Talos Rules 2018-09-18
This release adds and modifies rules in several categories.

Talos has added and modified multiple rules in the exploit-kit, file-flash, file-identify, file-image, file-java, file-multimedia, file-office, file-other, file-pdf, indicator-compromise, malware-backdoor, malware-cnc, malware-other, netbios, os-linux, os-mobile, os-other, os-windows, policy-other, protocol-dns, protocol-ftp, protocol-icmp, protocol-imap, protocol-rpc, protocol-scada, protocol-services, protocol-snmp, protocol-tftp, protocol-voip, pua-adware, pua-toolbars, server-apache, server-iis, server-mail, server-mssql, server-mysql, server-oracle, server-other and sql rule sets to provide coverage for emerging threats from these technologies.

Change logs

2018-09-18 14:19:43 UTC

Snort Subscriber Rules Update

Date: 2018-09-18

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091101.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:47813 <-> DISABLED <-> SERVER-WEBAPP CloudByte ElastiStor imageUploadServlet directory traversal attempt (server-webapp.rules)
 * 1:47812 <-> DISABLED <-> SERVER-WEBAPP CloudByte ElastiStor imageUploadServlet arbitrary JSP file upload attempt (server-webapp.rules)
 * 1:47832 <-> DISABLED <-> SERVER-WEBAPP WordPress Responsive Thumbnail Slider arbitrary PHP file upload attempt (server-webapp.rules)
 * 1:47831 <-> DISABLED <-> SERVER-WEBAPP phpmyadmin post-authentication local file inclusion attempt (server-webapp.rules)
 * 1:47830 <-> DISABLED <-> POLICY-OTHER phpmyadmin external SQL query detected (policy-other.rules)
 * 1:47829 <-> ENABLED <-> SERVER-OTHER JBoss Richfaces expression language injection attempt (server-other.rules)
 * 1:47828 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat EmfPlusDrawImagePoints out of bounds read attempt (file-image.rules)
 * 1:47827 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat EmfPlusDrawImagePoints out of bounds read attempt (file-image.rules)
 * 1:47826 <-> ENABLED <-> MALWARE-CNC Win.Trojan.njrat njRAT trojan variant download (malware-cnc.rules)
 * 1:47825 <-> ENABLED <-> MALWARE-CNC Win.Trojan.njrat njRAT trojan variant download (malware-cnc.rules)
 * 1:47824 <-> ENABLED <-> MALWARE-CNC Win.Trojan.njrat njRAT trojan variant download (malware-cnc.rules)
 * 1:47823 <-> ENABLED <-> MALWARE-CNC Win.Trojan.njrat njRAT trojan variant download (malware-cnc.rules)
 * 1:47822 <-> ENABLED <-> MALWARE-CNC Win.Trojan.njrat njRAT trojan outbound attempt (malware-cnc.rules)
 * 1:47821 <-> DISABLED <-> SERVER-OTHER OpenSSL invalid Diffie-Hellman parameter NULL pointer dereference attempt (server-other.rules)
 * 1:47820 <-> DISABLED <-> SERVER-OTHER OpenSSL invalid Diffie-Hellman parameter NULL pointer dereference attempt (server-other.rules)
 * 1:47819 <-> DISABLED <-> SERVER-WEBAPP SoftNAS StorageCenter snserv.php command injection attempt (server-webapp.rules)
 * 1:47818 <-> DISABLED <-> SERVER-WEBAPP SoftNAS StorageCenter snserv.php command injection attempt (server-webapp.rules)
 * 1:47817 <-> DISABLED <-> SERVER-WEBAPP SoftNAS StorageCenter snserv.php command injection attempt (server-webapp.rules)
 * 1:47816 <-> DISABLED <-> SERVER-WEBAPP CloudByte ElastiStor LicenseServlet arbitrary JSP file upload attempt (server-webapp.rules)
 * 1:47851 <-> ENABLED <-> OS-WINDOWS Microsoft Windows SystemCollector privilege escalation attempt (os-windows.rules)
 * 1:47850 <-> ENABLED <-> OS-WINDOWS Microsoft Windows SystemCollector privilege escalation attempt (os-windows.rules)
 * 1:47849 <-> ENABLED <-> MALWARE-OTHER Win.Downloader.DDECmdExec variant download (malware-other.rules)
 * 1:47848 <-> ENABLED <-> MALWARE-OTHER Win.Downloader.DDECmdExec variant download (malware-other.rules)
 * 1:47847 <-> ENABLED <-> MALWARE-OTHER Win.Downloader.DDECmdExec variant download (malware-other.rules)
 * 1:47846 <-> ENABLED <-> MALWARE-OTHER Win.Downloader.DDECmdExec variant download (malware-other.rules)
 * 1:47845 <-> ENABLED <-> MALWARE-OTHER Win.Downloader.DDECmdExec variant download (malware-other.rules)
 * 1:47844 <-> ENABLED <-> MALWARE-OTHER Win.Downloader.DDECmdExec variant download (malware-other.rules)
 * 1:47843 <-> ENABLED <-> MALWARE-CNC Java.Trojan.Adwind variant outbound connection (malware-cnc.rules)
 * 1:47839 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro SGI RGB run-length encoding out of bounds read attempt (file-image.rules)
 * 1:47838 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro SGI RGB run-length encoding out of bounds read attempt (file-image.rules)
 * 1:47837 <-> ENABLED <-> MALWARE-CNC Win.Trojan.DownloadGuide variant outbound traffic (malware-cnc.rules)
 * 1:47836 <-> ENABLED <-> MALWARE-CNC Win.Trojan.DownloadGuide variant outbound traffic (malware-cnc.rules)
 * 1:47835 <-> ENABLED <-> MALWARE-CNC Win.Trojan.DownloadGuide variant outbound traffic (malware-cnc.rules)
 * 1:47834 <-> DISABLED <-> FILE-FLASH Adobe Flash Player COM server BrokerCreateFile sandbox escape attempt (file-flash.rules)
 * 1:47833 <-> DISABLED <-> FILE-FLASH Adobe Flash Player COM server BrokerCreateFile sandbox escape attempt (file-flash.rules)
 * 1:47815 <-> DISABLED <-> SERVER-WEBAPP CloudByte ElastiStor LicenseServlet directory traversal attempt (server-webapp.rules)
 * 1:47814 <-> DISABLED <-> SERVER-WEBAPP CloudByte ElastiStor imageUploadServlet directory traversal attempt (server-webapp.rules)
 * 3:47841 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0680 attack attempt (file-other.rules)
 * 3:47842 <-> ENABLED <-> PROTOCOL-DNS TRUFFLEHUNTER TALOS-2018-0681 attack attempt (protocol-dns.rules)
 * 3:47840 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0680 attack attempt (file-other.rules)

Modified Rules:


 * 1:12079 <-> DISABLED <-> SERVER-OTHER CA BrightStor ARCserve LGServer stack buffer overflow attempt (server-other.rules)
 * 1:1209 <-> DISABLED <-> SERVER-WEBAPP .nsconfig access (server-webapp.rules)
 * 1:12286 <-> DISABLED <-> FILE-OTHER PCRE character class heap buffer overflow attempt (file-other.rules)
 * 1:12362 <-> DISABLED <-> SERVER-WEBAPP Squid HTTP Proxy-Authorization overflow attempt (server-webapp.rules)
 * 1:12746 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime invalid stsd atom out of bounds read attempt (file-multimedia.rules)
 * 1:12784 <-> DISABLED <-> SERVER-OTHER CA ARCserve LGServer stack buffer overflow attempt (server-other.rules)
 * 1:12785 <-> DISABLED <-> SERVER-OTHER CA ARCserve LGServer stack buffer overflow attempt (server-other.rules)
 * 1:12786 <-> DISABLED <-> SERVER-OTHER CA ARCserve LGServer stack buffer overflow attempt (server-other.rules)
 * 1:13293 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime panorama atoms buffer overflow attempt (file-multimedia.rules)
 * 1:13487 <-> DISABLED <-> PUA-ADWARE Adware elite protector runtime detection (pua-adware.rules)
 * 1:13816 <-> DISABLED <-> SERVER-WEBAPP PHP xmlrpc.php command injection attempt (server-webapp.rules)
 * 1:13817 <-> DISABLED <-> SERVER-WEBAPP PHP xmlrpc.php command injection attempt (server-webapp.rules)
 * 1:13818 <-> DISABLED <-> SERVER-WEBAPP PHP alternate xmlrpc.php command injection attempt (server-webapp.rules)
 * 1:13819 <-> DISABLED <-> SERVER-WEBAPP IBM Lotus Domino Web Server Accept-Language header buffer overflow attempt (server-webapp.rules)
 * 1:13866 <-> DISABLED <-> MALWARE-OTHER Trackware adclicker-fc.gen.a runtime detection - popup ads (malware-other.rules)
 * 1:13867 <-> DISABLED <-> MALWARE-OTHER Trackware adclicker-fc.gen.a runtime detection (malware-other.rules)
 * 1:13902 <-> DISABLED <-> SERVER-OTHER IBM Lotus Sametime multiplexer stack buffer overflow attempt (server-other.rules)
 * 1:13916 <-> DISABLED <-> SERVER-WEBAPP Alt-N SecurityGateway username buffer overflow attempt (server-webapp.rules)
 * 1:13925 <-> DISABLED <-> PROTOCOL-FTP Computer Associates eTrust Secure Content Manager PASV stack overflow attempt (protocol-ftp.rules)
 * 1:13927 <-> DISABLED <-> PROTOCOL-TFTP Open TFTP Server log generation buffer overflow attempt (protocol-tftp.rules)
 * 1:13940 <-> DISABLED <-> PUA-ADWARE Hijacker win32.bho.bgf outbound connection (pua-adware.rules)
 * 1:13990 <-> DISABLED <-> SQL union select - possible sql injection attempt - GET parameter (sql.rules)
 * 1:14230 <-> DISABLED <-> SERVER-WEBAPP SAP DB web server stack buffer overflow attempt (server-webapp.rules)
 * 1:14265 <-> DISABLED <-> PROTOCOL-SCADA Multiple Schneider Electric SCADA products buffer overflow attempt (protocol-scada.rules)
 * 1:14607 <-> DISABLED <-> SERVER-OTHER CA Brightstor SUN RPC malformed string buffer overflow attempt (server-other.rules)
 * 1:14608 <-> DISABLED <-> PROTOCOL-VOIP T.38 fax rate management attribute buffer overflow attempt (protocol-voip.rules)
 * 1:14609 <-> DISABLED <-> PROTOCOL-VOIP T.38 fax EC attribute buffer overflow attempt (protocol-voip.rules)
 * 1:14771 <-> DISABLED <-> SERVER-APACHE BEA WebLogic Apache Oracle connector Transfer-Encoding buffer overflow attempt (server-apache.rules)
 * 1:1478 <-> DISABLED <-> SERVER-WEBAPP Simple Web Counter URI Parameter Buffer Overflow attempt (server-webapp.rules)
 * 1:1485 <-> DISABLED <-> SERVER-IIS mkilog.exe access (server-iis.rules)
 * 1:15472 <-> DISABLED <-> FILE-MULTIMEDIA Multiple MP3 player PLS buffer overflow attempt (file-multimedia.rules)
 * 1:15484 <-> DISABLED <-> PROTOCOL-IMAP CRAM-MD5 authentication method buffer overflow attempt (protocol-imap.rules)
 * 1:15562 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JPX malformed code-block width memory corruption attempt (file-pdf.rules)
 * 1:15896 <-> DISABLED <-> SERVER-OTHER Firebird SQL op_connect_request denial of service attempt (server-other.rules)
 * 1:15939 <-> DISABLED <-> SERVER-OTHER MSN Messenger IRC bot calling home attempt (server-other.rules)
 * 1:16051 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher 2007 conversion library code execution attempt (file-office.rules)
 * 1:16098 <-> DISABLED <-> MALWARE-CNC Win.Trojan.cekar variant outbound connection (malware-cnc.rules)
 * 1:16131 <-> DISABLED <-> MALWARE-OTHER Trackware adclicker trojan zlob.dnz runtime detection - ads (malware-other.rules)
 * 1:16140 <-> DISABLED <-> MALWARE-CNC torpig-mebroot command and control checkin (malware-cnc.rules)
 * 1:16184 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (file-image.rules)
 * 1:16217 <-> DISABLED <-> SERVER-OTHER OpenView Network Node Manager ovalarmsrv opcode 45 integer overflow attempt (server-other.rules)
 * 1:16231 <-> DISABLED <-> FILE-PDF Microsoft Windows kernel-mode drivers core font parsing integer overflow attempt (file-pdf.rules)
 * 1:16271 <-> DISABLED <-> MALWARE-CNC Win.Trojan.TDSS.1.Gen keepalive detection (malware-cnc.rules)
 * 1:16365 <-> DISABLED <-> PUA-ADWARE OnlineGames download attempt (pua-adware.rules)
 * 1:16366 <-> DISABLED <-> OS-WINDOWS Microsoft Windows embedded OpenType font engine LZX decompression buffer overflow attempt (os-windows.rules)
 * 1:16494 <-> DISABLED <-> PUA-ADWARE Cutwail spambot server communication attempt (pua-adware.rules)
 * 1:16498 <-> DISABLED <-> PUA-ADWARE PC Antispyware 2010 FakeAV download/update attempt (pua-adware.rules)
 * 1:16598 <-> DISABLED <-> SERVER-OTHER Green Dam URL handling overflow attempt (server-other.rules)
 * 1:16606 <-> DISABLED <-> SERVER-ORACLE BEA WebLogic Server Plug-ins Certificate overflow attempt (server-oracle.rules)
 * 1:16636 <-> DISABLED <-> OS-WINDOWS Microsoft Windows .NET framework XMLDsig data tampering attempt (os-windows.rules)
 * 1:16638 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt (file-office.rules)
 * 1:16665 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Help Centre escape sequence XSS attempt (os-windows.rules)
 * 1:16688 <-> DISABLED <-> SERVER-OTHER iscsi target format string code execution attempt (server-other.rules)
 * 1:16689 <-> DISABLED <-> SERVER-OTHER Palo Alto Networks Firewall editUser.esp XSS attempt (server-other.rules)
 * 1:16692 <-> DISABLED <-> FILE-MULTIMEDIA PLF playlist name buffer overflow attempt (file-multimedia.rules)
 * 1:16696 <-> DISABLED <-> FILE-OTHER Astonsoft Deepburner db file path buffer overflow attempt (file-other.rules)
 * 1:16726 <-> DISABLED <-> FILE-OTHER gAlan malformed file stack overflow attempt (file-other.rules)
 * 1:16727 <-> DISABLED <-> FILE-OTHER IDEAL Administration IPJ file handling stack overflow attempt (file-other.rules)
 * 1:16731 <-> DISABLED <-> FILE-OTHER ProShow Gold PSH file handling overflow attempt (file-other.rules)
 * 1:16732 <-> DISABLED <-> FILE-OTHER SafeNet SoftRemote multiple policy file local overflow attempt (file-other.rules)
 * 1:16733 <-> DISABLED <-> FILE-OTHER UltraISO CCD file handling overflow attempt (file-other.rules)
 * 1:16736 <-> DISABLED <-> FILE-OTHER VariCAD multiple products DWB file handling overflow attempt (file-other.rules)
 * 1:16737 <-> DISABLED <-> FILE-MULTIMEDIA Xenorate Media Player XPL file handling overflow attempt - 1 (file-multimedia.rules)
 * 1:16738 <-> DISABLED <-> FILE-MULTIMEDIA Xenorate Media Player XPL file handling overflow attempt - 2 (file-multimedia.rules)
 * 1:16751 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player SMB module Win32AddConnection buffer overflow attempt (file-multimedia.rules)
 * 1:16752 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player SMB module Win32AddConnection buffer overflow attempt (file-multimedia.rules)
 * 1:16753 <-> DISABLED <-> SERVER-WEBAPP VideoLAN VLC Media Player SMB module Win32AddConnection buffer overflow attempt (server-webapp.rules)
 * 1:16787 <-> DISABLED <-> FILE-OTHER Symantec multiple products AeXNSConsoleUtilities RunCMD buffer overflow attempt (file-other.rules)
 * 1:17103 <-> DISABLED <-> SERVER-IIS IIS 5.1 alternate data stream authentication bypass attempt (server-iis.rules)
 * 1:17139 <-> DISABLED <-> SERVER-OTHER Symantec Alert Management System HNDLRSVC arbitrary command execution attempt (server-other.rules)
 * 1:17155 <-> DISABLED <-> SERVER-OTHER Multiple vendors OPIE off-by-one stack buffer overflow attempt (server-other.rules)
 * 1:17234 <-> ENABLED <-> MALWARE-CNC VBMania mass mailing worm activity (malware-cnc.rules)
 * 1:17235 <-> ENABLED <-> MALWARE-CNC VBMania mass mailing worm download (malware-cnc.rules)
 * 1:17238 <-> DISABLED <-> FILE-OTHER ACD Systems ACDSee Products XBM file handling buffer overflow attempt (file-other.rules)
 * 1:17250 <-> DISABLED <-> FILE-OFFICE Microsoft Windows WordPad sprmTSetBrc SPRM overflow attempt (file-office.rules)
 * 1:17256 <-> DISABLED <-> OS-WINDOWS Microsoft Windows uniscribe fonts parsing memory corruption attempt (os-windows.rules)
 * 1:17301 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word TextBox sub-document memory corruption attempt (file-office.rules)
 * 1:17308 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word SmartTag record code execution attempt (file-office.rules)
 * 1:17373 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime panorama atoms buffer overflow attempt (file-multimedia.rules)
 * 1:17440 <-> DISABLED <-> SERVER-IIS RSA authentication agent for web redirect buffer overflow attempt (server-iis.rules)
 * 1:17505 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word formatted disk pages table memory corruption attempt (file-office.rules)
 * 1:17506 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word formatted disk pages table memory corruption attempt (file-office.rules)
 * 1:17507 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word formatted disk pages table memory corruption attempt (file-office.rules)
 * 1:17560 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word global array index heap overflow attempt (file-office.rules)
 * 1:17805 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Neeris.BF variant outbound connection (malware-cnc.rules)
 * 1:18102 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader invalid PDF JavaScript printSeps extension call attempt (file-pdf.rules)
 * 1:18222 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder wmerrorenu.dll dll-load exploit attempt (os-windows.rules)
 * 1:18223 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder winietenu.dll dll-load exploit attempt (os-windows.rules)
 * 1:18224 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder asferrorenu.dll dll-load exploit attempt (os-windows.rules)
 * 1:18225 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder wmerrorenu.dll dll-load exploit attempt (os-windows.rules)
 * 1:18226 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder winietenu.dll dll-load exploit attempt (os-windows.rules)
 * 1:18227 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder asferrorenu.dll dll-load exploit attempt (os-windows.rules)
 * 1:18244 <-> DISABLED <-> FILE-JAVA Oracle Java browser plugin docbase overflow attempt (file-java.rules)
 * 1:18247 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious User-Agent ErrCode - W32/Fujacks.htm (malware-cnc.rules)
 * 1:18279 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Karagany.A variant outbound connection (malware-cnc.rules)
 * 1:18281 <-> DISABLED <-> MALWARE-CNC Win.Trojan.VB.njz variant outbound connection (malware-cnc.rules)
 * 1:18311 <-> DISABLED <-> SERVER-WEBAPP Novell iManager getMultiPartParameters arbitrary file upload attempt (server-webapp.rules)
 * 1:18448 <-> DISABLED <-> FILE-PDF Adobe Acrobat Universal 3D stream memory corruption attempt (file-pdf.rules)
 * 1:18451 <-> DISABLED <-> FILE-PDF Adobe Acrobat ICC color integer overflow attempt (file-pdf.rules)
 * 1:18453 <-> DISABLED <-> FILE-PDF Adobe Acrobat universal 3D format memory corruption attempt (file-pdf.rules)
 * 1:18457 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader U3D rgba parsing overflow attempt (file-pdf.rules)
 * 1:18478 <-> DISABLED <-> SERVER-WEBAPP miniBB rss.php premodDir remote file include attempt (server-webapp.rules)
 * 1:18479 <-> DISABLED <-> SERVER-WEBAPP miniBB rss.php pathToFiles remote file include attempt (server-webapp.rules)
 * 1:18488 <-> DISABLED <-> FILE-OTHER Adobe Photoshop wintab32.dll dll-load exploit attempt (file-other.rules)
 * 1:18489 <-> DISABLED <-> FILE-OTHER Adobe Photoshop wintab32.dll dll-load exploit attempt (file-other.rules)
 * 1:18506 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader CCITT stream compression filter invalid image size heap overflow attempt (file-pdf.rules)
 * 1:18507 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader CCITT stream compression filter invalid image size heap overflow attempt (file-pdf.rules)
 * 1:18511 <-> DISABLED <-> SERVER-OTHER Sourcefire Snort packet fragmentation reassembly denial of service attempt (server-other.rules)
 * 1:18524 <-> DISABLED <-> SERVER-OTHER Multiple vendor anti-virus extended ASCII filename scan bypass attempt (server-other.rules)
 * 1:18526 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader shell metacharacter code execution attempt (file-pdf.rules)
 * 1:18527 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader shell metacharacter code execution attempt (file-pdf.rules)
 * 1:18529 <-> DISABLED <-> FILE-OTHER Adobe Premiere Pro ibfs32.dll dll-load exploit attempt (file-other.rules)
 * 1:18530 <-> DISABLED <-> FILE-OTHER Adobe Premier Pro ibfs32.dll dll-load exploit attempt (file-other.rules)
 * 1:18531 <-> DISABLED <-> SERVER-OTHER Multiple Vendors iacenc.dll dll-load exploit attempt (server-other.rules)
 * 1:18532 <-> DISABLED <-> OS-WINDOWS Multiple Vendors iacenc.dll dll-load exploit attempt (os-windows.rules)
 * 1:18535 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word file sprmTSetBrc processing buffer overflow attempt (file-office.rules)
 * 1:18562 <-> DISABLED <-> MALWARE-CNC RogueSoftware.Win32.LivePcCare variant outbound connection (malware-cnc.rules)
 * 1:18575 <-> DISABLED <-> PROTOCOL-FTP Computer Associates eTrust Secure Content Manager LIST stack overflow attempt (protocol-ftp.rules)
 * 1:18577 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.agum variant outbound connection (malware-cnc.rules)
 * 1:18587 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 267 buffer overflow attempt (server-other.rules)
 * 1:18618 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Scar.dpvy/Parkchicers.A/Delf checkin (malware-cnc.rules)
 * 1:18638 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel drawing layer use after free attempt (file-office.rules)
 * 1:18642 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Converter sprmTSplit overflow attempt (file-office.rules)
 * 1:18643 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Converter sprmTTextFflow overflow attempt (file-office.rules)
 * 1:18707 <-> DISABLED <-> MALWARE-CNC RogueSoftware.Win32.ControlCenter variant outbound connection (malware-cnc.rules)
 * 1:18708 <-> DISABLED <-> MALWARE-CNC RogueSoftware.Win32.AntivirusSoft variant outbound connection (malware-cnc.rules)
 * 1:18709 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.aufm variant outbound connection (malware-cnc.rules)
 * 1:18711 <-> DISABLED <-> MALWARE-CNC RogueSoftware.Win32.SecurityCentral variant outbound connection (malware-cnc.rules)
 * 1:18712 <-> DISABLED <-> MALWARE-CNC RogueSoftware.Win32.XJRAntivirus variant outbound connection (malware-cnc.rules)
 * 1:18715 <-> ENABLED <-> MALWARE-CNC Ozdok botnet communication with C&C server (malware-cnc.rules)
 * 1:18716 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.H variant outbound connection (malware-cnc.rules)
 * 1:18717 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.QO variant outbound connection (malware-cnc.rules)
 * 1:18718 <-> DISABLED <-> MALWARE-CNC RogueSoftware.Win32.AdvancedDefender variant outbound connection (malware-cnc.rules)
 * 1:18719 <-> DISABLED <-> MALWARE-CNC Win.Trojan.IRCBot.CBY variant outbound connection (malware-cnc.rules)
 * 1:18720 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Terzib.A variant outbound connection (malware-cnc.rules)
 * 1:18723 <-> DISABLED <-> MALWARE-CNC RogueSoftware.Win32.CleanV variant outbound connection (malware-cnc.rules)
 * 1:18724 <-> DISABLED <-> MALWARE-CNC RogueSoftware.Win32.ZeroClean variant outbound connection (malware-cnc.rules)
 * 1:18739 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Koobface.D variant outbound connection (malware-cnc.rules)
 * 1:18753 <-> DISABLED <-> SERVER-OTHER Zend Server Java Bridge remote code execution attempt (server-other.rules)
 * 1:18764 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager nnmRptConfig.exe multiple parameters buffer overflow attempt (server-webapp.rules)
 * 1:18768 <-> DISABLED <-> SERVER-MAIL Novell GroupWise Internet Agent RRULE parsing buffer overflow attempt (server-mail.rules)
 * 1:18808 <-> DISABLED <-> SERVER-MAIL Ipswitch IMail Server List Mailer Reply-To address buffer overflow attempt (server-mail.rules)
 * 1:18934 <-> ENABLED <-> MALWARE-CNC known command and control channel traffic (Coreflood -- malware-cnc.rules)
 * 1:18936 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - Win.Trojan.FakeAV (malware-cnc.rules)
 * 1:18937 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - Win.Trojan.Krap (malware-cnc.rules)
 * 1:18939 <-> ENABLED <-> MALWARE-CNC known command and control channel traffic (malware-cnc.rules)
 * 1:18940 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - Sality (malware-cnc.rules)
 * 1:18941 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - FakeAV (malware-cnc.rules)
 * 1:18942 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - MacProtector (malware-cnc.rules)
 * 1:18943 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - MacDefender (malware-cnc.rules)
 * 1:18945 <-> DISABLED <-> MALWARE-CNC Virus.Win32.Feberr variant outbound connection (malware-cnc.rules)
 * 1:18946 <-> ENABLED <-> MALWARE-CNC Win.Trojan.IRCBot.FC variant outbound connection (malware-cnc.rules)
 * 1:18947 <-> DISABLED <-> MALWARE-CNC Win.Trojan.IRCBot.FC variant outbound connection (malware-cnc.rules)
 * 1:18952 <-> DISABLED <-> FILE-OTHER Microsoft Windows uniscribe fonts parsing memory corruption attempt (file-other.rules)
 * 1:18976 <-> DISABLED <-> MALWARE-CNC Rogue-Software.AVCare variant outbound connection (malware-cnc.rules)
 * 1:18977 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Proxy variant outbound connection (malware-cnc.rules)
 * 1:18978 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Pasta.aoq variant outbound connection (malware-cnc.rules)
 * 1:18980 <-> DISABLED <-> MALWARE-CNC WinSpywareProtect variant outbound connection (malware-cnc.rules)
 * 1:18981 <-> DISABLED <-> MALWARE-CNC WinSpywareProtect variant outbound connection (malware-cnc.rules)
 * 1:18982 <-> DISABLED <-> MALWARE-CNC WinSpywareProtect variant outbound connection (malware-cnc.rules)
 * 1:18984 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - Win32/Trojanclicker (malware-cnc.rules)
 * 1:18998 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM ovwebsnmpsrv.exe command line argument buffer overflow attempt (server-webapp.rules)
 * 1:19016 <-> ENABLED <-> MALWARE-CNC MacBack Win.Trojan.variant outbound connection (malware-cnc.rules)
 * 1:19017 <-> ENABLED <-> MALWARE-CNC MacBack Win.Trojan.variant outbound connection (malware-cnc.rules)
 * 1:19018 <-> ENABLED <-> MALWARE-CNC MacBack Win.Trojan.variant outbound connection (malware-cnc.rules)
 * 1:19019 <-> ENABLED <-> MALWARE-CNC MacBack Win.Trojan.variant outbound connection (malware-cnc.rules)
 * 1:19021 <-> ENABLED <-> MALWARE-CNC Win.Trojan-Downloader.Win32.FraudLoad.dzm variant outbound connection (malware-cnc.rules)
 * 1:19023 <-> DISABLED <-> MALWARE-CNC IRC.Zapchast.zwrc variant outbound connection (malware-cnc.rules)
 * 1:19024 <-> DISABLED <-> MALWARE-CNC Win.Trojan.StartPage variant outbound connection (malware-cnc.rules)
 * 1:19025 <-> DISABLED <-> MALWARE-CNC Win.Trojan-Banker.Win32.Bancos.etf variant outbound connection (malware-cnc.rules)
 * 1:19027 <-> DISABLED <-> MALWARE-CNC BrowserModifier.Win32.Kerlofost variant outbound connection (malware-cnc.rules)
 * 1:19028 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Mailbot variant outbound connection (malware-cnc.rules)
 * 1:19030 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Uloadis variant outbound connection (malware-cnc.rules)
 * 1:19031 <-> DISABLED <-> MALWARE-CNC iPRIVACY variant outbound connection (malware-cnc.rules)
 * 1:19032 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Cornfemo variant outbound connection (malware-cnc.rules)
 * 1:19033 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Cornfemo variant outbound connection (malware-cnc.rules)
 * 1:19035 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Vilsel.baqb variant outbound connection (malware-cnc.rules)
 * 1:19036 <-> ENABLED <-> MALWARE-CNC Win.Trojan.IRCBrute.I variant outbound connection (malware-cnc.rules)
 * 1:19037 <-> DISABLED <-> MALWARE-CNC Win.Trojan.IRCBrute.I variant outbound connection (malware-cnc.rules)
 * 1:19038 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Jzzer.A variant outbound connection (malware-cnc.rules)
 * 1:19039 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Linkbot.alr variant outbound connection (malware-cnc.rules)
 * 1:19040 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Linkbot.alr variant outbound connection (malware-cnc.rules)
 * 1:19041 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Carberp.C variant outbound connection (malware-cnc.rules)
 * 1:19042 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.ACQE variant outbound connection (malware-cnc.rules)
 * 1:19043 <-> DISABLED <-> PUA-ADWARE RogueSoftware.Win32.BestBoan outbound connection (pua-adware.rules)
 * 1:19044 <-> DISABLED <-> PUA-ADWARE RogueSoftware.Win32.ThinkPoint outbound connection (pua-adware.rules)
 * 1:19045 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Bancos.XQ variant outbound connection (malware-cnc.rules)
 * 1:19046 <-> DISABLED <-> PUA-ADWARE RogueSoftware.Win32.Winwebsec outbound connection (pua-adware.rules)
 * 1:19047 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user agent - RCleanT (malware-cnc.rules)
 * 1:19048 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Darkness variant outbound connection (malware-cnc.rules)
 * 1:19050 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banbra.fxe variant outbound connection (malware-cnc.rules)
 * 1:19052 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Httpbot.qdc variant outbound connection (malware-cnc.rules)
 * 1:19053 <-> ENABLED <-> MALWARE-CNC Worm.Win32.Nusump.A variant outbound connection (malware-cnc.rules)
 * 1:19054 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Sisron.nelo variant outbound connection (malware-cnc.rules)
 * 1:19055 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Gosik.A registration (malware-cnc.rules)
 * 1:19056 <-> ENABLED <-> MALWARE-CNC Win.Trojan.QQFish variant outbound connection (malware-cnc.rules)
 * 1:19057 <-> ENABLED <-> MALWARE-CNC Win.Trojan.QQFish variant outbound connection (malware-cnc.rules)
 * 1:19058 <-> ENABLED <-> MALWARE-CNC Worm.Win32.Faketube update request (malware-cnc.rules)
 * 1:19059 <-> DISABLED <-> PUA-ADWARE RogueSoftware.Win32.SystemDefragmenter outbound connection (pua-adware.rules)
 * 1:19060 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ponmocup.A variant outbound connection (malware-cnc.rules)
 * 1:19061 <-> DISABLED <-> PUA-ADWARE Adware.Win32.Cashtitan contact to server attempt (pua-adware.rules)
 * 1:19062 <-> DISABLED <-> MALWARE-CNC Win.Trojan.FakePlus variant outbound connection (malware-cnc.rules)
 * 1:19105 <-> DISABLED <-> SERVER-OTHER HP Data Protector Manager MMD service buffer overflow attempt (server-other.rules)
 * 1:19138 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM getnnmdata.exe CGI hostname parameter buffer overflow attempt (server-webapp.rules)
 * 1:19164 <-> ENABLED <-> MALWARE-CNC Win.Trojan.SpyEye variant outbound connection (malware-cnc.rules)
 * 1:19206 <-> DISABLED <-> SERVER-OTHER IBM DB2 Universal Database receiveDASMessage buffer overflow attempt (server-other.rules)
 * 1:19225 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SerAuxTrend biff record corruption attempt (file-office.rules)
 * 1:19309 <-> DISABLED <-> PUA-ADWARE hijacker starware videos outbound connection (pua-adware.rules)
 * 1:19310 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Gen3 variant outbound connection (malware-cnc.rules)
 * 1:19312 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.aah variant outbound connection (malware-cnc.rules)
 * 1:19328 <-> ENABLED <-> MALWARE-CNC PointGuide variant outbound connection (malware-cnc.rules)
 * 1:19329 <-> DISABLED <-> MALWARE-CNC Faceback.exe variant outbound connection (malware-cnc.rules)
 * 1:19330 <-> DISABLED <-> MALWARE-CNC Adclicker Win.Trojan.Zlob.dnz variant outbound connection (malware-cnc.rules)
 * 1:19331 <-> DISABLED <-> MALWARE-CNC Adclicker Win.Trojan.Zlob.dnz variant outbound connection (malware-cnc.rules)
 * 1:19332 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Clampi variant outbound connection (malware-cnc.rules)
 * 1:19339 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Dropper Win.Trojan.Agent.alda variant outbound connection (malware-cnc.rules)
 * 1:19340 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Fakeav TREAntivirus variant outbound connection (malware-cnc.rules)
 * 1:19341 <-> DISABLED <-> MALWARE-CNC Worm MSIL.AiO.a variant outbound connection (malware-cnc.rules)
 * 1:19342 <-> DISABLED <-> MALWARE-CNC Adware Professional variant outbound connection (malware-cnc.rules)
 * 1:19343 <-> DISABLED <-> MALWARE-CNC Adware Pro variant outbound connection (malware-cnc.rules)
 * 1:19344 <-> DISABLED <-> MALWARE-CNC AntiMalware Pro variant outbound connection (malware-cnc.rules)
 * 1:19345 <-> DISABLED <-> MALWARE-CNC REAnti variant outbound connection (malware-cnc.rules)
 * 1:19346 <-> DISABLED <-> MALWARE-CNC Additional Guard variant outbound connection (malware-cnc.rules)
 * 1:19348 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Downloader Win.Trojan.FraudLoad.emq variant outbound connection (malware-cnc.rules)
 * 1:19349 <-> DISABLED <-> MALWARE-CNC Fakeav Vaccineclear variant outbound connection (malware-cnc.rules)
 * 1:19351 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Clicker Win.Trojan.Hatigh.C variant outbound connection (malware-cnc.rules)
 * 1:19352 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Small.D variant outbound connection (malware-cnc.rules)
 * 1:19353 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Banker.bkhu variant outbound connection (malware-cnc.rules)
 * 1:19357 <-> ENABLED <-> MALWARE-CNC Win.Worm.Sohanad.ila variant outbound connection (malware-cnc.rules)
 * 1:19358 <-> ENABLED <-> MALWARE-CNC Win.Trojan.XYTvn.A variant outbound connection (malware-cnc.rules)
 * 1:19359 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dcbavict.A variant outbound connection (malware-cnc.rules)
 * 1:19360 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dcbavict.A variant outbound connection (malware-cnc.rules)
 * 1:19361 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dcbavict.A variant outbound connection (malware-cnc.rules)
 * 1:19363 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dorkbot.B variant outbound connection (malware-cnc.rules)
 * 1:19366 <-> DISABLED <-> MALWARE-CNC Win.Trojan.HXWAN.A variant outbound connection (malware-cnc.rules)
 * 1:19367 <-> DISABLED <-> MALWARE-CNC Win.Worm.Vaubeg.A variant outbound connection (malware-cnc.rules)
 * 1:19368 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Carberp.D variant outbound connection (malware-cnc.rules)
 * 1:19369 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Carberp.D variant outbound connection (malware-cnc.rules)
 * 1:19370 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Carberp.D variant outbound connection (malware-cnc.rules)
 * 1:19371 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.IC variant outbound connection (malware-cnc.rules)
 * 1:19372 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string javasw - Trojan.Banload (malware-cnc.rules)
 * 1:19391 <-> DISABLED <-> PUA-ADWARE Lost Door v3.0 (pua-adware.rules)
 * 1:19392 <-> ENABLED <-> MALWARE-OTHER Keylogger Monitor.win32.perflogger (malware-other.rules)
 * 1:19393 <-> DISABLED <-> MALWARE-OTHER Keylogger Monitor.win32.perflogger (malware-other.rules)
 * 1:19394 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Tidserv variant outbound connection (malware-cnc.rules)
 * 1:19395 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader Win.Trojan.Monkif.J inbound connection - dest ip infected (malware-cnc.rules)
 * 1:19396 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Beastdoor.b variant outbound connection (malware-cnc.rules)
 * 1:19397 <-> DISABLED <-> MALWARE-CNC Win.Trojan.UltimateDefender.xv variant outbound connection (malware-cnc.rules)
 * 1:19398 <-> DISABLED <-> MALWARE-CNC Win.Trojan.BAT.Shutdown.ef variant outbound connection (malware-cnc.rules)
 * 1:19399 <-> DISABLED <-> MALWARE-CNC Email Worm Win32.Zhelatin.ch variant outbound connection (malware-cnc.rules)
 * 1:19400 <-> DISABLED <-> MALWARE-CNC Win.Worm.Sddrop.D variant outbound connection (malware-cnc.rules)
 * 1:19401 <-> DISABLED <-> MALWARE-CNC Win.Worm.Sddrop.D variant outbound connection (malware-cnc.rules)
 * 1:19402 <-> DISABLED <-> MALWARE-CNC P2P Worm.Win32.Malas.r variant outbound connection (malware-cnc.rules)
 * 1:19404 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ozdok variant outbound connection (malware-cnc.rules)
 * 1:19426 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader Win.Trojan.Crypter.i variant outbound connection (malware-cnc.rules)
 * 1:19427 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.amjz variant outbound connection (malware-cnc.rules)
 * 1:19428 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader Win.Trojan.Adload.BG variant outbound connection (malware-cnc.rules)
 * 1:19429 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Proxy Win.Trojan.Dosenjo.C variant outbound connection (malware-cnc.rules)
 * 1:19433 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Fujacks.aw variant outbound connection (malware-cnc.rules)
 * 1:19434 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string ErrCode (malware-cnc.rules)
 * 1:19435 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Litmus.203 variant outbound connection (malware-cnc.rules)
 * 1:19453 <-> DISABLED <-> PUA-ADWARE Sus.BancDI-B trojan outbound connection (pua-adware.rules)
 * 1:19454 <-> DISABLED <-> MALWARE-CNC Win.Trojan.PWS.Win32.QQPass.IK variant outbound connection (malware-cnc.rules)
 * 1:19456 <-> DISABLED <-> MALWARE-CNC Packed.Win32.Klone.bj variant outbound connection (malware-cnc.rules)
 * 1:19457 <-> DISABLED <-> MALWARE-CNC Trojan-Clicker.Win32.Vesloruki.ajb variant outbound connection (malware-cnc.rules)
 * 1:19458 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word sprmCMajority record buffer overflow attempt (file-office.rules)
 * 1:19459 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word sprmCMajority record buffer overflow attempt (file-office.rules)
 * 1:19476 <-> DISABLED <-> MALWARE-CNC Exploit.Win32.SqlShell.r variant outbound connection (malware-cnc.rules)
 * 1:19477 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Krap.af variant outbound connection (malware-cnc.rules)
 * 1:19478 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Taterf.B variant outbound connection (malware-cnc.rules)
 * 1:19479 <-> DISABLED <-> MALWARE-CNC Net-Worm.Win32.Piloyd.m variant outbound connection - request html (malware-cnc.rules)
 * 1:19480 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string STORMDDOS - Backdoor.Win32.Inject.ctt (malware-cnc.rules)
 * 1:19481 <-> DISABLED <-> MALWARE-CNC Email-Worm.Win32.Agent.bx variant outbound connection (malware-cnc.rules)
 * 1:19482 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string ErrorFix (malware-cnc.rules)
 * 1:19483 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Reload.fy variant outbound connection (malware-cnc.rules)
 * 1:19485 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user agent - RAV1 (malware-cnc.rules)
 * 1:19486 <-> DISABLED <-> PUA-ADWARE W32.Fiala.A outbound connection (pua-adware.rules)
 * 1:19487 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.kih variant outbound connection (malware-cnc.rules)
 * 1:19488 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Failnum.A variant outbound connection (malware-cnc.rules)
 * 1:19489 <-> DISABLED <-> MALWARE-CNC Win.Trojan.DeAlfa.fa variant outbound connection (malware-cnc.rules)
 * 1:19490 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Koceg.B variant outbound connection (malware-cnc.rules)
 * 1:19491 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader Win.Trojan.Genome.vau variant outbound connection (malware-cnc.rules)
 * 1:19492 <-> DISABLED <-> MALWARE-CNC Windows System Defender variant outbound connection (malware-cnc.rules)
 * 1:19493 <-> ENABLED <-> MALWARE-CNC URI request for known malicious uri config.ini on 3322.org domain (malware-cnc.rules)
 * 1:19494 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Licum variant outbound connection (malware-cnc.rules)
 * 1:19495 <-> DISABLED <-> MALWARE-CNC Win.Worm.Pilleuz variant outbound connection (malware-cnc.rules)
 * 1:19554 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Fakeav Antivirus Xp Pro variant outbound connection (malware-cnc.rules)
 * 1:19555 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Small variant outbound connection (malware-cnc.rules)
 * 1:19556 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Homa variant outbound connection (malware-cnc.rules)
 * 1:19557 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Shark.ag variant outbound connection (malware-cnc.rules)
 * 1:19566 <-> DISABLED <-> PUA-ADWARE W32.Ackantta.C.mm mass-mailer outbound connection (pua-adware.rules)
 * 1:19567 <-> DISABLED <-> PUA-ADWARE W32.Ackantta.C.mm mass-mailer outbound connection (pua-adware.rules)
 * 1:19568 <-> DISABLED <-> MALWARE-CNC Trojan-Spy.Win32.PerfectKeylogger variant outbound connection (malware-cnc.rules)
 * 1:19569 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Perkesh variant outbound connection (malware-cnc.rules)
 * 1:19570 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user agent - ie 11.0 sp6 (malware-cnc.rules)
 * 1:19571 <-> DISABLED <-> PUA-ADWARE Antivirus Agent Pro outbound connection (pua-adware.rules)
 * 1:19572 <-> DISABLED <-> MALWARE-CNC Win.Trojan.FFSearch variant outbound connection (malware-cnc.rules)
 * 1:19573 <-> DISABLED <-> MALWARE-CNC Win.Worm.Chiviper.C variant outbound connection (malware-cnc.rules)
 * 1:19574 <-> DISABLED <-> MALWARE-CNC Win.Worm.Chiviper.C variant outbound connection (malware-cnc.rules)
 * 1:19575 <-> DISABLED <-> MALWARE-CNC Win.Worm.Emold.U variant outbound connection (malware-cnc.rules)
 * 1:19576 <-> DISABLED <-> PUA-ADWARE Antivirus Pro 2010 outbound connection (pua-adware.rules)
 * 1:19577 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dropper Win.Trojan.Dogrobot.E variant outbound connection (malware-cnc.rules)
 * 1:19578 <-> DISABLED <-> PUA-ADWARE Personal Guard 2009 outbound connection (pua-adware.rules)
 * 1:19579 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Potao.A variant outbound connection (malware-cnc.rules)
 * 1:19580 <-> DISABLED <-> MALWARE-CNC Win.Worm.Basun.wsc inbound connection (malware-cnc.rules)
 * 1:19581 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Apher.gpd variant outbound connection (malware-cnc.rules)
 * 1:19582 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Apher.gpd variant outbound connection (malware-cnc.rules)
 * 1:19583 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Bumat.rts variant outbound connection (malware-cnc.rules)
 * 1:19584 <-> DISABLED <-> MALWARE-CNC Win.Worm.Dref.C variant outbound connection (malware-cnc.rules)
 * 1:19585 <-> DISABLED <-> MALWARE-CNC Win.Worm.Dref.C variant outbound connection - notification (malware-cnc.rules)
 * 1:19586 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Clicker Win.Trojan.Agent.dlg variant outbound connection (malware-cnc.rules)
 * 1:19587 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Sereki.B variant outbound connection (malware-cnc.rules)
 * 1:19588 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Sereki.B successful connection (malware-cnc.rules)
 * 1:19589 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious User-Agent string MacProtector (malware-cnc.rules)
 * 1:19590 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Savnut.B variant outbound connection (malware-cnc.rules)
 * 1:19591 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Powp.pyv variant outbound connection (malware-cnc.rules)
 * 1:19592 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent variant outbound connection (malware-cnc.rules)
 * 1:19593 <-> DISABLED <-> MALWARE-CNC Win.Worm.Agent.btxm variant outbound connection IRC (malware-cnc.rules)
 * 1:19594 <-> DISABLED <-> PUA-ADWARE Win32.Fruspam outbound connection (pua-adware.rules)
 * 1:19595 <-> DISABLED <-> MALWARE-OTHER known malicious email string - You have received a Hallmark E-Card (malware-other.rules)
 * 1:19596 <-> DISABLED <-> MALWARE-CNC Poison Ivy variant outbound connection (malware-cnc.rules)
 * 1:19597 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.cws variant outbound connection (malware-cnc.rules)
 * 1:19598 <-> DISABLED <-> PUA-ADWARE Infostealer.Gampass outbound connection (pua-adware.rules)
 * 1:19608 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Wisscmd.A variant outbound connection (malware-cnc.rules)
 * 1:19611 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious User-Agent string INet - Win32.Virus.Jusabli.A (malware-cnc.rules)
 * 1:19612 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Banload.bvk variant outbound connection (malware-cnc.rules)
 * 1:19613 <-> DISABLED <-> MALWARE-CNC Rogue Software Registry Cleaner Pro variant outbound connection (malware-cnc.rules)
 * 1:19614 <-> ENABLED <-> MALWARE-CNC Win.Trojan.IRCBot.kkr variant outbound connection (malware-cnc.rules)
 * 1:19615 <-> DISABLED <-> MALWARE-CNC Win.Trojan.IRCBot.kkr variant outbound connection (malware-cnc.rules)
 * 1:19616 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.Win32.Banbra.mcq variant outbound connection (malware-cnc.rules)
 * 1:19622 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - pte.aspx?ver= (malware-cnc.rules)
 * 1:19623 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - vic.aspx?ver= (malware-cnc.rules)
 * 1:19625 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - .sys.php?getexe= (malware-cnc.rules)
 * 1:19626 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - /setup_b.asp?prj= (malware-cnc.rules)
 * 1:19627 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - /r_autoidcnt.asp?mer_seq= (malware-cnc.rules)
 * 1:19628 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - /1cup/script.php (malware-cnc.rules)
 * 1:19631 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - AnSSip= (malware-cnc.rules)
 * 1:19632 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - /VertexNet/adduser.php?uid= (malware-cnc.rules)
 * 1:19633 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - /VertexNet/tasks.php?uid= (malware-cnc.rules)
 * 1:19635 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - /app/?prj= (malware-cnc.rules)
 * 1:19636 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - /blog/images/3521.jpg?v (malware-cnc.rules)
 * 1:19637 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - /install.asp?mac= (malware-cnc.rules)
 * 1:19638 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - /kx4.txt (malware-cnc.rules)
 * 1:19652 <-> DISABLED <-> MALWARE-CNC Teevsock C variant outbound connection (malware-cnc.rules)
 * 1:19654 <-> DISABLED <-> MALWARE-CNC Trojan-Spy.Win32.Zbot.wti variant outbound connection (malware-cnc.rules)
 * 1:19655 <-> DISABLED <-> MALWARE-CNC Trojan-Dropper.Agent.IK variant outbound connection (malware-cnc.rules)
 * 1:19656 <-> DISABLED <-> MALWARE-CNC Trojan-Dropper.Win32.Peace.lh variant outbound connection (malware-cnc.rules)
 * 1:19657 <-> ENABLED <-> MALWARE-CNC Win.Trojan.FakeAV variant traffic (malware-cnc.rules)
 * 1:19658 <-> ENABLED <-> MALWARE-CNC Win.Trojan.MCnovogic.A variant outbound connection (malware-cnc.rules)
 * 1:19659 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Soleseq.A variant outbound connection (malware-cnc.rules)
 * 1:19660 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Riern.K variant outbound connection (malware-cnc.rules)
 * 1:19695 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.VB.nec variant outbound connection (malware-cnc.rules)
 * 1:19696 <-> DISABLED <-> MALWARE-CNC Win.Trojan.SdBot.nng inbound connection (malware-cnc.rules)
 * 1:19697 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Spy.Win32.VB.btm variant outbound connection (malware-cnc.rules)
 * 1:19698 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Prosti.AG variant outbound connection (malware-cnc.rules)
 * 1:19699 <-> DISABLED <-> MALWARE-CNC TrojanDownloader.Win32.Korklic.A variant outbound connection (malware-cnc.rules)
 * 1:19700 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.tnr variant outbound connection (malware-cnc.rules)
 * 1:19701 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Hassar.A variant outbound connection (malware-cnc.rules)
 * 1:19702 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Zboter.E variant outbound connection (malware-cnc.rules)
 * 1:19703 <-> ENABLED <-> MALWARE-CNC Win.Worm.Dusta.br outbound connnection (malware-cnc.rules)
 * 1:19704 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Agent.grdm variant outbound connection (malware-cnc.rules)
 * 1:19705 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Agent.grdm variant outbound connection (malware-cnc.rules)
 * 1:19706 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Agent.cer variant outbound connection (malware-cnc.rules)
 * 1:19711 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Jorik variant outbound connection (malware-cnc.rules)
 * 1:19712 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Downloader variant outbound connection (malware-cnc.rules)
 * 1:19715 <-> DISABLED <-> MALWARE-CNC Win.Trojan.URLZone variant outbound connection (malware-cnc.rules)
 * 1:19716 <-> DISABLED <-> MALWARE-CNC TrojanSpy.Win32.Banker.OO variant outbound connection (malware-cnc.rules)
 * 1:19717 <-> DISABLED <-> PUA-ADWARE Virus.Win32.Virut.ce outbound connection (pua-adware.rules)
 * 1:19718 <-> DISABLED <-> MALWARE-CNC Trojan-Downloader.Win32.Agent.bkap variant outbound connection (malware-cnc.rules)
 * 1:19719 <-> DISABLED <-> MALWARE-CNC Email-Worm.Win32.Bagle.of variant outbound connection (malware-cnc.rules)
 * 1:19720 <-> DISABLED <-> MALWARE-CNC Trojan-Downloader.Win32.Onestage.ws variant outbound connection (malware-cnc.rules)
 * 1:19721 <-> DISABLED <-> MALWARE-CNC Win.Trojan.IRCBot.mlh variant outbound connection (malware-cnc.rules)
 * 1:19722 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Poshtroper variant outbound connection (malware-cnc.rules)
 * 1:19723 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Pherbot variant outbound connection (malware-cnc.rules)
 * 1:19724 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent variant outbound connection (malware-cnc.rules)
 * 1:19725 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Poison variant outbound connection (malware-cnc.rules)
 * 1:19726 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Poison variant outbound connection (malware-cnc.rules)
 * 1:19727 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Bancos.DI variant outbound connection (malware-cnc.rules)
 * 1:19728 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Yayih variant outbound connection (malware-cnc.rules)
 * 1:19729 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Yayih variant outbound connection (malware-cnc.rules)
 * 1:19730 <-> ENABLED <-> MALWARE-CNC Win.Trojan.KukuBot variant outbound connection (malware-cnc.rules)
 * 1:19731 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Darkwebot variant outbound connection (malware-cnc.rules)
 * 1:19732 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Idicaf variant outbound connection (malware-cnc.rules)
 * 1:19733 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Jorik.BRU variant outbound connection (malware-cnc.rules)
 * 1:19739 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Apptom variant outbound connection (malware-cnc.rules)
 * 1:19740 <-> DISABLED <-> MALWARE-CNC Worm.Win32.AutoRun.aczu variant outbound connection (malware-cnc.rules)
 * 1:19741 <-> DISABLED <-> MALWARE-OTHER PWS.Win32.Scofted keylogger runtime detection (malware-other.rules)
 * 1:19742 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.atff variant outbound connection (malware-cnc.rules)
 * 1:19743 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Hupigon.eqlo variant outbound connection (malware-cnc.rules)
 * 1:19744 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Deecee.a variant outbound connection (malware-cnc.rules)
 * 1:19745 <-> DISABLED <-> MALWARE-CNC Win.Trojan.FraudLoad.dyl variant outbound connection (malware-cnc.rules)
 * 1:19746 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.biiw variant outbound connection (malware-cnc.rules)
 * 1:19747 <-> ENABLED <-> MALWARE-BACKDOOR Win.Trojan.GGDoor.22 variant outbound connection (malware-backdoor.rules)
 * 1:19748 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Crypt.ULPM.Gen IRC variant outbound connection (malware-cnc.rules)
 * 1:19749 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.chgp variant outbound connection (malware-cnc.rules)
 * 1:19750 <-> DISABLED <-> MALWARE-CNC PWS.Win32.Zbot.PJ variant outbound connection (malware-cnc.rules)
 * 1:19751 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Sohanad.bm variant outbound connection (malware-cnc.rules)
 * 1:19752 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader variant outbound connection (malware-cnc.rules)
 * 1:19753 <-> DISABLED <-> MALWARE-CNC Win.Trojan.TrojanSpy.Win32.Zbot.gen.C variant outbound connection (malware-cnc.rules)
 * 1:19754 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Delf.RGL variant outbound connection (malware-cnc.rules)
 * 1:19755 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Alphabet variant outbound connection (malware-cnc.rules)
 * 1:19756 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string Opera/8.89 - P2P-Worm.Win32.Palevo.ddm (malware-cnc.rules)
 * 1:19757 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.bqlu variant outbound connection (malware-cnc.rules)
 * 1:19758 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Small.yw variant outbound connection (malware-cnc.rules)
 * 1:19759 <-> DISABLED <-> MALWARE-CNC Trojan-PSW.Win32.FireThief.h variant outbound connection (malware-cnc.rules)
 * 1:19760 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Arsinfoder variant outbound connection (malware-cnc.rules)
 * 1:19761 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Ftpharvxqq variant outbound connection (malware-cnc.rules)
 * 1:19762 <-> DISABLED <-> MALWARE-CNC Win.Trojan.RDPdoor.AE variant outbound connection (malware-cnc.rules)
 * 1:19763 <-> DISABLED <-> MALWARE-CNC Win.Trojan.RDPdoor.AE variant outbound connection (malware-cnc.rules)
 * 1:19764 <-> DISABLED <-> MALWARE-CNC Win.Trojan.RDPdoor.AE variant outbound connection (malware-cnc.rules)
 * 1:19765 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Banker variant outbound connection (malware-cnc.rules)
 * 1:19766 <-> DISABLED <-> MALWARE-CNC Win.Worm.Autorun variant outbound connection (malware-cnc.rules)
 * 1:19767 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Msposer.A variant outbound connection (malware-cnc.rules)
 * 1:19769 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Yoddos outbound indicator (malware-cnc.rules)
 * 1:19770 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Yoddos variant outbound connection (malware-cnc.rules)
 * 1:19771 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Yoddos variant outbound connection (malware-cnc.rules)
 * 1:19772 <-> ENABLED <-> MALWARE-CNC Virus.Win32.Parite.B variant outbound connection (malware-cnc.rules)
 * 1:19773 <-> DISABLED <-> MALWARE-CNC Virus.Win32.Parite.B variant outbound connection (malware-cnc.rules)
 * 1:19774 <-> DISABLED <-> MALWARE-CNC Gen-Trojan.Heur variant outbound connection (malware-cnc.rules)
 * 1:19775 <-> DISABLED <-> PUA-ADWARE PWS.Win32.Ldpinch.gen outbound connection (pua-adware.rules)
 * 1:19776 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent2.guy dropper variant outbound connection (malware-cnc.rules)
 * 1:19777 <-> DISABLED <-> PUA-ADWARE Fast Antivirus 2009 outbound connection (pua-adware.rules)
 * 1:19781 <-> DISABLED <-> MALWARE-CNC Trojan-Dropper.Win32.Agent.aqpn variant outbound connection (malware-cnc.rules)
 * 1:19782 <-> DISABLED <-> MALWARE-CNC Win.Trojan.AVKill.bc variant outbound connection (malware-cnc.rules)
 * 1:19783 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload.agcw variant outbound connection (malware-cnc.rules)
 * 1:19784 <-> DISABLED <-> MALWARE-CNC Worm.Win32.AutoRun.sde variant outbound connection (malware-cnc.rules)
 * 1:19785 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Malushka.T variant outbound connection (malware-cnc.rules)
 * 1:19786 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user agent - Mozilla (malware-cnc.rules)
 * 1:19787 <-> DISABLED <-> MALWARE-CNC Exploit-PDF.t variant outbound connection (malware-cnc.rules)
 * 1:19788 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.VB.pnc variant outbound connection (malware-cnc.rules)
 * 1:19789 <-> ENABLED <-> MALWARE-CNC P2P Worm Win.Trojan.SpyBot.pgh variant outbound connection (malware-cnc.rules)
 * 1:19790 <-> DISABLED <-> MALWARE-CNC P2P Worm Win.Trojan.SpyBot.pgh variant outbound connection (malware-cnc.rules)
 * 1:19791 <-> DISABLED <-> MALWARE-CNC Trojan-Dropper.Win32.Small.awa variant outbound connection (malware-cnc.rules)
 * 1:19792 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader Win.Trojan.Caxnet.A variant outbound connection (malware-cnc.rules)
 * 1:19793 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader Win.Trojan.SillyFDC-DS variant outbound connection (malware-cnc.rules)
 * 1:19794 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Fnumbot variant outbound connection (malware-cnc.rules)
 * 1:19795 <-> DISABLED <-> MALWARE-CNC Win.Trojan.FakeAV NoAdware variant outbound connection (malware-cnc.rules)
 * 1:19796 <-> DISABLED <-> MALWARE-CNC Win.Trojan.DL.CashnJoy.A variant outbound connection (malware-cnc.rules)
 * 1:19797 <-> DISABLED <-> MALWARE-CNC Safety Center variant outbound connection (malware-cnc.rules)
 * 1:19798 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent2.kxu variant outbound connection (malware-cnc.rules)
 * 1:19799 <-> DISABLED <-> MALWARE-CNC PWS.Win32.Zbot.gen.Q variant outbound connection (malware-cnc.rules)
 * 1:19800 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Pher.ij variant outbound connection (malware-cnc.rules)
 * 1:19801 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Tracur variant outbound connection (malware-cnc.rules)
 * 1:19802 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Wixud.B variant outbound connection (malware-cnc.rules)
 * 1:19803 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Renos.FH variant outbound connection (malware-cnc.rules)
 * 1:19804 <-> DISABLED <-> MALWARE-CNC Win.Trojan.VB.ktq variant outbound connection (malware-cnc.rules)
 * 1:19805 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Smser.cx variant outbound connection (malware-cnc.rules)
 * 1:19819 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ertfor.A variant outbound connection (malware-cnc.rules)
 * 1:19820 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ertfor.A variant outbound connection (malware-cnc.rules)
 * 1:19821 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Bagle.gen.C variant outbound connection (malware-cnc.rules)
 * 1:19822 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload.HH variant outbound connection (malware-cnc.rules)
 * 1:19823 <-> DISABLED <-> PUA-ADWARE Downloader.Banload.AKBB outbound connection (pua-adware.rules)
 * 1:19824 <-> DISABLED <-> MALWARE-CNC Gen-Trojan.Heur variant outbound connection (malware-cnc.rules)
 * 1:19825 <-> DISABLED <-> SERVER-APACHE Apache Killer denial of service tool exploit attempt (server-apache.rules)
 * 1:19827 <-> DISABLED <-> PUA-ADWARE PWS-QQGame outbound connection (pua-adware.rules)
 * 1:19828 <-> DISABLED <-> MALWARE-CNC Win.Trojan.SpyAgent.B variant outbound connection (malware-cnc.rules)
 * 1:19829 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Rbot.gen variant outbound connection (malware-cnc.rules)
 * 1:19830 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Poebot.BP variant outbound connection (malware-cnc.rules)
 * 1:19831 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zbot.SO variant outbound connection (malware-cnc.rules)
 * 1:19832 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Veslorn.gen.A variant outbound connection (malware-cnc.rules)
 * 1:19833 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload.bda variant outbound connection (malware-cnc.rules)
 * 1:19834 <-> DISABLED <-> MALWARE-CNC Win.Trojan.ZBot.RD variant outbound connection (malware-cnc.rules)
 * 1:19835 <-> DISABLED <-> PUA-ADWARE Delphi-Piette Windows (pua-adware.rules)
 * 1:19836 <-> DISABLED <-> MALWARE-CNC Spy-Net 0.7 runtime (malware-cnc.rules)
 * 1:19837 <-> DISABLED <-> PUA-ADWARE Spyware Guard 2008 outbound connection (pua-adware.rules)
 * 1:19838 <-> DISABLED <-> PUA-ADWARE Spyware Guard 2008 outbound connection (pua-adware.rules)
 * 1:19839 <-> DISABLED <-> PUA-ADWARE Antivirus XP 2008 runtime detection (pua-adware.rules)
 * 1:19840 <-> DISABLED <-> PUA-ADWARE XP Antispyware 2009 outbound connection (pua-adware.rules)
 * 1:19841 <-> DISABLED <-> PUA-ADWARE 0desa MSN password stealer (pua-adware.rules)
 * 1:19842 <-> DISABLED <-> PUA-ADWARE Windows Antivirus 2008 (pua-adware.rules)
 * 1:19843 <-> DISABLED <-> PUA-ADWARE Windows Antivirus 2008 (pua-adware.rules)
 * 1:19848 <-> DISABLED <-> PUA-ADWARE Adware.Virtumonde runtime detection (pua-adware.rules)
 * 1:19849 <-> DISABLED <-> PUA-ADWARE Adware.Virtumonde runtime detection (pua-adware.rules)
 * 1:19850 <-> DISABLED <-> MALWARE-CNC Worm.Win32.AutoRun.qgg variant outbound connection (malware-cnc.rules)
 * 1:19851 <-> DISABLED <-> MALWARE-CNC Worm.Win32.AutoRun.qgg variant outbound connection (malware-cnc.rules)
 * 1:19852 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Delf.tbv variant outbound connection (malware-cnc.rules)
 * 1:19853 <-> DISABLED <-> PUA-ADWARE Wowpa KI outbound connection (pua-adware.rules)
 * 1:19856 <-> DISABLED <-> MALWARE-CNC Packed.Win32.Krap.i variant outbound connection (malware-cnc.rules)
 * 1:19857 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Hupigon.hhbd variant outbound connection - Windows (malware-cnc.rules)
 * 1:19858 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Hupigon.hhbd variant outbound connection - non-Windows (malware-cnc.rules)
 * 1:19859 <-> DISABLED <-> PUA-ADWARE XP Deluxe Protector outbound connection (pua-adware.rules)
 * 1:19860 <-> DISABLED <-> PUA-ADWARE Trust Warrior outbound connection (pua-adware.rules)
 * 1:19861 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.cqcv variant outbound connection (malware-cnc.rules)
 * 1:19862 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Scar.iej variant outbound connection (malware-cnc.rules)
 * 1:19863 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Httpbot.yi variant outbound connection (malware-cnc.rules)
 * 1:19864 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Nvbpass variant outbound connection (malware-cnc.rules)
 * 1:19865 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Arhost.D variant outbound connection (malware-cnc.rules)
 * 1:19895 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Delf.jwh variant outbound connection (malware-cnc.rules)
 * 1:19896 <-> DISABLED <-> PUA-ADWARE Adware.Win32.Frosty Goes Skiing Screen Saver 2.2 Install Detection (pua-adware.rules)
 * 1:19897 <-> DISABLED <-> PUA-TOOLBARS Adware.Win32.Frosty Goes Skiing Screen Saver 2.2 Runtime Detection (pua-toolbars.rules)
 * 1:19898 <-> DISABLED <-> MALWARE-CNC Cinmus Variant variant outbound connection (malware-cnc.rules)
 * 1:19899 <-> ENABLED <-> MALWARE-OTHER Tong Keylogger outbound connectiooutbound connection (malware-other.rules)
 * 1:19900 <-> DISABLED <-> MALWARE-OTHER Tong Keylogger outbound connection (malware-other.rules)
 * 1:19901 <-> DISABLED <-> MALWARE-OTHER Tong Keylogger outbound connection (malware-other.rules)
 * 1:19902 <-> DISABLED <-> PUA-ADWARE Targetedbanner.biz Adrotator outbound connection (pua-adware.rules)
 * 1:19903 <-> DISABLED <-> PUA-ADWARE Win32.Agent.vvm outbound connection (pua-adware.rules)
 * 1:19904 <-> DISABLED <-> PUA-ADWARE WinReanimator outbound connection (pua-adware.rules)
 * 1:19905 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Small.jog variant outbound connection (malware-cnc.rules)
 * 1:19906 <-> DISABLED <-> PUA-TOOLBARS 6SQ Toolbar runtime detection (pua-toolbars.rules)
 * 1:19912 <-> ENABLED <-> MALWARE-CNC Win.Trojan.DelfInject.gen!X variant outbound connection (malware-cnc.rules)
 * 1:19913 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - optima/index.php (malware-cnc.rules)
 * 1:19914 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Quivoe.A variant outbound connection (malware-cnc.rules)
 * 1:19915 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Gnutler.apd variant outbound connection (malware-cnc.rules)
 * 1:19916 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Bancos.ACB variant outbound connection (malware-cnc.rules)
 * 1:19917 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Sogu.A variant outbound connection (malware-cnc.rules)
 * 1:19918 <-> DISABLED <-> MALWARE-CNC Win.Worm.Ganelp.B variant outbound connection (malware-cnc.rules)
 * 1:19919 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Murcy.A variant outbound connection (malware-cnc.rules)
 * 1:19920 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Reppserv.A outbond connection (malware-cnc.rules)
 * 1:19921 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Puprlehzae.A variant outbound connection (malware-cnc.rules)
 * 1:19922 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Shiz.ivr variant outbound connection (malware-cnc.rules)
 * 1:19923 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Venik.B variant outbound connection (malware-cnc.rules)
 * 1:19924 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Spidern.A variant outbound connection (malware-cnc.rules)
 * 1:19927 <-> DISABLED <-> MALWARE-BACKDOOR BRX Rat 0.02 inbound connection (malware-backdoor.rules)
 * 1:19928 <-> DISABLED <-> MALWARE-BACKDOOR BRX Rat 0.02 inbound connection (malware-backdoor.rules)
 * 1:19929 <-> DISABLED <-> MALWARE-BACKDOOR BRX Rat 0.02 inbound connection (malware-backdoor.rules)
 * 1:19930 <-> DISABLED <-> MALWARE-BACKDOOR BRX Rat 0.02 inbound connection (malware-backdoor.rules)
 * 1:19931 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Lineage.Gen.Pac.3 variant outbound connection (malware-cnc.rules)
 * 1:19934 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string MYURL (malware-cnc.rules)
 * 1:19935 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dropper Win.Trojan.Delf.aba variant outbound connection (malware-cnc.rules)
 * 1:19936 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dropper Win.Trojan.Delf.aba variant outbound connection (malware-cnc.rules)
 * 1:19939 <-> DISABLED <-> PUA-ADWARE WeatherStudio outbound connection (pua-adware.rules)
 * 1:19940 <-> DISABLED <-> MALWARE-CNC Trojan-Dropper.IRC.TKB variant outbound connection - dir4you (malware-cnc.rules)
 * 1:19941 <-> DISABLED <-> MALWARE-CNC TrojanSpy Win.Trojan.Zbot.Gen variant outbound connection (malware-cnc.rules)
 * 1:19942 <-> DISABLED <-> MALWARE-CNC TrojanSpy Win.Trojan.Zbot.Gen variant outbound connection (malware-cnc.rules)
 * 1:19944 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Banload.ykl variant outbound connection (malware-cnc.rules)
 * 1:19945 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Agent.amwd variant outbound connection (malware-cnc.rules)
 * 1:19946 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Agent.amwd variant outbound connection (malware-cnc.rules)
 * 1:19947 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.amwd variant outbound connection (malware-cnc.rules)
 * 1:19948 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.asjk variant outbound connection (malware-cnc.rules)
 * 1:19949 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.asjk variant outbound connection (malware-cnc.rules)
 * 1:19950 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Defsel inbound connection (malware-cnc.rules)
 * 1:19951 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Defsel variant outbound connection (malware-cnc.rules)
 * 1:19952 <-> ENABLED <-> MALWARE-CNC Biodox inbound connection (malware-cnc.rules)
 * 1:19953 <-> DISABLED <-> MALWARE-CNC Biodox variant outbound connection (malware-cnc.rules)
 * 1:19954 <-> DISABLED <-> MALWARE-CNC Hack Style RAT variant outbound connection (malware-cnc.rules)
 * 1:19955 <-> DISABLED <-> MALWARE-CNC PaiN RAT 0.1 variant outbound connection (malware-cnc.rules)
 * 1:19957 <-> DISABLED <-> MALWARE-CNC Arabian-Attacker 1.1.0 variant outbound connection (malware-cnc.rules)
 * 1:19958 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.aulk variant outbound connection (malware-cnc.rules)
 * 1:19959 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.aulk variant outbound connection (malware-cnc.rules)
 * 1:19960 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.aulk variant outbound connection (malware-cnc.rules)
 * 1:19961 <-> DISABLED <-> MALWARE-CNC Fouad 1.0 variant outbound connection (malware-cnc.rules)
 * 1:19962 <-> DISABLED <-> MALWARE-CNC Email-Worm.CryptBox-A variant outbound connection (malware-cnc.rules)
 * 1:19963 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Banload.aajs variant outbound connection (malware-cnc.rules)
 * 1:19965 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Agent.avzz variant outbound connection (malware-cnc.rules)
 * 1:19966 <-> DISABLED <-> MALWARE-CNC Octopus 0.1 inbound connection (malware-cnc.rules)
 * 1:19967 <-> DISABLED <-> MALWARE-CNC Trojan-PSW.Win32.Papras.dm variant outbound connection (malware-cnc.rules)
 * 1:19968 <-> DISABLED <-> MALWARE-CNC Win.Trojan.PSW.QQPass.amx variant outbound connection (malware-cnc.rules)
 * 1:19969 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Crypt.CY variant outbound connection (malware-cnc.rules)
 * 1:19970 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Smalltroj.MHYR variant outbound connection (malware-cnc.rules)
 * 1:19971 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Mudrop.lj variant outbound connection (malware-cnc.rules)
 * 1:19973 <-> DISABLED <-> MALWARE-CNC Worm.Win.Trojan.Nebuler.D variant outbound connection (malware-cnc.rules)
 * 1:19974 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Small.bwj variant outbound connection (malware-cnc.rules)
 * 1:19975 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Crypt.vb variant outbound connection (malware-cnc.rules)
 * 1:19977 <-> DISABLED <-> MALWARE-CNC Win.Trojan.LooksLike.Zaplot variant outbound connection (malware-cnc.rules)
 * 1:19979 <-> DISABLED <-> MALWARE-CNC IRCBot runtime traffic detected (malware-cnc.rules)
 * 1:19980 <-> DISABLED <-> MALWARE-CNC IRCBot runtime traffic detected (malware-cnc.rules)
 * 1:19981 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Micstus.A runtime traffic detected (malware-cnc.rules)
 * 1:19982 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.wwe variant outbound connection (malware-cnc.rules)
 * 1:19983 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Kolabc.fic variant outbound connection (malware-cnc.rules)
 * 1:19984 <-> DISABLED <-> PUA-ADWARE Antivirus 2010 outbound connection (pua-adware.rules)
 * 1:19987 <-> DISABLED <-> PUA-ADWARE PCLiveGuard outbound connection (pua-adware.rules)
 * 1:19988 <-> DISABLED <-> MALWARE-CNC Asprox variant outbound connection (malware-cnc.rules)
 * 1:19989 <-> DISABLED <-> PUA-ADWARE Total Protect 2009 outbound connection (pua-adware.rules)
 * 1:19990 <-> DISABLED <-> PUA-ADWARE Total Protect 2009 outbound connection (pua-adware.rules)
 * 1:19991 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zbot.PG runtime traffic detected (malware-cnc.rules)
 * 1:19992 <-> DISABLED <-> MALWARE-CNC Trojan-Dropper.Win32.Farfli.A runtime traffic detected (malware-cnc.rules)
 * 1:19993 <-> DISABLED <-> MALWARE-CNC Win32 Poebot runtime traffic detected (malware-cnc.rules)
 * 1:19994 <-> DISABLED <-> PUA-ADWARE Antivirus 360 outbound connection (pua-adware.rules)
 * 1:19995 <-> ENABLED <-> MALWARE-CNC Waledac variant outbound connection (malware-cnc.rules)
 * 1:19996 <-> DISABLED <-> MALWARE-CNC Worm Brontok.C variant outbound connection (malware-cnc.rules)
 * 1:19997 <-> DISABLED <-> MALWARE-CNC Win.Trojan.PSW.Win32.QQPass.gam variant outbound connection (malware-cnc.rules)
 * 1:19998 <-> ENABLED <-> PUA-ADWARE IP address disclosure to advertisement sites attempt (pua-adware.rules)
 * 1:19999 <-> DISABLED <-> PUA-ADWARE ThreatNuker outbound connection (pua-adware.rules)
 * 1:20001 <-> ENABLED <-> MALWARE-CNC Allaple.e variant outbound connection (malware-cnc.rules)
 * 1:20002 <-> DISABLED <-> MALWARE-CNC Allaple.e variant outbound connection (malware-cnc.rules)
 * 1:20003 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Spy Pilonoc runtime traffic detected (malware-cnc.rules)
 * 1:20004 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Spy Pilonoc install-time traffic detected (malware-cnc.rules)
 * 1:20005 <-> DISABLED <-> MALWARE-CNC Win32 Lecna.cr runtime traffic detected (malware-cnc.rules)
 * 1:20006 <-> DISABLED <-> MALWARE-CNC Worm Plurp.A runtime traffic detected (malware-cnc.rules)
 * 1:20007 <-> DISABLED <-> PUA-ADWARE Cinmus.asaq outbound connection (pua-adware.rules)
 * 1:20008 <-> DISABLED <-> MALWARE-CNC Malware PDFMarca.A runtime traffic detected (malware-cnc.rules)
 * 1:20009 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious User-Agent string Baby Remote - Win32/Babmote.A (malware-cnc.rules)
 * 1:20010 <-> DISABLED <-> MALWARE-CNC Win32/Babmote.A runtime TCP traffic detected (malware-cnc.rules)
 * 1:20011 <-> ENABLED <-> MALWARE-CNC Briewots.A runtime traffic detected (malware-cnc.rules)
 * 1:20012 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string feranet/0.4 - Win32/Ferabsa.A (malware-cnc.rules)
 * 1:20014 <-> DISABLED <-> MALWARE-CNC Kaju variant outbound connection - confirmation (malware-cnc.rules)
 * 1:20015 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zeus variant outbound connection (malware-cnc.rules)
 * 1:20016 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zeus variant outbound connection (malware-cnc.rules)
 * 1:20017 <-> DISABLED <-> MALWARE-CNC Win.Worm.Koobface.dq variant outbound connection (malware-cnc.rules)
 * 1:20018 <-> DISABLED <-> MALWARE-CNC Win.Worm.Autorun variant outbound connection (malware-cnc.rules)
 * 1:20019 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user agent - test (malware-cnc.rules)
 * 1:20021 <-> ENABLED <-> MALWARE-CNC Win.Worm.Brontok user-agent outbound connection (malware-cnc.rules)
 * 1:20022 <-> DISABLED <-> MALWARE-CNC Win.Worm.Padobot.z variant outbound connection (malware-cnc.rules)
 * 1:20023 <-> DISABLED <-> MALWARE-CNC Advanced Virus Remover variant outbound connection (malware-cnc.rules)
 * 1:20024 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dreamy.bc variant outbound connection (malware-cnc.rules)
 * 1:20025 <-> DISABLED <-> PUA-ADWARE VirusBye outbound connection (pua-adware.rules)
 * 1:20026 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Banker.abg.b variant outbound connection (malware-cnc.rules)
 * 1:20028 <-> DISABLED <-> MALWARE-CNC Windows Antivirus Pro variant outbound connection (malware-cnc.rules)
 * 1:20034 <-> DISABLED <-> FILE-OTHER ESTsoft ALZip MIM file buffer overflow attempt (file-other.rules)
 * 1:20035 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win32 Coinbit.A runtime traffic detected (malware-cnc.rules)
 * 1:20036 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win32 Agent.ndau runtime traffic detected (malware-cnc.rules)
 * 1:20037 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.cve runtime traffic detected (malware-cnc.rules)
 * 1:20038 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.cve runtime traffic detected (malware-cnc.rules)
 * 1:20039 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string Hardcore Software (malware-cnc.rules)
 * 1:20040 <-> DISABLED <-> MALWARE-CNC Win.Trojan.KSpyPro.A variant outbound connection (malware-cnc.rules)
 * 1:20041 <-> DISABLED <-> PUA-ADWARE Adware.BB outbound connection (pua-adware.rules)
 * 1:20042 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Sinowal outbond connection (malware-cnc.rules)
 * 1:20043 <-> DISABLED <-> MALWARE-CNC Adware Kraddare.AZ variant outbound connection (malware-cnc.rules)
 * 1:20057 <-> DISABLED <-> MALWARE-CNC BitCoin Miner IP query (malware-cnc.rules)
 * 1:20063 <-> DISABLED <-> PUA-ADWARE SecurityTool outbound connection (pua-adware.rules)
 * 1:20064 <-> DISABLED <-> MALWARE-CNC Malware Win.Trojan.Clemag.A variant outbound connection (malware-cnc.rules)
 * 1:20066 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win32 SensLiceld.A runtime traffic detected (malware-cnc.rules)
 * 1:20067 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win32 Zatvex.A runtime traffic detected (malware-cnc.rules)
 * 1:20068 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Jetilms.A runtime activity detected (malware-cnc.rules)
 * 1:20069 <-> DISABLED <-> MALWARE-CNC Win.Trojan.VB.alhq runtime traffic detected (malware-cnc.rules)
 * 1:20074 <-> DISABLED <-> MALWARE-CNC Win.Trojan.IRCBot.iseee variant outbound connection (malware-cnc.rules)
 * 1:20075 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ruskill.abl variant outbound connection (malware-cnc.rules)
 * 1:20076 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agobot.ast variant outbound connection (malware-cnc.rules)
 * 1:20077 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agobot.ast variant outbound connection (malware-cnc.rules)
 * 1:20078 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Russkill.C variant outbound connection (malware-cnc.rules)
 * 1:20079 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Russkill.C variant outbound connection (malware-cnc.rules)
 * 1:20080 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Derusbi.A variant outbound connection (malware-cnc.rules)
 * 1:20081 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Yakes.cbi variant outbound connection (malware-cnc.rules)
 * 1:20082 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Inject.raw variant outbound connection (malware-cnc.rules)
 * 1:20083 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Fucobha.A variant outbound connection (malware-cnc.rules)
 * 1:20085 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Veebuu.BX variant outbound connection (malware-cnc.rules)
 * 1:20086 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload.ABY variant outbound connection (malware-cnc.rules)
 * 1:20087 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.FGU variant outbound connection (malware-cnc.rules)
 * 1:20088 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Emudbot.A variant outbound connection (malware-cnc.rules)
 * 1:20096 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Agent.dcir variant outbound connection (malware-cnc.rules)
 * 1:20097 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.dcir infected host at destination ip (malware-cnc.rules)
 * 1:20098 <-> DISABLED <-> MALWARE-CNC Win.Trojan.KeyLogger.wav variant outbound connection (malware-cnc.rules)
 * 1:20099 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Xtrat.A variant outbound connection (malware-cnc.rules)
 * 1:20104 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string - InfoBot (malware-cnc.rules)
 * 1:20105 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string - IPHONE (malware-cnc.rules)
 * 1:20106 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string - darkness (malware-cnc.rules)
 * 1:20107 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Small.Cns variant outbound connection (malware-cnc.rules)
 * 1:20108 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.Pher variant outbound connection (malware-cnc.rules)
 * 1:20109 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zombie.sm variant outbound connection (malware-cnc.rules)
 * 1:20123 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ShrFmla record use after free attempt (file-office.rules)
 * 1:20128 <-> DISABLED <-> FILE-OFFICE Microsoft Office invalid MS-OGRAPH DataFormat buffer overflow attempt (file-office.rules)
 * 1:20179 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM ovlogin.exe userid parameter buffer overflow attempt (server-webapp.rules)
 * 1:20180 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM ovlogin.exe passwd parameter buffer overflow attempt (server-webapp.rules)
 * 1:20202 <-> ENABLED <-> MALWARE-CNC Apple OSX.Revir-1 variant outbound connection (malware-cnc.rules)
 * 1:20204 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Taidoor variant outbound connection (malware-cnc.rules)
 * 1:20205 <-> DISABLED <-> MALWARE-CNC Win32/Poison beaconing request (malware-cnc.rules)
 * 1:20213 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Swisyn variant outbound connection (malware-cnc.rules)
 * 1:20217 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ramagedos.A variant outbound connection (malware-cnc.rules)
 * 1:20218 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ramagedos.A variant outbound connection (malware-cnc.rules)
 * 1:20219 <-> DISABLED <-> MALWARE-CNC Win.Trojan.ToriaSpy.A variant outbound connection (malware-cnc.rules)
 * 1:20220 <-> DISABLED <-> PUA-ADWARE Adware.Wizpop outbound connection (pua-adware.rules)
 * 1:20221 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Injector variant outbound connection (malware-cnc.rules)
 * 1:20222 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Payazol.B variant outbound connection (malware-cnc.rules)
 * 1:20223 <-> ENABLED <-> FILE-IDENTIFY SMI file download request (file-identify.rules)
 * 1:20224 <-> DISABLED <-> FILE-MULTIMEDIA MPlayer SMI file buffer overflow attempt (file-multimedia.rules)
 * 1:20225 <-> ENABLED <-> FILE-OTHER SMI file download request (file-other.rules)
 * 1:20226 <-> DISABLED <-> FILE-OTHER MPlayer SMI file buffer overflow attempt (file-other.rules)
 * 1:20228 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Hupigon variant outbound connection (malware-cnc.rules)
 * 1:20229 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Jinchodz variant outbound connection (malware-cnc.rules)
 * 1:20230 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string 0pera 10 (malware-cnc.rules)
 * 1:20231 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string Mozilla//4.0 (malware-cnc.rules)
 * 1:20232 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Cycbot variant outbound connection (malware-cnc.rules)
 * 1:20233 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Virut variant outbound connection (malware-cnc.rules)
 * 1:20234 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ceckno.cmz runtime traffic detected (malware-cnc.rules)
 * 1:20235 <-> DISABLED <-> MALWARE-CNC Win.Trojan.AdobeReader.Uz runtime traffic detected (malware-cnc.rules)
 * 1:20252 <-> DISABLED <-> MALWARE-CNC DroidKungFu check-in (malware-cnc.rules)
 * 1:20280 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Kazy variant outbound connection (malware-cnc.rules)
 * 1:20281 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Kazy variant outbound connection (malware-cnc.rules)
 * 1:20289 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Doschald.A variant outbound connection (malware-cnc.rules)
 * 1:20290 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Doschald.A inbound connection (malware-cnc.rules)
 * 1:20291 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Mybios.A variant outbound connection (malware-cnc.rules)
 * 1:20292 <-> DISABLED <-> MALWARE-CNC Win.Trojan.FresctSpy.A variant outbound connection (malware-cnc.rules)
 * 1:20293 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string MBVDFRESCT (malware-cnc.rules)
 * 1:20387 <-> DISABLED <-> PROTOCOL-VOIP T.38 fax rate management attribute buffer overflow attempt (protocol-voip.rules)
 * 1:20388 <-> DISABLED <-> PROTOCOL-VOIP T.38 fax EC attribute buffer overflow attempt (protocol-voip.rules)
 * 1:20428 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zewit.A variant outbound connection (malware-cnc.rules)
 * 1:20429 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader U3D CLODMeshDeceleration code execution attempt (file-pdf.rules)
 * 1:20431 <-> DISABLED <-> FILE-OTHER Wireshark DECT packet dissector overflow attempt (file-other.rules)
 * 1:20433 <-> DISABLED <-> PUA-ADWARE XP Guardian 2010 anutayadokalug host outbound connection (pua-adware.rules)
 * 1:20434 <-> DISABLED <-> PUA-ADWARE XP Guardian 2010 proantivirus21 host runtime traffic detection (pua-adware.rules)
 * 1:20435 <-> DISABLED <-> MALWARE-CNC TrojanSpy Win.Trojan.Zbot.Svr runtime traffic detected (malware-cnc.rules)
 * 1:20444 <-> DISABLED <-> FILE-JAVA Oracle Java browser plugin docbase overflow attempt (file-java.rules)
 * 1:20447 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.JAAK variant outbound connection (malware-cnc.rules)
 * 1:20448 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Meciv.A variant outbound connection (malware-cnc.rules)
 * 1:20449 <-> DISABLED <-> MALWARE-CNC Win.Worm.Busifom.A variant outbound connection (malware-cnc.rules)
 * 1:20525 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Duqu variant outbound connection (malware-cnc.rules)
 * 1:20527 <-> ENABLED <-> MALWARE-CNC Sirefef initial C&C connection variant outbound connection (malware-cnc.rules)
 * 1:20528 <-> DISABLED <-> SERVER-APACHE Apache mod_proxy reverse proxy information disclosure attempt (server-apache.rules)
 * 1:20558 <-> ENABLED <-> EXPLOIT-KIT URI request for known malicious URI /stat2.php (exploit-kit.rules)
 * 1:20559 <-> DISABLED <-> FILE-MULTIMEDIA Nullsoft Winamp MIDI file buffer overflow attempt (file-multimedia.rules)
 * 1:20561 <-> DISABLED <-> MALWARE-CNC Win.Trojan.PWSBanker.SHE variant outbound connection (malware-cnc.rules)
 * 1:20562 <-> DISABLED <-> MALWARE-CNC Win.Trojan.PWSBanker.SHE variant outbound connection (malware-cnc.rules)
 * 1:20565 <-> DISABLED <-> FILE-OTHER Nullsoft Winamp AMF file buffer overflow attempt (file-other.rules)
 * 1:20566 <-> DISABLED <-> FILE-OTHER Nullsoft Winamp AMF file buffer overflow attempt (file-other.rules)
 * 1:20569 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Small.kb variant outbound connection (malware-cnc.rules)
 * 1:20570 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Small.kb variant outbound connection (malware-cnc.rules)
 * 1:20571 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Small.kb variant outbound connection (malware-cnc.rules)
 * 1:20587 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Larchik.A variant outbound connection (malware-cnc.rules)
 * 1:20595 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ixeshe.F variant outbound connection (malware-cnc.rules)
 * 1:20596 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Smoaler.A variant outbound connection (malware-cnc.rules)
 * 1:20597 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Smoaler.A variant outbound connection (malware-cnc.rules)
 * 1:20598 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Smoaler.A variant outbound connection (malware-cnc.rules)
 * 1:20599 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Smoaler.A variant outbound connection (malware-cnc.rules)
 * 1:20604 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Buzus.isqy variant outbound connection (malware-cnc.rules)
 * 1:20605 <-> DISABLED <-> MALWARE-CNC Win.Trojan.R2d2.A contact to cnc server (malware-cnc.rules)
 * 1:20606 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Domsingx.A variant outbound connection (malware-cnc.rules)
 * 1:20619 <-> DISABLED <-> SERVER-WEBAPP CoreHTTP Long buffer overflow attempt (server-webapp.rules)
 * 1:20620 <-> DISABLED <-> SERVER-WEBAPP CoreHTTP Long buffer overflow attempt (server-webapp.rules)
 * 1:20622 <-> DISABLED <-> FILE-JAVA Oracle Java Applet remote code execution attempt (file-java.rules)
 * 1:20626 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Shylock.A variant outbound connection (malware-cnc.rules)
 * 1:20627 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Shylock.A C&C server response (malware-cnc.rules)
 * 1:20628 <-> DISABLED <-> SERVER-WEBAPP HP Data Protector FinishedCopy SQL Injection attempt (server-webapp.rules)
 * 1:20630 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Winnti.A contact to cnc server (malware-cnc.rules)
 * 1:20632 <-> DISABLED <-> SERVER-WEBAPP AnnoncesV annonce.php remote file include attempt (server-webapp.rules)
 * 1:20635 <-> DISABLED <-> SERVER-WEBAPP HP Data Protector GetPolicies SQL Injection attempt (server-webapp.rules)
 * 1:20636 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS5 gif file heap corruption attempt (file-image.rules)
 * 1:20637 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS5 gif file heap corruption attempt (file-image.rules)
 * 1:20639 <-> DISABLED <-> MALWARE-CNC Malware Win.Trojan.Higest.N variant outbound connection (malware-cnc.rules)
 * 1:20659 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader malformed shading modifier heap corruption attempt (file-pdf.rules)
 * 1:20661 <-> DISABLED <-> MALWARE-CNC Simbda variant outbound connection (malware-cnc.rules)
 * 1:20668 <-> DISABLED <-> EXPLOIT-KIT URI request for known malicious URI - /content/v1.jar (exploit-kit.rules)
 * 1:20669 <-> DISABLED <-> EXPLOIT-KIT URI request for known malicious URI - w.php?f= (exploit-kit.rules)
 * 1:20676 <-> DISABLED <-> MALWARE-CNC Win.Trojan.EggDrop.acn variant outbound connection (malware-cnc.rules)
 * 1:20677 <-> DISABLED <-> MALWARE-CNC Win.Trojan.EggDrop.acn variant outbound connection (malware-cnc.rules)
 * 1:20678 <-> DISABLED <-> MALWARE-CNC Trojan-Downloader.Win32.Genome.aior variant outbound connection (malware-cnc.rules)
 * 1:20679 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Syrutrk variant outbound connection (malware-cnc.rules)
 * 1:20680 <-> DISABLED <-> SERVER-WEBAPP Flashchat aedating4CMS.php remote file include attempt (server-webapp.rules)
 * 1:20681 <-> DISABLED <-> MALWARE-CNC Trojan-Downloader.Win32.Agent.NMS variant outbound connection (malware-cnc.rules)
 * 1:20682 <-> DISABLED <-> MALWARE-CNC Trojan-Downloader.Win32.Agent.NMS variant outbound connection (malware-cnc.rules)
 * 1:20683 <-> DISABLED <-> MALWARE-CNC Cleanvaccine variant outbound connection (malware-cnc.rules)
 * 1:20684 <-> DISABLED <-> MALWARE-CNC Cleanvaccine variant outbound connection (malware-cnc.rules)
 * 1:20685 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Heloag.A variant outbound connection (malware-cnc.rules)
 * 1:20686 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Virut.BM connect to client (malware-cnc.rules)
 * 1:20687 <-> DISABLED <-> MALWARE-CNC Trojan-Downloader.Win32.Genome.akhg variant outbound connection (malware-cnc.rules)
 * 1:20688 <-> DISABLED <-> MALWARE-CNC Trojan-Spy.Win32.Zbot.Jeib variant outbound connection (malware-cnc.rules)
 * 1:20689 <-> DISABLED <-> MALWARE-CNC Trojan-Spy.Win32.Zbot.Jeib variant outbound connection (malware-cnc.rules)
 * 1:20691 <-> DISABLED <-> POLICY-OTHER Cisco Network Registrar default credentials authentication attempt (policy-other.rules)
 * 1:20692 <-> DISABLED <-> POLICY-OTHER Cisco network registrar default credentials authentication attempt (policy-other.rules)
 * 1:20693 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Blackcontrol.A variant outbound connection (malware-cnc.rules)
 * 1:20694 <-> DISABLED <-> MALWARE-CNC Win.Trojan.SSonce.A variant outbound connection (malware-cnc.rules)
 * 1:20695 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.GZW connect to cnc server (malware-cnc.rules)
 * 1:20696 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ransom.CK connect to cnc server (malware-cnc.rules)
 * 1:20697 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ransom.CK connect to cnc server (malware-cnc.rules)
 * 1:20722 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (file-office.rules)
 * 1:20728 <-> DISABLED <-> SERVER-WEBAPP WoW Roster remote file include with hslist.php and conf.php attempt (server-webapp.rules)
 * 1:20731 <-> DISABLED <-> SERVER-WEBAPP TSEP tsep_config absPath parameter PHP remote file include attempt (server-webapp.rules)
 * 1:20752 <-> DISABLED <-> PUA-ADWARE Win32.GameVance outbound connection (pua-adware.rules)
 * 1:20753 <-> DISABLED <-> PUA-ADWARE Win32.GamePlayLabs outbound connection (pua-adware.rules)
 * 1:20754 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Virut-3 variant outbound connection (malware-cnc.rules)
 * 1:20755 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Krap variant outbound connection (malware-cnc.rules)
 * 1:20756 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Jorik variant outbound connection (malware-cnc.rules)
 * 1:20759 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Gbot.oce variant outbound connection (malware-cnc.rules)
 * 1:20762 <-> ENABLED <-> MALWARE-CNC MacOS.Flashback.A variant outbound connection (malware-cnc.rules)
 * 1:20830 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banbra.amdu variant outbound connection (malware-cnc.rules)
 * 1:20831 <-> ENABLED <-> FILE-JAVA Oracle Java Applet Rhino script engine remote code execution attempt (file-java.rules)
 * 1:20836 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zusy.A runtime traffic detected (malware-cnc.rules)
 * 1:20837 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Mecklow.C runtime traffic detected (malware-cnc.rules)
 * 1:20838 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Smokebot.A runtime traffic detected (malware-cnc.rules)
 * 1:20842 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules)
 * 1:20843 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules)
 * 1:20844 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.smxy runtime traffic detected (malware-cnc.rules)
 * 1:20845 <-> DISABLED <-> SERVER-WEBAPP HP Network Node Manager cross site scripting attempt (server-webapp.rules)
 * 1:20877 <-> DISABLED <-> MALWARE-CNC RunTime Worm.Win32.Warezov.gs variant outbound connection (malware-cnc.rules)
 * 1:20890 <-> DISABLED <-> MALWARE-CNC Win.Trojan.VB.adbp runtime traffic detected (malware-cnc.rules)
 * 1:20891 <-> DISABLED <-> MALWARE-CNC Win.Trojan.VB.adbp runtime traffic detected (malware-cnc.rules)
 * 1:20892 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Skopvel.A runtime traffic detected (malware-cnc.rules)
 * 1:20927 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Spyeye-207 variant outbound connection (malware-cnc.rules)
 * 1:20995 <-> DISABLED <-> POLICY-OTHER HP SiteScope integrationViewer default credentials policy-bypass attempt (policy-other.rules)
 * 1:20996 <-> DISABLED <-> POLICY-OTHER HP SiteScope integrationViewer default credentials policy-bypass attempt (policy-other.rules)
 * 1:21051 <-> DISABLED <-> SERVER-WEBAPP Apple OSX software update command execution attempt (server-webapp.rules)
 * 1:21055 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Utka.A variant outbound connection (malware-cnc.rules)
 * 1:21057 <-> DISABLED <-> FILE-OTHER Java Applet Rhino script engine remote code execution attempt (file-other.rules)
 * 1:21058 <-> DISABLED <-> MALWARE-CNC Win.Trojan.AutoIt.pm runtime traffic detected (malware-cnc.rules)
 * 1:21065 <-> DISABLED <-> SERVER-WEBAPP Symantec IM Manager Edituser cross site scripting attempt (server-webapp.rules)
 * 1:21066 <-> DISABLED <-> SERVER-WEBAPP Symantec IM Manager Systemdashboard cross site scripting attempt (server-webapp.rules)
 * 1:21067 <-> DISABLED <-> SERVER-WEBAPP Symantec IM Manager TOC_simple cross site scripting attempt (server-webapp.rules)
 * 1:21082 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel window2 record use after free attempt (file-office.rules)
 * 1:21083 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel window2 record use after free attempt (file-office.rules)
 * 1:21087 <-> DISABLED <-> MALWARE-CNC Bindow.Worm runtime traffic detected (malware-cnc.rules)
 * 1:21093 <-> DISABLED <-> FILE-MULTIMEDIA A-PDF Wav to mp3 converter buffer overfow (file-multimedia.rules)
 * 1:21100 <-> DISABLED <-> PROTOCOL-RPC Novell Netware xdr decode string length buffer overflow attempt (protocol-rpc.rules)
 * 1:21107 <-> DISABLED <-> FILE-MULTIMEDIA MJM Quickplayer s3m buffer overflow (file-multimedia.rules)
 * 1:21112 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer mpeg width integer memory underflow attempt (file-multimedia.rules)
 * 1:21116 <-> DISABLED <-> FILE-OTHER Cisco Webex selector and size2 subrecords corruption attempt (file-other.rules)
 * 1:21122 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Bandok.zp runtime traffic detected (malware-cnc.rules)
 * 1:21123 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Flymux.A runtime traffic detected (malware-cnc.rules)
 * 1:21124 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Opachki.A runtime traffic detected (malware-cnc.rules)
 * 1:21125 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Alureon.DG runtime traffic detected (malware-cnc.rules)
 * 1:21126 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Koutodoor.C runtime traffic detected (malware-cnc.rules)
 * 1:21127 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Setfic.A runtime traffic detected (malware-cnc.rules)
 * 1:21128 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dromedan.A runtime traffic detected (malware-cnc.rules)
 * 1:21142 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zbot.PKJ runtime traffic detected (malware-cnc.rules)
 * 1:21143 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zbot.PKJ runtime traffic detected (malware-cnc.rules)
 * 1:21144 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zbot.PKJ runtime traffic detected (malware-cnc.rules)
 * 1:21145 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Neraweq.A runtime traffic detected (malware-cnc.rules)
 * 1:21151 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Stegae.A runtime traffic detected (malware-cnc.rules)
 * 1:21160 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (file-image.rules)
 * 1:21169 <-> DISABLED <-> PUA-ADWARE Apperhand SDK advertising data request - Counterclank (pua-adware.rules)
 * 1:21170 <-> DISABLED <-> FILE-OFFICE Microsoft Office OLESS stream object name corruption attempt (file-office.rules)
 * 1:21175 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string Win32 Amti (malware-cnc.rules)
 * 1:21176 <-> DISABLED <-> PUA-ADWARE Win32.WindowsOptimizationAndSecurity outbound connection (pua-adware.rules)
 * 1:21177 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ganipin.A inbound connection (malware-cnc.rules)
 * 1:21178 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader Win.Trojan.Chekafe.A variant outbound connection (malware-cnc.rules)
 * 1:21179 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Coofus.RFM variant outbound connection (malware-cnc.rules)
 * 1:21180 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Magania.clfv variant outbound connection (malware-cnc.rules)
 * 1:21181 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.czgu variant outbound connection (malware-cnc.rules)
 * 1:21182 <-> DISABLED <-> MALWARE-CNC Win.Trojan.MeSub.ac variant outbound connection (malware-cnc.rules)
 * 1:21183 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.alfu variant outbound connection (malware-cnc.rules)
 * 1:21184 <-> DISABLED <-> PUA-ADWARE Internet Security 2010 outbound connection (pua-adware.rules)
 * 1:21185 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Kufgal.A inbound connection (malware-cnc.rules)
 * 1:21187 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Xlahlah.A variant outbound connection (malware-cnc.rules)
 * 1:21192 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Syswrt.dvd variant outbound connection (malware-cnc.rules)
 * 1:21193 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dalbot.A variant outbound connection (malware-cnc.rules)
 * 1:21194 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Wealwedst.A variant outbound connection (malware-cnc.rules)
 * 1:21195 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Protux.B variant outbound connection (malware-cnc.rules)
 * 1:21196 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Caphaw.A variant outbound connection (malware-cnc.rules)
 * 1:21197 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Caphaw.A variant outbound connection (malware-cnc.rules)
 * 1:21198 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Qinubot.A variant outbound connection (malware-cnc.rules)
 * 1:21199 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Qinubot.A variant outbound connection (malware-cnc.rules)
 * 1:21202 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Scapzilla.A variant outbound connection (malware-cnc.rules)
 * 1:21203 <-> DISABLED <-> MALWARE-CNC Virus Win.Trojan.Induc.B variant outbound connection (malware-cnc.rules)
 * 1:21204 <-> DISABLED <-> MALWARE-CNC Virus Win.Trojan.Induc.B variant outbound connection (malware-cnc.rules)
 * 1:21205 <-> DISABLED <-> MALWARE-CNC Virus Win.Trojan.Induc.B variant outbound connection (malware-cnc.rules)
 * 1:21206 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string Aldi Bot (malware-cnc.rules)
 * 1:21207 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dekara.A variant outbound connection (malware-cnc.rules)
 * 1:21208 <-> ENABLED <-> MALWARE-CNC Win.Trojan.RShot.brw variant outbound connection (malware-cnc.rules)
 * 1:21209 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Enviserv.A variant outbound connection (malware-cnc.rules)
 * 1:21210 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Rallovs.A variant outbound connection (malware-cnc.rules)
 * 1:21211 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.slrj variant outbound connection (malware-cnc.rules)
 * 1:21212 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Hupigon.nkor variant outbound connection (malware-cnc.rules)
 * 1:21213 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Cridex.B variant outbound connection (malware-cnc.rules)
 * 1:21214 <-> DISABLED <-> SERVER-APACHE Apache server mod_proxy reverse proxy bypass attempt (server-apache.rules)
 * 1:21215 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.Am variant outbound connection (malware-cnc.rules)
 * 1:21216 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.Am variant outbound connection (malware-cnc.rules)
 * 1:21217 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.Am variant outbound connection (malware-cnc.rules)
 * 1:21218 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Sodager.C variant outbound connection (malware-cnc.rules)
 * 1:21219 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Sysckbc variant outbound connection (malware-cnc.rules)
 * 1:21220 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Susnatache.A inbound connection (malware-cnc.rules)
 * 1:21221 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Susnatache.A variant outbound connection (malware-cnc.rules)
 * 1:21222 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Kcahneila.A variant outbound connection (malware-cnc.rules)
 * 1:21223 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Gyplit.A variant outbound connection (malware-cnc.rules)
 * 1:21224 <-> DISABLED <-> MALWARE-CNC Win.Trojan.MacOS.DevilRobber.A variant outbound connection (malware-cnc.rules)
 * 1:21225 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string Flag (malware-cnc.rules)
 * 1:21226 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Louisdreyfu.A variant outbound connection (malware-cnc.rules)
 * 1:21227 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Bulknet variant outbound connection (malware-cnc.rules)
 * 1:21228 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Cerberat variant outbound connection (malware-cnc.rules)
 * 1:21229 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Synljdos variant outbound connection (malware-cnc.rules)
 * 1:21230 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Betad variant outbound connection (malware-cnc.rules)
 * 1:21243 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher 2003 EscherStm memory corruption attempt (file-office.rules)
 * 1:21249 <-> DISABLED <-> MALWARE-CNC Win.Trojan.VBasddsa.A runtime traffic detected (malware-cnc.rules)
 * 1:21250 <-> DISABLED <-> MALWARE-CNC Win.Trojan.VBasddsa.A runtime traffic detected (malware-cnc.rules)
 * 1:21251 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Sirefef.P variant outbound connection (malware-cnc.rules)
 * 1:21252 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Sirefef.P variant outbound connection (malware-cnc.rules)
 * 1:21253 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader malformed shading modifier heap corruption attempt (file-pdf.rules)
 * 1:21254 <-> DISABLED <-> FILE-PDF Foxit Reader createDataObject file write attempt (file-pdf.rules)
 * 1:21273 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Tusha variant runtime traffic detected (malware-cnc.rules)
 * 1:21274 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Tusha variant runtime traffic detected (malware-cnc.rules)
 * 1:21277 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Shexie.A runtime traffic detected (malware-cnc.rules)
 * 1:21278 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string Google Bot (malware-cnc.rules)
 * 1:21279 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Kbot.s runtime traffic detected (malware-cnc.rules)
 * 1:21280 <-> DISABLED <-> MALWARE-CNC Win32 Turkojan.C runtime traffic detected (malware-cnc.rules)
 * 1:21289 <-> DISABLED <-> OS-WINDOWS Microsoft Color Control Panel STI.dll dll-load exploit attempt (os-windows.rules)
 * 1:21290 <-> DISABLED <-> OS-WINDOWS Microsoft Color Control Panel STI.dll dll-load exploit attempt (os-windows.rules)
 * 1:21294 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Bancodor.be runtime traffic detected (malware-cnc.rules)
 * 1:21303 <-> DISABLED <-> MALWARE-CNC Win32 Initor.ag runtime traffic detected (malware-cnc.rules)
 * 1:21349 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector stack overflow attempt (server-other.rules)
 * 1:21350 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector stack overflow attempt (server-other.rules)
 * 1:21378 <-> DISABLED <-> SERVER-OTHER Novell iPrint attributes-natural-language buffer overflow attempt (server-other.rules)
 * 1:21379 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Genome.Amqj runtime traffic detected (malware-cnc.rules)
 * 1:21380 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string - QvodDown (malware-cnc.rules)
 * 1:21381 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dialer.ngb runtime traffic detected (malware-cnc.rules)
 * 1:21382 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Nuqel.Q host setting3.yeahost.com runtime traffic detected (malware-cnc.rules)
 * 1:21383 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Nuqel.Q host 9999mb.com runtime traffic detected (malware-cnc.rules)
 * 1:21384 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Nuqel.Q host freewebs.com runtime traffic detected (malware-cnc.rules)
 * 1:21386 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Wadolin.A runtime traffic detected (malware-cnc.rules)
 * 1:21387 <-> DISABLED <-> FILE-JAVA Oracle Java runtime RMIConnectionImpl deserialization execution attempt (file-java.rules)
 * 1:21390 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agobot.dl runtime traffic detected (malware-cnc.rules)
 * 1:21391 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.dcac runtime traffic detected (malware-cnc.rules)
 * 1:21393 <-> DISABLED <-> FILE-MULTIMEDIA Magix Musik Maker 16 buffer overflow attempt (file-multimedia.rules)
 * 1:21397 <-> DISABLED <-> FILE-MULTIMEDIA MicroP mppl stack buffer overflow (file-multimedia.rules)
 * 1:21413 <-> DISABLED <-> FILE-OTHER PeaZip command injection attempt (file-other.rules)
 * 1:21418 <-> ENABLED <-> MALWARE-CNC Win.Trojan.FareIt variant outbound connection (malware-cnc.rules)
 * 1:21421 <-> DISABLED <-> PROTOCOL-DNS ISC BIND DNSSEC authority response record overflow attempt (protocol-dns.rules)
 * 1:21464 <-> DISABLED <-> MALWARE-CNC Downloader-CEW.b runtime traffic detected (malware-cnc.rules)
 * 1:21466 <-> DISABLED <-> MALWARE-CNC Autorun.BDS runtime traffic detected (malware-cnc.rules)
 * 1:21469 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string 1234567890 (malware-cnc.rules)
 * 1:21473 <-> DISABLED <-> MALWARE-CNC Win.Trojan.GameThief variant outbound connection (malware-cnc.rules)
 * 1:21477 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Noobot variant outbound connection (malware-cnc.rules)
 * 1:21486 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zbot variant outbound connection (malware-cnc.rules)
 * 1:21491 <-> DISABLED <-> PROTOCOL-SCADA Sielco Sistemi Winlog Pro stack buffer overflow attempt (protocol-scada.rules)
 * 1:21495 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Vilsel variant outbound connection (malware-cnc.rules)
 * 1:21496 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Saeeka variant outbound connection (malware-cnc.rules)
 * 1:21497 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Saeeka variant outbound connection (malware-cnc.rules)
 * 1:21511 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Vaxpy variant outbound connection (malware-cnc.rules)
 * 1:21520 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Bayrob variant outbound connection (malware-cnc.rules)
 * 1:21521 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Bayrob update connection (malware-cnc.rules)
 * 1:21527 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader registration connection detection (malware-cnc.rules)
 * 1:21528 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader keep-alive connection detection (malware-cnc.rules)
 * 1:21557 <-> DISABLED <-> FILE-OTHER Apple OSX ZIP archive shell script execution attempt (file-other.rules)
 * 1:21563 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Kelihos variant outbound connection (malware-cnc.rules)
 * 1:21564 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Kelihos variant outbound connection (malware-cnc.rules)
 * 1:21566 <-> DISABLED <-> OS-WINDOWS Microsoft Expression Design wintab32.dll dll-load exploit attempt (os-windows.rules)
 * 1:21595 <-> DISABLED <-> OS-MOBILE Android/Nickispy.D initialization request detection (os-mobile.rules)
 * 1:21596 <-> DISABLED <-> OS-MOBILE Android/Nickispy.D initialization response detection (os-mobile.rules)
 * 1:21597 <-> DISABLED <-> OS-MOBILE Android/Nickispy.D sms logging request detection (os-mobile.rules)
 * 1:21598 <-> DISABLED <-> OS-MOBILE Android/Nickispy.D sms logging response detection (os-mobile.rules)
 * 1:21609 <-> DISABLED <-> SERVER-WEBAPP SurgeMail webmail.exe page format string exploit attempt (server-webapp.rules)
 * 1:21669 <-> DISABLED <-> PROTOCOL-VOIP Digium Asterisk missing SIP version denial of service attempt (protocol-voip.rules)
 * 1:21760 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Swisyn variant outbound connection (malware-cnc.rules)
 * 1:21761 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Swisyn variant outbound connection (malware-cnc.rules)
 * 1:21764 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word unicode parsing buffer overflow attempt (file-office.rules)
 * 1:2179 <-> DISABLED <-> PROTOCOL-FTP PASS format string attempt (protocol-ftp.rules)
 * 1:21858 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader msiexec.exe file load exploit attempt (file-pdf.rules)
 * 1:21859 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader msiexec.exe file load exploit attempt (file-pdf.rules)
 * 1:21913 <-> DISABLED <-> SERVER-OTHER EMC data protection advisor DOS attempt (server-other.rules)
 * 1:21914 <-> DISABLED <-> SERVER-OTHER Novell ZENWorks configuration management preboot opcode 6C request buffer overflow attempt (server-other.rules)
 * 1:21922 <-> DISABLED <-> FILE-OTHER VLC mms hostname buffer overflow attempt (file-other.rules)
 * 1:21947 <-> DISABLED <-> MALWARE-CNC Win.Trojan.VicSpy.A variant outbound connection (malware-cnc.rules)
 * 1:21967 <-> DISABLED <-> MALWARE-BACKDOOR Rebhip.A runtime detection (malware-backdoor.rules)
 * 1:21970 <-> ENABLED <-> MALWARE-BACKDOOR Win.Backdoor.Zlob.P variant outbound connection (malware-backdoor.rules)
 * 1:21971 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.Zlob.P variant inbound connection (malware-backdoor.rules)
 * 1:21972 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.ZZSlash variant outbound connection (malware-backdoor.rules)
 * 1:21973 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.ZZSlash runtime detection (malware-backdoor.rules)
 * 1:21974 <-> DISABLED <-> MALWARE-CNC Worm.Expichu variant inbound connection (malware-cnc.rules)
 * 1:21975 <-> DISABLED <-> MALWARE-CNC Worm.Expichu variant inbound connection (malware-cnc.rules)
 * 1:21976 <-> DISABLED <-> MALWARE-CNC Trojan-Downloader.Win32.Lapurd.D variant outbound connection (malware-cnc.rules)
 * 1:21982 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Insain variant outbound connection (malware-cnc.rules)
 * 1:21995 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Dorkbot variant outbound connection (malware-cnc.rules)
 * 1:21996 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dorkbot variant outbound connection (malware-cnc.rules)
 * 1:22048 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Zeus P2P outbound connection (malware-cnc.rules)
 * 1:22078 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid Window2 BIFF record value attempt (file-office.rules)
 * 1:22947 <-> DISABLED <-> FILE-OTHER Novell Groupwise Addressbook buffer overflow attempt (file-other.rules)
 * 1:22948 <-> DISABLED <-> PROTOCOL-VOIP Avaya WinPDM header buffer overflow attempt (protocol-voip.rules)
 * 1:22950 <-> DISABLED <-> SERVER-WEBAPP EXIF header parsing integer overflow attempt big endian (server-webapp.rules)
 * 1:22951 <-> DISABLED <-> SERVER-WEBAPP EXIF header parsing integer overflow attempt little endian (server-webapp.rules)
 * 1:23008 <-> DISABLED <-> FILE-JAVA Oracle Java Rhino script engine remote code execution attempt (file-java.rules)
 * 1:23014 <-> DISABLED <-> FILE-OTHER Adobe Photoshop asset elements stack based buffer overflow attempt (file-other.rules)
 * 1:23046 <-> DISABLED <-> SERVER-WEBAPP Oracle GlassFish Enterprise server cross site scripting attempt (server-webapp.rules)
 * 1:23047 <-> DISABLED <-> SERVER-WEBAPP Oracle GlassFish Enterprise server cross site scripting attempt (server-webapp.rules)
 * 1:23051 <-> DISABLED <-> MALWARE-CNC Dybalom.A runtime traffic detected (malware-cnc.rules)
 * 1:23055 <-> DISABLED <-> PROTOCOL-FTP Cisco IOS FTP MKD buffer overflow attempt (protocol-ftp.rules)
 * 1:23056 <-> DISABLED <-> SERVER-OTHER SAP NetWeaver Dispatcher DiagTraceR3Info buffer overflow attempt (server-other.rules)
 * 1:23099 <-> DISABLED <-> SERVER-OTHER SAP NetWeaver Dispatcher DiagTraceHex denial of service attempt (server-other.rules)
 * 1:23102 <-> DISABLED <-> POLICY-OTHER Seagate BlackArmor administrator password reset attempt (policy-other.rules)
 * 1:23111 <-> DISABLED <-> POLICY-OTHER PHP uri tag injection attempt (policy-other.rules)
 * 1:23170 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MPEG stream padding buffer overflow attempt (file-multimedia.rules)
 * 1:23176 <-> DISABLED <-> MALWARE-CNC Donbot.A runtime traffic detected (malware-cnc.rules)
 * 1:23177 <-> DISABLED <-> SERVER-WEBAPP Symantec Web Gateway timer.php cross site scripting attempt (server-webapp.rules)
 * 1:23178 <-> DISABLED <-> PROTOCOL-ICMP IPv6 router advertisement flood attempt (protocol-icmp.rules)
 * 1:23213 <-> DISABLED <-> SQL Ruby on rails SQL injection attempt (sql.rules)
 * 1:23234 <-> DISABLED <-> MALWARE-CNC Frethog.MK runtime traffic detected (malware-cnc.rules)
 * 1:23235 <-> DISABLED <-> MALWARE-CNC PBin.A runtime traffic detected (malware-cnc.rules)
 * 1:23238 <-> DISABLED <-> NETBIOS Wireshark console.lua file load exploit attempt (netbios.rules)
 * 1:23239 <-> DISABLED <-> SERVER-OTHER Wireshark console.lua file load exploit attempt (server-other.rules)
 * 1:23241 <-> DISABLED <-> SERVER-OTHER HP DPNECentral RequestCopy type SQL injection attempt (server-other.rules)
 * 1:23243 <-> DISABLED <-> FILE-JAVA Oracle Java Zip file directory record overflow attempt (file-java.rules)
 * 1:23269 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording integer overflow attempt (file-other.rules)
 * 1:23271 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (file-multimedia.rules)
 * 1:23272 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (file-multimedia.rules)
 * 1:23340 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Nitol.B variant outbound connection (malware-cnc.rules)
 * 1:23341 <-> ENABLED <-> MALWARE-BACKDOOR Win.Backdoor.Tinrot.A runtime detection (malware-backdoor.rules)
 * 1:23346 <-> DISABLED <-> FILE-OTHER Oracle outside in Lotus 1-2-3 heap overflow attempt (file-other.rules)
 * 1:23355 <-> DISABLED <-> SERVER-OTHER Trend Micro Control Manager AddTask stack buffer overflow attempt (server-other.rules)
 * 1:23368 <-> DISABLED <-> PROTOCOL-DNS Tftpd32 DNS server denial of service attempt (protocol-dns.rules)
 * 1:23397 <-> DISABLED <-> SERVER-OTHER Citrix Provisioning Services stack buffer overflow attempt (server-other.rules)
 * 1:23398 <-> DISABLED <-> SERVER-OTHER Citrix Provisioning Services stack buffer overflow attempt (server-other.rules)
 * 1:23401 <-> DISABLED <-> SERVER-WEBAPP Oracle GlassFish server REST interface cross site request forgery attempt (server-webapp.rules)
 * 1:23480 <-> DISABLED <-> SERVER-WEBAPP IBM Lotus Domino webadmin.nsf directory traversal attempt (server-webapp.rules)
 * 1:23484 <-> DISABLED <-> INDICATOR-COMPROMISE Wordpress Invit0r plugin non-image file upload attempt (indicator-compromise.rules)
 * 1:23485 <-> DISABLED <-> SERVER-WEBAPP Wordpress Invit0r plugin php upload attempt (server-webapp.rules)
 * 1:23544 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt (file-office.rules)
 * 1:23560 <-> DISABLED <-> FILE-JAVA Oracle Java Zip file directory record overflow attempt (file-java.rules)
 * 1:23577 <-> DISABLED <-> FILE-OTHER VLC mms hostname buffer overflow attempt (file-other.rules)
 * 1:23580 <-> DISABLED <-> FILE-OTHER Novell Groupwise Addressbook buffer overflow attempt (file-other.rules)
 * 1:23581 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MPEG stream padding buffer overflow attempt (file-multimedia.rules)
 * 1:23587 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (file-multimedia.rules)
 * 1:23588 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (file-multimedia.rules)
 * 1:23589 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (file-image.rules)
 * 1:23590 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (file-image.rules)
 * 1:23598 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Slagent outgoing connection (malware-cnc.rules)
 * 1:23599 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Slagent outgoing connection (malware-cnc.rules)
 * 1:23624 <-> DISABLED <-> SERVER-OTHER Ubisoft Uplay browser plugin backdoor attempt (server-other.rules)
 * 1:23783 <-> DISABLED <-> SERVER-WEBAPP Symantec Web Gateway pbcontrol.php filename parameter command injection attempt (server-webapp.rules)
 * 1:23839 <-> ENABLED <-> OS-WINDOWS Microsoft Windows SMB RAP API NetServerEnum2 long server name buffer overflow attempt (os-windows.rules)
 * 1:23879 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader Texture Declaration buffer overflow attempt (file-pdf.rules)
 * 1:23880 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader Texture Declaration buffer overflow attempt (file-pdf.rules)
 * 1:23934 <-> DISABLED <-> SERVER-WEBAPP Symantec Web Gateway blocked.php blind sql injection attempt (server-webapp.rules)
 * 1:23938 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Ibabyfa.dldr variant outbound connection (malware-cnc.rules)
 * 1:23940 <-> DISABLED <-> SERVER-ORACLE Oracle Business Transaction Management FlashTunnelService directory traversal attempt (server-oracle.rules)
 * 1:24007 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB RAP API NetServerEnum2 long server name buffer overflow attempt (os-windows.rules)
 * 1:24026 <-> ENABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24029 <-> DISABLED <-> FILE-OTHER Oracle outside in Lotus 1-2-3 heap overflow attempt (file-other.rules)
 * 1:24083 <-> ENABLED <-> FILE-OTHER ESTsoft ALZip MIM file buffer overflow attempt (file-other.rules)
 * 1:24123 <-> DISABLED <-> MALWARE-BACKDOOR Virus.Win32.Xpaj.A variant outbound connection (malware-backdoor.rules)
 * 1:24128 <-> DISABLED <-> OS-WINDOWS Microsoft SCCM ReportChart xss attempt (os-windows.rules)
 * 1:24147 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager nnmRptConfig.exe multiple parameters buffer overflow attempt (server-webapp.rules)
 * 1:2417 <-> DISABLED <-> PROTOCOL-FTP format string attempt (protocol-ftp.rules)
 * 1:24206 <-> ENABLED <-> FILE-IDENTIFY LZH archive file magic detected (file-identify.rules)
 * 1:24207 <-> DISABLED <-> FILE-OTHER IBM Lotus Notes LZH Attachment Viewer buffer overflow (file-other.rules)
 * 1:24208 <-> DISABLED <-> FILE-OTHER IBM Lotus Notes LZH Attachment Viewer buffer overflow (file-other.rules)
 * 1:24209 <-> DISABLED <-> FILE-OTHER IBM Lotus Notes LZH Attachment Viewer buffer overflow (file-other.rules)
 * 1:24240 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel drawing layer use after free attempt (file-office.rules)
 * 1:24241 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel drawing layer use after free attempt (file-office.rules)
 * 1:24242 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel drawing layer use after free attempt (file-office.rules)
 * 1:24256 <-> ENABLED <-> MALWARE-BACKDOOR phpMyAdmin server_sync.php backdoor access attempt (malware-backdoor.rules)
 * 1:24291 <-> DISABLED <-> SERVER-WEBAPP HP SiteScope APISiteScopeImpl information disclosure attempt (server-webapp.rules)
 * 1:24292 <-> DISABLED <-> SERVER-WEBAPP HP SiteScope APISiteScopeImpl information disclosure attempt (server-webapp.rules)
 * 1:24296 <-> DISABLED <-> PROTOCOL-ICMP IPv6 router advertisement invalid prefix option attempt (protocol-icmp.rules)
 * 1:24321 <-> DISABLED <-> SERVER-OTHER HP StorageWorks File Migration Agent buffer overflow attempt (server-other.rules)
 * 1:24337 <-> DISABLED <-> SERVER-OTHER Novell Remote Manager off-by-one denial of service attempt (server-other.rules)
 * 1:24446 <-> DISABLED <-> SERVER-OTHER EMC NetWorker SunRPC format string exploit attempt (server-other.rules)
 * 1:24480 <-> DISABLED <-> PROTOCOL-SCADA WellinTech Kingview HMI history server buffer overflow attempt (protocol-scada.rules)
 * 1:24487 <-> DISABLED <-> FILE-PDF Microsoft Windows kernel-mode drivers core font parsing integer overflow attempt (file-pdf.rules)
 * 1:24507 <-> DISABLED <-> FILE-PDF Adobe Acrobat font parsing integer overflow attempt (file-pdf.rules)
 * 1:24508 <-> DISABLED <-> FILE-PDF Adobe Acrobat font parsing integer overflow attempt (file-pdf.rules)
 * 1:24518 <-> DISABLED <-> SERVER-WEBAPP Symantec Web Gateway PHP remote code injection attempt (server-webapp.rules)
 * 1:24519 <-> DISABLED <-> SERVER-WEBAPP Symantec Web Gateway PHP remote code execution attempt (server-webapp.rules)
 * 1:24520 <-> DISABLED <-> SERVER-WEBAPP Avaya IP Office Customer Call Reporter invalid file upload attempt (server-webapp.rules)
 * 1:24524 <-> DISABLED <-> SERVER-MAIL Novell GroupWise internet agent iCalendar parsing denial of service attempt (server-mail.rules)
 * 1:24536 <-> DISABLED <-> SERVER-OTHER HP Intelligent Management Center uam.exe stack buffer overflow attempt (server-other.rules)
 * 1:24537 <-> DISABLED <-> SERVER-OTHER HP Intelligent Management Center uam.exe stack buffer overflow attempt (server-other.rules)
 * 1:24538 <-> DISABLED <-> SERVER-OTHER HP Intelligent Management Center uam.exe stack buffer overflow attempt (server-other.rules)
 * 1:24628 <-> DISABLED <-> SERVER-WEBAPP Webmin show.cgi arbitrary command injection attempt (server-webapp.rules)
 * 1:24647 <-> DISABLED <-> SERVER-WEBAPP D-Link Wireless Router CAPTCHA data processing buffer overflow attempt (server-webapp.rules)
 * 1:24652 <-> DISABLED <-> FILE-OTHER Microsoft proxy autoconfig script system library import attempt (file-other.rules)
 * 1:24686 <-> DISABLED <-> SERVER-OTHER HP StorageWorks file migration agent buffer overflow attempt (server-other.rules)
 * 1:24696 <-> DISABLED <-> PROTOCOL-RPC EMC Networker nsrindexd.exe procedure 0x01 buffer overflow attempt (protocol-rpc.rules)
 * 1:24699 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime text track descriptors heap buffer overflow attempt (file-multimedia.rules)
 * 1:24700 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime text track descriptors heap buffer overflow attempt (file-multimedia.rules)
 * 1:24701 <-> DISABLED <-> FILE-JAVA Oracle Java Runtime true type font idef opcode heap buffer overflow attempt (file-java.rules)
 * 1:24706 <-> DISABLED <-> SERVER-WEBAPP Netop Remote Control dws file buffer overflow attempt (server-webapp.rules)
 * 1:24707 <-> DISABLED <-> SERVER-WEBAPP Netop Remote Control dws file buffer overflow attempt (server-webapp.rules)
 * 1:24765 <-> DISABLED <-> SERVER-WEBAPP Novell File Reporter SRS request heap overflow attempt (server-webapp.rules)
 * 1:24766 <-> DISABLED <-> SERVER-WEBAPP Novell File Reporter SRS request arbitrary file download attempt (server-webapp.rules)
 * 1:24767 <-> DISABLED <-> SERVER-WEBAPP Novell File Reporter FSFUI request directory traversal attempt (server-webapp.rules)
 * 1:24801 <-> DISABLED <-> SERVER-WEBAPP IBM Tivoli Provisioning Manager Express asset.getmimetype sql injection attempt (server-webapp.rules)
 * 1:24802 <-> DISABLED <-> SERVER-OTHER HP Database Archiving Software GIOP parsing buffer overflow attempt (server-other.rules)
 * 1:24915 <-> DISABLED <-> FILE-JAVA Oracle Java Runtime true type font idef opcode heap buffer overflow attempt (file-java.rules)
 * 1:24987 <-> DISABLED <-> POLICY-OTHER Adobe InDesign SOAP interface RunScript method access attempt (policy-other.rules)
 * 1:24993 <-> DISABLED <-> FILE-JAVA Oracle Java Applet remote code execution attempt (file-java.rules)
 * 1:25007 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Wealwedst variant outbound connection (malware-cnc.rules)
 * 1:25318 <-> DISABLED <-> SERVER-WEBAPP InduSoft Web Studio arbitrary file upload attempt (server-webapp.rules)
 * 1:25319 <-> DISABLED <-> SERVER-WEBAPP InduSoft Web Studio arbitrary file upload attempt (server-webapp.rules)
 * 1:25321 <-> DISABLED <-> SERVER-ORACLE Oracle Database tablefunc_asown buffer overflow attempt (server-oracle.rules)
 * 1:25345 <-> DISABLED <-> SERVER-WEBAPP Symantec IM Manager Web interface arbitrary command execution attempt (server-webapp.rules)
 * 1:25346 <-> DISABLED <-> FILE-IMAGE ImageMagick EXIF resolutionunit handling memory corruption attempt (file-image.rules)
 * 1:25347 <-> DISABLED <-> FILE-IMAGE ImageMagick EXIF resolutionunit handling memory corruption attempt (file-image.rules)
 * 1:25348 <-> DISABLED <-> FILE-IMAGE ImageMagick EXIF resolutionunit handling memory corruption attempt (file-image.rules)
 * 1:25353 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (file-office.rules)
 * 1:25354 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (file-office.rules)
 * 1:25355 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (file-office.rules)
 * 1:25366 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid Window2 BIFF record value attempt (file-office.rules)
 * 1:25367 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid Window2 BIFF record value attempt (file-office.rules)
 * 1:25369 <-> DISABLED <-> OS-WINDOWS NVIDIA graphics driver nvsr named pipe buffer overflow attempt (os-windows.rules)
 * 1:25392 <-> DISABLED <-> FILE-JAVA Oracle Java Rhino script engine remote code execution attempt (file-java.rules)
 * 1:25449 <-> ENABLED <-> FILE-PDF Javascript openDoc UNC network request attempt (file-pdf.rules)
 * 1:25450 <-> ENABLED <-> FILE-PDF Javascript openDoc UNC network request attempt (file-pdf.rules)
 * 1:25534 <-> DISABLED <-> SERVER-WEBAPP Sonicwall Global Management System authentication bypass attempt (server-webapp.rules)
 * 1:25542 <-> DISABLED <-> PROTOCOL-RPC EMC NetWorker nsrindexd service buffer overflow attempt (protocol-rpc.rules)
 * 1:25581 <-> ENABLED <-> SERVER-OTHER EMC AlphaStor Device Manager command injection attempt (server-other.rules)
 * 1:25582 <-> ENABLED <-> SERVER-OTHER EMC AlphaStor Device Manager command injection attempt (server-other.rules)
 * 1:25583 <-> ENABLED <-> SERVER-OTHER EMC AlphaStor Device Manager command injection attempt (server-other.rules)
 * 1:25584 <-> ENABLED <-> SERVER-OTHER EMC AlphaStor Device Manager command injection attempt (server-other.rules)
 * 1:25585 <-> ENABLED <-> SERVER-OTHER EMC AlphaStor Device Manager command injection attempt (server-other.rules)
 * 1:25586 <-> DISABLED <-> SERVER-WEBAPP Nagios Core get_history buffer overflow attempt (server-webapp.rules)
 * 1:25767 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JPX malformed code-block width memory corruption attempt (file-pdf.rules)
 * 1:25810 <-> DISABLED <-> FILE-OTHER VMWare OVF Tool format string exploit attempt (file-other.rules)
 * 1:25811 <-> DISABLED <-> FILE-OTHER VMWare OVF Tool format string exploit attempt (file-other.rules)
 * 1:25812 <-> DISABLED <-> FILE-OTHER VMWare OVF Tool format string exploit attempt (file-other.rules)
 * 1:25813 <-> DISABLED <-> FILE-OTHER VMWare OVF Tool format string exploit attempt (file-other.rules)
 * 1:25818 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader known malicious variable exploit attempt (file-pdf.rules)
 * 1:25819 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader known malicious variable exploit attempt (file-pdf.rules)
 * 1:25855 <-> DISABLED <-> SERVER-WEBAPP Nagios XI alert cloud cross site scripting attempt (server-webapp.rules)
 * 1:26073 <-> DISABLED <-> SERVER-OTHER SAP NetWeaver Message Server buffer overflow attempt (server-other.rules)
 * 1:26074 <-> DISABLED <-> SERVER-OTHER SAP NetWeaver Message Server buffer overflow attempt (server-other.rules)
 * 1:26081 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - Suspected Crimepack (malware-cnc.rules)
 * 1:26082 <-> DISABLED <-> FILE-PDF Nuance PDF reader launch overflow attempt (file-pdf.rules)
 * 1:26103 <-> DISABLED <-> SERVER-OTHER HP LeftHand Virtual SAN hydra ping request buffer overflow attempt (server-other.rules)
 * 1:26105 <-> DISABLED <-> SERVER-OTHER BigAnt IM Server buffer overflow attempt (server-other.rules)
 * 1:26107 <-> DISABLED <-> SERVER-OTHER HP Linux Imaging and Printing Project hpssd daemon command injection attempt (server-other.rules)
 * 1:26108 <-> DISABLED <-> SERVER-OTHER HP Linux Imaging and Printing Project hpssd daemon command injection attempt (server-other.rules)
 * 1:26178 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Hiloti variant outbound connection (malware-cnc.rules)
 * 1:26185 <-> ENABLED <-> FILE-JAVA Oracle Java Gmbal package sandbox breach attempt (file-java.rules)
