABLED <-> FILE-IDENTIFY Cisco Webex Player .wrf file magic detected (file-identify.rules)
 * 1:21152 <-> ENABLED <-> FILE-IDENTIFY S3M file attachment detected (file-identify.rules)
 * 1:21153 <-> ENABLED <-> FILE-IDENTIFY S3M file attachment detected (file-identify.rules)
 * 1:21174 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealPlayer realtext file download request (file-identify.rules)
 * 1:21282 <-> ENABLED <-> FILE-IDENTIFY XSL file download request (file-identify.rules)
 * 1:21283 <-> ENABLED <-> FILE-IDENTIFY XSL file attachment detected (file-identify.rules)
 * 1:21284 <-> ENABLED <-> FILE-IDENTIFY XSL file attachment detected (file-identify.rules)
 * 1:21285 <-> ENABLED <-> FILE-IDENTIFY XSLT file download request (file-identify.rules)
 * 1:21286 <-> ENABLED <-> FILE-IDENTIFY XSLT file attachment detected (file-identify.rules)
 * 1:21287 <-> ENABLED <-> FILE-IDENTIFY XSLT file attachment detected (file-identify.rules)
 * 1:21288 <-> ENABLED <-> FILE-IDENTIFY XML download detected (file-identify.rules)
 * 1:21410 <-> ENABLED <-> FILE-IDENTIFY paq8o file download request (file-identify.rules)
 * 1:21411 <-> ENABLED <-> FILE-IDENTIFY paq8o file attachment detected (file-identify.rules)
 * 1:21412 <-> ENABLED <-> FILE-IDENTIFY paq8o file attachment detected (file-identify.rules)
 * 1:21434 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Mentor variant outbound connection (malware-cnc.rules)
 * 1:21480 <-> ENABLED <-> FILE-IDENTIFY XML file magic detected (file-identify.rules)
 * 1:21498 <-> ENABLED <-> FILE-IDENTIFY XML file magic detected (file-identify.rules)
 * 1:21499 <-> ENABLED <-> FILE-IDENTIFY XML file attachment detected (file-identify.rules)
 * 1:21500 <-> ENABLED <-> FILE-IDENTIFY XML file attachment detected (file-identify.rules)
 * 1:21611 <-> ENABLED <-> FILE-IDENTIFY RAT file attachment detected (file-identify.rules)
 * 1:21612 <-> ENABLED <-> FILE-IDENTIFY RAT file attachment detected (file-identify.rules)
 * 1:21613 <-> ENABLED <-> FILE-IDENTIFY PNG file attachment detected (file-identify.rules)
 * 1:21614 <-> ENABLED <-> FILE-IDENTIFY PNG file attachment detected (file-identify.rules)
 * 1:21615 <-> ENABLED <-> FILE-IDENTIFY WMF file attachment detected (file-identify.rules)
 * 1:21616 <-> ENABLED <-> FILE-IDENTIFY WMF file attachment detected (file-identify.rules)
 * 1:21617 <-> ENABLED <-> FILE-IDENTIFY RT file attachment detected (file-identify.rules)
 * 1:21618 <-> ENABLED <-> FILE-IDENTIFY RT file attachment detected (file-identify.rules)
 * 1:21620 <-> ENABLED <-> FILE-IDENTIFY WAV file magic detected (file-identify.rules)
 * 1:21621 <-> ENABLED <-> FILE-IDENTIFY AVI file magic detected (file-identify.rules)
 * 1:21623 <-> ENABLED <-> FILE-IDENTIFY QUO file attachment detected (file-identify.rules)
 * 1:21624 <-> ENABLED <-> FILE-IDENTIFY QUO file attachment detected (file-identify.rules)
 * 1:21625 <-> ENABLED <-> FILE-IDENTIFY POR file attachment detected (file-identify.rules)
 * 1:21626 <-> ENABLED <-> FILE-IDENTIFY POR file attachment detected (file-identify.rules)
 * 1:21627 <-> ENABLED <-> FILE-IDENTIFY SUM file attachment detected (file-identify.rules)
 * 1:21628 <-> ENABLED <-> FILE-IDENTIFY SUM file attachment detected (file-identify.rules)
 * 1:21648 <-> ENABLED <-> FILE-IDENTIFY QuickDraw/PICT file attachment detected (file-identify.rules)
 * 1:21649 <-> ENABLED <-> FILE-IDENTIFY QuickDraw/PICT file attachment detected (file-identify.rules)
 * 1:21650 <-> ENABLED <-> FILE-IDENTIFY QuickDraw/PICT file download request (file-identify.rules)
 * 1:21651 <-> ENABLED <-> FILE-IDENTIFY QuickDraw/PICT file attachment detected (file-identify.rules)
 * 1:21652 <-> ENABLED <-> FILE-IDENTIFY QuickDraw/PICT file attachment detected (file-identify.rules)
 * 1:21687 <-> ENABLED <-> FILE-IDENTIFY PLS file attachment detected (file-identify.rules)
 * 1:21688 <-> ENABLED <-> FILE-IDENTIFY PLS file attachment detected (file-identify.rules)
 * 1:21691 <-> ENABLED <-> FILE-IDENTIFY SMIL file attachment detected (file-identify.rules)
 * 1:21692 <-> ENABLED <-> FILE-IDENTIFY SMIL file attachment detected (file-identify.rules)
 * 1:21693 <-> ENABLED <-> FILE-IDENTIFY FLAC file attachment detected (file-identify.rules)
 * 1:21694 <-> ENABLED <-> FILE-IDENTIFY FLAC file attachment detected (file-identify.rules)
 * 1:21695 <-> ENABLED <-> FILE-IDENTIFY SMI file attachment detected (file-identify.rules)
 * 1:21696 <-> ENABLED <-> FILE-IDENTIFY SMI file attachment detected (file-identify.rules)
 * 1:21697 <-> ENABLED <-> FILE-IDENTIFY SAMI file attachment detected (file-identify.rules)
 * 1:21698 <-> ENABLED <-> FILE-IDENTIFY SAMI file attachment detected (file-identify.rules)
 * 1:21699 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel xlw file attachment detected (file-identify.rules)
 * 1:21700 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel xlw file attachment detected (file-identify.rules)
 * 1:21701 <-> ENABLED <-> FILE-IDENTIFY FlashPix file attachment detected (file-identify.rules)
 * 1:21702 <-> ENABLED <-> FILE-IDENTIFY FlashPix file attachment detected (file-identify.rules)
 * 1:21703 <-> ENABLED <-> FILE-IDENTIFY 4XM file attachment detected (file-identify.rules)
 * 1:21704 <-> ENABLED <-> FILE-IDENTIFY 4XM file attachment detected (file-identify.rules)
 * 1:21705 <-> ENABLED <-> FILE-IDENTIFY BitTorrent torrent file attachment detected (file-identify.rules)
 * 1:21706 <-> ENABLED <-> FILE-IDENTIFY BitTorrent torrent file attachment detected (file-identify.rules)
 * 1:21709 <-> ENABLED <-> FILE-IDENTIFY AIFF file attachment detected (file-identify.rules)
 * 1:21710 <-> ENABLED <-> FILE-IDENTIFY AIFF file attachment detected (file-identify.rules)
 * 1:21711 <-> ENABLED <-> FILE-IDENTIFY PFA file download request (file-identify.rules)
 * 1:21712 <-> ENABLED <-> FILE-IDENTIFY PFA file magic detected (file-identify.rules)
 * 1:21713 <-> ENABLED <-> FILE-IDENTIFY PFA file attachment detected (file-identify.rules)
 * 1:21714 <-> ENABLED <-> FILE-IDENTIFY PFA file attachment detected (file-identify.rules)
 * 1:21715 <-> ENABLED <-> FILE-IDENTIFY PFB file download request (file-identify.rules)
 * 1:21716 <-> ENABLED <-> FILE-IDENTIFY PFB file attachment detected (file-identify.rules)
 * 1:21717 <-> ENABLED <-> FILE-IDENTIFY PFB file attachment detected (file-identify.rules)
 * 1:21718 <-> ENABLED <-> FILE-IDENTIFY PFM file download request (file-identify.rules)
 * 1:21719 <-> ENABLED <-> FILE-IDENTIFY PFM file attachment detected (file-identify.rules)
 * 1:21720 <-> ENABLED <-> FILE-IDENTIFY PFM file attachment detected (file-identify.rules)
 * 1:21721 <-> ENABLED <-> FILE-IDENTIFY AFM file download request (file-identify.rules)
 * 1:21722 <-> ENABLED <-> FILE-IDENTIFY AFM file attachment detected (file-identify.rules)
 * 1:21723 <-> ENABLED <-> FILE-IDENTIFY AFM file attachment detected (file-identify.rules)
 * 1:21724 <-> ENABLED <-> FILE-IDENTIFY ANI file download request (file-identify.rules)
 * 1:21725 <-> ENABLED <-> FILE-IDENTIFY ANI file attachment detected (file-identify.rules)
 * 1:21726 <-> ENABLED <-> FILE-IDENTIFY ANI file attachment detected (file-identify.rules)
 * 1:21727 <-> ENABLED <-> FILE-IDENTIFY ANI file magic detection (file-identify.rules)
 * 1:21728 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21729 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21730 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21731 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21732 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21733 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21734 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21735 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21736 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21737 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21738 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21739 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21740 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media asx file attachment detected (file-identify.rules)
 * 1:21741 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media asx file attachment detected (file-identify.rules)
 * 1:21742 <-> ENABLED <-> FILE-IDENTIFY Embedded Open Type Font file attachment detected (file-identify.rules)
 * 1:21743 <-> ENABLED <-> FILE-IDENTIFY Embedded Open Type Font file attachment detected (file-identify.rules)
 * 1:21744 <-> ENABLED <-> FILE-IDENTIFY AVI file attachment detected (file-identify.rules)
 * 1:21745 <-> ENABLED <-> FILE-IDENTIFY AVI file attachment detected (file-identify.rules)
 * 1:21746 <-> ENABLED <-> FILE-IDENTIFY RTF file attachment detected (file-identify.rules)
 * 1:21747 <-> ENABLED <-> FILE-IDENTIFY RTF file attachment detected (file-identify.rules)
 * 1:21748 <-> ENABLED <-> FILE-IDENTIFY HPJ file download request (file-identify.rules)
 * 1:21749 <-> ENABLED <-> FILE-IDENTIFY HPJ file attachment detected (file-identify.rules)
 * 1:21750 <-> ENABLED <-> FILE-IDENTIFY HPJ file attachment detected (file-identify.rules)
 * 1:21751 <-> ENABLED <-> FILE-IDENTIFY HPJ file magic detected (file-identify.rules)
 * 1:21807 <-> ENABLED <-> FILE-IDENTIFY Adobe Download Manager aom file download request (file-identify.rules)
 * 1:21808 <-> ENABLED <-> FILE-IDENTIFY Adobe Download Manager aom file attachment detected (file-identify.rules)
 * 1:21809 <-> ENABLED <-> FILE-IDENTIFY Adobe Download Manager aom file attachment detected (file-identify.rules)
 * 1:21810 <-> ENABLED <-> FILE-IDENTIFY Adobe Download Manager aom file magic detected (file-identify.rules)
 * 1:21811 <-> ENABLED <-> FILE-IDENTIFY Apple Quicktime FLIC animation file file download request (file-identify.rules)
 * 1:21812 <-> ENABLED <-> FILE-IDENTIFY Apple Quicktime FLIC animation file file attachment detected (file-identify.rules)
 * 1:21813 <-> ENABLED <-> FILE-IDENTIFY Apple Quicktime FLIC animation file file attachment detected (file-identify.rules)
 * 1:21814 <-> ENABLED <-> FILE-IDENTIFY Apple Quicktime FLIC file magic detected (file-identify.rules)
 * 1:21815 <-> ENABLED <-> FILE-IDENTIFY LZH file attachment detected (file-identify.rules)
 * 1:21816 <-> ENABLED <-> FILE-IDENTIFY LZH file attachment detected (file-identify.rules)
 * 1:21854 <-> ENABLED <-> FILE-IDENTIFY LNK file attachment detected (file-identify.rules)
 * 1:21855 <-> ENABLED <-> FILE-IDENTIFY LNK file attachment detected (file-identify.rules)
 * 1:21856 <-> ENABLED <-> FILE-IDENTIFY ZIP file attachment detected (file-identify.rules)
 * 1:21857 <-> ENABLED <-> FILE-IDENTIFY ZIP file attachment detected (file-identify.rules)
 * 1:21861 <-> ENABLED <-> FILE-IDENTIFY WRF file attachment detected (file-identify.rules)
 * 1:21862 <-> ENABLED <-> FILE-IDENTIFY WRF file attachment detected (file-identify.rules)
 * 1:21863 <-> ENABLED <-> FILE-IDENTIFY Google Chrome extension file attachment detected (file-identify.rules)
 * 1:21864 <-> ENABLED <-> FILE-IDENTIFY Google Chrome extension file attachment detected (file-identify.rules)
 * 1:21865 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Fax Cover page document file attachment detected (file-identify.rules)
 * 1:21866 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Fax Cover page document file attachment detected (file-identify.rules)
 * 1:21867 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Fax Cover page document file attachment detected (file-identify.rules)
 * 1:21868 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Fax Cover page document file attachment detected (file-identify.rules)
 * 1:21870 <-> ENABLED <-> FILE-IDENTIFY CNT file attachment detected (file-identify.rules)
 * 1:21871 <-> ENABLED <-> FILE-IDENTIFY CNT file attachment detected (file-identify.rules)
 * 1:21872 <-> ENABLED <-> FILE-IDENTIFY GIF file attachment detected (file-identify.rules)
 * 1:21873 <-> ENABLED <-> FILE-IDENTIFY GIF file attachment detected (file-identify.rules)
 * 1:21884 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Publisher file attachment detected (file-identify.rules)
 * 1:21885 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Publisher file attachment detected (file-identify.rules)
 * 1:21886 <-> ENABLED <-> FILE-IDENTIFY OpenType Font file attachment detected (file-identify.rules)
 * 1:21887 <-> ENABLED <-> FILE-IDENTIFY OpenType Font file attachment detected (file-identify.rules)
 * 1:21888 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Movie Maker file attachment detected (file-identify.rules)
 * 1:21889 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Movie Maker file attachment detected (file-identify.rules)
 * 1:21890 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file attachment detected (file-identify.rules)
 * 1:21891 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file attachment detected (file-identify.rules)
 * 1:21892 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file attachment detected (file-identify.rules)
 * 1:21893 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file attachment detected (file-identify.rules)
 * 1:21894 <-> ENABLED <-> FILE-IDENTIFY SVG file attachment detected (file-identify.rules)
 * 1:21895 <-> ENABLED <-> FILE-IDENTIFY SVG file attachment detected (file-identify.rules)
 * 1:21908 <-> ENABLED <-> FILE-IDENTIFY Portable Executable file attachment detected (file-identify.rules)
 * 1:21909 <-> ENABLED <-> FILE-IDENTIFY Portable Executable file attachment detected (file-identify.rules)
 * 1:21915 <-> ENABLED <-> SERVER-OTHER Novell Groupwise HTTP login request (server-other.rules)
 * 1:21916 <-> ENABLED <-> SERVER-OTHER Novell Groupwise HTTP login request (server-other.rules)
 * 1:21940 <-> ENABLED <-> FILE-IDENTIFY EMF file magic detected (file-identify.rules)
 * 1:21999 <-> ENABLED <-> FILE-IDENTIFY OpenType Font file magic detection (file-identify.rules)
 * 1:22943 <-> ENABLED <-> FILE-IDENTIFY NAB file download request (file-identify.rules)
 * 1:22944 <-> ENABLED <-> FILE-IDENTIFY NAB file attachment detected (file-identify.rules)
 * 1:22945 <-> ENABLED <-> FILE-IDENTIFY NAB file attachment detected (file-identify.rules)
 * 1:22946 <-> ENABLED <-> FILE-IDENTIFY NAB file magic detected (file-identify.rules)
 * 1:22961 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealPlayer RAM file attachment detected (file-identify.rules)
 * 1:22962 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealPlayer RAM file attachment detected (file-identify.rules)
 * 1:22963 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealPlayer RMP file attachment detected (file-identify.rules)
 * 1:22964 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealPlayer RMP file attachment detected (file-identify.rules)
 * 1:22965 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealPlayer RT file attachment detected (file-identify.rules)
 * 1:22966 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealPlayer RT file attachment detected (file-identify.rules)
 * 1:22971 <-> ENABLED <-> FILE-IDENTIFY MPEG Layer 3 playlist file attachment detected (file-identify.rules)
 * 1:22972 <-> ENABLED <-> FILE-IDENTIFY m3u playlist file file attachment detected (file-identify.rules)
 * 1:22979 <-> ENABLED <-> FILE-IDENTIFY M4V file attachment detected (file-identify.rules)
 * 1:22980 <-> ENABLED <-> FILE-IDENTIFY M4V file attachment detected (file-identify.rules)
 * 1:22993 <-> ENABLED <-> FILE-IDENTIFY MP4 file attachment detected (file-identify.rules)
 * 1:22994 <-> ENABLED <-> FILE-IDENTIFY MP4 file attachment detected (file-identify.rules)
 * 1:22995 <-> ENABLED <-> FILE-IDENTIFY Apple QuickTime Movie file attachment detected (file-identify.rules)
 * 1:22996 <-> ENABLED <-> FILE-IDENTIFY Apple QuickTime Movie file attachment detected (file-identify.rules)
 * 1:22997 <-> ENABLED <-> FILE-IDENTIFY MHTML file attachment detected (file-identify.rules)
 * 1:22998 <-> ENABLED <-> FILE-IDENTIFY MHTML file attachment detected (file-identify.rules)
 * 1:22999 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows WMF file magic detected (file-identify.rules)
 * 1:23000 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media Player DVR file attachment detected (file-identify.rules)
 * 1:23001 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media Player DVR file attachment detected (file-identify.rules)
 * 1:23011 <-> ENABLED <-> FILE-IDENTIFY Collada file download request (file-identify.rules)
 * 1:23012 <-> ENABLED <-> FILE-IDENTIFY Collada file attachment detected (file-identify.rules)
 * 1:23013 <-> ENABLED <-> FILE-IDENTIFY Collada file attachment detected (file-identify.rules)
 * 1:23138 <-> DISABLED <-> SERVER-OTHER Apple CUPS IPP memory corruption attempt (server-other.rules)
 * 1:23139 <-> DISABLED <-> SERVER-OTHER Apple CUPS IPP memory corruption attempt (server-other.rules)
 * 1:23167 <-> ENABLED <-> FILE-IDENTIFY MPG video stream file download request (file-identify.rules)
 * 1:23168 <-> ENABLED <-> FILE-IDENTIFY MPG video stream file attachment detected (file-identify.rules)
 * 1:23169 <-> ENABLED <-> FILE-IDENTIFY MPG video stream file attachment detected (file-identify.rules)
 * 1:23190 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file download request (file-identify.rules)
 * 1:23191 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23192 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23193 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file download request (file-identify.rules)
 * 1:23194 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23195 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23196 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file download request (file-identify.rules)
 * 1:23197 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23198 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23199 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file download request (file-identify.rules)
 * 1:23200 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23201 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23202 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file download request (file-identify.rules)
 * 1:23203 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23204 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23205 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file download request (file-identify.rules)
 * 1:23206 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23207 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23208 <-> ENABLED <-> PROTOCOL-VOIP Digium Asterisk Manager Interface initial banner (protocol-voip.rules)
 * 1:23224 <-> ENABLED <-> EXPLOIT-KIT Redkit exploit kit landing page Requested - 8Digit.html (exploit-kit.rules)
 * 1:23347 <-> ENABLED <-> FILE-IDENTIFY Lotus file download request (file-identify.rules)
 * 1:23348 <-> ENABLED <-> FILE-IDENTIFY Lotus file attachment detected (file-identify.rules)
 * 1:23349 <-> ENABLED <-> FILE-IDENTIFY Lotus file attachment detected (file-identify.rules)
 * 1:23393 <-> ENABLED <-> SQL IBM SolidDB initial banner (sql.rules)
 * 1:23637 <-> ENABLED <-> FILE-IDENTIFY Java .class file attachment detected (file-identify.rules)
 * 1:23638 <-> ENABLED <-> FILE-IDENTIFY Java .class file attachment detected (file-identify.rules)
 * 1:23639 <-> ENABLED <-> FILE-IDENTIFY MPEG video stream file magic detected (file-identify.rules)
 * 1:23640 <-> ENABLED <-> FILE-IDENTIFY MPEG sys stream file magic detected (file-identify.rules)
 * 1:23645 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Real Media file magic detected (file-identify.rules)
 * 1:23647 <-> ENABLED <-> FILE-IDENTIFY GIF file magic detected (file-identify.rules)
 * 1:23648 <-> ENABLED <-> FILE-IDENTIFY MP3 file magic detected (file-identify.rules)
 * 1:23651 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:23652 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:23653 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:23654 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:23655 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:23656 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:23657 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:23658 <-> ENABLED <-> FILE-IDENTIFY RIFX file magic detected (file-identify.rules)
 * 1:23659 <-> ENABLED <-> FILE-IDENTIFY RAR file magic detected (file-identify.rules)
 * 1:23662 <-> ENABLED <-> FILE-IDENTIFY TNEF file magic detected (file-identify.rules)
 * 1:23663 <-> ENABLED <-> FILE-IDENTIFY ELF file magic detected (file-identify.rules)
 * 1:23664 <-> ENABLED <-> FILE-IDENTIFY PNG file magic detected (file-identify.rules)
 * 1:23666 <-> ENABLED <-> FILE-IDENTIFY MP3 file magic detected (file-identify.rules)
 * 1:23667 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detected (file-identify.rules)
 * 1:23670 <-> ENABLED <-> FILE-IDENTIFY RTF file magic detected (file-identify.rules)
 * 1:23673 <-> ENABLED <-> FILE-IDENTIFY MachO x64 Little Endian file magic detected (file-identify.rules)
 * 1:23676 <-> ENABLED <-> FILE-IDENTIFY Universal Binary/Java Bytecode file magic detected (file-identify.rules)
 * 1:23677 <-> ENABLED <-> FILE-IDENTIFY jarpack file magic detected (file-identify.rules)
 * 1:23678 <-> ENABLED <-> FILE-IDENTIFY PDF file magic detected (file-identify.rules)
 * 1:23679 <-> ENABLED <-> FILE-IDENTIFY compressed Adobe Shockwave Flash file magic detected (file-identify.rules)
 * 1:23680 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file magic detected (file-identify.rules)
 * 1:23681 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file magic detected (file-identify.rules)
 * 1:23682 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23683 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23684 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23685 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23687 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file magic detected (file-identify.rules)
 * 1:23691 <-> ENABLED <-> FILE-IDENTIFY dmg file magic detected (file-identify.rules)
 * 1:23695 <-> ENABLED <-> FILE-IDENTIFY Flac file magic detected (file-identify.rules)
 * 1:23696 <-> ENABLED <-> FILE-IDENTIFY VideoLAN VLC file magic detected (file-identify.rules)
 * 1:23697 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel xlw file magic detected (file-identify.rules)
 * 1:23698 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media ASF file magic detected (file-identify.rules)
 * 1:23701 <-> ENABLED <-> FILE-IDENTIFY Microsoft SYmbolic LinK file magic detected (file-identify.rules)
 * 1:23703 <-> ENABLED <-> FILE-IDENTIFY Microsoft asf file magic detected (file-identify.rules)
 * 1:23707 <-> ENABLED <-> FILE-IDENTIFY Microsoft Compound File Binary v3 file magic detected (file-identify.rules)
 * 1:23709 <-> ENABLED <-> FILE-IDENTIFY Tiff little endian file magic detected (file-identify.rules)
 * 1:23710 <-> ENABLED <-> FILE-IDENTIFY Tiff big endian file magic detected (file-identify.rules)
 * 1:23711 <-> ENABLED <-> FILE-IDENTIFY OLE Document file magic detected (file-identify.rules)
 * 1:23712 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file magic detected (file-identify.rules)
 * 1:23720 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer REC file magic detected (file-identify.rules)
 * 1:23721 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer .r1m file magic detected (file-identify.rules)
 * 1:23723 <-> ENABLED <-> FILE-IDENTIFY M3U file magic detected (file-identify.rules)
 * 1:23724 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file magic detected (file-identify.rules)
 * 1:23727 <-> ENABLED <-> FILE-IDENTIFY Adobe Flash Video file magic detected (file-identify.rules)
 * 1:23728 <-> ENABLED <-> FILE-IDENTIFY matroska file magic detected (file-identify.rules)
 * 1:23729 <-> ENABLED <-> FILE-IDENTIFY PICT file magic detected (file-identify.rules)
 * 1:23732 <-> ENABLED <-> FILE-IDENTIFY Microsoft Media Player .asf file magic detected (file-identify.rules)
 * 1:23735 <-> ENABLED <-> FILE-IDENTIFY MIDI file magic detected (file-identify.rules)
 * 1:23736 <-> ENABLED <-> FILE-IDENTIFY PLS file magic detected (file-identify.rules)
 * 1:23737 <-> ENABLED <-> FILE-IDENTIFY SMIL file magic detected (file-identify.rules)
 * 1:23738 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23739 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23740 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23741 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23742 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23743 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23744 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23745 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23746 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23747 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23748 <-> ENABLED <-> FILE-IDENTIFY TTF file magic detected (file-identify.rules)
 * 1:23749 <-> ENABLED <-> FILE-IDENTIFY SAMI file magic detected (file-identify.rules)
 * 1:23750 <-> ENABLED <-> FILE-IDENTIFY Microsoft Money file magic detected (file-identify.rules)
 * 1:23751 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office PowerPoint file magic detected (file-identify.rules)
 * 1:23752 <-> ENABLED <-> FILE-IDENTIFY cy3 Cytel Studio file magic detected (file-identify.rules)
 * 1:23753 <-> ENABLED <-> FILE-IDENTIFY Visio file magic detected (file-identify.rules)
 * 1:23754 <-> ENABLED <-> FILE-IDENTIFY AVI Video file magic detected (file-identify.rules)
 * 1:23755 <-> ENABLED <-> FILE-IDENTIFY Cisco Webex Player .wrf file magic detected (file-identify.rules)
 * 1:23758 <-> ENABLED <-> FILE-IDENTIFY XML file magic detected (file-identify.rules)
 * 1:23759 <-> ENABLED <-> FILE-IDENTIFY XML file magic detected (file-identify.rules)
 * 1:23760 <-> ENABLED <-> FILE-IDENTIFY WAV file magic detected (file-identify.rules)
 * 1:23761 <-> ENABLED <-> FILE-IDENTIFY AVI file magic detected (file-identify.rules)
 * 1:23762 <-> ENABLED <-> FILE-IDENTIFY PFA file magic detected (file-identify.rules)
 * 1:23763 <-> ENABLED <-> FILE-IDENTIFY HPJ file magic detected (file-identify.rules)
 * 1:23764 <-> ENABLED <-> FILE-IDENTIFY Adobe Download Manager aom file magic detected (file-identify.rules)
 * 1:23765 <-> ENABLED <-> FILE-IDENTIFY Apple Quicktime FLIC file magic detected (file-identify.rules)
 * 1:23766 <-> ENABLED <-> FILE-IDENTIFY EMF file magic detected (file-identify.rules)
 * 1:23774 <-> ENABLED <-> FILE-IDENTIFY NAB file magic detected (file-identify.rules)
 * 1:23807 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file download request (file-identify.rules)
 * 1:23808 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23809 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23810 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file download request (file-identify.rules)
 * 1:23811 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23812 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23813 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file download request (file-identify.rules)
 * 1:23814 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23815 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23816 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file download request (file-identify.rules)
 * 1:23817 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23818 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23819 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file download request (file-identify.rules)
 * 1:23820 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23821 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23822 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file magic detected (file-identify.rules)