 * 1:26186 <-> ENABLED <-> FILE-JAVA Oracle Java Gmbal package sandbox breach attempt (file-java.rules)
 * 1:26195 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp integer overflow attempt (file-java.rules)
 * 1:26196 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib LookupOp integer overflow attempt (file-java.rules)
 * 1:26197 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib ConvolveOp integer overflow attempt (file-java.rules)
 * 1:26198 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp integer overflow attempt (file-java.rules)
 * 1:26199 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib LookupOp integer overflow attempt (file-java.rules)
 * 1:26200 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib ConvolveOp integer overflow attempt (file-java.rules)
 * 1:26209 <-> DISABLED <-> FILE-OTHER CyberLink Power2Go name parameter overflow attempt (file-other.rules)
 * 1:26210 <-> DISABLED <-> FILE-OTHER CyberLink Power2Go name parameter overflow attempt (file-other.rules)
 * 1:26230 <-> DISABLED <-> SERVER-WEBAPP Alcatel-Lucent OmniPCX arbitrary command execution attempt (server-webapp.rules)
 * 1:26242 <-> DISABLED <-> FILE-MULTIMEDIA CCMPlayer m3u buffer overflow attempt (file-multimedia.rules)
 * 1:26243 <-> DISABLED <-> FILE-MULTIMEDIA CCMPlayer m3u buffer overflow attempt (file-multimedia.rules)
 * 1:26262 <-> DISABLED <-> SERVER-OTHER MongoDB nativeHelper.apply method command injection attempt (server-other.rules)
 * 1:26274 <-> DISABLED <-> SERVER-WEBAPP Nagios3 statuswml.cgi remote command execution attempt (server-webapp.rules)
 * 1:26280 <-> DISABLED <-> FILE-PDF Foxit Reader remote query string buffer overflow attempt (file-pdf.rules)
 * 1:26281 <-> DISABLED <-> FILE-PDF Foxit Reader remote query string buffer overflow attempt (file-pdf.rules)
 * 1:26282 <-> DISABLED <-> FILE-PDF Foxit Reader remote query string buffer overflow attempt (file-pdf.rules)
 * 1:26283 <-> DISABLED <-> FILE-PDF Foxit Reader remote query string buffer overflow attempt (file-pdf.rules)
 * 1:26320 <-> DISABLED <-> SERVER-WEBAPP Redmine SCM rev parameter command injection attempt (server-webapp.rules)
 * 1:26333 <-> DISABLED <-> SERVER-OTHER HP LeftHand Virtual SAN hydra diag request buffer overflow attempt (server-other.rules)
 * 1:26334 <-> DISABLED <-> SERVER-OTHER HP LeftHand Virtual SAN hydra diag request buffer overflow attempt (server-other.rules)
 * 1:26336 <-> DISABLED <-> SERVER-OTHER HP LeftHand Virtual SAN hydra snmp request buffer overflow attempt (server-other.rules)
 * 1:26389 <-> DISABLED <-> SERVER-OTHER BigAnt Document Service DUPF command arbitrary file upload attempt (server-other.rules)
 * 1:26390 <-> DISABLED <-> SERVER-OTHER BigAnt Document Service DUPF command arbitrary file upload attempt (server-other.rules)
 * 1:26416 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center mibFileUpload servlet arbitrary file upload attempt (server-webapp.rules)
 * 1:26417 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center mibFileUpload servlet arbitrary file upload attempt (server-webapp.rules)
 * 1:26418 <-> DISABLED <-> SERVER-WEBAPP HP System Management iprange parameter buffer overflow attempt (server-webapp.rules)
 * 1:26425 <-> DISABLED <-> PROTOCOL-VOIP Digium Asterisk SIP SDP header parsing stack buffer overflow attempt (protocol-voip.rules)
 * 1:26426 <-> DISABLED <-> PROTOCOL-VOIP Digium Asterisk SIP SDP header parsing stack buffer overflow attempt (protocol-voip.rules)
 * 1:26435 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Duqu variant outbound connection (malware-cnc.rules)
 * 1:26436 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center FaultDownloadServlet information disclosure attempt (server-webapp.rules)
 * 1:26471 <-> DISABLED <-> PROTOCOL-FTP VanDyke AbsoluteFTP LIST command stack buffer overflow attempt (protocol-ftp.rules)
 * 1:26473 <-> DISABLED <-> FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (file-other.rules)
 * 1:26474 <-> DISABLED <-> FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (file-other.rules)
 * 1:26475 <-> DISABLED <-> FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (file-other.rules)
 * 1:26476 <-> DISABLED <-> FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (file-other.rules)
 * 1:26477 <-> DISABLED <-> FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (file-other.rules)
 * 1:26478 <-> DISABLED <-> FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (file-other.rules)
 * 1:26479 <-> DISABLED <-> SERVER-OTHER ActFax LPD Server data field buffer overflow attempt (server-other.rules)
 * 1:26495 <-> DISABLED <-> FILE-OTHER WellinTech KingView KingMessage log file parsing buffer overflow attempt (file-other.rules)
 * 1:26496 <-> DISABLED <-> FILE-OTHER WellinTech KingView KingMessage log file parsing buffer overflow attempt (file-other.rules)
 * 1:26501 <-> DISABLED <-> SERVER-OTHER BigAnt Document Service DDNF request stack buffer overflow attempt (server-other.rules)
 * 1:26502 <-> DISABLED <-> PROTOCOL-SCADA 3S CoDeSys Gateway Server stack buffer overflow attempt (protocol-scada.rules)
 * 1:26503 <-> DISABLED <-> PROTOCOL-SCADA 3S CoDeSys Gateway Server stack buffer overflow attempt (protocol-scada.rules)
 * 1:26504 <-> DISABLED <-> PROTOCOL-SCADA 3S CoDeSys Gateway Server stack buffer overflow attempt (protocol-scada.rules)
 * 1:26505 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center IctDownloadServlet information disclosure attempt (server-webapp.rules)
 * 1:26520 <-> DISABLED <-> FILE-OTHER Maple Maplet File Creation and Command Execution attempt (file-other.rules)
 * 1:26521 <-> DISABLED <-> FILE-OTHER Maple Maplet File Creation and Command Execution attempt (file-other.rules)
 * 1:26523 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center ReportImgServlet information disclosure attempt (server-webapp.rules)
 * 1:26547 <-> DISABLED <-> SERVER-WEBAPP phpMyAdmin preg_replace remote code execution attempt (server-webapp.rules)
 * 1:26626 <-> DISABLED <-> FILE-OFFICE XML parameter entity reference local file disclosure attempt (file-office.rules)
 * 1:26645 <-> DISABLED <-> SERVER-OTHER SSL TLS deflate compression weakness brute force attempt (server-other.rules)
 * 1:26648 <-> DISABLED <-> FILE-OTHER Microsoft Windows uniscribe fonts parsing memory corruption attempt (file-other.rules)
 * 1:26649 <-> DISABLED <-> FILE-OTHER Microsoft Windows uniscribe fonts parsing memory corruption attempt (file-other.rules)
 * 1:26651 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:26652 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:26664 <-> ENABLED <-> FILE-IMAGE BMP extremely large xpos opcodes (file-image.rules)
 * 1:26669 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center SyslogDownloadServlet information disclosure attempt (server-webapp.rules)
 * 1:26672 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word TextBox sub-document memory corruption attempt (file-office.rules)
 * 1:26673 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word TextBox sub-document memory corruption attempt (file-office.rules)
 * 1:26674 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word TextBox sub-document memory corruption attempt (file-office.rules)
 * 1:26676 <-> DISABLED <-> FILE-OFFICE Microsoft Windows WordPad sprmTSetBrc SPRM overflow attempt (file-office.rules)
 * 1:26759 <-> DISABLED <-> SERVER-OTHER MIT Kerberos libkdb_ldap principal name handling denial of service attempt (server-other.rules)
 * 1:26769 <-> DISABLED <-> SERVER-OTHER MIT Kerberos kpasswd process_chpw_request denial of service attempt (server-other.rules)
 * 1:26794 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center UAM acmServletDownload information disclosure attempt (server-webapp.rules)
 * 1:26797 <-> DISABLED <-> SERVER-WEBAPP Mutiny editdocument servlet arbitrary file access attempt (server-webapp.rules)
 * 1:26798 <-> DISABLED <-> SERVER-WEBAPP Mutiny editdocument servlet arbitrary file upload attempt (server-webapp.rules)
 * 1:26905 <-> DISABLED <-> SERVER-WEBAPP FosWiki and TWiki MAKETEXT macro memory consumption denial of service attempt (server-webapp.rules)
 * 1:26922 <-> DISABLED <-> OS-WINDOWS Microsoft Windows FlattenPath paged memory consumption privilege escalation attempt (os-windows.rules)
 * 1:26927 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:26928 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:26953 <-> DISABLED <-> SERVER-WEBAPP D-Link DIR-300/DIR-600 unauthenticated remote command execution attempt (server-webapp.rules)
 * 1:26990 <-> DISABLED <-> SERVER-WEBAPP WordPress Super Cache & W3 Total Cache remote code execution attempt (server-webapp.rules)
 * 1:26991 <-> DISABLED <-> SERVER-WEBAPP WordPress Super Cache & W3 Total Cache remote code execution attempt (server-webapp.rules)
 * 1:26992 <-> DISABLED <-> SERVER-WEBAPP WordPress Super Cache & W3 Total Cache remote code execution attempt (server-webapp.rules)
 * 1:27018 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Mobile Management dusap.php directory traversal attempt (server-webapp.rules)
 * 1:27019 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Mobile Management dusap.php directory traversal attempt (server-webapp.rules)
 * 1:27020 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Mobile Management dusap.php directory traversal attempt (server-webapp.rules)
 * 1:27028 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Mobile Management mdm.php directory traversal attempt (server-webapp.rules)
 * 1:27029 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Mobile Management mdm.php directory traversal attempt (server-webapp.rules)
 * 1:27030 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Mobile Management mdm.php directory traversal attempt (server-webapp.rules)
 * 1:27036 <-> DISABLED <-> SERVER-OTHER Novell NetIQ User Manager modifyAccounts policy bypass attempt (server-other.rules)
 * 1:27075 <-> DISABLED <-> SERVER-OTHER Novell NetIQ User Manager ldapagnt_eval remote code execution attempt (server-other.rules)
 * 1:27076 <-> ENABLED <-> FILE-JAVA Oracle Java Applet disable security manager attempt (file-java.rules)
 * 1:27077 <-> ENABLED <-> FILE-JAVA Oracle Java Applet disable security manager attempt (file-java.rules)
 * 1:27102 <-> ENABLED <-> FILE-MULTIMEDIA Apple QuickTime enof atom parsing heap buffer overflow attempt (file-multimedia.rules)
 * 1:27103 <-> ENABLED <-> FILE-MULTIMEDIA Apple QuickTime enof atom parsing heap buffer overflow attempt (file-multimedia.rules)
 * 1:27104 <-> ENABLED <-> SERVER-WEBAPP HP System Management arbitrary command injection attempt (server-webapp.rules)
 * 1:27105 <-> ENABLED <-> SERVER-WEBAPP HP System Management arbitrary command injection attempt (server-webapp.rules)
 * 1:27122 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 305 buffer overflow attempt (server-other.rules)
 * 1:27124 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 1092 buffer overflow attempt (server-other.rules)
 * 1:27125 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 211 buffer overflow attempt (server-other.rules)
 * 1:27170 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 1091 buffer overflow attempt (server-other.rules)
 * 1:27188 <-> ENABLED <-> FILE-JAVA Oracle Java Applet ProviderSkeleton sandbox bypass attempt (file-java.rules)
 * 1:27189 <-> ENABLED <-> FILE-JAVA Oracle Java Applet ProviderSkeleton sandbox bypass attempt (file-java.rules)
 * 1:27190 <-> ENABLED <-> FILE-JAVA Oracle Java Applet ProviderSkeleton sandbox bypass attempt (file-java.rules)
 * 1:27191 <-> ENABLED <-> FILE-JAVA Oracle Java Applet ProviderSkeleton sandbox bypass attempt (file-java.rules)
 * 1:27192 <-> DISABLED <-> SERVER-WEBAPP DM Albums album.php remote file include attempt (server-webapp.rules)
 * 1:27210 <-> ENABLED <-> SERVER-OTHER IPMI RAKP cipher zero remote authentication bypass attempt (server-other.rules)
 * 1:27217 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 260 buffer overflow attempt (server-other.rules)
 * 1:27224 <-> ENABLED <-> SERVER-OTHER Adobe ColdFusion websocket invoke method access (server-other.rules)
 * 1:27225 <-> DISABLED <-> SERVER-OTHER Adobe ColdFusion JRun error page getWriter denial of service attempt (server-other.rules)
 * 1:27226 <-> DISABLED <-> SERVER-WEBAPP DokuWiki PHP file inclusion attempt (server-webapp.rules)
 * 1:27231 <-> DISABLED <-> OS-WINDOWS Microsoft Windows FlattenPath paged memory consumption privilege escalation attempt (os-windows.rules)
 * 1:27237 <-> DISABLED <-> SERVER-OTHER IPMI default username - root (server-other.rules)
 * 1:27238 <-> DISABLED <-> SERVER-OTHER IPMI default username - admin (server-other.rules)
 * 1:27239 <-> DISABLED <-> SERVER-OTHER IPMI default username - USERID (server-other.rules)
 * 1:27240 <-> DISABLED <-> SERVER-OTHER multiple vendors IPMI RAKP username brute force attempt (server-other.rules)
 * 1:27264 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 227 buffer overflow attempt (server-other.rules)
 * 1:27532 <-> DISABLED <-> SERVER-MAIL Exim and Dovecot mail from remote command execution attempt (server-mail.rules)
 * 1:27539 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 234 buffer overflow attempt (server-other.rules)
 * 1:27552 <-> DISABLED <-> OS-MOBILE Android Exploit Extra_Field APK file download attempt (os-mobile.rules)
 * 1:27571 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 235 buffer overflow attempt (server-other.rules)
 * 1:27572 <-> ENABLED <-> SERVER-APACHE Apache Struts wildcard matching OGNL remote code execution attempt (server-apache.rules)
 * 1:27573 <-> ENABLED <-> SERVER-APACHE Apache Struts wildcard matching OGNL remote code execution attempt (server-apache.rules)
 * 1:27574 <-> ENABLED <-> SERVER-APACHE Apache Struts OGNL getRuntime.exec static method access attempt (server-apache.rules)
 * 1:27575 <-> ENABLED <-> SERVER-APACHE Apache Struts arbitrary OGNL remote code execution attempt (server-apache.rules)
 * 1:27617 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 264 buffer overflow attempt (server-other.rules)
 * 1:27621 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27622 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27623 <-> DISABLED <-> SERVER-OTHER Joomla media.php arbitrary file upload attempt (server-other.rules)
 * 1:27646 <-> DISABLED <-> SERVER-OTHER HP LeftHand Virtual SAN hydra login request buffer overflow attempt (server-other.rules)
 * 1:27667 <-> DISABLED <-> SERVER-WEBAPP Joomla media.php file.upload direct administrator access attempt (server-webapp.rules)
 * 1:27672 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27673 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27674 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27675 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27676 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27677 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27688 <-> DISABLED <-> SERVER-WEBAPP mxBB MX Faq module_root_path file inclusion attempt (server-webapp.rules)
 * 1:27691 <-> ENABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster integer overflow attempt (file-java.rules)
 * 1:27692 <-> ENABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster integer overflow attempt (file-java.rules)
 * 1:27750 <-> ENABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster integer overflow attempt (file-java.rules)
 * 1:27751 <-> ENABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster integer overflow attempt (file-java.rules)
 * 1:27753 <-> DISABLED <-> SERVER-WEBAPP Click N Print Coupons coupon_detail.asp SQL injection attempt (server-webapp.rules)
 * 1:27756 <-> DISABLED <-> SERVER-WEBAPP RedHat Piranha Virtual Server Package default passwd and arbitrary command execution attempt (server-webapp.rules)
 * 1:27769 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 207 buffer overflow attempt (server-other.rules)
 * 1:27770 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 210 buffer overflow attempt (server-other.rules)
 * 1:27771 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 236 buffer overflow attempt (server-other.rules)
 * 1:27772 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 243 buffer overflow attempt (server-other.rules)
 * 1:27773 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 265 buffer overflow attempt (server-other.rules)
 * 1:27861 <-> DISABLED <-> SERVER-ORACLE Oracle Enterprise Manager Database Control directory traversal attempt (server-oracle.rules)
 * 1:27862 <-> DISABLED <-> SERVER-WEBAPP Avaya IP Office Customer Call Reporter invalid file upload attempt (server-webapp.rules)
 * 1:27863 <-> DISABLED <-> SERVER-WEBAPP Ektron CMS XSLT transform remote code execution attempt (server-webapp.rules)
 * 1:27921 <-> DISABLED <-> SERVER-ORACLE Oracle Endeca Server createDataStore remote command injection attempt (server-oracle.rules)
 * 1:27937 <-> ENABLED <-> SERVER-OTHER HP ProCurve Manager SNAC UpdateCertificatesServlet directory traversal attempt (server-other.rules)
 * 1:27941 <-> ENABLED <-> SERVER-OTHER HP ProCurve Manager SNAC UpdateDomainControllerServlet directory traversal attempt (server-other.rules)
 * 1:27942 <-> ENABLED <-> SERVER-WEBAPP Sophos Web Protection Appliance sblistpack arbitrary command execution attempt (server-webapp.rules)
 * 1:28047 <-> DISABLED <-> SERVER-WEBAPP RaidSonic Multiple Products arbitrary command injection attempt (server-webapp.rules)
 * 1:28052 <-> DISABLED <-> SERVER-WEBAPP Linksys WRT110 ping.cgi remote command execution attempt (server-webapp.rules)
 * 1:28093 <-> DISABLED <-> SERVER-WEBAPP Western Digital Arkeia Appliance directory traversal attempt (server-webapp.rules)
 * 1:28124 <-> DISABLED <-> FILE-OTHER PCRE character class heap buffer overflow attempt (file-other.rules)
 * 1:28137 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ShrFmla record use after free attempt (file-office.rules)
 * 1:28145 <-> DISABLED <-> SERVER-WEBAPP OpenEMR information disclosure attempt (server-webapp.rules)
 * 1:28149 <-> DISABLED <-> SERVER-OTHER Quest Software Big Brother attempted arbitrary file deletion (server-other.rules)
 * 1:28150 <-> DISABLED <-> SERVER-OTHER Quest Software Big Brother attempted arbitrary file upload  (server-other.rules)
 * 1:28165 <-> DISABLED <-> PROTOCOL-VOIP attempted DOS detected (protocol-voip.rules)
 * 1:28227 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 211 buffer overflow attempt (server-other.rules)
 * 1:28251 <-> DISABLED <-> SERVER-WEBAPP Zabbix httpmon.php SQL injection attempt (server-webapp.rules)
 * 1:28252 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:28263 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording integer overflow attempt (file-other.rules)
 * 1:28276 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:28277 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:28278 <-> DISABLED <-> SERVER-WEBAPP IBM Tivoli Provisioning Manager express user.updateUserValue sql injection attempt (server-webapp.rules)
 * 1:28289 <-> ENABLED <-> SERVER-WEBAPP Tenda W302R root remote code execution attempt (server-webapp.rules)
 * 1:28290 <-> ENABLED <-> SERVER-WEBAPP Tenda W302R iwpriv remote code execution attempt (server-webapp.rules)
 * 1:28361 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader malformed shading modifier heap corruption attempt (file-pdf.rules)
 * 1:28388 <-> DISABLED <-> FILE-PDF Adobe Acrobat TrueType font handling remote code execution attempt (file-pdf.rules)
 * 1:28389 <-> DISABLED <-> FILE-PDF Adobe Acrobat TrueType font handling remote code execution attempt (file-pdf.rules)
 * 1:28393 <-> DISABLED <-> SERVER-OTHER EMC Replication Manager irccd remote command execution attempt (server-other.rules)
 * 1:28394 <-> DISABLED <-> SERVER-OTHER EMC AlphaStore format string vulnerability exploit attempt (server-other.rules)
 * 1:28395 <-> DISABLED <-> SERVER-OTHER EMC AlphaStore format string vulnerability exploit attempt (server-other.rules)
 * 1:28396 <-> DISABLED <-> SERVER-OTHER EMC AlphaStore format string vulnerability exploit attempt (server-other.rules)
 * 1:28397 <-> DISABLED <-> SERVER-OTHER EMC AlphaStore format string vulnerability exploit attempt (server-other.rules)
 * 1:28398 <-> DISABLED <-> SERVER-OTHER EMC AlphaStore format string vulnerability exploit attempt (server-other.rules)
 * 1:28407 <-> ENABLED <-> SERVER-WEBAPP HP Intelligent Management Center BIMS UploadServlet arbitrary file upload attempt (server-webapp.rules)
 * 1:28427 <-> DISABLED <-> FILE-PDF Adobe Acrobat universal 3D format memory corruption attempt (file-pdf.rules)
 * 1:28448 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center BIMS bimsDownload directory traversal attempt (server-webapp.rules)
 * 1:28461 <-> DISABLED <-> FILE-PDF Adobe Acrobat font parsing integer overflow attempt (file-pdf.rules)
 * 1:28462 <-> DISABLED <-> FILE-PDF Adobe Acrobat font parsing integer overflow attempt (file-pdf.rules)
 * 1:28464 <-> ENABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28465 <-> ENABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28466 <-> ENABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28467 <-> ENABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28468 <-> ENABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28469 <-> ENABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28470 <-> ENABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28471 <-> ENABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28472 <-> ENABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28473 <-> ENABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28525 <-> ENABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28526 <-> ENABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28534 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML description attribute overflow attempt (file-other.rules)
 * 1:28535 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML description attribute overflow attempt (file-other.rules)
 * 1:28536 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML description attribute overflow attempt (file-other.rules)
 * 1:28537 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML description attribute overflow attempt (file-other.rules)
 * 1:28575 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Reader FDF submitForm cross-site scripting attempt (file-other.rules)
 * 1:28576 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Reader FDF submitForm cross-site scripting attempt (file-other.rules)
 * 1:28597 <-> ENABLED <-> FILE-PDF Adobe Acrobat and Adobe Acrobat Reader field dictionary null pointer dereference attempt (file-pdf.rules)
 * 1:28598 <-> ENABLED <-> FILE-PDF Adobe Acrobat and Adobe Acrobat Reader field dictionary null pointer dereference attempt (file-pdf.rules)
 * 1:28621 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:28622 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed shading modifier heap corruption attempt (file-pdf.rules)
 * 1:28623 <-> DISABLED <-> FILE-PDF Adobe Acrobat font parsing integer overflow attempt (file-pdf.rules)
 * 1:28624 <-> DISABLED <-> FILE-PDF Adobe Acrobat font parsing integer overflow attempt (file-pdf.rules)
 * 1:28625 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader U3D rgba parsing overflow attempt (file-pdf.rules)
 * 1:28633 <-> DISABLED <-> FILE-PDF Adobe Acrobat Universal 3D stream memory corruption attempt (file-pdf.rules)
 * 1:28642 <-> DISABLED <-> FILE-PDF Adobe Acrobat TrueType font handling remote code execution attempt (file-pdf.rules)
 * 1:28643 <-> DISABLED <-> FILE-PDF Adobe Acrobat TrueType font handling remote code execution attempt (file-pdf.rules)
 * 1:28659 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader known malicious variable exploit attempt (file-pdf.rules)
 * 1:28709 <-> DISABLED <-> FILE-PDF Adobe Acrobat Universal 3D stream memory corruption attempt (file-pdf.rules)
 * 1:28746 <-> DISABLED <-> SERVER-WEBAPP SAP NetWeaver SXPG_CALL_SYSTEM remote code execution attempt (server-webapp.rules)
 * 1:28747 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader universal 3D format memory corruption attempt (file-pdf.rules)
 * 1:28748 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader universal 3D format memory corruption attempt (file-pdf.rules)
 * 1:28790 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader universal 3D stream memory corruption attempt (file-pdf.rules)
 * 1:28794 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SerAuxTrend biff record corruption attempt (file-office.rules)
 * 1:28818 <-> DISABLED <-> FILE-OTHER 7-Zip ARJ archive handling buffer overflow attempt (file-other.rules)
 * 1:28819 <-> DISABLED <-> FILE-OTHER 7-Zip ARJ archive handling buffer overflow attempt (file-other.rules)
 * 1:28831 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro d2d1.dll dll-load exploit attempt (file-other.rules)
 * 1:28833 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro ipl.dll dll-load exploit attempt (file-other.rules)
 * 1:28834 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uipl.dll dll-load exploit attempt (file-other.rules)
 * 1:28835 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uvipl.dll dll-load exploit attempt (file-other.rules)
 * 1:28836 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro wintab32.dll dll-load exploit attempt (file-other.rules)
 * 1:28837 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro d2d1.dll dll-load exploit attempt (file-other.rules)
 * 1:28839 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro ipl.dll dll-load exploit attempt (file-other.rules)
 * 1:28840 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uipl.dll dll-load exploit attempt (file-other.rules)
 * 1:28841 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uvipl.dll dll-load exploit attempt (file-other.rules)
 * 1:28842 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro wintab32.dll dll-load exploit attempt (file-other.rules)
 * 1:28843 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader javascript toolbar button use after free attempt (file-pdf.rules)
 * 1:28844 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader javascript toolbar button use after free attempt (file-pdf.rules)
 * 1:28845 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader javascript toolbar button use after free attempt (file-pdf.rules)
 * 1:28846 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader javascript toolbar button use after free attempt (file-pdf.rules)
 * 1:28867 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NDProxy.sys privilege escalation attempt (os-windows.rules)
 * 1:28868 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NDProxy.sys privilege escalation attempt (os-windows.rules)
 * 1:28869 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NDProxy.sys privilege escalation attempt (os-windows.rules)
 * 1:28870 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NDProxy.sys privilege escalation attempt (os-windows.rules)
 * 1:28871 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NDProxy.sys privilege escalation attempt (os-windows.rules)
 * 1:28872 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NDProxy.sys privilege escalation attempt (os-windows.rules)
 * 1:28902 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules)
 * 1:28903 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules)
 * 1:28904 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules)
 * 1:28905 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules)
 * 1:28906 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules)
 * 1:28907 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules)
 * 1:28908 <-> DISABLED <-> SERVER-OTHER Nagios core config manager tfpassword sql injection attempt (server-other.rules)
 * 1:28909 <-> DISABLED <-> SERVER-WEBAPP OTManager ADM_Pagina.php remote file include attempt (server-webapp.rules)
 * 1:28910 <-> DISABLED <-> SERVER-WEBAPP mcRefer install.php arbitrary PHP code injection attempt (server-webapp.rules)
 * 1:28912 <-> DISABLED <-> SERVER-WEBAPP Joomla simple RSS reader admin.rssreader.php remote file include attempt (server-webapp.rules)
 * 1:28915 <-> ENABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster.verify method integer overflow attempt (file-java.rules)
 * 1:28916 <-> ENABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster.verify method integer overflow attempt (file-java.rules)
 * 1:28917 <-> DISABLED <-> PROTOCOL-SCADA Microsys Promotic directory traversal attempt (protocol-scada.rules)
 * 1:28936 <-> DISABLED <-> SERVER-WEBAPP Horde groupware webmail edition ingo filter cross-site request forgery attempt (server-webapp.rules)
 * 1:28937 <-> DISABLED <-> SERVER-WEBAPP HP SiteScope issuesiebelcmd soap request code execution attempt (server-webapp.rules)
 * 1:28942 <-> DISABLED <-> SERVER-WEBAPP BoonEx Dolphin 6.1.2 remote file include attempt (server-webapp.rules)
 * 1:28943 <-> DISABLED <-> SERVER-WEBAPP BoonEx Dolphin 6.1.2 remote file include attempt (server-webapp.rules)
 * 1:28944 <-> DISABLED <-> SERVER-WEBAPP BoonEx Dolphin 6.1.2 remote file include attempt (server-webapp.rules)
 * 1:28946 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint server callback function cross-site scripting attempt (server-webapp.rules)
 * 1:28956 <-> DISABLED <-> SERVER-WEBAPP Novell Zenworks configuration management umaninv information disclosure attempt (server-webapp.rules)
 * 1:28957 <-> DISABLED <-> SERVER-WEBAPP RSS-aggregator display.php remote file include attempt (server-webapp.rules)
 * 1:28961 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer RealMedia URL length buffer overflow attempt (file-multimedia.rules)
 * 1:28962 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer RealMedia URL length buffer overflow attempt (file-multimedia.rules)
 * 1:28993 <-> DISABLED <-> PROTOCOL-VOIP Sipvicious User-Agent detected (protocol-voip.rules)
 * 1:28998 <-> DISABLED <-> OS-LINUX Linux kernel ARM put_user write outside process address space privilege escalation attempt (os-linux.rules)
 * 1:28999 <-> DISABLED <-> OS-LINUX Linux kernel ARM put_user write outside process address space privilege escalation attempt (os-linux.rules)
 * 1:29005 <-> DISABLED <-> SERVER-WEBAPP IBM Platform Symphony SOAP request processing buffer overflow attempt (server-webapp.rules)
 * 1:29014 <-> DISABLED <-> OS-WINDOWS Microsoft Windows embedded OpenType font engine LZX decompression buffer overflow attempt (os-windows.rules)
 * 1:29017 <-> ENABLED <-> SERVER-WEBAPP HP LoadRunner Virtual User Generator EmulationAdmin directory traversal attempt (server-webapp.rules)
 * 1:29018 <-> DISABLED <-> SERVER-WEBAPP HP LoadRunner Virtual User Generator EmulationAdmin getReport SQL injection attempt (server-webapp.rules)
 * 1:29019 <-> ENABLED <-> SERVER-WEBAPP HP LoadRunner Virtual User Generator EmulationAdmin directory traversal attempt (server-webapp.rules)
 * 1:29028 <-> DISABLED <-> SERVER-MSSQL Microsoft SQL Server TDS packet fragment handling remote denial of service attempt (server-mssql.rules)
 * 1:29029 <-> DISABLED <-> SERVER-MSSQL Microsoft SQL Server TDS packet fragment handling remote denial of service attempt (server-mssql.rules)
 * 1:29040 <-> DISABLED <-> SERVER-WEBAPP Zimbra remote code execution attempt (server-webapp.rules)
 * 1:29041 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Data Center Network Manager processImageSave.jsp directory traversal attempt (server-webapp.rules)
 * 1:29042 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Data Center Network Manager processImageSave.jsp directory traversal attempt (server-webapp.rules)
 * 1:29061 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash Player memory corruption attempt (file-multimedia.rules)
 * 1:29062 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader malformed JBIG2 decode segment null pointer crash attempt (file-pdf.rules)
 * 1:29063 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader malformed JBIG2 decode segment null pointer crash attempt (file-pdf.rules)
 * 1:29110 <-> DISABLED <-> SERVER-WEBAPP Symantec Messaging Gateway save.do cross site request forgery attempt (server-webapp.rules)
 * 1:29118 <-> DISABLED <-> SERVER-WEBAPP Novell Groupwise Messenger Server process memory information disclosure attempt (server-webapp.rules)
 * 1:29141 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Data Center Network Manager FileUploadServlet arbitrary file upload attempt (server-webapp.rules)
 * 1:29142 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Data Center Network Manager FileUploadServlet arbitrary file upload attempt (server-webapp.rules)
 * 1:29182 <-> ENABLED <-> FILE-OTHER RealNetworks RealPlayer RMP stack buffer overflow attempt (file-other.rules)
 * 1:29183 <-> ENABLED <-> FILE-OTHER RealNetworks RealPlayer RMP stack buffer overflow attempt (file-other.rules)
 * 1:29184 <-> ENABLED <-> FILE-OTHER RealNetworks RealPlayer RMP stack buffer overflow attempt (file-other.rules)
 * 1:29185 <-> ENABLED <-> FILE-OTHER RealNetworks RealPlayer RMP stack buffer overflow attempt (file-other.rules)
 * 1:29192 <-> DISABLED <-> SERVER-WEBAPP Zimbra remote code execution attempt (server-webapp.rules)
 * 1:29193 <-> DISABLED <-> SERVER-WEBAPP Zimbra remote code execution attempt (server-webapp.rules)
 * 1:29207 <-> ENABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (file-other.rules)
 * 1:29208 <-> ENABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (file-other.rules)
 * 1:29209 <-> ENABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (file-other.rules)
 * 1:29210 <-> ENABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (file-other.rules)
 * 1:29211 <-> ENABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (file-other.rules)
 * 1:29212 <-> ENABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (file-other.rules)
 * 1:29267 <-> DISABLED <-> SERVER-WEBAPP Nagios3 statuswml.cgi remote command execution attempt (server-webapp.rules)
 * 1:29277 <-> DISABLED <-> FILE-OTHER IBM Forms Viewer XFDL form processing stack buffer overflow attempt (file-other.rules)
 * 1:29278 <-> DISABLED <-> FILE-OTHER IBM Forms Viewer XFDL form processing stack buffer overflow attempt (file-other.rules)
 * 1:29279 <-> DISABLED <-> FILE-OTHER IBM Forms Viewer XFDL form processing stack buffer overflow attempt (file-other.rules)
 * 1:29280 <-> DISABLED <-> FILE-OTHER IBM Forms Viewer XFDL form processing stack buffer overflow attempt (file-other.rules)
 * 1:29296 <-> ENABLED <-> SERVER-WEBAPP Red Hat CloudForms agent controller filename directory traversal attempt (server-webapp.rules)
 * 1:29297 <-> ENABLED <-> SERVER-WEBAPP Red Hat CloudForms agent controller filename directory traversal attempt (server-webapp.rules)
 * 1:29362 <-> DISABLED <-> SERVER-OTHER Novell NetWare AFP denial of service attempt (server-other.rules)
 * 1:29387 <-> ENABLED <-> SERVER-WEBAPP Synology DiskStation Manager SLICEUPLOAD remote command execution attempt (server-webapp.rules)
 * 1:29390 <-> ENABLED <-> SERVER-WEBAPP EMC Connectrix Manager FileUploadController directory traversal attempt (server-webapp.rules)
 * 1:29391 <-> ENABLED <-> SERVER-WEBAPP EMC Connectrix Manager FileUploadController directory traversal attempt (server-webapp.rules)
 * 1:29392 <-> ENABLED <-> SERVER-WEBAPP EMC Connectrix Manager FileUploadController directory traversal attempt (server-webapp.rules)
 * 1:29400 <-> DISABLED <-> SERVER-WEBAPP vTiger CRM AddEmailAttachment directory traversal attempt (server-webapp.rules)
 * 1:29409 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader javascript toolbar button use after free attempt (file-pdf.rules)
 * 1:29410 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader javascript toolbar button use after free attempt (file-pdf.rules)
 * 1:29418 <-> DISABLED <-> OS-MOBILE Android signature validation bypass APK file download attempt (os-mobile.rules)
 * 1:29419 <-> DISABLED <-> OS-MOBILE Android signature validation bypass APK file download attempt (os-mobile.rules)
 * 1:29465 <-> DISABLED <-> FILE-OTHER Corel PDF fusion XPS stack buffer overflow attempt (file-other.rules)
 * 1:29466 <-> DISABLED <-> FILE-OTHER Corel PDF fusion XPS stack buffer overflow attempt (file-other.rules)
 * 1:29467 <-> DISABLED <-> FILE-OTHER Corel PDF fusion XPS stack buffer overflow attempt (file-other.rules)
 * 1:29468 <-> DISABLED <-> FILE-OTHER Corel PDF fusion XPS stack buffer overflow attempt (file-other.rules)
 * 1:29485 <-> ENABLED <-> SERVER-WEBAPP EMC Connectrix Manager ManualBootImageUpload directory traversal attempt (server-webapp.rules)
 * 1:29486 <-> ENABLED <-> SERVER-WEBAPP EMC Connectrix Manager ManualBootImageUpload directory traversal attempt (server-webapp.rules)
 * 1:29487 <-> ENABLED <-> SERVER-WEBAPP EMC Connectrix Manager ManualBootImageUpload directory traversal attempt (server-webapp.rules)
 * 1:29488 <-> ENABLED <-> SERVER-WEBAPP EMC Connectrix Manager ManualBootImageUpload directory traversal attempt (server-webapp.rules)
 * 1:29490 <-> ENABLED <-> FILE-JAVA Oracle Java ShortComponentRaster integer overflow attempt (file-java.rules)
 * 1:29491 <-> ENABLED <-> FILE-JAVA Oracle Java ShortComponentRaster integer overflow attempt (file-java.rules)
 * 1:29498 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center sdFileDownload information disclosure attempt (server-webapp.rules)
 * 1:29499 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center sdFileDownload information disclosure attempt (server-webapp.rules)
 * 1:29516 <-> DISABLED <-> SERVER-OTHER HP LeftHand Virtual SAN hydra information disclosure attempt (server-other.rules)
 * 1:29517 <-> DISABLED <-> SERVER-OTHER HP LeftHand Virtual SAN hydra information disclosure attempt (server-other.rules)
 * 1:29520 <-> DISABLED <-> FILE-MULTIMEDIA Flip4Mac Windows media components WMV parsing memory corruption attempt (file-multimedia.rules)
 * 1:29521 <-> DISABLED <-> FILE-MULTIMEDIA Flip4Mac Windows media components WMV parsing memory corruption attempt (file-multimedia.rules)
 * 1:29526 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules)
 * 1:29527 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules)
 * 1:29528 <-> DISABLED <-> SERVER-OTHER OpenView Network Node Manager ovalarmsrv opcode 46 integer overflow attempt (server-other.rules)
 * 1:29529 <-> DISABLED <-> SERVER-OTHER OpenView Network Node Manager ovalarmsrv opcode 47 integer overflow attempt (server-other.rules)
 * 1:29530 <-> DISABLED <-> SERVER-OTHER OpenView Network Node Manager ovalarmsrv opcode 54 integer overflow attempt (server-other.rules)
 * 1:29531 <-> DISABLED <-> SERVER-OTHER OpenView Network Node Manager ovalarmsrv opcode 25 integer overflow attempt (server-other.rules)
 * 1:29532 <-> DISABLED <-> SERVER-OTHER OpenView Network Node Manager ovalarmsrv opcode 81 integer overflow attempt (server-other.rules)
 * 1:29535 <-> DISABLED <-> FILE-JAVA Oracle Java Rhino script engine remote code execution attempt (file-java.rules)
 * 1:29537 <-> DISABLED <-> SERVER-WEBAPP HP SiteScope APIMonitorImpl information disclosure attempt (server-webapp.rules)
 * 1:29570 <-> DISABLED <-> FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (file-other.rules)
 * 1:29571 <-> DISABLED <-> FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (file-other.rules)
 * 1:29572 <-> DISABLED <-> FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (file-other.rules)
 * 1:29573 <-> DISABLED <-> FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (file-other.rules)
 * 1:29574 <-> DISABLED <-> FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (file-other.rules)
 * 1:29575 <-> DISABLED <-> FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (file-other.rules)
 * 1:29576 <-> DISABLED <-> FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (file-other.rules)
 * 1:29577 <-> DISABLED <-> FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (file-other.rules)
 * 1:29581 <-> DISABLED <-> SERVER-OTHER CA Brightstor SUN RPC malformed string buffer overflow attempt (server-other.rules)
 * 1:29592 <-> DISABLED <-> SERVER-APACHE Apache Struts wildcard matching OGNL remote code execution attempt (server-apache.rules)
 * 1:29596 <-> DISABLED <-> SERVER-WEBAPP HP SiteScope soap request code execution attempt (server-webapp.rules)
 * 1:29597 <-> DISABLED <-> SERVER-WEBAPP HP SiteScope soap request code execution attempt (server-webapp.rules)
 * 1:29605 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp integer overflow attempt (file-java.rules)
 * 1:29606 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp integer overflow attempt (file-java.rules)
 * 1:29610 <-> DISABLED <-> SERVER-OTHER IBM Cognos TM1 Server tm1admsd.exe buffer overflow attempt (server-other.rules)
 * 1:29611 <-> DISABLED <-> SERVER-OTHER IBM Cognos TM1 Server tm1admsd.exe buffer overflow attempt (server-other.rules)
 * 1:29622 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed shading modifier heap corruption attempt (file-pdf.rules)
 * 1:29639 <-> DISABLED <-> SERVER-APACHE Apache Struts wildcard matching OGNL remote code execution attempt (server-apache.rules)
 * 1:29647 <-> DISABLED <-> SERVER-APACHE Apache Roller OGNL injection remote code execution attempt (server-apache.rules)
 * 1:29648 <-> DISABLED <-> SERVER-APACHE Apache Roller OGNL injection remote code execution attempt (server-apache.rules)
 * 1:29649 <-> DISABLED <-> SERVER-APACHE Apache Roller allowStaticMethodAccess invocation attempt (server-apache.rules)
 * 1:29669 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader pattern object memory corruption attempt (file-pdf.rules)
 * 1:29746 <-> DISABLED <-> SERVER-WEBAPP Symantec Web Gateway languagetest.php language parameter directory traversal attempt (server-webapp.rules)
 * 1:29750 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center SOM authentication bypass attempt (server-webapp.rules)
 * 1:29751 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center SOM authentication bypass attempt (server-webapp.rules)
 * 1:29752 <-> ENABLED <-> SERVER-WEBAPP HP Intelligent Management Center SOM authentication bypass attempt (server-webapp.rules)
 * 1:29756 <-> DISABLED <-> SERVER-WEBAPP IBM Tivoli Provisioning Manager express user.updateUserValue sql injection attempt (server-webapp.rules)
 * 1:29792 <-> DISABLED <-> SERVER-OTHER Novell iPrint Server remote code execution attempt (server-other.rules)
 * 1:29798 <-> DISABLED <-> SERVER-WEBAPP CuteFlow pre-authenticated admin account creation attempt (server-webapp.rules)
 * 1:29799 <-> DISABLED <-> SERVER-WEBAPP CuteFlow pre-authenticated admin account creation attempt (server-webapp.rules)
 * 1:29808 <-> DISABLED <-> SERVER-WEBAPP Nagios XI alert cloud cross site scripting attempt (server-webapp.rules)
 * 1:29823 <-> DISABLED <-> OS-WINDOWS Microsoft Windows secure channel malformed certificate request memory corruption attempt (os-windows.rules)
 * 1:29937 <-> DISABLED <-> SERVER-OTHER SAP NetWeaver Dispatcher DiagTraceR3Info buffer overflow attempt (server-other.rules)
 * 1:29939 <-> DISABLED <-> SERVER-OTHER EMC AlphaStore buffer overflow attempt (server-other.rules)
 * 1:29940 <-> DISABLED <-> SERVER-OTHER EMC AlphaStore buffer overflow attempt (server-other.rules)
 * 1:29941 <-> DISABLED <-> SERVER-OTHER EMC AlphaStore buffer overflow attempt (server-other.rules)
 * 1:29942 <-> DISABLED <-> SERVER-OTHER EMC AlphaStore buffer overflow attempt (server-other.rules)
 * 1:29946 <-> DISABLED <-> SERVER-OTHER IBM DB2 Universal Database receiveDASMessage buffer overflow attempt (server-other.rules)
 * 1:29947 <-> DISABLED <-> SERVER-OTHER IBM DB2 Universal Database receiveDASMessage buffer overflow attempt (server-other.rules)
 * 1:29948 <-> DISABLED <-> SERVER-OTHER IBM DB2 Universal Database receiveDASMessage buffer overflow attempt (server-other.rules)
 * 1:29950 <-> DISABLED <-> SERVER-OTHER TP-Link TL-WR740N wireless router remote denial of service attempt (server-other.rules)
 * 1:29967 <-> DISABLED <-> SERVER-OTHER Python socket.recvfrom_into remote buffer overflow attempt (server-other.rules)
 * 1:29968 <-> DISABLED <-> SERVER-OTHER Python socket.recvfrom_into remote buffer overflow attempt (server-other.rules)
 * 1:29992 <-> DISABLED <-> SERVER-WEBAPP Linksys WRT120N tmUnblock.cgi TM_Block_URL parameter fprintf stack buffer overflow attempt (server-webapp.rules)
 * 1:30010 <-> DISABLED <-> SERVER-APACHE Apache Solr SolrResourceLoader directory traversal attempt (server-apache.rules)
 * 1:30011 <-> DISABLED <-> SERVER-WEBAPP GE Proficy CIMPLICITY CimWebServer remote code execution attempt (server-webapp.rules)
 * 1:30012 <-> DISABLED <-> SERVER-WEBAPP ESF pfSense Snort log view remote file inclusion attempt (server-webapp.rules)
 * 1:30013 <-> DISABLED <-> SERVER-WEBAPP ESF pfSense Snort log view remote file inclusion attempt (server-webapp.rules)
 * 1:30031 <-> DISABLED <-> SERVER-WEBAPP IBM Lotus Domino stack buffer overflow attempt (server-webapp.rules)
 * 1:30032 <-> DISABLED <-> SERVER-OTHER Borland VisiBroker Smart Agent heap overflow attempt (server-other.rules)
 * 1:30150 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash Player memory corruption attempt (file-multimedia.rules)
 * 1:30151 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash Player memory corruption attempt (file-multimedia.rules)
 * 1:30152 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash Player memory corruption attempt (file-multimedia.rules)
 * 1:30199 <-> DISABLED <-> SERVER-WEBAPP PHP DateInterval heap buffer overread denial of service attempt (server-webapp.rules)
 * 1:30200 <-> DISABLED <-> SERVER-WEBAPP PHP DateInterval heap buffer overread denial of service attempt (server-webapp.rules)
 * 1:30205 <-> ENABLED <-> SERVER-OTHER HP AIO Archive Query Server stack buffer overflow attempt (server-other.rules)
 * 1:30206 <-> ENABLED <-> SERVER-OTHER HP AIO Archive Query Server stack buffer overflow attempt (server-other.rules)
 * 1:30207 <-> ENABLED <-> SERVER-OTHER HP AIO Archive Query Server stack buffer overflow attempt (server-other.rules)
 * 1:30215 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player Live555 RTSP plugin stack-based buffer overflow attempt (file-multimedia.rules)
 * 1:30263 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector opcode 42 directory traversal attempt (server-other.rules)
 * 1:30264 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector opcode 42 directory traversal attempt (server-other.rules)
 * 1:30265 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector opcode 42 directory traversal attempt (server-other.rules)
 * 1:30266 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector opcode 42 directory traversal attempt (server-other.rules)
 * 1:30267 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector opcode 42 directory traversal attempt (server-other.rules)
 * 1:30268 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector opcode 42 directory traversal attempt (server-other.rules)
 * 1:30280 <-> DISABLED <-> SERVER-WEBAPP FreePBX config.php remote code execution attempt (server-webapp.rules)
 * 1:30291 <-> DISABLED <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt (server-webapp.rules)
 * 1:30292 <-> DISABLED <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt (server-webapp.rules)
 * 1:30293 <-> DISABLED <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt (server-webapp.rules)
 * 1:30294 <-> DISABLED <-> SERVER-WEBAPP SePortal poll.php SQL injection attempt (server-webapp.rules)
 * 1:30295 <-> DISABLED <-> SERVER-WEBAPP SePortal print.php SQL injection attempt (server-webapp.rules)
 * 1:30296 <-> DISABLED <-> SERVER-WEBAPP SePortal staticpages.php SQL injection attempt (server-webapp.rules)
 * 1:30305 <-> DISABLED <-> SERVER-WEBAPP Horde Framework variables.php unserialize PHP code execution attempt (server-webapp.rules)
 * 1:30307 <-> DISABLED <-> SERVER-WEBAPP EMC Connectrix Manager FileUploadController directory traversal attempt (server-webapp.rules)
 * 1:30329 <-> DISABLED <-> SERVER-OTHER McAfee Asset Manager downloadReport information disclosure attempt (server-other.rules)
 * 1:30330 <-> DISABLED <-> SERVER-OTHER McAfee Asset Manager downloadReport information disclosure attempt (server-other.rules)
 * 1:30343 <-> DISABLED <-> SERVER-WEBAPP Joomla weblinks-categories SQL injection attempt (server-webapp.rules)
 * 1:30526 <-> DISABLED <-> SERVER-WEBAPP Joomla komento extension cross site scripting attempt (server-webapp.rules)
 * 1:30527 <-> DISABLED <-> SERVER-WEBAPP Joomla komento extension cross site scripting attempt (server-webapp.rules)
 * 1:30528 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader javascript toolbar button use after free attempt (file-pdf.rules)
 * 1:30529 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader javascript toolbar button use after free attempt (file-pdf.rules)
 * 1:30774 <-> DISABLED <-> SERVER-WEBAPP Splunk collect file parameter directory traversal attempt (server-webapp.rules)
 * 1:30790 <-> DISABLED <-> SERVER-APACHE Apache Struts ParametersInterceptor classloader access attempt (server-apache.rules)
 * 1:30792 <-> DISABLED <-> SERVER-APACHE Apache Struts ParametersInterceptor classloader access attempt (server-apache.rules)
 * 1:30797 <-> DISABLED <-> PROTOCOL-SCADA Yokogawa CENTUM CS 3000 RETR bkbcopyd buffer overflow attempt (protocol-scada.rules)
 * 1:30798 <-> DISABLED <-> PROTOCOL-SCADA Yokogawa CENTUM CS 3000 STOR bkbcopyd buffer overflow attempt (protocol-scada.rules)
 * 1:30799 <-> DISABLED <-> PROTOCOL-SCADA Yokogawa CENTUM CS 3000 ATTR bkbcopyd buffer overflow attempt (protocol-scada.rules)
 * 1:30800 <-> DISABLED <-> PROTOCOL-SCADA Yokogawa CENTUM CS 3000 XATR bkbcopyd buffer overflow attempt (protocol-scada.rules)
 * 1:30801 <-> DISABLED <-> PROTOCOL-SCADA Yokogawa CENTUM CS 3000 PMODE bkbcopyd buffer overflow attempt (protocol-scada.rules)
 * 1:30802 <-> ENABLED <-> PROTOCOL-SCADA Yokogawa CENTUM CS 3000 bkclogserv buffer overflow attempt (protocol-scada.rules)
 * 1:3085 <-> DISABLED <-> SERVER-OTHER AOL Instant Messenger goaway message buffer overflow attempt (server-other.rules)
 * 1:30876 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:30877 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:30928 <-> ENABLED <-> SERVER-OTHER SAP NetWeaver dir content listing attempt (server-other.rules)
 * 1:30944 <-> DISABLED <-> SERVER-APACHE Apache Struts CookieInterceptor classloader access attempt (server-apache.rules)
 * 1:31015 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader integer overflow attempt (file-pdf.rules)
 * 1:31016 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader integer overflow attempt (file-pdf.rules)
 * 1:31021 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader api call handling arbitrary execution attempt (file-pdf.rules)
 * 1:31022 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader api call handling arbitrary execution attempt (file-pdf.rules)
 * 1:31056 <-> DISABLED <-> PROTOCOL-SNMP Motorola Netopia 3347 series WEP key enumeration attempt (protocol-snmp.rules)
 * 1:31057 <-> DISABLED <-> PROTOCOL-SNMP Motorola Netopia 3347 series WPA key enumeration attempt (protocol-snmp.rules)
 * 1:31058 <-> DISABLED <-> PROTOCOL-SNMP Brocade snAgentUserAccntName enumeration attempt (protocol-snmp.rules)
 * 1:31059 <-> DISABLED <-> PROTOCOL-SNMP Brocade snAgentUserAccntPassword enumeration attempt (protocol-snmp.rules)
 * 1:31067 <-> DISABLED <-> SERVER-WEBAPP Advantech WebAccess ChartThemeConfig SQL injection attempt (server-webapp.rules)
 * 1:31068 <-> DISABLED <-> SERVER-OTHER F5 BIG-IP iControl API hostname command injection attempt (server-other.rules)
 * 1:31095 <-> DISABLED <-> PROTOCOL-SNMP Ubee DDW3611 series WEP key enumeration attempt (protocol-snmp.rules)
 * 1:31096 <-> DISABLED <-> PROTOCOL-SNMP Ubee DDW3611 series WPA key enumeration attempt (protocol-snmp.rules)
 * 1:31097 <-> DISABLED <-> PROTOCOL-SNMP CableHome Devices cabhPsDevUIPassword enumeration attempt (protocol-snmp.rules)
 * 1:31098 <-> DISABLED <-> PROTOCOL-SNMP Ubee U10C019 series WEP key enumeration attempt (protocol-snmp.rules)
 * 1:31099 <-> DISABLED <-> PROTOCOL-SNMP Ubee U10C019 series WPA key enumeration attempt (protocol-snmp.rules)
 * 1:31100 <-> DISABLED <-> PROTOCOL-SNMP Ubee U10C019 series password enumeration attempt (protocol-snmp.rules)
 * 1:31103 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:31104 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:31105 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:31106 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:31128 <-> DISABLED <-> PROTOCOL-FTP CoreFTP FTP Server TYPE command denial of service attempt (protocol-ftp.rules)
 * 1:31143 <-> DISABLED <-> SERVER-WEBAPP CA ERwin Web Portal ConfigServiceProvider directory traversal attempt (server-webapp.rules)
 * 1:31148 <-> DISABLED <-> SERVER-WEBAPP Supermicro Intelligent Management Controller login.cgi buffer overflow attempt (server-webapp.rules)
 * 1:31149 <-> DISABLED <-> SERVER-WEBAPP Supermicro Intelligent Management Controller login.cgi buffer overflow attempt (server-webapp.rules)
 * 1:31157 <-> DISABLED <-> SERVER-WEBAPP Cogent DataHub getpermissions.asp command injection attempt (server-webapp.rules)
 * 1:31158 <-> DISABLED <-> SERVER-WEBAPP Cogent DataHub getpermissions.asp command injection attempt (server-webapp.rules)
 * 1:31159 <-> DISABLED <-> SERVER-WEBAPP Cogent DataHub getpermissions.asp command injection attempt (server-webapp.rules)
 * 1:31160 <-> DISABLED <-> SERVER-WEBAPP Cogent DataHub getpermissions.asp command injection attempt (server-webapp.rules)
 * 1:31176 <-> DISABLED <-> SERVER-OTHER GnuTLS Server Hello Session ID heap overflow attempt (server-other.rules)
 * 1:31177 <-> DISABLED <-> SERVER-OTHER GnuTLS Server Hello Session ID heap overflow attempt (server-other.rules)
 * 1:31178 <-> DISABLED <-> SERVER-OTHER GnuTLS Server Hello Session ID heap overflow attempt (server-other.rules)
 * 1:31179 <-> DISABLED <-> SERVER-OTHER GnuTLS Server Hello Session ID heap overflow attempt (server-other.rules)
 * 1:31195 <-> DISABLED <-> SERVER-WEBAPP VMTurbo Operations Manager directory traversal attempt (server-webapp.rules)
 * 1:31210 <-> ENABLED <-> SERVER-WEBAPP Supermicro Intelligent Management Controller close_window.cgi buffer overflow attempt (server-webapp.rules)
 * 1:31211 <-> ENABLED <-> SERVER-WEBAPP Supermicro Intelligent Management Controller close_window.cgi buffer overflow attempt (server-webapp.rules)
 * 1:31259 <-> DISABLED <-> SERVER-WEBAPP Supermicro Intelligent Management Controller url_redirect.cgi directory traversal attempt (server-webapp.rules)
 * 1:31300 <-> ENABLED <-> SERVER-OTHER Xerox DocuShare SQL injection attempt (server-other.rules)
 * 1:31305 <-> DISABLED <-> SERVER-WEBAPP Rocket Servergraph Admin Center fileRequestor directory traversal attempt (server-webapp.rules)
 * 1:31310 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word SmartTag record code execution attempt (file-office.rules)
 * 1:31311 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word SmartTag record code execution attempt (file-office.rules)
 * 1:31312 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word SmartTag record code execution attempt (file-office.rules)
 * 1:31330 <-> ENABLED <-> SERVER-WEBAPP AlienVault OSSIM av-centerd update_system_info_debian_package command injection attempt (server-webapp.rules)
 * 1:31337 <-> DISABLED <-> SERVER-OTHER Nagios NRPE command execution attempt (server-other.rules)
 * 1:31338 <-> DISABLED <-> SERVER-OTHER OpenAFS GetStatistics buffer overflow attempt (server-other.rules)
 * 1:31360 <-> DISABLED <-> SERVER-WEBAPP PHP include parameter remote file include attempt (server-webapp.rules)
 * 1:31362 <-> DISABLED <-> SERVER-WEBAPP MiniBB PHP arbitrary remote code execution attempt (server-webapp.rules)
 * 1:31363 <-> DISABLED <-> SERVER-WEBAPP MF Piadas admin.php page parameter PHP remote file include attempt (server-webapp.rules)
 * 1:31364 <-> DISABLED <-> SERVER-WEBAPP FlashGameScript index.php func parameter PHP remote file include attempt (server-webapp.rules)
 * 1:31366 <-> ENABLED <-> FILE-JAVA Oracle Java sun.tracing.ProviderSkeleton sandbox bypass attempt (file-java.rules)
 * 1:31367 <-> ENABLED <-> FILE-JAVA Oracle Java sun.tracing.ProviderSkeleton sandbox bypass attempt (file-java.rules)
 * 1:31373 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM ovwebsnmpsrv.exe command line argument buffer overflow attempt (server-webapp.rules)
 * 1:31376 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer mpeg width integer memory underflow attempt (file-multimedia.rules)
 * 1:31377 <-> DISABLED <-> SERVER-WEBAPP PHP includedir parameter remote file include attempt (server-webapp.rules)
 * 1:31378 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Converter sprmTSplit overflow attempt (file-office.rules)
 * 1:31379 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Converter sprmTTextFflow overflow attempt (file-office.rules)
 * 1:31411 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder wmerrorDAN.dll dll-load exploit attempt (os-windows.rules)
 * 1:31412 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder winietDAN.dll dll-load exploit attempt (os-windows.rules)
 * 1:31413 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder asferrorDAN.dll dll-load exploit attempt (os-windows.rules)
 * 1:31414 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder wmerrorDAN.dll dll-load exploit attempt (os-windows.rules)
 * 1:31415 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder winietDAN.dll dll-load exploit attempt (os-windows.rules)
 * 1:31416 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder asferrorDAN.dll dll-load exploit attempt (os-windows.rules)
 * 1:31425 <-> DISABLED <-> SERVER-WEBAPP PHP Simple Shop abs_path parameter PHP remote file include attempt (server-webapp.rules)
 * 1:31426 <-> DISABLED <-> SERVER-WEBAPP Jevontech PHPenpals PersonalID SQL injection attempt (server-webapp.rules)
 * 1:31429 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint server callback function cross-site scripting attempt (server-webapp.rules)
 * 1:31439 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader Texture Declaration buffer overflow attempt (file-pdf.rules)
 * 1:31440 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader Texture Declaration buffer overflow attempt (file-pdf.rules)
 * 1:31443 <-> DISABLED <-> SERVER-WEBAPP ActiveState ActivePerl perlIIS.dll server URI buffer overflow attempt (server-webapp.rules)
 * 1:31497 <-> DISABLED <-> SERVER-WEBAPP Oracle Event Processing FileUploadServlet directory traversal attempt (server-webapp.rules)
 * 1:31498 <-> DISABLED <-> SERVER-WEBAPP Oracle Event Processing FileUploadServlet directory traversal attempt (server-webapp.rules)
 * 1:31505 <-> ENABLED <-> SERVER-WEBAPP AlienVault OSSIM av-centerd get_license command injection attempt (server-webapp.rules)
 * 1:31506 <-> ENABLED <-> SERVER-WEBAPP AlienVault OSSIM av-centerd get_log_line command injection attempt (server-webapp.rules)
 * 1:31519 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:31520 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:31521 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:31522 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:31523 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:31524 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:31525 <-> ENABLED <-> SERVER-OTHER HP AutoPass License Server CommunicationServlet directory traversal attempt (server-other.rules)
 * 1:31526 <-> ENABLED <-> SERVER-OTHER HP AutoPass License Server CommunicationServlet directory traversal attempt (server-other.rules)
 * 1:31529 <-> ENABLED <-> SERVER-OTHER D-Link Multiple Products HNAP request buffer overflow attempt (server-other.rules)
 * 1:31534 <-> ENABLED <-> FILE-OFFICE Microsoft Access memory corruption attempt (file-office.rules)
 * 1:31535 <-> ENABLED <-> FILE-OFFICE Microsoft Access memory corruption attempt (file-office.rules)
 * 1:31536 <-> ENABLED <-> FILE-OFFICE Microsoft Access memory corruption attempt (file-office.rules)
 * 1:31537 <-> ENABLED <-> FILE-OFFICE Microsoft Access memory corruption attempt (file-office.rules)
 * 1:31540 <-> ENABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster integer overflow attempt (file-java.rules)
 * 1:31541 <-> ENABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster integer overflow attempt (file-java.rules)
 * 1:31542 <-> DISABLED <-> SERVER-WEBAPP D-Link Multiple Products info.cgi request buffer overflow attempt (server-webapp.rules)
 * 1:31555 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader U3D CLODMeshDeceleration code execution attempt (file-pdf.rules)
 * 1:31562 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word global array index heap overflow attempt (file-office.rules)
 * 1:31565 <-> DISABLED <-> SERVER-WEBAPP Flashchat aedatingCMS2.php remote file include attempt (server-webapp.rules)
 * 1:31566 <-> DISABLED <-> SERVER-WEBAPP Flashchat aedatingCMS.php remote file include attempt (server-webapp.rules)
 * 1:31567 <-> DISABLED <-> SERVER-WEBAPP Gitlist remote command injection attempt (server-webapp.rules)
 * 1:31569 <-> DISABLED <-> SERVER-WEBAPP Tiki Wiki 8.3 unserialize PHP remote code execution attempt (server-webapp.rules)
 * 1:31570 <-> DISABLED <-> SERVER-MYSQL MySQL/MariaDB mysql.cc buffer overflow attempt (server-mysql.rules)
 * 1:31588 <-> DISABLED <-> SERVER-WEBAPP D-Link Multiple Products hedwig.cgi cookie buffer overflow attempt (server-webapp.rules)
 * 1:31637 <-> DISABLED <-> SERVER-WEBAPP Ad Fundum Integrateable News Script remote include path attempt (server-webapp.rules)
 * 1:31638 <-> DISABLED <-> SERVER-WEBAPP Voodoo Chat index.php remote include path attempt (server-webapp.rules)
 * 1:31647 <-> DISABLED <-> SERVER-WEBAPP AVM FritzBox webcm command injection attempt (server-webapp.rules)
 * 1:31648 <-> DISABLED <-> SERVER-WEBAPP AVM FritzBox webcm command injection attempt (server-webapp.rules)
 * 1:31651 <-> DISABLED <-> SERVER-WEBAPP VMTurbo Operations Manager vmtadmin.cgi command injection attempt (server-webapp.rules)
 * 1:31652 <-> DISABLED <-> SERVER-WEBAPP VMTurbo Operations Manager vmtadmin.cgi command injection attempt (server-webapp.rules)
 * 1:31686 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:31687 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:31696 <-> DISABLED <-> SERVER-WEBAPP Jira Issue Collector Plugin directory traversal attempt (server-webapp.rules)
 * 1:31697 <-> DISABLED <-> SERVER-WEBAPP Jira Issue Collector Plugin directory traversal attempt (server-webapp.rules)
 * 1:31698 <-> DISABLED <-> SERVER-WEBAPP Jira Issue Collector Plugin directory traversal attempt (server-webapp.rules)
 * 1:31728 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Desktop Central LinkViewFetchServlet SQL injection attempt (server-webapp.rules)
 * 1:31729 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Password Manager MetadataServlet SQL injection attempt (server-webapp.rules)
 * 1:31730 <-> DISABLED <-> SERVER-WEBAPP Symantec Web Gateway dbutils.php SQL injection attempt (server-webapp.rules)
 * 1:31731 <-> DISABLED <-> SERVER-WEBAPP Symantec Web Gateway dbutils.php SQL injection attempt (server-webapp.rules)
 * 1:31743 <-> DISABLED <-> SERVER-WEBAPP Wordpress WPTouch file upload remote code execution attempt (server-webapp.rules)
 * 1:31745 <-> DISABLED <-> SERVER-WEBAPP vTiger CRM install module command injection attempt (server-webapp.rules)
 * 1:31747 <-> DISABLED <-> SERVER-WEBAPP Gitlab ssh key upload command injection attempt (server-webapp.rules)
 * 1:31764 <-> DISABLED <-> SERVER-OTHER MIT Kerberos KDC TGS request cross-realm referral null pointer dereference denial of service attempt (server-other.rules)
 * 1:31765 <-> DISABLED <-> SERVER-OTHER MIT Kerberos KDC TGS request cross-realm referral null pointer dereference denial of service attempt (server-other.rules)
 * 1:31771 <-> DISABLED <-> SERVER-WEBAPP SolarWinds Storage Manager directory traversal attempt (server-webapp.rules)
 * 1:31798 <-> DISABLED <-> SERVER-WEBAPP HP Network Virtualization storedNtxFile directory traversal attempt (server-webapp.rules)
 * 1:31818 <-> DISABLED <-> SERVER-WEBAPP ManageEngine DesktopCentral statusUpdate servlet directory traversal attempt (server-webapp.rules)
 * 1:31819 <-> DISABLED <-> SERVER-WEBAPP HP Network Virtualization toServerObject directory traversal attempt (server-webapp.rules)
 * 1:31823 <-> ENABLED <-> SERVER-WEBAPP AlienVault OSSIM remote_task command injection attempt (server-webapp.rules)
 * 1:31838 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Eventlog Analyzer directory traversal attempt (server-webapp.rules)
 * 1:31846 <-> DISABLED <-> POLICY-OTHER HP Universal CMDB default credentials authentication attempt (policy-other.rules)
 * 1:31851 <-> DISABLED <-> PROTOCOL-SNMP Arris DG950A 128 bit WEP key enumeration attempt (protocol-snmp.rules)
 * 1:31852 <-> DISABLED <-> PROTOCOL-SNMP Arris DG950A 64 bit WEP key enumeration attempt (protocol-snmp.rules)
 * 1:31853 <-> DISABLED <-> PROTOCOL-SNMP Arris DG950A WPA key enumeration attempt (protocol-snmp.rules)
 * 1:31854 <-> DISABLED <-> PROTOCOL-SNMP Multiple Products 128 bit WEP key enumeration attempt (protocol-snmp.rules)
 * 1:31855 <-> DISABLED <-> PROTOCOL-SNMP Multiple Products 64 bit WEP key enumeration attempt (protocol-snmp.rules)
 * 1:31856 <-> DISABLED <-> PROTOCOL-SNMP Multiple Products WPA key enumeration attempt (protocol-snmp.rules)
 * 1:31877 <-> DISABLED <-> SERVER-OTHER HP Application Life Cycle Management ActiveX arbitrary code execution attempt (server-other.rules)
 * 1:31878 <-> DISABLED <-> SERVER-OTHER HP Application Life Cycle Management ActiveX arbitrary code execution attempt (server-other.rules)
 * 1:31879 <-> DISABLED <-> SERVER-OTHER HP Application Life Cycle Management ActiveX arbitrary code execution attempt (server-other.rules)
 * 1:31880 <-> DISABLED <-> SERVER-OTHER HP Application Life Cycle Management ActiveX arbitrary code execution attempt (server-other.rules)
 * 1:31881 <-> DISABLED <-> SERVER-OTHER HP Application Life Cycle Management ActiveX arbitrary code execution attempt (server-other.rules)
 * 1:31882 <-> DISABLED <-> SERVER-OTHER HP Application Life Cycle Management ActiveX arbitrary code execution attempt (server-other.rules)
 * 1:31889 <-> DISABLED <-> SERVER-MAIL Exim Dovecot LDA sender_address command injection attempt (server-mail.rules)
 * 1:31890 <-> DISABLED <-> SERVER-MAIL Exim Dovecot LDA sender_address command injection attempt (server-mail.rules)
 * 1:31892 <-> DISABLED <-> SERVER-WEBAPP HybridAuth install.php code injection attempt (server-webapp.rules)
 * 1:31912 <-> DISABLED <-> SERVER-WEBAPP cPanel 9.01 multiple URI parameters cross site scripting attempt (server-webapp.rules)
 * 1:31942 <-> DISABLED <-> SERVER-WEBAPP Novell GroupWise Admin Service FileUploadServlet directory traversal attempt (server-webapp.rules)
 * 1:31945 <-> DISABLED <-> SERVER-WEBAPP PhpWiki Ploticus plugin command injection attempt (server-webapp.rules)
 * 1:31956 <-> DISABLED <-> SERVER-WEBAPP Rejetto HttpFileServer command injection attempt (server-webapp.rules)
 * 1:31986 <-> ENABLED <-> FILE-OTHER Wireshark MPEG dissector stack buffer overflow attempt (file-other.rules)
 * 1:31987 <-> ENABLED <-> FILE-OTHER Wireshark MPEG dissector stack buffer overflow attempt (file-other.rules)
 * 1:32014 <-> DISABLED <-> SERVER-WEBAPP GetSimpleCMS arbitrary PHP code execution attempt (server-webapp.rules)
 * 1:32044 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Eventlog Analyzer directory traversal attempt (server-webapp.rules)
 * 1:32056 <-> DISABLED <-> SERVER-WEBAPP ManageEngine FileCollector servlet directory traversal attempt (server-webapp.rules)
 * 1:32057 <-> DISABLED <-> SERVER-WEBAPP ManageEngine multipartRequest servlet directory traversal attempt (server-webapp.rules)
 * 1:32059 <-> ENABLED <-> PROTOCOL-SCADA KingSCADA Alarm Server stack buffer overflow attempt (protocol-scada.rules)
 * 1:32068 <-> DISABLED <-> POLICY-OTHER SolarWinds Log and Event Manager default credentials authentication attempt (policy-other.rules)
 * 1:32076 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 1091 directory traversal attempt (server-other.rules)
 * 1:32084 <-> ENABLED <-> SERVER-OTHER HP Network Node Manager ovopi.dll buffer overflow attempt (server-other.rules)
 * 1:32085 <-> ENABLED <-> SERVER-OTHER HP Network Node Manager ovopi.dll buffer overflow attempt (server-other.rules)
 * 1:32092 <-> DISABLED <-> POLICY-OTHER ManageEngine DeviceExpert user credentials enumeration attempt (policy-other.rules)
 * 1:32109 <-> DISABLED <-> SERVER-WEBAPP Easy File Management stack buffer overflow attempt (server-webapp.rules)
 * 1:32149 <-> DISABLED <-> FILE-OTHER Microsoft System.Uri heap corruption attempt (file-other.rules)
 * 1:32150 <-> DISABLED <-> FILE-OTHER Microsoft System.Uri heap corruption attempt (file-other.rules)
 * 1:32151 <-> DISABLED <-> FILE-OTHER Microsoft System.Uri heap corruption attempt (file-other.rules)
 * 1:32152 <-> DISABLED <-> FILE-OTHER Microsoft System.Uri heap corruption attempt (file-other.rules)
 * 1:32199 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 305 directory traversal attempt (server-other.rules)
 * 1:32232 <-> ENABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:32233 <-> ENABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:32234 <-> ENABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:32235 <-> ENABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:32276 <-> DISABLED <-> SERVER-WEBAPP WordPress Infusionsoft Gravity Forms Plugin arbitrary code execution attempt (server-webapp.rules)
 * 1:32323 <-> DISABLED <-> SERVER-WEBAPP WordPress Custom Contact Forms plugin SQL export attempt (server-webapp.rules)
 * 1:32324 <-> DISABLED <-> SERVER-WEBAPP WordPress Custom Contact Forms plugin arbitrary SQL execution attempt (server-webapp.rules)
 * 1:32337 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader pattern object memory corruption attempt (file-pdf.rules)
 * 1:32342 <-> ENABLED <-> SERVER-OTHER AlienVault OSSIM framework backup_restore action command injection attempt (server-other.rules)
 * 1:32346 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 1091 directory traversal attempt (server-other.rules)
 * 1:32347 <-> DISABLED <-> SERVER-WEBAPP ManageEngine FileCollector servlet directory traversal attempt (server-webapp.rules)
 * 1:32348 <-> DISABLED <-> SERVER-WEBAPP ManageEngine FileCollector servlet directory traversal attempt (server-webapp.rules)
 * 1:32349 <-> DISABLED <-> SERVER-WEBAPP ManageEngine FileCollector servlet directory traversal attempt (server-webapp.rules)
 * 1:32350 <-> DISABLED <-> SERVER-WEBAPP ManageEngine multipartRequest servlet directory traversal attempt (server-webapp.rules)
 * 1:32351 <-> DISABLED <-> SERVER-WEBAPP ManageEngine multipartRequest servlet directory traversal attempt (server-webapp.rules)
 * 1:32352 <-> ENABLED <-> SERVER-WEBAPP Centreon displayServiceStatus.php command injection attempt (server-webapp.rules)
 * 1:32369 <-> DISABLED <-> PROTOCOL-ICMP FreeBSD rtsold dname_labeldec stack buffer overflow attempt (protocol-icmp.rules)
 * 1:32370 <-> DISABLED <-> SERVER-OTHER AOL Instant Messenger goaway message buffer overflow attempt (server-other.rules)
 * 1:32371 <-> ENABLED <-> SERVER-OTHER HP Network Node Manager ovopi.dll buffer overflow attempt (server-other.rules)
 * 1:32377 <-> DISABLED <-> FILE-OFFICE Microsoft Office invalid MS-OGRAPH DataFormat buffer overflow attempt (file-office.rules)
 * 1:32381 <-> DISABLED <-> SERVER-OTHER OpenSSL DTLS SRTP extension parsing denial-of-service attempt (server-other.rules)
 * 1:32382 <-> DISABLED <-> SERVER-OTHER OpenSSL DTLS SRTP extension parsing denial-of-service attempt (server-other.rules)
 * 1:32403 <-> ENABLED <-> SERVER-OTHER HP Network Node Manager ovopi.dll buffer overflow attempt (server-other.rules)
 * 1:32526 <-> DISABLED <-> POLICY-OTHER Visual Mining NetCharts default credentials authentication attempt (policy-other.rules)
 * 1:32527 <-> DISABLED <-> SERVER-WEBAPP Visual Mining NetCharts directory traversal attempt (server-webapp.rules)
 * 1:32528 <-> DISABLED <-> SERVER-WEBAPP Visual Mining NetCharts directory traversal attempt (server-webapp.rules)
 * 1:32530 <-> ENABLED <-> SERVER-OTHER HP Network Node Manager ovopi.dll buffer overflow attempt (server-other.rules)
 * 1:32563 <-> DISABLED <-> SERVER-WEBAPP Visual Mining NetCharts arbitrary file upload attempt (server-webapp.rules)
 * 1:32581 <-> DISABLED <-> SERVER-WEBAPP Mantis Bug Tracker XmlImportExport plugin PHP code injection attempt (server-webapp.rules)
 * 1:32582 <-> DISABLED <-> SERVER-WEBAPP Mantis Bug Tracker XmlImportExport plugin PHP code injection attempt (server-webapp.rules)
 * 1:32601 <-> DISABLED <-> SERVER-OTHER Hikvision DVR RTSP request buffer overflow attempt (server-other.rules)
 * 1:32602 <-> DISABLED <-> POLICY-OTHER ManageEngine Eventlog Analyzer credential disclosure attempt (policy-other.rules)
 * 1:32603 <-> DISABLED <-> POLICY-OTHER ManageEngine Eventlog Analyzer information disclosure attempt (policy-other.rules)
 * 1:32619 <-> DISABLED <-> FILE-OTHER MostGear EasyLanFolderShare serial key overflow attempt (file-other.rules)
 * 1:32620 <-> DISABLED <-> FILE-OTHER MostGear EasyLanFolderShare serial key overflow attempt (file-other.rules)
 * 1:32628 <-> ENABLED <-> SERVER-OTHER HP Network Node Manager ovopi.dll buffer overflow attempt (server-other.rules)
 * 1:32729 <-> DISABLED <-> POLICY-OTHER HP Network Node Manager ovopi.dll command 685 insecure pointer dereference attempt (policy-other.rules)
 * 1:32738 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime text track descriptors heap buffer overflow attempt (file-multimedia.rules)
 * 1:32739 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime text track descriptors heap buffer overflow attempt (file-multimedia.rules)
 * 1:32740 <-> DISABLED <-> POLICY-OTHER Arris VAP2500 default credentials authentication attempt (policy-other.rules)
 * 1:32741 <-> DISABLED <-> POLICY-OTHER Arris VAP2500 default credentials authentication attempt (policy-other.rules)
 * 1:32742 <-> ENABLED <-> SERVER-WEBAPP Arris VAP2500 tools_command.php command execution attempt (server-webapp.rules)
 * 1:32744 <-> DISABLED <-> SERVER-WEBAPP ManageEngine NetFlow Analyzer DisplayChartPDF directory traversal attempt (server-webapp.rules)
 * 1:32745 <-> DISABLED <-> SERVER-WEBAPP ManageEngine NetFlow Analyzer information disclosure attempt (server-webapp.rules)
 * 1:32753 <-> ENABLED <-> SERVER-WEBAPP FreePBX Framework Asterisk recording interface PHP unserialize code execution attempt (server-webapp.rules)
 * 1:32793 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader XRef object integer overflow attempt (file-pdf.rules)
 * 1:32794 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader XRef object integer overflow attempt (file-pdf.rules)
 * 1:32885 <-> DISABLED <-> SERVER-WEBAPP Enalean Tuleap PHP unserialize code execution attempt (server-webapp.rules)
 * 1:32886 <-> DISABLED <-> SERVER-WEBAPP Enalean Tuleap PHP unserialize code execution attempt (server-webapp.rules)
 * 1:32887 <-> DISABLED <-> SERVER-WEBAPP ActualScripts ActualAnalyzer aa.php command injection attempt (server-webapp.rules)
 * 1:32901 <-> DISABLED <-> FILE-OTHER Advantech ADAMView GeniDAQ display designer stack buffer overflow attempt (file-other.rules)
 * 1:32902 <-> DISABLED <-> FILE-OTHER Advantech ADAMView GeniDAQ display designer stack buffer overflow attempt (file-other.rules)
 * 1:32961 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher 2003 EscherStm memory corruption attempt (file-office.rules)
 * 1:32962 <-> DISABLED <-> SERVER-WEBAPP Lexmark MarkVision Enterprise GfdFileUploadServlet directory traversal attempt (server-webapp.rules)
 * 1:32963 <-> DISABLED <-> SERVER-WEBAPP Lexmark MarkVision Enterprise GfdFileUploadServlet directory traversal attempt (server-webapp.rules)
 * 1:32964 <-> DISABLED <-> SERVER-WEBAPP Lexmark MarkVision Enterprise GfdFileUploadServlet directory traversal attempt (server-webapp.rules)
 * 1:32967 <-> DISABLED <-> POLICY-OTHER ManageEngine Desktop Central DCPlugin insecure admin account creation attempt (policy-other.rules)
 * 1:32968 <-> DISABLED <-> SERVER-WEBAPP F5 BIG-IP name parameter directory traversal attempt (server-webapp.rules)
 * 1:32969 <-> DISABLED <-> SERVER-WEBAPP F5 BIG-IP name parameter directory traversal attempt (server-webapp.rules)
 * 1:32970 <-> DISABLED <-> SERVER-WEBAPP F5 BIG-IP name parameter directory traversal attempt (server-webapp.rules)
 * 1:32971 <-> DISABLED <-> SERVER-WEBAPP HP System Management iprange parameter buffer overflow attempt (server-webapp.rules)
 * 1:32974 <-> DISABLED <-> OS-MOBILE Android ObjectInputStream privilege escalation attempt (os-mobile.rules)
 * 1:32975 <-> DISABLED <-> OS-MOBILE Android ObjectInputStream privilege escalation attempt (os-mobile.rules)
 * 1:33005 <-> DISABLED <-> SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx NodeName buffer overflow attempt (server-webapp.rules)
 * 1:33006 <-> DISABLED <-> SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx NodeName buffer overflow attempt (server-webapp.rules)
 * 1:33007 <-> DISABLED <-> SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx NodeName buffer overflow attempt (server-webapp.rules)
 * 1:33008 <-> DISABLED <-> SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx NodeName buffer overflow attempt (server-webapp.rules)
 * 1:33009 <-> DISABLED <-> SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx UserName buffer overflow attempt (server-webapp.rules)
 * 1:33010 <-> DISABLED <-> SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx UserName buffer overflow attempt (server-webapp.rules)
 * 1:33011 <-> DISABLED <-> SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx UserName buffer overflow attempt (server-webapp.rules)
 * 1:33012 <-> DISABLED <-> SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx UserName buffer overflow attempt (server-webapp.rules)
 * 1:33029 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (file-other.rules)
 * 1:33030 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (file-other.rules)
 * 1:33031 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (file-other.rules)
 * 1:33032 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (file-other.rules)
 * 1:33033 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (file-other.rules)
 * 1:33034 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (file-other.rules)
 * 1:33035 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (file-other.rules)
 * 1:33036 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (file-other.rules)
 * 1:33037 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (file-other.rules)
 * 1:33038 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (file-other.rules)
 * 1:33039 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (file-other.rules)
 * 1:33040 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (file-other.rules)
 * 1:33041 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (file-multimedia.rules)
 * 1:33074 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Multiple Products WsDiscoveryServlet directory traversal attempt (server-webapp.rules)
 * 1:33075 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Multiple Products WsDiscoveryServlet directory traversal attempt (server-webapp.rules)
 * 1:33076 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Multiple Products WsDiscoveryServlet directory traversal attempt (server-webapp.rules)
 * 1:33087 <-> DISABLED <-> FILE-PDF Foxit Reader remote query string buffer overflow attempt (file-pdf.rules)
 * 1:33104 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Multiple Products directory traversal attempt (server-webapp.rules)
 * 1:33113 <-> DISABLED <-> SERVER-WEBAPP Novell eDirectory IMONITOR cross site scripting attempt (server-webapp.rules)
 * 1:33114 <-> DISABLED <-> SERVER-WEBAPP HP System Management Homepage cross site scripting attempt (server-webapp.rules)
 * 1:33197 <-> DISABLED <-> SERVER-OTHER BMC Track-It FileStorageService directory traversal attempt (server-other.rules)
 * 1:33276 <-> DISABLED <-> SERVER-WEBAPP AlienVault OSSIM a_deployment.php command injection attempt (server-webapp.rules)
 * 1:33277 <-> DISABLED <-> SERVER-WEBAPP AlienVault OSSIM a_deployment.php command injection attempt (server-webapp.rules)
 * 1:33278 <-> DISABLED <-> SERVER-WEBAPP AlienVault OSSIM a_deployment.php command injection attempt (server-webapp.rules)
 * 1:33279 <-> DISABLED <-> SERVER-WEBAPP McAfee ePolicy Orchestrator XML external entity injection attempt (server-webapp.rules)
 * 1:33440 <-> DISABLED <-> SERVER-WEBAPP WordPress EasyCart PHP code execution attempt (server-webapp.rules)
 * 1:33441 <-> DISABLED <-> FILE-OFFICE Microsoft Office OLESS stream object name corruption attempt (file-office.rules)
 * 1:33442 <-> DISABLED <-> FILE-OFFICE Microsoft Office OLESS stream object name corruption attempt (file-office.rules)
 * 1:33446 <-> DISABLED <-> SERVER-WEBAPP Symantec Encryption Management Server command injection attempt (server-webapp.rules)
 * 1:33447 <-> DISABLED <-> SERVER-WEBAPP Symantec Encryption Management Server command injection attempt (server-webapp.rules)
 * 1:33448 <-> DISABLED <-> SERVER-WEBAPP Symantec Encryption Management Server command injection attempt (server-webapp.rules)
 * 1:33514 <-> DISABLED <-> SERVER-WEBAPP WordPress Photo Gallery PHP code execution attempt (server-webapp.rules)
 * 1:33515 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (file-image.rules)
 * 1:33516 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (file-image.rules)
 * 1:33517 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (file-image.rules)
 * 1:33518 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (file-image.rules)
 * 1:33573 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Multiple Products FailOverHelperServlet information disclosure attempt (server-webapp.rules)
 * 1:33574 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Multiple Products FailOverHelperServlet information disclosure attempt (server-webapp.rules)
 * 1:33581 <-> DISABLED <-> SERVER-WEBAPP nginx URI processing security bypass attempt (server-webapp.rules)
 * 1:33597 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Desktop Central MSP StatusUpdateServlet directory traversal attempt (server-webapp.rules)
 * 1:33598 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Desktop Central MSP StatusUpdateServlet directory traversal attempt (server-webapp.rules)
 * 1:33599 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Desktop Central MSP StatusUpdateServlet directory traversal attempt (server-webapp.rules)
 * 1:33615 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS5 gif file heap corruption attempt (file-image.rules)
 * 1:33632 <-> DISABLED <-> SERVER-WEBAPP PHP xmlrpc.php command injection attempt (server-webapp.rules)
 * 1:33651 <-> DISABLED <-> SERVER-WEBAPP Solarwinds Orion AccountManagement SQL injection attempt (server-webapp.rules)
 * 1:33652 <-> DISABLED <-> SERVER-WEBAPP Solarwinds Orion AccountManagement SQL injection attempt (server-webapp.rules)
 * 1:33653 <-> DISABLED <-> SERVER-WEBAPP Solarwinds Orion AccountManagement SQL injection attempt (server-webapp.rules)
 * 1:33657 <-> DISABLED <-> SERVER-WEBAPP Dell ScriptLogic Asset Manager SQL injection attempt (server-webapp.rules)
 * 1:33658 <-> DISABLED <-> SERVER-WEBAPP Dell ScriptLogic Asset Manager SQL injection attempt (server-webapp.rules)
 * 1:33659 <-> DISABLED <-> SERVER-WEBAPP Dell ScriptLogic Asset Manager SQL injection attempt (server-webapp.rules)
 * 1:33665 <-> ENABLED <-> SERVER-OTHER HP Client Automation command injection attempt (server-other.rules)
 * 1:33676 <-> DISABLED <-> SERVER-WEBAPP Symantec Web Gateway restore.php command injection attempt (server-webapp.rules)
 * 1:33812 <-> ENABLED <-> SERVER-WEBAPP Seagate NAS remote code execution attempt (server-webapp.rules)
 * 1:33813 <-> DISABLED <-> SERVER-WEBAPP Eclipse Foundation Jetty HttpParser information disclosure attempt (server-webapp.rules)
 * 1:33832 <-> DISABLED <-> SERVER-WEBAPP Seagate BlackArmor NAS getAlias.php command injection attempt (server-webapp.rules)
 * 1:33853 <-> DISABLED <-> SERVER-WEBAPP D-Link multiple products ping.ccp command injection attempt (server-webapp.rules)
 * 1:33875 <-> DISABLED <-> POLICY-OTHER SolarWinds Firewall Security Manager insecure userlogin.jsp access attempt (policy-other.rules)
 * 1:33889 <-> DISABLED <-> SERVER-WEBAPP Websense Triton CommandLineServlet command injection attempt (server-webapp.rules)
 * 1:33890 <-> DISABLED <-> SERVER-WEBAPP Websense Triton CommandLineServlet command injection attempt (server-webapp.rules)
 * 1:33894 <-> DISABLED <-> SERVER-WEBAPP TWiki debugenableplugins arbitrary perl code injection attempt (server-webapp.rules)
 * 1:33895 <-> DISABLED <-> SERVER-WEBAPP TWiki debugenableplugins arbitrary perl code injection attempt (server-webapp.rules)
 * 1:33896 <-> DISABLED <-> SERVER-WEBAPP OpenNMS XML external entity injection attempt (server-webapp.rules)
 * 1:33915 <-> DISABLED <-> SERVER-WEBAPP HP ArcSight Logger directory traversal attempt (server-webapp.rules)
 * 1:33916 <-> DISABLED <-> SERVER-WEBAPP HP ArcSight Logger directory traversal attempt (server-webapp.rules)
 * 1:33917 <-> DISABLED <-> SERVER-WEBAPP HP ArcSight Logger directory traversal attempt (server-webapp.rules)
 * 1:33934 <-> DISABLED <-> SERVER-WEBAPP Wordpress WP Marketplace plugin directory traversal attempt (server-webapp.rules)
 * 1:33935 <-> DISABLED <-> SERVER-WEBAPP Wordpress WP Marketplace plugin privilege escalation attempt (server-webapp.rules)
 * 1:33936 <-> DISABLED <-> SERVER-WEBAPP TRENDnet TN200 Network Storage System command injection attempt (server-webapp.rules)
 * 1:33937 <-> DISABLED <-> SERVER-WEBAPP TRENDnet TN200 Network Storage System command injection attempt (server-webapp.rules)
 * 1:33938 <-> DISABLED <-> SERVER-WEBAPP Seagate BlackArmor NAS send_test_email command injection attempt (server-webapp.rules)
 * 1:33986 <-> DISABLED <-> POLICY-OTHER ManageEngine Desktop Central insecure admin password reset attempt (policy-other.rules)
 * 1:34000 <-> DISABLED <-> SERVER-WEBAPP Berta Content Management System PHP code execution attempt (server-webapp.rules)
 * 1:34024 <-> DISABLED <-> POLICY-OTHER ManageEngine Desktop Central insecure admin password reset attempt (policy-other.rules)
 * 1:34055 <-> DISABLED <-> SERVER-WEBAPP Lexmark Markvision Enterprise LibraryFileUploadServlet directory traversal attempt (server-webapp.rules)
 * 1:34056 <-> DISABLED <-> SERVER-WEBAPP Lexmark Markvision Enterprise LibraryFileUploadServlet directory traversal attempt (server-webapp.rules)
 * 1:34104 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management directory traversal attempt (server-webapp.rules)
 * 1:34105 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management directory traversal attempt (server-webapp.rules)
 * 1:34106 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management directory traversal attempt (server-webapp.rules)
 * 1:34139 <-> DISABLED <-> SERVER-OTHER Novell ZenWorks configuration management file upload directory traversal attempt (server-other.rules)
 * 1:34156 <-> ENABLED <-> FILE-FLASH Adobe Flash Player EAC3 memory corruption attempt (file-flash.rules)
 * 1:34157 <-> ENABLED <-> FILE-FLASH Adobe Flash Player EAC3 memory corruption attempt (file-flash.rules)
 * 1:34158 <-> ENABLED <-> FILE-FLASH Adobe Flash Player EAC3 memory corruption attempt (file-flash.rules)
 * 1:34159 <-> ENABLED <-> FILE-FLASH Adobe Flash Player EAC3 memory corruption attempt (file-flash.rules)
 * 1:34160 <-> DISABLED <-> SERVER-OTHER Oracle Outside In Paradox database denial of service attempt (server-other.rules)
 * 1:34166 <-> ENABLED <-> FILE-FLASH Adobe Flash Player byte array double free attempt (file-flash.rules)
 * 1:34167 <-> ENABLED <-> FILE-FLASH Adobe Flash Player byte array double free attempt (file-flash.rules)
 * 1:34168 <-> ENABLED <-> FILE-FLASH Adobe Flash Player byte array double free attempt (file-flash.rules)
 * 1:34169 <-> ENABLED <-> FILE-FLASH Adobe Flash Player byte array double free attempt (file-flash.rules)
 * 1:34184 <-> DISABLED <-> SERVER-WEBAPP ESF pfSense services_unbound_acls cross site scripting attempt (server-webapp.rules)
 * 1:34185 <-> DISABLED <-> SERVER-WEBAPP ESF pfSense status_captiveportal cross site scripting attempt (server-webapp.rules)
 * 1:34215 <-> DISABLED <-> SERVER-WEBAPP ESF pfSense diag_logs_filter cross site scripting attempt (server-webapp.rules)
 * 1:34220 <-> DISABLED <-> SERVER-WEBAPP Barracuda Networks Web Filter index.cgi command injection attempt (server-webapp.rules)
 * 1:34221 <-> DISABLED <-> SERVER-WEBAPP Barracuda Networks Web Filter index.cgi command injection attempt (server-webapp.rules)
 * 1:34222 <-> DISABLED <-> SERVER-WEBAPP Barracuda Networks Web Filter index.cgi command injection attempt (server-webapp.rules)
 * 1:34225 <-> DISABLED <-> PROTOCOL-FTP ProFTPD mod_copy remote code execution attempt (protocol-ftp.rules)
 * 1:34238 <-> DISABLED <-> SERVER-OTHER PHP zip_cdir_new function integer overflow file upload attempt (server-other.rules)
 * 1:34239 <-> DISABLED <-> SERVER-OTHER PHP zip_cdir_new function integer overflow file upload attempt (server-other.rules)
 * 1:34240 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34241 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34242 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34243 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34244 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34245 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34284 <-> DISABLED <-> SERVER-WEBAPP ESF pfSense firewall_rules cross site scripting attempt (server-webapp.rules)
 * 1:34285 <-> DISABLED <-> SERVER-WEBAPP ESF pfSense firewall_shaper cross site scripting attempt (server-webapp.rules)
 * 1:34300 <-> ENABLED <-> SERVER-WEBAPP D-Link multiple products HNAP SOAPAction header command injection attempt (server-webapp.rules)
 * 1:34343 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player XSPF integer overflow attempt (file-multimedia.rules)
 * 1:34344 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player XSPF integer overflow attempt (file-multimedia.rules)
 * 1:34349 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules)
 * 1:34350 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules)
 * 1:34351 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules)
 * 1:34352 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules)
 * 1:34353 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules)
 * 1:34358 <-> DISABLED <-> SERVER-WEBAPP Dell SonicWALL SonicOS macIpSpoofView cross site scripting attempt (server-webapp.rules)
 * 1:34359 <-> DISABLED <-> SERVER-WEBAPP ESF pfSense deletefile directory traversal attempt (server-webapp.rules)
 * 1:34360 <-> DISABLED <-> SERVER-WEBAPP ESF pfSense deletefile directory traversal attempt (server-webapp.rules)
 * 1:34361 <-> DISABLED <-> SERVER-WEBAPP ESF pfSense deletefile directory traversal attempt (server-webapp.rules)
 * 1:34363 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management GetStoredResult.class SQL injection attempt (server-webapp.rules)
 * 1:34364 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management rtrlet.class directory traversal attempt (server-webapp.rules)
 * 1:34373 <-> DISABLED <-> SERVER-OTHER PHP zip_cdir_new function integer overflow file download attempt (server-other.rules)
 * 1:34374 <-> DISABLED <-> SERVER-OTHER PHP zip_cdir_new function integer overflow file download attempt (server-other.rules)
 * 1:34375 <-> DISABLED <-> SERVER-OTHER PHP zip_cdir_new function integer overflow file download attempt (server-other.rules)
 * 1:34376 <-> DISABLED <-> SERVER-OTHER PHP zip_cdir_new function integer overflow file download attempt (server-other.rules)
 * 1:34426 <-> DISABLED <-> OS-WINDOWS Microsoft Windows cng.sys memory leak kernel ASLR bypass attempt (os-windows.rules)
 * 1:34427 <-> DISABLED <-> OS-WINDOWS Microsoft Windows cng.sys memory leak kernel ASLR bypass attempt (os-windows.rules)
 * 1:34447 <-> DISABLED <-> POLICY-OTHER ProFTPD mod_copy unauthenticated file copy attempt (policy-other.rules)
 * 1:34471 <-> ENABLED <-> SERVER-WEBAPP Symantec Critical System Protection directory traversal attempt (server-webapp.rules)
 * 1:34472 <-> DISABLED <-> SERVER-WEBAPP Symantec Critical System Protection SQL injection attempt (server-webapp.rules)
 * 1:34481 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (os-other.rules)
 * 1:34482 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (os-other.rules)
 * 1:34483 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (os-other.rules)
 * 1:34484 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (os-other.rules)
 * 1:34485 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (os-other.rules)
 * 1:34486 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (os-other.rules)
 * 1:34487 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (os-other.rules)
 * 1:34488 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (os-other.rules)
 * 1:34492 <-> DISABLED <-> FILE-FLASH Adobe Flash Player same origin policy security bypass attempt (file-flash.rules)
 * 1:34493 <-> DISABLED <-> FILE-FLASH Adobe Flash Player same origin policy security bypass attempt (file-flash.rules)
 * 1:34494 <-> DISABLED <-> FILE-FLASH Adobe Flash Player same origin policy security bypass attempt (file-flash.rules)
 * 1:34495 <-> DISABLED <-> FILE-FLASH Adobe Flash Player same origin policy security bypass attempt (file-flash.rules)
 * 1:34524 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader CoolType blend memory corruption attempt (file-pdf.rules)
 * 1:34525 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader CoolType blend memory corruption attempt (file-pdf.rules)
 * 1:34526 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader Cooltype callother memory corruption attempt (file-pdf.rules)
 * 1:34527 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader Cooltype callother memory corruption attempt (file-pdf.rules)
 * 1:34538 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ByteArray shading memory leak attempt (file-flash.rules)
 * 1:34539 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ByteArray shading memory leak attempt (file-flash.rules)
 * 1:34552 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader malformed shading modifier heap corruption attempt (file-pdf.rules)
 * 1:34569 <-> DISABLED <-> SERVER-WEBAPP Wordpress Creative Contact Form arbitrary PHP file upload attempt (server-webapp.rules)
 * 1:34577 <-> DISABLED <-> FILE-FLASH Adobe Flash Player uninitialized register memory leak attempt (file-flash.rules)
 * 1:34578 <-> DISABLED <-> FILE-FLASH Adobe Flash Player uninitialized register memory leak attempt (file-flash.rules)
 * 1:34579 <-> DISABLED <-> FILE-FLASH Adobe Flash Player uninitialized register memory leak attempt (file-flash.rules)
 * 1:34580 <-> DISABLED <-> FILE-FLASH Adobe Flash Player uninitialized register memory leak attempt (file-flash.rules)
 * 1:34584 <-> DISABLED <-> POLICY-OTHER Novell ZENworks Configuration Management session id disclosure attempt (policy-other.rules)
 * 1:34602 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management rtrlet.class directory traversal attempt (server-webapp.rules)
 * 1:34603 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules)
 * 1:34604 <-> DISABLED <-> SERVER-WEBAPP Visual Mining NetCharts saveFile.jsp directory traversal attempt (server-webapp.rules)
 * 1:34605 <-> DISABLED <-> SERVER-WEBAPP Visual Mining NetCharts saveFile.jsp directory traversal attempt (server-webapp.rules)
 * 1:34606 <-> DISABLED <-> SERVER-WEBAPP Visual Mining NetCharts saveFile.jsp directory traversal attempt (server-webapp.rules)
 * 1:34619 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management rtrlet.class directory traversal attempt (server-webapp.rules)
 * 1:34620 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management rtrlet.class directory traversal attempt (server-webapp.rules)
 * 1:34621 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management rtrlet.class directory traversal attempt (server-webapp.rules)
 * 1:34633 <-> DISABLED <-> SERVER-WEBAPP Visual Mining NetCharts projectContents.jsp directory traversal attempt (server-webapp.rules)
 * 1:34634 <-> DISABLED <-> SERVER-WEBAPP Visual Mining NetCharts projectContents.jsp directory traversal attempt (server-webapp.rules)
 * 1:34635 <-> DISABLED <-> SERVER-WEBAPP Visual Mining NetCharts projectContents.jsp directory traversal attempt (server-webapp.rules)
 * 1:34716 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Desktop Central FileUploadServlet directory traversal attempt (server-webapp.rules)
 * 1:34717 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Desktop Central FileUploadServlet directory traversal attempt (server-webapp.rules)
 * 1:34718 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Desktop Central FileUploadServlet directory traversal attempt (server-webapp.rules)
 * 1:34798 <-> DISABLED <-> SERVER-OTHER HP LoadRunner launcher.dll stack buffer overflow attempt (server-other.rules)
 * 1:34799 <-> ENABLED <-> SERVER-WEBAPP UPnP AddPortMapping SOAP action command injection attempt (server-webapp.rules)
 * 1:34803 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34804 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34805 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34806 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34845 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader setPageAction use after free attempt (file-pdf.rules)
 * 1:34846 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader setPageAction use after free attempt (file-pdf.rules)
 * 1:34890 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro u32ZLib.dll dll-load exploit attempt (file-other.rules)
 * 1:34891 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro u32Zlib.dll dll-load exploit attempt (file-other.rules)
 * 1:34892 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro quserex.dll dll-load exploit attempt (file-other.rules)
 * 1:34893 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro quserex.dll dll-load exploit attempt (file-other.rules)
 * 1:34894 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro FxManagedCommands dll-load exploit attempt (file-other.rules)
 * 1:34895 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro FxManagedCommands dll-load exploit attempt (file-other.rules)
 * 1:34896 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro TD_Mgd_3.08_9.dll dll-load exploit attempt (file-other.rules)
 * 1:34897 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro TD_Mgd_3.08_9.dll dll-load exploit attempt (file-other.rules)
 * 1:34898 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro wacommt.dll dll-load exploit attempt (file-other.rules)
 * 1:34899 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro wacommt.dll dll-load exploit attempt (file-other.rules)
 * 1:34900 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro igfxcmrt32.dll dll-load exploit attempt (file-other.rules)
 * 1:34901 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro igfxcmrt32.dll dll-load exploit attempt (file-other.rules)
 * 1:34902 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro ipl.dll dll-load exploit attempt (file-other.rules)
 * 1:34903 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro MSPStyleLib.dll dll-load exploit attempt (file-other.rules)
 * 1:34904 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro MSPStyleLib.dll dll-load exploit attempt (file-other.rules)
 * 1:34905 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uFioUtil.dll dll-load exploit attempt (file-other.rules)
 * 1:34906 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uFioUtil.dll dll-load exploit attempt (file-other.rules)
 * 1:34907 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uhDSPlay.dll dll-load exploit attempt (file-other.rules)
 * 1:34908 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uhDSPlay.dll dll-load exploit attempt (file-other.rules)
 * 1:34909 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uipl.dll dll-load exploit attempt (file-other.rules)
 * 1:34910 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uvipl.dll dll-load exploit attempt (file-other.rules)
 * 1:34911 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro VC1DecDll.dll dll-load exploit attempt (file-other.rules)
 * 1:34912 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro VC1DecDll.dll dll-load exploit attempt (file-other.rules)
 * 1:34913 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro VC1DecDll_SSE3.dll dll-load exploit attempt (file-other.rules)
 * 1:34914 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro VC1DecDll_SSE3.dll dll-load exploit attempt (file-other.rules)
 * 1:34915 <-> DISABLED <-> NETBIOS SMB Corel PaintShop Pro quserex.dll dll-load exploit attempt (netbios.rules)
 * 1:34916 <-> DISABLED <-> NETBIOS SMB Corel PaintShop Pro u32zlib.dll dll-load exploit attempt (netbios.rules)
 * 1:34938 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules)
 * 1:34939 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules)
 * 1:34940 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules)
 * 1:34941 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules)
 * 1:34942 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules)
 * 1:34943 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules)
 * 1:34999 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management queryid SQL injection attempt (server-webapp.rules)
 * 1:35000 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management queryid SQL injection attempt (server-webapp.rules)
 * 1:35014 <-> ENABLED <-> SERVER-WEBAPP Centreon GetXMLTrapsForVendor.php SQL injection attempt (server-webapp.rules)
 * 1:35015 <-> ENABLED <-> SERVER-WEBAPP Centreon GetXmlTree.php SQL injection attempt (server-webapp.rules)
 * 1:35016 <-> ENABLED <-> SERVER-WEBAPP Centreon cmdGetExample.php SQL injection attempt (server-webapp.rules)
 * 1:35017 <-> ENABLED <-> SERVER-WEBAPP Centreon makeXML_ListMetrics.php SQL injection attempt (server-webapp.rules)
 * 1:35032 <-> DISABLED <-> SERVER-WEBAPP LANDesk Management Suite remote file include attempt (server-webapp.rules)
 * 1:35033 <-> DISABLED <-> SERVER-WEBAPP LANDesk Management Suite remote file include attempt (server-webapp.rules)
 * 1:35048 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (file-flash.rules)
 * 1:35049 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (file-flash.rules)
 * 1:35077 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Applications Manager getMGList groupId SQL injection attempt (server-webapp.rules)
 * 1:35078 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Applications Manager getMGList groupId SQL injection attempt (server-webapp.rules)
 * 1:35079 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Applications Manager getMGList groupId SQL injection attempt (server-webapp.rules)
 * 1:35094 <-> DISABLED <-> FILE-OTHER Microsoft proxy autoconfig script system library import attempt (file-other.rules)
 * 1:35118 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Kerberos privilege escalation attempt (os-windows.rules)
 * 1:3518 <-> DISABLED <-> SERVER-MYSQL MaxDB WebSQL wppassword buffer overflow (server-mysql.rules)
 * 1:3519 <-> DISABLED <-> SERVER-MYSQL MaxDB WebSQL wppassword buffer overflow default port (server-mysql.rules)
 * 1:35253 <-> DISABLED <-> SERVER-OTHER LibreOffice Impress socket manager Use After Free attempt (server-other.rules)
 * 1:35279 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Applications Manager haid SQL injection attempt (server-webapp.rules)
 * 1:35280 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Applications Manager haid SQL injection attempt (server-webapp.rules)
 * 1:35281 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Applications Manager haid SQL injection attempt (server-webapp.rules)
 * 1:35314 <-> DISABLED <-> SERVER-APACHE Apache HTTP Server mod_proxy denial of service attempt (server-apache.rules)
 * 1:35364 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:35365 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:35366 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:35367 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:35372 <-> DISABLED <-> SERVER-WEBAPP WebUI mainfile.php command injection attempt (server-webapp.rules)
 * 1:35373 <-> DISABLED <-> SERVER-WEBAPP WebUI mainfile.php command injection attempt (server-webapp.rules)
 * 1:35374 <-> DISABLED <-> SERVER-WEBAPP WebUI mainfile.php command injection attempt (server-webapp.rules)
 * 1:35375 <-> DISABLED <-> SERVER-WEBAPP WebUI mainfile.php command injection attempt (server-webapp.rules)
 * 1:35399 <-> DISABLED <-> SERVER-WEBAPP WordPress MailChimp Subscribe Forms PHP Code Execution command injection attempt (server-webapp.rules)
 * 1:35406 <-> DISABLED <-> SERVER-APACHE Apache HTTP Server mod_status heap buffer overflow attempt (server-apache.rules)
 * 1:35413 <-> DISABLED <-> FILE-MULTIMEDIA Apple iLife iPhoto Photocast XML format string code injection attempt (file-multimedia.rules)
 * 1:35414 <-> DISABLED <-> FILE-MULTIMEDIA Apple iLife iPhoto Photocast XML format string code injection attempt (file-multimedia.rules)
 * 1:35417 <-> DISABLED <-> SERVER-OTHER Fortinet Single Sign On hello message denial of service attempt (server-other.rules)
 * 1:35418 <-> DISABLED <-> SERVER-OTHER Fortinet Single Sign On hello message denial of service attempt (server-other.rules)
 * 1:35427 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Applications Manager customerName SQL injection attempt (server-webapp.rules)
 * 1:35428 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Applications Manager customerName SQL injection attempt (server-webapp.rules)
 * 1:35429 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Applications Manager customerName SQL injection attempt (server-webapp.rules)
 * 1:35440 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (file-office.rules)
 * 1:35441 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (file-office.rules)
 * 1:35442 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (file-office.rules)
 * 1:35443 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (file-office.rules)
 * 1:35531 <-> DISABLED <-> SERVER-WEBAPP Apache HTTP server mod_cache denial of service attempt (server-webapp.rules)
 * 1:35532 <-> DISABLED <-> SERVER-WEBAPP Apache HTTP server mod_cache denial of service attempt (server-webapp.rules)
 * 1:35533 <-> DISABLED <-> SERVER-WEBAPP ManageEngine IT360 BSIntegInfoHandler resIds SQL injection attempt (server-webapp.rules)
 * 1:35534 <-> DISABLED <-> SERVER-WEBAPP ManageEngine IT360 BSIntegInfoHandler resIds SQL injection attempt (server-webapp.rules)
 * 1:35535 <-> DISABLED <-> SERVER-WEBAPP ManageEngine IT360 BSIntegInfoHandler resIds SQL injection attempt (server-webapp.rules)
 * 1:35541 <-> ENABLED <-> SERVER-OTHER EMC AutoStart ftagent SQL injection attempt (server-other.rules)
 * 1:35560 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime invalid stsd atom out of bounds read attempt (file-multimedia.rules)
 * 1:35677 <-> DISABLED <-> SERVER-WEBAPP Dell KACE Appliance KSudoClient privilege escalation attempt (server-webapp.rules)
 * 1:35678 <-> DISABLED <-> SERVER-WEBAPP Dell KACE Appliance downloadpxy.php directory traversal attempt (server-webapp.rules)
 * 1:35679 <-> DISABLED <-> SERVER-WEBAPP Dell KACE Appliance downloadpxy.php directory traversal attempt (server-webapp.rules)
 * 1:35680 <-> DISABLED <-> SERVER-WEBAPP Dell KACE Appliance downloadpxy.php directory traversal attempt (server-webapp.rules)
 * 1:35681 <-> DISABLED <-> SERVER-WEBAPP Dell KACE Appliance kbot_upload.php authentication bypass attempt (server-webapp.rules)
 * 1:35682 <-> DISABLED <-> SERVER-WEBAPP Dell KACE Appliance kbot_upload.php directory traversal attempt (server-webapp.rules)
 * 1:35683 <-> DISABLED <-> SERVER-WEBAPP Dell KACE Appliance kbot_upload.php directory traversal attempt (server-webapp.rules)
 * 1:35684 <-> DISABLED <-> SERVER-WEBAPP Dell KACE Appliance kbot_upload.php directory traversal attempt (server-webapp.rules)
 * 1:35701 <-> DISABLED <-> SERVER-WEBAPP ManageEngine OpManager agentKey SQL injection attempt (server-webapp.rules)
 * 1:35702 <-> DISABLED <-> SERVER-WEBAPP ManageEngine OpManager agentKey SQL injection attempt (server-webapp.rules)
 * 1:35703 <-> DISABLED <-> SERVER-WEBAPP ManageEngine OpManager agentKey SQL injection attempt (server-webapp.rules)
 * 1:35704 <-> DISABLED <-> SERVER-WEBAPP Maarch LetterBox arbitrary PHP file upload attempt (server-webapp.rules)
 * 1:35734 <-> DISABLED <-> SERVER-WEBAPP Netgear WNDR4700 and R6200 admin interface authentication bypass attempt (server-webapp.rules)
 * 1:35763 <-> DISABLED <-> SERVER-OTHER gnuTLS _asn1_extract_der_octet memory error inbound malicious server dos attempt (server-other.rules)
 * 1:35764 <-> DISABLED <-> SERVER-OTHER gnuTLS _asn1_extract_der_octet memory error inbound malicious server dos attempt (server-other.rules)
 * 1:35765 <-> DISABLED <-> SERVER-OTHER gnuTLS _asn1_extract_der_octet memory error inbound malicious client dos attempt (server-other.rules)
 * 1:35766 <-> DISABLED <-> SERVER-OTHER gnuTLS _asn1_extract_der_octet memory error inbound malicious client dos attempt (server-other.rules)
 * 1:35857 <-> DISABLED <-> FILE-OTHER Microsoft System.Uri heap corruption attempt (file-other.rules)
 * 1:35858 <-> DISABLED <-> FILE-OTHER Microsoft System.Uri heap corruption attempt (file-other.rules)
 * 1:35939 <-> DISABLED <-> FILE-MULTIMEDIA PLF playlist name buffer overflow attempt (file-multimedia.rules)
 * 1:35940 <-> DISABLED <-> SERVER-WEBAPP PHP phar_parse_tarfile method integer overflow attempt (server-webapp.rules)
 * 1:35944 <-> ENABLED <-> SERVER-MAIL IBM Domino BMP color palette stack buffer overflow attempt (server-mail.rules)
 * 1:36025 <-> DISABLED <-> SERVER-OTHER Digium Asterisk TLS Certificate Common Name null byte validation bypass attempt (server-other.rules)
 * 1:36059 <-> DISABLED <-> SERVER-WEBAPP PHP CDF file handling infinite loop dos attempt (server-webapp.rules)
 * 1:36061 <-> DISABLED <-> SERVER-OTHER SAP SQL Anywhere .NET malformed integer buffer overflow attempt (server-other.rules)
 * 1:36154 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray domainMemory use after free attempt (file-flash.rules)
 * 1:36155 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray domainMemory use after free attempt (file-flash.rules)
 * 1:36156 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray domainMemory use after free attempt (file-flash.rules)
 * 1:36157 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray domainMemory use after free attempt (file-flash.rules)
 * 1:36191 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:36192 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:36197 <-> DISABLED <-> SERVER-WEBAPP nginx SMTP proxy STARTTLS plaintext command injection attempt (server-webapp.rules)
 * 1:36261 <-> DISABLED <-> SERVER-WEBAPP PHP fileinfo cdf_read_property_info denial of service attempt (server-webapp.rules)
 * 1:36262 <-> DISABLED <-> SERVER-WEBAPP PHP fileinfo cdf_read_property_info denial of service attempt (server-webapp.rules)
 * 1:36375 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Management Framework Endpoint default HTTP password authentication attempt (server-other.rules)
 * 1:36376 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Management Framework lcfd endpoint daemon buffer overflow attempt (server-other.rules)
 * 1:36383 <-> DISABLED <-> OS-WINDOWS Microsoft Windows FlattenPath paged memory consumption privilege escalation attempt (os-windows.rules)
 * 1:36384 <-> DISABLED <-> OS-WINDOWS Microsoft Windows FlattenPath paged memory consumption privilege escalation attempt (os-windows.rules)
 * 1:36461 <-> DISABLED <-> SERVER-OTHER Novell eDirectory DHost sadminpwd buffer overflow attempt (server-other.rules)
 * 1:36462 <-> DISABLED <-> SERVER-OTHER Novell eDirectory DHost verifypwd buffer overflow attempt (server-other.rules)
 * 1:36493 <-> DISABLED <-> SERVER-OTHER Squid snmphandleUDP off-by-one buffer overflow attempt (server-other.rules)
 * 1:36507 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:36508 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:36509 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:36510 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:36527 <-> ENABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:36528 <-> ENABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:36529 <-> ENABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:36530 <-> ENABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:36544 <-> DISABLED <-> SERVER-WEBAPP pChart script parameter directory traversal attempt (server-webapp.rules)
 * 1:36562 <-> DISABLED <-> OS-WINDOWS Microsoft Windows cng.sys memory leak kernel ASLR bypass attempt (os-windows.rules)
 * 1:36563 <-> DISABLED <-> OS-WINDOWS Microsoft Windows cng.sys memory leak kernel ASLR bypass attempt (os-windows.rules)
 * 1:36564 <-> DISABLED <-> FILE-MULTIMEDIA libav LZO integer overflow attempt (file-multimedia.rules)
 * 1:36565 <-> DISABLED <-> FILE-MULTIMEDIA libav LZO integer overflow attempt (file-multimedia.rules)
 * 1:36596 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Kerberos privilege escalation attempt (os-windows.rules)
 * 1:36613 <-> DISABLED <-> SERVER-WEBAPP McAfee Cloud Single Sign ExtensionAccessServlet directory traversal attempt (server-webapp.rules)
 * 1:36614 <-> DISABLED <-> SERVER-WEBAPP McAfee Cloud Single Sign ExtensionAccessServlet directory traversal attempt (server-webapp.rules)
 * 1:36658 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules)
 * 1:36659 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules)
 * 1:36660 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules)
 * 1:36661 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules)
 * 1:36784 <-> DISABLED <-> POLICY-OTHER Symantec LiveUpdate forcepasswd.do insecure password change attempt (policy-other.rules)
 * 1:36823 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack Server buffer overflow attempt (server-other.rules)
 * 1:36854 <-> DISABLED <-> FILE-OTHER IDEAL Administration IPJ file handling stack overflow attempt (file-other.rules)
 * 1:36855 <-> ENABLED <-> FILE-OTHER Wireshark DECT packet dissector overflow attempt (file-other.rules)
 * 1:36885 <-> DISABLED <-> FILE-PDF Adobe Acrobat font parsing integer overflow attempt (file-pdf.rules)
 * 1:36886 <-> DISABLED <-> FILE-PDF Adobe Acrobat font parsing integer overflow attempt (file-pdf.rules)
 * 1:36900 <-> DISABLED <-> SERVER-WEBAPP Oracle BeeHive showRecxml.jsp directory traversal attempt (server-webapp.rules)
 * 1:36901 <-> DISABLED <-> SERVER-WEBAPP Oracle BeeHive showRecxml.jsp directory traversal attempt (server-webapp.rules)
 * 1:36902 <-> DISABLED <-> SERVER-WEBAPP Oracle BeeHive showRecxml.jsp directory traversal attempt (server-webapp.rules)
 * 1:37025 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (policy-other.rules)
 * 1:37026 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (policy-other.rules)
 * 1:37096 <-> DISABLED <-> SERVER-WEBAPP Joomla Component com_gmaps SQL injection attempt (server-webapp.rules)
 * 1:37097 <-> DISABLED <-> SERVER-WEBAPP Joomla Component com_gmaps SQL injection attempt (server-webapp.rules)
 * 1:37098 <-> DISABLED <-> SERVER-WEBAPP Joomla Component com_gmaps SQL injection attempt (server-webapp.rules)
 * 1:37099 <-> DISABLED <-> SERVER-WEBAPP Joomla Component com_gmaps SQL injection attempt (server-webapp.rules)
 * 1:37133 <-> DISABLED <-> SERVER-WEBAPP Joomla com_youtubegallery module SQL injection attempt (server-webapp.rules)
 * 1:37134 <-> DISABLED <-> SERVER-WEBAPP Joomla com_youtubegallery module SQL injection attempt (server-webapp.rules)
 * 1:37148 <-> DISABLED <-> SERVER-WEBAPP WordPress Gallery Objects Plugin viewid SQL injection attempt (server-webapp.rules)
 * 1:37242 <-> ENABLED <-> SERVER-WEBAPP D-Link DCS-900 Series Network Camera arbitrary file upload attempt (server-webapp.rules)
 * 1:37362 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher 2007 conversion library code execution attempt (file-office.rules)
 * 1:37363 <-> DISABLED <-> SERVER-OTHER Java Library SpringFramework unauthorized serialized object attempt (server-other.rules)
 * 1:37627 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray domainMemory use after free attempt (file-flash.rules)
 * 1:37628 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray domainMemory use after free attempt (file-flash.rules)
 * 1:37664 <-> ENABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:37665 <-> ENABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:37690 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid object reference code execution attempt (file-flash.rules)
 * 1:37802 <-> DISABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster integer overflow attempt (file-java.rules)
 * 1:37803 <-> DISABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster integer overflow attempt (file-java.rules)
 * 1:37804 <-> DISABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster integer overflow attempt (file-java.rules)
 * 1:37805 <-> DISABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster integer overflow attempt (file-java.rules)
 * 1:37828 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:37829 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:37830 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (file-other.rules)
 * 1:37831 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (file-other.rules)
 * 1:37832 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (file-other.rules)
 * 1:37833 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (file-other.rules)
 * 1:37854 <-> DISABLED <-> SERVER-WEBAPP D-Link DSL router cross site scripting attempt (server-webapp.rules)
 * 1:37855 <-> DISABLED <-> SERVER-WEBAPP D-Link DSL router cross site scripting attempt (server-webapp.rules)
 * 1:37856 <-> DISABLED <-> SERVER-WEBAPP D-Link DSL router cross site scripting attempt (server-webapp.rules)
 * 1:37857 <-> DISABLED <-> SERVER-WEBAPP D-Link DSL router cross site scripting attempt (server-webapp.rules)
 * 1:37912 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (policy-other.rules)
 * 1:37913 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (policy-other.rules)
 * 1:37914 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (policy-other.rules)
 * 1:37915 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (policy-other.rules)
 * 1:37916 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (policy-other.rules)
 * 1:37934 <-> DISABLED <-> PROTOCOL-FTP Computer Associates eTrust Secure Content Manager LIST stack overflow attempt (protocol-ftp.rules)
 * 1:37937 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:37938 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:37939 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:37940 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:37941 <-> DISABLED <-> SERVER-WEBAPP AlienVault OSSIM a_deployment.php command injection attempt (server-webapp.rules)
 * 1:37942 <-> DISABLED <-> SERVER-WEBAPP AlienVault OSSIM a_deployment.php command injection attempt (server-webapp.rules)
 * 1:37943 <-> DISABLED <-> SERVER-WEBAPP AlienVault OSSIM a_deployment.php command injection attempt (server-webapp.rules)
 * 1:38012 <-> DISABLED <-> SERVER-WEBAPP Alienvault OSSIM graph_geoloc.php SQL injection attempt (server-webapp.rules)
 * 1:38189 <-> DISABLED <-> FILE-FLASH Adobe Flash Player si32 integer overflow attempt (file-flash.rules)
 * 1:38190 <-> DISABLED <-> FILE-FLASH Adobe Flash Player si32 integer overflow attempt (file-flash.rules)
 * 1:38191 <-> ENABLED <-> FILE-FLASH Adobe Flash Player si32 integer overflow attempt (file-flash.rules)
 * 1:38192 <-> ENABLED <-> FILE-FLASH Adobe Flash Player si32 integer overflow attempt (file-flash.rules)
 * 1:38229 <-> DISABLED <-> SERVER-WEBAPP Wordpress Simple Ads Manager sam-ajax-admin.php directory traversal attempt (server-webapp.rules)
 * 1:38266 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word HTML linked objects memory corruption attempt (file-office.rules)
 * 1:38267 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word HTML linked objects memory corruption attempt (file-office.rules)
 * 1:3827 <-> DISABLED <-> SERVER-WEBAPP PHP xmlrpc.php post attempt (server-webapp.rules)
 * 1:38272 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word formatted disk pages table memory corruption attempt (file-office.rules)
 * 1:38273 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word formatted disk pages table memory corruption attempt (file-office.rules)
 * 1:38274 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word formatted disk pages table memory corruption attempt (file-office.rules)
 * 1:38351 <-> DISABLED <-> SERVER-WEBAPP Cisco Prime Data Center Network Manager processImageSave.jsp directory traversal attempt (server-webapp.rules)
 * 1:38897 <-> DISABLED <-> FILE-OTHER Adobe Illustrator CS4 aires.dll dll-load exploit attempt (file-other.rules)
 * 1:38898 <-> DISABLED <-> FILE-OTHER Adobe Illustrator CS4 aires.dll dll-load exploit attempt (file-other.rules)
 * 1:38964 <-> DISABLED <-> POLICY-OTHER VMware vCenter Chargeback Manager ImageUploadServlet arbitrary JSP file upload attempt (policy-other.rules)
 * 1:38965 <-> DISABLED <-> SERVER-WEBAPP VMware vCenter Chargeback Manager ImageUploadServlet arbitrary JSP file upload attempt (server-webapp.rules)
 * 1:39391 <-> DISABLED <-> PROTOCOL-SCADA 3S CoDeSys Gateway Server stack buffer overflow attempt (protocol-scada.rules)
 * 1:41907 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (policy-other.rules)
 * 1:43674 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word SmartTag record code execution attempt (file-office.rules)
 * 1:43675 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word SmartTag record code execution attempt (file-office.rules)
 * 1:45399 <-> DISABLED <-> FILE-OTHER Adobe Photoshop asset elements stack based buffer overflow attempt (file-other.rules)
 * 1:4637 <-> DISABLED <-> SERVER-OTHER MailEnable HTTPMail buffer overflow attempt (server-other.rules)
 * 1:46482 <-> ENABLED <-> MALWARE-CNC Installation Keylogger Osx.Trojan.Mokes data exfiltration (malware-cnc.rules)
 * 1:46640 <-> DISABLED <-> INDICATOR-COMPROMISE Win.Worm.Brontok outbound HTTP request attempt (indicator-compromise.rules)
 * 1:46641 <-> DISABLED <-> INDICATOR-COMPROMISE Win.Worm.Brontok outbound HTTP request attempt (indicator-compromise.rules)
 * 1:46642 <-> ENABLED <-> MALWARE-CNC Win.Worm.Brontok user-agent outbound connection (malware-cnc.rules)
 * 1:47032 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MPEG stream padding buffer overflow attempt (file-multimedia.rules)
 * 1:47033 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MPEG stream padding buffer overflow attempt (file-multimedia.rules)
 * 1:47744 <-> DISABLED <-> SERVER-WEBAPP Quest DR Series Disk Backup CustomerPortalService.pm command injection attempt (server-webapp.rules)
 * 1:494 <-> DISABLED <-> INDICATOR-COMPROMISE command completed (indicator-compromise.rules)
 * 1:604 <-> DISABLED <-> PROTOCOL-SERVICES Unix rlogin froot parameter root access attempt (protocol-services.rules)
 * 1:7722 <-> DISABLED <-> MALWARE-CNC prorat 1.9 cgi notification detection (malware-cnc.rules)
 * 1:8085 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager connectedNodes.ovpl command injection attempt (server-webapp.rules)
 * 1:8086 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager cdpView.ovpl command injection attempt (server-webapp.rules)
 * 1:8087 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager freeIPaddrs.ovpl command injection attempt (server-webapp.rules)
 * 1:8088 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager connectedNodes.ovpl command injection attempt (server-webapp.rules)
 * 1:8089 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager cdpView.ovpl command injection attempt (server-webapp.rules)
 * 1:8090 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager freeIPaddrs.ovpl command injection attempt (server-webapp.rules)
 * 1:8734 <-> DISABLED <-> SERVER-WEBAPP Pajax call_dispatcher className directory traversal attempt (server-webapp.rules)
 * 1:9620 <-> DISABLED <-> SERVER-WEBAPP Pajax call_dispatcher remote code execution attempt (server-webapp.rules)