 * 1:23823 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file magic detected (file-identify.rules)
 * 1:23839 <-> ENABLED <-> OS-WINDOWS Microsoft Windows SMB RAP API NetServerEnum2 long server name buffer overflow attempt (os-windows.rules)
 * 1:24004 <-> ENABLED <-> FILE-OFFICE Microsoft Office MSCOMCTL ActiveX control tabstrip method access (file-office.rules)
 * 1:24005 <-> ENABLED <-> FILE-OFFICE Microsoft Office MSCOMCTL ActiveX control tabstrip method access (file-office.rules)
 * 1:24074 <-> ENABLED <-> FILE-IDENTIFY MP3 file download request (file-identify.rules)
 * 1:24075 <-> ENABLED <-> FILE-IDENTIFY MP3 file attachment detected (file-identify.rules)
 * 1:24076 <-> ENABLED <-> FILE-IDENTIFY MP3 file attachment detected (file-identify.rules)
 * 1:24078 <-> ENABLED <-> FILE-IDENTIFY RMF file attachment detected (file-identify.rules)
 * 1:24079 <-> ENABLED <-> FILE-IDENTIFY RMF file attachment detected (file-identify.rules)
 * 1:24080 <-> ENABLED <-> FILE-IDENTIFY Microsoft Works file attachment detected (file-identify.rules)
 * 1:24081 <-> ENABLED <-> FILE-IDENTIFY Microsoft Works file attachment detected (file-identify.rules)
 * 1:24089 <-> ENABLED <-> OS-WINDOWS Microsoft WebDAV PROPFIND request (os-windows.rules)
 * 1:24100 <-> ENABLED <-> FILE-IDENTIFY PLF file attachment detected (file-identify.rules)
 * 1:24101 <-> ENABLED <-> FILE-IDENTIFY PLF file attachment detected (file-identify.rules)
 * 1:2419 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer .ram playlist file download request (file-identify.rules)
 * 1:24190 <-> ENABLED <-> FILE-IDENTIFY X PixMap file magic detected (file-identify.rules)
 * 1:2420 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer .rmp playlist file download request (file-identify.rules)
 * 1:24206 <-> ENABLED <-> FILE-IDENTIFY LZH archive file magic detected (file-identify.rules)
 * 1:24213 <-> ENABLED <-> FILE-IDENTIFY MP4 file magic detected (file-identify.rules)
 * 1:24218 <-> ENABLED <-> FILE-IDENTIFY SMIL file magic detected (file-identify.rules)
 * 1:24219 <-> ENABLED <-> FILE-IDENTIFY SMIL file magic detected (file-identify.rules)
 * 1:2422 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer .rt playlist file download request (file-identify.rules)
 * 1:2423 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer .rp playlist file download request (file-identify.rules)
 * 1:24313 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Operations Agent request attempt (server-webapp.rules)
 * 1:2436 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Audio wmf file download request (file-identify.rules)
 * 1:24455 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detected (file-identify.rules)
 * 1:24456 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detected (file-identify.rules)
 * 1:24457 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detected (file-identify.rules)
 * 1:24458 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detected (file-identify.rules)
 * 1:24463 <-> ENABLED <-> FILE-IDENTIFY TIFF file attachment detected (file-identify.rules)
 * 1:24464 <-> ENABLED <-> FILE-IDENTIFY TIFF file attachment detected (file-identify.rules)
 * 1:24465 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows WMF file magic detected (file-identify.rules)
 * 1:24472 <-> ENABLED <-> FILE-IDENTIFY FLV file attachment detected (file-identify.rules)
 * 1:24473 <-> ENABLED <-> FILE-IDENTIFY FLV file attachment detected (file-identify.rules)

2017-10-24 15:02:46 UTC

Snort Subscriber Rules Update

Date: 2017-10-24

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2983.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:44639 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Quimonk variant outbound connection detected (malware-cnc.rules)
 * 1:44634 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack command injection attempt (server-other.rules)
 * 1:44641 <-> DISABLED <-> POLICY-OTHER SERVER-WEBAPP Symantec Endpoint Protection Manager authentication lock bypass attempt (policy-other.rules)
 * 1:44643 <-> DISABLED <-> SERVER-OTHER Mikrotik RouterOS denial of service attempt (server-other.rules)
 * 1:44635 <-> DISABLED <-> BROWSER-IE Microsoft Edge sandbox escape attempt (browser-ie.rules)
 * 1:44633 <-> DISABLED <-> SERVER-OTHER Colorado FTP Server directory traversal attempt (server-other.rules)
 * 1:44642 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center getSelInsBean Java expression language injection attempt (server-webapp.rules)
 * 1:44637 <-> DISABLED <-> PROTOCOL-RPC Linux kernel nfsd nfsd4_layout_verify out of bounds read attempt (protocol-rpc.rules)
 * 1:44638 <-> DISABLED <-> PROTOCOL-RPC Linux kernel nfsd nfsd4_layout_verify out of bounds read attempt (protocol-rpc.rules)
 * 1:44640 <-> DISABLED <-> POLICY-OTHER WPA2 key reuse tool attempt (policy-other.rules)
 * 1:44636 <-> DISABLED <-> BROWSER-IE Microsoft Edge sandbox escape attempt (browser-ie.rules)

Modified Rules:


 * 1:24821 <-> ENABLED <-> FILE-IDENTIFY Computer Graphics Metafile file attachment detected (file-identify.rules)
 * 1:42371 <-> ENABLED <-> FILE-IDENTIFY gzip compressed file detected (file-identify.rules)
 * 1:43002 <-> ENABLED <-> PROTOCOL-OTHER NETBIOS SMB IPC share access attempt (protocol-other.rules)
 * 1:43003 <-> ENABLED <-> PROTOCOL-OTHER NETBIOS SMB IPC share access attempt (protocol-other.rules)
 * 1:43363 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Audio wmf file magic detected (file-identify.rules)
 * 1:43364 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Audio wmf file magic detected (file-identify.rules)
 * 1:43891 <-> ENABLED <-> MALWARE-OTHER Win.Malware.Emotet variant lateral propagation (malware-other.rules)
 * 1:44030 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office PowerPoint ppt file attachment detected file attachment detected (file-identify.rules)
 * 1:44231 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word doc file attachment detected (file-identify.rules)
 * 1:44275 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file attachment detected (file-identify.rules)
 * 1:44388 <-> ENABLED <-> SERVER-WEBAPP D-Link getcfg.php credential disclosure attempt (server-webapp.rules)
 * 1:6010 <-> ENABLED <-> SERVER-OTHER VERITAS NetBackup vnetd connection attempt (server-other.rules)
 * 1:6404 <-> ENABLED <-> SERVER-OTHER Veritas NetBackup Volume Manager connection attempt (server-other.rules)
 * 1:6469 <-> ENABLED <-> SERVER-OTHER RealVNC connection attempt (server-other.rules)
 * 1:7111 <-> ENABLED <-> MALWARE-BACKDOOR fearless lite 1.01 runtime detection (malware-backdoor.rules)
 * 1:8355 <-> ENABLED <-> MALWARE-OTHER Keylogger spybuddy 3.72 runtime detection (malware-other.rules)
 * 1:9845 <-> ENABLED <-> FILE-IDENTIFY M3U file magic detected (file-identify.rules)
 * 1:42369 <-> ENABLED <-> FILE-IDENTIFY gzip compressed file detected (file-identify.rules)
 * 1:24710 <-> ENABLED <-> FILE-IDENTIFY Netop Remote Control file attachment detected (file-identify.rules)
 * 1:24819 <-> ENABLED <-> FILE-IDENTIFY M4V file magic detected (file-identify.rules)
 * 1:33221 <-> ENABLED <-> MALWARE-CNC Win.Trojan.HawkEye Keylogger exfiltration attempt - clipboard and screenshot (malware-cnc.rules)
 * 1:30969 <-> ENABLED <-> EXPLOIT-KIT CritX exploit kit outbound request for Microsoft Internet Explorer landing page (exploit-kit.rules)
 * 1:24818 <-> ENABLED <-> FILE-IDENTIFY M4V file magic detected (file-identify.rules)
 * 1:30014 <-> ENABLED <-> FILE-IDENTIFY OS/2 Metafile file magic detected (file-identify.rules)
 * 1:25034 <-> ENABLED <-> FILE-IDENTIFY Microsoft Silverlight application file attachment detected (file-identify.rules)
 * 1:24902 <-> ENABLED <-> FILE-IDENTIFY JNLP file attachment detected (file-identify.rules)
 * 1:29612 <-> ENABLED <-> FILE-IDENTIFY XPS file attachment detected (file-identify.rules)
 * 1:36826 <-> ENABLED <-> SERVER-OTHER Java Library CommonsCollection unauthorized serialized object attempt (server-other.rules)
 * 1:40521 <-> ENABLED <-> MALWARE-CNC Unix.Trojan.Mirai variant post compromise download (malware-cnc.rules)
 * 1:25308 <-> ENABLED <-> FILE-IDENTIFY Adobe Audition Session file attachment detected (file-identify.rules)
 * 1:32345 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector - initiate connection (server-other.rules)
 * 1:29274 <-> ENABLED <-> FILE-IDENTIFY XFDL file attachment detected (file-identify.rules)
 * 1:32005 <-> ENABLED <-> MALWARE-BACKDOOR AlienSpy RAT outbound connection (malware-backdoor.rules)
 * 1:26084 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file attachment detected (file-identify.rules)
 * 1:24555 <-> ENABLED <-> FILE-IDENTIFY Apple QuickTime PICT v2.0 Image header (file-identify.rules)
 * 1:25515 <-> ENABLED <-> FILE-IDENTIFY Portable Executable binary file magic detected (file-identify.rules)
 * 1:28896 <-> ENABLED <-> FILE-IDENTIFY eSignal .quo file attachment detected (file-identify.rules)
 * 1:28370 <-> ENABLED <-> FILE-IDENTIFY CIS file attachment detected (file-identify.rules)
 * 1:26458 <-> ENABLED <-> FILE-IDENTIFY Stream redirector file download request (file-identify.rules)
 * 1:38863 <-> ENABLED <-> FILE-IDENTIFY Hancom Hangul Office Document file attachment detected (file-identify.rules)
 * 1:38461 <-> ENABLED <-> OS-WINDOWS DCERPC Bind auth level packet privacy connection detected (os-windows.rules)
 * 1:3081 <-> ENABLED <-> MALWARE-BACKDOOR Y3KRAT 1.5 Connect (malware-backdoor.rules)
 * 1:31831 <-> ENABLED <-> POLICY-OTHER QLogic Switch 5600/5800 default ftp login attempt (policy-other.rules)
 * 1:24484 <-> ENABLED <-> FILE-IDENTIFY Embedded Open Type Font file magic detected (file-identify.rules)
 * 1:24719 <-> ENABLED <-> PROTOCOL-VOIP Digium Asterisk SCCP call state message offhook (protocol-voip.rules)
 * 1:26492 <-> ENABLED <-> FILE-IDENTIFY KingView KingMessage log file download request (file-identify.rules)
 * 1:38864 <-> ENABLED <-> FILE-IDENTIFY Hancom Hangul Office Document file attachment detected (file-identify.rules)
 * 1:40235 <-> ENABLED <-> MALWARE-CNC Installation Keylogger Osx.Trojan.Mokes ping request (malware-cnc.rules)
 * 1:42332 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Doublepulsar variant ping command (malware-cnc.rules)
 * 1:26494 <-> ENABLED <-> FILE-IDENTIFY KingView KingMessage log file attachment detected (file-identify.rules)
 * 1:32525 <-> ENABLED <-> BROWSER-OTHER FreeBSD tnftp client detected (browser-other.rules)
 * 1:26065 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word docm file attachment detected (file-identify.rules)
 * 1:24825 <-> ENABLED <-> FILE-IDENTIFY RealPlayer skin file attachment detected (file-identify.rules)
 * 1:29439 <-> ENABLED <-> FILE-IDENTIFY MSI file download request (file-identify.rules)
 * 1:30016 <-> ENABLED <-> FILE-IDENTIFY OS/2 Metafile file attachment detected (file-identify.rules)
 * 1:28573 <-> ENABLED <-> FILE-IDENTIFY FDF file magic detected (file-identify.rules)
 * 1:32253 <-> ENABLED <-> FILE-IDENTIFY Basic Control Engine file download request (file-identify.rules)
 * 1:36748 <-> ENABLED <-> FILE-IDENTIFY TTF file attachment detected (file-identify.rules)
 * 1:36058 <-> ENABLED <-> FILE-IDENTIFY OLE Document upload detected (file-identify.rules)
 * 1:3142 <-> ENABLED <-> NETBIOS SMB-DS Trans2 FIND_FIRST2 andx attempt (netbios.rules)
 * 1:37546 <-> ENABLED <-> SERVER-OTHER Veritas NetBackup Volume Manager connection attempt (server-other.rules)
 * 1:35433 <-> ENABLED <-> FILE-IDENTIFY M4A file magic detected (file-identify.rules)
 * 1:4143 <-> ENABLED <-> SERVER-OTHER lpd receive printer job cascade adaptor protocol request (server-other.rules)
 * 1:25307 <-> ENABLED <-> FILE-IDENTIFY Adobe Audition Session file attachment detected (file-identify.rules)
 * 1:32877 <-> ENABLED <-> EXPLOIT-KIT Nuclear exploit kit outbound Adobe Flash exploit request (exploit-kit.rules)
 * 1:29385 <-> ENABLED <-> FILE-IDENTIFY Adobe AIR file attachment detected (file-identify.rules)
 * 1:26085 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file attachment detected (file-identify.rules)
 * 1:35458 <-> ENABLED <-> FILE-IDENTIFY Adobe LZMA compressed Flash file magic detected (file-identify.rules)
 * 1:32878 <-> ENABLED <-> EXPLOIT-KIT Nuclear exploit kit outbound Adobe Flash exploit request (exploit-kit.rules)
 * 1:28899 <-> ENABLED <-> FILE-IDENTIFY eSignal .por file attachment detected (file-identify.rules)
 * 1:28369 <-> ENABLED <-> FILE-IDENTIFY CIS file attachment detected (file-identify.rules)
 * 1:33026 <-> ENABLED <-> FILE-IDENTIFY Publish-iT PUI file attachment detected (file-identify.rules)
 * 1:27121 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector - initiate connection (server-other.rules)
 * 1:25305 <-> ENABLED <-> FILE-IDENTIFY Adobe Audition Session file magic detected (file-identify.rules)
 * 1:31774 <-> ENABLED <-> FILE-IDENTIFY BitTorrent torrent file attachment detected (file-identify.rules)
 * 1:3140 <-> ENABLED <-> NETBIOS SMB Trans2 FIND_FIRST2 andx attempt (netbios.rules)
 * 1:29405 <-> ENABLED <-> FILE-IDENTIFY Microsoft Internet Shortcut file attachment detected (file-identify.rules)
 * 1:40018 <-> ENABLED <-> FILE-IDENTIFY Hierarchal Data Format file attachment detected (file-identify.rules)
 * 1:40019 <-> ENABLED <-> FILE-IDENTIFY Hierarchal Data Format file attachment detected (file-identify.rules)
 * 1:29276 <-> ENABLED <-> FILE-IDENTIFY XFDL file download request (file-identify.rules)
 * 1:29275 <-> ENABLED <-> FILE-IDENTIFY XFDL file attachment detected (file-identify.rules)
 * 1:25513 <-> ENABLED <-> FILE-IDENTIFY Portable Executable download detected (file-identify.rules)
 * 1:38865 <-> ENABLED <-> FILE-IDENTIFY Hancom Hangul Office Document file magic detected (file-identify.rules)
 * 1:37788 <-> ENABLED <-> FILE-IDENTIFY Adobe Texture Format file download request (file-identify.rules)
 * 1:37786 <-> ENABLED <-> FILE-IDENTIFY Adobe Texture Format file attachment detected (file-identify.rules)
 * 1:40520 <-> ENABLED <-> MALWARE-CNC Unix.Trojan.Mirai variant post compromise download (malware-cnc.rules)
 * 1:24816 <-> ENABLED <-> FILE-IDENTIFY MP4 file magic detected (file-identify.rules)
 * 1:29162 <-> ENABLED <-> FILE-IDENTIFY CIS file download request (file-identify.rules)
 * 1:30017 <-> ENABLED <-> FILE-IDENTIFY OS/2 Metafile file magic detected (file-identify.rules)
 * 1:29613 <-> ENABLED <-> FILE-IDENTIFY XPS file attachment detected (file-identify.rules)
 * 1:26429 <-> ENABLED <-> FILE-FLASH Adobe Flash Player RTMP malformed onStatus message type confusion attempt (file-flash.rules)
 * 1:40119 <-> ENABLED <-> FILE-IDENTIFY Microsoft Excel XLSB file attachment detected (file-identify.rules)
 * 1:28894 <-> ENABLED <-> FILE-IDENTIFY eSignal .ets file attachment detected (file-identify.rules)
 * 1:29384 <-> ENABLED <-> FILE-IDENTIFY Adobe AIR file download request (file-identify.rules)
 * 1:24599 <-> ENABLED <-> FILE-IDENTIFY Alt-N MDaemon IMAP Server (file-identify.rules)
 * 1:24826 <-> ENABLED <-> FILE-IDENTIFY RealPlayer skin file attachment detected (file-identify.rules)
 * 1:38866 <-> ENABLED <-> FILE-IDENTIFY Hancom Hangul Office Document file magic detected (file-identify.rules)
 * 1:25032 <-> ENABLED <-> FILE-IDENTIFY Microsoft Silverlight application file download request (file-identify.rules)
 * 1:40036 <-> ENABLED <-> FILE-IDENTIFY XLSB file magic detected (file-identify.rules)
 * 1:40981 <-> ENABLED <-> FILE-IDENTIFY ico file attachment detected (file-identify.rules)
 * 1:29607 <-> ENABLED <-> SERVER-OTHER Novell ZENworks Handheld Management ZfHIPCND.exe buffer overflow attempt (server-other.rules)
 * 1:24820 <-> ENABLED <-> FILE-IDENTIFY Computer Graphics Metafile file download request (file-identify.rules)
 * 1:32134 <-> ENABLED <-> FILE-IDENTIFY XBM file attachment detected (file-identify.rules)
 * 1:26058 <-> ENABLED <-> FILE-IDENTIFY ZIP file attachment detected (file-identify.rules)
 * 1:36531 <-> ENABLED <-> FILE-IDENTIFY Oracle Java JMX management loading mlet detected (file-identify.rules)
 * 1:24824 <-> ENABLED <-> FILE-IDENTIFY RealPlayer skin file download request (file-identify.rules)
 * 1:31773 <-> ENABLED <-> FILE-IDENTIFY BitTorrent torrent file attachment detected (file-identify.rules)
 * 1:27542 <-> ENABLED <-> FILE-IDENTIFY Python bytecode file magic detected (file-identify.rules)
 * 1:33028 <-> ENABLED <-> FILE-IDENTIFY Publish-iT PUI file download request (file-identify.rules)
 * 1:26466 <-> ENABLED <-> FILE-IDENTIFY XUL file attachment detected (file-identify.rules)
 * 1:40519 <-> ENABLED <-> MALWARE-CNC Unix.Trojan.Mirai variant post compromise download (malware-cnc.rules)
 * 1:28570 <-> ENABLED <-> FILE-IDENTIFY FDF file magic detected (file-identify.rules)
 * 1:26493 <-> ENABLED <-> FILE-IDENTIFY KingView KingMessage log file attachment detected (file-identify.rules)
 * 1:32380 <-> ENABLED <-> FILE-IDENTIFY dib file attachment detected (file-identify.rules)
 * 1:28572 <-> ENABLED <-> FILE-IDENTIFY FDF file attachment detected (file-identify.rules)
 * 1:37785 <-> ENABLED <-> FILE-IDENTIFY Adobe Texture Format file attachment detected (file-identify.rules)
 * 1:28571 <-> ENABLED <-> FILE-IDENTIFY FDF file attachment detected (file-identify.rules)
 * 1:38862 <-> ENABLED <-> FILE-IDENTIFY Hancom Hangul Office Document file download request (file-identify.rules)
 * 1:24901 <-> ENABLED <-> FILE-IDENTIFY JNLP file download request (file-identify.rules)
 * 1:29514 <-> ENABLED <-> OS-WINDOWS Microsoft Windows SMB Microsoft Windows Remote Administration Protocol usage attempt (os-windows.rules)
 * 1:35852 <-> ENABLED <-> FILE-IDENTIFY JPEG file upload detected (file-identify.rules)
 * 1:29407 <-> ENABLED <-> FILE-IDENTIFY Microsoft Internet Shortcut file download request (file-identify.rules)
 * 1:26456 <-> ENABLED <-> FILE-IDENTIFY Stream redirector file attachment detected (file-identify.rules)
 * 1:3141 <-> ENABLED <-> NETBIOS SMB-DS Trans2 FIND_FIRST2 attempt (netbios.rules)
 * 1:35459 <-> ENABLED <-> FILE-IDENTIFY Adobe LZMA compressed Flash file download request (file-identify.rules)
 * 1:31703 <-> ENABLED <-> FILE-IDENTIFY Microsoft Silverlight application file magic detected (file-identify.rules)
 * 1:30018 <-> ENABLED <-> FILE-IDENTIFY OS/2 Metafile file download request (file-identify.rules)
 * 1:25602 <-> ENABLED <-> SERVER-OTHER Sybase Open Server TDS login request (server-other.rules)
 * 1:24554 <-> ENABLED <-> FILE-IDENTIFY Apple QuickTime PICT v2.0 Image header (file-identify.rules)
 * 1:35457 <-> ENABLED <-> FILE-IDENTIFY Adobe LZMA compressed Flash file attachment detected (file-identify.rules)
 * 1:40979 <-> ENABLED <-> FILE-IDENTIFY ico file download request (file-identify.rules)
 * 1:37784 <-> ENABLED <-> FILE-IDENTIFY Adobe Texture Format file magic detected (file-identify.rules)
 * 1:29386 <-> ENABLED <-> FILE-IDENTIFY Adobe AIR file attachment detected (file-identify.rules)
 * 1:31701 <-> ENABLED <-> EXPLOIT-KIT Hanjuan exploit kit Silverlight exploit request (exploit-kit.rules)
 * 1:25033 <-> ENABLED <-> FILE-IDENTIFY Microsoft Silverlight application file attachment detected (file-identify.rules)
 * 1:26083 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file download request (file-identify.rules)
 * 1:24817 <-> ENABLED <-> FILE-IDENTIFY MP4 file magic detected (file-identify.rules)
 * 1:28367 <-> ENABLED <-> FILE-IDENTIFY CIS file magic detected (file-identify.rules)
 * 1:32251 <-> ENABLED <-> FILE-IDENTIFY Basic Control Engine file attachment detected (file-identify.rules)
 * 1:26251 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detected (file-identify.rules)
 * 1:37787 <-> ENABLED <-> FILE-IDENTIFY Adobe Texture Format file magic detected (file-identify.rules)
 * 1:31871 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detection (file-identify.rules)
 * 1:42363 <-> ENABLED <-> FILE-IDENTIFY bzip2 compressed file detected (file-identify.rules)
 * 1:3136 <-> ENABLED <-> NETBIOS SMB Trans2 QUERY_FILE_INFO andx attempt (netbios.rules)
 * 1:27741 <-> ENABLED <-> EXPLOIT-KIT Zip file downloaded by Java (exploit-kit.rules)
 * 1:40035 <-> ENABLED <-> FILE-IDENTIFY XLSB file magic detected (file-identify.rules)
 * 1:40021 <-> ENABLED <-> FILE-IDENTIFY Hierarchal Data Format file magic detected (file-identify.rules)
 * 1:30972 <-> ENABLED <-> EXPLOIT-KIT CritX exploit kit outbound request for Microsoft Silverlight landing page (exploit-kit.rules)
 * 1:24903 <-> ENABLED <-> FILE-IDENTIFY JNLP file attachment detected (file-identify.rules)
 * 1:35455 <-> ENABLED <-> FILE-IDENTIFY Adobe LZMA compressed Flash file magic detected (file-identify.rules)
 * 1:40120 <-> ENABLED <-> FILE-IDENTIFY Microsoft Excel XLSB file attachment detected (file-identify.rules)
 * 1:28895 <-> ENABLED <-> FILE-IDENTIFY eSignal .por file attachment detected (file-identify.rules)
 * 1:28610 <-> ENABLED <-> EXPLOIT-KIT Sakura exploit kit exploit payload retreive attempt (exploit-kit.rules)
 * 1:35432 <-> ENABLED <-> FILE-IDENTIFY M4A file magic detected (file-identify.rules)
 * 1:33027 <-> ENABLED <-> FILE-IDENTIFY Publish-iT PUI file attachment detected (file-identify.rules)
 * 1:26064 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word docm file attachment detected (file-identify.rules)
 * 1:26457 <-> ENABLED <-> FILE-IDENTIFY Stream redirector file attachment detected (file-identify.rules)
 * 1:31775 <-> ENABLED <-> FILE-IDENTIFY BitTorrent torrent file attachment detected (file-identify.rules)
 * 1:30015 <-> ENABLED <-> FILE-IDENTIFY OS/2 Metafile file attachment detected (file-identify.rules)
 * 1:25041 <-> ENABLED <-> EXPLOIT-KIT Java User-Agent flowbit set (exploit-kit.rules)
 * 1:24822 <-> ENABLED <-> FILE-IDENTIFY Computer Graphics Metafile file attachment detected (file-identify.rules)
 * 1:31702 <-> ENABLED <-> FILE-IDENTIFY Microsoft Silverlight application file magic detected (file-identify.rules)
 * 1:3135 <-> ENABLED <-> NETBIOS SMB Trans2 QUERY_FILE_INFO attempt (netbios.rules)
 * 1:26465 <-> ENABLED <-> FILE-IDENTIFY XUL file attachment detected (file-identify.rules)
 * 1:28497 <-> ENABLED <-> FILE-IDENTIFY WordPerfect file magic detected (file-identify.rules)
 * 1:3138 <-> ENABLED <-> NETBIOS SMB-DS Trans2 QUERY_FILE_INFO andx attempt (netbios.rules)
 * 1:35456 <-> ENABLED <-> FILE-IDENTIFY Adobe LZMA compressed Flash file attachment detected (file-identify.rules)
 * 1:40017 <-> ENABLED <-> FILE-IDENTIFY Hierarchal Data Format file download request (file-identify.rules)
 * 1:27543 <-> ENABLED <-> FILE-IDENTIFY Python bytecode file magic detected (file-identify.rules)
 * 1:24708 <-> ENABLED <-> FILE-IDENTIFY Netop Remote Control file download request (file-identify.rules)
 * 1:28897 <-> ENABLED <-> FILE-IDENTIFY eSignal .sum file attachment detected (file-identify.rules)
 * 1:32252 <-> ENABLED <-> FILE-IDENTIFY Basic Control Engine file attachment detected (file-identify.rules)
 * 1:32135 <-> ENABLED <-> FILE-IDENTIFY XBM file attachment detected (file-identify.rules)
 * 1:3139 <-> ENABLED <-> NETBIOS SMB Trans2 FIND_FIRST2 attempt (netbios.rules)
 * 1:28425 <-> ENABLED <-> OS-WINDOWS Microsoft Windows SMB Microsoft Windows Remote Administration Protocol usage attempt (os-windows.rules)
 * 1:40118 <-> ENABLED <-> FILE-IDENTIFY Microsoft Excel XLSB file download request (file-identify.rules)
 * 1:28574 <-> ENABLED <-> FILE-IDENTIFY FDF file download request (file-identify.rules)
 * 1:32165 <-> ENABLED <-> FILE-IDENTIFY SVG file magic detected (file-identify.rules)
 * 1:28901 <-> ENABLED <-> FILE-IDENTIFY eSignal .ets file download request (file-identify.rules)
 * 1:31776 <-> ENABLED <-> FILE-IDENTIFY BitTorrent torrent file attachment detected (file-identify.rules)
 * 1:28368 <-> ENABLED <-> FILE-IDENTIFY CIS file magic detected (file-identify.rules)
 * 1:40020 <-> ENABLED <-> FILE-IDENTIFY Hierarchal Data Format file magic detected (file-identify.rules)
 * 1:29614 <-> ENABLED <-> FILE-IDENTIFY XPS file download request (file-identify.rules)
 * 1:3551 <-> ENABLED <-> FILE-IDENTIFY HTA file download request (file-identify.rules)
 * 1:32378 <-> ENABLED <-> FILE-IDENTIFY bmp file attachment detected (file-identify.rules)
 * 1:28898 <-> ENABLED <-> FILE-IDENTIFY eSignal .ets file attachment detected (file-identify.rules)
 * 1:24709 <-> ENABLED <-> FILE-IDENTIFY Netop Remote Control file attachment detected (file-identify.rules)
 * 1:32880 <-> ENABLED <-> EXPLOIT-KIT Nuclear exploit kit outbound payload request (exploit-kit.rules)
 * 1:36711 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows .NET Application file attachment detected (file-identify.rules)
 * 1:26063 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word docm file download request (file-identify.rules)
 * 1:28900 <-> ENABLED <-> FILE-IDENTIFY eSignal .sum file attachment detected (file-identify.rules)
 * 1:29406 <-> ENABLED <-> FILE-IDENTIFY Microsoft Internet Shortcut file attachment detected (file-identify.rules)
 * 1:40980 <-> ENABLED <-> FILE-IDENTIFY ico file attachment detected (file-identify.rules)
 * 1:25306 <-> ENABLED <-> FILE-IDENTIFY Adobe Audition Session file download request (file-identify.rules)
 * 1:3137 <-> ENABLED <-> NETBIOS SMB-DS Trans2 QUERY_FILE_INFO attempt (netbios.rules)
 * 1:35688 <-> ENABLED <-> PROTOCOL-OTHER MiniUPNP rootdesc.xml file request (protocol-other.rules)
 * 1:42367 <-> ENABLED <-> FILE-IDENTIFY XZ compressed file detected (file-identify.rules)
 * 1:25514 <-> ENABLED <-> FILE-IDENTIFY Portable Executable download detected (file-identify.rules)
 * 1:42368 <-> ENABLED <-> FILE-IDENTIFY XZ compressed file detected (file-identify.rules)
 * 1:26057 <-> ENABLED <-> FILE-IDENTIFY ZIP file download detected (file-identify.rules)
 * 1:42364 <-> ENABLED <-> FILE-IDENTIFY bzip2 compressed file detected (file-identify.rules)
 * 1:42365 <-> ENABLED <-> FILE-IDENTIFY bzip2 compressed file detected (file-identify.rules)
 * 1:42366 <-> ENABLED <-> FILE-IDENTIFY XZ compressed file detected (file-identify.rules)
 * 1:11004 <-> ENABLED <-> PROTOCOL-IMAP CRAM-MD5 authentication request detected (protocol-imap.rules)
 * 1:42370 <-> ENABLED <-> FILE-IDENTIFY gzip compressed file detected (file-identify.rules)
 * 1:11835 <-> ENABLED <-> FILE-IDENTIFY Visio file magic detected (file-identify.rules)
 * 1:12182 <-> ENABLED <-> FILE-IDENTIFY Adobe Flash Video file magic detected (file-identify.rules)
 * 1:12283 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel xlw file magic detected (file-identify.rules)
 * 1:12454 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media ASF file magic detected (file-identify.rules)
 * 1:12455 <-> ENABLED <-> FILE-IDENTIFY SAP Crystal Reports file download request (file-identify.rules)
 * 1:12972 <-> ENABLED <-> FILE-IDENTIFY Microsoft Media Player asf/wmv/wma file magic detected (file-identify.rules)
 * 1:13465 <-> ENABLED <-> FILE-IDENTIFY Microsoft Works file download request (file-identify.rules)
 * 1:13473 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Publisher file download request (file-identify.rules)
 * 1:13515 <-> ENABLED <-> FILE-MULTIMEDIA Apple QuickTime user agent (file-multimedia.rules)
 * 1:13583 <-> ENABLED <-> FILE-IDENTIFY Microsoft SYmbolic LinK file download request (file-identify.rules)
 * 1:13585 <-> ENABLED <-> FILE-IDENTIFY Microsoft SYmbolic LinK file magic detected (file-identify.rules)
 * 1:13801 <-> ENABLED <-> FILE-IDENTIFY RTF file download request (file-identify.rules)
 * 1:14017 <-> ENABLED <-> FILE-IDENTIFY MPEG Layer 3 playlist file download request (file-identify.rules)
 * 1:14018 <-> ENABLED <-> FILE-IDENTIFY PLS multimedia playlist file download request (file-identify.rules)
 * 1:15013 <-> ENABLED <-> FILE-IDENTIFY PDF file download request (file-identify.rules)
 * 1:15079 <-> ENABLED <-> FILE-IDENTIFY WAV file download request (file-identify.rules)