2018-09-18 14:19:43 UTC

Snort Subscriber Rules Update

Date: 2018-09-18

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091100.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:47843 <-> ENABLED <-> MALWARE-CNC Java.Trojan.Adwind variant outbound connection (malware-cnc.rules)
 * 1:47819 <-> DISABLED <-> SERVER-WEBAPP SoftNAS StorageCenter snserv.php command injection attempt (server-webapp.rules)
 * 1:47834 <-> DISABLED <-> FILE-FLASH Adobe Flash Player COM server BrokerCreateFile sandbox escape attempt (file-flash.rules)
 * 1:47838 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro SGI RGB run-length encoding out of bounds read attempt (file-image.rules)
 * 1:47817 <-> DISABLED <-> SERVER-WEBAPP SoftNAS StorageCenter snserv.php command injection attempt (server-webapp.rules)
 * 1:47814 <-> DISABLED <-> SERVER-WEBAPP CloudByte ElastiStor imageUploadServlet directory traversal attempt (server-webapp.rules)
 * 1:47812 <-> DISABLED <-> SERVER-WEBAPP CloudByte ElastiStor imageUploadServlet arbitrary JSP file upload attempt (server-webapp.rules)
 * 1:47815 <-> DISABLED <-> SERVER-WEBAPP CloudByte ElastiStor LicenseServlet directory traversal attempt (server-webapp.rules)
 * 1:47818 <-> DISABLED <-> SERVER-WEBAPP SoftNAS StorageCenter snserv.php command injection attempt (server-webapp.rules)
 * 1:47850 <-> ENABLED <-> OS-WINDOWS Microsoft Windows SystemCollector privilege escalation attempt (os-windows.rules)
 * 1:47844 <-> ENABLED <-> MALWARE-OTHER Win.Downloader.DDECmdExec variant download (malware-other.rules)
 * 1:47829 <-> ENABLED <-> SERVER-OTHER JBoss Richfaces expression language injection attempt (server-other.rules)
 * 1:47825 <-> ENABLED <-> MALWARE-CNC Win.Trojan.njrat njRAT trojan variant download (malware-cnc.rules)
 * 1:47813 <-> DISABLED <-> SERVER-WEBAPP CloudByte ElastiStor imageUploadServlet directory traversal attempt (server-webapp.rules)
 * 1:47833 <-> DISABLED <-> FILE-FLASH Adobe Flash Player COM server BrokerCreateFile sandbox escape attempt (file-flash.rules)
 * 1:47848 <-> ENABLED <-> MALWARE-OTHER Win.Downloader.DDECmdExec variant download (malware-other.rules)
 * 1:47830 <-> DISABLED <-> POLICY-OTHER phpmyadmin external SQL query detected (policy-other.rules)
 * 1:47835 <-> ENABLED <-> MALWARE-CNC Win.Trojan.DownloadGuide variant outbound traffic (malware-cnc.rules)
 * 1:47816 <-> DISABLED <-> SERVER-WEBAPP CloudByte ElastiStor LicenseServlet arbitrary JSP file upload attempt (server-webapp.rules)
 * 1:47847 <-> ENABLED <-> MALWARE-OTHER Win.Downloader.DDECmdExec variant download (malware-other.rules)
 * 1:47828 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat EmfPlusDrawImagePoints out of bounds read attempt (file-image.rules)
 * 1:47831 <-> DISABLED <-> SERVER-WEBAPP phpmyadmin post-authentication local file inclusion attempt (server-webapp.rules)
 * 1:47836 <-> ENABLED <-> MALWARE-CNC Win.Trojan.DownloadGuide variant outbound traffic (malware-cnc.rules)
 * 1:47824 <-> ENABLED <-> MALWARE-CNC Win.Trojan.njrat njRAT trojan variant download (malware-cnc.rules)
 * 1:47839 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro SGI RGB run-length encoding out of bounds read attempt (file-image.rules)
 * 1:47821 <-> DISABLED <-> SERVER-OTHER OpenSSL invalid Diffie-Hellman parameter NULL pointer dereference attempt (server-other.rules)
 * 1:47849 <-> ENABLED <-> MALWARE-OTHER Win.Downloader.DDECmdExec variant download (malware-other.rules)
 * 1:47822 <-> ENABLED <-> MALWARE-CNC Win.Trojan.njrat njRAT trojan outbound attempt (malware-cnc.rules)
 * 1:47820 <-> DISABLED <-> SERVER-OTHER OpenSSL invalid Diffie-Hellman parameter NULL pointer dereference attempt (server-other.rules)
 * 1:47837 <-> ENABLED <-> MALWARE-CNC Win.Trojan.DownloadGuide variant outbound traffic (malware-cnc.rules)
 * 1:47823 <-> ENABLED <-> MALWARE-CNC Win.Trojan.njrat njRAT trojan variant download (malware-cnc.rules)
 * 1:47832 <-> DISABLED <-> SERVER-WEBAPP WordPress Responsive Thumbnail Slider arbitrary PHP file upload attempt (server-webapp.rules)
 * 1:47851 <-> ENABLED <-> OS-WINDOWS Microsoft Windows SystemCollector privilege escalation attempt (os-windows.rules)
 * 1:47826 <-> ENABLED <-> MALWARE-CNC Win.Trojan.njrat njRAT trojan variant download (malware-cnc.rules)
 * 1:47845 <-> ENABLED <-> MALWARE-OTHER Win.Downloader.DDECmdExec variant download (malware-other.rules)
 * 1:47827 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat EmfPlusDrawImagePoints out of bounds read attempt (file-image.rules)
 * 1:47846 <-> ENABLED <-> MALWARE-OTHER Win.Downloader.DDECmdExec variant download (malware-other.rules)
 * 3:47840 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0680 attack attempt (file-other.rules)
 * 3:47841 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0680 attack attempt (file-other.rules)
 * 3:47842 <-> ENABLED <-> PROTOCOL-DNS TRUFFLEHUNTER TALOS-2018-0681 attack attempt (protocol-dns.rules)

Modified Rules:


 * 1:31696 <-> DISABLED <-> SERVER-WEBAPP Jira Issue Collector Plugin directory traversal attempt (server-webapp.rules)
 * 1:31729 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Password Manager MetadataServlet SQL injection attempt (server-webapp.rules)
 * 1:31697 <-> DISABLED <-> SERVER-WEBAPP Jira Issue Collector Plugin directory traversal attempt (server-webapp.rules)
 * 1:31698 <-> DISABLED <-> SERVER-WEBAPP Jira Issue Collector Plugin directory traversal attempt (server-webapp.rules)
 * 1:31728 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Desktop Central LinkViewFetchServlet SQL injection attempt (server-webapp.rules)
 * 1:31730 <-> DISABLED <-> SERVER-WEBAPP Symantec Web Gateway dbutils.php SQL injection attempt (server-webapp.rules)
 * 1:31731 <-> DISABLED <-> SERVER-WEBAPP Symantec Web Gateway dbutils.php SQL injection attempt (server-webapp.rules)
 * 1:31743 <-> DISABLED <-> SERVER-WEBAPP Wordpress WPTouch file upload remote code execution attempt (server-webapp.rules)
 * 1:31745 <-> DISABLED <-> SERVER-WEBAPP vTiger CRM install module command injection attempt (server-webapp.rules)
 * 1:31747 <-> DISABLED <-> SERVER-WEBAPP Gitlab ssh key upload command injection attempt (server-webapp.rules)
 * 1:31764 <-> DISABLED <-> SERVER-OTHER MIT Kerberos KDC TGS request cross-realm referral null pointer dereference denial of service attempt (server-other.rules)
 * 1:31765 <-> DISABLED <-> SERVER-OTHER MIT Kerberos KDC TGS request cross-realm referral null pointer dereference denial of service attempt (server-other.rules)
 * 1:31771 <-> DISABLED <-> SERVER-WEBAPP SolarWinds Storage Manager directory traversal attempt (server-webapp.rules)
 * 1:31798 <-> DISABLED <-> SERVER-WEBAPP HP Network Virtualization storedNtxFile directory traversal attempt (server-webapp.rules)
 * 1:31818 <-> DISABLED <-> SERVER-WEBAPP ManageEngine DesktopCentral statusUpdate servlet directory traversal attempt (server-webapp.rules)
 * 1:31819 <-> DISABLED <-> SERVER-WEBAPP HP Network Virtualization toServerObject directory traversal attempt (server-webapp.rules)
 * 1:31823 <-> ENABLED <-> SERVER-WEBAPP AlienVault OSSIM remote_task command injection attempt (server-webapp.rules)
 * 1:31838 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Eventlog Analyzer directory traversal attempt (server-webapp.rules)
 * 1:31846 <-> DISABLED <-> POLICY-OTHER HP Universal CMDB default credentials authentication attempt (policy-other.rules)
 * 1:31851 <-> DISABLED <-> PROTOCOL-SNMP Arris DG950A 128 bit WEP key enumeration attempt (protocol-snmp.rules)
 * 1:31852 <-> DISABLED <-> PROTOCOL-SNMP Arris DG950A 64 bit WEP key enumeration attempt (protocol-snmp.rules)
 * 1:31853 <-> DISABLED <-> PROTOCOL-SNMP Arris DG950A WPA key enumeration attempt (protocol-snmp.rules)
 * 1:31854 <-> DISABLED <-> PROTOCOL-SNMP Multiple Products 128 bit WEP key enumeration attempt (protocol-snmp.rules)
 * 1:31855 <-> DISABLED <-> PROTOCOL-SNMP Multiple Products 64 bit WEP key enumeration attempt (protocol-snmp.rules)
 * 1:31856 <-> DISABLED <-> PROTOCOL-SNMP Multiple Products WPA key enumeration attempt (protocol-snmp.rules)
 * 1:31877 <-> DISABLED <-> SERVER-OTHER HP Application Life Cycle Management ActiveX arbitrary code execution attempt (server-other.rules)
 * 1:31878 <-> DISABLED <-> SERVER-OTHER HP Application Life Cycle Management ActiveX arbitrary code execution attempt (server-other.rules)
 * 1:31879 <-> DISABLED <-> SERVER-OTHER HP Application Life Cycle Management ActiveX arbitrary code execution attempt (server-other.rules)
 * 1:31880 <-> DISABLED <-> SERVER-OTHER HP Application Life Cycle Management ActiveX arbitrary code execution attempt (server-other.rules)
 * 1:31881 <-> DISABLED <-> SERVER-OTHER HP Application Life Cycle Management ActiveX arbitrary code execution attempt (server-other.rules)
 * 1:31882 <-> DISABLED <-> SERVER-OTHER HP Application Life Cycle Management ActiveX arbitrary code execution attempt (server-other.rules)
 * 1:31889 <-> DISABLED <-> SERVER-MAIL Exim Dovecot LDA sender_address command injection attempt (server-mail.rules)
 * 1:31890 <-> DISABLED <-> SERVER-MAIL Exim Dovecot LDA sender_address command injection attempt (server-mail.rules)
 * 1:31892 <-> DISABLED <-> SERVER-WEBAPP HybridAuth install.php code injection attempt (server-webapp.rules)
 * 1:31912 <-> DISABLED <-> SERVER-WEBAPP cPanel 9.01 multiple URI parameters cross site scripting attempt (server-webapp.rules)
 * 1:31942 <-> DISABLED <-> SERVER-WEBAPP Novell GroupWise Admin Service FileUploadServlet directory traversal attempt (server-webapp.rules)
 * 1:31945 <-> DISABLED <-> SERVER-WEBAPP PhpWiki Ploticus plugin command injection attempt (server-webapp.rules)
 * 1:31956 <-> DISABLED <-> SERVER-WEBAPP Rejetto HttpFileServer command injection attempt (server-webapp.rules)
 * 1:31986 <-> ENABLED <-> FILE-OTHER Wireshark MPEG dissector stack buffer overflow attempt (file-other.rules)
 * 1:31987 <-> ENABLED <-> FILE-OTHER Wireshark MPEG dissector stack buffer overflow attempt (file-other.rules)
 * 1:32014 <-> DISABLED <-> SERVER-WEBAPP GetSimpleCMS arbitrary PHP code execution attempt (server-webapp.rules)
 * 1:32044 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Eventlog Analyzer directory traversal attempt (server-webapp.rules)
 * 1:32056 <-> DISABLED <-> SERVER-WEBAPP ManageEngine FileCollector servlet directory traversal attempt (server-webapp.rules)
 * 1:32057 <-> DISABLED <-> SERVER-WEBAPP ManageEngine multipartRequest servlet directory traversal attempt (server-webapp.rules)
 * 1:32059 <-> ENABLED <-> PROTOCOL-SCADA KingSCADA Alarm Server stack buffer overflow attempt (protocol-scada.rules)
 * 1:32068 <-> DISABLED <-> POLICY-OTHER SolarWinds Log and Event Manager default credentials authentication attempt (policy-other.rules)
 * 1:32076 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 1091 directory traversal attempt (server-other.rules)
 * 1:32084 <-> ENABLED <-> SERVER-OTHER HP Network Node Manager ovopi.dll buffer overflow attempt (server-other.rules)
 * 1:32085 <-> ENABLED <-> SERVER-OTHER HP Network Node Manager ovopi.dll buffer overflow attempt (server-other.rules)
 * 1:32092 <-> DISABLED <-> POLICY-OTHER ManageEngine DeviceExpert user credentials enumeration attempt (policy-other.rules)
 * 1:32109 <-> DISABLED <-> SERVER-WEBAPP Easy File Management stack buffer overflow attempt (server-webapp.rules)
 * 1:32149 <-> DISABLED <-> FILE-OTHER Microsoft System.Uri heap corruption attempt (file-other.rules)
 * 1:32150 <-> DISABLED <-> FILE-OTHER Microsoft System.Uri heap corruption attempt (file-other.rules)
 * 1:32151 <-> DISABLED <-> FILE-OTHER Microsoft System.Uri heap corruption attempt (file-other.rules)
 * 1:32152 <-> DISABLED <-> FILE-OTHER Microsoft System.Uri heap corruption attempt (file-other.rules)
 * 1:32199 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 305 directory traversal attempt (server-other.rules)
 * 1:32232 <-> ENABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:32233 <-> ENABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:32234 <-> ENABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:32235 <-> ENABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:32276 <-> DISABLED <-> SERVER-WEBAPP WordPress Infusionsoft Gravity Forms Plugin arbitrary code execution attempt (server-webapp.rules)
 * 1:32323 <-> DISABLED <-> SERVER-WEBAPP WordPress Custom Contact Forms plugin SQL export attempt (server-webapp.rules)
 * 1:32324 <-> DISABLED <-> SERVER-WEBAPP WordPress Custom Contact Forms plugin arbitrary SQL execution attempt (server-webapp.rules)
 * 1:32337 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader pattern object memory corruption attempt (file-pdf.rules)
 * 1:32342 <-> ENABLED <-> SERVER-OTHER AlienVault OSSIM framework backup_restore action command injection attempt (server-other.rules)
 * 1:32346 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 1091 directory traversal attempt (server-other.rules)
 * 1:32347 <-> DISABLED <-> SERVER-WEBAPP ManageEngine FileCollector servlet directory traversal attempt (server-webapp.rules)
 * 1:32348 <-> DISABLED <-> SERVER-WEBAPP ManageEngine FileCollector servlet directory traversal attempt (server-webapp.rules)
 * 1:32349 <-> DISABLED <-> SERVER-WEBAPP ManageEngine FileCollector servlet directory traversal attempt (server-webapp.rules)
 * 1:32350 <-> DISABLED <-> SERVER-WEBAPP ManageEngine multipartRequest servlet directory traversal attempt (server-webapp.rules)
 * 1:32351 <-> DISABLED <-> SERVER-WEBAPP ManageEngine multipartRequest servlet directory traversal attempt (server-webapp.rules)
 * 1:32352 <-> ENABLED <-> SERVER-WEBAPP Centreon displayServiceStatus.php command injection attempt (server-webapp.rules)
 * 1:32369 <-> DISABLED <-> PROTOCOL-ICMP FreeBSD rtsold dname_labeldec stack buffer overflow attempt (protocol-icmp.rules)
 * 1:32370 <-> DISABLED <-> SERVER-OTHER AOL Instant Messenger goaway message buffer overflow attempt (server-other.rules)
 * 1:32371 <-> ENABLED <-> SERVER-OTHER HP Network Node Manager ovopi.dll buffer overflow attempt (server-other.rules)
 * 1:32377 <-> DISABLED <-> FILE-OFFICE Microsoft Office invalid MS-OGRAPH DataFormat buffer overflow attempt (file-office.rules)
 * 1:32381 <-> DISABLED <-> SERVER-OTHER OpenSSL DTLS SRTP extension parsing denial-of-service attempt (server-other.rules)
 * 1:32382 <-> DISABLED <-> SERVER-OTHER OpenSSL DTLS SRTP extension parsing denial-of-service attempt (server-other.rules)
 * 1:32403 <-> ENABLED <-> SERVER-OTHER HP Network Node Manager ovopi.dll buffer overflow attempt (server-other.rules)
 * 1:32526 <-> DISABLED <-> POLICY-OTHER Visual Mining NetCharts default credentials authentication attempt (policy-other.rules)
 * 1:32527 <-> DISABLED <-> SERVER-WEBAPP Visual Mining NetCharts directory traversal attempt (server-webapp.rules)
 * 1:32528 <-> DISABLED <-> SERVER-WEBAPP Visual Mining NetCharts directory traversal attempt (server-webapp.rules)
 * 1:32530 <-> ENABLED <-> SERVER-OTHER HP Network Node Manager ovopi.dll buffer overflow attempt (server-other.rules)
 * 1:32563 <-> DISABLED <-> SERVER-WEBAPP Visual Mining NetCharts arbitrary file upload attempt (server-webapp.rules)
 * 1:32581 <-> DISABLED <-> SERVER-WEBAPP Mantis Bug Tracker XmlImportExport plugin PHP code injection attempt (server-webapp.rules)
 * 1:32582 <-> DISABLED <-> SERVER-WEBAPP Mantis Bug Tracker XmlImportExport plugin PHP code injection attempt (server-webapp.rules)
 * 1:32601 <-> DISABLED <-> SERVER-OTHER Hikvision DVR RTSP request buffer overflow attempt (server-other.rules)
 * 1:32602 <-> DISABLED <-> POLICY-OTHER ManageEngine Eventlog Analyzer credential disclosure attempt (policy-other.rules)
 * 1:32603 <-> DISABLED <-> POLICY-OTHER ManageEngine Eventlog Analyzer information disclosure attempt (policy-other.rules)
 * 1:32619 <-> DISABLED <-> FILE-OTHER MostGear EasyLanFolderShare serial key overflow attempt (file-other.rules)
 * 1:32620 <-> DISABLED <-> FILE-OTHER MostGear EasyLanFolderShare serial key overflow attempt (file-other.rules)
 * 1:32628 <-> ENABLED <-> SERVER-OTHER HP Network Node Manager ovopi.dll buffer overflow attempt (server-other.rules)
 * 1:32729 <-> DISABLED <-> POLICY-OTHER HP Network Node Manager ovopi.dll command 685 insecure pointer dereference attempt (policy-other.rules)
 * 1:32738 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime text track descriptors heap buffer overflow attempt (file-multimedia.rules)
 * 1:32739 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime text track descriptors heap buffer overflow attempt (file-multimedia.rules)
 * 1:32740 <-> DISABLED <-> POLICY-OTHER Arris VAP2500 default credentials authentication attempt (policy-other.rules)
 * 1:32741 <-> DISABLED <-> POLICY-OTHER Arris VAP2500 default credentials authentication attempt (policy-other.rules)
 * 1:32742 <-> ENABLED <-> SERVER-WEBAPP Arris VAP2500 tools_command.php command execution attempt (server-webapp.rules)
 * 1:32744 <-> DISABLED <-> SERVER-WEBAPP ManageEngine NetFlow Analyzer DisplayChartPDF directory traversal attempt (server-webapp.rules)
 * 1:32745 <-> DISABLED <-> SERVER-WEBAPP ManageEngine NetFlow Analyzer information disclosure attempt (server-webapp.rules)
 * 1:32753 <-> ENABLED <-> SERVER-WEBAPP FreePBX Framework Asterisk recording interface PHP unserialize code execution attempt (server-webapp.rules)
 * 1:32793 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader XRef object integer overflow attempt (file-pdf.rules)
 * 1:32794 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader XRef object integer overflow attempt (file-pdf.rules)
 * 1:32885 <-> DISABLED <-> SERVER-WEBAPP Enalean Tuleap PHP unserialize code execution attempt (server-webapp.rules)
 * 1:32886 <-> DISABLED <-> SERVER-WEBAPP Enalean Tuleap PHP unserialize code execution attempt (server-webapp.rules)
 * 1:32887 <-> DISABLED <-> SERVER-WEBAPP ActualScripts ActualAnalyzer aa.php command injection attempt (server-webapp.rules)
 * 1:32901 <-> DISABLED <-> FILE-OTHER Advantech ADAMView GeniDAQ display designer stack buffer overflow attempt (file-other.rules)
 * 1:32902 <-> DISABLED <-> FILE-OTHER Advantech ADAMView GeniDAQ display designer stack buffer overflow attempt (file-other.rules)
 * 1:32961 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher 2003 EscherStm memory corruption attempt (file-office.rules)
 * 1:32962 <-> DISABLED <-> SERVER-WEBAPP Lexmark MarkVision Enterprise GfdFileUploadServlet directory traversal attempt (server-webapp.rules)
 * 1:32963 <-> DISABLED <-> SERVER-WEBAPP Lexmark MarkVision Enterprise GfdFileUploadServlet directory traversal attempt (server-webapp.rules)
 * 1:32964 <-> DISABLED <-> SERVER-WEBAPP Lexmark MarkVision Enterprise GfdFileUploadServlet directory traversal attempt (server-webapp.rules)
 * 1:32967 <-> DISABLED <-> POLICY-OTHER ManageEngine Desktop Central DCPlugin insecure admin account creation attempt (policy-other.rules)
 * 1:32968 <-> DISABLED <-> SERVER-WEBAPP F5 BIG-IP name parameter directory traversal attempt (server-webapp.rules)
 * 1:32969 <-> DISABLED <-> SERVER-WEBAPP F5 BIG-IP name parameter directory traversal attempt (server-webapp.rules)
 * 1:32970 <-> DISABLED <-> SERVER-WEBAPP F5 BIG-IP name parameter directory traversal attempt (server-webapp.rules)
 * 1:32971 <-> DISABLED <-> SERVER-WEBAPP HP System Management iprange parameter buffer overflow attempt (server-webapp.rules)
 * 1:32974 <-> DISABLED <-> OS-MOBILE Android ObjectInputStream privilege escalation attempt (os-mobile.rules)
 * 1:32975 <-> DISABLED <-> OS-MOBILE Android ObjectInputStream privilege escalation attempt (os-mobile.rules)
 * 1:33005 <-> DISABLED <-> SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx NodeName buffer overflow attempt (server-webapp.rules)
 * 1:33006 <-> DISABLED <-> SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx NodeName buffer overflow attempt (server-webapp.rules)
 * 1:33007 <-> DISABLED <-> SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx NodeName buffer overflow attempt (server-webapp.rules)
 * 1:33008 <-> DISABLED <-> SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx NodeName buffer overflow attempt (server-webapp.rules)
 * 1:33009 <-> DISABLED <-> SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx UserName buffer overflow attempt (server-webapp.rules)
 * 1:33010 <-> DISABLED <-> SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx UserName buffer overflow attempt (server-webapp.rules)
 * 1:33011 <-> DISABLED <-> SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx UserName buffer overflow attempt (server-webapp.rules)
 * 1:33012 <-> DISABLED <-> SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx UserName buffer overflow attempt (server-webapp.rules)
 * 1:33029 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (file-other.rules)
 * 1:33030 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (file-other.rules)
 * 1:33031 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (file-other.rules)
 * 1:33032 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (file-other.rules)
 * 1:33033 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (file-other.rules)
 * 1:33034 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (file-other.rules)
 * 1:33035 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (file-other.rules)
 * 1:33036 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (file-other.rules)
 * 1:33037 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (file-other.rules)
 * 1:33038 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (file-other.rules)
 * 1:33039 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (file-other.rules)
 * 1:33040 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (file-other.rules)
 * 1:33041 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (file-multimedia.rules)
 * 1:33074 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Multiple Products WsDiscoveryServlet directory traversal attempt (server-webapp.rules)
 * 1:33075 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Multiple Products WsDiscoveryServlet directory traversal attempt (server-webapp.rules)
 * 1:33076 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Multiple Products WsDiscoveryServlet directory traversal attempt (server-webapp.rules)
 * 1:33087 <-> DISABLED <-> FILE-PDF Foxit Reader remote query string buffer overflow attempt (file-pdf.rules)
 * 1:33104 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Multiple Products directory traversal attempt (server-webapp.rules)
 * 1:33113 <-> DISABLED <-> SERVER-WEBAPP Novell eDirectory IMONITOR cross site scripting attempt (server-webapp.rules)
 * 1:33114 <-> DISABLED <-> SERVER-WEBAPP HP System Management Homepage cross site scripting attempt (server-webapp.rules)
 * 1:33197 <-> DISABLED <-> SERVER-OTHER BMC Track-It FileStorageService directory traversal attempt (server-other.rules)
 * 1:33276 <-> DISABLED <-> SERVER-WEBAPP AlienVault OSSIM a_deployment.php command injection attempt (server-webapp.rules)
 * 1:33277 <-> DISABLED <-> SERVER-WEBAPP AlienVault OSSIM a_deployment.php command injection attempt (server-webapp.rules)
 * 1:33278 <-> DISABLED <-> SERVER-WEBAPP AlienVault OSSIM a_deployment.php command injection attempt (server-webapp.rules)
 * 1:33279 <-> DISABLED <-> SERVER-WEBAPP McAfee ePolicy Orchestrator XML external entity injection attempt (server-webapp.rules)
 * 1:33440 <-> DISABLED <-> SERVER-WEBAPP WordPress EasyCart PHP code execution attempt (server-webapp.rules)
 * 1:33441 <-> DISABLED <-> FILE-OFFICE Microsoft Office OLESS stream object name corruption attempt (file-office.rules)
 * 1:33442 <-> DISABLED <-> FILE-OFFICE Microsoft Office OLESS stream object name corruption attempt (file-office.rules)
 * 1:33446 <-> DISABLED <-> SERVER-WEBAPP Symantec Encryption Management Server command injection attempt (server-webapp.rules)
 * 1:33447 <-> DISABLED <-> SERVER-WEBAPP Symantec Encryption Management Server command injection attempt (server-webapp.rules)
 * 1:33448 <-> DISABLED <-> SERVER-WEBAPP Symantec Encryption Management Server command injection attempt (server-webapp.rules)
 * 1:33514 <-> DISABLED <-> SERVER-WEBAPP WordPress Photo Gallery PHP code execution attempt (server-webapp.rules)
 * 1:33515 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (file-image.rules)
 * 1:33516 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (file-image.rules)
 * 1:33517 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (file-image.rules)
 * 1:33518 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (file-image.rules)
 * 1:33573 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Multiple Products FailOverHelperServlet information disclosure attempt (server-webapp.rules)
 * 1:33574 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Multiple Products FailOverHelperServlet information disclosure attempt (server-webapp.rules)
 * 1:33581 <-> DISABLED <-> SERVER-WEBAPP nginx URI processing security bypass attempt (server-webapp.rules)
 * 1:33597 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Desktop Central MSP StatusUpdateServlet directory traversal attempt (server-webapp.rules)
 * 1:33598 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Desktop Central MSP StatusUpdateServlet directory traversal attempt (server-webapp.rules)
 * 1:33599 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Desktop Central MSP StatusUpdateServlet directory traversal attempt (server-webapp.rules)
 * 1:33615 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS5 gif file heap corruption attempt (file-image.rules)
 * 1:33632 <-> DISABLED <-> SERVER-WEBAPP PHP xmlrpc.php command injection attempt (server-webapp.rules)
 * 1:33651 <-> DISABLED <-> SERVER-WEBAPP Solarwinds Orion AccountManagement SQL injection attempt (server-webapp.rules)
 * 1:33652 <-> DISABLED <-> SERVER-WEBAPP Solarwinds Orion AccountManagement SQL injection attempt (server-webapp.rules)
 * 1:33653 <-> DISABLED <-> SERVER-WEBAPP Solarwinds Orion AccountManagement SQL injection attempt (server-webapp.rules)
 * 1:33657 <-> DISABLED <-> SERVER-WEBAPP Dell ScriptLogic Asset Manager SQL injection attempt (server-webapp.rules)
 * 1:33658 <-> DISABLED <-> SERVER-WEBAPP Dell ScriptLogic Asset Manager SQL injection attempt (server-webapp.rules)
 * 1:33659 <-> DISABLED <-> SERVER-WEBAPP Dell ScriptLogic Asset Manager SQL injection attempt (server-webapp.rules)
 * 1:33665 <-> ENABLED <-> SERVER-OTHER HP Client Automation command injection attempt (server-other.rules)
 * 1:33676 <-> DISABLED <-> SERVER-WEBAPP Symantec Web Gateway restore.php command injection attempt (server-webapp.rules)
 * 1:33812 <-> ENABLED <-> SERVER-WEBAPP Seagate NAS remote code execution attempt (server-webapp.rules)
 * 1:33813 <-> DISABLED <-> SERVER-WEBAPP Eclipse Foundation Jetty HttpParser information disclosure attempt (server-webapp.rules)
 * 1:33832 <-> DISABLED <-> SERVER-WEBAPP Seagate BlackArmor NAS getAlias.php command injection attempt (server-webapp.rules)
 * 1:33853 <-> DISABLED <-> SERVER-WEBAPP D-Link multiple products ping.ccp command injection attempt (server-webapp.rules)
 * 1:33875 <-> DISABLED <-> POLICY-OTHER SolarWinds Firewall Security Manager insecure userlogin.jsp access attempt (policy-other.rules)
 * 1:33889 <-> DISABLED <-> SERVER-WEBAPP Websense Triton CommandLineServlet command injection attempt (server-webapp.rules)
 * 1:33890 <-> DISABLED <-> SERVER-WEBAPP Websense Triton CommandLineServlet command injection attempt (server-webapp.rules)
 * 1:33894 <-> DISABLED <-> SERVER-WEBAPP TWiki debugenableplugins arbitrary perl code injection attempt (server-webapp.rules)
 * 1:33895 <-> DISABLED <-> SERVER-WEBAPP TWiki debugenableplugins arbitrary perl code injection attempt (server-webapp.rules)
 * 1:33896 <-> DISABLED <-> SERVER-WEBAPP OpenNMS XML external entity injection attempt (server-webapp.rules)
 * 1:33915 <-> DISABLED <-> SERVER-WEBAPP HP ArcSight Logger directory traversal attempt (server-webapp.rules)
 * 1:33916 <-> DISABLED <-> SERVER-WEBAPP HP ArcSight Logger directory traversal attempt (server-webapp.rules)
 * 1:33917 <-> DISABLED <-> SERVER-WEBAPP HP ArcSight Logger directory traversal attempt (server-webapp.rules)
 * 1:33934 <-> DISABLED <-> SERVER-WEBAPP Wordpress WP Marketplace plugin directory traversal attempt (server-webapp.rules)
 * 1:33935 <-> DISABLED <-> SERVER-WEBAPP Wordpress WP Marketplace plugin privilege escalation attempt (server-webapp.rules)
 * 1:33936 <-> DISABLED <-> SERVER-WEBAPP TRENDnet TN200 Network Storage System command injection attempt (server-webapp.rules)
 * 1:33937 <-> DISABLED <-> SERVER-WEBAPP TRENDnet TN200 Network Storage System command injection attempt (server-webapp.rules)
 * 1:33938 <-> DISABLED <-> SERVER-WEBAPP Seagate BlackArmor NAS send_test_email command injection attempt (server-webapp.rules)
 * 1:33986 <-> DISABLED <-> POLICY-OTHER ManageEngine Desktop Central insecure admin password reset attempt (policy-other.rules)
 * 1:34000 <-> DISABLED <-> SERVER-WEBAPP Berta Content Management System PHP code execution attempt (server-webapp.rules)
 * 1:34024 <-> DISABLED <-> POLICY-OTHER ManageEngine Desktop Central insecure admin password reset attempt (policy-other.rules)
 * 1:34055 <-> DISABLED <-> SERVER-WEBAPP Lexmark Markvision Enterprise LibraryFileUploadServlet directory traversal attempt (server-webapp.rules)
 * 1:34056 <-> DISABLED <-> SERVER-WEBAPP Lexmark Markvision Enterprise LibraryFileUploadServlet directory traversal attempt (server-webapp.rules)
 * 1:34104 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management directory traversal attempt (server-webapp.rules)
 * 1:34105 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management directory traversal attempt (server-webapp.rules)
 * 1:34106 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management directory traversal attempt (server-webapp.rules)
 * 1:34139 <-> DISABLED <-> SERVER-OTHER Novell ZenWorks configuration management file upload directory traversal attempt (server-other.rules)
 * 1:34156 <-> ENABLED <-> FILE-FLASH Adobe Flash Player EAC3 memory corruption attempt (file-flash.rules)
 * 1:34157 <-> ENABLED <-> FILE-FLASH Adobe Flash Player EAC3 memory corruption attempt (file-flash.rules)
 * 1:34158 <-> ENABLED <-> FILE-FLASH Adobe Flash Player EAC3 memory corruption attempt (file-flash.rules)
 * 1:34159 <-> ENABLED <-> FILE-FLASH Adobe Flash Player EAC3 memory corruption attempt (file-flash.rules)
 * 1:34160 <-> DISABLED <-> SERVER-OTHER Oracle Outside In Paradox database denial of service attempt (server-other.rules)
 * 1:34166 <-> ENABLED <-> FILE-FLASH Adobe Flash Player byte array double free attempt (file-flash.rules)
 * 1:34167 <-> ENABLED <-> FILE-FLASH Adobe Flash Player byte array double free attempt (file-flash.rules)
 * 1:34168 <-> ENABLED <-> FILE-FLASH Adobe Flash Player byte array double free attempt (file-flash.rules)
 * 1:34169 <-> ENABLED <-> FILE-FLASH Adobe Flash Player byte array double free attempt (file-flash.rules)
 * 1:34184 <-> DISABLED <-> SERVER-WEBAPP ESF pfSense services_unbound_acls cross site scripting attempt (server-webapp.rules)
 * 1:34185 <-> DISABLED <-> SERVER-WEBAPP ESF pfSense status_captiveportal cross site scripting attempt (server-webapp.rules)
 * 1:34215 <-> DISABLED <-> SERVER-WEBAPP ESF pfSense diag_logs_filter cross site scripting attempt (server-webapp.rules)
 * 1:34220 <-> DISABLED <-> SERVER-WEBAPP Barracuda Networks Web Filter index.cgi command injection attempt (server-webapp.rules)
 * 1:34221 <-> DISABLED <-> SERVER-WEBAPP Barracuda Networks Web Filter index.cgi command injection attempt (server-webapp.rules)
 * 1:34222 <-> DISABLED <-> SERVER-WEBAPP Barracuda Networks Web Filter index.cgi command injection attempt (server-webapp.rules)
 * 1:34225 <-> DISABLED <-> PROTOCOL-FTP ProFTPD mod_copy remote code execution attempt (protocol-ftp.rules)
 * 1:34238 <-> DISABLED <-> SERVER-OTHER PHP zip_cdir_new function integer overflow file upload attempt (server-other.rules)
 * 1:34239 <-> DISABLED <-> SERVER-OTHER PHP zip_cdir_new function integer overflow file upload attempt (server-other.rules)
 * 1:34240 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34241 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34242 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34243 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34244 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34245 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34284 <-> DISABLED <-> SERVER-WEBAPP ESF pfSense firewall_rules cross site scripting attempt (server-webapp.rules)
 * 1:34285 <-> DISABLED <-> SERVER-WEBAPP ESF pfSense firewall_shaper cross site scripting attempt (server-webapp.rules)
 * 1:34300 <-> ENABLED <-> SERVER-WEBAPP D-Link multiple products HNAP SOAPAction header command injection attempt (server-webapp.rules)
 * 1:34343 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player XSPF integer overflow attempt (file-multimedia.rules)
 * 1:34344 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player XSPF integer overflow attempt (file-multimedia.rules)
 * 1:34349 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules)
 * 1:34350 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules)
 * 1:34351 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules)
 * 1:34352 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules)
 * 1:34353 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules)
 * 1:34358 <-> DISABLED <-> SERVER-WEBAPP Dell SonicWALL SonicOS macIpSpoofView cross site scripting attempt (server-webapp.rules)
 * 1:34359 <-> DISABLED <-> SERVER-WEBAPP ESF pfSense deletefile directory traversal attempt (server-webapp.rules)
 * 1:34360 <-> DISABLED <-> SERVER-WEBAPP ESF pfSense deletefile directory traversal attempt (server-webapp.rules)
 * 1:34361 <-> DISABLED <-> SERVER-WEBAPP ESF pfSense deletefile directory traversal attempt (server-webapp.rules)
 * 1:34363 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management GetStoredResult.class SQL injection attempt (server-webapp.rules)
 * 1:34364 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management rtrlet.class directory traversal attempt (server-webapp.rules)
 * 1:34373 <-> DISABLED <-> SERVER-OTHER PHP zip_cdir_new function integer overflow file download attempt (server-other.rules)
 * 1:34374 <-> DISABLED <-> SERVER-OTHER PHP zip_cdir_new function integer overflow file download attempt (server-other.rules)
 * 1:34375 <-> DISABLED <-> SERVER-OTHER PHP zip_cdir_new function integer overflow file download attempt (server-other.rules)
 * 1:34376 <-> DISABLED <-> SERVER-OTHER PHP zip_cdir_new function integer overflow file download attempt (server-other.rules)
 * 1:34426 <-> DISABLED <-> OS-WINDOWS Microsoft Windows cng.sys memory leak kernel ASLR bypass attempt (os-windows.rules)
 * 1:34427 <-> DISABLED <-> OS-WINDOWS Microsoft Windows cng.sys memory leak kernel ASLR bypass attempt (os-windows.rules)
 * 1:34447 <-> DISABLED <-> POLICY-OTHER ProFTPD mod_copy unauthenticated file copy attempt (policy-other.rules)
 * 1:34471 <-> ENABLED <-> SERVER-WEBAPP Symantec Critical System Protection directory traversal attempt (server-webapp.rules)
 * 1:34472 <-> DISABLED <-> SERVER-WEBAPP Symantec Critical System Protection SQL injection attempt (server-webapp.rules)
 * 1:34481 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (os-other.rules)
 * 1:34482 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (os-other.rules)
 * 1:34483 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (os-other.rules)
 * 1:34484 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (os-other.rules)
 * 1:34485 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (os-other.rules)
 * 1:34486 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (os-other.rules)
 * 1:34487 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (os-other.rules)
 * 1:34488 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (os-other.rules)
 * 1:34492 <-> DISABLED <-> FILE-FLASH Adobe Flash Player same origin policy security bypass attempt (file-flash.rules)
 * 1:34493 <-> DISABLED <-> FILE-FLASH Adobe Flash Player same origin policy security bypass attempt (file-flash.rules)
 * 1:34494 <-> DISABLED <-> FILE-FLASH Adobe Flash Player same origin policy security bypass attempt (file-flash.rules)
 * 1:34495 <-> DISABLED <-> FILE-FLASH Adobe Flash Player same origin policy security bypass attempt (file-flash.rules)
 * 1:34524 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader CoolType blend memory corruption attempt (file-pdf.rules)
 * 1:34525 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader CoolType blend memory corruption attempt (file-pdf.rules)
 * 1:34526 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader Cooltype callother memory corruption attempt (file-pdf.rules)
 * 1:34527 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader Cooltype callother memory corruption attempt (file-pdf.rules)
 * 1:34538 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ByteArray shading memory leak attempt (file-flash.rules)
 * 1:34539 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ByteArray shading memory leak attempt (file-flash.rules)
 * 1:34552 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader malformed shading modifier heap corruption attempt (file-pdf.rules)
 * 1:34569 <-> DISABLED <-> SERVER-WEBAPP Wordpress Creative Contact Form arbitrary PHP file upload attempt (server-webapp.rules)
 * 1:34577 <-> DISABLED <-> FILE-FLASH Adobe Flash Player uninitialized register memory leak attempt (file-flash.rules)
 * 1:34578 <-> DISABLED <-> FILE-FLASH Adobe Flash Player uninitialized register memory leak attempt (file-flash.rules)
 * 1:34579 <-> DISABLED <-> FILE-FLASH Adobe Flash Player uninitialized register memory leak attempt (file-flash.rules)
 * 1:34580 <-> DISABLED <-> FILE-FLASH Adobe Flash Player uninitialized register memory leak attempt (file-flash.rules)
 * 1:34584 <-> DISABLED <-> POLICY-OTHER Novell ZENworks Configuration Management session id disclosure attempt (policy-other.rules)
 * 1:34602 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management rtrlet.class directory traversal attempt (server-webapp.rules)
 * 1:34603 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules)
 * 1:34604 <-> DISABLED <-> SERVER-WEBAPP Visual Mining NetCharts saveFile.jsp directory traversal attempt (server-webapp.rules)
 * 1:34605 <-> DISABLED <-> SERVER-WEBAPP Visual Mining NetCharts saveFile.jsp directory traversal attempt (server-webapp.rules)
 * 1:34606 <-> DISABLED <-> SERVER-WEBAPP Visual Mining NetCharts saveFile.jsp directory traversal attempt (server-webapp.rules)
 * 1:34619 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management rtrlet.class directory traversal attempt (server-webapp.rules)
 * 1:34620 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management rtrlet.class directory traversal attempt (server-webapp.rules)
 * 1:34621 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management rtrlet.class directory traversal attempt (server-webapp.rules)
 * 1:34633 <-> DISABLED <-> SERVER-WEBAPP Visual Mining NetCharts projectContents.jsp directory traversal attempt (server-webapp.rules)
 * 1:34634 <-> DISABLED <-> SERVER-WEBAPP Visual Mining NetCharts projectContents.jsp directory traversal attempt (server-webapp.rules)
 * 1:34635 <-> DISABLED <-> SERVER-WEBAPP Visual Mining NetCharts projectContents.jsp directory traversal attempt (server-webapp.rules)
 * 1:34716 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Desktop Central FileUploadServlet directory traversal attempt (server-webapp.rules)
 * 1:34717 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Desktop Central FileUploadServlet directory traversal attempt (server-webapp.rules)
 * 1:34718 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Desktop Central FileUploadServlet directory traversal attempt (server-webapp.rules)
 * 1:34798 <-> DISABLED <-> SERVER-OTHER HP LoadRunner launcher.dll stack buffer overflow attempt (server-other.rules)
 * 1:34799 <-> ENABLED <-> SERVER-WEBAPP UPnP AddPortMapping SOAP action command injection attempt (server-webapp.rules)
 * 1:34803 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34804 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34805 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34806 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34845 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader setPageAction use after free attempt (file-pdf.rules)
 * 1:34846 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader setPageAction use after free attempt (file-pdf.rules)
 * 1:34890 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro u32ZLib.dll dll-load exploit attempt (file-other.rules)
 * 1:34891 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro u32Zlib.dll dll-load exploit attempt (file-other.rules)
 * 1:34892 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro quserex.dll dll-load exploit attempt (file-other.rules)
 * 1:34893 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro quserex.dll dll-load exploit attempt (file-other.rules)
 * 1:34894 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro FxManagedCommands dll-load exploit attempt (file-other.rules)
 * 1:34895 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro FxManagedCommands dll-load exploit attempt (file-other.rules)
 * 1:34896 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro TD_Mgd_3.08_9.dll dll-load exploit attempt (file-other.rules)
 * 1:34897 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro TD_Mgd_3.08_9.dll dll-load exploit attempt (file-other.rules)
 * 1:34898 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro wacommt.dll dll-load exploit attempt (file-other.rules)
 * 1:34899 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro wacommt.dll dll-load exploit attempt (file-other.rules)
 * 1:34900 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro igfxcmrt32.dll dll-load exploit attempt (file-other.rules)
 * 1:34901 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro igfxcmrt32.dll dll-load exploit attempt (file-other.rules)
 * 1:34902 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro ipl.dll dll-load exploit attempt (file-other.rules)
 * 1:34903 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro MSPStyleLib.dll dll-load exploit attempt (file-other.rules)
 * 1:34904 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro MSPStyleLib.dll dll-load exploit attempt (file-other.rules)
 * 1:34905 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uFioUtil.dll dll-load exploit attempt (file-other.rules)
 * 1:34906 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uFioUtil.dll dll-load exploit attempt (file-other.rules)
 * 1:34907 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uhDSPlay.dll dll-load exploit attempt (file-other.rules)
 * 1:34908 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uhDSPlay.dll dll-load exploit attempt (file-other.rules)
 * 1:34909 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uipl.dll dll-load exploit attempt (file-other.rules)
 * 1:34910 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uvipl.dll dll-load exploit attempt (file-other.rules)
 * 1:34911 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro VC1DecDll.dll dll-load exploit attempt (file-other.rules)
 * 1:34912 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro VC1DecDll.dll dll-load exploit attempt (file-other.rules)
 * 1:34913 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro VC1DecDll_SSE3.dll dll-load exploit attempt (file-other.rules)
 * 1:34914 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro VC1DecDll_SSE3.dll dll-load exploit attempt (file-other.rules)
 * 1:34915 <-> DISABLED <-> NETBIOS SMB Corel PaintShop Pro quserex.dll dll-load exploit attempt (netbios.rules)
 * 1:34916 <-> DISABLED <-> NETBIOS SMB Corel PaintShop Pro u32zlib.dll dll-load exploit attempt (netbios.rules)
 * 1:34938 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules)
 * 1:34939 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules)
 * 1:34940 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules)
 * 1:34941 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules)
 * 1:34942 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules)
 * 1:34943 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules)
 * 1:34999 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management queryid SQL injection attempt (server-webapp.rules)
 * 1:35000 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management queryid SQL injection attempt (server-webapp.rules)
 * 1:35014 <-> ENABLED <-> SERVER-WEBAPP Centreon GetXMLTrapsForVendor.php SQL injection attempt (server-webapp.rules)
 * 1:35015 <-> ENABLED <-> SERVER-WEBAPP Centreon GetXmlTree.php SQL injection attempt (server-webapp.rules)
 * 1:35016 <-> ENABLED <-> SERVER-WEBAPP Centreon cmdGetExample.php SQL injection attempt (server-webapp.rules)
 * 1:35017 <-> ENABLED <-> SERVER-WEBAPP Centreon makeXML_ListMetrics.php SQL injection attempt (server-webapp.rules)
 * 1:35032 <-> DISABLED <-> SERVER-WEBAPP LANDesk Management Suite remote file include attempt (server-webapp.rules)
 * 1:35033 <-> DISABLED <-> SERVER-WEBAPP LANDesk Management Suite remote file include attempt (server-webapp.rules)
 * 1:35048 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (file-flash.rules)
 * 1:35049 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (file-flash.rules)
 * 1:35077 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Applications Manager getMGList groupId SQL injection attempt (server-webapp.rules)
 * 1:35078 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Applications Manager getMGList groupId SQL injection attempt (server-webapp.rules)
 * 1:35079 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Applications Manager getMGList groupId SQL injection attempt (server-webapp.rules)
 * 1:35094 <-> DISABLED <-> FILE-OTHER Microsoft proxy autoconfig script system library import attempt (file-other.rules)
 * 1:35118 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Kerberos privilege escalation attempt (os-windows.rules)
 * 1:3518 <-> DISABLED <-> SERVER-MYSQL MaxDB WebSQL wppassword buffer overflow (server-mysql.rules)
 * 1:3519 <-> DISABLED <-> SERVER-MYSQL MaxDB WebSQL wppassword buffer overflow default port (server-mysql.rules)
 * 1:35253 <-> DISABLED <-> SERVER-OTHER LibreOffice Impress socket manager Use After Free attempt (server-other.rules)
 * 1:35279 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Applications Manager haid SQL injection attempt (server-webapp.rules)
 * 1:35280 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Applications Manager haid SQL injection attempt (server-webapp.rules)
 * 1:35281 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Applications Manager haid SQL injection attempt (server-webapp.rules)
 * 1:35314 <-> DISABLED <-> SERVER-APACHE Apache HTTP Server mod_proxy denial of service attempt (server-apache.rules)
 * 1:35364 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:35365 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:35366 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:35367 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:35372 <-> DISABLED <-> SERVER-WEBAPP WebUI mainfile.php command injection attempt (server-webapp.rules)
 * 1:35373 <-> DISABLED <-> SERVER-WEBAPP WebUI mainfile.php command injection attempt (server-webapp.rules)
 * 1:35374 <-> DISABLED <-> SERVER-WEBAPP WebUI mainfile.php command injection attempt (server-webapp.rules)
 * 1:35375 <-> DISABLED <-> SERVER-WEBAPP WebUI mainfile.php command injection attempt (server-webapp.rules)
 * 1:35399 <-> DISABLED <-> SERVER-WEBAPP WordPress MailChimp Subscribe Forms PHP Code Execution command injection attempt (server-webapp.rules)
 * 1:35406 <-> DISABLED <-> SERVER-APACHE Apache HTTP Server mod_status heap buffer overflow attempt (server-apache.rules)
 * 1:35413 <-> DISABLED <-> FILE-MULTIMEDIA Apple iLife iPhoto Photocast XML format string code injection attempt (file-multimedia.rules)
 * 1:35414 <-> DISABLED <-> FILE-MULTIMEDIA Apple iLife iPhoto Photocast XML format string code injection attempt (file-multimedia.rules)
 * 1:35417 <-> DISABLED <-> SERVER-OTHER Fortinet Single Sign On hello message denial of service attempt (server-other.rules)
 * 1:35418 <-> DISABLED <-> SERVER-OTHER Fortinet Single Sign On hello message denial of service attempt (server-other.rules)
 * 1:35427 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Applications Manager customerName SQL injection attempt (server-webapp.rules)
 * 1:35428 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Applications Manager customerName SQL injection attempt (server-webapp.rules)
 * 1:35429 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Applications Manager customerName SQL injection attempt (server-webapp.rules)
 * 1:35440 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (file-office.rules)
 * 1:35441 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (file-office.rules)
 * 1:35442 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (file-office.rules)
 * 1:35443 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (file-office.rules)
 * 1:35531 <-> DISABLED <-> SERVER-WEBAPP Apache HTTP server mod_cache denial of service attempt (server-webapp.rules)
 * 1:35532 <-> DISABLED <-> SERVER-WEBAPP Apache HTTP server mod_cache denial of service attempt (server-webapp.rules)
 * 1:35533 <-> DISABLED <-> SERVER-WEBAPP ManageEngine IT360 BSIntegInfoHandler resIds SQL injection attempt (server-webapp.rules)
 * 1:35534 <-> DISABLED <-> SERVER-WEBAPP ManageEngine IT360 BSIntegInfoHandler resIds SQL injection attempt (server-webapp.rules)
 * 1:35535 <-> DISABLED <-> SERVER-WEBAPP ManageEngine IT360 BSIntegInfoHandler resIds SQL injection attempt (server-webapp.rules)
 * 1:35541 <-> ENABLED <-> SERVER-OTHER EMC AutoStart ftagent SQL injection attempt (server-other.rules)
 * 1:35560 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime invalid stsd atom out of bounds read attempt (file-multimedia.rules)
 * 1:35677 <-> DISABLED <-> SERVER-WEBAPP Dell KACE Appliance KSudoClient privilege escalation attempt (server-webapp.rules)
 * 1:35678 <-> DISABLED <-> SERVER-WEBAPP Dell KACE Appliance downloadpxy.php directory traversal attempt (server-webapp.rules)
 * 1:35679 <-> DISABLED <-> SERVER-WEBAPP Dell KACE Appliance downloadpxy.php directory traversal attempt (server-webapp.rules)
 * 1:35680 <-> DISABLED <-> SERVER-WEBAPP Dell KACE Appliance downloadpxy.php directory traversal attempt (server-webapp.rules)
 * 1:35681 <-> DISABLED <-> SERVER-WEBAPP Dell KACE Appliance kbot_upload.php authentication bypass attempt (server-webapp.rules)
 * 1:35682 <-> DISABLED <-> SERVER-WEBAPP Dell KACE Appliance kbot_upload.php directory traversal attempt (server-webapp.rules)
 * 1:35683 <-> DISABLED <-> SERVER-WEBAPP Dell KACE Appliance kbot_upload.php directory traversal attempt (server-webapp.rules)
 * 1:35684 <-> DISABLED <-> SERVER-WEBAPP Dell KACE Appliance kbot_upload.php directory traversal attempt (server-webapp.rules)
 * 1:35701 <-> DISABLED <-> SERVER-WEBAPP ManageEngine OpManager agentKey SQL injection attempt (server-webapp.rules)
 * 1:35702 <-> DISABLED <-> SERVER-WEBAPP ManageEngine OpManager agentKey SQL injection attempt (server-webapp.rules)
 * 1:35703 <-> DISABLED <-> SERVER-WEBAPP ManageEngine OpManager agentKey SQL injection attempt (server-webapp.rules)
 * 1:35704 <-> DISABLED <-> SERVER-WEBAPP Maarch LetterBox arbitrary PHP file upload attempt (server-webapp.rules)
 * 1:35734 <-> DISABLED <-> SERVER-WEBAPP Netgear WNDR4700 and R6200 admin interface authentication bypass attempt (server-webapp.rules)
 * 1:35763 <-> DISABLED <-> SERVER-OTHER gnuTLS _asn1_extract_der_octet memory error inbound malicious server dos attempt (server-other.rules)
 * 1:35764 <-> DISABLED <-> SERVER-OTHER gnuTLS _asn1_extract_der_octet memory error inbound malicious server dos attempt (server-other.rules)
 * 1:35765 <-> DISABLED <-> SERVER-OTHER gnuTLS _asn1_extract_der_octet memory error inbound malicious client dos attempt (server-other.rules)
 * 1:35766 <-> DISABLED <-> SERVER-OTHER gnuTLS _asn1_extract_der_octet memory error inbound malicious client dos attempt (server-other.rules)
 * 1:35857 <-> DISABLED <-> FILE-OTHER Microsoft System.Uri heap corruption attempt (file-other.rules)
 * 1:35858 <-> DISABLED <-> FILE-OTHER Microsoft System.Uri heap corruption attempt (file-other.rules)
 * 1:35939 <-> DISABLED <-> FILE-MULTIMEDIA PLF playlist name buffer overflow attempt (file-multimedia.rules)
 * 1:35940 <-> DISABLED <-> SERVER-WEBAPP PHP phar_parse_tarfile method integer overflow attempt (server-webapp.rules)
 * 1:35944 <-> ENABLED <-> SERVER-MAIL IBM Domino BMP color palette stack buffer overflow attempt (server-mail.rules)
 * 1:36025 <-> DISABLED <-> SERVER-OTHER Digium Asterisk TLS Certificate Common Name null byte validation bypass attempt (server-other.rules)
 * 1:36059 <-> DISABLED <-> SERVER-WEBAPP PHP CDF file handling infinite loop dos attempt (server-webapp.rules)
 * 1:36061 <-> DISABLED <-> SERVER-OTHER SAP SQL Anywhere .NET malformed integer buffer overflow attempt (server-other.rules)
 * 1:36154 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray domainMemory use after free attempt (file-flash.rules)
 * 1:36155 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray domainMemory use after free attempt (file-flash.rules)
 * 1:36156 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray domainMemory use after free attempt (file-flash.rules)
 * 1:36157 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray domainMemory use after free attempt (file-flash.rules)
 * 1:36191 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:36192 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:36197 <-> DISABLED <-> SERVER-WEBAPP nginx SMTP proxy STARTTLS plaintext command injection attempt (server-webapp.rules)
 * 1:36261 <-> DISABLED <-> SERVER-WEBAPP PHP fileinfo cdf_read_property_info denial of service attempt (server-webapp.rules)
 * 1:36262 <-> DISABLED <-> SERVER-WEBAPP PHP fileinfo cdf_read_property_info denial of service attempt (server-webapp.rules)
 * 1:36375 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Management Framework Endpoint default HTTP password authentication attempt (server-other.rules)
 * 1:36376 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Management Framework lcfd endpoint daemon buffer overflow attempt (server-other.rules)
 * 1:36383 <-> DISABLED <-> OS-WINDOWS Microsoft Windows FlattenPath paged memory consumption privilege escalation attempt (os-windows.rules)
 * 1:36384 <-> DISABLED <-> OS-WINDOWS Microsoft Windows FlattenPath paged memory consumption privilege escalation attempt (os-windows.rules)
 * 1:36461 <-> DISABLED <-> SERVER-OTHER Novell eDirectory DHost sadminpwd buffer overflow attempt (server-other.rules)
 * 1:36462 <-> DISABLED <-> SERVER-OTHER Novell eDirectory DHost verifypwd buffer overflow attempt (server-other.rules)
 * 1:36493 <-> DISABLED <-> SERVER-OTHER Squid snmphandleUDP off-by-one buffer overflow attempt (server-other.rules)
 * 1:36507 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:36508 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:36509 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:36510 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:36527 <-> ENABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:36528 <-> ENABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:36529 <-> ENABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:36530 <-> ENABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:36544 <-> DISABLED <-> SERVER-WEBAPP pChart script parameter directory traversal attempt (server-webapp.rules)
 * 1:36562 <-> DISABLED <-> OS-WINDOWS Microsoft Windows cng.sys memory leak kernel ASLR bypass attempt (os-windows.rules)
 * 1:36563 <-> DISABLED <-> OS-WINDOWS Microsoft Windows cng.sys memory leak kernel ASLR bypass attempt (os-windows.rules)
 * 1:36564 <-> DISABLED <-> FILE-MULTIMEDIA libav LZO integer overflow attempt (file-multimedia.rules)
 * 1:36565 <-> DISABLED <-> FILE-MULTIMEDIA libav LZO integer overflow attempt (file-multimedia.rules)
 * 1:36596 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Kerberos privilege escalation attempt (os-windows.rules)
 * 1:36613 <-> DISABLED <-> SERVER-WEBAPP McAfee Cloud Single Sign ExtensionAccessServlet directory traversal attempt (server-webapp.rules)
 * 1:36614 <-> DISABLED <-> SERVER-WEBAPP McAfee Cloud Single Sign ExtensionAccessServlet directory traversal attempt (server-webapp.rules)
 * 1:36658 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules)
 * 1:36659 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules)
 * 1:36660 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules)
 * 1:36661 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules)
 * 1:36784 <-> DISABLED <-> POLICY-OTHER Symantec LiveUpdate forcepasswd.do insecure password change attempt (policy-other.rules)
 * 1:36823 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack Server buffer overflow attempt (server-other.rules)
 * 1:36854 <-> DISABLED <-> FILE-OTHER IDEAL Administration IPJ file handling stack overflow attempt (file-other.rules)
 * 1:36855 <-> ENABLED <-> FILE-OTHER Wireshark DECT packet dissector overflow attempt (file-other.rules)
 * 1:36885 <-> DISABLED <-> FILE-PDF Adobe Acrobat font parsing integer overflow attempt (file-pdf.rules)
 * 1:36886 <-> DISABLED <-> FILE-PDF Adobe Acrobat font parsing integer overflow attempt (file-pdf.rules)
 * 1:36900 <-> DISABLED <-> SERVER-WEBAPP Oracle BeeHive showRecxml.jsp directory traversal attempt (server-webapp.rules)
 * 1:36901 <-> DISABLED <-> SERVER-WEBAPP Oracle BeeHive showRecxml.jsp directory traversal attempt (server-webapp.rules)
 * 1:36902 <-> DISABLED <-> SERVER-WEBAPP Oracle BeeHive showRecxml.jsp directory traversal attempt (server-webapp.rules)
 * 1:37025 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (policy-other.rules)
 * 1:37026 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (policy-other.rules)
 * 1:37096 <-> DISABLED <-> SERVER-WEBAPP Joomla Component com_gmaps SQL injection attempt (server-webapp.rules)
 * 1:37097 <-> DISABLED <-> SERVER-WEBAPP Joomla Component com_gmaps SQL injection attempt (server-webapp.rules)
 * 1:37098 <-> DISABLED <-> SERVER-WEBAPP Joomla Component com_gmaps SQL injection attempt (server-webapp.rules)
 * 1:37099 <-> DISABLED <-> SERVER-WEBAPP Joomla Component com_gmaps SQL injection attempt (server-webapp.rules)
 * 1:37133 <-> DISABLED <-> SERVER-WEBAPP Joomla com_youtubegallery module SQL injection attempt (server-webapp.rules)
 * 1:37134 <-> DISABLED <-> SERVER-WEBAPP Joomla com_youtubegallery module SQL injection attempt (server-webapp.rules)
 * 1:37148 <-> DISABLED <-> SERVER-WEBAPP WordPress Gallery Objects Plugin viewid SQL injection attempt (server-webapp.rules)
 * 1:37242 <-> ENABLED <-> SERVER-WEBAPP D-Link DCS-900 Series Network Camera arbitrary file upload attempt (server-webapp.rules)
 * 1:37362 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher 2007 conversion library code execution attempt (file-office.rules)
 * 1:37363 <-> DISABLED <-> SERVER-OTHER Java Library SpringFramework unauthorized serialized object attempt (server-other.rules)
 * 1:37627 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray domainMemory use after free attempt (file-flash.rules)
 * 1:37628 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray domainMemory use after free attempt (file-flash.rules)
 * 1:37664 <-> ENABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:37665 <-> ENABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:37690 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid object reference code execution attempt (file-flash.rules)
 * 1:37802 <-> DISABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster integer overflow attempt (file-java.rules)
 * 1:37803 <-> DISABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster integer overflow attempt (file-java.rules)
 * 1:37804 <-> DISABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster integer overflow attempt (file-java.rules)
 * 1:37805 <-> DISABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster integer overflow attempt (file-java.rules)
 * 1:37828 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:37829 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:37830 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (file-other.rules)
 * 1:37831 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (file-other.rules)
 * 1:37832 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (file-other.rules)
 * 1:37833 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (file-other.rules)
 * 1:37854 <-> DISABLED <-> SERVER-WEBAPP D-Link DSL router cross site scripting attempt (server-webapp.rules)
 * 1:37855 <-> DISABLED <-> SERVER-WEBAPP D-Link DSL router cross site scripting attempt (server-webapp.rules)
 * 1:37856 <-> DISABLED <-> SERVER-WEBAPP D-Link DSL router cross site scripting attempt (server-webapp.rules)
 * 1:37857 <-> DISABLED <-> SERVER-WEBAPP D-Link DSL router cross site scripting attempt (server-webapp.rules)
 * 1:37912 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (policy-other.rules)
 * 1:37913 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (policy-other.rules)
 * 1:37914 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (policy-other.rules)
 * 1:37915 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (policy-other.rules)
 * 1:37916 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (policy-other.rules)
 * 1:37934 <-> DISABLED <-> PROTOCOL-FTP Computer Associates eTrust Secure Content Manager LIST stack overflow attempt (protocol-ftp.rules)
 * 1:37937 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:37938 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:37939 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:37940 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:37941 <-> DISABLED <-> SERVER-WEBAPP AlienVault OSSIM a_deployment.php command injection attempt (server-webapp.rules)
 * 1:37942 <-> DISABLED <-> SERVER-WEBAPP AlienVault OSSIM a_deployment.php command injection attempt (server-webapp.rules)
 * 1:37943 <-> DISABLED <-> SERVER-WEBAPP AlienVault OSSIM a_deployment.php command injection attempt (server-webapp.rules)
 * 1:38012 <-> DISABLED <-> SERVER-WEBAPP Alienvault OSSIM graph_geoloc.php SQL injection attempt (server-webapp.rules)
 * 1:38189 <-> DISABLED <-> FILE-FLASH Adobe Flash Player si32 integer overflow attempt (file-flash.rules)
 * 1:38190 <-> DISABLED <-> FILE-FLASH Adobe Flash Player si32 integer overflow attempt (file-flash.rules)
 * 1:38191 <-> ENABLED <-> FILE-FLASH Adobe Flash Player si32 integer overflow attempt (file-flash.rules)
 * 1:38192 <-> ENABLED <-> FILE-FLASH Adobe Flash Player si32 integer overflow attempt (file-flash.rules)
 * 1:38229 <-> DISABLED <-> SERVER-WEBAPP Wordpress Simple Ads Manager sam-ajax-admin.php directory traversal attempt (server-webapp.rules)
 * 1:38266 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word HTML linked objects memory corruption attempt (file-office.rules)
 * 1:38267 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word HTML linked objects memory corruption attempt (file-office.rules)
 * 1:3827 <-> DISABLED <-> SERVER-WEBAPP PHP xmlrpc.php post attempt (server-webapp.rules)
 * 1:38272 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word formatted disk pages table memory corruption attempt (file-office.rules)
 * 1:38273 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word formatted disk pages table memory corruption attempt (file-office.rules)
 * 1:38274 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word formatted disk pages table memory corruption attempt (file-office.rules)
 * 1:38351 <-> DISABLED <-> SERVER-WEBAPP Cisco Prime Data Center Network Manager processImageSave.jsp directory traversal attempt (server-webapp.rules)
 * 1:38897 <-> DISABLED <-> FILE-OTHER Adobe Illustrator CS4 aires.dll dll-load exploit attempt (file-other.rules)
 * 1:38898 <-> DISABLED <-> FILE-OTHER Adobe Illustrator CS4 aires.dll dll-load exploit attempt (file-other.rules)
 * 1:38964 <-> DISABLED <-> POLICY-OTHER VMware vCenter Chargeback Manager ImageUploadServlet arbitrary JSP file upload attempt (policy-other.rules)
 * 1:38965 <-> DISABLED <-> SERVER-WEBAPP VMware vCenter Chargeback Manager ImageUploadServlet arbitrary JSP file upload attempt (server-webapp.rules)
 * 1:39391 <-> DISABLED <-> PROTOCOL-SCADA 3S CoDeSys Gateway Server stack buffer overflow attempt (protocol-scada.rules)
 * 1:41907 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (policy-other.rules)
 * 1:43674 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word SmartTag record code execution attempt (file-office.rules)
 * 1:43675 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word SmartTag record code execution attempt (file-office.rules)
 * 1:45399 <-> DISABLED <-> FILE-OTHER Adobe Photoshop asset elements stack based buffer overflow attempt (file-other.rules)
 * 1:4637 <-> DISABLED <-> SERVER-OTHER MailEnable HTTPMail buffer overflow attempt (server-other.rules)
 * 1:46482 <-> ENABLED <-> MALWARE-CNC Installation Keylogger Osx.Trojan.Mokes data exfiltration (malware-cnc.rules)
 * 1:46640 <-> DISABLED <-> INDICATOR-COMPROMISE Win.Worm.Brontok outbound HTTP request attempt (indicator-compromise.rules)
 * 1:46641 <-> DISABLED <-> INDICATOR-COMPROMISE Win.Worm.Brontok outbound HTTP request attempt (indicator-compromise.rules)
 * 1:46642 <-> ENABLED <-> MALWARE-CNC Win.Worm.Brontok user-agent outbound connection (malware-cnc.rules)
 * 1:47032 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MPEG stream padding buffer overflow attempt (file-multimedia.rules)
 * 1:47033 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MPEG stream padding buffer overflow attempt (file-multimedia.rules)
 * 1:47744 <-> DISABLED <-> SERVER-WEBAPP Quest DR Series Disk Backup CustomerPortalService.pm command injection attempt (server-webapp.rules)
 * 1:494 <-> DISABLED <-> INDICATOR-COMPROMISE command completed (indicator-compromise.rules)
 * 1:604 <-> DISABLED <-> PROTOCOL-SERVICES Unix rlogin froot parameter root access attempt (protocol-services.rules)
 * 1:7722 <-> DISABLED <-> MALWARE-CNC prorat 1.9 cgi notification detection (malware-cnc.rules)
 * 1:8085 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager connectedNodes.ovpl command injection attempt (server-webapp.rules)
 * 1:8086 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager cdpView.ovpl command injection attempt (server-webapp.rules)
 * 1:8087 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager freeIPaddrs.ovpl command injection attempt (server-webapp.rules)
 * 1:8088 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager connectedNodes.ovpl command injection attempt (server-webapp.rules)
 * 1:8089 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager cdpView.ovpl command injection attempt (server-webapp.rules)
 * 1:8090 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager freeIPaddrs.ovpl command injection attempt (server-webapp.rules)
 * 1:8734 <-> DISABLED <-> SERVER-WEBAPP Pajax call_dispatcher className directory traversal attempt (server-webapp.rules)
 * 1:9620 <-> DISABLED <-> SERVER-WEBAPP Pajax call_dispatcher remote code execution attempt (server-webapp.rules)
 * 1:31687 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:12079 <-> DISABLED <-> SERVER-OTHER CA BrightStor ARCserve LGServer stack buffer overflow attempt (server-other.rules)
 * 1:1209 <-> DISABLED <-> SERVER-WEBAPP .nsconfig access (server-webapp.rules)
 * 1:12286 <-> DISABLED <-> FILE-OTHER PCRE character class heap buffer overflow attempt (file-other.rules)
 * 1:12362 <-> DISABLED <-> SERVER-WEBAPP Squid HTTP Proxy-Authorization overflow attempt (server-webapp.rules)
 * 1:12746 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime invalid stsd atom out of bounds read attempt (file-multimedia.rules)
 * 1:12784 <-> DISABLED <-> SERVER-OTHER CA ARCserve LGServer stack buffer overflow attempt (server-other.rules)
 * 1:12785 <-> DISABLED <-> SERVER-OTHER CA ARCserve LGServer stack buffer overflow attempt (server-other.rules)
 * 1:12786 <-> DISABLED <-> SERVER-OTHER CA ARCserve LGServer stack buffer overflow attempt (server-other.rules)
 * 1:13293 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime panorama atoms buffer overflow attempt (file-multimedia.rules)
 * 1:13487 <-> DISABLED <-> PUA-ADWARE Adware elite protector runtime detection (pua-adware.rules)
 * 1:13816 <-> DISABLED <-> SERVER-WEBAPP PHP xmlrpc.php command injection attempt (server-webapp.rules)
 * 1:13817 <-> DISABLED <-> SERVER-WEBAPP PHP xmlrpc.php command injection attempt (server-webapp.rules)
 * 1:13818 <-> DISABLED <-> SERVER-WEBAPP PHP alternate xmlrpc.php command injection attempt (server-webapp.rules)
 * 1:13819 <-> DISABLED <-> SERVER-WEBAPP IBM Lotus Domino Web Server Accept-Language header buffer overflow attempt (server-webapp.rules)
 * 1:13866 <-> DISABLED <-> MALWARE-OTHER Trackware adclicker-fc.gen.a runtime detection - popup ads (malware-other.rules)
 * 1:13867 <-> DISABLED <-> MALWARE-OTHER Trackware adclicker-fc.gen.a runtime detection (malware-other.rules)
 * 1:13902 <-> DISABLED <-> SERVER-OTHER IBM Lotus Sametime multiplexer stack buffer overflow attempt (server-other.rules)
 * 1:13916 <-> DISABLED <-> SERVER-WEBAPP Alt-N SecurityGateway username buffer overflow attempt (server-webapp.rules)
 * 1:13925 <-> DISABLED <-> PROTOCOL-FTP Computer Associates eTrust Secure Content Manager PASV stack overflow attempt (protocol-ftp.rules)
 * 1:13927 <-> DISABLED <-> PROTOCOL-TFTP Open TFTP Server log generation buffer overflow attempt (protocol-tftp.rules)
 * 1:13940 <-> DISABLED <-> PUA-ADWARE Hijacker win32.bho.bgf outbound connection (pua-adware.rules)
 * 1:13990 <-> DISABLED <-> SQL union select - possible sql injection attempt - GET parameter (sql.rules)
 * 1:14230 <-> DISABLED <-> SERVER-WEBAPP SAP DB web server stack buffer overflow attempt (server-webapp.rules)
 * 1:14265 <-> DISABLED <-> PROTOCOL-SCADA Multiple Schneider Electric SCADA products buffer overflow attempt (protocol-scada.rules)
 * 1:14607 <-> DISABLED <-> SERVER-OTHER CA Brightstor SUN RPC malformed string buffer overflow attempt (server-other.rules)
 * 1:14608 <-> DISABLED <-> PROTOCOL-VOIP T.38 fax rate management attribute buffer overflow attempt (protocol-voip.rules)
 * 1:14609 <-> DISABLED <-> PROTOCOL-VOIP T.38 fax EC attribute buffer overflow attempt (protocol-voip.rules)
 * 1:14771 <-> DISABLED <-> SERVER-APACHE BEA WebLogic Apache Oracle connector Transfer-Encoding buffer overflow attempt (server-apache.rules)
 * 1:1478 <-> DISABLED <-> SERVER-WEBAPP Simple Web Counter URI Parameter Buffer Overflow attempt (server-webapp.rules)
 * 1:1485 <-> DISABLED <-> SERVER-IIS mkilog.exe access (server-iis.rules)
 * 1:15472 <-> DISABLED <-> FILE-MULTIMEDIA Multiple MP3 player PLS buffer overflow attempt (file-multimedia.rules)
 * 1:15484 <-> DISABLED <-> PROTOCOL-IMAP CRAM-MD5 authentication method buffer overflow attempt (protocol-imap.rules)
 * 1:15562 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JPX malformed code-block width memory corruption attempt (file-pdf.rules)
 * 1:15896 <-> DISABLED <-> SERVER-OTHER Firebird SQL op_connect_request denial of service attempt (server-other.rules)
 * 1:15939 <-> DISABLED <-> SERVER-OTHER MSN Messenger IRC bot calling home attempt (server-other.rules)
 * 1:16051 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher 2007 conversion library code execution attempt (file-office.rules)
 * 1:16098 <-> DISABLED <-> MALWARE-CNC Win.Trojan.cekar variant outbound connection (malware-cnc.rules)
 * 1:16131 <-> DISABLED <-> MALWARE-OTHER Trackware adclicker trojan zlob.dnz runtime detection - ads (malware-other.rules)
 * 1:16140 <-> DISABLED <-> MALWARE-CNC torpig-mebroot command and control checkin (malware-cnc.rules)
 * 1:16184 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (file-image.rules)
 * 1:16217 <-> DISABLED <-> SERVER-OTHER OpenView Network Node Manager ovalarmsrv opcode 45 integer overflow attempt (server-other.rules)
 * 1:16231 <-> DISABLED <-> FILE-PDF Microsoft Windows kernel-mode drivers core font parsing integer overflow attempt (file-pdf.rules)
 * 1:16271 <-> DISABLED <-> MALWARE-CNC Win.Trojan.TDSS.1.Gen keepalive detection (malware-cnc.rules)
 * 1:16365 <-> DISABLED <-> PUA-ADWARE OnlineGames download attempt (pua-adware.rules)
 * 1:16366 <-> DISABLED <-> OS-WINDOWS Microsoft Windows embedded OpenType font engine LZX decompression buffer overflow attempt (os-windows.rules)
 * 1:16494 <-> DISABLED <-> PUA-ADWARE Cutwail spambot server communication attempt (pua-adware.rules)
 * 1:16498 <-> DISABLED <-> PUA-ADWARE PC Antispyware 2010 FakeAV download/update attempt (pua-adware.rules)
 * 1:16598 <-> DISABLED <-> SERVER-OTHER Green Dam URL handling overflow attempt (server-other.rules)
 * 1:16606 <-> DISABLED <-> SERVER-ORACLE BEA WebLogic Server Plug-ins Certificate overflow attempt (server-oracle.rules)
 * 1:16636 <-> DISABLED <-> OS-WINDOWS Microsoft Windows .NET framework XMLDsig data tampering attempt (os-windows.rules)
 * 1:16638 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt (file-office.rules)
 * 1:16665 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Help Centre escape sequence XSS attempt (os-windows.rules)
 * 1:16688 <-> DISABLED <-> SERVER-OTHER iscsi target format string code execution attempt (server-other.rules)
 * 1:16689 <-> DISABLED <-> SERVER-OTHER Palo Alto Networks Firewall editUser.esp XSS attempt (server-other.rules)
 * 1:16692 <-> DISABLED <-> FILE-MULTIMEDIA PLF playlist name buffer overflow attempt (file-multimedia.rules)
 * 1:16696 <-> DISABLED <-> FILE-OTHER Astonsoft Deepburner db file path buffer overflow attempt (file-other.rules)
 * 1:16726 <-> DISABLED <-> FILE-OTHER gAlan malformed file stack overflow attempt (file-other.rules)
 * 1:16727 <-> DISABLED <-> FILE-OTHER IDEAL Administration IPJ file handling stack overflow attempt (file-other.rules)
 * 1:16731 <-> DISABLED <-> FILE-OTHER ProShow Gold PSH file handling overflow attempt (file-other.rules)
 * 1:16732 <-> DISABLED <-> FILE-OTHER SafeNet SoftRemote multiple policy file local overflow attempt (file-other.rules)
 * 1:16733 <-> DISABLED <-> FILE-OTHER UltraISO CCD file handling overflow attempt (file-other.rules)
 * 1:16736 <-> DISABLED <-> FILE-OTHER VariCAD multiple products DWB file handling overflow attempt (file-other.rules)
 * 1:16737 <-> DISABLED <-> FILE-MULTIMEDIA Xenorate Media Player XPL file handling overflow attempt - 1 (file-multimedia.rules)
 * 1:16738 <-> DISABLED <-> FILE-MULTIMEDIA Xenorate Media Player XPL file handling overflow attempt - 2 (file-multimedia.rules)
 * 1:16751 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player SMB module Win32AddConnection buffer overflow attempt (file-multimedia.rules)
 * 1:16752 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player SMB module Win32AddConnection buffer overflow attempt (file-multimedia.rules)
 * 1:16753 <-> DISABLED <-> SERVER-WEBAPP VideoLAN VLC Media Player SMB module Win32AddConnection buffer overflow attempt (server-webapp.rules)
 * 1:16787 <-> DISABLED <-> FILE-OTHER Symantec multiple products AeXNSConsoleUtilities RunCMD buffer overflow attempt (file-other.rules)
 * 1:17103 <-> DISABLED <-> SERVER-IIS IIS 5.1 alternate data stream authentication bypass attempt (server-iis.rules)
 * 1:17139 <-> DISABLED <-> SERVER-OTHER Symantec Alert Management System HNDLRSVC arbitrary command execution attempt (server-other.rules)
 * 1:17155 <-> DISABLED <-> SERVER-OTHER Multiple vendors OPIE off-by-one stack buffer overflow attempt (server-other.rules)
 * 1:17234 <-> ENABLED <-> MALWARE-CNC VBMania mass mailing worm activity (malware-cnc.rules)
 * 1:17235 <-> ENABLED <-> MALWARE-CNC VBMania mass mailing worm download (malware-cnc.rules)
 * 1:17238 <-> DISABLED <-> FILE-OTHER ACD Systems ACDSee Products XBM file handling buffer overflow attempt (file-other.rules)
 * 1:17250 <-> DISABLED <-> FILE-OFFICE Microsoft Windows WordPad sprmTSetBrc SPRM overflow attempt (file-office.rules)
 * 1:17256 <-> DISABLED <-> OS-WINDOWS Microsoft Windows uniscribe fonts parsing memory corruption attempt (os-windows.rules)
 * 1:17301 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word TextBox sub-document memory corruption attempt (file-office.rules)
 * 1:17308 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word SmartTag record code execution attempt (file-office.rules)
 * 1:17373 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime panorama atoms buffer overflow attempt (file-multimedia.rules)
 * 1:17440 <-> DISABLED <-> SERVER-IIS RSA authentication agent for web redirect buffer overflow attempt (server-iis.rules)
 * 1:17505 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word formatted disk pages table memory corruption attempt (file-office.rules)
 * 1:17506 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word formatted disk pages table memory corruption attempt (file-office.rules)
 * 1:17507 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word formatted disk pages table memory corruption attempt (file-office.rules)
 * 1:17560 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word global array index heap overflow attempt (file-office.rules)
 * 1:17805 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Neeris.BF variant outbound connection (malware-cnc.rules)
 * 1:18102 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader invalid PDF JavaScript printSeps extension call attempt (file-pdf.rules)
 * 1:18222 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder wmerrorenu.dll dll-load exploit attempt (os-windows.rules)
 * 1:18223 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder winietenu.dll dll-load exploit attempt (os-windows.rules)
 * 1:18224 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder asferrorenu.dll dll-load exploit attempt (os-windows.rules)
 * 1:18225 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder wmerrorenu.dll dll-load exploit attempt (os-windows.rules)
 * 1:18226 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder winietenu.dll dll-load exploit attempt (os-windows.rules)
 * 1:18227 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder asferrorenu.dll dll-load exploit attempt (os-windows.rules)
 * 1:18244 <-> DISABLED <-> FILE-JAVA Oracle Java browser plugin docbase overflow attempt (file-java.rules)
 * 1:18247 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious User-Agent ErrCode - W32/Fujacks.htm (malware-cnc.rules)
 * 1:18279 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Karagany.A variant outbound connection (malware-cnc.rules)
 * 1:18281 <-> DISABLED <-> MALWARE-CNC Win.Trojan.VB.njz variant outbound connection (malware-cnc.rules)
 * 1:18311 <-> DISABLED <-> SERVER-WEBAPP Novell iManager getMultiPartParameters arbitrary file upload attempt (server-webapp.rules)
 * 1:18448 <-> DISABLED <-> FILE-PDF Adobe Acrobat Universal 3D stream memory corruption attempt (file-pdf.rules)
 * 1:18451 <-> DISABLED <-> FILE-PDF Adobe Acrobat ICC color integer overflow attempt (file-pdf.rules)
 * 1:18453 <-> DISABLED <-> FILE-PDF Adobe Acrobat universal 3D format memory corruption attempt (file-pdf.rules)
 * 1:18457 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader U3D rgba parsing overflow attempt (file-pdf.rules)
 * 1:18478 <-> DISABLED <-> SERVER-WEBAPP miniBB rss.php premodDir remote file include attempt (server-webapp.rules)
 * 1:18479 <-> DISABLED <-> SERVER-WEBAPP miniBB rss.php pathToFiles remote file include attempt (server-webapp.rules)
 * 1:18488 <-> DISABLED <-> FILE-OTHER Adobe Photoshop wintab32.dll dll-load exploit attempt (file-other.rules)
 * 1:18489 <-> DISABLED <-> FILE-OTHER Adobe Photoshop wintab32.dll dll-load exploit attempt (file-other.rules)
 * 1:18506 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader CCITT stream compression filter invalid image size heap overflow attempt (file-pdf.rules)
 * 1:18507 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader CCITT stream compression filter invalid image size heap overflow attempt (file-pdf.rules)
 * 1:18511 <-> DISABLED <-> SERVER-OTHER Sourcefire Snort packet fragmentation reassembly denial of service attempt (server-other.rules)
 * 1:18524 <-> DISABLED <-> SERVER-OTHER Multiple vendor anti-virus extended ASCII filename scan bypass attempt (server-other.rules)
 * 1:18526 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader shell metacharacter code execution attempt (file-pdf.rules)
 * 1:18527 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader shell metacharacter code execution attempt (file-pdf.rules)
 * 1:18529 <-> DISABLED <-> FILE-OTHER Adobe Premiere Pro ibfs32.dll dll-load exploit attempt (file-other.rules)
 * 1:18530 <-> DISABLED <-> FILE-OTHER Adobe Premier Pro ibfs32.dll dll-load exploit attempt (file-other.rules)
 * 1:18531 <-> DISABLED <-> SERVER-OTHER Multiple Vendors iacenc.dll dll-load exploit attempt (server-other.rules)
 * 1:18532 <-> DISABLED <-> OS-WINDOWS Multiple Vendors iacenc.dll dll-load exploit attempt (os-windows.rules)
 * 1:18535 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word file sprmTSetBrc processing buffer overflow attempt (file-office.rules)
 * 1:18562 <-> DISABLED <-> MALWARE-CNC RogueSoftware.Win32.LivePcCare variant outbound connection (malware-cnc.rules)
 * 1:18575 <-> DISABLED <-> PROTOCOL-FTP Computer Associates eTrust Secure Content Manager LIST stack overflow attempt (protocol-ftp.rules)
 * 1:18577 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.agum variant outbound connection (malware-cnc.rules)
 * 1:18587 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 267 buffer overflow attempt (server-other.rules)
 * 1:18618 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Scar.dpvy/Parkchicers.A/Delf checkin (malware-cnc.rules)
 * 1:18638 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel drawing layer use after free attempt (file-office.rules)
 * 1:18642 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Converter sprmTSplit overflow attempt (file-office.rules)
 * 1:18643 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Converter sprmTTextFflow overflow attempt (file-office.rules)
 * 1:18707 <-> DISABLED <-> MALWARE-CNC RogueSoftware.Win32.ControlCenter variant outbound connection (malware-cnc.rules)
 * 1:18708 <-> DISABLED <-> MALWARE-CNC RogueSoftware.Win32.AntivirusSoft variant outbound connection (malware-cnc.rules)
 * 1:18709 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.aufm variant outbound connection (malware-cnc.rules)
 * 1:18711 <-> DISABLED <-> MALWARE-CNC RogueSoftware.Win32.SecurityCentral variant outbound connection (malware-cnc.rules)
 * 1:18712 <-> DISABLED <-> MALWARE-CNC RogueSoftware.Win32.XJRAntivirus variant outbound connection (malware-cnc.rules)
 * 1:18715 <-> ENABLED <-> MALWARE-CNC Ozdok botnet communication with C&C server (malware-cnc.rules)
 * 1:18716 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.H variant outbound connection (malware-cnc.rules)
 * 1:18717 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.QO variant outbound connection (malware-cnc.rules)
 * 1:18718 <-> DISABLED <-> MALWARE-CNC RogueSoftware.Win32.AdvancedDefender variant outbound connection (malware-cnc.rules)
 * 1:18719 <-> DISABLED <-> MALWARE-CNC Win.Trojan.IRCBot.CBY variant outbound connection (malware-cnc.rules)
 * 1:18720 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Terzib.A variant outbound connection (malware-cnc.rules)
 * 1:18723 <-> DISABLED <-> MALWARE-CNC RogueSoftware.Win32.CleanV variant outbound connection (malware-cnc.rules)
 * 1:18724 <-> DISABLED <-> MALWARE-CNC RogueSoftware.Win32.ZeroClean variant outbound connection (malware-cnc.rules)
 * 1:18739 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Koobface.D variant outbound connection (malware-cnc.rules)
 * 1:18753 <-> DISABLED <-> SERVER-OTHER Zend Server Java Bridge remote code execution attempt (server-other.rules)
 * 1:18764 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager nnmRptConfig.exe multiple parameters buffer overflow attempt (server-webapp.rules)
 * 1:18768 <-> DISABLED <-> SERVER-MAIL Novell GroupWise Internet Agent RRULE parsing buffer overflow attempt (server-mail.rules)
 * 1:18808 <-> DISABLED <-> SERVER-MAIL Ipswitch IMail Server List Mailer Reply-To address buffer overflow attempt (server-mail.rules)
 * 1:18934 <-> ENABLED <-> MALWARE-CNC known command and control channel traffic (Coreflood -- malware-cnc.rules)
 * 1:18936 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - Win.Trojan.FakeAV (malware-cnc.rules)
 * 1:18937 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - Win.Trojan.Krap (malware-cnc.rules)
 * 1:18939 <-> ENABLED <-> MALWARE-CNC known command and control channel traffic (malware-cnc.rules)
 * 1:18940 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - Sality (malware-cnc.rules)
 * 1:18941 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - FakeAV (malware-cnc.rules)
 * 1:18942 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - MacProtector (malware-cnc.rules)
 * 1:18943 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - MacDefender (malware-cnc.rules)
 * 1:18945 <-> DISABLED <-> MALWARE-CNC Virus.Win32.Feberr variant outbound connection (malware-cnc.rules)
 * 1:18946 <-> ENABLED <-> MALWARE-CNC Win.Trojan.IRCBot.FC variant outbound connection (malware-cnc.rules)
 * 1:18947 <-> DISABLED <-> MALWARE-CNC Win.Trojan.IRCBot.FC variant outbound connection (malware-cnc.rules)
 * 1:18952 <-> DISABLED <-> FILE-OTHER Microsoft Windows uniscribe fonts parsing memory corruption attempt (file-other.rules)
 * 1:18976 <-> DISABLED <-> MALWARE-CNC Rogue-Software.AVCare variant outbound connection (malware-cnc.rules)
 * 1:18977 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Proxy variant outbound connection (malware-cnc.rules)
 * 1:18978 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Pasta.aoq variant outbound connection (malware-cnc.rules)
 * 1:18980 <-> DISABLED <-> MALWARE-CNC WinSpywareProtect variant outbound connection (malware-cnc.rules)
 * 1:18981 <-> DISABLED <-> MALWARE-CNC WinSpywareProtect variant outbound connection (malware-cnc.rules)
 * 1:18982 <-> DISABLED <-> MALWARE-CNC WinSpywareProtect variant outbound connection (malware-cnc.rules)
 * 1:18984 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - Win32/Trojanclicker (malware-cnc.rules)
 * 1:18998 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM ovwebsnmpsrv.exe command line argument buffer overflow attempt (server-webapp.rules)
 * 1:19016 <-> ENABLED <-> MALWARE-CNC MacBack Win.Trojan.variant outbound connection (malware-cnc.rules)
 * 1:19017 <-> ENABLED <-> MALWARE-CNC MacBack Win.Trojan.variant outbound connection (malware-cnc.rules)
 * 1:19018 <-> ENABLED <-> MALWARE-CNC MacBack Win.Trojan.variant outbound connection (malware-cnc.rules)
 * 1:19019 <-> ENABLED <-> MALWARE-CNC MacBack Win.Trojan.variant outbound connection (malware-cnc.rules)
 * 1:19021 <-> ENABLED <-> MALWARE-CNC Win.Trojan-Downloader.Win32.FraudLoad.dzm variant outbound connection (malware-cnc.rules)
 * 1:19023 <-> DISABLED <-> MALWARE-CNC IRC.Zapchast.zwrc variant outbound connection (malware-cnc.rules)
 * 1:19024 <-> DISABLED <-> MALWARE-CNC Win.Trojan.StartPage variant outbound connection (malware-cnc.rules)
 * 1:19025 <-> DISABLED <-> MALWARE-CNC Win.Trojan-Banker.Win32.Bancos.etf variant outbound connection (malware-cnc.rules)
 * 1:19027 <-> DISABLED <-> MALWARE-CNC BrowserModifier.Win32.Kerlofost variant outbound connection (malware-cnc.rules)
 * 1:19028 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Mailbot variant outbound connection (malware-cnc.rules)
 * 1:19030 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Uloadis variant outbound connection (malware-cnc.rules)
 * 1:19031 <-> DISABLED <-> MALWARE-CNC iPRIVACY variant outbound connection (malware-cnc.rules)
 * 1:19032 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Cornfemo variant outbound connection (malware-cnc.rules)
 * 1:19033 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Cornfemo variant outbound connection (malware-cnc.rules)
 * 1:19035 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Vilsel.baqb variant outbound connection (malware-cnc.rules)
 * 1:19036 <-> ENABLED <-> MALWARE-CNC Win.Trojan.IRCBrute.I variant outbound connection (malware-cnc.rules)
 * 1:19037 <-> DISABLED <-> MALWARE-CNC Win.Trojan.IRCBrute.I variant outbound connection (malware-cnc.rules)
 * 1:19038 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Jzzer.A variant outbound connection (malware-cnc.rules)
 * 1:19039 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Linkbot.alr variant outbound connection (malware-cnc.rules)
 * 1:19040 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Linkbot.alr variant outbound connection (malware-cnc.rules)
 * 1:19041 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Carberp.C variant outbound connection (malware-cnc.rules)
 * 1:19042 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.ACQE variant outbound connection (malware-cnc.rules)
 * 1:19043 <-> DISABLED <-> PUA-ADWARE RogueSoftware.Win32.BestBoan outbound connection (pua-adware.rules)
 * 1:19044 <-> DISABLED <-> PUA-ADWARE RogueSoftware.Win32.ThinkPoint outbound connection (pua-adware.rules)
 * 1:19045 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Bancos.XQ variant outbound connection (malware-cnc.rules)
 * 1:19046 <-> DISABLED <-> PUA-ADWARE RogueSoftware.Win32.Winwebsec outbound connection (pua-adware.rules)
 * 1:19047 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user agent - RCleanT (malware-cnc.rules)
 * 1:19048 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Darkness variant outbound connection (malware-cnc.rules)
 * 1:19050 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banbra.fxe variant outbound connection (malware-cnc.rules)
 * 1:19052 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Httpbot.qdc variant outbound connection (malware-cnc.rules)
 * 1:19053 <-> ENABLED <-> MALWARE-CNC Worm.Win32.Nusump.A variant outbound connection (malware-cnc.rules)
 * 1:19054 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Sisron.nelo variant outbound connection (malware-cnc.rules)
 * 1:19055 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Gosik.A registration (malware-cnc.rules)
 * 1:19056 <-> ENABLED <-> MALWARE-CNC Win.Trojan.QQFish variant outbound connection (malware-cnc.rules)
 * 1:19057 <-> ENABLED <-> MALWARE-CNC Win.Trojan.QQFish variant outbound connection (malware-cnc.rules)
 * 1:19058 <-> ENABLED <-> MALWARE-CNC Worm.Win32.Faketube update request (malware-cnc.rules)
 * 1:19059 <-> DISABLED <-> PUA-ADWARE RogueSoftware.Win32.SystemDefragmenter outbound connection (pua-adware.rules)
 * 1:19060 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ponmocup.A variant outbound connection (malware-cnc.rules)
 * 1:19061 <-> DISABLED <-> PUA-ADWARE Adware.Win32.Cashtitan contact to server attempt (pua-adware.rules)
 * 1:19062 <-> DISABLED <-> MALWARE-CNC Win.Trojan.FakePlus variant outbound connection (malware-cnc.rules)
 * 1:19105 <-> DISABLED <-> SERVER-OTHER HP Data Protector Manager MMD service buffer overflow attempt (server-other.rules)
 * 1:19138 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM getnnmdata.exe CGI hostname parameter buffer overflow attempt (server-webapp.rules)
 * 1:19164 <-> ENABLED <-> MALWARE-CNC Win.Trojan.SpyEye variant outbound connection (malware-cnc.rules)
 * 1:19206 <-> DISABLED <-> SERVER-OTHER IBM DB2 Universal Database receiveDASMessage buffer overflow attempt (server-other.rules)
 * 1:19225 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SerAuxTrend biff record corruption attempt (file-office.rules)
 * 1:19309 <-> DISABLED <-> PUA-ADWARE hijacker starware videos outbound connection (pua-adware.rules)
 * 1:19310 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Gen3 variant outbound connection (malware-cnc.rules)
 * 1:19312 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.aah variant outbound connection (malware-cnc.rules)
 * 1:19328 <-> ENABLED <-> MALWARE-CNC PointGuide variant outbound connection (malware-cnc.rules)
 * 1:19329 <-> DISABLED <-> MALWARE-CNC Faceback.exe variant outbound connection (malware-cnc.rules)
 * 1:19330 <-> DISABLED <-> MALWARE-CNC Adclicker Win.Trojan.Zlob.dnz variant outbound connection (malware-cnc.rules)
 * 1:19331 <-> DISABLED <-> MALWARE-CNC Adclicker Win.Trojan.Zlob.dnz variant outbound connection (malware-cnc.rules)
 * 1:19332 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Clampi variant outbound connection (malware-cnc.rules)
 * 1:19339 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Dropper Win.Trojan.Agent.alda variant outbound connection (malware-cnc.rules)
 * 1:19340 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Fakeav TREAntivirus variant outbound connection (malware-cnc.rules)
 * 1:19341 <-> DISABLED <-> MALWARE-CNC Worm MSIL.AiO.a variant outbound connection (malware-cnc.rules)
 * 1:19342 <-> DISABLED <-> MALWARE-CNC Adware Professional variant outbound connection (malware-cnc.rules)
 * 1:19343 <-> DISABLED <-> MALWARE-CNC Adware Pro variant outbound connection (malware-cnc.rules)
 * 1:19344 <-> DISABLED <-> MALWARE-CNC AntiMalware Pro variant outbound connection (malware-cnc.rules)
 * 1:19345 <-> DISABLED <-> MALWARE-CNC REAnti variant outbound connection (malware-cnc.rules)
 * 1:19346 <-> DISABLED <-> MALWARE-CNC Additional Guard variant outbound connection (malware-cnc.rules)
 * 1:19348 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Downloader Win.Trojan.FraudLoad.emq variant outbound connection (malware-cnc.rules)
 * 1:19349 <-> DISABLED <-> MALWARE-CNC Fakeav Vaccineclear variant outbound connection (malware-cnc.rules)
 * 1:19351 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Clicker Win.Trojan.Hatigh.C variant outbound connection (malware-cnc.rules)
 * 1:19352 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Small.D variant outbound connection (malware-cnc.rules)
 * 1:19353 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Banker.bkhu variant outbound connection (malware-cnc.rules)
 * 1:19357 <-> ENABLED <-> MALWARE-CNC Win.Worm.Sohanad.ila variant outbound connection (malware-cnc.rules)
 * 1:19358 <-> ENABLED <-> MALWARE-CNC Win.Trojan.XYTvn.A variant outbound connection (malware-cnc.rules)
 * 1:19359 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dcbavict.A variant outbound connection (malware-cnc.rules)
 * 1:19360 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dcbavict.A variant outbound connection (malware-cnc.rules)
 * 1:19361 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dcbavict.A variant outbound connection (malware-cnc.rules)
 * 1:19363 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dorkbot.B variant outbound connection (malware-cnc.rules)
 * 1:19366 <-> DISABLED <-> MALWARE-CNC Win.Trojan.HXWAN.A variant outbound connection (malware-cnc.rules)
 * 1:19367 <-> DISABLED <-> MALWARE-CNC Win.Worm.Vaubeg.A variant outbound connection (malware-cnc.rules)
 * 1:19368 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Carberp.D variant outbound connection (malware-cnc.rules)
 * 1:19369 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Carberp.D variant outbound connection (malware-cnc.rules)
 * 1:19370 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Carberp.D variant outbound connection (malware-cnc.rules)
 * 1:19371 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.IC variant outbound connection (malware-cnc.rules)
 * 1:19372 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string javasw - Trojan.Banload (malware-cnc.rules)
 * 1:19391 <-> DISABLED <-> PUA-ADWARE Lost Door v3.0 (pua-adware.rules)
 * 1:19392 <-> ENABLED <-> MALWARE-OTHER Keylogger Monitor.win32.perflogger (malware-other.rules)
 * 1:19393 <-> DISABLED <-> MALWARE-OTHER Keylogger Monitor.win32.perflogger (malware-other.rules)
 * 1:19394 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Tidserv variant outbound connection (malware-cnc.rules)
 * 1:19395 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader Win.Trojan.Monkif.J inbound connection - dest ip infected (malware-cnc.rules)
 * 1:19396 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Beastdoor.b variant outbound connection (malware-cnc.rules)
 * 1:19397 <-> DISABLED <-> MALWARE-CNC Win.Trojan.UltimateDefender.xv variant outbound connection (malware-cnc.rules)
 * 1:19398 <-> DISABLED <-> MALWARE-CNC Win.Trojan.BAT.Shutdown.ef variant outbound connection (malware-cnc.rules)
 * 1:19399 <-> DISABLED <-> MALWARE-CNC Email Worm Win32.Zhelatin.ch variant outbound connection (malware-cnc.rules)
 * 1:19400 <-> DISABLED <-> MALWARE-CNC Win.Worm.Sddrop.D variant outbound connection (malware-cnc.rules)
 * 1:19401 <-> DISABLED <-> MALWARE-CNC Win.Worm.Sddrop.D variant outbound connection (malware-cnc.rules)
 * 1:19402 <-> DISABLED <-> MALWARE-CNC P2P Worm.Win32.Malas.r variant outbound connection (malware-cnc.rules)
 * 1:19404 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ozdok variant outbound connection (malware-cnc.rules)
 * 1:19426 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader Win.Trojan.Crypter.i variant outbound connection (malware-cnc.rules)
 * 1:19427 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.amjz variant outbound connection (malware-cnc.rules)
 * 1:19428 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader Win.Trojan.Adload.BG variant outbound connection (malware-cnc.rules)
 * 1:19429 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Proxy Win.Trojan.Dosenjo.C variant outbound connection (malware-cnc.rules)
 * 1:19433 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Fujacks.aw variant outbound connection (malware-cnc.rules)
 * 1:19434 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string ErrCode (malware-cnc.rules)
 * 1:19435 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Litmus.203 variant outbound connection (malware-cnc.rules)
 * 1:19453 <-> DISABLED <-> PUA-ADWARE Sus.BancDI-B trojan outbound connection (pua-adware.rules)
 * 1:19454 <-> DISABLED <-> MALWARE-CNC Win.Trojan.PWS.Win32.QQPass.IK variant outbound connection (malware-cnc.rules)
 * 1:19456 <-> DISABLED <-> MALWARE-CNC Packed.Win32.Klone.bj variant outbound connection (malware-cnc.rules)
 * 1:19457 <-> DISABLED <-> MALWARE-CNC Trojan-Clicker.Win32.Vesloruki.ajb variant outbound connection (malware-cnc.rules)
 * 1:19458 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word sprmCMajority record buffer overflow attempt (file-office.rules)
 * 1:19459 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word sprmCMajority record buffer overflow attempt (file-office.rules)
 * 1:19476 <-> DISABLED <-> MALWARE-CNC Exploit.Win32.SqlShell.r variant outbound connection (malware-cnc.rules)
 * 1:19477 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Krap.af variant outbound connection (malware-cnc.rules)
 * 1:19478 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Taterf.B variant outbound connection (malware-cnc.rules)
 * 1:19479 <-> DISABLED <-> MALWARE-CNC Net-Worm.Win32.Piloyd.m variant outbound connection - request html (malware-cnc.rules)
 * 1:19480 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string STORMDDOS - Backdoor.Win32.Inject.ctt (malware-cnc.rules)
 * 1:19481 <-> DISABLED <-> MALWARE-CNC Email-Worm.Win32.Agent.bx variant outbound connection (malware-cnc.rules)
 * 1:19482 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string ErrorFix (malware-cnc.rules)
 * 1:19483 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Reload.fy variant outbound connection (malware-cnc.rules)
 * 1:19485 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user agent - RAV1 (malware-cnc.rules)
 * 1:19486 <-> DISABLED <-> PUA-ADWARE W32.Fiala.A outbound connection (pua-adware.rules)
 * 1:19487 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.kih variant outbound connection (malware-cnc.rules)
 * 1:19488 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Failnum.A variant outbound connection (malware-cnc.rules)
 * 1:19489 <-> DISABLED <-> MALWARE-CNC Win.Trojan.DeAlfa.fa variant outbound connection (malware-cnc.rules)
 * 1:19490 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Koceg.B variant outbound connection (malware-cnc.rules)
 * 1:19491 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader Win.Trojan.Genome.vau variant outbound connection (malware-cnc.rules)
 * 1:19492 <-> DISABLED <-> MALWARE-CNC Windows System Defender variant outbound connection (malware-cnc.rules)
 * 1:19493 <-> ENABLED <-> MALWARE-CNC URI request for known malicious uri config.ini on 3322.org domain (malware-cnc.rules)
 * 1:19494 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Licum variant outbound connection (malware-cnc.rules)
 * 1:19495 <-> DISABLED <-> MALWARE-CNC Win.Worm.Pilleuz variant outbound connection (malware-cnc.rules)
 * 1:19554 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Fakeav Antivirus Xp Pro variant outbound connection (malware-cnc.rules)
 * 1:19555 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Small variant outbound connection (malware-cnc.rules)
 * 1:19556 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Homa variant outbound connection (malware-cnc.rules)
 * 1:19557 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Shark.ag variant outbound connection (malware-cnc.rules)
 * 1:19566 <-> DISABLED <-> PUA-ADWARE W32.Ackantta.C.mm mass-mailer outbound connection (pua-adware.rules)
 * 1:19567 <-> DISABLED <-> PUA-ADWARE W32.Ackantta.C.mm mass-mailer outbound connection (pua-adware.rules)
 * 1:19568 <-> DISABLED <-> MALWARE-CNC Trojan-Spy.Win32.PerfectKeylogger variant outbound connection (malware-cnc.rules)
 * 1:19569 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Perkesh variant outbound connection (malware-cnc.rules)
 * 1:19570 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user agent - ie 11.0 sp6 (malware-cnc.rules)
 * 1:19571 <-> DISABLED <-> PUA-ADWARE Antivirus Agent Pro outbound connection (pua-adware.rules)
 * 1:19572 <-> DISABLED <-> MALWARE-CNC Win.Trojan.FFSearch variant outbound connection (malware-cnc.rules)
 * 1:19573 <-> DISABLED <-> MALWARE-CNC Win.Worm.Chiviper.C variant outbound connection (malware-cnc.rules)
 * 1:19574 <-> DISABLED <-> MALWARE-CNC Win.Worm.Chiviper.C variant outbound connection (malware-cnc.rules)
 * 1:19575 <-> DISABLED <-> MALWARE-CNC Win.Worm.Emold.U variant outbound connection (malware-cnc.rules)
 * 1:19576 <-> DISABLED <-> PUA-ADWARE Antivirus Pro 2010 outbound connection (pua-adware.rules)
 * 1:19577 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dropper Win.Trojan.Dogrobot.E variant outbound connection (malware-cnc.rules)
 * 1:19578 <-> DISABLED <-> PUA-ADWARE Personal Guard 2009 outbound connection (pua-adware.rules)
 * 1:19579 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Potao.A variant outbound connection (malware-cnc.rules)
 * 1:19580 <-> DISABLED <-> MALWARE-CNC Win.Worm.Basun.wsc inbound connection (malware-cnc.rules)
 * 1:19581 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Apher.gpd variant outbound connection (malware-cnc.rules)
 * 1:19582 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Apher.gpd variant outbound connection (malware-cnc.rules)
 * 1:19583 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Bumat.rts variant outbound connection (malware-cnc.rules)
 * 1:19584 <-> DISABLED <-> MALWARE-CNC Win.Worm.Dref.C variant outbound connection (malware-cnc.rules)
 * 1:19585 <-> DISABLED <-> MALWARE-CNC Win.Worm.Dref.C variant outbound connection - notification (malware-cnc.rules)
 * 1:19586 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Clicker Win.Trojan.Agent.dlg variant outbound connection (malware-cnc.rules)
 * 1:19587 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Sereki.B variant outbound connection (malware-cnc.rules)
 * 1:19588 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Sereki.B successful connection (malware-cnc.rules)
 * 1:19589 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious User-Agent string MacProtector (malware-cnc.rules)
 * 1:19590 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Savnut.B variant outbound connection (malware-cnc.rules)
 * 1:19591 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Powp.pyv variant outbound connection (malware-cnc.rules)
 * 1:19592 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent variant outbound connection (malware-cnc.rules)
 * 1:19593 <-> DISABLED <-> MALWARE-CNC Win.Worm.Agent.btxm variant outbound connection IRC (malware-cnc.rules)
 * 1:19594 <-> DISABLED <-> PUA-ADWARE Win32.Fruspam outbound connection (pua-adware.rules)
 * 1:19595 <-> DISABLED <-> MALWARE-OTHER known malicious email string - You have received a Hallmark E-Card (malware-other.rules)
 * 1:19596 <-> DISABLED <-> MALWARE-CNC Poison Ivy variant outbound connection (malware-cnc.rules)
 * 1:19597 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.cws variant outbound connection (malware-cnc.rules)
 * 1:19598 <-> DISABLED <-> PUA-ADWARE Infostealer.Gampass outbound connection (pua-adware.rules)
 * 1:19608 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Wisscmd.A variant outbound connection (malware-cnc.rules)
 * 1:19611 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious User-Agent string INet - Win32.Virus.Jusabli.A (malware-cnc.rules)
 * 1:19612 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Banload.bvk variant outbound connection (malware-cnc.rules)
 * 1:19613 <-> DISABLED <-> MALWARE-CNC Rogue Software Registry Cleaner Pro variant outbound connection (malware-cnc.rules)
 * 1:19614 <-> ENABLED <-> MALWARE-CNC Win.Trojan.IRCBot.kkr variant outbound connection (malware-cnc.rules)
 * 1:19615 <-> DISABLED <-> MALWARE-CNC Win.Trojan.IRCBot.kkr variant outbound connection (malware-cnc.rules)
 * 1:19616 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.Win32.Banbra.mcq variant outbound connection (malware-cnc.rules)
 * 1:19622 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - pte.aspx?ver= (malware-cnc.rules)
 * 1:19623 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - vic.aspx?ver= (malware-cnc.rules)
 * 1:19625 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - .sys.php?getexe= (malware-cnc.rules)
 * 1:19626 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - /setup_b.asp?prj= (malware-cnc.rules)
 * 1:19627 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - /r_autoidcnt.asp?mer_seq= (malware-cnc.rules)
 * 1:19628 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - /1cup/script.php (malware-cnc.rules)
 * 1:19631 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - AnSSip= (malware-cnc.rules)
 * 1:19632 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - /VertexNet/adduser.php?uid= (malware-cnc.rules)
 * 1:19633 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - /VertexNet/tasks.php?uid= (malware-cnc.rules)
 * 1:19635 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - /app/?prj= (malware-cnc.rules)
 * 1:19636 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - /blog/images/3521.jpg?v (malware-cnc.rules)
 * 1:19637 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - /install.asp?mac= (malware-cnc.rules)
 * 1:19638 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - /kx4.txt (malware-cnc.rules)
 * 1:19652 <-> DISABLED <-> MALWARE-CNC Teevsock C variant outbound connection (malware-cnc.rules)
 * 1:19654 <-> DISABLED <-> MALWARE-CNC Trojan-Spy.Win32.Zbot.wti variant outbound connection (malware-cnc.rules)
 * 1:19655 <-> DISABLED <-> MALWARE-CNC Trojan-Dropper.Agent.IK variant outbound connection (malware-cnc.rules)
 * 1:19656 <-> DISABLED <-> MALWARE-CNC Trojan-Dropper.Win32.Peace.lh variant outbound connection (malware-cnc.rules)
 * 1:19657 <-> ENABLED <-> MALWARE-CNC Win.Trojan.FakeAV variant traffic (malware-cnc.rules)
 * 1:19658 <-> ENABLED <-> MALWARE-CNC Win.Trojan.MCnovogic.A variant outbound connection (malware-cnc.rules)
 * 1:19659 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Soleseq.A variant outbound connection (malware-cnc.rules)
 * 1:19660 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Riern.K variant outbound connection (malware-cnc.rules)
 * 1:19695 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.VB.nec variant outbound connection (malware-cnc.rules)
 * 1:19696 <-> DISABLED <-> MALWARE-CNC Win.Trojan.SdBot.nng inbound connection (malware-cnc.rules)
 * 1:19697 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Spy.Win32.VB.btm variant outbound connection (malware-cnc.rules)
 * 1:19698 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Prosti.AG variant outbound connection (malware-cnc.rules)
 * 1:19699 <-> DISABLED <-> MALWARE-CNC TrojanDownloader.Win32.Korklic.A variant outbound connection (malware-cnc.rules)
 * 1:19700 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.tnr variant outbound connection (malware-cnc.rules)
 * 1:19701 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Hassar.A variant outbound connection (malware-cnc.rules)
 * 1:19702 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Zboter.E variant outbound connection (malware-cnc.rules)
 * 1:19703 <-> ENABLED <-> MALWARE-CNC Win.Worm.Dusta.br outbound connnection (malware-cnc.rules)
 * 1:19704 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Agent.grdm variant outbound connection (malware-cnc.rules)
 * 1:19705 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Agent.grdm variant outbound connection (malware-cnc.rules)
 * 1:19706 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Agent.cer variant outbound connection (malware-cnc.rules)
 * 1:19711 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Jorik variant outbound connection (malware-cnc.rules)
 * 1:19712 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Downloader variant outbound connection (malware-cnc.rules)
 * 1:19715 <-> DISABLED <-> MALWARE-CNC Win.Trojan.URLZone variant outbound connection (malware-cnc.rules)
 * 1:19716 <-> DISABLED <-> MALWARE-CNC TrojanSpy.Win32.Banker.OO variant outbound connection (malware-cnc.rules)
 * 1:19717 <-> DISABLED <-> PUA-ADWARE Virus.Win32.Virut.ce outbound connection (pua-adware.rules)
 * 1:19718 <-> DISABLED <-> MALWARE-CNC Trojan-Downloader.Win32.Agent.bkap variant outbound connection (malware-cnc.rules)
 * 1:19719 <-> DISABLED <-> MALWARE-CNC Email-Worm.Win32.Bagle.of variant outbound connection (malware-cnc.rules)
 * 1:19720 <-> DISABLED <-> MALWARE-CNC Trojan-Downloader.Win32.Onestage.ws variant outbound connection (malware-cnc.rules)
 * 1:19721 <-> DISABLED <-> MALWARE-CNC Win.Trojan.IRCBot.mlh variant outbound connection (malware-cnc.rules)
 * 1:19722 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Poshtroper variant outbound connection (malware-cnc.rules)
 * 1:19723 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Pherbot variant outbound connection (malware-cnc.rules)
 * 1:19724 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent variant outbound connection (malware-cnc.rules)
 * 1:19725 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Poison variant outbound connection (malware-cnc.rules)
 * 1:19726 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Poison variant outbound connection (malware-cnc.rules)
 * 1:19727 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Bancos.DI variant outbound connection (malware-cnc.rules)
 * 1:19728 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Yayih variant outbound connection (malware-cnc.rules)
 * 1:19729 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Yayih variant outbound connection (malware-cnc.rules)
 * 1:19730 <-> ENABLED <-> MALWARE-CNC Win.Trojan.KukuBot variant outbound connection (malware-cnc.rules)
 * 1:19731 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Darkwebot variant outbound connection (malware-cnc.rules)
 * 1:19732 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Idicaf variant outbound connection (malware-cnc.rules)
 * 1:19733 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Jorik.BRU variant outbound connection (malware-cnc.rules)
 * 1:19739 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Apptom variant outbound connection (malware-cnc.rules)
 * 1:19740 <-> DISABLED <-> MALWARE-CNC Worm.Win32.AutoRun.aczu variant outbound connection (malware-cnc.rules)
 * 1:19741 <-> DISABLED <-> MALWARE-OTHER PWS.Win32.Scofted keylogger runtime detection (malware-other.rules)
 * 1:19742 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.atff variant outbound connection (malware-cnc.rules)
 * 1:19743 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Hupigon.eqlo variant outbound connection (malware-cnc.rules)
 * 1:19744 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Deecee.a variant outbound connection (malware-cnc.rules)
 * 1:19745 <-> DISABLED <-> MALWARE-CNC Win.Trojan.FraudLoad.dyl variant outbound connection (malware-cnc.rules)
 * 1:19746 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.biiw variant outbound connection (malware-cnc.rules)
 * 1:19747 <-> ENABLED <-> MALWARE-BACKDOOR Win.Trojan.GGDoor.22 variant outbound connection (malware-backdoor.rules)
 * 1:19748 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Crypt.ULPM.Gen IRC variant outbound connection (malware-cnc.rules)
 * 1:19749 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.chgp variant outbound connection (malware-cnc.rules)
 * 1:19750 <-> DISABLED <-> MALWARE-CNC PWS.Win32.Zbot.PJ variant outbound connection (malware-cnc.rules)
 * 1:19751 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Sohanad.bm variant outbound connection (malware-cnc.rules)
 * 1:19752 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader variant outbound connection (malware-cnc.rules)
 * 1:19753 <-> DISABLED <-> MALWARE-CNC Win.Trojan.TrojanSpy.Win32.Zbot.gen.C variant outbound connection (malware-cnc.rules)
 * 1:19754 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Delf.RGL variant outbound connection (malware-cnc.rules)
 * 1:19755 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Alphabet variant outbound connection (malware-cnc.rules)
 * 1:19756 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string Opera/8.89 - P2P-Worm.Win32.Palevo.ddm (malware-cnc.rules)
 * 1:19757 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.bqlu variant outbound connection (malware-cnc.rules)
 * 1:19758 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Small.yw variant outbound connection (malware-cnc.rules)
 * 1:19759 <-> DISABLED <-> MALWARE-CNC Trojan-PSW.Win32.FireThief.h variant outbound connection (malware-cnc.rules)
 * 1:19760 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Arsinfoder variant outbound connection (malware-cnc.rules)
 * 1:19761 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Ftpharvxqq variant outbound connection (malware-cnc.rules)
 * 1:19762 <-> DISABLED <-> MALWARE-CNC Win.Trojan.RDPdoor.AE variant outbound connection (malware-cnc.rules)
 * 1:19763 <-> DISABLED <-> MALWARE-CNC Win.Trojan.RDPdoor.AE variant outbound connection (malware-cnc.rules)
 * 1:19764 <-> DISABLED <-> MALWARE-CNC Win.Trojan.RDPdoor.AE variant outbound connection (malware-cnc.rules)
 * 1:19765 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Banker variant outbound connection (malware-cnc.rules)
 * 1:19766 <-> DISABLED <-> MALWARE-CNC Win.Worm.Autorun variant outbound connection (malware-cnc.rules)
 * 1:19767 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Msposer.A variant outbound connection (malware-cnc.rules)
 * 1:19769 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Yoddos outbound indicator (malware-cnc.rules)
 * 1:19770 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Yoddos variant outbound connection (malware-cnc.rules)
 * 1:19771 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Yoddos variant outbound connection (malware-cnc.rules)
 * 1:19772 <-> ENABLED <-> MALWARE-CNC Virus.Win32.Parite.B variant outbound connection (malware-cnc.rules)
 * 1:19773 <-> DISABLED <-> MALWARE-CNC Virus.Win32.Parite.B variant outbound connection (malware-cnc.rules)
 * 1:19774 <-> DISABLED <-> MALWARE-CNC Gen-Trojan.Heur variant outbound connection (malware-cnc.rules)
 * 1:19775 <-> DISABLED <-> PUA-ADWARE PWS.Win32.Ldpinch.gen outbound connection (pua-adware.rules)
 * 1:19776 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent2.guy dropper variant outbound connection (malware-cnc.rules)
 * 1:19777 <-> DISABLED <-> PUA-ADWARE Fast Antivirus 2009 outbound connection (pua-adware.rules)
 * 1:19781 <-> DISABLED <-> MALWARE-CNC Trojan-Dropper.Win32.Agent.aqpn variant outbound connection (malware-cnc.rules)
 * 1:19782 <-> DISABLED <-> MALWARE-CNC Win.Trojan.AVKill.bc variant outbound connection (malware-cnc.rules)
 * 1:19783 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload.agcw variant outbound connection (malware-cnc.rules)
 * 1:19784 <-> DISABLED <-> MALWARE-CNC Worm.Win32.AutoRun.sde variant outbound connection (malware-cnc.rules)
 * 1:19785 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Malushka.T variant outbound connection (malware-cnc.rules)
 * 1:19786 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user agent - Mozilla (malware-cnc.rules)
 * 1:19787 <-> DISABLED <-> MALWARE-CNC Exploit-PDF.t variant outbound connection (malware-cnc.rules)
 * 1:19788 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.VB.pnc variant outbound connection (malware-cnc.rules)
 * 1:19789 <-> ENABLED <-> MALWARE-CNC P2P Worm Win.Trojan.SpyBot.pgh variant outbound connection (malware-cnc.rules)
 * 1:19790 <-> DISABLED <-> MALWARE-CNC P2P Worm Win.Trojan.SpyBot.pgh variant outbound connection (malware-cnc.rules)
 * 1:19791 <-> DISABLED <-> MALWARE-CNC Trojan-Dropper.Win32.Small.awa variant outbound connection (malware-cnc.rules)
 * 1:19792 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader Win.Trojan.Caxnet.A variant outbound connection (malware-cnc.rules)
 * 1:19793 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader Win.Trojan.SillyFDC-DS variant outbound connection (malware-cnc.rules)
 * 1:19794 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Fnumbot variant outbound connection (malware-cnc.rules)
 * 1:19795 <-> DISABLED <-> MALWARE-CNC Win.Trojan.FakeAV NoAdware variant outbound connection (malware-cnc.rules)
 * 1:19796 <-> DISABLED <-> MALWARE-CNC Win.Trojan.DL.CashnJoy.A variant outbound connection (malware-cnc.rules)
 * 1:19797 <-> DISABLED <-> MALWARE-CNC Safety Center variant outbound connection (malware-cnc.rules)
 * 1:19798 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent2.kxu variant outbound connection (malware-cnc.rules)
 * 1:19799 <-> DISABLED <-> MALWARE-CNC PWS.Win32.Zbot.gen.Q variant outbound connection (malware-cnc.rules)
 * 1:19800 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Pher.ij variant outbound connection (malware-cnc.rules)
 * 1:19801 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Tracur variant outbound connection (malware-cnc.rules)
 * 1:19802 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Wixud.B variant outbound connection (malware-cnc.rules)
 * 1:19803 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Renos.FH variant outbound connection (malware-cnc.rules)
 * 1:19804 <-> DISABLED <-> MALWARE-CNC Win.Trojan.VB.ktq variant outbound connection (malware-cnc.rules)
 * 1:19805 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Smser.cx variant outbound connection (malware-cnc.rules)
 * 1:19819 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ertfor.A variant outbound connection (malware-cnc.rules)
 * 1:19820 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ertfor.A variant outbound connection (malware-cnc.rules)
 * 1:19821 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Bagle.gen.C variant outbound connection (malware-cnc.rules)
 * 1:19822 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload.HH variant outbound connection (malware-cnc.rules)
 * 1:19823 <-> DISABLED <-> PUA-ADWARE Downloader.Banload.AKBB outbound connection (pua-adware.rules)
 * 1:19824 <-> DISABLED <-> MALWARE-CNC Gen-Trojan.Heur variant outbound connection (malware-cnc.rules)
 * 1:19825 <-> DISABLED <-> SERVER-APACHE Apache Killer denial of service tool exploit attempt (server-apache.rules)
 * 1:19827 <-> DISABLED <-> PUA-ADWARE PWS-QQGame outbound connection (pua-adware.rules)
 * 1:19828 <-> DISABLED <-> MALWARE-CNC Win.Trojan.SpyAgent.B variant outbound connection (malware-cnc.rules)
 * 1:19829 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Rbot.gen variant outbound connection (malware-cnc.rules)
 * 1:19830 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Poebot.BP variant outbound connection (malware-cnc.rules)
 * 1:19831 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zbot.SO variant outbound connection (malware-cnc.rules)
 * 1:19832 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Veslorn.gen.A variant outbound connection (malware-cnc.rules)
 * 1:19833 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload.bda variant outbound connection (malware-cnc.rules)
 * 1:19834 <-> DISABLED <-> MALWARE-CNC Win.Trojan.ZBot.RD variant outbound connection (malware-cnc.rules)
 * 1:19835 <-> DISABLED <-> PUA-ADWARE Delphi-Piette Windows (pua-adware.rules)
 * 1:19836 <-> DISABLED <-> MALWARE-CNC Spy-Net 0.7 runtime (malware-cnc.rules)
 * 1:19837 <-> DISABLED <-> PUA-ADWARE Spyware Guard 2008 outbound connection (pua-adware.rules)
 * 1:19838 <-> DISABLED <-> PUA-ADWARE Spyware Guard 2008 outbound connection (pua-adware.rules)
 * 1:19839 <-> DISABLED <-> PUA-ADWARE Antivirus XP 2008 runtime detection (pua-adware.rules)
 * 1:19840 <-> DISABLED <-> PUA-ADWARE XP Antispyware 2009 outbound connection (pua-adware.rules)
 * 1:19841 <-> DISABLED <-> PUA-ADWARE 0desa MSN password stealer (pua-adware.rules)
 * 1:19842 <-> DISABLED <-> PUA-ADWARE Windows Antivirus 2008 (pua-adware.rules)
 * 1:19843 <-> DISABLED <-> PUA-ADWARE Windows Antivirus 2008 (pua-adware.rules)
 * 1:19848 <-> DISABLED <-> PUA-ADWARE Adware.Virtumonde runtime detection (pua-adware.rules)
 * 1:19849 <-> DISABLED <-> PUA-ADWARE Adware.Virtumonde runtime detection (pua-adware.rules)
 * 1:19850 <-> DISABLED <-> MALWARE-CNC Worm.Win32.AutoRun.qgg variant outbound connection (malware-cnc.rules)
 * 1:19851 <-> DISABLED <-> MALWARE-CNC Worm.Win32.AutoRun.qgg variant outbound connection (malware-cnc.rules)
 * 1:19852 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Delf.tbv variant outbound connection (malware-cnc.rules)
 * 1:19853 <-> DISABLED <-> PUA-ADWARE Wowpa KI outbound connection (pua-adware.rules)
 * 1:19856 <-> DISABLED <-> MALWARE-CNC Packed.Win32.Krap.i variant outbound connection (malware-cnc.rules)
 * 1:19857 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Hupigon.hhbd variant outbound connection - Windows (malware-cnc.rules)
 * 1:19858 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Hupigon.hhbd variant outbound connection - non-Windows (malware-cnc.rules)
 * 1:19859 <-> DISABLED <-> PUA-ADWARE XP Deluxe Protector outbound connection (pua-adware.rules)
 * 1:19860 <-> DISABLED <-> PUA-ADWARE Trust Warrior outbound connection (pua-adware.rules)
 * 1:19861 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.cqcv variant outbound connection (malware-cnc.rules)
 * 1:19862 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Scar.iej variant outbound connection (malware-cnc.rules)
 * 1:19863 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Httpbot.yi variant outbound connection (malware-cnc.rules)
 * 1:19864 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Nvbpass variant outbound connection (malware-cnc.rules)
 * 1:19865 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Arhost.D variant outbound connection (malware-cnc.rules)
 * 1:19895 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Delf.jwh variant outbound connection (malware-cnc.rules)
 * 1:19896 <-> DISABLED <-> PUA-ADWARE Adware.Win32.Frosty Goes Skiing Screen Saver 2.2 Install Detection (pua-adware.rules)
 * 1:19897 <-> DISABLED <-> PUA-TOOLBARS Adware.Win32.Frosty Goes Skiing Screen Saver 2.2 Runtime Detection (pua-toolbars.rules)
 * 1:19898 <-> DISABLED <-> MALWARE-CNC Cinmus Variant variant outbound connection (malware-cnc.rules)
 * 1:19899 <-> ENABLED <-> MALWARE-OTHER Tong Keylogger outbound connectiooutbound connection (malware-other.rules)
 * 1:19900 <-> DISABLED <-> MALWARE-OTHER Tong Keylogger outbound connection (malware-other.rules)
 * 1:19901 <-> DISABLED <-> MALWARE-OTHER Tong Keylogger outbound connection (malware-other.rules)
 * 1:19902 <-> DISABLED <-> PUA-ADWARE Targetedbanner.biz Adrotator outbound connection (pua-adware.rules)
 * 1:19903 <-> DISABLED <-> PUA-ADWARE Win32.Agent.vvm outbound connection (pua-adware.rules)
 * 1:19904 <-> DISABLED <-> PUA-ADWARE WinReanimator outbound connection (pua-adware.rules)
 * 1:19905 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Small.jog variant outbound connection (malware-cnc.rules)
 * 1:19906 <-> DISABLED <-> PUA-TOOLBARS 6SQ Toolbar runtime detection (pua-toolbars.rules)
 * 1:19912 <-> ENABLED <-> MALWARE-CNC Win.Trojan.DelfInject.gen!X variant outbound connection (malware-cnc.rules)
 * 1:19913 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - optima/index.php (malware-cnc.rules)
 * 1:19914 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Quivoe.A variant outbound connection (malware-cnc.rules)
 * 1:19915 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Gnutler.apd variant outbound connection (malware-cnc.rules)
 * 1:19916 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Bancos.ACB variant outbound connection (malware-cnc.rules)
 * 1:19917 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Sogu.A variant outbound connection (malware-cnc.rules)
 * 1:19918 <-> DISABLED <-> MALWARE-CNC Win.Worm.Ganelp.B variant outbound connection (malware-cnc.rules)
 * 1:19919 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Murcy.A variant outbound connection (malware-cnc.rules)
 * 1:19920 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Reppserv.A outbond connection (malware-cnc.rules)
 * 1:19921 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Puprlehzae.A variant outbound connection (malware-cnc.rules)
 * 1:19922 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Shiz.ivr variant outbound connection (malware-cnc.rules)
 * 1:19923 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Venik.B variant outbound connection (malware-cnc.rules)
 * 1:19924 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Spidern.A variant outbound connection (malware-cnc.rules)
 * 1:19927 <-> DISABLED <-> MALWARE-BACKDOOR BRX Rat 0.02 inbound connection (malware-backdoor.rules)
 * 1:19928 <-> DISABLED <-> MALWARE-BACKDOOR BRX Rat 0.02 inbound connection (malware-backdoor.rules)
 * 1:19929 <-> DISABLED <-> MALWARE-BACKDOOR BRX Rat 0.02 inbound connection (malware-backdoor.rules)
 * 1:19930 <-> DISABLED <-> MALWARE-BACKDOOR BRX Rat 0.02 inbound connection (malware-backdoor.rules)
 * 1:19931 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Lineage.Gen.Pac.3 variant outbound connection (malware-cnc.rules)
 * 1:19934 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string MYURL (malware-cnc.rules)
 * 1:19935 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dropper Win.Trojan.Delf.aba variant outbound connection (malware-cnc.rules)
 * 1:19936 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dropper Win.Trojan.Delf.aba variant outbound connection (malware-cnc.rules)
 * 1:19939 <-> DISABLED <-> PUA-ADWARE WeatherStudio outbound connection (pua-adware.rules)
 * 1:19940 <-> DISABLED <-> MALWARE-CNC Trojan-Dropper.IRC.TKB variant outbound connection - dir4you (malware-cnc.rules)
 * 1:19941 <-> DISABLED <-> MALWARE-CNC TrojanSpy Win.Trojan.Zbot.Gen variant outbound connection (malware-cnc.rules)
 * 1:19942 <-> DISABLED <-> MALWARE-CNC TrojanSpy Win.Trojan.Zbot.Gen variant outbound connection (malware-cnc.rules)
 * 1:19944 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Banload.ykl variant outbound connection (malware-cnc.rules)
 * 1:19945 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Agent.amwd variant outbound connection (malware-cnc.rules)
 * 1:19946 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Agent.amwd variant outbound connection (malware-cnc.rules)
 * 1:19947 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.amwd variant outbound connection (malware-cnc.rules)
 * 1:19948 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.asjk variant outbound connection (malware-cnc.rules)
 * 1:19949 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.asjk variant outbound connection (malware-cnc.rules)
 * 1:19950 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Defsel inbound connection (malware-cnc.rules)
 * 1:19951 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Defsel variant outbound connection (malware-cnc.rules)
 * 1:19952 <-> ENABLED <-> MALWARE-CNC Biodox inbound connection (malware-cnc.rules)
 * 1:19953 <-> DISABLED <-> MALWARE-CNC Biodox variant outbound connection (malware-cnc.rules)
 * 1:19954 <-> DISABLED <-> MALWARE-CNC Hack Style RAT variant outbound connection (malware-cnc.rules)
 * 1:19955 <-> DISABLED <-> MALWARE-CNC PaiN RAT 0.1 variant outbound connection (malware-cnc.rules)
 * 1:19957 <-> DISABLED <-> MALWARE-CNC Arabian-Attacker 1.1.0 variant outbound connection (malware-cnc.rules)
 * 1:19958 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.aulk variant outbound connection (malware-cnc.rules)
 * 1:19959 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.aulk variant outbound connection (malware-cnc.rules)