 * 1:15158 <-> ENABLED <-> FILE-IDENTIFY XML Shareable Playlist Format file download request (file-identify.rules)
 * 1:15237 <-> ENABLED <-> FILE-IDENTIFY Java .class file download request (file-identify.rules)
 * 1:15239 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealMedia format file download request (file-identify.rules)
 * 1:15240 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealMedia format file download request (file-identify.rules)
 * 1:15294 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Visio file download request (file-identify.rules)
 * 1:15427 <-> ENABLED <-> FILE-IDENTIFY SVG file download request (file-identify.rules)
 * 1:15463 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file download request (file-identify.rules)
 * 1:15464 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file download request (file-identify.rules)
 * 1:15468 <-> ENABLED <-> BROWSER-IE Apple Safari-Internet Explorer SearchPath blended threat dll request (browser-ie.rules)
 * 1:15483 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file download request (file-identify.rules)
 * 1:15516 <-> ENABLED <-> FILE-IDENTIFY AVI multimedia file download request (file-identify.rules)
 * 1:15518 <-> ENABLED <-> FILE-IDENTIFY Embedded Open Type Font file download request (file-identify.rules)
 * 1:15586 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office PowerPoint file download request (file-identify.rules)
 * 1:15587 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word file download request (file-identify.rules)
 * 1:15865 <-> ENABLED <-> FILE-IDENTIFY MP4 file download request (file-identify.rules)
 * 1:15870 <-> ENABLED <-> FILE-IDENTIFY 4XM file download request (file-identify.rules)
 * 1:15900 <-> ENABLED <-> FILE-IDENTIFY Audio Interchange file download request (file-identify.rules)
 * 1:15922 <-> ENABLED <-> FILE-IDENTIFY MP3 file download request (file-identify.rules)
 * 1:15945 <-> ENABLED <-> FILE-IDENTIFY RSS file download request (file-identify.rules)
 * 1:15987 <-> ENABLED <-> FILE-IDENTIFY DXF file download request (file-identify.rules)
 * 1:16061 <-> ENABLED <-> FILE-IDENTIFY X PixMap file download request (file-identify.rules)
 * 1:16143 <-> ENABLED <-> FILE-IDENTIFY Microsoft asf file magic detected (file-identify.rules)
 * 1:16205 <-> ENABLED <-> FILE-IDENTIFY BMP file download request (file-identify.rules)
 * 1:16219 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file download request (file-identify.rules)
 * 1:16286 <-> ENABLED <-> FILE-IDENTIFY TrueType font file download request (file-identify.rules)
 * 1:16381 <-> ENABLED <-> NETBIOS SMB session negotiation request (netbios.rules)
 * 1:16406 <-> ENABLED <-> FILE-IDENTIFY JPEG file download request (file-identify.rules)
 * 1:16407 <-> ENABLED <-> FILE-IDENTIFY JPEG file download request (file-identify.rules)
 * 1:16425 <-> ENABLED <-> FILE-IDENTIFY Portable Executable binary file download request (file-identify.rules)
 * 1:16473 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Movie Maker project file download request (file-identify.rules)
 * 1:16474 <-> ENABLED <-> FILE-IDENTIFY Microsoft Compound File Binary v3 file magic detected (file-identify.rules)
 * 1:16529 <-> ENABLED <-> FILE-IDENTIFY JPEG file download request (file-identify.rules)
 * 1:16594 <-> ENABLED <-> PROTOCOL-POP STAT command (protocol-pop.rules)
 * 1:16630 <-> ENABLED <-> FILE-IDENTIFY DAT file download request (file-identify.rules)
 * 1:16691 <-> ENABLED <-> FILE-IDENTIFY PLF playlist file download request (file-identify.rules)
 * 1:16754 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand andx create tree attempt (netbios.rules)
 * 1:16755 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand create tree attempt (netbios.rules)
 * 1:16756 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand unicode andx create tree attempt (netbios.rules)
 * 1:16757 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand unicode create tree attempt (netbios.rules)
 * 1:16758 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand andx create tree attempt (netbios.rules)
 * 1:16759 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand create tree attempt (netbios.rules)
 * 1:16760 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand unicode andx create tree attempt (netbios.rules)
 * 1:16761 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand unicode create tree attempt (netbios.rules)
 * 1:17116 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media ASX file download request (file-identify.rules)
 * 1:17151 <-> ENABLED <-> NETBIOS SMB negotiate protocol request - ascii strings (netbios.rules)
 * 1:17229 <-> ENABLED <-> FILE-IDENTIFY Tiff little endian file magic detected (file-identify.rules)
 * 1:17230 <-> ENABLED <-> FILE-IDENTIFY Tiff big endian file magic detected (file-identify.rules)
 * 1:17241 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media wmv file download request (file-identify.rules)
 * 1:17259 <-> ENABLED <-> FILE-IDENTIFY MOV file download request (file-identify.rules)
 * 1:17314 <-> ENABLED <-> FILE-IDENTIFY OLE document file magic detected (file-identify.rules)
 * 1:17327 <-> ENABLED <-> SERVER-MAIL Qualcomm WorldMail Server Response (server-mail.rules)
 * 1:17332 <-> ENABLED <-> SERVER-MAIL Content-Disposition attachment (server-mail.rules)
 * 1:17359 <-> ENABLED <-> FILE-IDENTIFY XBM image file download request (file-identify.rules)
 * 1:17364 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Help Workshop CNT Help file download request (file-identify.rules)
 * 1:17370 <-> ENABLED <-> SERVER-WEBAPP Squid authentication headers handling denial of service attempt (server-webapp.rules)
 * 1:17380 <-> ENABLED <-> FILE-IDENTIFY PNG file download request (file-identify.rules)
 * 1:17394 <-> ENABLED <-> FILE-IDENTIFY GIF file download request (file-identify.rules)
 * 1:17396 <-> ENABLED <-> SERVER-OTHER VNC client authentication response (server-other.rules)
 * 1:17418 <-> ENABLED <-> SERVER-ORACLE Oracle connection established (server-oracle.rules)
 * 1:17426 <-> ENABLED <-> FILE-IDENTIFY RAT file download request (file-identify.rules)
 * 1:17441 <-> ENABLED <-> FILE-IDENTIFY LNK file download request (file-identify.rules)
 * 1:17508 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows .NET Application file download request (file-identify.rules)
 * 1:17509 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows .NET Manifest file download request (file-identify.rules)
 * 1:17534 <-> ENABLED <-> SERVER-OTHER IPP Application Content (server-other.rules)
 * 1:17540 <-> ENABLED <-> FILE-IDENTIFY LZH file download request (file-identify.rules)
 * 1:17547 <-> ENABLED <-> FILE-IDENTIFY SMIL file download request (file-identify.rules)
 * 1:17552 <-> ENABLED <-> FILE-IDENTIFY Adobe Pagemaker file download request (file-identify.rules)
 * 1:17598 <-> ENABLED <-> SERVER-OTHER IBM DB2 Universal Database accsec command without rdbnam (server-other.rules)
 * 1:17600 <-> ENABLED <-> FILE-IDENTIFY XUL file download request (file-identify.rules)
 * 1:17679 <-> ENABLED <-> FILE-IDENTIFY Apple disk image file download request (file-identify.rules)
 * 1:17732 <-> ENABLED <-> FILE-IDENTIFY TIFF file download request (file-identify.rules)
 * 1:17733 <-> ENABLED <-> FILE-IDENTIFY XML file download request (file-identify.rules)
 * 1:17739 <-> ENABLED <-> FILE-IDENTIFY FlashPix file download request (file-identify.rules)
 * 1:17745 <-> ENABLED <-> NETBIOS SMB TRANS2 Find_First2 request attempt (netbios.rules)
 * 1:17751 <-> ENABLED <-> FILE-IDENTIFY OpenType Font file download request (file-identify.rules)
 * 1:17801 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file magic detected (file-identify.rules)
 * 1:17802 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file download request (file-identify.rules)
 * 1:17809 <-> ENABLED <-> FILE-IDENTIFY Apple Quicktime qt file download request (file-identify.rules)
 * 1:18234 <-> ENABLED <-> FILE-IDENTIFY QuickDraw/PICT file download request (file-identify.rules)
 * 1:18516 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word file download request (file-identify.rules)
 * 1:18593 <-> ENABLED <-> FILE-IDENTIFY BitTorrent torrent file download request (file-identify.rules)
 * 1:18675 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Fax Cover page document file download request (file-identify.rules)
 * 1:19128 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer REC file magic detected (file-identify.rules)
 * 1:19129 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer .r1m file magic detected (file-identify.rules)
 * 1:19166 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file magic detected (file-identify.rules)
 * 1:19190 <-> ENABLED <-> NETBIOS SMB-DS Trans2 Distributed File System GET_DFS_REFERRAL request (netbios.rules)
 * 1:19211 <-> ENABLED <-> FILE-IDENTIFY ZIP archive file download request (file-identify.rules)
 * 1:19215 <-> ENABLED <-> FILE-IDENTIFY Google Chrome extension file download request (file-identify.rules)
 * 1:19218 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Fax Cover page document file download request (file-identify.rules)
 * 1:19224 <-> ENABLED <-> FILE-IDENTIFY Cisco Webex wrf file download request (file-identify.rules)
 * 1:19289 <-> ENABLED <-> FILE-IDENTIFY MHTML file download request (file-identify.rules)
 * 1:19323 <-> ENABLED <-> SERVER-OTHER Novell ZENworks Handheld Management ZfHIPCND.exe buffer overflow attempt (server-other.rules)
 * 1:19422 <-> ENABLED <-> FILE-IDENTIFY matroska file magic detected (file-identify.rules)
 * 1:19423 <-> ENABLED <-> FILE-IDENTIFY MKV file download request (file-identify.rules)
 * 1:19424 <-> ENABLED <-> FILE-IDENTIFY MKA file download request (file-identify.rules)
 * 1:19425 <-> ENABLED <-> FILE-IDENTIFY MKS file download request (file-identify.rules)
 * 1:19430 <-> ENABLED <-> FILE-IDENTIFY MIDI file download request (file-identify.rules)
 * 1:19907 <-> ENABLED <-> FILE-IDENTIFY PICT file magic detected (file-identify.rules)
 * 1:20032 <-> ENABLED <-> FILE-IDENTIFY MIME file type file download request (file-identify.rules)
 * 1:20223 <-> ENABLED <-> FILE-IDENTIFY SMI file download request (file-identify.rules)
 * 1:20260 <-> ENABLED <-> FILE-IDENTIFY Microsoft Client Agent Helper JAR file download request (file-identify.rules)
 * 1:20282 <-> ENABLED <-> FILE-IDENTIFY S3M file download request (file-identify.rules)
 * 1:20287 <-> ENABLED <-> FILE-IDENTIFY QCP file download request (file-identify.rules)
 * 1:20450 <-> ENABLED <-> FILE-IDENTIFY MPEG video stream file magic detected (file-identify.rules)
 * 1:20451 <-> ENABLED <-> FILE-IDENTIFY MPEG sys stream file magic detected (file-identify.rules)
 * 1:20456 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Real Media file magic detected (file-identify.rules)
 * 1:20459 <-> ENABLED <-> FILE-IDENTIFY GIF file magic detected (file-identify.rules)
 * 1:20460 <-> ENABLED <-> FILE-IDENTIFY MP3 file magic detected (file-identify.rules)
 * 1:20463 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:20464 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:20465 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:20466 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:20467 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:20468 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:20469 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:20471 <-> ENABLED <-> FILE-IDENTIFY RIFX file magic detected (file-identify.rules)
 * 1:20472 <-> ENABLED <-> FILE-IDENTIFY RAR file magic detected (file-identify.rules)
 * 1:20476 <-> ENABLED <-> FILE-IDENTIFY TNEF file magic detected (file-identify.rules)
 * 1:20477 <-> ENABLED <-> FILE-IDENTIFY ELF file magic detected (file-identify.rules)
 * 1:20478 <-> ENABLED <-> FILE-IDENTIFY PNG file magic detected (file-identify.rules)
 * 1:20480 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detection (file-identify.rules)
 * 1:20481 <-> ENABLED <-> FILE-IDENTIFY MP3 file magic detected (file-identify.rules)
 * 1:20483 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detected (file-identify.rules)
 * 1:20486 <-> ENABLED <-> FILE-IDENTIFY RTF file magic detected (file-identify.rules)
 * 1:20489 <-> ENABLED <-> FILE-IDENTIFY MachO x64 Little Endian file magic detected (file-identify.rules)
 * 1:20492 <-> ENABLED <-> FILE-IDENTIFY Universal Binary/Java Bytecode file magic detected (file-identify.rules)
 * 1:20493 <-> ENABLED <-> FILE-IDENTIFY jarpack file magic detected (file-identify.rules)
 * 1:20494 <-> ENABLED <-> FILE-IDENTIFY PDF file magic detected (file-identify.rules)
 * 1:20495 <-> ENABLED <-> FILE-IDENTIFY compressed Adobe Shockwave Flash file magic detected (file-identify.rules)
 * 1:20496 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file magic detected (file-identify.rules)
 * 1:20497 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file magic detected (file-identify.rules)
 * 1:20500 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20501 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20502 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20503 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20507 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file magic detected (file-identify.rules)
 * 1:20514 <-> ENABLED <-> FILE-IDENTIFY dmg file magic detected (file-identify.rules)
 * 1:20518 <-> ENABLED <-> FILE-IDENTIFY rmf file download request (file-identify.rules)
 * 1:20521 <-> ENABLED <-> FILE-IDENTIFY Flac file magic detected (file-identify.rules)
 * 1:20522 <-> ENABLED <-> FILE-IDENTIFY VideoLAN VLC file magic detected (file-identify.rules)
 * 1:20544 <-> ENABLED <-> FILE-IDENTIFY Adobe Flash Player FLV file download request (file-identify.rules)
 * 1:20554 <-> ENABLED <-> PUA-OTHER Microsoft MSN Messenger and Windows Live Messenger Code Execution attempt (pua-other.rules)
 * 1:20621 <-> ENABLED <-> FILE-IDENTIFY JAR file download request (file-identify.rules)
 * 1:20723 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word docx file download request (file-identify.rules)
 * 1:20733 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media Player DVR file download request (file-identify.rules)
 * 1:20792 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file attachment detected (file-identify.rules)
 * 1:20793 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file attachment detected (file-identify.rules)
 * 1:20795 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word file attachment detected (file-identify.rules)
 * 1:20796 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word file attachment detected (file-identify.rules)
 * 1:20798 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20799 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20800 <-> ENABLED <-> FILE-IDENTIFY MIME file type file attachment detected (file-identify.rules)
 * 1:20801 <-> ENABLED <-> FILE-IDENTIFY MIME file type file attachment detected (file-identify.rules)
 * 1:20839 <-> ENABLED <-> FILE-IDENTIFY eSignal .quo file download request (file-identify.rules)
 * 1:20840 <-> ENABLED <-> FILE-IDENTIFY eSignal .por file download request (file-identify.rules)
 * 1:20841 <-> ENABLED <-> FILE-IDENTIFY eSignal .sum file download request (file-identify.rules)
 * 1:20850 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows EMF metafile file attachment detected (file-identify.rules)
 * 1:20851 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows EMF metafile file attachment detected (file-identify.rules)
 * 1:20854 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Visio file attachment detected (file-identify.rules)
 * 1:20855 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Visio file attachment detected (file-identify.rules)
 * 1:20874 <-> ENABLED <-> SERVER-OTHER IBM Tivoli Storage Manager Express Backup initialization packet (server-other.rules)
 * 1:20897 <-> ENABLED <-> FILE-IDENTIFY MIDI file magic detected (file-identify.rules)
 * 1:20898 <-> ENABLED <-> FILE-IDENTIFY MIDI file attachment detected (file-identify.rules)
 * 1:20899 <-> ENABLED <-> FILE-IDENTIFY MIDI file attachment detected (file-identify.rules)
 * 1:20905 <-> ENABLED <-> FILE-IDENTIFY X PixMap file attachment detected (file-identify.rules)
 * 1:20906 <-> ENABLED <-> FILE-IDENTIFY X PixMap file attachment detected (file-identify.rules)
 * 1:20907 <-> ENABLED <-> FILE-IDENTIFY DXF file attachment detected (file-identify.rules)
 * 1:20908 <-> ENABLED <-> FILE-IDENTIFY DXF file attachment detected (file-identify.rules)
 * 1:20909 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media ASF file attachment detected (file-identify.rules)
 * 1:20910 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media ASF file attachment detected (file-identify.rules)
 * 1:20913 <-> ENABLED <-> FILE-IDENTIFY XML Shareable Playlist Format file attachment detected (file-identify.rules)
 * 1:20914 <-> ENABLED <-> FILE-IDENTIFY XML Shareable Playlist Format file attachment detected (file-identify.rules)
 * 1:20924 <-> ENABLED <-> FILE-IDENTIFY PLS file magic detected (file-identify.rules)
 * 1:20925 <-> ENABLED <-> FILE-IDENTIFY Adobe Pagemaker file attachment detected (file-identify.rules)
 * 1:20926 <-> ENABLED <-> FILE-IDENTIFY Adobe Pagemaker file attachment detected (file-identify.rules)
 * 1:20928 <-> ENABLED <-> FILE-IDENTIFY SMIL file magic detected (file-identify.rules)
 * 1:20929 <-> ENABLED <-> FILE-IDENTIFY MKV file attachment detected (file-identify.rules)
 * 1:20930 <-> ENABLED <-> FILE-IDENTIFY MKV file attachment detected (file-identify.rules)
 * 1:20931 <-> ENABLED <-> FILE-IDENTIFY MKS file attachment detected (file-identify.rules)
 * 1:20932 <-> ENABLED <-> FILE-IDENTIFY MKS file attachment detected (file-identify.rules)
 * 1:20933 <-> ENABLED <-> FILE-IDENTIFY MKA file attachment detected (file-identify.rules)
 * 1:20934 <-> ENABLED <-> FILE-IDENTIFY MKA file attachment detected (file-identify.rules)
 * 1:20935 <-> ENABLED <-> FILE-IDENTIFY QCP file attachment detected (file-identify.rules)
 * 1:20936 <-> ENABLED <-> FILE-IDENTIFY QCP file attachment detected (file-identify.rules)
 * 1:20937 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file download request (file-identify.rules)
 * 1:20938 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file download request (file-identify.rules)
 * 1:20939 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file download request (file-identify.rules)
 * 1:20940 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file download request (file-identify.rules)
 * 1:20941 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20942 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20943 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20944 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20945 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20946 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20947 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20948 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (file-identify.rules)
 * 1:20950 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20951 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20952 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20953 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20954 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20955 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20956 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20957 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20958 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20959 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:20960 <-> ENABLED <-> FILE-IDENTIFY Flac file download request (file-identify.rules)
 * 1:20961 <-> ENABLED <-> FILE-IDENTIFY TTE file download request (file-identify.rules)
 * 1:20962 <-> ENABLED <-> FILE-IDENTIFY OTF file download request (file-identify.rules)
 * 1:20963 <-> ENABLED <-> FILE-IDENTIFY DIB file download request (file-identify.rules)
 * 1:20964 <-> ENABLED <-> FILE-IDENTIFY SAMI file download request (file-identify.rules)
 * 1:20965 <-> ENABLED <-> FILE-IDENTIFY JPEG file download request (file-identify.rules)
 * 1:20966 <-> ENABLED <-> FILE-IDENTIFY JPEG file download request (file-identify.rules)
 * 1:20967 <-> ENABLED <-> FILE-IDENTIFY JPEG file download request (file-identify.rules)
 * 1:20968 <-> ENABLED <-> FILE-IDENTIFY Apple disk image file download request (file-identify.rules)
 * 1:20969 <-> ENABLED <-> FILE-IDENTIFY M4A file download request (file-identify.rules)
 * 1:20970 <-> ENABLED <-> FILE-IDENTIFY M4P file download request (file-identify.rules)
 * 1:20971 <-> ENABLED <-> FILE-IDENTIFY M4R file download request (file-identify.rules)
 * 1:20972 <-> ENABLED <-> FILE-IDENTIFY M4V file magic request (file-identify.rules)
 * 1:20973 <-> ENABLED <-> FILE-IDENTIFY M4B file download request (file-identify.rules)
 * 1:20974 <-> ENABLED <-> FILE-IDENTIFY 3GP file download request (file-identify.rules)
 * 1:20975 <-> ENABLED <-> FILE-IDENTIFY 3G2 file download request (file-identify.rules)
 * 1:20976 <-> ENABLED <-> FILE-IDENTIFY K3G file download request (file-identify.rules)
 * 1:20977 <-> ENABLED <-> FILE-IDENTIFY SKM file download request (file-identify.rules)
 * 1:20978 <-> ENABLED <-> FILE-IDENTIFY TTE file attachment detected (file-identify.rules)
 * 1:20979 <-> ENABLED <-> FILE-IDENTIFY TTE file attachment detected (file-identify.rules)
 * 1:20980 <-> ENABLED <-> FILE-IDENTIFY OTF file attachment detected (file-identify.rules)
 * 1:20981 <-> ENABLED <-> FILE-IDENTIFY OTF file attachment detected (file-identify.rules)
 * 1:20982 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office PowerPoint file attachment detected (file-identify.rules)
 * 1:20983 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office PowerPoint file attachment detected (file-identify.rules)
 * 1:20986 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word docx file attachment detected (file-identify.rules)
 * 1:20987 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word docx file attachment detected (file-identify.rules)
 * 1:20991 <-> ENABLED <-> FILE-IDENTIFY TTF file magic detected (file-identify.rules)
 * 1:20992 <-> ENABLED <-> FILE-IDENTIFY SAMI file magic detected (file-identify.rules)
 * 1:21007 <-> ENABLED <-> FILE-IDENTIFY Microsoft Money file magic detected (file-identify.rules)
 * 1:21011 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office PowerPoint file magic detected (file-identify.rules)
 * 1:21012 <-> ENABLED <-> FILE-IDENTIFY Cytel Studio cy3 file download request (file-identify.rules)
 * 1:21013 <-> ENABLED <-> FILE-IDENTIFY Cytel Studio cy3 file attachment detected (file-identify.rules)
 * 1:21014 <-> ENABLED <-> FILE-IDENTIFY Cytel Studio cy3 file attachment detected (file-identify.rules)
 * 1:21015 <-> ENABLED <-> FILE-IDENTIFY cy3 Cytel Studio file magic detected (file-identify.rules)
 * 1:21016 <-> ENABLED <-> FILE-IDENTIFY Cytel Studio cyb file attachment detected (file-identify.rules)
 * 1:21017 <-> ENABLED <-> FILE-IDENTIFY cyb Cytel Studio file attachment detected (file-identify.rules)
 * 1:21018 <-> ENABLED <-> FILE-IDENTIFY cyb Cytel Studio file download request (file-identify.rules)
 * 1:21035 <-> ENABLED <-> FILE-IDENTIFY PDF file attachment detected (file-identify.rules)
 * 1:21036 <-> ENABLED <-> FILE-IDENTIFY PDF file attachment detected (file-identify.rules)
 * 1:21059 <-> ENABLED <-> FILE-IDENTIFY AVI Video file magic detected (file-identify.rules)
 * 1:21061 <-> ENABLED <-> FILE-IDENTIFY AVI file attachment detected (file-identify.rules)
 * 1:21062 <-> ENABLED <-> FILE-IDENTIFY AVI file attachment detected (file-identify.rules)
 * 1:21109 <-> ENABLED <-> FILE-IDENTIFY MPEG video stream file download request (file-identify.rules)
 * 1:21110 <-> ENABLED <-> FILE-IDENTIFY MPEG video stream file attachment detected (file-identify.rules)
 * 1:21111 <-> ENABLED <-> FILE-IDENTIFY MPEG video stream file attachment detected (file-identify.rules)
 * 1:21113 <-> ENABLED <-> FILE-IDENTIFY Cisco Webex Player .wrf file magic detected (file-identify.rules)
 * 1:21152 <-> ENABLED <-> FILE-IDENTIFY S3M file attachment detected (file-identify.rules)
 * 1:21153 <-> ENABLED <-> FILE-IDENTIFY S3M file attachment detected (file-identify.rules)
 * 1:21174 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealPlayer realtext file download request (file-identify.rules)
 * 1:21282 <-> ENABLED <-> FILE-IDENTIFY XSL file download request (file-identify.rules)
 * 1:21283 <-> ENABLED <-> FILE-IDENTIFY XSL file attachment detected (file-identify.rules)
 * 1:21284 <-> ENABLED <-> FILE-IDENTIFY XSL file attachment detected (file-identify.rules)
 * 1:21285 <-> ENABLED <-> FILE-IDENTIFY XSLT file download request (file-identify.rules)
 * 1:21286 <-> ENABLED <-> FILE-IDENTIFY XSLT file attachment detected (file-identify.rules)
 * 1:21287 <-> ENABLED <-> FILE-IDENTIFY XSLT file attachment detected (file-identify.rules)
 * 1:21288 <-> ENABLED <-> FILE-IDENTIFY XML download detected (file-identify.rules)
 * 1:21410 <-> ENABLED <-> FILE-IDENTIFY paq8o file download request (file-identify.rules)
 * 1:21411 <-> ENABLED <-> FILE-IDENTIFY paq8o file attachment detected (file-identify.rules)
 * 1:21412 <-> ENABLED <-> FILE-IDENTIFY paq8o file attachment detected (file-identify.rules)
 * 1:21434 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Mentor variant outbound connection (malware-cnc.rules)
 * 1:21480 <-> ENABLED <-> FILE-IDENTIFY XML file magic detected (file-identify.rules)
 * 1:21498 <-> ENABLED <-> FILE-IDENTIFY XML file magic detected (file-identify.rules)
 * 1:21499 <-> ENABLED <-> FILE-IDENTIFY XML file attachment detected (file-identify.rules)
 * 1:21500 <-> ENABLED <-> FILE-IDENTIFY XML file attachment detected (file-identify.rules)
 * 1:21611 <-> ENABLED <-> FILE-IDENTIFY RAT file attachment detected (file-identify.rules)
 * 1:21612 <-> ENABLED <-> FILE-IDENTIFY RAT file attachment detected (file-identify.rules)
 * 1:21613 <-> ENABLED <-> FILE-IDENTIFY PNG file attachment detected (file-identify.rules)
 * 1:21614 <-> ENABLED <-> FILE-IDENTIFY PNG file attachment detected (file-identify.rules)
 * 1:21615 <-> ENABLED <-> FILE-IDENTIFY WMF file attachment detected (file-identify.rules)
 * 1:21616 <-> ENABLED <-> FILE-IDENTIFY WMF file attachment detected (file-identify.rules)
 * 1:21617 <-> ENABLED <-> FILE-IDENTIFY RT file attachment detected (file-identify.rules)
 * 1:21618 <-> ENABLED <-> FILE-IDENTIFY RT file attachment detected (file-identify.rules)
 * 1:21620 <-> ENABLED <-> FILE-IDENTIFY WAV file magic detected (file-identify.rules)
 * 1:21621 <-> ENABLED <-> FILE-IDENTIFY AVI file magic detected (file-identify.rules)
 * 1:21623 <-> ENABLED <-> FILE-IDENTIFY QUO file attachment detected (file-identify.rules)
 * 1:21624 <-> ENABLED <-> FILE-IDENTIFY QUO file attachment detected (file-identify.rules)
 * 1:21625 <-> ENABLED <-> FILE-IDENTIFY POR file attachment detected (file-identify.rules)
 * 1:21626 <-> ENABLED <-> FILE-IDENTIFY POR file attachment detected (file-identify.rules)
 * 1:21627 <-> ENABLED <-> FILE-IDENTIFY SUM file attachment detected (file-identify.rules)
 * 1:21628 <-> ENABLED <-> FILE-IDENTIFY SUM file attachment detected (file-identify.rules)
 * 1:21648 <-> ENABLED <-> FILE-IDENTIFY QuickDraw/PICT file attachment detected (file-identify.rules)
 * 1:21649 <-> ENABLED <-> FILE-IDENTIFY QuickDraw/PICT file attachment detected (file-identify.rules)
 * 1:21650 <-> ENABLED <-> FILE-IDENTIFY QuickDraw/PICT file download request (file-identify.rules)
 * 1:21651 <-> ENABLED <-> FILE-IDENTIFY QuickDraw/PICT file attachment detected (file-identify.rules)