 * 1:19960 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.aulk variant outbound connection (malware-cnc.rules)
 * 1:19961 <-> DISABLED <-> MALWARE-CNC Fouad 1.0 variant outbound connection (malware-cnc.rules)
 * 1:19962 <-> DISABLED <-> MALWARE-CNC Email-Worm.CryptBox-A variant outbound connection (malware-cnc.rules)
 * 1:19963 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Banload.aajs variant outbound connection (malware-cnc.rules)
 * 1:19965 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Agent.avzz variant outbound connection (malware-cnc.rules)
 * 1:19966 <-> DISABLED <-> MALWARE-CNC Octopus 0.1 inbound connection (malware-cnc.rules)
 * 1:19967 <-> DISABLED <-> MALWARE-CNC Trojan-PSW.Win32.Papras.dm variant outbound connection (malware-cnc.rules)
 * 1:19968 <-> DISABLED <-> MALWARE-CNC Win.Trojan.PSW.QQPass.amx variant outbound connection (malware-cnc.rules)
 * 1:19969 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Crypt.CY variant outbound connection (malware-cnc.rules)
 * 1:19970 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Smalltroj.MHYR variant outbound connection (malware-cnc.rules)
 * 1:19971 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Mudrop.lj variant outbound connection (malware-cnc.rules)
 * 1:19973 <-> DISABLED <-> MALWARE-CNC Worm.Win.Trojan.Nebuler.D variant outbound connection (malware-cnc.rules)
 * 1:19974 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Small.bwj variant outbound connection (malware-cnc.rules)
 * 1:19975 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Crypt.vb variant outbound connection (malware-cnc.rules)
 * 1:19977 <-> DISABLED <-> MALWARE-CNC Win.Trojan.LooksLike.Zaplot variant outbound connection (malware-cnc.rules)
 * 1:19979 <-> DISABLED <-> MALWARE-CNC IRCBot runtime traffic detected (malware-cnc.rules)
 * 1:19980 <-> DISABLED <-> MALWARE-CNC IRCBot runtime traffic detected (malware-cnc.rules)
 * 1:19981 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Micstus.A runtime traffic detected (malware-cnc.rules)
 * 1:19982 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.wwe variant outbound connection (malware-cnc.rules)
 * 1:19983 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Kolabc.fic variant outbound connection (malware-cnc.rules)
 * 1:19984 <-> DISABLED <-> PUA-ADWARE Antivirus 2010 outbound connection (pua-adware.rules)
 * 1:19987 <-> DISABLED <-> PUA-ADWARE PCLiveGuard outbound connection (pua-adware.rules)
 * 1:19988 <-> DISABLED <-> MALWARE-CNC Asprox variant outbound connection (malware-cnc.rules)
 * 1:19989 <-> DISABLED <-> PUA-ADWARE Total Protect 2009 outbound connection (pua-adware.rules)
 * 1:19990 <-> DISABLED <-> PUA-ADWARE Total Protect 2009 outbound connection (pua-adware.rules)
 * 1:19991 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zbot.PG runtime traffic detected (malware-cnc.rules)
 * 1:19992 <-> DISABLED <-> MALWARE-CNC Trojan-Dropper.Win32.Farfli.A runtime traffic detected (malware-cnc.rules)
 * 1:19993 <-> DISABLED <-> MALWARE-CNC Win32 Poebot runtime traffic detected (malware-cnc.rules)
 * 1:19994 <-> DISABLED <-> PUA-ADWARE Antivirus 360 outbound connection (pua-adware.rules)
 * 1:19995 <-> ENABLED <-> MALWARE-CNC Waledac variant outbound connection (malware-cnc.rules)
 * 1:19996 <-> DISABLED <-> MALWARE-CNC Worm Brontok.C variant outbound connection (malware-cnc.rules)
 * 1:19997 <-> DISABLED <-> MALWARE-CNC Win.Trojan.PSW.Win32.QQPass.gam variant outbound connection (malware-cnc.rules)
 * 1:19998 <-> ENABLED <-> PUA-ADWARE IP address disclosure to advertisement sites attempt (pua-adware.rules)
 * 1:19999 <-> DISABLED <-> PUA-ADWARE ThreatNuker outbound connection (pua-adware.rules)
 * 1:20001 <-> ENABLED <-> MALWARE-CNC Allaple.e variant outbound connection (malware-cnc.rules)
 * 1:20002 <-> DISABLED <-> MALWARE-CNC Allaple.e variant outbound connection (malware-cnc.rules)
 * 1:20003 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Spy Pilonoc runtime traffic detected (malware-cnc.rules)
 * 1:20004 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Spy Pilonoc install-time traffic detected (malware-cnc.rules)
 * 1:20005 <-> DISABLED <-> MALWARE-CNC Win32 Lecna.cr runtime traffic detected (malware-cnc.rules)
 * 1:20006 <-> DISABLED <-> MALWARE-CNC Worm Plurp.A runtime traffic detected (malware-cnc.rules)
 * 1:20007 <-> DISABLED <-> PUA-ADWARE Cinmus.asaq outbound connection (pua-adware.rules)
 * 1:20008 <-> DISABLED <-> MALWARE-CNC Malware PDFMarca.A runtime traffic detected (malware-cnc.rules)
 * 1:20009 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious User-Agent string Baby Remote - Win32/Babmote.A (malware-cnc.rules)
 * 1:20010 <-> DISABLED <-> MALWARE-CNC Win32/Babmote.A runtime TCP traffic detected (malware-cnc.rules)
 * 1:20011 <-> ENABLED <-> MALWARE-CNC Briewots.A runtime traffic detected (malware-cnc.rules)
 * 1:20012 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string feranet/0.4 - Win32/Ferabsa.A (malware-cnc.rules)
 * 1:20014 <-> DISABLED <-> MALWARE-CNC Kaju variant outbound connection - confirmation (malware-cnc.rules)
 * 1:20015 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zeus variant outbound connection (malware-cnc.rules)
 * 1:20016 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zeus variant outbound connection (malware-cnc.rules)
 * 1:20017 <-> DISABLED <-> MALWARE-CNC Win.Worm.Koobface.dq variant outbound connection (malware-cnc.rules)
 * 1:20018 <-> DISABLED <-> MALWARE-CNC Win.Worm.Autorun variant outbound connection (malware-cnc.rules)
 * 1:20019 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user agent - test (malware-cnc.rules)
 * 1:20021 <-> ENABLED <-> MALWARE-CNC Win.Worm.Brontok user-agent outbound connection (malware-cnc.rules)
 * 1:20022 <-> DISABLED <-> MALWARE-CNC Win.Worm.Padobot.z variant outbound connection (malware-cnc.rules)
 * 1:20023 <-> DISABLED <-> MALWARE-CNC Advanced Virus Remover variant outbound connection (malware-cnc.rules)
 * 1:20024 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dreamy.bc variant outbound connection (malware-cnc.rules)
 * 1:20025 <-> DISABLED <-> PUA-ADWARE VirusBye outbound connection (pua-adware.rules)
 * 1:20026 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Banker.abg.b variant outbound connection (malware-cnc.rules)
 * 1:20028 <-> DISABLED <-> MALWARE-CNC Windows Antivirus Pro variant outbound connection (malware-cnc.rules)
 * 1:20034 <-> DISABLED <-> FILE-OTHER ESTsoft ALZip MIM file buffer overflow attempt (file-other.rules)
 * 1:20035 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win32 Coinbit.A runtime traffic detected (malware-cnc.rules)
 * 1:20036 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win32 Agent.ndau runtime traffic detected (malware-cnc.rules)
 * 1:20037 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.cve runtime traffic detected (malware-cnc.rules)
 * 1:20038 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.cve runtime traffic detected (malware-cnc.rules)
 * 1:20039 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string Hardcore Software (malware-cnc.rules)
 * 1:20040 <-> DISABLED <-> MALWARE-CNC Win.Trojan.KSpyPro.A variant outbound connection (malware-cnc.rules)
 * 1:20041 <-> DISABLED <-> PUA-ADWARE Adware.BB outbound connection (pua-adware.rules)
 * 1:20042 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Sinowal outbond connection (malware-cnc.rules)
 * 1:20043 <-> DISABLED <-> MALWARE-CNC Adware Kraddare.AZ variant outbound connection (malware-cnc.rules)
 * 1:20057 <-> DISABLED <-> MALWARE-CNC BitCoin Miner IP query (malware-cnc.rules)
 * 1:20063 <-> DISABLED <-> PUA-ADWARE SecurityTool outbound connection (pua-adware.rules)
 * 1:20064 <-> DISABLED <-> MALWARE-CNC Malware Win.Trojan.Clemag.A variant outbound connection (malware-cnc.rules)
 * 1:20066 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win32 SensLiceld.A runtime traffic detected (malware-cnc.rules)
 * 1:20067 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win32 Zatvex.A runtime traffic detected (malware-cnc.rules)
 * 1:20068 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Jetilms.A runtime activity detected (malware-cnc.rules)
 * 1:20069 <-> DISABLED <-> MALWARE-CNC Win.Trojan.VB.alhq runtime traffic detected (malware-cnc.rules)
 * 1:20074 <-> DISABLED <-> MALWARE-CNC Win.Trojan.IRCBot.iseee variant outbound connection (malware-cnc.rules)
 * 1:20075 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ruskill.abl variant outbound connection (malware-cnc.rules)
 * 1:20076 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agobot.ast variant outbound connection (malware-cnc.rules)
 * 1:20077 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agobot.ast variant outbound connection (malware-cnc.rules)
 * 1:20078 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Russkill.C variant outbound connection (malware-cnc.rules)
 * 1:20079 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Russkill.C variant outbound connection (malware-cnc.rules)
 * 1:20080 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Derusbi.A variant outbound connection (malware-cnc.rules)
 * 1:20081 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Yakes.cbi variant outbound connection (malware-cnc.rules)
 * 1:20082 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Inject.raw variant outbound connection (malware-cnc.rules)
 * 1:20083 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Fucobha.A variant outbound connection (malware-cnc.rules)
 * 1:20085 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Veebuu.BX variant outbound connection (malware-cnc.rules)
 * 1:20086 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload.ABY variant outbound connection (malware-cnc.rules)
 * 1:20087 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.FGU variant outbound connection (malware-cnc.rules)
 * 1:20088 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Emudbot.A variant outbound connection (malware-cnc.rules)
 * 1:20096 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Agent.dcir variant outbound connection (malware-cnc.rules)
 * 1:20097 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.dcir infected host at destination ip (malware-cnc.rules)
 * 1:20098 <-> DISABLED <-> MALWARE-CNC Win.Trojan.KeyLogger.wav variant outbound connection (malware-cnc.rules)
 * 1:20099 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Xtrat.A variant outbound connection (malware-cnc.rules)
 * 1:20104 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string - InfoBot (malware-cnc.rules)
 * 1:20105 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string - IPHONE (malware-cnc.rules)
 * 1:20106 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string - darkness (malware-cnc.rules)
 * 1:20107 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Small.Cns variant outbound connection (malware-cnc.rules)
 * 1:20108 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.Pher variant outbound connection (malware-cnc.rules)
 * 1:20109 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zombie.sm variant outbound connection (malware-cnc.rules)
 * 1:20123 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ShrFmla record use after free attempt (file-office.rules)
 * 1:20128 <-> DISABLED <-> FILE-OFFICE Microsoft Office invalid MS-OGRAPH DataFormat buffer overflow attempt (file-office.rules)
 * 1:20179 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM ovlogin.exe userid parameter buffer overflow attempt (server-webapp.rules)
 * 1:20180 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM ovlogin.exe passwd parameter buffer overflow attempt (server-webapp.rules)
 * 1:20202 <-> ENABLED <-> MALWARE-CNC Apple OSX.Revir-1 variant outbound connection (malware-cnc.rules)
 * 1:20204 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Taidoor variant outbound connection (malware-cnc.rules)
 * 1:20205 <-> DISABLED <-> MALWARE-CNC Win32/Poison beaconing request (malware-cnc.rules)
 * 1:20213 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Swisyn variant outbound connection (malware-cnc.rules)
 * 1:20217 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ramagedos.A variant outbound connection (malware-cnc.rules)
 * 1:20218 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ramagedos.A variant outbound connection (malware-cnc.rules)
 * 1:20219 <-> DISABLED <-> MALWARE-CNC Win.Trojan.ToriaSpy.A variant outbound connection (malware-cnc.rules)
 * 1:20220 <-> DISABLED <-> PUA-ADWARE Adware.Wizpop outbound connection (pua-adware.rules)
 * 1:20221 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Injector variant outbound connection (malware-cnc.rules)
 * 1:20222 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Payazol.B variant outbound connection (malware-cnc.rules)
 * 1:20223 <-> ENABLED <-> FILE-IDENTIFY SMI file download request (file-identify.rules)
 * 1:20224 <-> DISABLED <-> FILE-MULTIMEDIA MPlayer SMI file buffer overflow attempt (file-multimedia.rules)
 * 1:20225 <-> ENABLED <-> FILE-OTHER SMI file download request (file-other.rules)
 * 1:20226 <-> DISABLED <-> FILE-OTHER MPlayer SMI file buffer overflow attempt (file-other.rules)
 * 1:20228 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Hupigon variant outbound connection (malware-cnc.rules)
 * 1:20229 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Jinchodz variant outbound connection (malware-cnc.rules)
 * 1:20230 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string 0pera 10 (malware-cnc.rules)
 * 1:20231 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string Mozilla//4.0 (malware-cnc.rules)
 * 1:20232 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Cycbot variant outbound connection (malware-cnc.rules)
 * 1:20233 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Virut variant outbound connection (malware-cnc.rules)
 * 1:20234 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ceckno.cmz runtime traffic detected (malware-cnc.rules)
 * 1:20235 <-> DISABLED <-> MALWARE-CNC Win.Trojan.AdobeReader.Uz runtime traffic detected (malware-cnc.rules)
 * 1:20252 <-> DISABLED <-> MALWARE-CNC DroidKungFu check-in (malware-cnc.rules)
 * 1:20280 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Kazy variant outbound connection (malware-cnc.rules)
 * 1:20281 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Kazy variant outbound connection (malware-cnc.rules)
 * 1:20289 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Doschald.A variant outbound connection (malware-cnc.rules)
 * 1:20290 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Doschald.A inbound connection (malware-cnc.rules)
 * 1:20291 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Mybios.A variant outbound connection (malware-cnc.rules)
 * 1:20292 <-> DISABLED <-> MALWARE-CNC Win.Trojan.FresctSpy.A variant outbound connection (malware-cnc.rules)
 * 1:20293 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string MBVDFRESCT (malware-cnc.rules)
 * 1:20387 <-> DISABLED <-> PROTOCOL-VOIP T.38 fax rate management attribute buffer overflow attempt (protocol-voip.rules)
 * 1:20388 <-> DISABLED <-> PROTOCOL-VOIP T.38 fax EC attribute buffer overflow attempt (protocol-voip.rules)
 * 1:20428 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zewit.A variant outbound connection (malware-cnc.rules)
 * 1:20429 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader U3D CLODMeshDeceleration code execution attempt (file-pdf.rules)
 * 1:20431 <-> DISABLED <-> FILE-OTHER Wireshark DECT packet dissector overflow attempt (file-other.rules)
 * 1:20433 <-> DISABLED <-> PUA-ADWARE XP Guardian 2010 anutayadokalug host outbound connection (pua-adware.rules)
 * 1:20434 <-> DISABLED <-> PUA-ADWARE XP Guardian 2010 proantivirus21 host runtime traffic detection (pua-adware.rules)
 * 1:20435 <-> DISABLED <-> MALWARE-CNC TrojanSpy Win.Trojan.Zbot.Svr runtime traffic detected (malware-cnc.rules)
 * 1:20444 <-> DISABLED <-> FILE-JAVA Oracle Java browser plugin docbase overflow attempt (file-java.rules)
 * 1:20447 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.JAAK variant outbound connection (malware-cnc.rules)
 * 1:20448 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Meciv.A variant outbound connection (malware-cnc.rules)
 * 1:20449 <-> DISABLED <-> MALWARE-CNC Win.Worm.Busifom.A variant outbound connection (malware-cnc.rules)
 * 1:20525 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Duqu variant outbound connection (malware-cnc.rules)
 * 1:20527 <-> ENABLED <-> MALWARE-CNC Sirefef initial C&C connection variant outbound connection (malware-cnc.rules)
 * 1:20528 <-> DISABLED <-> SERVER-APACHE Apache mod_proxy reverse proxy information disclosure attempt (server-apache.rules)
 * 1:20558 <-> ENABLED <-> EXPLOIT-KIT URI request for known malicious URI /stat2.php (exploit-kit.rules)
 * 1:20559 <-> DISABLED <-> FILE-MULTIMEDIA Nullsoft Winamp MIDI file buffer overflow attempt (file-multimedia.rules)
 * 1:20561 <-> DISABLED <-> MALWARE-CNC Win.Trojan.PWSBanker.SHE variant outbound connection (malware-cnc.rules)
 * 1:20562 <-> DISABLED <-> MALWARE-CNC Win.Trojan.PWSBanker.SHE variant outbound connection (malware-cnc.rules)
 * 1:20565 <-> DISABLED <-> FILE-OTHER Nullsoft Winamp AMF file buffer overflow attempt (file-other.rules)
 * 1:20566 <-> DISABLED <-> FILE-OTHER Nullsoft Winamp AMF file buffer overflow attempt (file-other.rules)
 * 1:20569 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Small.kb variant outbound connection (malware-cnc.rules)
 * 1:20570 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Small.kb variant outbound connection (malware-cnc.rules)
 * 1:20571 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Small.kb variant outbound connection (malware-cnc.rules)
 * 1:20587 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Larchik.A variant outbound connection (malware-cnc.rules)
 * 1:20595 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ixeshe.F variant outbound connection (malware-cnc.rules)
 * 1:20596 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Smoaler.A variant outbound connection (malware-cnc.rules)
 * 1:20597 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Smoaler.A variant outbound connection (malware-cnc.rules)
 * 1:20598 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Smoaler.A variant outbound connection (malware-cnc.rules)
 * 1:20599 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Smoaler.A variant outbound connection (malware-cnc.rules)
 * 1:20604 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Buzus.isqy variant outbound connection (malware-cnc.rules)
 * 1:20605 <-> DISABLED <-> MALWARE-CNC Win.Trojan.R2d2.A contact to cnc server (malware-cnc.rules)
 * 1:20606 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Domsingx.A variant outbound connection (malware-cnc.rules)
 * 1:20619 <-> DISABLED <-> SERVER-WEBAPP CoreHTTP Long buffer overflow attempt (server-webapp.rules)
 * 1:20620 <-> DISABLED <-> SERVER-WEBAPP CoreHTTP Long buffer overflow attempt (server-webapp.rules)
 * 1:20622 <-> DISABLED <-> FILE-JAVA Oracle Java Applet remote code execution attempt (file-java.rules)
 * 1:20626 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Shylock.A variant outbound connection (malware-cnc.rules)
 * 1:20627 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Shylock.A C&C server response (malware-cnc.rules)
 * 1:20628 <-> DISABLED <-> SERVER-WEBAPP HP Data Protector FinishedCopy SQL Injection attempt (server-webapp.rules)
 * 1:20630 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Winnti.A contact to cnc server (malware-cnc.rules)
 * 1:20632 <-> DISABLED <-> SERVER-WEBAPP AnnoncesV annonce.php remote file include attempt (server-webapp.rules)
 * 1:20635 <-> DISABLED <-> SERVER-WEBAPP HP Data Protector GetPolicies SQL Injection attempt (server-webapp.rules)
 * 1:20636 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS5 gif file heap corruption attempt (file-image.rules)
 * 1:20637 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS5 gif file heap corruption attempt (file-image.rules)
 * 1:20639 <-> DISABLED <-> MALWARE-CNC Malware Win.Trojan.Higest.N variant outbound connection (malware-cnc.rules)
 * 1:20659 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader malformed shading modifier heap corruption attempt (file-pdf.rules)
 * 1:20661 <-> DISABLED <-> MALWARE-CNC Simbda variant outbound connection (malware-cnc.rules)
 * 1:20668 <-> DISABLED <-> EXPLOIT-KIT URI request for known malicious URI - /content/v1.jar (exploit-kit.rules)
 * 1:20669 <-> DISABLED <-> EXPLOIT-KIT URI request for known malicious URI - w.php?f= (exploit-kit.rules)
 * 1:20676 <-> DISABLED <-> MALWARE-CNC Win.Trojan.EggDrop.acn variant outbound connection (malware-cnc.rules)
 * 1:20677 <-> DISABLED <-> MALWARE-CNC Win.Trojan.EggDrop.acn variant outbound connection (malware-cnc.rules)
 * 1:20678 <-> DISABLED <-> MALWARE-CNC Trojan-Downloader.Win32.Genome.aior variant outbound connection (malware-cnc.rules)
 * 1:20679 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Syrutrk variant outbound connection (malware-cnc.rules)
 * 1:20680 <-> DISABLED <-> SERVER-WEBAPP Flashchat aedating4CMS.php remote file include attempt (server-webapp.rules)
 * 1:20681 <-> DISABLED <-> MALWARE-CNC Trojan-Downloader.Win32.Agent.NMS variant outbound connection (malware-cnc.rules)
 * 1:20682 <-> DISABLED <-> MALWARE-CNC Trojan-Downloader.Win32.Agent.NMS variant outbound connection (malware-cnc.rules)
 * 1:20683 <-> DISABLED <-> MALWARE-CNC Cleanvaccine variant outbound connection (malware-cnc.rules)
 * 1:20684 <-> DISABLED <-> MALWARE-CNC Cleanvaccine variant outbound connection (malware-cnc.rules)
 * 1:20685 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Heloag.A variant outbound connection (malware-cnc.rules)
 * 1:20686 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Virut.BM connect to client (malware-cnc.rules)
 * 1:20687 <-> DISABLED <-> MALWARE-CNC Trojan-Downloader.Win32.Genome.akhg variant outbound connection (malware-cnc.rules)
 * 1:20688 <-> DISABLED <-> MALWARE-CNC Trojan-Spy.Win32.Zbot.Jeib variant outbound connection (malware-cnc.rules)
 * 1:20689 <-> DISABLED <-> MALWARE-CNC Trojan-Spy.Win32.Zbot.Jeib variant outbound connection (malware-cnc.rules)
 * 1:20691 <-> DISABLED <-> POLICY-OTHER Cisco Network Registrar default credentials authentication attempt (policy-other.rules)
 * 1:20692 <-> DISABLED <-> POLICY-OTHER Cisco network registrar default credentials authentication attempt (policy-other.rules)
 * 1:20693 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Blackcontrol.A variant outbound connection (malware-cnc.rules)
 * 1:20694 <-> DISABLED <-> MALWARE-CNC Win.Trojan.SSonce.A variant outbound connection (malware-cnc.rules)
 * 1:20695 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.GZW connect to cnc server (malware-cnc.rules)
 * 1:20696 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ransom.CK connect to cnc server (malware-cnc.rules)
 * 1:20697 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ransom.CK connect to cnc server (malware-cnc.rules)
 * 1:20722 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (file-office.rules)
 * 1:20728 <-> DISABLED <-> SERVER-WEBAPP WoW Roster remote file include with hslist.php and conf.php attempt (server-webapp.rules)
 * 1:20731 <-> DISABLED <-> SERVER-WEBAPP TSEP tsep_config absPath parameter PHP remote file include attempt (server-webapp.rules)
 * 1:20752 <-> DISABLED <-> PUA-ADWARE Win32.GameVance outbound connection (pua-adware.rules)
 * 1:20753 <-> DISABLED <-> PUA-ADWARE Win32.GamePlayLabs outbound connection (pua-adware.rules)
 * 1:20754 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Virut-3 variant outbound connection (malware-cnc.rules)
 * 1:20755 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Krap variant outbound connection (malware-cnc.rules)
 * 1:20756 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Jorik variant outbound connection (malware-cnc.rules)
 * 1:20759 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Gbot.oce variant outbound connection (malware-cnc.rules)
 * 1:20762 <-> ENABLED <-> MALWARE-CNC MacOS.Flashback.A variant outbound connection (malware-cnc.rules)
 * 1:20830 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banbra.amdu variant outbound connection (malware-cnc.rules)
 * 1:20831 <-> ENABLED <-> FILE-JAVA Oracle Java Applet Rhino script engine remote code execution attempt (file-java.rules)
 * 1:20836 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zusy.A runtime traffic detected (malware-cnc.rules)
 * 1:20837 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Mecklow.C runtime traffic detected (malware-cnc.rules)
 * 1:20838 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Smokebot.A runtime traffic detected (malware-cnc.rules)
 * 1:20842 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules)
 * 1:20843 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules)
 * 1:20844 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.smxy runtime traffic detected (malware-cnc.rules)
 * 1:20845 <-> DISABLED <-> SERVER-WEBAPP HP Network Node Manager cross site scripting attempt (server-webapp.rules)
 * 1:20877 <-> DISABLED <-> MALWARE-CNC RunTime Worm.Win32.Warezov.gs variant outbound connection (malware-cnc.rules)
 * 1:20890 <-> DISABLED <-> MALWARE-CNC Win.Trojan.VB.adbp runtime traffic detected (malware-cnc.rules)
 * 1:20891 <-> DISABLED <-> MALWARE-CNC Win.Trojan.VB.adbp runtime traffic detected (malware-cnc.rules)
 * 1:20892 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Skopvel.A runtime traffic detected (malware-cnc.rules)
 * 1:20927 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Spyeye-207 variant outbound connection (malware-cnc.rules)
 * 1:20995 <-> DISABLED <-> POLICY-OTHER HP SiteScope integrationViewer default credentials policy-bypass attempt (policy-other.rules)
 * 1:20996 <-> DISABLED <-> POLICY-OTHER HP SiteScope integrationViewer default credentials policy-bypass attempt (policy-other.rules)
 * 1:21051 <-> DISABLED <-> SERVER-WEBAPP Apple OSX software update command execution attempt (server-webapp.rules)
 * 1:21055 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Utka.A variant outbound connection (malware-cnc.rules)
 * 1:21057 <-> DISABLED <-> FILE-OTHER Java Applet Rhino script engine remote code execution attempt (file-other.rules)
 * 1:21058 <-> DISABLED <-> MALWARE-CNC Win.Trojan.AutoIt.pm runtime traffic detected (malware-cnc.rules)
 * 1:21065 <-> DISABLED <-> SERVER-WEBAPP Symantec IM Manager Edituser cross site scripting attempt (server-webapp.rules)
 * 1:21066 <-> DISABLED <-> SERVER-WEBAPP Symantec IM Manager Systemdashboard cross site scripting attempt (server-webapp.rules)
 * 1:21067 <-> DISABLED <-> SERVER-WEBAPP Symantec IM Manager TOC_simple cross site scripting attempt (server-webapp.rules)
 * 1:21082 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel window2 record use after free attempt (file-office.rules)
 * 1:21083 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel window2 record use after free attempt (file-office.rules)
 * 1:21087 <-> DISABLED <-> MALWARE-CNC Bindow.Worm runtime traffic detected (malware-cnc.rules)
 * 1:21093 <-> DISABLED <-> FILE-MULTIMEDIA A-PDF Wav to mp3 converter buffer overfow (file-multimedia.rules)
 * 1:21100 <-> DISABLED <-> PROTOCOL-RPC Novell Netware xdr decode string length buffer overflow attempt (protocol-rpc.rules)
 * 1:21107 <-> DISABLED <-> FILE-MULTIMEDIA MJM Quickplayer s3m buffer overflow (file-multimedia.rules)
 * 1:21112 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer mpeg width integer memory underflow attempt (file-multimedia.rules)
 * 1:21116 <-> DISABLED <-> FILE-OTHER Cisco Webex selector and size2 subrecords corruption attempt (file-other.rules)
 * 1:21122 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Bandok.zp runtime traffic detected (malware-cnc.rules)
 * 1:21123 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Flymux.A runtime traffic detected (malware-cnc.rules)
 * 1:21124 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Opachki.A runtime traffic detected (malware-cnc.rules)
 * 1:21125 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Alureon.DG runtime traffic detected (malware-cnc.rules)
 * 1:21126 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Koutodoor.C runtime traffic detected (malware-cnc.rules)
 * 1:21127 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Setfic.A runtime traffic detected (malware-cnc.rules)
 * 1:21128 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dromedan.A runtime traffic detected (malware-cnc.rules)
 * 1:21142 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zbot.PKJ runtime traffic detected (malware-cnc.rules)
 * 1:21143 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zbot.PKJ runtime traffic detected (malware-cnc.rules)
 * 1:21144 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zbot.PKJ runtime traffic detected (malware-cnc.rules)
 * 1:21145 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Neraweq.A runtime traffic detected (malware-cnc.rules)
 * 1:21151 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Stegae.A runtime traffic detected (malware-cnc.rules)
 * 1:21160 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (file-image.rules)
 * 1:21169 <-> DISABLED <-> PUA-ADWARE Apperhand SDK advertising data request - Counterclank (pua-adware.rules)
 * 1:21170 <-> DISABLED <-> FILE-OFFICE Microsoft Office OLESS stream object name corruption attempt (file-office.rules)
 * 1:21175 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string Win32 Amti (malware-cnc.rules)
 * 1:21176 <-> DISABLED <-> PUA-ADWARE Win32.WindowsOptimizationAndSecurity outbound connection (pua-adware.rules)
 * 1:21177 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ganipin.A inbound connection (malware-cnc.rules)
 * 1:21178 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader Win.Trojan.Chekafe.A variant outbound connection (malware-cnc.rules)
 * 1:21179 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Coofus.RFM variant outbound connection (malware-cnc.rules)
 * 1:21180 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Magania.clfv variant outbound connection (malware-cnc.rules)
 * 1:21181 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.czgu variant outbound connection (malware-cnc.rules)
 * 1:21182 <-> DISABLED <-> MALWARE-CNC Win.Trojan.MeSub.ac variant outbound connection (malware-cnc.rules)
 * 1:21183 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.alfu variant outbound connection (malware-cnc.rules)
 * 1:21184 <-> DISABLED <-> PUA-ADWARE Internet Security 2010 outbound connection (pua-adware.rules)
 * 1:21185 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Kufgal.A inbound connection (malware-cnc.rules)
 * 1:21187 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Xlahlah.A variant outbound connection (malware-cnc.rules)
 * 1:21192 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Syswrt.dvd variant outbound connection (malware-cnc.rules)
 * 1:21193 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dalbot.A variant outbound connection (malware-cnc.rules)
 * 1:21194 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Wealwedst.A variant outbound connection (malware-cnc.rules)
 * 1:21195 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Protux.B variant outbound connection (malware-cnc.rules)
 * 1:21196 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Caphaw.A variant outbound connection (malware-cnc.rules)
 * 1:21197 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Caphaw.A variant outbound connection (malware-cnc.rules)
 * 1:21198 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Qinubot.A variant outbound connection (malware-cnc.rules)
 * 1:21199 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Qinubot.A variant outbound connection (malware-cnc.rules)
 * 1:21202 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Scapzilla.A variant outbound connection (malware-cnc.rules)
 * 1:21203 <-> DISABLED <-> MALWARE-CNC Virus Win.Trojan.Induc.B variant outbound connection (malware-cnc.rules)
 * 1:21204 <-> DISABLED <-> MALWARE-CNC Virus Win.Trojan.Induc.B variant outbound connection (malware-cnc.rules)
 * 1:21205 <-> DISABLED <-> MALWARE-CNC Virus Win.Trojan.Induc.B variant outbound connection (malware-cnc.rules)
 * 1:21206 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string Aldi Bot (malware-cnc.rules)
 * 1:21207 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dekara.A variant outbound connection (malware-cnc.rules)
 * 1:21208 <-> ENABLED <-> MALWARE-CNC Win.Trojan.RShot.brw variant outbound connection (malware-cnc.rules)
 * 1:21209 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Enviserv.A variant outbound connection (malware-cnc.rules)
 * 1:21210 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Rallovs.A variant outbound connection (malware-cnc.rules)
 * 1:21211 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.slrj variant outbound connection (malware-cnc.rules)
 * 1:21212 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Hupigon.nkor variant outbound connection (malware-cnc.rules)
 * 1:21213 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Cridex.B variant outbound connection (malware-cnc.rules)
 * 1:21214 <-> DISABLED <-> SERVER-APACHE Apache server mod_proxy reverse proxy bypass attempt (server-apache.rules)
 * 1:21215 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.Am variant outbound connection (malware-cnc.rules)
 * 1:21216 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.Am variant outbound connection (malware-cnc.rules)
 * 1:21217 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.Am variant outbound connection (malware-cnc.rules)
 * 1:21218 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Sodager.C variant outbound connection (malware-cnc.rules)
 * 1:21219 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Sysckbc variant outbound connection (malware-cnc.rules)
 * 1:21220 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Susnatache.A inbound connection (malware-cnc.rules)
 * 1:21221 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Susnatache.A variant outbound connection (malware-cnc.rules)
 * 1:21222 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Kcahneila.A variant outbound connection (malware-cnc.rules)
 * 1:21223 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Gyplit.A variant outbound connection (malware-cnc.rules)
 * 1:21224 <-> DISABLED <-> MALWARE-CNC Win.Trojan.MacOS.DevilRobber.A variant outbound connection (malware-cnc.rules)
 * 1:21225 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string Flag (malware-cnc.rules)
 * 1:21226 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Louisdreyfu.A variant outbound connection (malware-cnc.rules)
 * 1:21227 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Bulknet variant outbound connection (malware-cnc.rules)
 * 1:21228 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Cerberat variant outbound connection (malware-cnc.rules)
 * 1:21229 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Synljdos variant outbound connection (malware-cnc.rules)
 * 1:21230 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Betad variant outbound connection (malware-cnc.rules)
 * 1:21243 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher 2003 EscherStm memory corruption attempt (file-office.rules)
 * 1:21249 <-> DISABLED <-> MALWARE-CNC Win.Trojan.VBasddsa.A runtime traffic detected (malware-cnc.rules)
 * 1:21250 <-> DISABLED <-> MALWARE-CNC Win.Trojan.VBasddsa.A runtime traffic detected (malware-cnc.rules)
 * 1:21251 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Sirefef.P variant outbound connection (malware-cnc.rules)
 * 1:21252 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Sirefef.P variant outbound connection (malware-cnc.rules)
 * 1:21253 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader malformed shading modifier heap corruption attempt (file-pdf.rules)
 * 1:21254 <-> DISABLED <-> FILE-PDF Foxit Reader createDataObject file write attempt (file-pdf.rules)
 * 1:21273 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Tusha variant runtime traffic detected (malware-cnc.rules)
 * 1:21274 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Tusha variant runtime traffic detected (malware-cnc.rules)
 * 1:21277 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Shexie.A runtime traffic detected (malware-cnc.rules)
 * 1:21278 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string Google Bot (malware-cnc.rules)
 * 1:21279 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Kbot.s runtime traffic detected (malware-cnc.rules)
 * 1:21280 <-> DISABLED <-> MALWARE-CNC Win32 Turkojan.C runtime traffic detected (malware-cnc.rules)
 * 1:21289 <-> DISABLED <-> OS-WINDOWS Microsoft Color Control Panel STI.dll dll-load exploit attempt (os-windows.rules)
 * 1:21290 <-> DISABLED <-> OS-WINDOWS Microsoft Color Control Panel STI.dll dll-load exploit attempt (os-windows.rules)
 * 1:21294 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Bancodor.be runtime traffic detected (malware-cnc.rules)
 * 1:21303 <-> DISABLED <-> MALWARE-CNC Win32 Initor.ag runtime traffic detected (malware-cnc.rules)
 * 1:21349 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector stack overflow attempt (server-other.rules)
 * 1:21350 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector stack overflow attempt (server-other.rules)
 * 1:21378 <-> DISABLED <-> SERVER-OTHER Novell iPrint attributes-natural-language buffer overflow attempt (server-other.rules)
 * 1:21379 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Genome.Amqj runtime traffic detected (malware-cnc.rules)
 * 1:21380 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string - QvodDown (malware-cnc.rules)
 * 1:21381 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dialer.ngb runtime traffic detected (malware-cnc.rules)
 * 1:21382 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Nuqel.Q host setting3.yeahost.com runtime traffic detected (malware-cnc.rules)
 * 1:21383 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Nuqel.Q host 9999mb.com runtime traffic detected (malware-cnc.rules)
 * 1:21384 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Nuqel.Q host freewebs.com runtime traffic detected (malware-cnc.rules)
 * 1:21386 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Wadolin.A runtime traffic detected (malware-cnc.rules)
 * 1:21387 <-> DISABLED <-> FILE-JAVA Oracle Java runtime RMIConnectionImpl deserialization execution attempt (file-java.rules)
 * 1:21390 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agobot.dl runtime traffic detected (malware-cnc.rules)
 * 1:21391 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.dcac runtime traffic detected (malware-cnc.rules)
 * 1:21393 <-> DISABLED <-> FILE-MULTIMEDIA Magix Musik Maker 16 buffer overflow attempt (file-multimedia.rules)
 * 1:21397 <-> DISABLED <-> FILE-MULTIMEDIA MicroP mppl stack buffer overflow (file-multimedia.rules)
 * 1:21413 <-> DISABLED <-> FILE-OTHER PeaZip command injection attempt (file-other.rules)
 * 1:21418 <-> ENABLED <-> MALWARE-CNC Win.Trojan.FareIt variant outbound connection (malware-cnc.rules)
 * 1:21421 <-> DISABLED <-> PROTOCOL-DNS ISC BIND DNSSEC authority response record overflow attempt (protocol-dns.rules)
 * 1:21464 <-> DISABLED <-> MALWARE-CNC Downloader-CEW.b runtime traffic detected (malware-cnc.rules)
 * 1:21466 <-> DISABLED <-> MALWARE-CNC Autorun.BDS runtime traffic detected (malware-cnc.rules)
 * 1:21469 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string 1234567890 (malware-cnc.rules)
 * 1:21473 <-> DISABLED <-> MALWARE-CNC Win.Trojan.GameThief variant outbound connection (malware-cnc.rules)
 * 1:21477 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Noobot variant outbound connection (malware-cnc.rules)
 * 1:21486 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zbot variant outbound connection (malware-cnc.rules)
 * 1:21491 <-> DISABLED <-> PROTOCOL-SCADA Sielco Sistemi Winlog Pro stack buffer overflow attempt (protocol-scada.rules)
 * 1:21495 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Vilsel variant outbound connection (malware-cnc.rules)
 * 1:21496 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Saeeka variant outbound connection (malware-cnc.rules)
 * 1:21497 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Saeeka variant outbound connection (malware-cnc.rules)
 * 1:21511 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Vaxpy variant outbound connection (malware-cnc.rules)
 * 1:21520 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Bayrob variant outbound connection (malware-cnc.rules)
 * 1:21521 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Bayrob update connection (malware-cnc.rules)
 * 1:21527 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader registration connection detection (malware-cnc.rules)
 * 1:21528 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader keep-alive connection detection (malware-cnc.rules)
 * 1:21557 <-> DISABLED <-> FILE-OTHER Apple OSX ZIP archive shell script execution attempt (file-other.rules)
 * 1:21563 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Kelihos variant outbound connection (malware-cnc.rules)
 * 1:21564 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Kelihos variant outbound connection (malware-cnc.rules)
 * 1:21566 <-> DISABLED <-> OS-WINDOWS Microsoft Expression Design wintab32.dll dll-load exploit attempt (os-windows.rules)
 * 1:21595 <-> DISABLED <-> OS-MOBILE Android/Nickispy.D initialization request detection (os-mobile.rules)
 * 1:21596 <-> DISABLED <-> OS-MOBILE Android/Nickispy.D initialization response detection (os-mobile.rules)
 * 1:21597 <-> DISABLED <-> OS-MOBILE Android/Nickispy.D sms logging request detection (os-mobile.rules)
 * 1:21598 <-> DISABLED <-> OS-MOBILE Android/Nickispy.D sms logging response detection (os-mobile.rules)
 * 1:21609 <-> DISABLED <-> SERVER-WEBAPP SurgeMail webmail.exe page format string exploit attempt (server-webapp.rules)
 * 1:21669 <-> DISABLED <-> PROTOCOL-VOIP Digium Asterisk missing SIP version denial of service attempt (protocol-voip.rules)
 * 1:21760 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Swisyn variant outbound connection (malware-cnc.rules)
 * 1:21761 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Swisyn variant outbound connection (malware-cnc.rules)
 * 1:21764 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word unicode parsing buffer overflow attempt (file-office.rules)
 * 1:2179 <-> DISABLED <-> PROTOCOL-FTP PASS format string attempt (protocol-ftp.rules)
 * 1:21858 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader msiexec.exe file load exploit attempt (file-pdf.rules)
 * 1:21859 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader msiexec.exe file load exploit attempt (file-pdf.rules)
 * 1:21913 <-> DISABLED <-> SERVER-OTHER EMC data protection advisor DOS attempt (server-other.rules)
 * 1:21914 <-> DISABLED <-> SERVER-OTHER Novell ZENWorks configuration management preboot opcode 6C request buffer overflow attempt (server-other.rules)
 * 1:21922 <-> DISABLED <-> FILE-OTHER VLC mms hostname buffer overflow attempt (file-other.rules)
 * 1:21947 <-> DISABLED <-> MALWARE-CNC Win.Trojan.VicSpy.A variant outbound connection (malware-cnc.rules)
 * 1:21967 <-> DISABLED <-> MALWARE-BACKDOOR Rebhip.A runtime detection (malware-backdoor.rules)
 * 1:21970 <-> ENABLED <-> MALWARE-BACKDOOR Win.Backdoor.Zlob.P variant outbound connection (malware-backdoor.rules)
 * 1:21971 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.Zlob.P variant inbound connection (malware-backdoor.rules)
 * 1:21972 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.ZZSlash variant outbound connection (malware-backdoor.rules)
 * 1:21973 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.ZZSlash runtime detection (malware-backdoor.rules)
 * 1:21974 <-> DISABLED <-> MALWARE-CNC Worm.Expichu variant inbound connection (malware-cnc.rules)
 * 1:21975 <-> DISABLED <-> MALWARE-CNC Worm.Expichu variant inbound connection (malware-cnc.rules)
 * 1:21976 <-> DISABLED <-> MALWARE-CNC Trojan-Downloader.Win32.Lapurd.D variant outbound connection (malware-cnc.rules)
 * 1:21982 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Insain variant outbound connection (malware-cnc.rules)
 * 1:21995 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Dorkbot variant outbound connection (malware-cnc.rules)
 * 1:21996 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dorkbot variant outbound connection (malware-cnc.rules)
 * 1:22048 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Zeus P2P outbound connection (malware-cnc.rules)
 * 1:22078 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid Window2 BIFF record value attempt (file-office.rules)
 * 1:22947 <-> DISABLED <-> FILE-OTHER Novell Groupwise Addressbook buffer overflow attempt (file-other.rules)
 * 1:22948 <-> DISABLED <-> PROTOCOL-VOIP Avaya WinPDM header buffer overflow attempt (protocol-voip.rules)
 * 1:22950 <-> DISABLED <-> SERVER-WEBAPP EXIF header parsing integer overflow attempt big endian (server-webapp.rules)
 * 1:22951 <-> DISABLED <-> SERVER-WEBAPP EXIF header parsing integer overflow attempt little endian (server-webapp.rules)
 * 1:23008 <-> DISABLED <-> FILE-JAVA Oracle Java Rhino script engine remote code execution attempt (file-java.rules)
 * 1:23014 <-> DISABLED <-> FILE-OTHER Adobe Photoshop asset elements stack based buffer overflow attempt (file-other.rules)
 * 1:23046 <-> DISABLED <-> SERVER-WEBAPP Oracle GlassFish Enterprise server cross site scripting attempt (server-webapp.rules)
 * 1:23047 <-> DISABLED <-> SERVER-WEBAPP Oracle GlassFish Enterprise server cross site scripting attempt (server-webapp.rules)
 * 1:23051 <-> DISABLED <-> MALWARE-CNC Dybalom.A runtime traffic detected (malware-cnc.rules)
 * 1:23055 <-> DISABLED <-> PROTOCOL-FTP Cisco IOS FTP MKD buffer overflow attempt (protocol-ftp.rules)
 * 1:23056 <-> DISABLED <-> SERVER-OTHER SAP NetWeaver Dispatcher DiagTraceR3Info buffer overflow attempt (server-other.rules)
 * 1:23099 <-> DISABLED <-> SERVER-OTHER SAP NetWeaver Dispatcher DiagTraceHex denial of service attempt (server-other.rules)
 * 1:23102 <-> DISABLED <-> POLICY-OTHER Seagate BlackArmor administrator password reset attempt (policy-other.rules)
 * 1:23111 <-> DISABLED <-> POLICY-OTHER PHP uri tag injection attempt (policy-other.rules)
 * 1:23170 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MPEG stream padding buffer overflow attempt (file-multimedia.rules)
 * 1:23176 <-> DISABLED <-> MALWARE-CNC Donbot.A runtime traffic detected (malware-cnc.rules)
 * 1:23177 <-> DISABLED <-> SERVER-WEBAPP Symantec Web Gateway timer.php cross site scripting attempt (server-webapp.rules)
 * 1:23178 <-> DISABLED <-> PROTOCOL-ICMP IPv6 router advertisement flood attempt (protocol-icmp.rules)
 * 1:23213 <-> DISABLED <-> SQL Ruby on rails SQL injection attempt (sql.rules)
 * 1:23234 <-> DISABLED <-> MALWARE-CNC Frethog.MK runtime traffic detected (malware-cnc.rules)
 * 1:23235 <-> DISABLED <-> MALWARE-CNC PBin.A runtime traffic detected (malware-cnc.rules)
 * 1:23238 <-> DISABLED <-> NETBIOS Wireshark console.lua file load exploit attempt (netbios.rules)
 * 1:23239 <-> DISABLED <-> SERVER-OTHER Wireshark console.lua file load exploit attempt (server-other.rules)
 * 1:23241 <-> DISABLED <-> SERVER-OTHER HP DPNECentral RequestCopy type SQL injection attempt (server-other.rules)
 * 1:23243 <-> DISABLED <-> FILE-JAVA Oracle Java Zip file directory record overflow attempt (file-java.rules)
 * 1:23269 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording integer overflow attempt (file-other.rules)
 * 1:23271 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (file-multimedia.rules)
 * 1:23272 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (file-multimedia.rules)
 * 1:23340 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Nitol.B variant outbound connection (malware-cnc.rules)
 * 1:23341 <-> ENABLED <-> MALWARE-BACKDOOR Win.Backdoor.Tinrot.A runtime detection (malware-backdoor.rules)
 * 1:23346 <-> DISABLED <-> FILE-OTHER Oracle outside in Lotus 1-2-3 heap overflow attempt (file-other.rules)
 * 1:23355 <-> DISABLED <-> SERVER-OTHER Trend Micro Control Manager AddTask stack buffer overflow attempt (server-other.rules)
 * 1:23368 <-> DISABLED <-> PROTOCOL-DNS Tftpd32 DNS server denial of service attempt (protocol-dns.rules)
 * 1:23397 <-> DISABLED <-> SERVER-OTHER Citrix Provisioning Services stack buffer overflow attempt (server-other.rules)
 * 1:23398 <-> DISABLED <-> SERVER-OTHER Citrix Provisioning Services stack buffer overflow attempt (server-other.rules)
 * 1:23401 <-> DISABLED <-> SERVER-WEBAPP Oracle GlassFish server REST interface cross site request forgery attempt (server-webapp.rules)
 * 1:23480 <-> DISABLED <-> SERVER-WEBAPP IBM Lotus Domino webadmin.nsf directory traversal attempt (server-webapp.rules)
 * 1:23484 <-> DISABLED <-> INDICATOR-COMPROMISE Wordpress Invit0r plugin non-image file upload attempt (indicator-compromise.rules)
 * 1:23485 <-> DISABLED <-> SERVER-WEBAPP Wordpress Invit0r plugin php upload attempt (server-webapp.rules)
 * 1:23544 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt (file-office.rules)
 * 1:23560 <-> DISABLED <-> FILE-JAVA Oracle Java Zip file directory record overflow attempt (file-java.rules)
 * 1:23577 <-> DISABLED <-> FILE-OTHER VLC mms hostname buffer overflow attempt (file-other.rules)
 * 1:23580 <-> DISABLED <-> FILE-OTHER Novell Groupwise Addressbook buffer overflow attempt (file-other.rules)
 * 1:23581 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MPEG stream padding buffer overflow attempt (file-multimedia.rules)
 * 1:23587 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (file-multimedia.rules)
 * 1:23588 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (file-multimedia.rules)
 * 1:23589 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (file-image.rules)
 * 1:23590 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (file-image.rules)
 * 1:23598 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Slagent outgoing connection (malware-cnc.rules)
 * 1:23599 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Slagent outgoing connection (malware-cnc.rules)
 * 1:23624 <-> DISABLED <-> SERVER-OTHER Ubisoft Uplay browser plugin backdoor attempt (server-other.rules)
 * 1:23783 <-> DISABLED <-> SERVER-WEBAPP Symantec Web Gateway pbcontrol.php filename parameter command injection attempt (server-webapp.rules)
 * 1:23839 <-> ENABLED <-> OS-WINDOWS Microsoft Windows SMB RAP API NetServerEnum2 long server name buffer overflow attempt (os-windows.rules)
 * 1:23879 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader Texture Declaration buffer overflow attempt (file-pdf.rules)
 * 1:23880 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader Texture Declaration buffer overflow attempt (file-pdf.rules)
 * 1:23934 <-> DISABLED <-> SERVER-WEBAPP Symantec Web Gateway blocked.php blind sql injection attempt (server-webapp.rules)
 * 1:23938 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Ibabyfa.dldr variant outbound connection (malware-cnc.rules)
 * 1:23940 <-> DISABLED <-> SERVER-ORACLE Oracle Business Transaction Management FlashTunnelService directory traversal attempt (server-oracle.rules)
 * 1:24007 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB RAP API NetServerEnum2 long server name buffer overflow attempt (os-windows.rules)
 * 1:24026 <-> ENABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24029 <-> DISABLED <-> FILE-OTHER Oracle outside in Lotus 1-2-3 heap overflow attempt (file-other.rules)
 * 1:24083 <-> ENABLED <-> FILE-OTHER ESTsoft ALZip MIM file buffer overflow attempt (file-other.rules)
 * 1:24123 <-> DISABLED <-> MALWARE-BACKDOOR Virus.Win32.Xpaj.A variant outbound connection (malware-backdoor.rules)
 * 1:24128 <-> DISABLED <-> OS-WINDOWS Microsoft SCCM ReportChart xss attempt (os-windows.rules)
 * 1:24147 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager nnmRptConfig.exe multiple parameters buffer overflow attempt (server-webapp.rules)
 * 1:2417 <-> DISABLED <-> PROTOCOL-FTP format string attempt (protocol-ftp.rules)
 * 1:24206 <-> ENABLED <-> FILE-IDENTIFY LZH archive file magic detected (file-identify.rules)
 * 1:24207 <-> DISABLED <-> FILE-OTHER IBM Lotus Notes LZH Attachment Viewer buffer overflow (file-other.rules)
 * 1:24208 <-> DISABLED <-> FILE-OTHER IBM Lotus Notes LZH Attachment Viewer buffer overflow (file-other.rules)
 * 1:24209 <-> DISABLED <-> FILE-OTHER IBM Lotus Notes LZH Attachment Viewer buffer overflow (file-other.rules)
 * 1:24240 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel drawing layer use after free attempt (file-office.rules)
 * 1:24241 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel drawing layer use after free attempt (file-office.rules)
 * 1:24242 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel drawing layer use after free attempt (file-office.rules)
 * 1:24256 <-> ENABLED <-> MALWARE-BACKDOOR phpMyAdmin server_sync.php backdoor access attempt (malware-backdoor.rules)
 * 1:24291 <-> DISABLED <-> SERVER-WEBAPP HP SiteScope APISiteScopeImpl information disclosure attempt (server-webapp.rules)
 * 1:24292 <-> DISABLED <-> SERVER-WEBAPP HP SiteScope APISiteScopeImpl information disclosure attempt (server-webapp.rules)
 * 1:24296 <-> DISABLED <-> PROTOCOL-ICMP IPv6 router advertisement invalid prefix option attempt (protocol-icmp.rules)
 * 1:24321 <-> DISABLED <-> SERVER-OTHER HP StorageWorks File Migration Agent buffer overflow attempt (server-other.rules)
 * 1:24337 <-> DISABLED <-> SERVER-OTHER Novell Remote Manager off-by-one denial of service attempt (server-other.rules)
 * 1:24446 <-> DISABLED <-> SERVER-OTHER EMC NetWorker SunRPC format string exploit attempt (server-other.rules)
 * 1:24480 <-> DISABLED <-> PROTOCOL-SCADA WellinTech Kingview HMI history server buffer overflow attempt (protocol-scada.rules)
 * 1:24487 <-> DISABLED <-> FILE-PDF Microsoft Windows kernel-mode drivers core font parsing integer overflow attempt (file-pdf.rules)
 * 1:24507 <-> DISABLED <-> FILE-PDF Adobe Acrobat font parsing integer overflow attempt (file-pdf.rules)
 * 1:24508 <-> DISABLED <-> FILE-PDF Adobe Acrobat font parsing integer overflow attempt (file-pdf.rules)
 * 1:24518 <-> DISABLED <-> SERVER-WEBAPP Symantec Web Gateway PHP remote code injection attempt (server-webapp.rules)
 * 1:24519 <-> DISABLED <-> SERVER-WEBAPP Symantec Web Gateway PHP remote code execution attempt (server-webapp.rules)
 * 1:24520 <-> DISABLED <-> SERVER-WEBAPP Avaya IP Office Customer Call Reporter invalid file upload attempt (server-webapp.rules)
 * 1:24524 <-> DISABLED <-> SERVER-MAIL Novell GroupWise internet agent iCalendar parsing denial of service attempt (server-mail.rules)
 * 1:24536 <-> DISABLED <-> SERVER-OTHER HP Intelligent Management Center uam.exe stack buffer overflow attempt (server-other.rules)
 * 1:24537 <-> DISABLED <-> SERVER-OTHER HP Intelligent Management Center uam.exe stack buffer overflow attempt (server-other.rules)
 * 1:24538 <-> DISABLED <-> SERVER-OTHER HP Intelligent Management Center uam.exe stack buffer overflow attempt (server-other.rules)
 * 1:24628 <-> DISABLED <-> SERVER-WEBAPP Webmin show.cgi arbitrary command injection attempt (server-webapp.rules)
 * 1:24647 <-> DISABLED <-> SERVER-WEBAPP D-Link Wireless Router CAPTCHA data processing buffer overflow attempt (server-webapp.rules)
 * 1:24652 <-> DISABLED <-> FILE-OTHER Microsoft proxy autoconfig script system library import attempt (file-other.rules)
 * 1:24686 <-> DISABLED <-> SERVER-OTHER HP StorageWorks file migration agent buffer overflow attempt (server-other.rules)
 * 1:24696 <-> DISABLED <-> PROTOCOL-RPC EMC Networker nsrindexd.exe procedure 0x01 buffer overflow attempt (protocol-rpc.rules)
 * 1:24699 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime text track descriptors heap buffer overflow attempt (file-multimedia.rules)
 * 1:24700 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime text track descriptors heap buffer overflow attempt (file-multimedia.rules)
 * 1:24701 <-> DISABLED <-> FILE-JAVA Oracle Java Runtime true type font idef opcode heap buffer overflow attempt (file-java.rules)
 * 1:24706 <-> DISABLED <-> SERVER-WEBAPP Netop Remote Control dws file buffer overflow attempt (server-webapp.rules)
 * 1:24707 <-> DISABLED <-> SERVER-WEBAPP Netop Remote Control dws file buffer overflow attempt (server-webapp.rules)
 * 1:24765 <-> DISABLED <-> SERVER-WEBAPP Novell File Reporter SRS request heap overflow attempt (server-webapp.rules)
 * 1:24766 <-> DISABLED <-> SERVER-WEBAPP Novell File Reporter SRS request arbitrary file download attempt (server-webapp.rules)
 * 1:24767 <-> DISABLED <-> SERVER-WEBAPP Novell File Reporter FSFUI request directory traversal attempt (server-webapp.rules)
 * 1:24801 <-> DISABLED <-> SERVER-WEBAPP IBM Tivoli Provisioning Manager Express asset.getmimetype sql injection attempt (server-webapp.rules)
 * 1:24802 <-> DISABLED <-> SERVER-OTHER HP Database Archiving Software GIOP parsing buffer overflow attempt (server-other.rules)
 * 1:24915 <-> DISABLED <-> FILE-JAVA Oracle Java Runtime true type font idef opcode heap buffer overflow attempt (file-java.rules)
 * 1:24987 <-> DISABLED <-> POLICY-OTHER Adobe InDesign SOAP interface RunScript method access attempt (policy-other.rules)
 * 1:24993 <-> DISABLED <-> FILE-JAVA Oracle Java Applet remote code execution attempt (file-java.rules)
 * 1:25007 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Wealwedst variant outbound connection (malware-cnc.rules)
 * 1:25318 <-> DISABLED <-> SERVER-WEBAPP InduSoft Web Studio arbitrary file upload attempt (server-webapp.rules)
 * 1:25319 <-> DISABLED <-> SERVER-WEBAPP InduSoft Web Studio arbitrary file upload attempt (server-webapp.rules)
 * 1:25321 <-> DISABLED <-> SERVER-ORACLE Oracle Database tablefunc_asown buffer overflow attempt (server-oracle.rules)
 * 1:25345 <-> DISABLED <-> SERVER-WEBAPP Symantec IM Manager Web interface arbitrary command execution attempt (server-webapp.rules)
 * 1:25346 <-> DISABLED <-> FILE-IMAGE ImageMagick EXIF resolutionunit handling memory corruption attempt (file-image.rules)
 * 1:25347 <-> DISABLED <-> FILE-IMAGE ImageMagick EXIF resolutionunit handling memory corruption attempt (file-image.rules)
 * 1:25348 <-> DISABLED <-> FILE-IMAGE ImageMagick EXIF resolutionunit handling memory corruption attempt (file-image.rules)
 * 1:25353 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (file-office.rules)
 * 1:25354 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (file-office.rules)
 * 1:25355 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (file-office.rules)
 * 1:25366 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid Window2 BIFF record value attempt (file-office.rules)
 * 1:25367 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid Window2 BIFF record value attempt (file-office.rules)
 * 1:25369 <-> DISABLED <-> OS-WINDOWS NVIDIA graphics driver nvsr named pipe buffer overflow attempt (os-windows.rules)
 * 1:25392 <-> DISABLED <-> FILE-JAVA Oracle Java Rhino script engine remote code execution attempt (file-java.rules)
 * 1:25449 <-> ENABLED <-> FILE-PDF Javascript openDoc UNC network request attempt (file-pdf.rules)
 * 1:25450 <-> ENABLED <-> FILE-PDF Javascript openDoc UNC network request attempt (file-pdf.rules)
 * 1:25534 <-> DISABLED <-> SERVER-WEBAPP Sonicwall Global Management System authentication bypass attempt (server-webapp.rules)
 * 1:25542 <-> DISABLED <-> PROTOCOL-RPC EMC NetWorker nsrindexd service buffer overflow attempt (protocol-rpc.rules)
 * 1:25581 <-> ENABLED <-> SERVER-OTHER EMC AlphaStor Device Manager command injection attempt (server-other.rules)
 * 1:25582 <-> ENABLED <-> SERVER-OTHER EMC AlphaStor Device Manager command injection attempt (server-other.rules)
 * 1:25583 <-> ENABLED <-> SERVER-OTHER EMC AlphaStor Device Manager command injection attempt (server-other.rules)
 * 1:25584 <-> ENABLED <-> SERVER-OTHER EMC AlphaStor Device Manager command injection attempt (server-other.rules)
 * 1:25585 <-> ENABLED <-> SERVER-OTHER EMC AlphaStor Device Manager command injection attempt (server-other.rules)
 * 1:25586 <-> DISABLED <-> SERVER-WEBAPP Nagios Core get_history buffer overflow attempt (server-webapp.rules)
 * 1:25767 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JPX malformed code-block width memory corruption attempt (file-pdf.rules)
 * 1:25810 <-> DISABLED <-> FILE-OTHER VMWare OVF Tool format string exploit attempt (file-other.rules)
 * 1:25811 <-> DISABLED <-> FILE-OTHER VMWare OVF Tool format string exploit attempt (file-other.rules)
 * 1:25812 <-> DISABLED <-> FILE-OTHER VMWare OVF Tool format string exploit attempt (file-other.rules)
 * 1:25813 <-> DISABLED <-> FILE-OTHER VMWare OVF Tool format string exploit attempt (file-other.rules)
 * 1:25818 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader known malicious variable exploit attempt (file-pdf.rules)
 * 1:25819 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader known malicious variable exploit attempt (file-pdf.rules)
 * 1:25855 <-> DISABLED <-> SERVER-WEBAPP Nagios XI alert cloud cross site scripting attempt (server-webapp.rules)
 * 1:26073 <-> DISABLED <-> SERVER-OTHER SAP NetWeaver Message Server buffer overflow attempt (server-other.rules)
 * 1:26074 <-> DISABLED <-> SERVER-OTHER SAP NetWeaver Message Server buffer overflow attempt (server-other.rules)
 * 1:26081 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - Suspected Crimepack (malware-cnc.rules)
 * 1:26082 <-> DISABLED <-> FILE-PDF Nuance PDF reader launch overflow attempt (file-pdf.rules)
 * 1:26103 <-> DISABLED <-> SERVER-OTHER HP LeftHand Virtual SAN hydra ping request buffer overflow attempt (server-other.rules)
 * 1:26105 <-> DISABLED <-> SERVER-OTHER BigAnt IM Server buffer overflow attempt (server-other.rules)
 * 1:26107 <-> DISABLED <-> SERVER-OTHER HP Linux Imaging and Printing Project hpssd daemon command injection attempt (server-other.rules)
 * 1:26108 <-> DISABLED <-> SERVER-OTHER HP Linux Imaging and Printing Project hpssd daemon command injection attempt (server-other.rules)
 * 1:26178 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Hiloti variant outbound connection (malware-cnc.rules)
 * 1:26185 <-> ENABLED <-> FILE-JAVA Oracle Java Gmbal package sandbox breach attempt (file-java.rules)
 * 1:26186 <-> ENABLED <-> FILE-JAVA Oracle Java Gmbal package sandbox breach attempt (file-java.rules)
 * 1:26195 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp integer overflow attempt (file-java.rules)
 * 1:26196 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib LookupOp integer overflow attempt (file-java.rules)
 * 1:26197 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib ConvolveOp integer overflow attempt (file-java.rules)
 * 1:26198 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp integer overflow attempt (file-java.rules)
 * 1:26199 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib LookupOp integer overflow attempt (file-java.rules)
 * 1:26200 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib ConvolveOp integer overflow attempt (file-java.rules)
 * 1:26209 <-> DISABLED <-> FILE-OTHER CyberLink Power2Go name parameter overflow attempt (file-other.rules)
 * 1:26210 <-> DISABLED <-> FILE-OTHER CyberLink Power2Go name parameter overflow attempt (file-other.rules)
 * 1:26230 <-> DISABLED <-> SERVER-WEBAPP Alcatel-Lucent OmniPCX arbitrary command execution attempt (server-webapp.rules)
 * 1:26242 <-> DISABLED <-> FILE-MULTIMEDIA CCMPlayer m3u buffer overflow attempt (file-multimedia.rules)
 * 1:26243 <-> DISABLED <-> FILE-MULTIMEDIA CCMPlayer m3u buffer overflow attempt (file-multimedia.rules)
 * 1:26262 <-> DISABLED <-> SERVER-OTHER MongoDB nativeHelper.apply method command injection attempt (server-other.rules)
 * 1:26274 <-> DISABLED <-> SERVER-WEBAPP Nagios3 statuswml.cgi remote command execution attempt (server-webapp.rules)
 * 1:26280 <-> DISABLED <-> FILE-PDF Foxit Reader remote query string buffer overflow attempt (file-pdf.rules)
 * 1:26281 <-> DISABLED <-> FILE-PDF Foxit Reader remote query string buffer overflow attempt (file-pdf.rules)
 * 1:26282 <-> DISABLED <-> FILE-PDF Foxit Reader remote query string buffer overflow attempt (file-pdf.rules)
 * 1:26283 <-> DISABLED <-> FILE-PDF Foxit Reader remote query string buffer overflow attempt (file-pdf.rules)
 * 1:26320 <-> DISABLED <-> SERVER-WEBAPP Redmine SCM rev parameter command injection attempt (server-webapp.rules)
 * 1:26333 <-> DISABLED <-> SERVER-OTHER HP LeftHand Virtual SAN hydra diag request buffer overflow attempt (server-other.rules)
 * 1:26334 <-> DISABLED <-> SERVER-OTHER HP LeftHand Virtual SAN hydra diag request buffer overflow attempt (server-other.rules)
 * 1:26336 <-> DISABLED <-> SERVER-OTHER HP LeftHand Virtual SAN hydra snmp request buffer overflow attempt (server-other.rules)
 * 1:26389 <-> DISABLED <-> SERVER-OTHER BigAnt Document Service DUPF command arbitrary file upload attempt (server-other.rules)
 * 1:26390 <-> DISABLED <-> SERVER-OTHER BigAnt Document Service DUPF command arbitrary file upload attempt (server-other.rules)
 * 1:26416 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center mibFileUpload servlet arbitrary file upload attempt (server-webapp.rules)
 * 1:26417 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center mibFileUpload servlet arbitrary file upload attempt (server-webapp.rules)
 * 1:26418 <-> DISABLED <-> SERVER-WEBAPP HP System Management iprange parameter buffer overflow attempt (server-webapp.rules)
 * 1:26425 <-> DISABLED <-> PROTOCOL-VOIP Digium Asterisk SIP SDP header parsing stack buffer overflow attempt (protocol-voip.rules)
 * 1:26426 <-> DISABLED <-> PROTOCOL-VOIP Digium Asterisk SIP SDP header parsing stack buffer overflow attempt (protocol-voip.rules)
 * 1:26435 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Duqu variant outbound connection (malware-cnc.rules)
 * 1:26436 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center FaultDownloadServlet information disclosure attempt (server-webapp.rules)
 * 1:26471 <-> DISABLED <-> PROTOCOL-FTP VanDyke AbsoluteFTP LIST command stack buffer overflow attempt (protocol-ftp.rules)
 * 1:26473 <-> DISABLED <-> FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (file-other.rules)
 * 1:26474 <-> DISABLED <-> FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (file-other.rules)
 * 1:26475 <-> DISABLED <-> FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (file-other.rules)
 * 1:26476 <-> DISABLED <-> FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (file-other.rules)
 * 1:26477 <-> DISABLED <-> FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (file-other.rules)
 * 1:26478 <-> DISABLED <-> FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (file-other.rules)
 * 1:26479 <-> DISABLED <-> SERVER-OTHER ActFax LPD Server data field buffer overflow attempt (server-other.rules)
 * 1:26495 <-> DISABLED <-> FILE-OTHER WellinTech KingView KingMessage log file parsing buffer overflow attempt (file-other.rules)
 * 1:26496 <-> DISABLED <-> FILE-OTHER WellinTech KingView KingMessage log file parsing buffer overflow attempt (file-other.rules)
 * 1:26501 <-> DISABLED <-> SERVER-OTHER BigAnt Document Service DDNF request stack buffer overflow attempt (server-other.rules)
 * 1:26502 <-> DISABLED <-> PROTOCOL-SCADA 3S CoDeSys Gateway Server stack buffer overflow attempt (protocol-scada.rules)
 * 1:26503 <-> DISABLED <-> PROTOCOL-SCADA 3S CoDeSys Gateway Server stack buffer overflow attempt (protocol-scada.rules)
 * 1:26504 <-> DISABLED <-> PROTOCOL-SCADA 3S CoDeSys Gateway Server stack buffer overflow attempt (protocol-scada.rules)
 * 1:26505 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center IctDownloadServlet information disclosure attempt (server-webapp.rules)
 * 1:26520 <-> DISABLED <-> FILE-OTHER Maple Maplet File Creation and Command Execution attempt (file-other.rules)
 * 1:26521 <-> DISABLED <-> FILE-OTHER Maple Maplet File Creation and Command Execution attempt (file-other.rules)
 * 1:26523 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center ReportImgServlet information disclosure attempt (server-webapp.rules)
 * 1:26547 <-> DISABLED <-> SERVER-WEBAPP phpMyAdmin preg_replace remote code execution attempt (server-webapp.rules)
 * 1:26626 <-> DISABLED <-> FILE-OFFICE XML parameter entity reference local file disclosure attempt (file-office.rules)
 * 1:26645 <-> DISABLED <-> SERVER-OTHER SSL TLS deflate compression weakness brute force attempt (server-other.rules)
 * 1:26648 <-> DISABLED <-> FILE-OTHER Microsoft Windows uniscribe fonts parsing memory corruption attempt (file-other.rules)
 * 1:26649 <-> DISABLED <-> FILE-OTHER Microsoft Windows uniscribe fonts parsing memory corruption attempt (file-other.rules)
 * 1:26651 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:26652 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:26664 <-> ENABLED <-> FILE-IMAGE BMP extremely large xpos opcodes (file-image.rules)
 * 1:26669 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center SyslogDownloadServlet information disclosure attempt (server-webapp.rules)
 * 1:26672 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word TextBox sub-document memory corruption attempt (file-office.rules)
 * 1:26673 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word TextBox sub-document memory corruption attempt (file-office.rules)
 * 1:26674 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word TextBox sub-document memory corruption attempt (file-office.rules)
 * 1:26676 <-> DISABLED <-> FILE-OFFICE Microsoft Windows WordPad sprmTSetBrc SPRM overflow attempt (file-office.rules)
 * 1:26759 <-> DISABLED <-> SERVER-OTHER MIT Kerberos libkdb_ldap principal name handling denial of service attempt (server-other.rules)
 * 1:26769 <-> DISABLED <-> SERVER-OTHER MIT Kerberos kpasswd process_chpw_request denial of service attempt (server-other.rules)
 * 1:26794 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center UAM acmServletDownload information disclosure attempt (server-webapp.rules)
 * 1:26797 <-> DISABLED <-> SERVER-WEBAPP Mutiny editdocument servlet arbitrary file access attempt (server-webapp.rules)
 * 1:26798 <-> DISABLED <-> SERVER-WEBAPP Mutiny editdocument servlet arbitrary file upload attempt (server-webapp.rules)
 * 1:26905 <-> DISABLED <-> SERVER-WEBAPP FosWiki and TWiki MAKETEXT macro memory consumption denial of service attempt (server-webapp.rules)
 * 1:26922 <-> DISABLED <-> OS-WINDOWS Microsoft Windows FlattenPath paged memory consumption privilege escalation attempt (os-windows.rules)
 * 1:26927 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:26928 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:26953 <-> DISABLED <-> SERVER-WEBAPP D-Link DIR-300/DIR-600 unauthenticated remote command execution attempt (server-webapp.rules)
 * 1:26990 <-> DISABLED <-> SERVER-WEBAPP WordPress Super Cache & W3 Total Cache remote code execution attempt (server-webapp.rules)
 * 1:26991 <-> DISABLED <-> SERVER-WEBAPP WordPress Super Cache & W3 Total Cache remote code execution attempt (server-webapp.rules)
 * 1:26992 <-> DISABLED <-> SERVER-WEBAPP WordPress Super Cache & W3 Total Cache remote code execution attempt (server-webapp.rules)
 * 1:27018 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Mobile Management dusap.php directory traversal attempt (server-webapp.rules)
 * 1:27019 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Mobile Management dusap.php directory traversal attempt (server-webapp.rules)
 * 1:27020 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Mobile Management dusap.php directory traversal attempt (server-webapp.rules)
 * 1:27028 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Mobile Management mdm.php directory traversal attempt (server-webapp.rules)
 * 1:27029 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Mobile Management mdm.php directory traversal attempt (server-webapp.rules)
 * 1:27030 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Mobile Management mdm.php directory traversal attempt (server-webapp.rules)
 * 1:27036 <-> DISABLED <-> SERVER-OTHER Novell NetIQ User Manager modifyAccounts policy bypass attempt (server-other.rules)
 * 1:27075 <-> DISABLED <-> SERVER-OTHER Novell NetIQ User Manager ldapagnt_eval remote code execution attempt (server-other.rules)
 * 1:27076 <-> ENABLED <-> FILE-JAVA Oracle Java Applet disable security manager attempt (file-java.rules)
 * 1:27077 <-> ENABLED <-> FILE-JAVA Oracle Java Applet disable security manager attempt (file-java.rules)
 * 1:27102 <-> ENABLED <-> FILE-MULTIMEDIA Apple QuickTime enof atom parsing heap buffer overflow attempt (file-multimedia.rules)
 * 1:27103 <-> ENABLED <-> FILE-MULTIMEDIA Apple QuickTime enof atom parsing heap buffer overflow attempt (file-multimedia.rules)
 * 1:27104 <-> ENABLED <-> SERVER-WEBAPP HP System Management arbitrary command injection attempt (server-webapp.rules)
 * 1:27105 <-> ENABLED <-> SERVER-WEBAPP HP System Management arbitrary command injection attempt (server-webapp.rules)
 * 1:27122 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 305 buffer overflow attempt (server-other.rules)
 * 1:27124 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 1092 buffer overflow attempt (server-other.rules)
 * 1:27125 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 211 buffer overflow attempt (server-other.rules)
 * 1:27170 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 1091 buffer overflow attempt (server-other.rules)
 * 1:27188 <-> ENABLED <-> FILE-JAVA Oracle Java Applet ProviderSkeleton sandbox bypass attempt (file-java.rules)
 * 1:27189 <-> ENABLED <-> FILE-JAVA Oracle Java Applet ProviderSkeleton sandbox bypass attempt (file-java.rules)
 * 1:27190 <-> ENABLED <-> FILE-JAVA Oracle Java Applet ProviderSkeleton sandbox bypass attempt (file-java.rules)
 * 1:27191 <-> ENABLED <-> FILE-JAVA Oracle Java Applet ProviderSkeleton sandbox bypass attempt (file-java.rules)
 * 1:27192 <-> DISABLED <-> SERVER-WEBAPP DM Albums album.php remote file include attempt (server-webapp.rules)
 * 1:27210 <-> ENABLED <-> SERVER-OTHER IPMI RAKP cipher zero remote authentication bypass attempt (server-other.rules)
 * 1:27217 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 260 buffer overflow attempt (server-other.rules)
 * 1:27224 <-> ENABLED <-> SERVER-OTHER Adobe ColdFusion websocket invoke method access (server-other.rules)
 * 1:27225 <-> DISABLED <-> SERVER-OTHER Adobe ColdFusion JRun error page getWriter denial of service attempt (server-other.rules)
 * 1:27226 <-> DISABLED <-> SERVER-WEBAPP DokuWiki PHP file inclusion attempt (server-webapp.rules)
 * 1:27231 <-> DISABLED <-> OS-WINDOWS Microsoft Windows FlattenPath paged memory consumption privilege escalation attempt (os-windows.rules)
 * 1:27237 <-> DISABLED <-> SERVER-OTHER IPMI default username - root (server-other.rules)
 * 1:27238 <-> DISABLED <-> SERVER-OTHER IPMI default username - admin (server-other.rules)
 * 1:27239 <-> DISABLED <-> SERVER-OTHER IPMI default username - USERID (server-other.rules)
 * 1:27240 <-> DISABLED <-> SERVER-OTHER multiple vendors IPMI RAKP username brute force attempt (server-other.rules)
 * 1:27264 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 227 buffer overflow attempt (server-other.rules)
 * 1:27532 <-> DISABLED <-> SERVER-MAIL Exim and Dovecot mail from remote command execution attempt (server-mail.rules)
 * 1:27539 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 234 buffer overflow attempt (server-other.rules)
 * 1:27552 <-> DISABLED <-> OS-MOBILE Android Exploit Extra_Field APK file download attempt (os-mobile.rules)
 * 1:27571 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 235 buffer overflow attempt (server-other.rules)
 * 1:27572 <-> ENABLED <-> SERVER-APACHE Apache Struts wildcard matching OGNL remote code execution attempt (server-apache.rules)
 * 1:27573 <-> ENABLED <-> SERVER-APACHE Apache Struts wildcard matching OGNL remote code execution attempt (server-apache.rules)
 * 1:27574 <-> ENABLED <-> SERVER-APACHE Apache Struts OGNL getRuntime.exec static method access attempt (server-apache.rules)
 * 1:27575 <-> ENABLED <-> SERVER-APACHE Apache Struts arbitrary OGNL remote code execution attempt (server-apache.rules)
 * 1:27617 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 264 buffer overflow attempt (server-other.rules)
 * 1:27621 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27622 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27623 <-> DISABLED <-> SERVER-OTHER Joomla media.php arbitrary file upload attempt (server-other.rules)
 * 1:27646 <-> DISABLED <-> SERVER-OTHER HP LeftHand Virtual SAN hydra login request buffer overflow attempt (server-other.rules)
 * 1:27667 <-> DISABLED <-> SERVER-WEBAPP Joomla media.php file.upload direct administrator access attempt (server-webapp.rules)
 * 1:27672 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27673 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27674 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27675 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27676 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27677 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27688 <-> DISABLED <-> SERVER-WEBAPP mxBB MX Faq module_root_path file inclusion attempt (server-webapp.rules)
 * 1:27691 <-> ENABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster integer overflow attempt (file-java.rules)
 * 1:27692 <-> ENABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster integer overflow attempt (file-java.rules)
 * 1:27750 <-> ENABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster integer overflow attempt (file-java.rules)
 * 1:27751 <-> ENABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster integer overflow attempt (file-java.rules)
 * 1:27753 <-> DISABLED <-> SERVER-WEBAPP Click N Print Coupons coupon_detail.asp SQL injection attempt (server-webapp.rules)
 * 1:27756 <-> DISABLED <-> SERVER-WEBAPP RedHat Piranha Virtual Server Package default passwd and arbitrary command execution attempt (server-webapp.rules)
 * 1:27769 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 207 buffer overflow attempt (server-other.rules)
 * 1:27770 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 210 buffer overflow attempt (server-other.rules)
 * 1:27771 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 236 buffer overflow attempt (server-other.rules)
 * 1:27772 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 243 buffer overflow attempt (server-other.rules)
 * 1:27773 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 265 buffer overflow attempt (server-other.rules)
 * 1:27861 <-> DISABLED <-> SERVER-ORACLE Oracle Enterprise Manager Database Control directory traversal attempt (server-oracle.rules)
 * 1:27862 <-> DISABLED <-> SERVER-WEBAPP Avaya IP Office Customer Call Reporter invalid file upload attempt (server-webapp.rules)
 * 1:27863 <-> DISABLED <-> SERVER-WEBAPP Ektron CMS XSLT transform remote code execution attempt (server-webapp.rules)
 * 1:27921 <-> DISABLED <-> SERVER-ORACLE Oracle Endeca Server createDataStore remote command injection attempt (server-oracle.rules)
 * 1:27937 <-> ENABLED <-> SERVER-OTHER HP ProCurve Manager SNAC UpdateCertificatesServlet directory traversal attempt (server-other.rules)
 * 1:27941 <-> ENABLED <-> SERVER-OTHER HP ProCurve Manager SNAC UpdateDomainControllerServlet directory traversal attempt (server-other.rules)
 * 1:27942 <-> ENABLED <-> SERVER-WEBAPP Sophos Web Protection Appliance sblistpack arbitrary command execution attempt (server-webapp.rules)
 * 1:28047 <-> DISABLED <-> SERVER-WEBAPP RaidSonic Multiple Products arbitrary command injection attempt (server-webapp.rules)
 * 1:28052 <-> DISABLED <-> SERVER-WEBAPP Linksys WRT110 ping.cgi remote command execution attempt (server-webapp.rules)
 * 1:28093 <-> DISABLED <-> SERVER-WEBAPP Western Digital Arkeia Appliance directory traversal attempt (server-webapp.rules)
 * 1:28124 <-> DISABLED <-> FILE-OTHER PCRE character class heap buffer overflow attempt (file-other.rules)
 * 1:28137 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ShrFmla record use after free attempt (file-office.rules)
 * 1:28145 <-> DISABLED <-> SERVER-WEBAPP OpenEMR information disclosure attempt (server-webapp.rules)
 * 1:28149 <-> DISABLED <-> SERVER-OTHER Quest Software Big Brother attempted arbitrary file deletion (server-other.rules)
 * 1:28150 <-> DISABLED <-> SERVER-OTHER Quest Software Big Brother attempted arbitrary file upload  (server-other.rules)
 * 1:28165 <-> DISABLED <-> PROTOCOL-VOIP attempted DOS detected (protocol-voip.rules)
 * 1:28227 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 211 buffer overflow attempt (server-other.rules)
 * 1:28251 <-> DISABLED <-> SERVER-WEBAPP Zabbix httpmon.php SQL injection attempt (server-webapp.rules)
 * 1:28252 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:28263 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording integer overflow attempt (file-other.rules)
 * 1:28276 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:28277 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:28278 <-> DISABLED <-> SERVER-WEBAPP IBM Tivoli Provisioning Manager express user.updateUserValue sql injection attempt (server-webapp.rules)
 * 1:28289 <-> ENABLED <-> SERVER-WEBAPP Tenda W302R root remote code execution attempt (server-webapp.rules)
 * 1:28290 <-> ENABLED <-> SERVER-WEBAPP Tenda W302R iwpriv remote code execution attempt (server-webapp.rules)
 * 1:28361 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader malformed shading modifier heap corruption attempt (file-pdf.rules)
 * 1:28388 <-> DISABLED <-> FILE-PDF Adobe Acrobat TrueType font handling remote code execution attempt (file-pdf.rules)
 * 1:28389 <-> DISABLED <-> FILE-PDF Adobe Acrobat TrueType font handling remote code execution attempt (file-pdf.rules)
 * 1:28393 <-> DISABLED <-> SERVER-OTHER EMC Replication Manager irccd remote command execution attempt (server-other.rules)
 * 1:28394 <-> DISABLED <-> SERVER-OTHER EMC AlphaStore format string vulnerability exploit attempt (server-other.rules)
 * 1:28395 <-> DISABLED <-> SERVER-OTHER EMC AlphaStore format string vulnerability exploit attempt (server-other.rules)
 * 1:28396 <-> DISABLED <-> SERVER-OTHER EMC AlphaStore format string vulnerability exploit attempt (server-other.rules)
 * 1:28397 <-> DISABLED <-> SERVER-OTHER EMC AlphaStore format string vulnerability exploit attempt (server-other.rules)
 * 1:28398 <-> DISABLED <-> SERVER-OTHER EMC AlphaStore format string vulnerability exploit attempt (server-other.rules)
 * 1:28407 <-> ENABLED <-> SERVER-WEBAPP HP Intelligent Management Center BIMS UploadServlet arbitrary file upload attempt (server-webapp.rules)
 * 1:28427 <-> DISABLED <-> FILE-PDF Adobe Acrobat universal 3D format memory corruption attempt (file-pdf.rules)
 * 1:28448 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center BIMS bimsDownload directory traversal attempt (server-webapp.rules)
 * 1:28461 <-> DISABLED <-> FILE-PDF Adobe Acrobat font parsing integer overflow attempt (file-pdf.rules)
 * 1:28462 <-> DISABLED <-> FILE-PDF Adobe Acrobat font parsing integer overflow attempt (file-pdf.rules)
 * 1:28464 <-> ENABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28465 <-> ENABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28466 <-> ENABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28467 <-> ENABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28468 <-> ENABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28469 <-> ENABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28470 <-> ENABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28471 <-> ENABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28472 <-> ENABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28473 <-> ENABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28525 <-> ENABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28526 <-> ENABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28534 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML description attribute overflow attempt (file-other.rules)
 * 1:28535 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML description attribute overflow attempt (file-other.rules)
 * 1:28536 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML description attribute overflow attempt (file-other.rules)
 * 1:28537 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML description attribute overflow attempt (file-other.rules)
 * 1:28575 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Reader FDF submitForm cross-site scripting attempt (file-other.rules)
 * 1:28576 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Reader FDF submitForm cross-site scripting attempt (file-other.rules)
 * 1:28597 <-> ENABLED <-> FILE-PDF Adobe Acrobat and Adobe Acrobat Reader field dictionary null pointer dereference attempt (file-pdf.rules)
 * 1:28598 <-> ENABLED <-> FILE-PDF Adobe Acrobat and Adobe Acrobat Reader field dictionary null pointer dereference attempt (file-pdf.rules)
 * 1:28621 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:28622 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed shading modifier heap corruption attempt (file-pdf.rules)
 * 1:28623 <-> DISABLED <-> FILE-PDF Adobe Acrobat font parsing integer overflow attempt (file-pdf.rules)
 * 1:28624 <-> DISABLED <-> FILE-PDF Adobe Acrobat font parsing integer overflow attempt (file-pdf.rules)
 * 1:28625 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader U3D rgba parsing overflow attempt (file-pdf.rules)
 * 1:28633 <-> DISABLED <-> FILE-PDF Adobe Acrobat Universal 3D stream memory corruption attempt (file-pdf.rules)
 * 1:28642 <-> DISABLED <-> FILE-PDF Adobe Acrobat TrueType font handling remote code execution attempt (file-pdf.rules)
 * 1:28643 <-> DISABLED <-> FILE-PDF Adobe Acrobat TrueType font handling remote code execution attempt (file-pdf.rules)
 * 1:28659 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader known malicious variable exploit attempt (file-pdf.rules)
 * 1:28709 <-> DISABLED <-> FILE-PDF Adobe Acrobat Universal 3D stream memory corruption attempt (file-pdf.rules)
 * 1:28746 <-> DISABLED <-> SERVER-WEBAPP SAP NetWeaver SXPG_CALL_SYSTEM remote code execution attempt (server-webapp.rules)
 * 1:28747 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader universal 3D format memory corruption attempt (file-pdf.rules)
 * 1:28748 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader universal 3D format memory corruption attempt (file-pdf.rules)
 * 1:28790 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader universal 3D stream memory corruption attempt (file-pdf.rules)
 * 1:28794 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SerAuxTrend biff record corruption attempt (file-office.rules)
 * 1:28818 <-> DISABLED <-> FILE-OTHER 7-Zip ARJ archive handling buffer overflow attempt (file-other.rules)
 * 1:28819 <-> DISABLED <-> FILE-OTHER 7-Zip ARJ archive handling buffer overflow attempt (file-other.rules)
 * 1:28831 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro d2d1.dll dll-load exploit attempt (file-other.rules)
 * 1:28833 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro ipl.dll dll-load exploit attempt (file-other.rules)
 * 1:28834 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uipl.dll dll-load exploit attempt (file-other.rules)
 * 1:28835 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uvipl.dll dll-load exploit attempt (file-other.rules)
 * 1:28836 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro wintab32.dll dll-load exploit attempt (file-other.rules)
 * 1:28837 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro d2d1.dll dll-load exploit attempt (file-other.rules)
 * 1:28839 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro ipl.dll dll-load exploit attempt (file-other.rules)
 * 1:28840 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uipl.dll dll-load exploit attempt (file-other.rules)
 * 1:28841 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uvipl.dll dll-load exploit attempt (file-other.rules)
 * 1:28842 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro wintab32.dll dll-load exploit attempt (file-other.rules)
 * 1:28843 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader javascript toolbar button use after free attempt (file-pdf.rules)
 * 1:28844 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader javascript toolbar button use after free attempt (file-pdf.rules)
 * 1:28845 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader javascript toolbar button use after free attempt (file-pdf.rules)
 * 1:28846 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader javascript toolbar button use after free attempt (file-pdf.rules)
 * 1:28867 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NDProxy.sys privilege escalation attempt (os-windows.rules)
 * 1:28868 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NDProxy.sys privilege escalation attempt (os-windows.rules)
 * 1:28869 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NDProxy.sys privilege escalation attempt (os-windows.rules)
 * 1:28870 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NDProxy.sys privilege escalation attempt (os-windows.rules)
 * 1:28871 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NDProxy.sys privilege escalation attempt (os-windows.rules)
 * 1:28872 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NDProxy.sys privilege escalation attempt (os-windows.rules)
 * 1:28902 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules)
 * 1:28903 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules)
 * 1:28904 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules)
 * 1:28905 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules)
 * 1:28906 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules)
 * 1:28907 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules)
 * 1:28908 <-> DISABLED <-> SERVER-OTHER Nagios core config manager tfpassword sql injection attempt (server-other.rules)
 * 1:28909 <-> DISABLED <-> SERVER-WEBAPP OTManager ADM_Pagina.php remote file include attempt (server-webapp.rules)
 * 1:28910 <-> DISABLED <-> SERVER-WEBAPP mcRefer install.php arbitrary PHP code injection attempt (server-webapp.rules)
 * 1:28912 <-> DISABLED <-> SERVER-WEBAPP Joomla simple RSS reader admin.rssreader.php remote file include attempt (server-webapp.rules)
 * 1:28915 <-> ENABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster.verify method integer overflow attempt (file-java.rules)
 * 1:28916 <-> ENABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster.verify method integer overflow attempt (file-java.rules)
 * 1:28917 <-> DISABLED <-> PROTOCOL-SCADA Microsys Promotic directory traversal attempt (protocol-scada.rules)
 * 1:28936 <-> DISABLED <-> SERVER-WEBAPP Horde groupware webmail edition ingo filter cross-site request forgery attempt (server-webapp.rules)
 * 1:28937 <-> DISABLED <-> SERVER-WEBAPP HP SiteScope issuesiebelcmd soap request code execution attempt (server-webapp.rules)
 * 1:28942 <-> DISABLED <-> SERVER-WEBAPP BoonEx Dolphin 6.1.2 remote file include attempt (server-webapp.rules)
 * 1:28943 <-> DISABLED <-> SERVER-WEBAPP BoonEx Dolphin 6.1.2 remote file include attempt (server-webapp.rules)
 * 1:28944 <-> DISABLED <-> SERVER-WEBAPP BoonEx Dolphin 6.1.2 remote file include attempt (server-webapp.rules)
 * 1:28946 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint server callback function cross-site scripting attempt (server-webapp.rules)
 * 1:28956 <-> DISABLED <-> SERVER-WEBAPP Novell Zenworks configuration management umaninv information disclosure attempt (server-webapp.rules)
 * 1:28957 <-> DISABLED <-> SERVER-WEBAPP RSS-aggregator display.php remote file include attempt (server-webapp.rules)
 * 1:28961 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer RealMedia URL length buffer overflow attempt (file-multimedia.rules)
 * 1:28962 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer RealMedia URL length buffer overflow attempt (file-multimedia.rules)
 * 1:28993 <-> DISABLED <-> PROTOCOL-VOIP Sipvicious User-Agent detected (protocol-voip.rules)
 * 1:28998 <-> DISABLED <-> OS-LINUX Linux kernel ARM put_user write outside process address space privilege escalation attempt (os-linux.rules)
 * 1:28999 <-> DISABLED <-> OS-LINUX Linux kernel ARM put_user write outside process address space privilege escalation attempt (os-linux.rules)
 * 1:29005 <-> DISABLED <-> SERVER-WEBAPP IBM Platform Symphony SOAP request processing buffer overflow attempt (server-webapp.rules)
 * 1:29014 <-> DISABLED <-> OS-WINDOWS Microsoft Windows embedded OpenType font engine LZX decompression buffer overflow attempt (os-windows.rules)
 * 1:29017 <-> ENABLED <-> SERVER-WEBAPP HP LoadRunner Virtual User Generator EmulationAdmin directory traversal attempt (server-webapp.rules)
 * 1:29018 <-> DISABLED <-> SERVER-WEBAPP HP LoadRunner Virtual User Generator EmulationAdmin getReport SQL injection attempt (server-webapp.rules)
 * 1:29019 <-> ENABLED <-> SERVER-WEBAPP HP LoadRunner Virtual User Generator EmulationAdmin directory traversal attempt (server-webapp.rules)
 * 1:29028 <-> DISABLED <-> SERVER-MSSQL Microsoft SQL Server TDS packet fragment handling remote denial of service attempt (server-mssql.rules)
 * 1:29029 <-> DISABLED <-> SERVER-MSSQL Microsoft SQL Server TDS packet fragment handling remote denial of service attempt (server-mssql.rules)
 * 1:29040 <-> DISABLED <-> SERVER-WEBAPP Zimbra remote code execution attempt (server-webapp.rules)
 * 1:29041 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Data Center Network Manager processImageSave.jsp directory traversal attempt (server-webapp.rules)
 * 1:29042 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Data Center Network Manager processImageSave.jsp directory traversal attempt (server-webapp.rules)
 * 1:29061 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash Player memory corruption attempt (file-multimedia.rules)
 * 1:29062 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader malformed JBIG2 decode segment null pointer crash attempt (file-pdf.rules)
 * 1:29063 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader malformed JBIG2 decode segment null pointer crash attempt (file-pdf.rules)
 * 1:29110 <-> DISABLED <-> SERVER-WEBAPP Symantec Messaging Gateway save.do cross site request forgery attempt (server-webapp.rules)
 * 1:29118 <-> DISABLED <-> SERVER-WEBAPP Novell Groupwise Messenger Server process memory information disclosure attempt (server-webapp.rules)
 * 1:29141 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Data Center Network Manager FileUploadServlet arbitrary file upload attempt (server-webapp.rules)
 * 1:29142 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Data Center Network Manager FileUploadServlet arbitrary file upload attempt (server-webapp.rules)
 * 1:29182 <-> ENABLED <-> FILE-OTHER RealNetworks RealPlayer RMP stack buffer overflow attempt (file-other.rules)
 * 1:29183 <-> ENABLED <-> FILE-OTHER RealNetworks RealPlayer RMP stack buffer overflow attempt (file-other.rules)
 * 1:29184 <-> ENABLED <-> FILE-OTHER RealNetworks RealPlayer RMP stack buffer overflow attempt (file-other.rules)
 * 1:29185 <-> ENABLED <-> FILE-OTHER RealNetworks RealPlayer RMP stack buffer overflow attempt (file-other.rules)
 * 1:29192 <-> DISABLED <-> SERVER-WEBAPP Zimbra remote code execution attempt (server-webapp.rules)
 * 1:29193 <-> DISABLED <-> SERVER-WEBAPP Zimbra remote code execution attempt (server-webapp.rules)
 * 1:29207 <-> ENABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (file-other.rules)
 * 1:29208 <-> ENABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (file-other.rules)
 * 1:29209 <-> ENABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (file-other.rules)
 * 1:29210 <-> ENABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (file-other.rules)
 * 1:29211 <-> ENABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (file-other.rules)
 * 1:29212 <-> ENABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (file-other.rules)
 * 1:29267 <-> DISABLED <-> SERVER-WEBAPP Nagios3 statuswml.cgi remote command execution attempt (server-webapp.rules)
 * 1:29277 <-> DISABLED <-> FILE-OTHER IBM Forms Viewer XFDL form processing stack buffer overflow attempt (file-other.rules)
 * 1:29278 <-> DISABLED <-> FILE-OTHER IBM Forms Viewer XFDL form processing stack buffer overflow attempt (file-other.rules)
 * 1:29279 <-> DISABLED <-> FILE-OTHER IBM Forms Viewer XFDL form processing stack buffer overflow attempt (file-other.rules)
 * 1:29280 <-> DISABLED <-> FILE-OTHER IBM Forms Viewer XFDL form processing stack buffer overflow attempt (file-other.rules)
 * 1:29296 <-> ENABLED <-> SERVER-WEBAPP Red Hat CloudForms agent controller filename directory traversal attempt (server-webapp.rules)
 * 1:29297 <-> ENABLED <-> SERVER-WEBAPP Red Hat CloudForms agent controller filename directory traversal attempt (server-webapp.rules)
 * 1:29362 <-> DISABLED <-> SERVER-OTHER Novell NetWare AFP denial of service attempt (server-other.rules)
 * 1:29387 <-> ENABLED <-> SERVER-WEBAPP Synology DiskStation Manager SLICEUPLOAD remote command execution attempt (server-webapp.rules)
 * 1:29390 <-> ENABLED <-> SERVER-WEBAPP EMC Connectrix Manager FileUploadController directory traversal attempt (server-webapp.rules)
 * 1:29391 <-> ENABLED <-> SERVER-WEBAPP EMC Connectrix Manager FileUploadController directory traversal attempt (server-webapp.rules)
 * 1:29392 <-> ENABLED <-> SERVER-WEBAPP EMC Connectrix Manager FileUploadController directory traversal attempt (server-webapp.rules)
 * 1:29400 <-> DISABLED <-> SERVER-WEBAPP vTiger CRM AddEmailAttachment directory traversal attempt (server-webapp.rules)
 * 1:29409 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader javascript toolbar button use after free attempt (file-pdf.rules)
 * 1:29410 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader javascript toolbar button use after free attempt (file-pdf.rules)
 * 1:29418 <-> DISABLED <-> OS-MOBILE Android signature validation bypass APK file download attempt (os-mobile.rules)
 * 1:29419 <-> DISABLED <-> OS-MOBILE Android signature validation bypass APK file download attempt (os-mobile.rules)
 * 1:29465 <-> DISABLED <-> FILE-OTHER Corel PDF fusion XPS stack buffer overflow attempt (file-other.rules)
 * 1:29466 <-> DISABLED <-> FILE-OTHER Corel PDF fusion XPS stack buffer overflow attempt (file-other.rules)
 * 1:29467 <-> DISABLED <-> FILE-OTHER Corel PDF fusion XPS stack buffer overflow attempt (file-other.rules)
 * 1:29468 <-> DISABLED <-> FILE-OTHER Corel PDF fusion XPS stack buffer overflow attempt (file-other.rules)
 * 1:29485 <-> ENABLED <-> SERVER-WEBAPP EMC Connectrix Manager ManualBootImageUpload directory traversal attempt (server-webapp.rules)
 * 1:29486 <-> ENABLED <-> SERVER-WEBAPP EMC Connectrix Manager ManualBootImageUpload directory traversal attempt (server-webapp.rules)
 * 1:29487 <-> ENABLED <-> SERVER-WEBAPP EMC Connectrix Manager ManualBootImageUpload directory traversal attempt (server-webapp.rules)
 * 1:29488 <-> ENABLED <-> SERVER-WEBAPP EMC Connectrix Manager ManualBootImageUpload directory traversal attempt (server-webapp.rules)
 * 1:29490 <-> ENABLED <-> FILE-JAVA Oracle Java ShortComponentRaster integer overflow attempt (file-java.rules)
 * 1:29491 <-> ENABLED <-> FILE-JAVA Oracle Java ShortComponentRaster integer overflow attempt (file-java.rules)
 * 1:29498 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center sdFileDownload information disclosure attempt (server-webapp.rules)
 * 1:29499 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center sdFileDownload information disclosure attempt (server-webapp.rules)
 * 1:29516 <-> DISABLED <-> SERVER-OTHER HP LeftHand Virtual SAN hydra information disclosure attempt (server-other.rules)
 * 1:29517 <-> DISABLED <-> SERVER-OTHER HP LeftHand Virtual SAN hydra information disclosure attempt (server-other.rules)
 * 1:29520 <-> DISABLED <-> FILE-MULTIMEDIA Flip4Mac Windows media components WMV parsing memory corruption attempt (file-multimedia.rules)
 * 1:29521 <-> DISABLED <-> FILE-MULTIMEDIA Flip4Mac Windows media components WMV parsing memory corruption attempt (file-multimedia.rules)
 * 1:29526 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules)
 * 1:29527 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules)
 * 1:29528 <-> DISABLED <-> SERVER-OTHER OpenView Network Node Manager ovalarmsrv opcode 46 integer overflow attempt (server-other.rules)
 * 1:29529 <-> DISABLED <-> SERVER-OTHER OpenView Network Node Manager ovalarmsrv opcode 47 integer overflow attempt (server-other.rules)
 * 1:29530 <-> DISABLED <-> SERVER-OTHER OpenView Network Node Manager ovalarmsrv opcode 54 integer overflow attempt (server-other.rules)
 * 1:29531 <-> DISABLED <-> SERVER-OTHER OpenView Network Node Manager ovalarmsrv opcode 25 integer overflow attempt (server-other.rules)
 * 1:29532 <-> DISABLED <-> SERVER-OTHER OpenView Network Node Manager ovalarmsrv opcode 81 integer overflow attempt (server-other.rules)
 * 1:29535 <-> DISABLED <-> FILE-JAVA Oracle Java Rhino script engine remote code execution attempt (file-java.rules)
 * 1:29537 <-> DISABLED <-> SERVER-WEBAPP HP SiteScope APIMonitorImpl information disclosure attempt (server-webapp.rules)
 * 1:29570 <-> DISABLED <-> FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (file-other.rules)
 * 1:29571 <-> DISABLED <-> FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (file-other.rules)
 * 1:29572 <-> DISABLED <-> FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (file-other.rules)
 * 1:29573 <-> DISABLED <-> FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (file-other.rules)
 * 1:29574 <-> DISABLED <-> FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (file-other.rules)
 * 1:29575 <-> DISABLED <-> FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (file-other.rules)
 * 1:29576 <-> DISABLED <-> FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (file-other.rules)
 * 1:29577 <-> DISABLED <-> FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (file-other.rules)
 * 1:29581 <-> DISABLED <-> SERVER-OTHER CA Brightstor SUN RPC malformed string buffer overflow attempt (server-other.rules)
 * 1:29592 <-> DISABLED <-> SERVER-APACHE Apache Struts wildcard matching OGNL remote code execution attempt (server-apache.rules)
 * 1:29596 <-> DISABLED <-> SERVER-WEBAPP HP SiteScope soap request code execution attempt (server-webapp.rules)
 * 1:29597 <-> DISABLED <-> SERVER-WEBAPP HP SiteScope soap request code execution attempt (server-webapp.rules)
 * 1:29605 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp integer overflow attempt (file-java.rules)
 * 1:29606 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp integer overflow attempt (file-java.rules)
 * 1:29610 <-> DISABLED <-> SERVER-OTHER IBM Cognos TM1 Server tm1admsd.exe buffer overflow attempt (server-other.rules)
 * 1:29611 <-> DISABLED <-> SERVER-OTHER IBM Cognos TM1 Server tm1admsd.exe buffer overflow attempt (server-other.rules)
 * 1:29622 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed shading modifier heap corruption attempt (file-pdf.rules)
 * 1:29639 <-> DISABLED <-> SERVER-APACHE Apache Struts wildcard matching OGNL remote code execution attempt (server-apache.rules)
 * 1:29647 <-> DISABLED <-> SERVER-APACHE Apache Roller OGNL injection remote code execution attempt (server-apache.rules)
 * 1:29648 <-> DISABLED <-> SERVER-APACHE Apache Roller OGNL injection remote code execution attempt (server-apache.rules)
 * 1:29649 <-> DISABLED <-> SERVER-APACHE Apache Roller allowStaticMethodAccess invocation attempt (server-apache.rules)
 * 1:29669 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader pattern object memory corruption attempt (file-pdf.rules)
 * 1:29746 <-> DISABLED <-> SERVER-WEBAPP Symantec Web Gateway languagetest.php language parameter directory traversal attempt (server-webapp.rules)
 * 1:29750 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center SOM authentication bypass attempt (server-webapp.rules)
 * 1:29751 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center SOM authentication bypass attempt (server-webapp.rules)
 * 1:29752 <-> ENABLED <-> SERVER-WEBAPP HP Intelligent Management Center SOM authentication bypass attempt (server-webapp.rules)
 * 1:29756 <-> DISABLED <-> SERVER-WEBAPP IBM Tivoli Provisioning Manager express user.updateUserValue sql injection attempt (server-webapp.rules)
 * 1:29792 <-> DISABLED <-> SERVER-OTHER Novell iPrint Server remote code execution attempt (server-other.rules)
 * 1:29798 <-> DISABLED <-> SERVER-WEBAPP CuteFlow pre-authenticated admin account creation attempt (server-webapp.rules)
 * 1:29799 <-> DISABLED <-> SERVER-WEBAPP CuteFlow pre-authenticated admin account creation attempt (server-webapp.rules)
 * 1:29808 <-> DISABLED <-> SERVER-WEBAPP Nagios XI alert cloud cross site scripting attempt (server-webapp.rules)
 * 1:29823 <-> DISABLED <-> OS-WINDOWS Microsoft Windows secure channel malformed certificate request memory corruption attempt (os-windows.rules)
 * 1:29937 <-> DISABLED <-> SERVER-OTHER SAP NetWeaver Dispatcher DiagTraceR3Info buffer overflow attempt (server-other.rules)
 * 1:29939 <-> DISABLED <-> SERVER-OTHER EMC AlphaStore buffer overflow attempt (server-other.rules)
 * 1:29940 <-> DISABLED <-> SERVER-OTHER EMC AlphaStore buffer overflow attempt (server-other.rules)
 * 1:29941 <-> DISABLED <-> SERVER-OTHER EMC AlphaStore buffer overflow attempt (server-other.rules)
 * 1:29942 <-> DISABLED <-> SERVER-OTHER EMC AlphaStore buffer overflow attempt (server-other.rules)
 * 1:29946 <-> DISABLED <-> SERVER-OTHER IBM DB2 Universal Database receiveDASMessage buffer overflow attempt (server-other.rules)
 * 1:29947 <-> DISABLED <-> SERVER-OTHER IBM DB2 Universal Database receiveDASMessage buffer overflow attempt (server-other.rules)
 * 1:29948 <-> DISABLED <-> SERVER-OTHER IBM DB2 Universal Database receiveDASMessage buffer overflow attempt (server-other.rules)
 * 1:29950 <-> DISABLED <-> SERVER-OTHER TP-Link TL-WR740N wireless router remote denial of service attempt (server-other.rules)
 * 1:29967 <-> DISABLED <-> SERVER-OTHER Python socket.recvfrom_into remote buffer overflow attempt (server-other.rules)
 * 1:29968 <-> DISABLED <-> SERVER-OTHER Python socket.recvfrom_into remote buffer overflow attempt (server-other.rules)
 * 1:29992 <-> DISABLED <-> SERVER-WEBAPP Linksys WRT120N tmUnblock.cgi TM_Block_URL parameter fprintf stack buffer overflow attempt (server-webapp.rules)
 * 1:30010 <-> DISABLED <-> SERVER-APACHE Apache Solr SolrResourceLoader directory traversal attempt (server-apache.rules)
 * 1:30011 <-> DISABLED <-> SERVER-WEBAPP GE Proficy CIMPLICITY CimWebServer remote code execution attempt (server-webapp.rules)
 * 1:30012 <-> DISABLED <-> SERVER-WEBAPP ESF pfSense Snort log view remote file inclusion attempt (server-webapp.rules)
 * 1:30013 <-> DISABLED <-> SERVER-WEBAPP ESF pfSense Snort log view remote file inclusion attempt (server-webapp.rules)
 * 1:30031 <-> DISABLED <-> SERVER-WEBAPP IBM Lotus Domino stack buffer overflow attempt (server-webapp.rules)
 * 1:30032 <-> DISABLED <-> SERVER-OTHER Borland VisiBroker Smart Agent heap overflow attempt (server-other.rules)
 * 1:30150 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash Player memory corruption attempt (file-multimedia.rules)
 * 1:30151 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash Player memory corruption attempt (file-multimedia.rules)
 * 1:30152 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash Player memory corruption attempt (file-multimedia.rules)
 * 1:30199 <-> DISABLED <-> SERVER-WEBAPP PHP DateInterval heap buffer overread denial of service attempt (server-webapp.rules)
 * 1:30200 <-> DISABLED <-> SERVER-WEBAPP PHP DateInterval heap buffer overread denial of service attempt (server-webapp.rules)
 * 1:30205 <-> ENABLED <-> SERVER-OTHER HP AIO Archive Query Server stack buffer overflow attempt (server-other.rules)
 * 1:30206 <-> ENABLED <-> SERVER-OTHER HP AIO Archive Query Server stack buffer overflow attempt (server-other.rules)
 * 1:30207 <-> ENABLED <-> SERVER-OTHER HP AIO Archive Query Server stack buffer overflow attempt (server-other.rules)
 * 1:30215 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player Live555 RTSP plugin stack-based buffer overflow attempt (file-multimedia.rules)
 * 1:30263 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector opcode 42 directory traversal attempt (server-other.rules)
 * 1:30264 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector opcode 42 directory traversal attempt (server-other.rules)
 * 1:30265 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector opcode 42 directory traversal attempt (server-other.rules)
 * 1:30266 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector opcode 42 directory traversal attempt (server-other.rules)
 * 1:30267 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector opcode 42 directory traversal attempt (server-other.rules)
 * 1:30268 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector opcode 42 directory traversal attempt (server-other.rules)
 * 1:30280 <-> DISABLED <-> SERVER-WEBAPP FreePBX config.php remote code execution attempt (server-webapp.rules)
 * 1:30291 <-> DISABLED <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt (server-webapp.rules)
 * 1:30292 <-> DISABLED <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt (server-webapp.rules)
 * 1:30293 <-> DISABLED <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt (server-webapp.rules)
 * 1:30294 <-> DISABLED <-> SERVER-WEBAPP SePortal poll.php SQL injection attempt (server-webapp.rules)
 * 1:30295 <-> DISABLED <-> SERVER-WEBAPP SePortal print.php SQL injection attempt (server-webapp.rules)
 * 1:30296 <-> DISABLED <-> SERVER-WEBAPP SePortal staticpages.php SQL injection attempt (server-webapp.rules)
 * 1:30305 <-> DISABLED <-> SERVER-WEBAPP Horde Framework variables.php unserialize PHP code execution attempt (server-webapp.rules)
 * 1:30307 <-> DISABLED <-> SERVER-WEBAPP EMC Connectrix Manager FileUploadController directory traversal attempt (server-webapp.rules)
 * 1:30329 <-> DISABLED <-> SERVER-OTHER McAfee Asset Manager downloadReport information disclosure attempt (server-other.rules)
 * 1:30330 <-> DISABLED <-> SERVER-OTHER McAfee Asset Manager downloadReport information disclosure attempt (server-other.rules)
 * 1:30343 <-> DISABLED <-> SERVER-WEBAPP Joomla weblinks-categories SQL injection attempt (server-webapp.rules)
 * 1:30526 <-> DISABLED <-> SERVER-WEBAPP Joomla komento extension cross site scripting attempt (server-webapp.rules)
 * 1:30527 <-> DISABLED <-> SERVER-WEBAPP Joomla komento extension cross site scripting attempt (server-webapp.rules)
 * 1:30528 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader javascript toolbar button use after free attempt (file-pdf.rules)
 * 1:30529 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader javascript toolbar button use after free attempt (file-pdf.rules)
 * 1:30774 <-> DISABLED <-> SERVER-WEBAPP Splunk collect file parameter directory traversal attempt (server-webapp.rules)
 * 1:30790 <-> DISABLED <-> SERVER-APACHE Apache Struts ParametersInterceptor classloader access attempt (server-apache.rules)
 * 1:30792 <-> DISABLED <-> SERVER-APACHE Apache Struts ParametersInterceptor classloader access attempt (server-apache.rules)
 * 1:30797 <-> DISABLED <-> PROTOCOL-SCADA Yokogawa CENTUM CS 3000 RETR bkbcopyd buffer overflow attempt (protocol-scada.rules)
 * 1:30798 <-> DISABLED <-> PROTOCOL-SCADA Yokogawa CENTUM CS 3000 STOR bkbcopyd buffer overflow attempt (protocol-scada.rules)
 * 1:30799 <-> DISABLED <-> PROTOCOL-SCADA Yokogawa CENTUM CS 3000 ATTR bkbcopyd buffer overflow attempt (protocol-scada.rules)
 * 1:30800 <-> DISABLED <-> PROTOCOL-SCADA Yokogawa CENTUM CS 3000 XATR bkbcopyd buffer overflow attempt (protocol-scada.rules)
 * 1:30801 <-> DISABLED <-> PROTOCOL-SCADA Yokogawa CENTUM CS 3000 PMODE bkbcopyd buffer overflow attempt (protocol-scada.rules)
 * 1:30802 <-> ENABLED <-> PROTOCOL-SCADA Yokogawa CENTUM CS 3000 bkclogserv buffer overflow attempt (protocol-scada.rules)
 * 1:3085 <-> DISABLED <-> SERVER-OTHER AOL Instant Messenger goaway message buffer overflow attempt (server-other.rules)
 * 1:30876 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:30877 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:30928 <-> ENABLED <-> SERVER-OTHER SAP NetWeaver dir content listing attempt (server-other.rules)
 * 1:30944 <-> DISABLED <-> SERVER-APACHE Apache Struts CookieInterceptor classloader access attempt (server-apache.rules)
 * 1:31015 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader integer overflow attempt (file-pdf.rules)
 * 1:31016 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader integer overflow attempt (file-pdf.rules)
 * 1:31021 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader api call handling arbitrary execution attempt (file-pdf.rules)
 * 1:31022 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader api call handling arbitrary execution attempt (file-pdf.rules)
 * 1:31056 <-> DISABLED <-> PROTOCOL-SNMP Motorola Netopia 3347 series WEP key enumeration attempt (protocol-snmp.rules)
 * 1:31057 <-> DISABLED <-> PROTOCOL-SNMP Motorola Netopia 3347 series WPA key enumeration attempt (protocol-snmp.rules)
 * 1:31058 <-> DISABLED <-> PROTOCOL-SNMP Brocade snAgentUserAccntName enumeration attempt (protocol-snmp.rules)
 * 1:31059 <-> DISABLED <-> PROTOCOL-SNMP Brocade snAgentUserAccntPassword enumeration attempt (protocol-snmp.rules)
 * 1:31067 <-> DISABLED <-> SERVER-WEBAPP Advantech WebAccess ChartThemeConfig SQL injection attempt (server-webapp.rules)
 * 1:31068 <-> DISABLED <-> SERVER-OTHER F5 BIG-IP iControl API hostname command injection attempt (server-other.rules)
 * 1:31095 <-> DISABLED <-> PROTOCOL-SNMP Ubee DDW3611 series WEP key enumeration attempt (protocol-snmp.rules)
 * 1:31096 <-> DISABLED <-> PROTOCOL-SNMP Ubee DDW3611 series WPA key enumeration attempt (protocol-snmp.rules)
 * 1:31097 <-> DISABLED <-> PROTOCOL-SNMP CableHome Devices cabhPsDevUIPassword enumeration attempt (protocol-snmp.rules)
 * 1:31098 <-> DISABLED <-> PROTOCOL-SNMP Ubee U10C019 series WEP key enumeration attempt (protocol-snmp.rules)
 * 1:31099 <-> DISABLED <-> PROTOCOL-SNMP Ubee U10C019 series WPA key enumeration attempt (protocol-snmp.rules)
 * 1:31100 <-> DISABLED <-> PROTOCOL-SNMP Ubee U10C019 series password enumeration attempt (protocol-snmp.rules)
 * 1:31103 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:31104 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:31105 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:31106 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:31128 <-> DISABLED <-> PROTOCOL-FTP CoreFTP FTP Server TYPE command denial of service attempt (protocol-ftp.rules)
 * 1:31143 <-> DISABLED <-> SERVER-WEBAPP CA ERwin Web Portal ConfigServiceProvider directory traversal attempt (server-webapp.rules)
 * 1:31148 <-> DISABLED <-> SERVER-WEBAPP Supermicro Intelligent Management Controller login.cgi buffer overflow attempt (server-webapp.rules)
 * 1:31149 <-> DISABLED <-> SERVER-WEBAPP Supermicro Intelligent Management Controller login.cgi buffer overflow attempt (server-webapp.rules)
 * 1:31157 <-> DISABLED <-> SERVER-WEBAPP Cogent DataHub getpermissions.asp command injection attempt (server-webapp.rules)
 * 1:31158 <-> DISABLED <-> SERVER-WEBAPP Cogent DataHub getpermissions.asp command injection attempt (server-webapp.rules)
 * 1:31159 <-> DISABLED <-> SERVER-WEBAPP Cogent DataHub getpermissions.asp command injection attempt (server-webapp.rules)
 * 1:31160 <-> DISABLED <-> SERVER-WEBAPP Cogent DataHub getpermissions.asp command injection attempt (server-webapp.rules)
 * 1:31176 <-> DISABLED <-> SERVER-OTHER GnuTLS Server Hello Session ID heap overflow attempt (server-other.rules)
 * 1:31177 <-> DISABLED <-> SERVER-OTHER GnuTLS Server Hello Session ID heap overflow attempt (server-other.rules)
 * 1:31178 <-> DISABLED <-> SERVER-OTHER GnuTLS Server Hello Session ID heap overflow attempt (server-other.rules)
 * 1:31179 <-> DISABLED <-> SERVER-OTHER GnuTLS Server Hello Session ID heap overflow attempt (server-other.rules)
 * 1:31195 <-> DISABLED <-> SERVER-WEBAPP VMTurbo Operations Manager directory traversal attempt (server-webapp.rules)
 * 1:31210 <-> ENABLED <-> SERVER-WEBAPP Supermicro Intelligent Management Controller close_window.cgi buffer overflow attempt (server-webapp.rules)
 * 1:31211 <-> ENABLED <-> SERVER-WEBAPP Supermicro Intelligent Management Controller close_window.cgi buffer overflow attempt (server-webapp.rules)
 * 1:31259 <-> DISABLED <-> SERVER-WEBAPP Supermicro Intelligent Management Controller url_redirect.cgi directory traversal attempt (server-webapp.rules)
 * 1:31300 <-> ENABLED <-> SERVER-OTHER Xerox DocuShare SQL injection attempt (server-other.rules)
 * 1:31305 <-> DISABLED <-> SERVER-WEBAPP Rocket Servergraph Admin Center fileRequestor directory traversal attempt (server-webapp.rules)
 * 1:31310 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word SmartTag record code execution attempt (file-office.rules)
 * 1:31311 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word SmartTag record code execution attempt (file-office.rules)
 * 1:31312 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word SmartTag record code execution attempt (file-office.rules)
 * 1:31330 <-> ENABLED <-> SERVER-WEBAPP AlienVault OSSIM av-centerd update_system_info_debian_package command injection attempt (server-webapp.rules)
 * 1:31337 <-> DISABLED <-> SERVER-OTHER Nagios NRPE command execution attempt (server-other.rules)
 * 1:31338 <-> DISABLED <-> SERVER-OTHER OpenAFS GetStatistics buffer overflow attempt (server-other.rules)
 * 1:31360 <-> DISABLED <-> SERVER-WEBAPP PHP include parameter remote file include attempt (server-webapp.rules)
 * 1:31362 <-> DISABLED <-> SERVER-WEBAPP MiniBB PHP arbitrary remote code execution attempt (server-webapp.rules)
 * 1:31363 <-> DISABLED <-> SERVER-WEBAPP MF Piadas admin.php page parameter PHP remote file include attempt (server-webapp.rules)
 * 1:31364 <-> DISABLED <-> SERVER-WEBAPP FlashGameScript index.php func parameter PHP remote file include attempt (server-webapp.rules)
 * 1:31366 <-> ENABLED <-> FILE-JAVA Oracle Java sun.tracing.ProviderSkeleton sandbox bypass attempt (file-java.rules)
 * 1:31367 <-> ENABLED <-> FILE-JAVA Oracle Java sun.tracing.ProviderSkeleton sandbox bypass attempt (file-java.rules)
 * 1:31373 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM ovwebsnmpsrv.exe command line argument buffer overflow attempt (server-webapp.rules)
 * 1:31376 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer mpeg width integer memory underflow attempt (file-multimedia.rules)
 * 1:31377 <-> DISABLED <-> SERVER-WEBAPP PHP includedir parameter remote file include attempt (server-webapp.rules)
 * 1:31378 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Converter sprmTSplit overflow attempt (file-office.rules)
 * 1:31379 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Converter sprmTTextFflow overflow attempt (file-office.rules)
 * 1:31411 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder wmerrorDAN.dll dll-load exploit attempt (os-windows.rules)
 * 1:31412 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder winietDAN.dll dll-load exploit attempt (os-windows.rules)
 * 1:31413 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder asferrorDAN.dll dll-load exploit attempt (os-windows.rules)
 * 1:31414 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder wmerrorDAN.dll dll-load exploit attempt (os-windows.rules)
 * 1:31415 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder winietDAN.dll dll-load exploit attempt (os-windows.rules)
 * 1:31416 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder asferrorDAN.dll dll-load exploit attempt (os-windows.rules)
 * 1:31425 <-> DISABLED <-> SERVER-WEBAPP PHP Simple Shop abs_path parameter PHP remote file include attempt (server-webapp.rules)
 * 1:31426 <-> DISABLED <-> SERVER-WEBAPP Jevontech PHPenpals PersonalID SQL injection attempt (server-webapp.rules)
 * 1:31429 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint server callback function cross-site scripting attempt (server-webapp.rules)
 * 1:31439 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader Texture Declaration buffer overflow attempt (file-pdf.rules)
 * 1:31440 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader Texture Declaration buffer overflow attempt (file-pdf.rules)
 * 1:31443 <-> DISABLED <-> SERVER-WEBAPP ActiveState ActivePerl perlIIS.dll server URI buffer overflow attempt (server-webapp.rules)
 * 1:31497 <-> DISABLED <-> SERVER-WEBAPP Oracle Event Processing FileUploadServlet directory traversal attempt (server-webapp.rules)
 * 1:31498 <-> DISABLED <-> SERVER-WEBAPP Oracle Event Processing FileUploadServlet directory traversal attempt (server-webapp.rules)
 * 1:31505 <-> ENABLED <-> SERVER-WEBAPP AlienVault OSSIM av-centerd get_license command injection attempt (server-webapp.rules)
 * 1:31506 <-> ENABLED <-> SERVER-WEBAPP AlienVault OSSIM av-centerd get_log_line command injection attempt (server-webapp.rules)
 * 1:31519 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:31520 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:31521 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:31522 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:31523 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:31524 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:31525 <-> ENABLED <-> SERVER-OTHER HP AutoPass License Server CommunicationServlet directory traversal attempt (server-other.rules)
 * 1:31526 <-> ENABLED <-> SERVER-OTHER HP AutoPass License Server CommunicationServlet directory traversal attempt (server-other.rules)
 * 1:31529 <-> ENABLED <-> SERVER-OTHER D-Link Multiple Products HNAP request buffer overflow attempt (server-other.rules)
 * 1:31534 <-> ENABLED <-> FILE-OFFICE Microsoft Access memory corruption attempt (file-office.rules)
 * 1:31535 <-> ENABLED <-> FILE-OFFICE Microsoft Access memory corruption attempt (file-office.rules)
 * 1:31536 <-> ENABLED <-> FILE-OFFICE Microsoft Access memory corruption attempt (file-office.rules)
 * 1:31537 <-> ENABLED <-> FILE-OFFICE Microsoft Access memory corruption attempt (file-office.rules)
 * 1:31540 <-> ENABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster integer overflow attempt (file-java.rules)
 * 1:31541 <-> ENABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster integer overflow attempt (file-java.rules)
 * 1:31542 <-> DISABLED <-> SERVER-WEBAPP D-Link Multiple Products info.cgi request buffer overflow attempt (server-webapp.rules)
 * 1:31555 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader U3D CLODMeshDeceleration code execution attempt (file-pdf.rules)
 * 1:31562 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word global array index heap overflow attempt (file-office.rules)
 * 1:31565 <-> DISABLED <-> SERVER-WEBAPP Flashchat aedatingCMS2.php remote file include attempt (server-webapp.rules)
 * 1:31566 <-> DISABLED <-> SERVER-WEBAPP Flashchat aedatingCMS.php remote file include attempt (server-webapp.rules)
 * 1:31567 <-> DISABLED <-> SERVER-WEBAPP Gitlist remote command injection attempt (server-webapp.rules)
 * 1:31569 <-> DISABLED <-> SERVER-WEBAPP Tiki Wiki 8.3 unserialize PHP remote code execution attempt (server-webapp.rules)
 * 1:31570 <-> DISABLED <-> SERVER-MYSQL MySQL/MariaDB mysql.cc buffer overflow attempt (server-mysql.rules)
 * 1:31588 <-> DISABLED <-> SERVER-WEBAPP D-Link Multiple Products hedwig.cgi cookie buffer overflow attempt (server-webapp.rules)
 * 1:31637 <-> DISABLED <-> SERVER-WEBAPP Ad Fundum Integrateable News Script remote include path attempt (server-webapp.rules)
 * 1:31638 <-> DISABLED <-> SERVER-WEBAPP Voodoo Chat index.php remote include path attempt (server-webapp.rules)
 * 1:31647 <-> DISABLED <-> SERVER-WEBAPP AVM FritzBox webcm command injection attempt (server-webapp.rules)
 * 1:31648 <-> DISABLED <-> SERVER-WEBAPP AVM FritzBox webcm command injection attempt (server-webapp.rules)
 * 1:31651 <-> DISABLED <-> SERVER-WEBAPP VMTurbo Operations Manager vmtadmin.cgi command injection attempt (server-webapp.rules)
 * 1:31652 <-> DISABLED <-> SERVER-WEBAPP VMTurbo Operations Manager vmtadmin.cgi command injection attempt (server-webapp.rules)
 * 1:31686 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)