 * 1:21652 <-> ENABLED <-> FILE-IDENTIFY QuickDraw/PICT file attachment detected (file-identify.rules)
 * 1:21687 <-> ENABLED <-> FILE-IDENTIFY PLS file attachment detected (file-identify.rules)
 * 1:21688 <-> ENABLED <-> FILE-IDENTIFY PLS file attachment detected (file-identify.rules)
 * 1:21691 <-> ENABLED <-> FILE-IDENTIFY SMIL file attachment detected (file-identify.rules)
 * 1:21692 <-> ENABLED <-> FILE-IDENTIFY SMIL file attachment detected (file-identify.rules)
 * 1:21693 <-> ENABLED <-> FILE-IDENTIFY FLAC file attachment detected (file-identify.rules)
 * 1:21694 <-> ENABLED <-> FILE-IDENTIFY FLAC file attachment detected (file-identify.rules)
 * 1:21695 <-> ENABLED <-> FILE-IDENTIFY SMI file attachment detected (file-identify.rules)
 * 1:21696 <-> ENABLED <-> FILE-IDENTIFY SMI file attachment detected (file-identify.rules)
 * 1:21697 <-> ENABLED <-> FILE-IDENTIFY SAMI file attachment detected (file-identify.rules)
 * 1:21698 <-> ENABLED <-> FILE-IDENTIFY SAMI file attachment detected (file-identify.rules)
 * 1:21699 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel xlw file attachment detected (file-identify.rules)
 * 1:21700 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel xlw file attachment detected (file-identify.rules)
 * 1:21701 <-> ENABLED <-> FILE-IDENTIFY FlashPix file attachment detected (file-identify.rules)
 * 1:21702 <-> ENABLED <-> FILE-IDENTIFY FlashPix file attachment detected (file-identify.rules)
 * 1:21703 <-> ENABLED <-> FILE-IDENTIFY 4XM file attachment detected (file-identify.rules)
 * 1:21704 <-> ENABLED <-> FILE-IDENTIFY 4XM file attachment detected (file-identify.rules)
 * 1:21705 <-> ENABLED <-> FILE-IDENTIFY BitTorrent torrent file attachment detected (file-identify.rules)
 * 1:21706 <-> ENABLED <-> FILE-IDENTIFY BitTorrent torrent file attachment detected (file-identify.rules)
 * 1:21709 <-> ENABLED <-> FILE-IDENTIFY AIFF file attachment detected (file-identify.rules)
 * 1:21710 <-> ENABLED <-> FILE-IDENTIFY AIFF file attachment detected (file-identify.rules)
 * 1:21711 <-> ENABLED <-> FILE-IDENTIFY PFA file download request (file-identify.rules)
 * 1:21712 <-> ENABLED <-> FILE-IDENTIFY PFA file magic detected (file-identify.rules)
 * 1:21713 <-> ENABLED <-> FILE-IDENTIFY PFA file attachment detected (file-identify.rules)
 * 1:21714 <-> ENABLED <-> FILE-IDENTIFY PFA file attachment detected (file-identify.rules)
 * 1:21715 <-> ENABLED <-> FILE-IDENTIFY PFB file download request (file-identify.rules)
 * 1:21716 <-> ENABLED <-> FILE-IDENTIFY PFB file attachment detected (file-identify.rules)
 * 1:21717 <-> ENABLED <-> FILE-IDENTIFY PFB file attachment detected (file-identify.rules)
 * 1:21718 <-> ENABLED <-> FILE-IDENTIFY PFM file download request (file-identify.rules)
 * 1:21719 <-> ENABLED <-> FILE-IDENTIFY PFM file attachment detected (file-identify.rules)
 * 1:21720 <-> ENABLED <-> FILE-IDENTIFY PFM file attachment detected (file-identify.rules)
 * 1:21721 <-> ENABLED <-> FILE-IDENTIFY AFM file download request (file-identify.rules)
 * 1:21722 <-> ENABLED <-> FILE-IDENTIFY AFM file attachment detected (file-identify.rules)
 * 1:21723 <-> ENABLED <-> FILE-IDENTIFY AFM file attachment detected (file-identify.rules)
 * 1:21724 <-> ENABLED <-> FILE-IDENTIFY ANI file download request (file-identify.rules)
 * 1:21725 <-> ENABLED <-> FILE-IDENTIFY ANI file attachment detected (file-identify.rules)
 * 1:21726 <-> ENABLED <-> FILE-IDENTIFY ANI file attachment detected (file-identify.rules)
 * 1:21727 <-> ENABLED <-> FILE-IDENTIFY ANI file magic detection (file-identify.rules)
 * 1:21728 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21729 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21730 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21731 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21732 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21733 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21734 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21735 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21736 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21737 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21738 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21739 <-> ENABLED <-> FILE-IDENTIFY JPG file attachment detected (file-identify.rules)
 * 1:21740 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media asx file attachment detected (file-identify.rules)
 * 1:21741 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media asx file attachment detected (file-identify.rules)
 * 1:21742 <-> ENABLED <-> FILE-IDENTIFY Embedded Open Type Font file attachment detected (file-identify.rules)
 * 1:21743 <-> ENABLED <-> FILE-IDENTIFY Embedded Open Type Font file attachment detected (file-identify.rules)
 * 1:21744 <-> ENABLED <-> FILE-IDENTIFY AVI file attachment detected (file-identify.rules)
 * 1:21745 <-> ENABLED <-> FILE-IDENTIFY AVI file attachment detected (file-identify.rules)
 * 1:21746 <-> ENABLED <-> FILE-IDENTIFY RTF file attachment detected (file-identify.rules)
 * 1:21747 <-> ENABLED <-> FILE-IDENTIFY RTF file attachment detected (file-identify.rules)
 * 1:21748 <-> ENABLED <-> FILE-IDENTIFY HPJ file download request (file-identify.rules)
 * 1:21749 <-> ENABLED <-> FILE-IDENTIFY HPJ file attachment detected (file-identify.rules)
 * 1:21750 <-> ENABLED <-> FILE-IDENTIFY HPJ file attachment detected (file-identify.rules)
 * 1:21751 <-> ENABLED <-> FILE-IDENTIFY HPJ file magic detected (file-identify.rules)
 * 1:21807 <-> ENABLED <-> FILE-IDENTIFY Adobe Download Manager aom file download request (file-identify.rules)
 * 1:21808 <-> ENABLED <-> FILE-IDENTIFY Adobe Download Manager aom file attachment detected (file-identify.rules)
 * 1:21809 <-> ENABLED <-> FILE-IDENTIFY Adobe Download Manager aom file attachment detected (file-identify.rules)
 * 1:21810 <-> ENABLED <-> FILE-IDENTIFY Adobe Download Manager aom file magic detected (file-identify.rules)
 * 1:21811 <-> ENABLED <-> FILE-IDENTIFY Apple Quicktime FLIC animation file file download request (file-identify.rules)
 * 1:21812 <-> ENABLED <-> FILE-IDENTIFY Apple Quicktime FLIC animation file file attachment detected (file-identify.rules)
 * 1:21813 <-> ENABLED <-> FILE-IDENTIFY Apple Quicktime FLIC animation file file attachment detected (file-identify.rules)
 * 1:21814 <-> ENABLED <-> FILE-IDENTIFY Apple Quicktime FLIC file magic detected (file-identify.rules)
 * 1:21815 <-> ENABLED <-> FILE-IDENTIFY LZH file attachment detected (file-identify.rules)
 * 1:21816 <-> ENABLED <-> FILE-IDENTIFY LZH file attachment detected (file-identify.rules)
 * 1:21854 <-> ENABLED <-> FILE-IDENTIFY LNK file attachment detected (file-identify.rules)
 * 1:21855 <-> ENABLED <-> FILE-IDENTIFY LNK file attachment detected (file-identify.rules)
 * 1:21856 <-> ENABLED <-> FILE-IDENTIFY ZIP file attachment detected (file-identify.rules)
 * 1:21857 <-> ENABLED <-> FILE-IDENTIFY ZIP file attachment detected (file-identify.rules)
 * 1:21861 <-> ENABLED <-> FILE-IDENTIFY WRF file attachment detected (file-identify.rules)
 * 1:21862 <-> ENABLED <-> FILE-IDENTIFY WRF file attachment detected (file-identify.rules)
 * 1:21863 <-> ENABLED <-> FILE-IDENTIFY Google Chrome extension file attachment detected (file-identify.rules)
 * 1:21864 <-> ENABLED <-> FILE-IDENTIFY Google Chrome extension file attachment detected (file-identify.rules)
 * 1:21865 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Fax Cover page document file attachment detected (file-identify.rules)
 * 1:21866 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Fax Cover page document file attachment detected (file-identify.rules)
 * 1:21867 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Fax Cover page document file attachment detected (file-identify.rules)
 * 1:21868 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Fax Cover page document file attachment detected (file-identify.rules)
 * 1:21870 <-> ENABLED <-> FILE-IDENTIFY CNT file attachment detected (file-identify.rules)
 * 1:21871 <-> ENABLED <-> FILE-IDENTIFY CNT file attachment detected (file-identify.rules)
 * 1:21872 <-> ENABLED <-> FILE-IDENTIFY GIF file attachment detected (file-identify.rules)
 * 1:21873 <-> ENABLED <-> FILE-IDENTIFY GIF file attachment detected (file-identify.rules)
 * 1:21884 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Publisher file attachment detected (file-identify.rules)
 * 1:21885 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Publisher file attachment detected (file-identify.rules)
 * 1:21886 <-> ENABLED <-> FILE-IDENTIFY OpenType Font file attachment detected (file-identify.rules)
 * 1:21887 <-> ENABLED <-> FILE-IDENTIFY OpenType Font file attachment detected (file-identify.rules)
 * 1:21888 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Movie Maker file attachment detected (file-identify.rules)
 * 1:21889 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Movie Maker file attachment detected (file-identify.rules)
 * 1:21890 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file attachment detected (file-identify.rules)
 * 1:21891 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file attachment detected (file-identify.rules)
 * 1:21892 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file attachment detected (file-identify.rules)
 * 1:21893 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file attachment detected (file-identify.rules)
 * 1:21894 <-> ENABLED <-> FILE-IDENTIFY SVG file attachment detected (file-identify.rules)
 * 1:21895 <-> ENABLED <-> FILE-IDENTIFY SVG file attachment detected (file-identify.rules)
 * 1:21908 <-> ENABLED <-> FILE-IDENTIFY Portable Executable file attachment detected (file-identify.rules)
 * 1:21909 <-> ENABLED <-> FILE-IDENTIFY Portable Executable file attachment detected (file-identify.rules)
 * 1:21915 <-> ENABLED <-> SERVER-OTHER Novell Groupwise HTTP login request (server-other.rules)
 * 1:21916 <-> ENABLED <-> SERVER-OTHER Novell Groupwise HTTP login request (server-other.rules)
 * 1:21940 <-> ENABLED <-> FILE-IDENTIFY EMF file magic detected (file-identify.rules)
 * 1:21999 <-> ENABLED <-> FILE-IDENTIFY OpenType Font file magic detection (file-identify.rules)
 * 1:22943 <-> ENABLED <-> FILE-IDENTIFY NAB file download request (file-identify.rules)
 * 1:22944 <-> ENABLED <-> FILE-IDENTIFY NAB file attachment detected (file-identify.rules)
 * 1:22945 <-> ENABLED <-> FILE-IDENTIFY NAB file attachment detected (file-identify.rules)
 * 1:22946 <-> ENABLED <-> FILE-IDENTIFY NAB file magic detected (file-identify.rules)
 * 1:22961 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealPlayer RAM file attachment detected (file-identify.rules)
 * 1:22962 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealPlayer RAM file attachment detected (file-identify.rules)
 * 1:22963 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealPlayer RMP file attachment detected (file-identify.rules)
 * 1:22964 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealPlayer RMP file attachment detected (file-identify.rules)
 * 1:22965 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealPlayer RT file attachment detected (file-identify.rules)
 * 1:22966 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealPlayer RT file attachment detected (file-identify.rules)
 * 1:22971 <-> ENABLED <-> FILE-IDENTIFY MPEG Layer 3 playlist file attachment detected (file-identify.rules)
 * 1:22972 <-> ENABLED <-> FILE-IDENTIFY m3u playlist file file attachment detected (file-identify.rules)
 * 1:22979 <-> ENABLED <-> FILE-IDENTIFY M4V file attachment detected (file-identify.rules)
 * 1:22980 <-> ENABLED <-> FILE-IDENTIFY M4V file attachment detected (file-identify.rules)
 * 1:22993 <-> ENABLED <-> FILE-IDENTIFY MP4 file attachment detected (file-identify.rules)
 * 1:22994 <-> ENABLED <-> FILE-IDENTIFY MP4 file attachment detected (file-identify.rules)
 * 1:22995 <-> ENABLED <-> FILE-IDENTIFY Apple QuickTime Movie file attachment detected (file-identify.rules)
 * 1:22996 <-> ENABLED <-> FILE-IDENTIFY Apple QuickTime Movie file attachment detected (file-identify.rules)
 * 1:22997 <-> ENABLED <-> FILE-IDENTIFY MHTML file attachment detected (file-identify.rules)
 * 1:22998 <-> ENABLED <-> FILE-IDENTIFY MHTML file attachment detected (file-identify.rules)
 * 1:22999 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows WMF file magic detected (file-identify.rules)
 * 1:23000 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media Player DVR file attachment detected (file-identify.rules)
 * 1:23001 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media Player DVR file attachment detected (file-identify.rules)
 * 1:23011 <-> ENABLED <-> FILE-IDENTIFY Collada file download request (file-identify.rules)
 * 1:23012 <-> ENABLED <-> FILE-IDENTIFY Collada file attachment detected (file-identify.rules)
 * 1:23013 <-> ENABLED <-> FILE-IDENTIFY Collada file attachment detected (file-identify.rules)
 * 1:23138 <-> DISABLED <-> SERVER-OTHER Apple CUPS IPP memory corruption attempt (server-other.rules)
 * 1:23139 <-> DISABLED <-> SERVER-OTHER Apple CUPS IPP memory corruption attempt (server-other.rules)
 * 1:23167 <-> ENABLED <-> FILE-IDENTIFY MPG video stream file download request (file-identify.rules)
 * 1:23168 <-> ENABLED <-> FILE-IDENTIFY MPG video stream file attachment detected (file-identify.rules)
 * 1:23169 <-> ENABLED <-> FILE-IDENTIFY MPG video stream file attachment detected (file-identify.rules)
 * 1:23190 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file download request (file-identify.rules)
 * 1:23191 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23192 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23193 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file download request (file-identify.rules)
 * 1:23194 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23195 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23196 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file download request (file-identify.rules)
 * 1:23197 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23198 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23199 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file download request (file-identify.rules)
 * 1:23200 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23201 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23202 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file download request (file-identify.rules)
 * 1:23203 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23204 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23205 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file download request (file-identify.rules)
 * 1:23206 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23207 <-> ENABLED <-> FILE-IDENTIFY Windows Media Metafile file attachment detected (file-identify.rules)
 * 1:23208 <-> ENABLED <-> PROTOCOL-VOIP Digium Asterisk Manager Interface initial banner (protocol-voip.rules)
 * 1:23224 <-> ENABLED <-> EXPLOIT-KIT Redkit exploit kit landing page Requested - 8Digit.html (exploit-kit.rules)
 * 1:23347 <-> ENABLED <-> FILE-IDENTIFY Lotus file download request (file-identify.rules)
 * 1:23348 <-> ENABLED <-> FILE-IDENTIFY Lotus file attachment detected (file-identify.rules)
 * 1:23349 <-> ENABLED <-> FILE-IDENTIFY Lotus file attachment detected (file-identify.rules)
 * 1:23393 <-> ENABLED <-> SQL IBM SolidDB initial banner (sql.rules)
 * 1:23637 <-> ENABLED <-> FILE-IDENTIFY Java .class file attachment detected (file-identify.rules)
 * 1:23638 <-> ENABLED <-> FILE-IDENTIFY Java .class file attachment detected (file-identify.rules)
 * 1:23639 <-> ENABLED <-> FILE-IDENTIFY MPEG video stream file magic detected (file-identify.rules)
 * 1:23640 <-> ENABLED <-> FILE-IDENTIFY MPEG sys stream file magic detected (file-identify.rules)
 * 1:23645 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Real Media file magic detected (file-identify.rules)
 * 1:23647 <-> ENABLED <-> FILE-IDENTIFY GIF file magic detected (file-identify.rules)
 * 1:23648 <-> ENABLED <-> FILE-IDENTIFY MP3 file magic detected (file-identify.rules)
 * 1:23651 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:23652 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:23653 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:23654 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:23655 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:23656 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:23657 <-> ENABLED <-> FILE-IDENTIFY JAR/ZIP file magic detected (file-identify.rules)
 * 1:23658 <-> ENABLED <-> FILE-IDENTIFY RIFX file magic detected (file-identify.rules)
 * 1:23659 <-> ENABLED <-> FILE-IDENTIFY RAR file magic detected (file-identify.rules)
 * 1:23662 <-> ENABLED <-> FILE-IDENTIFY TNEF file magic detected (file-identify.rules)
 * 1:23663 <-> ENABLED <-> FILE-IDENTIFY ELF file magic detected (file-identify.rules)
 * 1:23664 <-> ENABLED <-> FILE-IDENTIFY PNG file magic detected (file-identify.rules)
 * 1:23666 <-> ENABLED <-> FILE-IDENTIFY MP3 file magic detected (file-identify.rules)
 * 1:23667 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detected (file-identify.rules)
 * 1:23670 <-> ENABLED <-> FILE-IDENTIFY RTF file magic detected (file-identify.rules)
 * 1:23673 <-> ENABLED <-> FILE-IDENTIFY MachO x64 Little Endian file magic detected (file-identify.rules)
 * 1:23676 <-> ENABLED <-> FILE-IDENTIFY Universal Binary/Java Bytecode file magic detected (file-identify.rules)
 * 1:23677 <-> ENABLED <-> FILE-IDENTIFY jarpack file magic detected (file-identify.rules)
 * 1:23678 <-> ENABLED <-> FILE-IDENTIFY PDF file magic detected (file-identify.rules)
 * 1:23679 <-> ENABLED <-> FILE-IDENTIFY compressed Adobe Shockwave Flash file magic detected (file-identify.rules)
 * 1:23680 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file magic detected (file-identify.rules)
 * 1:23681 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file magic detected (file-identify.rules)
 * 1:23682 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23683 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23684 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23685 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23687 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file magic detected (file-identify.rules)
 * 1:23691 <-> ENABLED <-> FILE-IDENTIFY dmg file magic detected (file-identify.rules)
 * 1:23695 <-> ENABLED <-> FILE-IDENTIFY Flac file magic detected (file-identify.rules)
 * 1:23696 <-> ENABLED <-> FILE-IDENTIFY VideoLAN VLC file magic detected (file-identify.rules)
 * 1:23697 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel xlw file magic detected (file-identify.rules)
 * 1:23698 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media ASF file magic detected (file-identify.rules)
 * 1:23701 <-> ENABLED <-> FILE-IDENTIFY Microsoft SYmbolic LinK file magic detected (file-identify.rules)
 * 1:23703 <-> ENABLED <-> FILE-IDENTIFY Microsoft asf file magic detected (file-identify.rules)
 * 1:23707 <-> ENABLED <-> FILE-IDENTIFY Microsoft Compound File Binary v3 file magic detected (file-identify.rules)
 * 1:23709 <-> ENABLED <-> FILE-IDENTIFY Tiff little endian file magic detected (file-identify.rules)
 * 1:23710 <-> ENABLED <-> FILE-IDENTIFY Tiff big endian file magic detected (file-identify.rules)
 * 1:23711 <-> ENABLED <-> FILE-IDENTIFY OLE Document file magic detected (file-identify.rules)
 * 1:23712 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file magic detected (file-identify.rules)
 * 1:23720 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer REC file magic detected (file-identify.rules)
 * 1:23721 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer .r1m file magic detected (file-identify.rules)
 * 1:23723 <-> ENABLED <-> FILE-IDENTIFY M3U file magic detected (file-identify.rules)
 * 1:23724 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file magic detected (file-identify.rules)
 * 1:23727 <-> ENABLED <-> FILE-IDENTIFY Adobe Flash Video file magic detected (file-identify.rules)
 * 1:23728 <-> ENABLED <-> FILE-IDENTIFY matroska file magic detected (file-identify.rules)
 * 1:23729 <-> ENABLED <-> FILE-IDENTIFY PICT file magic detected (file-identify.rules)
 * 1:23732 <-> ENABLED <-> FILE-IDENTIFY Microsoft Media Player .asf file magic detected (file-identify.rules)
 * 1:23735 <-> ENABLED <-> FILE-IDENTIFY MIDI file magic detected (file-identify.rules)
 * 1:23736 <-> ENABLED <-> FILE-IDENTIFY PLS file magic detected (file-identify.rules)
 * 1:23737 <-> ENABLED <-> FILE-IDENTIFY SMIL file magic detected (file-identify.rules)
 * 1:23738 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23739 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23740 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23741 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23742 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23743 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23744 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23745 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23746 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23747 <-> ENABLED <-> FILE-IDENTIFY MOV file magic detected (file-identify.rules)
 * 1:23748 <-> ENABLED <-> FILE-IDENTIFY TTF file magic detected (file-identify.rules)
 * 1:23749 <-> ENABLED <-> FILE-IDENTIFY SAMI file magic detected (file-identify.rules)
 * 1:23750 <-> ENABLED <-> FILE-IDENTIFY Microsoft Money file magic detected (file-identify.rules)
 * 1:23751 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office PowerPoint file magic detected (file-identify.rules)
 * 1:23752 <-> ENABLED <-> FILE-IDENTIFY cy3 Cytel Studio file magic detected (file-identify.rules)
 * 1:23753 <-> ENABLED <-> FILE-IDENTIFY Visio file magic detected (file-identify.rules)
 * 1:23754 <-> ENABLED <-> FILE-IDENTIFY AVI Video file magic detected (file-identify.rules)
 * 1:23755 <-> ENABLED <-> FILE-IDENTIFY Cisco Webex Player .wrf file magic detected (file-identify.rules)
 * 1:23758 <-> ENABLED <-> FILE-IDENTIFY XML file magic detected (file-identify.rules)
 * 1:23759 <-> ENABLED <-> FILE-IDENTIFY XML file magic detected (file-identify.rules)
 * 1:23760 <-> ENABLED <-> FILE-IDENTIFY WAV file magic detected (file-identify.rules)
 * 1:23761 <-> ENABLED <-> FILE-IDENTIFY AVI file magic detected (file-identify.rules)
 * 1:23762 <-> ENABLED <-> FILE-IDENTIFY PFA file magic detected (file-identify.rules)
 * 1:23763 <-> ENABLED <-> FILE-IDENTIFY HPJ file magic detected (file-identify.rules)
 * 1:23764 <-> ENABLED <-> FILE-IDENTIFY Adobe Download Manager aom file magic detected (file-identify.rules)
 * 1:23765 <-> ENABLED <-> FILE-IDENTIFY Apple Quicktime FLIC file magic detected (file-identify.rules)
 * 1:23766 <-> ENABLED <-> FILE-IDENTIFY EMF file magic detected (file-identify.rules)
 * 1:23774 <-> ENABLED <-> FILE-IDENTIFY NAB file magic detected (file-identify.rules)
 * 1:23807 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file download request (file-identify.rules)
 * 1:23808 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23809 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23810 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file download request (file-identify.rules)
 * 1:23811 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23812 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23813 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file download request (file-identify.rules)
 * 1:23814 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23815 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23816 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file download request (file-identify.rules)
 * 1:23817 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23818 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23819 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file download request (file-identify.rules)
 * 1:23820 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23821 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file attachment detected (file-identify.rules)
 * 1:23822 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file magic detected (file-identify.rules)
 * 1:23823 <-> ENABLED <-> FILE-IDENTIFY JPEG2000 file magic detected (file-identify.rules)
 * 1:23839 <-> ENABLED <-> OS-WINDOWS Microsoft Windows SMB RAP API NetServerEnum2 long server name buffer overflow attempt (os-windows.rules)
 * 1:24004 <-> ENABLED <-> FILE-OFFICE Microsoft Office MSCOMCTL ActiveX control tabstrip method access (file-office.rules)
 * 1:24005 <-> ENABLED <-> FILE-OFFICE Microsoft Office MSCOMCTL ActiveX control tabstrip method access (file-office.rules)
 * 1:24074 <-> ENABLED <-> FILE-IDENTIFY MP3 file download request (file-identify.rules)
 * 1:24075 <-> ENABLED <-> FILE-IDENTIFY MP3 file attachment detected (file-identify.rules)
 * 1:24076 <-> ENABLED <-> FILE-IDENTIFY MP3 file attachment detected (file-identify.rules)
 * 1:24078 <-> ENABLED <-> FILE-IDENTIFY RMF file attachment detected (file-identify.rules)
 * 1:24079 <-> ENABLED <-> FILE-IDENTIFY RMF file attachment detected (file-identify.rules)
 * 1:24080 <-> ENABLED <-> FILE-IDENTIFY Microsoft Works file attachment detected (file-identify.rules)
 * 1:24081 <-> ENABLED <-> FILE-IDENTIFY Microsoft Works file attachment detected (file-identify.rules)
 * 1:24089 <-> ENABLED <-> OS-WINDOWS Microsoft WebDAV PROPFIND request (os-windows.rules)
 * 1:24100 <-> ENABLED <-> FILE-IDENTIFY PLF file attachment detected (file-identify.rules)
 * 1:24101 <-> ENABLED <-> FILE-IDENTIFY PLF file attachment detected (file-identify.rules)
 * 1:2419 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer .ram playlist file download request (file-identify.rules)
 * 1:24190 <-> ENABLED <-> FILE-IDENTIFY X PixMap file magic detected (file-identify.rules)
 * 1:2420 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer .rmp playlist file download request (file-identify.rules)
 * 1:24206 <-> ENABLED <-> FILE-IDENTIFY LZH archive file magic detected (file-identify.rules)
 * 1:24213 <-> ENABLED <-> FILE-IDENTIFY MP4 file magic detected (file-identify.rules)
 * 1:24218 <-> ENABLED <-> FILE-IDENTIFY SMIL file magic detected (file-identify.rules)
 * 1:24219 <-> ENABLED <-> FILE-IDENTIFY SMIL file magic detected (file-identify.rules)
 * 1:2422 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer .rt playlist file download request (file-identify.rules)
 * 1:2423 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer .rp playlist file download request (file-identify.rules)
 * 1:24313 <-> ENABLED <-> SERVER-WEBAPP HP OpenView Operations Agent request attempt (server-webapp.rules)
 * 1:2436 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Audio wmf file download request (file-identify.rules)
 * 1:24455 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detected (file-identify.rules)
 * 1:24456 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detected (file-identify.rules)
 * 1:24457 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detected (file-identify.rules)
 * 1:24458 <-> ENABLED <-> FILE-IDENTIFY JPEG file magic detected (file-identify.rules)
 * 1:24463 <-> ENABLED <-> FILE-IDENTIFY TIFF file attachment detected (file-identify.rules)
 * 1:24464 <-> ENABLED <-> FILE-IDENTIFY TIFF file attachment detected (file-identify.rules)
 * 1:24465 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows WMF file magic detected (file-identify.rules)
 * 1:24472 <-> ENABLED <-> FILE-IDENTIFY FLV file attachment detected (file-identify.rules)
 * 1:24473 <-> ENABLED <-> FILE-IDENTIFY FLV file attachment detected (file-identify.rules)
 * 1:24483 <-> ENABLED <-> FILE-IDENTIFY Embedded Open Type Font file magic detected (file-identify.rules)