2018-09-18 14:19:43 UTC

Snort Subscriber Rules Update

Date: 2018-09-18

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 3000.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:47828 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat EmfPlusDrawImagePoints out of bounds read attempt (snort3-file-image.rules)
 * 1:47822 <-> ENABLED <-> MALWARE-CNC Win.Trojan.njrat njRAT trojan outbound attempt (snort3-malware-cnc.rules)
 * 1:47836 <-> ENABLED <-> MALWARE-CNC Win.Trojan.DownloadGuide variant outbound traffic (snort3-malware-cnc.rules)
 * 1:47820 <-> DISABLED <-> SERVER-OTHER OpenSSL invalid Diffie-Hellman parameter NULL pointer dereference attempt (snort3-server-other.rules)
 * 1:47824 <-> ENABLED <-> MALWARE-CNC Win.Trojan.njrat njRAT trojan variant download (snort3-malware-cnc.rules)
 * 1:47813 <-> DISABLED <-> SERVER-WEBAPP CloudByte ElastiStor imageUploadServlet directory traversal attempt (snort3-server-webapp.rules)
 * 1:47823 <-> ENABLED <-> MALWARE-CNC Win.Trojan.njrat njRAT trojan variant download (snort3-malware-cnc.rules)
 * 1:47845 <-> ENABLED <-> MALWARE-OTHER Win.Downloader.DDECmdExec variant download (snort3-malware-other.rules)
 * 1:47843 <-> ENABLED <-> MALWARE-CNC Java.Trojan.Adwind variant outbound connection (snort3-malware-cnc.rules)
 * 1:47847 <-> ENABLED <-> MALWARE-OTHER Win.Downloader.DDECmdExec variant download (snort3-malware-other.rules)
 * 1:47817 <-> DISABLED <-> SERVER-WEBAPP SoftNAS StorageCenter snserv.php command injection attempt (snort3-server-webapp.rules)
 * 1:47831 <-> DISABLED <-> SERVER-WEBAPP phpmyadmin post-authentication local file inclusion attempt (snort3-server-webapp.rules)
 * 1:47825 <-> ENABLED <-> MALWARE-CNC Win.Trojan.njrat njRAT trojan variant download (snort3-malware-cnc.rules)
 * 1:47839 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro SGI RGB run-length encoding out of bounds read attempt (snort3-file-image.rules)
 * 1:47818 <-> DISABLED <-> SERVER-WEBAPP SoftNAS StorageCenter snserv.php command injection attempt (snort3-server-webapp.rules)
 * 1:47814 <-> DISABLED <-> SERVER-WEBAPP CloudByte ElastiStor imageUploadServlet directory traversal attempt (snort3-server-webapp.rules)
 * 1:47835 <-> ENABLED <-> MALWARE-CNC Win.Trojan.DownloadGuide variant outbound traffic (snort3-malware-cnc.rules)
 * 1:47846 <-> ENABLED <-> MALWARE-OTHER Win.Downloader.DDECmdExec variant download (snort3-malware-other.rules)
 * 1:47844 <-> ENABLED <-> MALWARE-OTHER Win.Downloader.DDECmdExec variant download (snort3-malware-other.rules)
 * 1:47834 <-> DISABLED <-> FILE-FLASH Adobe Flash Player COM server BrokerCreateFile sandbox escape attempt (snort3-file-flash.rules)
 * 1:47830 <-> DISABLED <-> POLICY-OTHER phpmyadmin external SQL query detected (snort3-policy-other.rules)
 * 1:47829 <-> ENABLED <-> SERVER-OTHER JBoss Richfaces expression language injection attempt (snort3-server-other.rules)
 * 1:47850 <-> ENABLED <-> OS-WINDOWS Microsoft Windows SystemCollector privilege escalation attempt (snort3-os-windows.rules)
 * 1:47821 <-> DISABLED <-> SERVER-OTHER OpenSSL invalid Diffie-Hellman parameter NULL pointer dereference attempt (snort3-server-other.rules)
 * 1:47848 <-> ENABLED <-> MALWARE-OTHER Win.Downloader.DDECmdExec variant download (snort3-malware-other.rules)
 * 1:47819 <-> DISABLED <-> SERVER-WEBAPP SoftNAS StorageCenter snserv.php command injection attempt (snort3-server-webapp.rules)
 * 1:47812 <-> DISABLED <-> SERVER-WEBAPP CloudByte ElastiStor imageUploadServlet arbitrary JSP file upload attempt (snort3-server-webapp.rules)
 * 1:47827 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat EmfPlusDrawImagePoints out of bounds read attempt (snort3-file-image.rules)
 * 1:47837 <-> ENABLED <-> MALWARE-CNC Win.Trojan.DownloadGuide variant outbound traffic (snort3-malware-cnc.rules)
 * 1:47832 <-> DISABLED <-> SERVER-WEBAPP WordPress Responsive Thumbnail Slider arbitrary PHP file upload attempt (snort3-server-webapp.rules)
 * 1:47826 <-> ENABLED <-> MALWARE-CNC Win.Trojan.njrat njRAT trojan variant download (snort3-malware-cnc.rules)
 * 1:47815 <-> DISABLED <-> SERVER-WEBAPP CloudByte ElastiStor LicenseServlet directory traversal attempt (snort3-server-webapp.rules)
 * 1:47816 <-> DISABLED <-> SERVER-WEBAPP CloudByte ElastiStor LicenseServlet arbitrary JSP file upload attempt (snort3-server-webapp.rules)
 * 1:47838 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro SGI RGB run-length encoding out of bounds read attempt (snort3-file-image.rules)
 * 1:47833 <-> DISABLED <-> FILE-FLASH Adobe Flash Player COM server BrokerCreateFile sandbox escape attempt (snort3-file-flash.rules)
 * 1:47851 <-> ENABLED <-> OS-WINDOWS Microsoft Windows SystemCollector privilege escalation attempt (snort3-os-windows.rules)
 * 1:47849 <-> ENABLED <-> MALWARE-OTHER Win.Downloader.DDECmdExec variant download (snort3-malware-other.rules)

Modified Rules:


 * 1:32084 <-> ENABLED <-> SERVER-OTHER HP Network Node Manager ovopi.dll buffer overflow attempt (snort3-server-other.rules)
 * 1:32885 <-> DISABLED <-> SERVER-WEBAPP Enalean Tuleap PHP unserialize code execution attempt (snort3-server-webapp.rules)
 * 1:32232 <-> ENABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (snort3-file-java.rules)
 * 1:32199 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 305 directory traversal attempt (snort3-server-other.rules)
 * 1:32152 <-> DISABLED <-> FILE-OTHER Microsoft System.Uri heap corruption attempt (snort3-file-other.rules)
 * 1:32151 <-> DISABLED <-> FILE-OTHER Microsoft System.Uri heap corruption attempt (snort3-file-other.rules)
 * 1:32150 <-> DISABLED <-> FILE-OTHER Microsoft System.Uri heap corruption attempt (snort3-file-other.rules)
 * 1:32149 <-> DISABLED <-> FILE-OTHER Microsoft System.Uri heap corruption attempt (snort3-file-other.rules)
 * 1:32109 <-> DISABLED <-> SERVER-WEBAPP Easy File Management stack buffer overflow attempt (snort3-server-webapp.rules)
 * 1:32092 <-> DISABLED <-> POLICY-OTHER ManageEngine DeviceExpert user credentials enumeration attempt (snort3-policy-other.rules)
 * 1:32085 <-> ENABLED <-> SERVER-OTHER HP Network Node Manager ovopi.dll buffer overflow attempt (snort3-server-other.rules)
 * 1:31745 <-> DISABLED <-> SERVER-WEBAPP vTiger CRM install module command injection attempt (snort3-server-webapp.rules)
 * 1:12286 <-> DISABLED <-> FILE-OTHER PCRE character class heap buffer overflow attempt (snort3-file-other.rules)
 * 1:31743 <-> DISABLED <-> SERVER-WEBAPP Wordpress WPTouch file upload remote code execution attempt (snort3-server-webapp.rules)
 * 1:32324 <-> DISABLED <-> SERVER-WEBAPP WordPress Custom Contact Forms plugin arbitrary SQL execution attempt (snort3-server-webapp.rules)
 * 1:31798 <-> DISABLED <-> SERVER-WEBAPP HP Network Virtualization storedNtxFile directory traversal attempt (snort3-server-webapp.rules)
 * 1:31728 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Desktop Central LinkViewFetchServlet SQL injection attempt (snort3-server-webapp.rules)
 * 1:32323 <-> DISABLED <-> SERVER-WEBAPP WordPress Custom Contact Forms plugin SQL export attempt (snort3-server-webapp.rules)
 * 1:32276 <-> DISABLED <-> SERVER-WEBAPP WordPress Infusionsoft Gravity Forms Plugin arbitrary code execution attempt (snort3-server-webapp.rules)
 * 1:31818 <-> DISABLED <-> SERVER-WEBAPP ManageEngine DesktopCentral statusUpdate servlet directory traversal attempt (snort3-server-webapp.rules)
 * 1:31819 <-> DISABLED <-> SERVER-WEBAPP HP Network Virtualization toServerObject directory traversal attempt (snort3-server-webapp.rules)
 * 1:31823 <-> ENABLED <-> SERVER-WEBAPP AlienVault OSSIM remote_task command injection attempt (snort3-server-webapp.rules)
 * 1:31838 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Eventlog Analyzer directory traversal attempt (snort3-server-webapp.rules)
 * 1:32235 <-> ENABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (snort3-file-java.rules)
 * 1:31846 <-> DISABLED <-> POLICY-OTHER HP Universal CMDB default credentials authentication attempt (snort3-policy-other.rules)
 * 1:31851 <-> DISABLED <-> PROTOCOL-SNMP Arris DG950A 128 bit WEP key enumeration attempt (snort3-protocol-snmp.rules)
 * 1:31852 <-> DISABLED <-> PROTOCOL-SNMP Arris DG950A 64 bit WEP key enumeration attempt (snort3-protocol-snmp.rules)
 * 1:32056 <-> DISABLED <-> SERVER-WEBAPP ManageEngine FileCollector servlet directory traversal attempt (snort3-server-webapp.rules)
 * 1:32044 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Eventlog Analyzer directory traversal attempt (snort3-server-webapp.rules)
 * 1:31853 <-> DISABLED <-> PROTOCOL-SNMP Arris DG950A WPA key enumeration attempt (snort3-protocol-snmp.rules)
 * 1:32347 <-> DISABLED <-> SERVER-WEBAPP ManageEngine FileCollector servlet directory traversal attempt (snort3-server-webapp.rules)
 * 1:31854 <-> DISABLED <-> PROTOCOL-SNMP Multiple Products 128 bit WEP key enumeration attempt (snort3-protocol-snmp.rules)
 * 1:31855 <-> DISABLED <-> PROTOCOL-SNMP Multiple Products 64 bit WEP key enumeration attempt (snort3-protocol-snmp.rules)
 * 1:31856 <-> DISABLED <-> PROTOCOL-SNMP Multiple Products WPA key enumeration attempt (snort3-protocol-snmp.rules)
 * 1:31877 <-> DISABLED <-> SERVER-OTHER HP Application Life Cycle Management ActiveX arbitrary code execution attempt (snort3-server-other.rules)
 * 1:31878 <-> DISABLED <-> SERVER-OTHER HP Application Life Cycle Management ActiveX arbitrary code execution attempt (snort3-server-other.rules)
 * 1:32346 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 1091 directory traversal attempt (snort3-server-other.rules)
 * 1:31879 <-> DISABLED <-> SERVER-OTHER HP Application Life Cycle Management ActiveX arbitrary code execution attempt (snort3-server-other.rules)
 * 1:31880 <-> DISABLED <-> SERVER-OTHER HP Application Life Cycle Management ActiveX arbitrary code execution attempt (snort3-server-other.rules)
 * 1:31881 <-> DISABLED <-> SERVER-OTHER HP Application Life Cycle Management ActiveX arbitrary code execution attempt (snort3-server-other.rules)
 * 1:31882 <-> DISABLED <-> SERVER-OTHER HP Application Life Cycle Management ActiveX arbitrary code execution attempt (snort3-server-other.rules)
 * 1:32342 <-> ENABLED <-> SERVER-OTHER AlienVault OSSIM framework backup_restore action command injection attempt (snort3-server-other.rules)
 * 1:31889 <-> DISABLED <-> SERVER-MAIL Exim Dovecot LDA sender_address command injection attempt (snort3-server-mail.rules)
 * 1:31890 <-> DISABLED <-> SERVER-MAIL Exim Dovecot LDA sender_address command injection attempt (snort3-server-mail.rules)
 * 1:31892 <-> DISABLED <-> SERVER-WEBAPP HybridAuth install.php code injection attempt (snort3-server-webapp.rules)
 * 1:31912 <-> DISABLED <-> SERVER-WEBAPP cPanel 9.01 multiple URI parameters cross site scripting attempt (snort3-server-webapp.rules)
 * 1:32337 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader pattern object memory corruption attempt (snort3-file-pdf.rules)
 * 1:31942 <-> DISABLED <-> SERVER-WEBAPP Novell GroupWise Admin Service FileUploadServlet directory traversal attempt (snort3-server-webapp.rules)
 * 1:31945 <-> DISABLED <-> SERVER-WEBAPP PhpWiki Ploticus plugin command injection attempt (snort3-server-webapp.rules)
 * 1:32382 <-> DISABLED <-> SERVER-OTHER OpenSSL DTLS SRTP extension parsing denial-of-service attempt (snort3-server-other.rules)
 * 1:32381 <-> DISABLED <-> SERVER-OTHER OpenSSL DTLS SRTP extension parsing denial-of-service attempt (snort3-server-other.rules)
 * 1:32377 <-> DISABLED <-> FILE-OFFICE Microsoft Office invalid MS-OGRAPH DataFormat buffer overflow attempt (snort3-file-office.rules)
 * 1:32371 <-> ENABLED <-> SERVER-OTHER HP Network Node Manager ovopi.dll buffer overflow attempt (snort3-server-other.rules)
 * 1:32370 <-> DISABLED <-> SERVER-OTHER AOL Instant Messenger goaway message buffer overflow attempt (snort3-server-other.rules)
 * 1:32369 <-> DISABLED <-> PROTOCOL-ICMP FreeBSD rtsold dname_labeldec stack buffer overflow attempt (snort3-protocol-icmp.rules)
 * 1:32352 <-> ENABLED <-> SERVER-WEBAPP Centreon displayServiceStatus.php command injection attempt (snort3-server-webapp.rules)
 * 1:32351 <-> DISABLED <-> SERVER-WEBAPP ManageEngine multipartRequest servlet directory traversal attempt (snort3-server-webapp.rules)
 * 1:32350 <-> DISABLED <-> SERVER-WEBAPP ManageEngine multipartRequest servlet directory traversal attempt (snort3-server-webapp.rules)
 * 1:32349 <-> DISABLED <-> SERVER-WEBAPP ManageEngine FileCollector servlet directory traversal attempt (snort3-server-webapp.rules)
 * 1:32348 <-> DISABLED <-> SERVER-WEBAPP ManageEngine FileCollector servlet directory traversal attempt (snort3-server-webapp.rules)
 * 1:31987 <-> ENABLED <-> FILE-OTHER Wireshark MPEG dissector stack buffer overflow attempt (snort3-file-other.rules)
 * 1:32076 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 1091 directory traversal attempt (snort3-server-other.rules)
 * 1:32068 <-> DISABLED <-> POLICY-OTHER SolarWinds Log and Event Manager default credentials authentication attempt (snort3-policy-other.rules)
 * 1:32059 <-> ENABLED <-> PROTOCOL-SCADA KingSCADA Alarm Server stack buffer overflow attempt (snort3-protocol-scada.rules)
 * 1:32057 <-> DISABLED <-> SERVER-WEBAPP ManageEngine multipartRequest servlet directory traversal attempt (snort3-server-webapp.rules)
 * 1:31764 <-> DISABLED <-> SERVER-OTHER MIT Kerberos KDC TGS request cross-realm referral null pointer dereference denial of service attempt (snort3-server-other.rules)
 * 1:32527 <-> DISABLED <-> SERVER-WEBAPP Visual Mining NetCharts directory traversal attempt (snort3-server-webapp.rules)
 * 1:32526 <-> DISABLED <-> POLICY-OTHER Visual Mining NetCharts default credentials authentication attempt (snort3-policy-other.rules)
 * 1:32403 <-> ENABLED <-> SERVER-OTHER HP Network Node Manager ovopi.dll buffer overflow attempt (snort3-server-other.rules)
 * 1:32563 <-> DISABLED <-> SERVER-WEBAPP Visual Mining NetCharts arbitrary file upload attempt (snort3-server-webapp.rules)
 * 1:32530 <-> ENABLED <-> SERVER-OTHER HP Network Node Manager ovopi.dll buffer overflow attempt (snort3-server-other.rules)
 * 1:32528 <-> DISABLED <-> SERVER-WEBAPP Visual Mining NetCharts directory traversal attempt (snort3-server-webapp.rules)
 * 1:32582 <-> DISABLED <-> SERVER-WEBAPP Mantis Bug Tracker XmlImportExport plugin PHP code injection attempt (snort3-server-webapp.rules)
 * 1:32581 <-> DISABLED <-> SERVER-WEBAPP Mantis Bug Tracker XmlImportExport plugin PHP code injection attempt (snort3-server-webapp.rules)
 * 1:32603 <-> DISABLED <-> POLICY-OTHER ManageEngine Eventlog Analyzer information disclosure attempt (snort3-policy-other.rules)
 * 1:32602 <-> DISABLED <-> POLICY-OTHER ManageEngine Eventlog Analyzer credential disclosure attempt (snort3-policy-other.rules)
 * 1:32601 <-> DISABLED <-> SERVER-OTHER Hikvision DVR RTSP request buffer overflow attempt (snort3-server-other.rules)
 * 1:32620 <-> DISABLED <-> FILE-OTHER MostGear EasyLanFolderShare serial key overflow attempt (snort3-file-other.rules)
 * 1:32619 <-> DISABLED <-> FILE-OTHER MostGear EasyLanFolderShare serial key overflow attempt (snort3-file-other.rules)
 * 1:32628 <-> ENABLED <-> SERVER-OTHER HP Network Node Manager ovopi.dll buffer overflow attempt (snort3-server-other.rules)
 * 1:32975 <-> DISABLED <-> OS-MOBILE Android ObjectInputStream privilege escalation attempt (snort3-os-mobile.rules)
 * 1:31765 <-> DISABLED <-> SERVER-OTHER MIT Kerberos KDC TGS request cross-realm referral null pointer dereference denial of service attempt (snort3-server-other.rules)
 * 1:31771 <-> DISABLED <-> SERVER-WEBAPP SolarWinds Storage Manager directory traversal attempt (snort3-server-webapp.rules)
 * 1:31730 <-> DISABLED <-> SERVER-WEBAPP Symantec Web Gateway dbutils.php SQL injection attempt (snort3-server-webapp.rules)
 * 1:31747 <-> DISABLED <-> SERVER-WEBAPP Gitlab ssh key upload command injection attempt (snort3-server-webapp.rules)
 * 1:32794 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader XRef object integer overflow attempt (snort3-file-pdf.rules)
 * 1:32793 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader XRef object integer overflow attempt (snort3-file-pdf.rules)
 * 1:32753 <-> ENABLED <-> SERVER-WEBAPP FreePBX Framework Asterisk recording interface PHP unserialize code execution attempt (snort3-server-webapp.rules)
 * 1:32745 <-> DISABLED <-> SERVER-WEBAPP ManageEngine NetFlow Analyzer information disclosure attempt (snort3-server-webapp.rules)
 * 1:32744 <-> DISABLED <-> SERVER-WEBAPP ManageEngine NetFlow Analyzer DisplayChartPDF directory traversal attempt (snort3-server-webapp.rules)
 * 1:32742 <-> ENABLED <-> SERVER-WEBAPP Arris VAP2500 tools_command.php command execution attempt (snort3-server-webapp.rules)
 * 1:32741 <-> DISABLED <-> POLICY-OTHER Arris VAP2500 default credentials authentication attempt (snort3-policy-other.rules)
 * 1:32740 <-> DISABLED <-> POLICY-OTHER Arris VAP2500 default credentials authentication attempt (snort3-policy-other.rules)
 * 1:32739 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime text track descriptors heap buffer overflow attempt (snort3-file-multimedia.rules)
 * 1:32233 <-> ENABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (snort3-file-java.rules)
 * 1:32738 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime text track descriptors heap buffer overflow attempt (snort3-file-multimedia.rules)
 * 1:32729 <-> DISABLED <-> POLICY-OTHER HP Network Node Manager ovopi.dll command 685 insecure pointer dereference attempt (snort3-policy-other.rules)
 * 1:32974 <-> DISABLED <-> OS-MOBILE Android ObjectInputStream privilege escalation attempt (snort3-os-mobile.rules)
 * 1:32971 <-> DISABLED <-> SERVER-WEBAPP HP System Management iprange parameter buffer overflow attempt (snort3-server-webapp.rules)
 * 1:32970 <-> DISABLED <-> SERVER-WEBAPP F5 BIG-IP name parameter directory traversal attempt (snort3-server-webapp.rules)
 * 1:32969 <-> DISABLED <-> SERVER-WEBAPP F5 BIG-IP name parameter directory traversal attempt (snort3-server-webapp.rules)
 * 1:32968 <-> DISABLED <-> SERVER-WEBAPP F5 BIG-IP name parameter directory traversal attempt (snort3-server-webapp.rules)
 * 1:32967 <-> DISABLED <-> POLICY-OTHER ManageEngine Desktop Central DCPlugin insecure admin account creation attempt (snort3-policy-other.rules)
 * 1:32964 <-> DISABLED <-> SERVER-WEBAPP Lexmark MarkVision Enterprise GfdFileUploadServlet directory traversal attempt (snort3-server-webapp.rules)
 * 1:32963 <-> DISABLED <-> SERVER-WEBAPP Lexmark MarkVision Enterprise GfdFileUploadServlet directory traversal attempt (snort3-server-webapp.rules)
 * 1:32962 <-> DISABLED <-> SERVER-WEBAPP Lexmark MarkVision Enterprise GfdFileUploadServlet directory traversal attempt (snort3-server-webapp.rules)
 * 1:32961 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher 2003 EscherStm memory corruption attempt (snort3-file-office.rules)
 * 1:32902 <-> DISABLED <-> FILE-OTHER Advantech ADAMView GeniDAQ display designer stack buffer overflow attempt (snort3-file-other.rules)
 * 1:32901 <-> DISABLED <-> FILE-OTHER Advantech ADAMView GeniDAQ display designer stack buffer overflow attempt (snort3-file-other.rules)
 * 1:32887 <-> DISABLED <-> SERVER-WEBAPP ActualScripts ActualAnalyzer aa.php command injection attempt (snort3-server-webapp.rules)
 * 1:32886 <-> DISABLED <-> SERVER-WEBAPP Enalean Tuleap PHP unserialize code execution attempt (snort3-server-webapp.rules)
 * 1:31986 <-> ENABLED <-> FILE-OTHER Wireshark MPEG dissector stack buffer overflow attempt (snort3-file-other.rules)
 * 1:33041 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (snort3-file-multimedia.rules)
 * 1:33040 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (snort3-file-other.rules)
 * 1:31697 <-> DISABLED <-> SERVER-WEBAPP Jira Issue Collector Plugin directory traversal attempt (snort3-server-webapp.rules)
 * 1:31731 <-> DISABLED <-> SERVER-WEBAPP Symantec Web Gateway dbutils.php SQL injection attempt (snort3-server-webapp.rules)
 * 1:36659 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (snort3-file-other.rules)
 * 1:36262 <-> DISABLED <-> SERVER-WEBAPP PHP fileinfo cdf_read_property_info denial of service attempt (snort3-server-webapp.rules)
 * 1:36261 <-> DISABLED <-> SERVER-WEBAPP PHP fileinfo cdf_read_property_info denial of service attempt (snort3-server-webapp.rules)
 * 1:36197 <-> DISABLED <-> SERVER-WEBAPP nginx SMTP proxy STARTTLS plaintext command injection attempt (snort3-server-webapp.rules)
 * 1:36192 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (snort3-file-pdf.rules)
 * 1:36462 <-> DISABLED <-> SERVER-OTHER Novell eDirectory DHost verifypwd buffer overflow attempt (snort3-server-other.rules)
 * 1:36461 <-> DISABLED <-> SERVER-OTHER Novell eDirectory DHost sadminpwd buffer overflow attempt (snort3-server-other.rules)
 * 1:36384 <-> DISABLED <-> OS-WINDOWS Microsoft Windows FlattenPath paged memory consumption privilege escalation attempt (snort3-os-windows.rules)
 * 1:36383 <-> DISABLED <-> OS-WINDOWS Microsoft Windows FlattenPath paged memory consumption privilege escalation attempt (snort3-os-windows.rules)
 * 1:36507 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (snort3-file-flash.rules)
 * 1:36508 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (snort3-file-flash.rules)
 * 1:36509 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (snort3-file-flash.rules)
 * 1:36530 <-> ENABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (snort3-file-flash.rules)
 * 1:36529 <-> ENABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (snort3-file-flash.rules)
 * 1:36528 <-> ENABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (snort3-file-flash.rules)
 * 1:36527 <-> ENABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (snort3-file-flash.rules)
 * 1:36510 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (snort3-file-flash.rules)
 * 1:36544 <-> DISABLED <-> SERVER-WEBAPP pChart script parameter directory traversal attempt (snort3-server-webapp.rules)
 * 1:31729 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Password Manager MetadataServlet SQL injection attempt (snort3-server-webapp.rules)
 * 1:32014 <-> DISABLED <-> SERVER-WEBAPP GetSimpleCMS arbitrary PHP code execution attempt (snort3-server-webapp.rules)
 * 1:31956 <-> DISABLED <-> SERVER-WEBAPP Rejetto HttpFileServer command injection attempt (snort3-server-webapp.rules)
 * 1:32234 <-> ENABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (snort3-file-java.rules)
 * 1:33039 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (snort3-file-other.rules)
 * 1:33038 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (snort3-file-other.rules)
 * 1:33037 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (snort3-file-other.rules)
 * 1:33036 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (snort3-file-other.rules)
 * 1:33035 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (snort3-file-other.rules)
 * 1:33034 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (snort3-file-other.rules)
 * 1:33033 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (snort3-file-other.rules)
 * 1:33032 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (snort3-file-other.rules)
 * 1:33031 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (snort3-file-other.rules)
 * 1:33030 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (snort3-file-other.rules)
 * 1:33029 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (snort3-file-other.rules)
 * 1:33012 <-> DISABLED <-> SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx UserName buffer overflow attempt (snort3-server-webapp.rules)
 * 1:33011 <-> DISABLED <-> SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx UserName buffer overflow attempt (snort3-server-webapp.rules)
 * 1:33010 <-> DISABLED <-> SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx UserName buffer overflow attempt (snort3-server-webapp.rules)
 * 1:33009 <-> DISABLED <-> SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx UserName buffer overflow attempt (snort3-server-webapp.rules)
 * 1:33008 <-> DISABLED <-> SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx NodeName buffer overflow attempt (snort3-server-webapp.rules)
 * 1:33007 <-> DISABLED <-> SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx NodeName buffer overflow attempt (snort3-server-webapp.rules)
 * 1:33006 <-> DISABLED <-> SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx NodeName buffer overflow attempt (snort3-server-webapp.rules)
 * 1:33005 <-> DISABLED <-> SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx NodeName buffer overflow attempt (snort3-server-webapp.rules)
 * 1:33446 <-> DISABLED <-> SERVER-WEBAPP Symantec Encryption Management Server command injection attempt (snort3-server-webapp.rules)
 * 1:33442 <-> DISABLED <-> FILE-OFFICE Microsoft Office OLESS stream object name corruption attempt (snort3-file-office.rules)
 * 1:33441 <-> DISABLED <-> FILE-OFFICE Microsoft Office OLESS stream object name corruption attempt (snort3-file-office.rules)
 * 1:33440 <-> DISABLED <-> SERVER-WEBAPP WordPress EasyCart PHP code execution attempt (snort3-server-webapp.rules)
 * 1:33279 <-> DISABLED <-> SERVER-WEBAPP McAfee ePolicy Orchestrator XML external entity injection attempt (snort3-server-webapp.rules)
 * 1:33278 <-> DISABLED <-> SERVER-WEBAPP AlienVault OSSIM a_deployment.php command injection attempt (snort3-server-webapp.rules)
 * 1:33277 <-> DISABLED <-> SERVER-WEBAPP AlienVault OSSIM a_deployment.php command injection attempt (snort3-server-webapp.rules)
 * 1:33276 <-> DISABLED <-> SERVER-WEBAPP AlienVault OSSIM a_deployment.php command injection attempt (snort3-server-webapp.rules)
 * 1:33197 <-> DISABLED <-> SERVER-OTHER BMC Track-It FileStorageService directory traversal attempt (snort3-server-other.rules)
 * 1:33114 <-> DISABLED <-> SERVER-WEBAPP HP System Management Homepage cross site scripting attempt (snort3-server-webapp.rules)
 * 1:33113 <-> DISABLED <-> SERVER-WEBAPP Novell eDirectory IMONITOR cross site scripting attempt (snort3-server-webapp.rules)
 * 1:33104 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Multiple Products directory traversal attempt (snort3-server-webapp.rules)
 * 1:33087 <-> DISABLED <-> FILE-PDF Foxit Reader remote query string buffer overflow attempt (snort3-file-pdf.rules)
 * 1:33076 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Multiple Products WsDiscoveryServlet directory traversal attempt (snort3-server-webapp.rules)
 * 1:33075 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Multiple Products WsDiscoveryServlet directory traversal attempt (snort3-server-webapp.rules)
 * 1:33074 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Multiple Products WsDiscoveryServlet directory traversal attempt (snort3-server-webapp.rules)
 * 1:33514 <-> DISABLED <-> SERVER-WEBAPP WordPress Photo Gallery PHP code execution attempt (snort3-server-webapp.rules)
 * 1:33447 <-> DISABLED <-> SERVER-WEBAPP Symantec Encryption Management Server command injection attempt (snort3-server-webapp.rules)
 * 1:33448 <-> DISABLED <-> SERVER-WEBAPP Symantec Encryption Management Server command injection attempt (snort3-server-webapp.rules)
 * 1:33573 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Multiple Products FailOverHelperServlet information disclosure attempt (snort3-server-webapp.rules)
 * 1:33518 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (snort3-file-image.rules)
 * 1:33517 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (snort3-file-image.rules)
 * 1:33516 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (snort3-file-image.rules)
 * 1:33515 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (snort3-file-image.rules)
 * 1:33598 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Desktop Central MSP StatusUpdateServlet directory traversal attempt (snort3-server-webapp.rules)
 * 1:33597 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Desktop Central MSP StatusUpdateServlet directory traversal attempt (snort3-server-webapp.rules)
 * 1:33581 <-> DISABLED <-> SERVER-WEBAPP nginx URI processing security bypass attempt (snort3-server-webapp.rules)
 * 1:33574 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Multiple Products FailOverHelperServlet information disclosure attempt (snort3-server-webapp.rules)
 * 1:33599 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Desktop Central MSP StatusUpdateServlet directory traversal attempt (snort3-server-webapp.rules)
 * 1:33676 <-> DISABLED <-> SERVER-WEBAPP Symantec Web Gateway restore.php command injection attempt (snort3-server-webapp.rules)
 * 1:33657 <-> DISABLED <-> SERVER-WEBAPP Dell ScriptLogic Asset Manager SQL injection attempt (snort3-server-webapp.rules)
 * 1:33653 <-> DISABLED <-> SERVER-WEBAPP Solarwinds Orion AccountManagement SQL injection attempt (snort3-server-webapp.rules)
 * 1:33652 <-> DISABLED <-> SERVER-WEBAPP Solarwinds Orion AccountManagement SQL injection attempt (snort3-server-webapp.rules)
 * 1:33651 <-> DISABLED <-> SERVER-WEBAPP Solarwinds Orion AccountManagement SQL injection attempt (snort3-server-webapp.rules)
 * 1:33632 <-> DISABLED <-> SERVER-WEBAPP PHP xmlrpc.php command injection attempt (snort3-server-webapp.rules)
 * 1:33615 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS5 gif file heap corruption attempt (snort3-file-image.rules)
 * 1:33665 <-> ENABLED <-> SERVER-OTHER HP Client Automation command injection attempt (snort3-server-other.rules)
 * 1:33659 <-> DISABLED <-> SERVER-WEBAPP Dell ScriptLogic Asset Manager SQL injection attempt (snort3-server-webapp.rules)
 * 1:33658 <-> DISABLED <-> SERVER-WEBAPP Dell ScriptLogic Asset Manager SQL injection attempt (snort3-server-webapp.rules)
 * 1:34185 <-> DISABLED <-> SERVER-WEBAPP ESF pfSense status_captiveportal cross site scripting attempt (snort3-server-webapp.rules)
 * 1:34024 <-> DISABLED <-> POLICY-OTHER ManageEngine Desktop Central insecure admin password reset attempt (snort3-policy-other.rules)
 * 1:34000 <-> DISABLED <-> SERVER-WEBAPP Berta Content Management System PHP code execution attempt (snort3-server-webapp.rules)
 * 1:33986 <-> DISABLED <-> POLICY-OTHER ManageEngine Desktop Central insecure admin password reset attempt (snort3-policy-other.rules)
 * 1:33938 <-> DISABLED <-> SERVER-WEBAPP Seagate BlackArmor NAS send_test_email command injection attempt (snort3-server-webapp.rules)
 * 1:33937 <-> DISABLED <-> SERVER-WEBAPP TRENDnet TN200 Network Storage System command injection attempt (snort3-server-webapp.rules)
 * 1:33936 <-> DISABLED <-> SERVER-WEBAPP TRENDnet TN200 Network Storage System command injection attempt (snort3-server-webapp.rules)
 * 1:33935 <-> DISABLED <-> SERVER-WEBAPP Wordpress WP Marketplace plugin privilege escalation attempt (snort3-server-webapp.rules)
 * 1:33934 <-> DISABLED <-> SERVER-WEBAPP Wordpress WP Marketplace plugin directory traversal attempt (snort3-server-webapp.rules)
 * 1:33917 <-> DISABLED <-> SERVER-WEBAPP HP ArcSight Logger directory traversal attempt (snort3-server-webapp.rules)
 * 1:33916 <-> DISABLED <-> SERVER-WEBAPP HP ArcSight Logger directory traversal attempt (snort3-server-webapp.rules)
 * 1:33915 <-> DISABLED <-> SERVER-WEBAPP HP ArcSight Logger directory traversal attempt (snort3-server-webapp.rules)
 * 1:33896 <-> DISABLED <-> SERVER-WEBAPP OpenNMS XML external entity injection attempt (snort3-server-webapp.rules)
 * 1:33895 <-> DISABLED <-> SERVER-WEBAPP TWiki debugenableplugins arbitrary perl code injection attempt (snort3-server-webapp.rules)
 * 1:33894 <-> DISABLED <-> SERVER-WEBAPP TWiki debugenableplugins arbitrary perl code injection attempt (snort3-server-webapp.rules)
 * 1:33890 <-> DISABLED <-> SERVER-WEBAPP Websense Triton CommandLineServlet command injection attempt (snort3-server-webapp.rules)
 * 1:33889 <-> DISABLED <-> SERVER-WEBAPP Websense Triton CommandLineServlet command injection attempt (snort3-server-webapp.rules)
 * 1:33875 <-> DISABLED <-> POLICY-OTHER SolarWinds Firewall Security Manager insecure userlogin.jsp access attempt (snort3-policy-other.rules)
 * 1:33853 <-> DISABLED <-> SERVER-WEBAPP D-Link multiple products ping.ccp command injection attempt (snort3-server-webapp.rules)
 * 1:33832 <-> DISABLED <-> SERVER-WEBAPP Seagate BlackArmor NAS getAlias.php command injection attempt (snort3-server-webapp.rules)
 * 1:33813 <-> DISABLED <-> SERVER-WEBAPP Eclipse Foundation Jetty HttpParser information disclosure attempt (snort3-server-webapp.rules)
 * 1:33812 <-> ENABLED <-> SERVER-WEBAPP Seagate NAS remote code execution attempt (snort3-server-webapp.rules)
 * 1:34184 <-> DISABLED <-> SERVER-WEBAPP ESF pfSense services_unbound_acls cross site scripting attempt (snort3-server-webapp.rules)
 * 1:34169 <-> ENABLED <-> FILE-FLASH Adobe Flash Player byte array double free attempt (snort3-file-flash.rules)
 * 1:34168 <-> ENABLED <-> FILE-FLASH Adobe Flash Player byte array double free attempt (snort3-file-flash.rules)
 * 1:34167 <-> ENABLED <-> FILE-FLASH Adobe Flash Player byte array double free attempt (snort3-file-flash.rules)
 * 1:34166 <-> ENABLED <-> FILE-FLASH Adobe Flash Player byte array double free attempt (snort3-file-flash.rules)
 * 1:34160 <-> DISABLED <-> SERVER-OTHER Oracle Outside In Paradox database denial of service attempt (snort3-server-other.rules)
 * 1:34159 <-> ENABLED <-> FILE-FLASH Adobe Flash Player EAC3 memory corruption attempt (snort3-file-flash.rules)
 * 1:34158 <-> ENABLED <-> FILE-FLASH Adobe Flash Player EAC3 memory corruption attempt (snort3-file-flash.rules)
 * 1:34157 <-> ENABLED <-> FILE-FLASH Adobe Flash Player EAC3 memory corruption attempt (snort3-file-flash.rules)
 * 1:34156 <-> ENABLED <-> FILE-FLASH Adobe Flash Player EAC3 memory corruption attempt (snort3-file-flash.rules)
 * 1:34139 <-> DISABLED <-> SERVER-OTHER Novell ZenWorks configuration management file upload directory traversal attempt (snort3-server-other.rules)
 * 1:34106 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management directory traversal attempt (snort3-server-webapp.rules)
 * 1:34105 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management directory traversal attempt (snort3-server-webapp.rules)
 * 1:34104 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management directory traversal attempt (snort3-server-webapp.rules)
 * 1:34056 <-> DISABLED <-> SERVER-WEBAPP Lexmark Markvision Enterprise LibraryFileUploadServlet directory traversal attempt (snort3-server-webapp.rules)
 * 1:34055 <-> DISABLED <-> SERVER-WEBAPP Lexmark Markvision Enterprise LibraryFileUploadServlet directory traversal attempt (snort3-server-webapp.rules)
 * 1:34215 <-> DISABLED <-> SERVER-WEBAPP ESF pfSense diag_logs_filter cross site scripting attempt (snort3-server-webapp.rules)
 * 1:34238 <-> DISABLED <-> SERVER-OTHER PHP zip_cdir_new function integer overflow file upload attempt (snort3-server-other.rules)
 * 1:34225 <-> DISABLED <-> PROTOCOL-FTP ProFTPD mod_copy remote code execution attempt (snort3-protocol-ftp.rules)
 * 1:34222 <-> DISABLED <-> SERVER-WEBAPP Barracuda Networks Web Filter index.cgi command injection attempt (snort3-server-webapp.rules)
 * 1:34221 <-> DISABLED <-> SERVER-WEBAPP Barracuda Networks Web Filter index.cgi command injection attempt (snort3-server-webapp.rules)
 * 1:34220 <-> DISABLED <-> SERVER-WEBAPP Barracuda Networks Web Filter index.cgi command injection attempt (snort3-server-webapp.rules)
 * 1:34239 <-> DISABLED <-> SERVER-OTHER PHP zip_cdir_new function integer overflow file upload attempt (snort3-server-other.rules)
 * 1:34244 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (snort3-file-flash.rules)
 * 1:34243 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (snort3-file-flash.rules)
 * 1:34242 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (snort3-file-flash.rules)
 * 1:34241 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (snort3-file-flash.rules)
 * 1:34240 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (snort3-file-flash.rules)
 * 1:34343 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player XSPF integer overflow attempt (snort3-file-multimedia.rules)
 * 1:34300 <-> ENABLED <-> SERVER-WEBAPP D-Link multiple products HNAP SOAPAction header command injection attempt (snort3-server-webapp.rules)
 * 1:34285 <-> DISABLED <-> SERVER-WEBAPP ESF pfSense firewall_shaper cross site scripting attempt (snort3-server-webapp.rules)
 * 1:34284 <-> DISABLED <-> SERVER-WEBAPP ESF pfSense firewall_rules cross site scripting attempt (snort3-server-webapp.rules)
 * 1:34245 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (snort3-file-flash.rules)
 * 1:34472 <-> DISABLED <-> SERVER-WEBAPP Symantec Critical System Protection SQL injection attempt (snort3-server-webapp.rules)
 * 1:34471 <-> ENABLED <-> SERVER-WEBAPP Symantec Critical System Protection directory traversal attempt (snort3-server-webapp.rules)
 * 1:34447 <-> DISABLED <-> POLICY-OTHER ProFTPD mod_copy unauthenticated file copy attempt (snort3-policy-other.rules)
 * 1:34427 <-> DISABLED <-> OS-WINDOWS Microsoft Windows cng.sys memory leak kernel ASLR bypass attempt (snort3-os-windows.rules)
 * 1:34426 <-> DISABLED <-> OS-WINDOWS Microsoft Windows cng.sys memory leak kernel ASLR bypass attempt (snort3-os-windows.rules)
 * 1:34376 <-> DISABLED <-> SERVER-OTHER PHP zip_cdir_new function integer overflow file download attempt (snort3-server-other.rules)
 * 1:34375 <-> DISABLED <-> SERVER-OTHER PHP zip_cdir_new function integer overflow file download attempt (snort3-server-other.rules)
 * 1:34374 <-> DISABLED <-> SERVER-OTHER PHP zip_cdir_new function integer overflow file download attempt (snort3-server-other.rules)
 * 1:34373 <-> DISABLED <-> SERVER-OTHER PHP zip_cdir_new function integer overflow file download attempt (snort3-server-other.rules)
 * 1:34364 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management rtrlet.class directory traversal attempt (snort3-server-webapp.rules)
 * 1:34363 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management GetStoredResult.class SQL injection attempt (snort3-server-webapp.rules)
 * 1:34361 <-> DISABLED <-> SERVER-WEBAPP ESF pfSense deletefile directory traversal attempt (snort3-server-webapp.rules)
 * 1:34360 <-> DISABLED <-> SERVER-WEBAPP ESF pfSense deletefile directory traversal attempt (snort3-server-webapp.rules)
 * 1:34359 <-> DISABLED <-> SERVER-WEBAPP ESF pfSense deletefile directory traversal attempt (snort3-server-webapp.rules)
 * 1:34358 <-> DISABLED <-> SERVER-WEBAPP Dell SonicWALL SonicOS macIpSpoofView cross site scripting attempt (snort3-server-webapp.rules)
 * 1:34353 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (snort3-server-other.rules)
 * 1:34352 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (snort3-server-other.rules)
 * 1:34351 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (snort3-server-other.rules)
 * 1:34350 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (snort3-server-other.rules)
 * 1:34349 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (snort3-server-other.rules)
 * 1:34344 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player XSPF integer overflow attempt (snort3-file-multimedia.rules)
 * 1:34538 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ByteArray shading memory leak attempt (snort3-file-flash.rules)
 * 1:34527 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader Cooltype callother memory corruption attempt (snort3-file-pdf.rules)
 * 1:34526 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader Cooltype callother memory corruption attempt (snort3-file-pdf.rules)
 * 1:34525 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader CoolType blend memory corruption attempt (snort3-file-pdf.rules)
 * 1:34524 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader CoolType blend memory corruption attempt (snort3-file-pdf.rules)
 * 1:34495 <-> DISABLED <-> FILE-FLASH Adobe Flash Player same origin policy security bypass attempt (snort3-file-flash.rules)
 * 1:34494 <-> DISABLED <-> FILE-FLASH Adobe Flash Player same origin policy security bypass attempt (snort3-file-flash.rules)
 * 1:34493 <-> DISABLED <-> FILE-FLASH Adobe Flash Player same origin policy security bypass attempt (snort3-file-flash.rules)
 * 1:34492 <-> DISABLED <-> FILE-FLASH Adobe Flash Player same origin policy security bypass attempt (snort3-file-flash.rules)
 * 1:34488 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (snort3-os-other.rules)
 * 1:34487 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (snort3-os-other.rules)
 * 1:34486 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (snort3-os-other.rules)
 * 1:34485 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (snort3-os-other.rules)
 * 1:34484 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (snort3-os-other.rules)
 * 1:34483 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (snort3-os-other.rules)
 * 1:34482 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (snort3-os-other.rules)
 * 1:34481 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (snort3-os-other.rules)
 * 1:34580 <-> DISABLED <-> FILE-FLASH Adobe Flash Player uninitialized register memory leak attempt (snort3-file-flash.rules)
 * 1:34579 <-> DISABLED <-> FILE-FLASH Adobe Flash Player uninitialized register memory leak attempt (snort3-file-flash.rules)
 * 1:34578 <-> DISABLED <-> FILE-FLASH Adobe Flash Player uninitialized register memory leak attempt (snort3-file-flash.rules)
 * 1:34577 <-> DISABLED <-> FILE-FLASH Adobe Flash Player uninitialized register memory leak attempt (snort3-file-flash.rules)
 * 1:34569 <-> DISABLED <-> SERVER-WEBAPP Wordpress Creative Contact Form arbitrary PHP file upload attempt (snort3-server-webapp.rules)
 * 1:34552 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader malformed shading modifier heap corruption attempt (snort3-file-pdf.rules)
 * 1:34539 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ByteArray shading memory leak attempt (snort3-file-flash.rules)
 * 1:34604 <-> DISABLED <-> SERVER-WEBAPP Visual Mining NetCharts saveFile.jsp directory traversal attempt (snort3-server-webapp.rules)
 * 1:34603 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (snort3-server-other.rules)
 * 1:34602 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management rtrlet.class directory traversal attempt (snort3-server-webapp.rules)
 * 1:34584 <-> DISABLED <-> POLICY-OTHER Novell ZENworks Configuration Management session id disclosure attempt (snort3-policy-other.rules)
 * 1:34634 <-> DISABLED <-> SERVER-WEBAPP Visual Mining NetCharts projectContents.jsp directory traversal attempt (snort3-server-webapp.rules)
 * 1:34605 <-> DISABLED <-> SERVER-WEBAPP Visual Mining NetCharts saveFile.jsp directory traversal attempt (snort3-server-webapp.rules)
 * 1:34633 <-> DISABLED <-> SERVER-WEBAPP Visual Mining NetCharts projectContents.jsp directory traversal attempt (snort3-server-webapp.rules)
 * 1:34621 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management rtrlet.class directory traversal attempt (snort3-server-webapp.rules)
 * 1:34620 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management rtrlet.class directory traversal attempt (snort3-server-webapp.rules)
 * 1:34619 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management rtrlet.class directory traversal attempt (snort3-server-webapp.rules)
 * 1:34606 <-> DISABLED <-> SERVER-WEBAPP Visual Mining NetCharts saveFile.jsp directory traversal attempt (snort3-server-webapp.rules)
 * 1:34798 <-> DISABLED <-> SERVER-OTHER HP LoadRunner launcher.dll stack buffer overflow attempt (snort3-server-other.rules)
 * 1:34718 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Desktop Central FileUploadServlet directory traversal attempt (snort3-server-webapp.rules)
 * 1:34717 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Desktop Central FileUploadServlet directory traversal attempt (snort3-server-webapp.rules)
 * 1:34716 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Desktop Central FileUploadServlet directory traversal attempt (snort3-server-webapp.rules)
 * 1:34635 <-> DISABLED <-> SERVER-WEBAPP Visual Mining NetCharts projectContents.jsp directory traversal attempt (snort3-server-webapp.rules)
 * 1:34799 <-> ENABLED <-> SERVER-WEBAPP UPnP AddPortMapping SOAP action command injection attempt (snort3-server-webapp.rules)
 * 1:34846 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader setPageAction use after free attempt (snort3-file-pdf.rules)
 * 1:34845 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader setPageAction use after free attempt (snort3-file-pdf.rules)
 * 1:34806 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (snort3-file-flash.rules)
 * 1:34805 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (snort3-file-flash.rules)
 * 1:34804 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (snort3-file-flash.rules)
 * 1:34803 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (snort3-file-flash.rules)
 * 1:34893 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro quserex.dll dll-load exploit attempt (snort3-file-other.rules)
 * 1:34892 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro quserex.dll dll-load exploit attempt (snort3-file-other.rules)
 * 1:34891 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro u32Zlib.dll dll-load exploit attempt (snort3-file-other.rules)
 * 1:34890 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro u32ZLib.dll dll-load exploit attempt (snort3-file-other.rules)
 * 1:34895 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro FxManagedCommands dll-load exploit attempt (snort3-file-other.rules)
 * 1:34894 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro FxManagedCommands dll-load exploit attempt (snort3-file-other.rules)
 * 1:34896 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro TD_Mgd_3.08_9.dll dll-load exploit attempt (snort3-file-other.rules)
 * 1:34897 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro TD_Mgd_3.08_9.dll dll-load exploit attempt (snort3-file-other.rules)
 * 1:34901 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro igfxcmrt32.dll dll-load exploit attempt (snort3-file-other.rules)
 * 1:34900 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro igfxcmrt32.dll dll-load exploit attempt (snort3-file-other.rules)
 * 1:34899 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro wacommt.dll dll-load exploit attempt (snort3-file-other.rules)
 * 1:34898 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro wacommt.dll dll-load exploit attempt (snort3-file-other.rules)
 * 1:34904 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro MSPStyleLib.dll dll-load exploit attempt (snort3-file-other.rules)
 * 1:34903 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro MSPStyleLib.dll dll-load exploit attempt (snort3-file-other.rules)
 * 1:34902 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro ipl.dll dll-load exploit attempt (snort3-file-other.rules)
 * 1:34906 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uFioUtil.dll dll-load exploit attempt (snort3-file-other.rules)
 * 1:34905 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uFioUtil.dll dll-load exploit attempt (snort3-file-other.rules)
 * 1:34908 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uhDSPlay.dll dll-load exploit attempt (snort3-file-other.rules)
 * 1:34907 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uhDSPlay.dll dll-load exploit attempt (snort3-file-other.rules)
 * 1:34909 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uipl.dll dll-load exploit attempt (snort3-file-other.rules)
 * 1:34915 <-> DISABLED <-> NETBIOS SMB Corel PaintShop Pro quserex.dll dll-load exploit attempt (snort3-netbios.rules)
 * 1:34914 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro VC1DecDll_SSE3.dll dll-load exploit attempt (snort3-file-other.rules)
 * 1:34913 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro VC1DecDll_SSE3.dll dll-load exploit attempt (snort3-file-other.rules)
 * 1:34912 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro VC1DecDll.dll dll-load exploit attempt (snort3-file-other.rules)
 * 1:34911 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro VC1DecDll.dll dll-load exploit attempt (snort3-file-other.rules)
 * 1:34910 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uvipl.dll dll-load exploit attempt (snort3-file-other.rules)
 * 1:34916 <-> DISABLED <-> NETBIOS SMB Corel PaintShop Pro u32zlib.dll dll-load exploit attempt (snort3-netbios.rules)
 * 1:34942 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (snort3-server-other.rules)
 * 1:34941 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (snort3-server-other.rules)
 * 1:34940 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (snort3-server-other.rules)
 * 1:34939 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (snort3-server-other.rules)
 * 1:34938 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (snort3-server-other.rules)
 * 1:34999 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management queryid SQL injection attempt (snort3-server-webapp.rules)
 * 1:34943 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (snort3-server-other.rules)
 * 1:35015 <-> ENABLED <-> SERVER-WEBAPP Centreon GetXmlTree.php SQL injection attempt (snort3-server-webapp.rules)
 * 1:35014 <-> ENABLED <-> SERVER-WEBAPP Centreon GetXMLTrapsForVendor.php SQL injection attempt (snort3-server-webapp.rules)
 * 1:35000 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management queryid SQL injection attempt (snort3-server-webapp.rules)
 * 1:35016 <-> ENABLED <-> SERVER-WEBAPP Centreon cmdGetExample.php SQL injection attempt (snort3-server-webapp.rules)
 * 1:35077 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Applications Manager getMGList groupId SQL injection attempt (snort3-server-webapp.rules)
 * 1:35049 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (snort3-file-flash.rules)
 * 1:35048 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (snort3-file-flash.rules)
 * 1:35033 <-> DISABLED <-> SERVER-WEBAPP LANDesk Management Suite remote file include attempt (snort3-server-webapp.rules)
 * 1:35032 <-> DISABLED <-> SERVER-WEBAPP LANDesk Management Suite remote file include attempt (snort3-server-webapp.rules)
 * 1:35017 <-> ENABLED <-> SERVER-WEBAPP Centreon makeXML_ListMetrics.php SQL injection attempt (snort3-server-webapp.rules)
 * 1:35406 <-> DISABLED <-> SERVER-APACHE Apache HTTP Server mod_status heap buffer overflow attempt (snort3-server-apache.rules)
 * 1:35399 <-> DISABLED <-> SERVER-WEBAPP WordPress MailChimp Subscribe Forms PHP Code Execution command injection attempt (snort3-server-webapp.rules)
 * 1:35375 <-> DISABLED <-> SERVER-WEBAPP WebUI mainfile.php command injection attempt (snort3-server-webapp.rules)
 * 1:35374 <-> DISABLED <-> SERVER-WEBAPP WebUI mainfile.php command injection attempt (snort3-server-webapp.rules)
 * 1:35373 <-> DISABLED <-> SERVER-WEBAPP WebUI mainfile.php command injection attempt (snort3-server-webapp.rules)
 * 1:35372 <-> DISABLED <-> SERVER-WEBAPP WebUI mainfile.php command injection attempt (snort3-server-webapp.rules)
 * 1:35367 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (snort3-file-flash.rules)
 * 1:35366 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (snort3-file-flash.rules)
 * 1:35365 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (snort3-file-flash.rules)
 * 1:35364 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (snort3-file-flash.rules)
 * 1:35314 <-> DISABLED <-> SERVER-APACHE Apache HTTP Server mod_proxy denial of service attempt (snort3-server-apache.rules)
 * 1:35281 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Applications Manager haid SQL injection attempt (snort3-server-webapp.rules)
 * 1:35280 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Applications Manager haid SQL injection attempt (snort3-server-webapp.rules)
 * 1:35279 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Applications Manager haid SQL injection attempt (snort3-server-webapp.rules)
 * 1:35253 <-> DISABLED <-> SERVER-OTHER LibreOffice Impress socket manager Use After Free attempt (snort3-server-other.rules)
 * 1:3519 <-> DISABLED <-> SERVER-MYSQL MaxDB WebSQL wppassword buffer overflow default port (snort3-server-mysql.rules)
 * 1:3518 <-> DISABLED <-> SERVER-MYSQL MaxDB WebSQL wppassword buffer overflow (snort3-server-mysql.rules)
 * 1:35118 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Kerberos privilege escalation attempt (snort3-os-windows.rules)
 * 1:35094 <-> DISABLED <-> FILE-OTHER Microsoft proxy autoconfig script system library import attempt (snort3-file-other.rules)
 * 1:35079 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Applications Manager getMGList groupId SQL injection attempt (snort3-server-webapp.rules)
 * 1:35078 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Applications Manager getMGList groupId SQL injection attempt (snort3-server-webapp.rules)
 * 1:35535 <-> DISABLED <-> SERVER-WEBAPP ManageEngine IT360 BSIntegInfoHandler resIds SQL injection attempt (snort3-server-webapp.rules)
 * 1:35534 <-> DISABLED <-> SERVER-WEBAPP ManageEngine IT360 BSIntegInfoHandler resIds SQL injection attempt (snort3-server-webapp.rules)
 * 1:35533 <-> DISABLED <-> SERVER-WEBAPP ManageEngine IT360 BSIntegInfoHandler resIds SQL injection attempt (snort3-server-webapp.rules)
 * 1:35532 <-> DISABLED <-> SERVER-WEBAPP Apache HTTP server mod_cache denial of service attempt (snort3-server-webapp.rules)
 * 1:35531 <-> DISABLED <-> SERVER-WEBAPP Apache HTTP server mod_cache denial of service attempt (snort3-server-webapp.rules)
 * 1:35443 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (snort3-file-office.rules)
 * 1:35442 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (snort3-file-office.rules)
 * 1:35441 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (snort3-file-office.rules)
 * 1:35440 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (snort3-file-office.rules)
 * 1:35429 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Applications Manager customerName SQL injection attempt (snort3-server-webapp.rules)
 * 1:35428 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Applications Manager customerName SQL injection attempt (snort3-server-webapp.rules)
 * 1:35427 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Applications Manager customerName SQL injection attempt (snort3-server-webapp.rules)
 * 1:35418 <-> DISABLED <-> SERVER-OTHER Fortinet Single Sign On hello message denial of service attempt (snort3-server-other.rules)
 * 1:35417 <-> DISABLED <-> SERVER-OTHER Fortinet Single Sign On hello message denial of service attempt (snort3-server-other.rules)
 * 1:35414 <-> DISABLED <-> FILE-MULTIMEDIA Apple iLife iPhoto Photocast XML format string code injection attempt (snort3-file-multimedia.rules)
 * 1:35413 <-> DISABLED <-> FILE-MULTIMEDIA Apple iLife iPhoto Photocast XML format string code injection attempt (snort3-file-multimedia.rules)
 * 1:35541 <-> ENABLED <-> SERVER-OTHER EMC AutoStart ftagent SQL injection attempt (snort3-server-other.rules)
 * 1:35560 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime invalid stsd atom out of bounds read attempt (snort3-file-multimedia.rules)
 * 1:35677 <-> DISABLED <-> SERVER-WEBAPP Dell KACE Appliance KSudoClient privilege escalation attempt (snort3-server-webapp.rules)
 * 1:35682 <-> DISABLED <-> SERVER-WEBAPP Dell KACE Appliance kbot_upload.php directory traversal attempt (snort3-server-webapp.rules)
 * 1:35681 <-> DISABLED <-> SERVER-WEBAPP Dell KACE Appliance kbot_upload.php authentication bypass attempt (snort3-server-webapp.rules)
 * 1:35680 <-> DISABLED <-> SERVER-WEBAPP Dell KACE Appliance downloadpxy.php directory traversal attempt (snort3-server-webapp.rules)
 * 1:35679 <-> DISABLED <-> SERVER-WEBAPP Dell KACE Appliance downloadpxy.php directory traversal attempt (snort3-server-webapp.rules)
 * 1:35678 <-> DISABLED <-> SERVER-WEBAPP Dell KACE Appliance downloadpxy.php directory traversal attempt (snort3-server-webapp.rules)
 * 1:35701 <-> DISABLED <-> SERVER-WEBAPP ManageEngine OpManager agentKey SQL injection attempt (snort3-server-webapp.rules)
 * 1:35684 <-> DISABLED <-> SERVER-WEBAPP Dell KACE Appliance kbot_upload.php directory traversal attempt (snort3-server-webapp.rules)
 * 1:35683 <-> DISABLED <-> SERVER-WEBAPP Dell KACE Appliance kbot_upload.php directory traversal attempt (snort3-server-webapp.rules)
 * 1:35763 <-> DISABLED <-> SERVER-OTHER gnuTLS _asn1_extract_der_octet memory error inbound malicious server dos attempt (snort3-server-other.rules)
 * 1:35734 <-> DISABLED <-> SERVER-WEBAPP Netgear WNDR4700 and R6200 admin interface authentication bypass attempt (snort3-server-webapp.rules)
 * 1:35704 <-> DISABLED <-> SERVER-WEBAPP Maarch LetterBox arbitrary PHP file upload attempt (snort3-server-webapp.rules)
 * 1:35703 <-> DISABLED <-> SERVER-WEBAPP ManageEngine OpManager agentKey SQL injection attempt (snort3-server-webapp.rules)
 * 1:35702 <-> DISABLED <-> SERVER-WEBAPP ManageEngine OpManager agentKey SQL injection attempt (snort3-server-webapp.rules)
 * 1:35766 <-> DISABLED <-> SERVER-OTHER gnuTLS _asn1_extract_der_octet memory error inbound malicious client dos attempt (snort3-server-other.rules)
 * 1:35765 <-> DISABLED <-> SERVER-OTHER gnuTLS _asn1_extract_der_octet memory error inbound malicious client dos attempt (snort3-server-other.rules)
 * 1:35764 <-> DISABLED <-> SERVER-OTHER gnuTLS _asn1_extract_der_octet memory error inbound malicious server dos attempt (snort3-server-other.rules)
 * 1:36025 <-> DISABLED <-> SERVER-OTHER Digium Asterisk TLS Certificate Common Name null byte validation bypass attempt (snort3-server-other.rules)
 * 1:35944 <-> ENABLED <-> SERVER-MAIL IBM Domino BMP color palette stack buffer overflow attempt (snort3-server-mail.rules)
 * 1:35940 <-> DISABLED <-> SERVER-WEBAPP PHP phar_parse_tarfile method integer overflow attempt (snort3-server-webapp.rules)
 * 1:35939 <-> DISABLED <-> FILE-MULTIMEDIA PLF playlist name buffer overflow attempt (snort3-file-multimedia.rules)
 * 1:35858 <-> DISABLED <-> FILE-OTHER Microsoft System.Uri heap corruption attempt (snort3-file-other.rules)
 * 1:35857 <-> DISABLED <-> FILE-OTHER Microsoft System.Uri heap corruption attempt (snort3-file-other.rules)
 * 1:36156 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray domainMemory use after free attempt (snort3-file-flash.rules)
 * 1:36155 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray domainMemory use after free attempt (snort3-file-flash.rules)
 * 1:36154 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray domainMemory use after free attempt (snort3-file-flash.rules)
 * 1:36061 <-> DISABLED <-> SERVER-OTHER SAP SQL Anywhere .NET malformed integer buffer overflow attempt (snort3-server-other.rules)
 * 1:36059 <-> DISABLED <-> SERVER-WEBAPP PHP CDF file handling infinite loop dos attempt (snort3-server-webapp.rules)
 * 1:36191 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (snort3-file-pdf.rules)
 * 1:36157 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray domainMemory use after free attempt (snort3-file-flash.rules)
 * 1:36493 <-> DISABLED <-> SERVER-OTHER Squid snmphandleUDP off-by-one buffer overflow attempt (snort3-server-other.rules)
 * 1:36376 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Management Framework lcfd endpoint daemon buffer overflow attempt (snort3-server-other.rules)
 * 1:36375 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Management Framework Endpoint default HTTP password authentication attempt (snort3-server-other.rules)
 * 1:31698 <-> DISABLED <-> SERVER-WEBAPP Jira Issue Collector Plugin directory traversal attempt (snort3-server-webapp.rules)
 * 1:36658 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (snort3-file-other.rules)
 * 1:36614 <-> DISABLED <-> SERVER-WEBAPP McAfee Cloud Single Sign ExtensionAccessServlet directory traversal attempt (snort3-server-webapp.rules)
 * 1:36613 <-> DISABLED <-> SERVER-WEBAPP McAfee Cloud Single Sign ExtensionAccessServlet directory traversal attempt (snort3-server-webapp.rules)
 * 1:36596 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Kerberos privilege escalation attempt (snort3-os-windows.rules)
 * 1:36565 <-> DISABLED <-> FILE-MULTIMEDIA libav LZO integer overflow attempt (snort3-file-multimedia.rules)
 * 1:36564 <-> DISABLED <-> FILE-MULTIMEDIA libav LZO integer overflow attempt (snort3-file-multimedia.rules)
 * 1:36563 <-> DISABLED <-> OS-WINDOWS Microsoft Windows cng.sys memory leak kernel ASLR bypass attempt (snort3-os-windows.rules)
 * 1:36562 <-> DISABLED <-> OS-WINDOWS Microsoft Windows cng.sys memory leak kernel ASLR bypass attempt (snort3-os-windows.rules)
 * 1:36660 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (snort3-file-other.rules)
 * 1:36661 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (snort3-file-other.rules)
 * 1:36784 <-> DISABLED <-> POLICY-OTHER Symantec LiveUpdate forcepasswd.do insecure password change attempt (snort3-policy-other.rules)
 * 1:36823 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack Server buffer overflow attempt (snort3-server-other.rules)
 * 1:36854 <-> DISABLED <-> FILE-OTHER IDEAL Administration IPJ file handling stack overflow attempt (snort3-file-other.rules)
 * 1:36855 <-> ENABLED <-> FILE-OTHER Wireshark DECT packet dissector overflow attempt (snort3-file-other.rules)
 * 1:36885 <-> DISABLED <-> FILE-PDF Adobe Acrobat font parsing integer overflow attempt (snort3-file-pdf.rules)
 * 1:36886 <-> DISABLED <-> FILE-PDF Adobe Acrobat font parsing integer overflow attempt (snort3-file-pdf.rules)
 * 1:36900 <-> DISABLED <-> SERVER-WEBAPP Oracle BeeHive showRecxml.jsp directory traversal attempt (snort3-server-webapp.rules)
 * 1:36901 <-> DISABLED <-> SERVER-WEBAPP Oracle BeeHive showRecxml.jsp directory traversal attempt (snort3-server-webapp.rules)
 * 1:36902 <-> DISABLED <-> SERVER-WEBAPP Oracle BeeHive showRecxml.jsp directory traversal attempt (snort3-server-webapp.rules)
 * 1:37025 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (snort3-policy-other.rules)
 * 1:37026 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (snort3-policy-other.rules)
 * 1:37096 <-> DISABLED <-> SERVER-WEBAPP Joomla Component com_gmaps SQL injection attempt (snort3-server-webapp.rules)
 * 1:37097 <-> DISABLED <-> SERVER-WEBAPP Joomla Component com_gmaps SQL injection attempt (snort3-server-webapp.rules)
 * 1:37098 <-> DISABLED <-> SERVER-WEBAPP Joomla Component com_gmaps SQL injection attempt (snort3-server-webapp.rules)
 * 1:37099 <-> DISABLED <-> SERVER-WEBAPP Joomla Component com_gmaps SQL injection attempt (snort3-server-webapp.rules)
 * 1:37133 <-> DISABLED <-> SERVER-WEBAPP Joomla com_youtubegallery module SQL injection attempt (snort3-server-webapp.rules)
 * 1:37134 <-> DISABLED <-> SERVER-WEBAPP Joomla com_youtubegallery module SQL injection attempt (snort3-server-webapp.rules)
 * 1:37148 <-> DISABLED <-> SERVER-WEBAPP WordPress Gallery Objects Plugin viewid SQL injection attempt (snort3-server-webapp.rules)
 * 1:37242 <-> ENABLED <-> SERVER-WEBAPP D-Link DCS-900 Series Network Camera arbitrary file upload attempt (snort3-server-webapp.rules)
 * 1:37362 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher 2007 conversion library code execution attempt (snort3-file-office.rules)
 * 1:37363 <-> DISABLED <-> SERVER-OTHER Java Library SpringFramework unauthorized serialized object attempt (snort3-server-other.rules)
 * 1:37627 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray domainMemory use after free attempt (snort3-file-flash.rules)
 * 1:37628 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray domainMemory use after free attempt (snort3-file-flash.rules)
 * 1:37664 <-> ENABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (snort3-file-java.rules)
 * 1:37665 <-> ENABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (snort3-file-java.rules)
 * 1:37690 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid object reference code execution attempt (snort3-file-flash.rules)
 * 1:37802 <-> DISABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster integer overflow attempt (snort3-file-java.rules)
 * 1:37803 <-> DISABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster integer overflow attempt (snort3-file-java.rules)
 * 1:37804 <-> DISABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster integer overflow attempt (snort3-file-java.rules)
 * 1:37805 <-> DISABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster integer overflow attempt (snort3-file-java.rules)
 * 1:37828 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (snort3-file-pdf.rules)
 * 1:37829 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (snort3-file-pdf.rules)
 * 1:37830 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (snort3-file-other.rules)
 * 1:37831 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (snort3-file-other.rules)
 * 1:37832 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (snort3-file-other.rules)
 * 1:37833 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (snort3-file-other.rules)
 * 1:37854 <-> DISABLED <-> SERVER-WEBAPP D-Link DSL router cross site scripting attempt (snort3-server-webapp.rules)
 * 1:37855 <-> DISABLED <-> SERVER-WEBAPP D-Link DSL router cross site scripting attempt (snort3-server-webapp.rules)
 * 1:37856 <-> DISABLED <-> SERVER-WEBAPP D-Link DSL router cross site scripting attempt (snort3-server-webapp.rules)
 * 1:37857 <-> DISABLED <-> SERVER-WEBAPP D-Link DSL router cross site scripting attempt (snort3-server-webapp.rules)
 * 1:37912 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (snort3-policy-other.rules)
 * 1:37913 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (snort3-policy-other.rules)
 * 1:37914 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (snort3-policy-other.rules)
 * 1:37915 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (snort3-policy-other.rules)
 * 1:37916 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (snort3-policy-other.rules)
 * 1:37934 <-> DISABLED <-> PROTOCOL-FTP Computer Associates eTrust Secure Content Manager LIST stack overflow attempt (snort3-protocol-ftp.rules)
 * 1:37937 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (snort3-file-multimedia.rules)
 * 1:37938 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (snort3-file-multimedia.rules)
 * 1:37939 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (snort3-file-multimedia.rules)
 * 1:37940 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (snort3-file-multimedia.rules)
 * 1:37941 <-> DISABLED <-> SERVER-WEBAPP AlienVault OSSIM a_deployment.php command injection attempt (snort3-server-webapp.rules)
 * 1:37942 <-> DISABLED <-> SERVER-WEBAPP AlienVault OSSIM a_deployment.php command injection attempt (snort3-server-webapp.rules)
 * 1:37943 <-> DISABLED <-> SERVER-WEBAPP AlienVault OSSIM a_deployment.php command injection attempt (snort3-server-webapp.rules)
 * 1:38012 <-> DISABLED <-> SERVER-WEBAPP Alienvault OSSIM graph_geoloc.php SQL injection attempt (snort3-server-webapp.rules)
 * 1:38189 <-> DISABLED <-> FILE-FLASH Adobe Flash Player si32 integer overflow attempt (snort3-file-flash.rules)
 * 1:38190 <-> DISABLED <-> FILE-FLASH Adobe Flash Player si32 integer overflow attempt (snort3-file-flash.rules)
 * 1:38191 <-> ENABLED <-> FILE-FLASH Adobe Flash Player si32 integer overflow attempt (snort3-file-flash.rules)
 * 1:38192 <-> ENABLED <-> FILE-FLASH Adobe Flash Player si32 integer overflow attempt (snort3-file-flash.rules)
 * 1:38229 <-> DISABLED <-> SERVER-WEBAPP Wordpress Simple Ads Manager sam-ajax-admin.php directory traversal attempt (snort3-server-webapp.rules)
 * 1:38266 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word HTML linked objects memory corruption attempt (snort3-file-office.rules)
 * 1:38267 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word HTML linked objects memory corruption attempt (snort3-file-office.rules)
 * 1:3827 <-> DISABLED <-> SERVER-WEBAPP PHP xmlrpc.php post attempt (snort3-server-webapp.rules)
 * 1:38272 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word formatted disk pages table memory corruption attempt (snort3-file-office.rules)
 * 1:38273 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word formatted disk pages table memory corruption attempt (snort3-file-office.rules)
 * 1:38274 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word formatted disk pages table memory corruption attempt (snort3-file-office.rules)
 * 1:38351 <-> DISABLED <-> SERVER-WEBAPP Cisco Prime Data Center Network Manager processImageSave.jsp directory traversal attempt (snort3-server-webapp.rules)
 * 1:38897 <-> DISABLED <-> FILE-OTHER Adobe Illustrator CS4 aires.dll dll-load exploit attempt (snort3-file-other.rules)
 * 1:38898 <-> DISABLED <-> FILE-OTHER Adobe Illustrator CS4 aires.dll dll-load exploit attempt (snort3-file-other.rules)
 * 1:38964 <-> DISABLED <-> POLICY-OTHER VMware vCenter Chargeback Manager ImageUploadServlet arbitrary JSP file upload attempt (snort3-policy-other.rules)
 * 1:38965 <-> DISABLED <-> SERVER-WEBAPP VMware vCenter Chargeback Manager ImageUploadServlet arbitrary JSP file upload attempt (snort3-server-webapp.rules)
 * 1:39391 <-> DISABLED <-> PROTOCOL-SCADA 3S CoDeSys Gateway Server stack buffer overflow attempt (snort3-protocol-scada.rules)
 * 1:41907 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (snort3-policy-other.rules)
 * 1:43674 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word SmartTag record code execution attempt (snort3-file-office.rules)
 * 1:43675 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word SmartTag record code execution attempt (snort3-file-office.rules)
 * 1:45399 <-> DISABLED <-> FILE-OTHER Adobe Photoshop asset elements stack based buffer overflow attempt (snort3-file-other.rules)
 * 1:4637 <-> DISABLED <-> SERVER-OTHER MailEnable HTTPMail buffer overflow attempt (snort3-server-other.rules)
 * 1:46482 <-> ENABLED <-> MALWARE-CNC Installation Keylogger Osx.Trojan.Mokes data exfiltration (snort3-malware-cnc.rules)
 * 1:46640 <-> DISABLED <-> INDICATOR-COMPROMISE Win.Worm.Brontok outbound HTTP request attempt (snort3-indicator-compromise.rules)
 * 1:46641 <-> DISABLED <-> INDICATOR-COMPROMISE Win.Worm.Brontok outbound HTTP request attempt (snort3-indicator-compromise.rules)
 * 1:46642 <-> ENABLED <-> MALWARE-CNC Win.Worm.Brontok user-agent outbound connection (snort3-malware-cnc.rules)
 * 1:47032 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MPEG stream padding buffer overflow attempt (snort3-file-multimedia.rules)
 * 1:47033 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MPEG stream padding buffer overflow attempt (snort3-file-multimedia.rules)
 * 1:47744 <-> DISABLED <-> SERVER-WEBAPP Quest DR Series Disk Backup CustomerPortalService.pm command injection attempt (snort3-server-webapp.rules)
 * 1:494 <-> DISABLED <-> INDICATOR-COMPROMISE command completed (snort3-indicator-compromise.rules)
 * 1:604 <-> DISABLED <-> PROTOCOL-SERVICES Unix rlogin froot parameter root access attempt (snort3-protocol-services.rules)
 * 1:7722 <-> DISABLED <-> MALWARE-CNC prorat 1.9 cgi notification detection (snort3-malware-cnc.rules)
 * 1:8085 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager connectedNodes.ovpl command injection attempt (snort3-server-webapp.rules)
 * 1:8086 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager cdpView.ovpl command injection attempt (snort3-server-webapp.rules)
 * 1:8087 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager freeIPaddrs.ovpl command injection attempt (snort3-server-webapp.rules)
 * 1:8088 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager connectedNodes.ovpl command injection attempt (snort3-server-webapp.rules)
 * 1:8089 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager cdpView.ovpl command injection attempt (snort3-server-webapp.rules)
 * 1:8090 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager freeIPaddrs.ovpl command injection attempt (snort3-server-webapp.rules)
 * 1:8734 <-> DISABLED <-> SERVER-WEBAPP Pajax call_dispatcher className directory traversal attempt (snort3-server-webapp.rules)
 * 1:9620 <-> DISABLED <-> SERVER-WEBAPP Pajax call_dispatcher remote code execution attempt (snort3-server-webapp.rules)
 * 1:12362 <-> DISABLED <-> SERVER-WEBAPP Squid HTTP Proxy-Authorization overflow attempt (snort3-server-webapp.rules)
 * 1:12746 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime invalid stsd atom out of bounds read attempt (snort3-file-multimedia.rules)
 * 1:12784 <-> DISABLED <-> SERVER-OTHER CA ARCserve LGServer stack buffer overflow attempt (snort3-server-other.rules)
 * 1:12785 <-> DISABLED <-> SERVER-OTHER CA ARCserve LGServer stack buffer overflow attempt (snort3-server-other.rules)
 * 1:12786 <-> DISABLED <-> SERVER-OTHER CA ARCserve LGServer stack buffer overflow attempt (snort3-server-other.rules)
 * 1:13293 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime panorama atoms buffer overflow attempt (snort3-file-multimedia.rules)
 * 1:13487 <-> DISABLED <-> PUA-ADWARE Adware elite protector runtime detection (snort3-pua-adware.rules)
 * 1:13816 <-> DISABLED <-> SERVER-WEBAPP PHP xmlrpc.php command injection attempt (snort3-server-webapp.rules)
 * 1:13817 <-> DISABLED <-> SERVER-WEBAPP PHP xmlrpc.php command injection attempt (snort3-server-webapp.rules)
 * 1:13818 <-> DISABLED <-> SERVER-WEBAPP PHP alternate xmlrpc.php command injection attempt (snort3-server-webapp.rules)
 * 1:13819 <-> DISABLED <-> SERVER-WEBAPP IBM Lotus Domino Web Server Accept-Language header buffer overflow attempt (snort3-server-webapp.rules)
 * 1:13866 <-> DISABLED <-> MALWARE-OTHER Trackware adclicker-fc.gen.a runtime detection - popup ads (snort3-malware-other.rules)
 * 1:13867 <-> DISABLED <-> MALWARE-OTHER Trackware adclicker-fc.gen.a runtime detection (snort3-malware-other.rules)
 * 1:13902 <-> DISABLED <-> SERVER-OTHER IBM Lotus Sametime multiplexer stack buffer overflow attempt (snort3-server-other.rules)
 * 1:13916 <-> DISABLED <-> SERVER-WEBAPP Alt-N SecurityGateway username buffer overflow attempt (snort3-server-webapp.rules)
 * 1:13925 <-> DISABLED <-> PROTOCOL-FTP Computer Associates eTrust Secure Content Manager PASV stack overflow attempt (snort3-protocol-ftp.rules)
 * 1:13927 <-> DISABLED <-> PROTOCOL-TFTP Open TFTP Server log generation buffer overflow attempt (snort3-protocol-tftp.rules)
 * 1:13940 <-> DISABLED <-> PUA-ADWARE Hijacker win32.bho.bgf outbound connection (snort3-pua-adware.rules)
 * 1:13990 <-> DISABLED <-> SQL union select - possible sql injection attempt - GET parameter (snort3-sql.rules)
 * 1:14230 <-> DISABLED <-> SERVER-WEBAPP SAP DB web server stack buffer overflow attempt (snort3-server-webapp.rules)
 * 1:14265 <-> DISABLED <-> PROTOCOL-SCADA Multiple Schneider Electric SCADA products buffer overflow attempt (snort3-protocol-scada.rules)
 * 1:14607 <-> DISABLED <-> SERVER-OTHER CA Brightstor SUN RPC malformed string buffer overflow attempt (snort3-server-other.rules)
 * 1:14608 <-> DISABLED <-> PROTOCOL-VOIP T.38 fax rate management attribute buffer overflow attempt (snort3-protocol-voip.rules)
 * 1:14609 <-> DISABLED <-> PROTOCOL-VOIP T.38 fax EC attribute buffer overflow attempt (snort3-protocol-voip.rules)
 * 1:14771 <-> DISABLED <-> SERVER-APACHE BEA WebLogic Apache Oracle connector Transfer-Encoding buffer overflow attempt (snort3-server-apache.rules)
 * 1:1478 <-> DISABLED <-> SERVER-WEBAPP Simple Web Counter URI Parameter Buffer Overflow attempt (snort3-server-webapp.rules)
 * 1:1485 <-> DISABLED <-> SERVER-IIS mkilog.exe access (snort3-server-iis.rules)
 * 1:15472 <-> DISABLED <-> FILE-MULTIMEDIA Multiple MP3 player PLS buffer overflow attempt (snort3-file-multimedia.rules)
 * 1:15484 <-> DISABLED <-> PROTOCOL-IMAP CRAM-MD5 authentication method buffer overflow attempt (snort3-protocol-imap.rules)
 * 1:15562 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JPX malformed code-block width memory corruption attempt (snort3-file-pdf.rules)
 * 1:15896 <-> DISABLED <-> SERVER-OTHER Firebird SQL op_connect_request denial of service attempt (snort3-server-other.rules)
 * 1:15939 <-> DISABLED <-> SERVER-OTHER MSN Messenger IRC bot calling home attempt (snort3-server-other.rules)
 * 1:16051 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher 2007 conversion library code execution attempt (snort3-file-office.rules)
 * 1:16098 <-> DISABLED <-> MALWARE-CNC Win.Trojan.cekar variant outbound connection (snort3-malware-cnc.rules)
 * 1:16131 <-> DISABLED <-> MALWARE-OTHER Trackware adclicker trojan zlob.dnz runtime detection - ads (snort3-malware-other.rules)
 * 1:16140 <-> DISABLED <-> MALWARE-CNC torpig-mebroot command and control checkin (snort3-malware-cnc.rules)
 * 1:16184 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (snort3-file-image.rules)
 * 1:16217 <-> DISABLED <-> SERVER-OTHER OpenView Network Node Manager ovalarmsrv opcode 45 integer overflow attempt (snort3-server-other.rules)
 * 1:16231 <-> DISABLED <-> FILE-PDF Microsoft Windows kernel-mode drivers core font parsing integer overflow attempt (snort3-file-pdf.rules)
 * 1:16271 <-> DISABLED <-> MALWARE-CNC Win.Trojan.TDSS.1.Gen keepalive detection (snort3-malware-cnc.rules)
 * 1:16365 <-> DISABLED <-> PUA-ADWARE OnlineGames download attempt (snort3-pua-adware.rules)
 * 1:16366 <-> DISABLED <-> OS-WINDOWS Microsoft Windows embedded OpenType font engine LZX decompression buffer overflow attempt (snort3-os-windows.rules)
 * 1:16494 <-> DISABLED <-> PUA-ADWARE Cutwail spambot server communication attempt (snort3-pua-adware.rules)
 * 1:16498 <-> DISABLED <-> PUA-ADWARE PC Antispyware 2010 FakeAV download/update attempt (snort3-pua-adware.rules)
 * 1:16598 <-> DISABLED <-> SERVER-OTHER Green Dam URL handling overflow attempt (snort3-server-other.rules)
 * 1:16606 <-> DISABLED <-> SERVER-ORACLE BEA WebLogic Server Plug-ins Certificate overflow attempt (snort3-server-oracle.rules)
 * 1:16636 <-> DISABLED <-> OS-WINDOWS Microsoft Windows .NET framework XMLDsig data tampering attempt (snort3-os-windows.rules)
 * 1:16638 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt (snort3-file-office.rules)
 * 1:16665 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Help Centre escape sequence XSS attempt (snort3-os-windows.rules)
 * 1:16688 <-> DISABLED <-> SERVER-OTHER iscsi target format string code execution attempt (snort3-server-other.rules)
 * 1:16689 <-> DISABLED <-> SERVER-OTHER Palo Alto Networks Firewall editUser.esp XSS attempt (snort3-server-other.rules)
 * 1:16692 <-> DISABLED <-> FILE-MULTIMEDIA PLF playlist name buffer overflow attempt (snort3-file-multimedia.rules)
 * 1:16696 <-> DISABLED <-> FILE-OTHER Astonsoft Deepburner db file path buffer overflow attempt (snort3-file-other.rules)
 * 1:16726 <-> DISABLED <-> FILE-OTHER gAlan malformed file stack overflow attempt (snort3-file-other.rules)
 * 1:16727 <-> DISABLED <-> FILE-OTHER IDEAL Administration IPJ file handling stack overflow attempt (snort3-file-other.rules)
 * 1:16731 <-> DISABLED <-> FILE-OTHER ProShow Gold PSH file handling overflow attempt (snort3-file-other.rules)
 * 1:16732 <-> DISABLED <-> FILE-OTHER SafeNet SoftRemote multiple policy file local overflow attempt (snort3-file-other.rules)
 * 1:16733 <-> DISABLED <-> FILE-OTHER UltraISO CCD file handling overflow attempt (snort3-file-other.rules)
 * 1:16736 <-> DISABLED <-> FILE-OTHER VariCAD multiple products DWB file handling overflow attempt (snort3-file-other.rules)
 * 1:16737 <-> DISABLED <-> FILE-MULTIMEDIA Xenorate Media Player XPL file handling overflow attempt - 1 (snort3-file-multimedia.rules)
 * 1:16738 <-> DISABLED <-> FILE-MULTIMEDIA Xenorate Media Player XPL file handling overflow attempt - 2 (snort3-file-multimedia.rules)
 * 1:16751 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player SMB module Win32AddConnection buffer overflow attempt (snort3-file-multimedia.rules)
 * 1:16752 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player SMB module Win32AddConnection buffer overflow attempt (snort3-file-multimedia.rules)
 * 1:16753 <-> DISABLED <-> SERVER-WEBAPP VideoLAN VLC Media Player SMB module Win32AddConnection buffer overflow attempt (snort3-server-webapp.rules)
 * 1:16787 <-> DISABLED <-> FILE-OTHER Symantec multiple products AeXNSConsoleUtilities RunCMD buffer overflow attempt (snort3-file-other.rules)
 * 1:17103 <-> DISABLED <-> SERVER-IIS IIS 5.1 alternate data stream authentication bypass attempt (snort3-server-iis.rules)
 * 1:17139 <-> DISABLED <-> SERVER-OTHER Symantec Alert Management System HNDLRSVC arbitrary command execution attempt (snort3-server-other.rules)
 * 1:17155 <-> DISABLED <-> SERVER-OTHER Multiple vendors OPIE off-by-one stack buffer overflow attempt (snort3-server-other.rules)
 * 1:17234 <-> ENABLED <-> MALWARE-CNC VBMania mass mailing worm activity (snort3-malware-cnc.rules)
 * 1:17235 <-> ENABLED <-> MALWARE-CNC VBMania mass mailing worm download (snort3-malware-cnc.rules)
 * 1:17238 <-> DISABLED <-> FILE-OTHER ACD Systems ACDSee Products XBM file handling buffer overflow attempt (snort3-file-other.rules)
 * 1:17250 <-> DISABLED <-> FILE-OFFICE Microsoft Windows WordPad sprmTSetBrc SPRM overflow attempt (snort3-file-office.rules)
 * 1:17256 <-> DISABLED <-> OS-WINDOWS Microsoft Windows uniscribe fonts parsing memory corruption attempt (snort3-os-windows.rules)
 * 1:17301 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word TextBox sub-document memory corruption attempt (snort3-file-office.rules)
 * 1:17308 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word SmartTag record code execution attempt (snort3-file-office.rules)
 * 1:17373 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime panorama atoms buffer overflow attempt (snort3-file-multimedia.rules)
 * 1:17440 <-> DISABLED <-> SERVER-IIS RSA authentication agent for web redirect buffer overflow attempt (snort3-server-iis.rules)
 * 1:17505 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word formatted disk pages table memory corruption attempt (snort3-file-office.rules)
 * 1:17506 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word formatted disk pages table memory corruption attempt (snort3-file-office.rules)
 * 1:17507 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word formatted disk pages table memory corruption attempt (snort3-file-office.rules)
 * 1:17560 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word global array index heap overflow attempt (snort3-file-office.rules)
 * 1:17805 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Neeris.BF variant outbound connection (snort3-malware-cnc.rules)
 * 1:18102 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader invalid PDF JavaScript printSeps extension call attempt (snort3-file-pdf.rules)
 * 1:18222 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder wmerrorenu.dll dll-load exploit attempt (snort3-os-windows.rules)
 * 1:18223 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder winietenu.dll dll-load exploit attempt (snort3-os-windows.rules)
 * 1:18224 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder asferrorenu.dll dll-load exploit attempt (snort3-os-windows.rules)
 * 1:18225 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder wmerrorenu.dll dll-load exploit attempt (snort3-os-windows.rules)
 * 1:18226 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder winietenu.dll dll-load exploit attempt (snort3-os-windows.rules)
 * 1:18227 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder asferrorenu.dll dll-load exploit attempt (snort3-os-windows.rules)
 * 1:18244 <-> DISABLED <-> FILE-JAVA Oracle Java browser plugin docbase overflow attempt (snort3-file-java.rules)
 * 1:18247 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious User-Agent ErrCode - W32/Fujacks.htm (snort3-malware-cnc.rules)
 * 1:18279 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Karagany.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:18281 <-> DISABLED <-> MALWARE-CNC Win.Trojan.VB.njz variant outbound connection (snort3-malware-cnc.rules)
 * 1:18311 <-> DISABLED <-> SERVER-WEBAPP Novell iManager getMultiPartParameters arbitrary file upload attempt (snort3-server-webapp.rules)
 * 1:18448 <-> DISABLED <-> FILE-PDF Adobe Acrobat Universal 3D stream memory corruption attempt (snort3-file-pdf.rules)
 * 1:18451 <-> DISABLED <-> FILE-PDF Adobe Acrobat ICC color integer overflow attempt (snort3-file-pdf.rules)
 * 1:18453 <-> DISABLED <-> FILE-PDF Adobe Acrobat universal 3D format memory corruption attempt (snort3-file-pdf.rules)
 * 1:18457 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader U3D rgba parsing overflow attempt (snort3-file-pdf.rules)
 * 1:18478 <-> DISABLED <-> SERVER-WEBAPP miniBB rss.php premodDir remote file include attempt (snort3-server-webapp.rules)
 * 1:18479 <-> DISABLED <-> SERVER-WEBAPP miniBB rss.php pathToFiles remote file include attempt (snort3-server-webapp.rules)
 * 1:18488 <-> DISABLED <-> FILE-OTHER Adobe Photoshop wintab32.dll dll-load exploit attempt (snort3-file-other.rules)
 * 1:18489 <-> DISABLED <-> FILE-OTHER Adobe Photoshop wintab32.dll dll-load exploit attempt (snort3-file-other.rules)
 * 1:18506 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader CCITT stream compression filter invalid image size heap overflow attempt (snort3-file-pdf.rules)
 * 1:18507 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader CCITT stream compression filter invalid image size heap overflow attempt (snort3-file-pdf.rules)
 * 1:18511 <-> DISABLED <-> SERVER-OTHER Sourcefire Snort packet fragmentation reassembly denial of service attempt (snort3-server-other.rules)
 * 1:18524 <-> DISABLED <-> SERVER-OTHER Multiple vendor anti-virus extended ASCII filename scan bypass attempt (snort3-server-other.rules)
 * 1:18526 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader shell metacharacter code execution attempt (snort3-file-pdf.rules)
 * 1:18527 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader shell metacharacter code execution attempt (snort3-file-pdf.rules)
 * 1:18529 <-> DISABLED <-> FILE-OTHER Adobe Premiere Pro ibfs32.dll dll-load exploit attempt (snort3-file-other.rules)
 * 1:18530 <-> DISABLED <-> FILE-OTHER Adobe Premier Pro ibfs32.dll dll-load exploit attempt (snort3-file-other.rules)
 * 1:18531 <-> DISABLED <-> SERVER-OTHER Multiple Vendors iacenc.dll dll-load exploit attempt (snort3-server-other.rules)
 * 1:18532 <-> DISABLED <-> OS-WINDOWS Multiple Vendors iacenc.dll dll-load exploit attempt (snort3-os-windows.rules)
 * 1:18535 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word file sprmTSetBrc processing buffer overflow attempt (snort3-file-office.rules)
 * 1:18562 <-> DISABLED <-> MALWARE-CNC RogueSoftware.Win32.LivePcCare variant outbound connection (snort3-malware-cnc.rules)
 * 1:18575 <-> DISABLED <-> PROTOCOL-FTP Computer Associates eTrust Secure Content Manager LIST stack overflow attempt (snort3-protocol-ftp.rules)
 * 1:18577 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.agum variant outbound connection (snort3-malware-cnc.rules)
 * 1:18587 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 267 buffer overflow attempt (snort3-server-other.rules)
 * 1:18618 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Scar.dpvy/Parkchicers.A/Delf checkin (snort3-malware-cnc.rules)
 * 1:18638 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel drawing layer use after free attempt (snort3-file-office.rules)
 * 1:18642 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Converter sprmTSplit overflow attempt (snort3-file-office.rules)
 * 1:18643 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Converter sprmTTextFflow overflow attempt (snort3-file-office.rules)
 * 1:18707 <-> DISABLED <-> MALWARE-CNC RogueSoftware.Win32.ControlCenter variant outbound connection (snort3-malware-cnc.rules)
 * 1:18708 <-> DISABLED <-> MALWARE-CNC RogueSoftware.Win32.AntivirusSoft variant outbound connection (snort3-malware-cnc.rules)
 * 1:18709 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.aufm variant outbound connection (snort3-malware-cnc.rules)
 * 1:18711 <-> DISABLED <-> MALWARE-CNC RogueSoftware.Win32.SecurityCentral variant outbound connection (snort3-malware-cnc.rules)
 * 1:18712 <-> DISABLED <-> MALWARE-CNC RogueSoftware.Win32.XJRAntivirus variant outbound connection (snort3-malware-cnc.rules)
 * 1:18715 <-> ENABLED <-> MALWARE-CNC Ozdok botnet communication with C&C server (snort3-malware-cnc.rules)
 * 1:18716 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.H variant outbound connection (snort3-malware-cnc.rules)
 * 1:18717 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.QO variant outbound connection (snort3-malware-cnc.rules)
 * 1:18718 <-> DISABLED <-> MALWARE-CNC RogueSoftware.Win32.AdvancedDefender variant outbound connection (snort3-malware-cnc.rules)
 * 1:18719 <-> DISABLED <-> MALWARE-CNC Win.Trojan.IRCBot.CBY variant outbound connection (snort3-malware-cnc.rules)
 * 1:18720 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Terzib.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:18723 <-> DISABLED <-> MALWARE-CNC RogueSoftware.Win32.CleanV variant outbound connection (snort3-malware-cnc.rules)
 * 1:18724 <-> DISABLED <-> MALWARE-CNC RogueSoftware.Win32.ZeroClean variant outbound connection (snort3-malware-cnc.rules)
 * 1:18739 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Koobface.D variant outbound connection (snort3-malware-cnc.rules)
 * 1:18753 <-> DISABLED <-> SERVER-OTHER Zend Server Java Bridge remote code execution attempt (snort3-server-other.rules)
 * 1:18764 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager nnmRptConfig.exe multiple parameters buffer overflow attempt (snort3-server-webapp.rules)
 * 1:18768 <-> DISABLED <-> SERVER-MAIL Novell GroupWise Internet Agent RRULE parsing buffer overflow attempt (snort3-server-mail.rules)
 * 1:18808 <-> DISABLED <-> SERVER-MAIL Ipswitch IMail Server List Mailer Reply-To address buffer overflow attempt (snort3-server-mail.rules)
 * 1:18934 <-> ENABLED <-> MALWARE-CNC known command and control channel traffic (Coreflood -- snort3-malware-cnc.rules)
 * 1:18936 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - Win.Trojan.FakeAV (snort3-malware-cnc.rules)
 * 1:18937 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - Win.Trojan.Krap (snort3-malware-cnc.rules)
 * 1:18939 <-> ENABLED <-> MALWARE-CNC known command and control channel traffic (snort3-malware-cnc.rules)
 * 1:18940 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - Sality (snort3-malware-cnc.rules)
 * 1:18941 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - FakeAV (snort3-malware-cnc.rules)
 * 1:18942 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - MacProtector (snort3-malware-cnc.rules)
 * 1:18943 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - MacDefender (snort3-malware-cnc.rules)
 * 1:18945 <-> DISABLED <-> MALWARE-CNC Virus.Win32.Feberr variant outbound connection (snort3-malware-cnc.rules)
 * 1:18946 <-> ENABLED <-> MALWARE-CNC Win.Trojan.IRCBot.FC variant outbound connection (snort3-malware-cnc.rules)
 * 1:18947 <-> DISABLED <-> MALWARE-CNC Win.Trojan.IRCBot.FC variant outbound connection (snort3-malware-cnc.rules)
 * 1:18952 <-> DISABLED <-> FILE-OTHER Microsoft Windows uniscribe fonts parsing memory corruption attempt (snort3-file-other.rules)
 * 1:18976 <-> DISABLED <-> MALWARE-CNC Rogue-Software.AVCare variant outbound connection (snort3-malware-cnc.rules)
 * 1:18977 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Proxy variant outbound connection (snort3-malware-cnc.rules)
 * 1:18978 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Pasta.aoq variant outbound connection (snort3-malware-cnc.rules)
 * 1:18980 <-> DISABLED <-> MALWARE-CNC WinSpywareProtect variant outbound connection (snort3-malware-cnc.rules)
 * 1:18981 <-> DISABLED <-> MALWARE-CNC WinSpywareProtect variant outbound connection (snort3-malware-cnc.rules)
 * 1:18982 <-> DISABLED <-> MALWARE-CNC WinSpywareProtect variant outbound connection (snort3-malware-cnc.rules)
 * 1:18984 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - Win32/Trojanclicker (snort3-malware-cnc.rules)
 * 1:18998 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM ovwebsnmpsrv.exe command line argument buffer overflow attempt (snort3-server-webapp.rules)
 * 1:19016 <-> ENABLED <-> MALWARE-CNC MacBack Win.Trojan.variant outbound connection (snort3-malware-cnc.rules)
 * 1:19017 <-> ENABLED <-> MALWARE-CNC MacBack Win.Trojan.variant outbound connection (snort3-malware-cnc.rules)
 * 1:19018 <-> ENABLED <-> MALWARE-CNC MacBack Win.Trojan.variant outbound connection (snort3-malware-cnc.rules)
 * 1:19019 <-> ENABLED <-> MALWARE-CNC MacBack Win.Trojan.variant outbound connection (snort3-malware-cnc.rules)
 * 1:19021 <-> ENABLED <-> MALWARE-CNC Win.Trojan-Downloader.Win32.FraudLoad.dzm variant outbound connection (snort3-malware-cnc.rules)
 * 1:19023 <-> DISABLED <-> MALWARE-CNC IRC.Zapchast.zwrc variant outbound connection (snort3-malware-cnc.rules)
 * 1:19024 <-> DISABLED <-> MALWARE-CNC Win.Trojan.StartPage variant outbound connection (snort3-malware-cnc.rules)
 * 1:19025 <-> DISABLED <-> MALWARE-CNC Win.Trojan-Banker.Win32.Bancos.etf variant outbound connection (snort3-malware-cnc.rules)
 * 1:19027 <-> DISABLED <-> MALWARE-CNC BrowserModifier.Win32.Kerlofost variant outbound connection (snort3-malware-cnc.rules)
 * 1:19028 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Mailbot variant outbound connection (snort3-malware-cnc.rules)
 * 1:19030 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Uloadis variant outbound connection (snort3-malware-cnc.rules)
 * 1:19031 <-> DISABLED <-> MALWARE-CNC iPRIVACY variant outbound connection (snort3-malware-cnc.rules)
 * 1:19032 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Cornfemo variant outbound connection (snort3-malware-cnc.rules)
 * 1:19033 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Cornfemo variant outbound connection (snort3-malware-cnc.rules)
 * 1:19035 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Vilsel.baqb variant outbound connection (snort3-malware-cnc.rules)
 * 1:19036 <-> ENABLED <-> MALWARE-CNC Win.Trojan.IRCBrute.I variant outbound connection (snort3-malware-cnc.rules)
 * 1:19037 <-> DISABLED <-> MALWARE-CNC Win.Trojan.IRCBrute.I variant outbound connection (snort3-malware-cnc.rules)
 * 1:19038 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Jzzer.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:19039 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Linkbot.alr variant outbound connection (snort3-malware-cnc.rules)
 * 1:19040 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Linkbot.alr variant outbound connection (snort3-malware-cnc.rules)
 * 1:19041 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Carberp.C variant outbound connection (snort3-malware-cnc.rules)
 * 1:19042 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.ACQE variant outbound connection (snort3-malware-cnc.rules)
 * 1:19043 <-> DISABLED <-> PUA-ADWARE RogueSoftware.Win32.BestBoan outbound connection (snort3-pua-adware.rules)
 * 1:19044 <-> DISABLED <-> PUA-ADWARE RogueSoftware.Win32.ThinkPoint outbound connection (snort3-pua-adware.rules)
 * 1:19045 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Bancos.XQ variant outbound connection (snort3-malware-cnc.rules)
 * 1:19046 <-> DISABLED <-> PUA-ADWARE RogueSoftware.Win32.Winwebsec outbound connection (snort3-pua-adware.rules)
 * 1:19047 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user agent - RCleanT (snort3-malware-cnc.rules)
 * 1:19048 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Darkness variant outbound connection (snort3-malware-cnc.rules)
 * 1:19050 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banbra.fxe variant outbound connection (snort3-malware-cnc.rules)
 * 1:19052 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Httpbot.qdc variant outbound connection (snort3-malware-cnc.rules)
 * 1:19053 <-> ENABLED <-> MALWARE-CNC Worm.Win32.Nusump.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:19054 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Sisron.nelo variant outbound connection (snort3-malware-cnc.rules)
 * 1:19055 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Gosik.A registration (snort3-malware-cnc.rules)
 * 1:19056 <-> ENABLED <-> MALWARE-CNC Win.Trojan.QQFish variant outbound connection (snort3-malware-cnc.rules)
 * 1:19057 <-> ENABLED <-> MALWARE-CNC Win.Trojan.QQFish variant outbound connection (snort3-malware-cnc.rules)
 * 1:19058 <-> ENABLED <-> MALWARE-CNC Worm.Win32.Faketube update request (snort3-malware-cnc.rules)
 * 1:19059 <-> DISABLED <-> PUA-ADWARE RogueSoftware.Win32.SystemDefragmenter outbound connection (snort3-pua-adware.rules)
 * 1:19060 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ponmocup.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:19061 <-> DISABLED <-> PUA-ADWARE Adware.Win32.Cashtitan contact to server attempt (snort3-pua-adware.rules)
 * 1:19062 <-> DISABLED <-> MALWARE-CNC Win.Trojan.FakePlus variant outbound connection (snort3-malware-cnc.rules)
 * 1:19105 <-> DISABLED <-> SERVER-OTHER HP Data Protector Manager MMD service buffer overflow attempt (snort3-server-other.rules)
 * 1:19138 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM getnnmdata.exe CGI hostname parameter buffer overflow attempt (snort3-server-webapp.rules)
 * 1:19164 <-> ENABLED <-> MALWARE-CNC Win.Trojan.SpyEye variant outbound connection (snort3-malware-cnc.rules)
 * 1:19206 <-> DISABLED <-> SERVER-OTHER IBM DB2 Universal Database receiveDASMessage buffer overflow attempt (snort3-server-other.rules)
 * 1:19225 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SerAuxTrend biff record corruption attempt (snort3-file-office.rules)
 * 1:19309 <-> DISABLED <-> PUA-ADWARE hijacker starware videos outbound connection (snort3-pua-adware.rules)
 * 1:19310 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Gen3 variant outbound connection (snort3-malware-cnc.rules)
 * 1:19312 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.aah variant outbound connection (snort3-malware-cnc.rules)
 * 1:19328 <-> ENABLED <-> MALWARE-CNC PointGuide variant outbound connection (snort3-malware-cnc.rules)
 * 1:19329 <-> DISABLED <-> MALWARE-CNC Faceback.exe variant outbound connection (snort3-malware-cnc.rules)
 * 1:19330 <-> DISABLED <-> MALWARE-CNC Adclicker Win.Trojan.Zlob.dnz variant outbound connection (snort3-malware-cnc.rules)
 * 1:19331 <-> DISABLED <-> MALWARE-CNC Adclicker Win.Trojan.Zlob.dnz variant outbound connection (snort3-malware-cnc.rules)
 * 1:19332 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Clampi variant outbound connection (snort3-malware-cnc.rules)
 * 1:19339 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Dropper Win.Trojan.Agent.alda variant outbound connection (snort3-malware-cnc.rules)
 * 1:19340 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Fakeav TREAntivirus variant outbound connection (snort3-malware-cnc.rules)
 * 1:19341 <-> DISABLED <-> MALWARE-CNC Worm MSIL.AiO.a variant outbound connection (snort3-malware-cnc.rules)
 * 1:19342 <-> DISABLED <-> MALWARE-CNC Adware Professional variant outbound connection (snort3-malware-cnc.rules)
 * 1:19343 <-> DISABLED <-> MALWARE-CNC Adware Pro variant outbound connection (snort3-malware-cnc.rules)
 * 1:19344 <-> DISABLED <-> MALWARE-CNC AntiMalware Pro variant outbound connection (snort3-malware-cnc.rules)
 * 1:19345 <-> DISABLED <-> MALWARE-CNC REAnti variant outbound connection (snort3-malware-cnc.rules)
 * 1:19346 <-> DISABLED <-> MALWARE-CNC Additional Guard variant outbound connection (snort3-malware-cnc.rules)
 * 1:19348 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Downloader Win.Trojan.FraudLoad.emq variant outbound connection (snort3-malware-cnc.rules)
 * 1:19349 <-> DISABLED <-> MALWARE-CNC Fakeav Vaccineclear variant outbound connection (snort3-malware-cnc.rules)
 * 1:19351 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Clicker Win.Trojan.Hatigh.C variant outbound connection (snort3-malware-cnc.rules)
 * 1:19352 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Small.D variant outbound connection (snort3-malware-cnc.rules)
 * 1:19353 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Banker.bkhu variant outbound connection (snort3-malware-cnc.rules)
 * 1:19357 <-> ENABLED <-> MALWARE-CNC Win.Worm.Sohanad.ila variant outbound connection (snort3-malware-cnc.rules)
 * 1:19358 <-> ENABLED <-> MALWARE-CNC Win.Trojan.XYTvn.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:19359 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dcbavict.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:19360 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dcbavict.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:19361 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dcbavict.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:19363 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dorkbot.B variant outbound connection (snort3-malware-cnc.rules)
 * 1:19366 <-> DISABLED <-> MALWARE-CNC Win.Trojan.HXWAN.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:19367 <-> DISABLED <-> MALWARE-CNC Win.Worm.Vaubeg.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:19368 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Carberp.D variant outbound connection (snort3-malware-cnc.rules)
 * 1:19369 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Carberp.D variant outbound connection (snort3-malware-cnc.rules)
 * 1:19370 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Carberp.D variant outbound connection (snort3-malware-cnc.rules)
 * 1:19371 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.IC variant outbound connection (snort3-malware-cnc.rules)
 * 1:19372 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string javasw - Trojan.Banload (snort3-malware-cnc.rules)
 * 1:19391 <-> DISABLED <-> PUA-ADWARE Lost Door v3.0 (snort3-pua-adware.rules)
 * 1:19392 <-> ENABLED <-> MALWARE-OTHER Keylogger Monitor.win32.perflogger (snort3-malware-other.rules)
 * 1:19393 <-> DISABLED <-> MALWARE-OTHER Keylogger Monitor.win32.perflogger (snort3-malware-other.rules)
 * 1:19394 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Tidserv variant outbound connection (snort3-malware-cnc.rules)
 * 1:19395 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader Win.Trojan.Monkif.J inbound connection - dest ip infected (snort3-malware-cnc.rules)
 * 1:19396 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Beastdoor.b variant outbound connection (snort3-malware-cnc.rules)
 * 1:19397 <-> DISABLED <-> MALWARE-CNC Win.Trojan.UltimateDefender.xv variant outbound connection (snort3-malware-cnc.rules)
 * 1:19398 <-> DISABLED <-> MALWARE-CNC Win.Trojan.BAT.Shutdown.ef variant outbound connection (snort3-malware-cnc.rules)
 * 1:19399 <-> DISABLED <-> MALWARE-CNC Email Worm Win32.Zhelatin.ch variant outbound connection (snort3-malware-cnc.rules)
 * 1:19400 <-> DISABLED <-> MALWARE-CNC Win.Worm.Sddrop.D variant outbound connection (snort3-malware-cnc.rules)
 * 1:19401 <-> DISABLED <-> MALWARE-CNC Win.Worm.Sddrop.D variant outbound connection (snort3-malware-cnc.rules)
 * 1:19402 <-> DISABLED <-> MALWARE-CNC P2P Worm.Win32.Malas.r variant outbound connection (snort3-malware-cnc.rules)
 * 1:19404 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ozdok variant outbound connection (snort3-malware-cnc.rules)
 * 1:19426 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader Win.Trojan.Crypter.i variant outbound connection (snort3-malware-cnc.rules)
 * 1:19427 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.amjz variant outbound connection (snort3-malware-cnc.rules)
 * 1:19428 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader Win.Trojan.Adload.BG variant outbound connection (snort3-malware-cnc.rules)
 * 1:19429 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Proxy Win.Trojan.Dosenjo.C variant outbound connection (snort3-malware-cnc.rules)
 * 1:19433 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Fujacks.aw variant outbound connection (snort3-malware-cnc.rules)
 * 1:19434 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string ErrCode (snort3-malware-cnc.rules)
 * 1:19435 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Litmus.203 variant outbound connection (snort3-malware-cnc.rules)
 * 1:19453 <-> DISABLED <-> PUA-ADWARE Sus.BancDI-B trojan outbound connection (snort3-pua-adware.rules)
 * 1:19454 <-> DISABLED <-> MALWARE-CNC Win.Trojan.PWS.Win32.QQPass.IK variant outbound connection (snort3-malware-cnc.rules)
 * 1:19456 <-> DISABLED <-> MALWARE-CNC Packed.Win32.Klone.bj variant outbound connection (snort3-malware-cnc.rules)
 * 1:19457 <-> DISABLED <-> MALWARE-CNC Trojan-Clicker.Win32.Vesloruki.ajb variant outbound connection (snort3-malware-cnc.rules)
 * 1:19458 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word sprmCMajority record buffer overflow attempt (snort3-file-office.rules)
 * 1:19459 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word sprmCMajority record buffer overflow attempt (snort3-file-office.rules)
 * 1:19476 <-> DISABLED <-> MALWARE-CNC Exploit.Win32.SqlShell.r variant outbound connection (snort3-malware-cnc.rules)
 * 1:19477 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Krap.af variant outbound connection (snort3-malware-cnc.rules)
 * 1:19478 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Taterf.B variant outbound connection (snort3-malware-cnc.rules)
 * 1:19479 <-> DISABLED <-> MALWARE-CNC Net-Worm.Win32.Piloyd.m variant outbound connection - request html (snort3-malware-cnc.rules)
 * 1:19480 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string STORMDDOS - Backdoor.Win32.Inject.ctt (snort3-malware-cnc.rules)
 * 1:19481 <-> DISABLED <-> MALWARE-CNC Email-Worm.Win32.Agent.bx variant outbound connection (snort3-malware-cnc.rules)
 * 1:19482 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string ErrorFix (snort3-malware-cnc.rules)
 * 1:19483 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Reload.fy variant outbound connection (snort3-malware-cnc.rules)
 * 1:19485 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user agent - RAV1 (snort3-malware-cnc.rules)
 * 1:19486 <-> DISABLED <-> PUA-ADWARE W32.Fiala.A outbound connection (snort3-pua-adware.rules)
 * 1:19487 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.kih variant outbound connection (snort3-malware-cnc.rules)
 * 1:19488 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Failnum.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:19489 <-> DISABLED <-> MALWARE-CNC Win.Trojan.DeAlfa.fa variant outbound connection (snort3-malware-cnc.rules)
 * 1:19490 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Koceg.B variant outbound connection (snort3-malware-cnc.rules)
 * 1:19491 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader Win.Trojan.Genome.vau variant outbound connection (snort3-malware-cnc.rules)
 * 1:19492 <-> DISABLED <-> MALWARE-CNC Windows System Defender variant outbound connection (snort3-malware-cnc.rules)
 * 1:19493 <-> ENABLED <-> MALWARE-CNC URI request for known malicious uri config.ini on 3322.org domain (snort3-malware-cnc.rules)
 * 1:19494 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Licum variant outbound connection (snort3-malware-cnc.rules)
 * 1:19495 <-> DISABLED <-> MALWARE-CNC Win.Worm.Pilleuz variant outbound connection (snort3-malware-cnc.rules)
 * 1:19554 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Fakeav Antivirus Xp Pro variant outbound connection (snort3-malware-cnc.rules)
 * 1:19555 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Small variant outbound connection (snort3-malware-cnc.rules)
 * 1:19556 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Homa variant outbound connection (snort3-malware-cnc.rules)
 * 1:19557 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Shark.ag variant outbound connection (snort3-malware-cnc.rules)
 * 1:19566 <-> DISABLED <-> PUA-ADWARE W32.Ackantta.C.mm mass-mailer outbound connection (snort3-pua-adware.rules)
 * 1:19567 <-> DISABLED <-> PUA-ADWARE W32.Ackantta.C.mm mass-mailer outbound connection (snort3-pua-adware.rules)
 * 1:19568 <-> DISABLED <-> MALWARE-CNC Trojan-Spy.Win32.PerfectKeylogger variant outbound connection (snort3-malware-cnc.rules)
 * 1:19569 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Perkesh variant outbound connection (snort3-malware-cnc.rules)
 * 1:19570 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user agent - ie 11.0 sp6 (snort3-malware-cnc.rules)
 * 1:19571 <-> DISABLED <-> PUA-ADWARE Antivirus Agent Pro outbound connection (snort3-pua-adware.rules)
 * 1:19572 <-> DISABLED <-> MALWARE-CNC Win.Trojan.FFSearch variant outbound connection (snort3-malware-cnc.rules)
 * 1:19573 <-> DISABLED <-> MALWARE-CNC Win.Worm.Chiviper.C variant outbound connection (snort3-malware-cnc.rules)
 * 1:19574 <-> DISABLED <-> MALWARE-CNC Win.Worm.Chiviper.C variant outbound connection (snort3-malware-cnc.rules)
 * 1:19575 <-> DISABLED <-> MALWARE-CNC Win.Worm.Emold.U variant outbound connection (snort3-malware-cnc.rules)
 * 1:19576 <-> DISABLED <-> PUA-ADWARE Antivirus Pro 2010 outbound connection (snort3-pua-adware.rules)
 * 1:19577 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dropper Win.Trojan.Dogrobot.E variant outbound connection (snort3-malware-cnc.rules)
 * 1:19578 <-> DISABLED <-> PUA-ADWARE Personal Guard 2009 outbound connection (snort3-pua-adware.rules)
 * 1:19579 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Potao.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:19580 <-> DISABLED <-> MALWARE-CNC Win.Worm.Basun.wsc inbound connection (snort3-malware-cnc.rules)
 * 1:19581 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Apher.gpd variant outbound connection (snort3-malware-cnc.rules)
 * 1:19582 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Apher.gpd variant outbound connection (snort3-malware-cnc.rules)
 * 1:19583 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Bumat.rts variant outbound connection (snort3-malware-cnc.rules)
 * 1:19584 <-> DISABLED <-> MALWARE-CNC Win.Worm.Dref.C variant outbound connection (snort3-malware-cnc.rules)
 * 1:19585 <-> DISABLED <-> MALWARE-CNC Win.Worm.Dref.C variant outbound connection - notification (snort3-malware-cnc.rules)
 * 1:19586 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Clicker Win.Trojan.Agent.dlg variant outbound connection (snort3-malware-cnc.rules)
 * 1:19587 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Sereki.B variant outbound connection (snort3-malware-cnc.rules)
 * 1:19588 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Sereki.B successful connection (snort3-malware-cnc.rules)
 * 1:19589 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious User-Agent string MacProtector (snort3-malware-cnc.rules)
 * 1:19590 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Savnut.B variant outbound connection (snort3-malware-cnc.rules)
 * 1:19591 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Powp.pyv variant outbound connection (snort3-malware-cnc.rules)
 * 1:19592 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent variant outbound connection (snort3-malware-cnc.rules)
 * 1:19593 <-> DISABLED <-> MALWARE-CNC Win.Worm.Agent.btxm variant outbound connection IRC (snort3-malware-cnc.rules)
 * 1:19594 <-> DISABLED <-> PUA-ADWARE Win32.Fruspam outbound connection (snort3-pua-adware.rules)
 * 1:19595 <-> DISABLED <-> MALWARE-OTHER known malicious email string - You have received a Hallmark E-Card (snort3-malware-other.rules)
 * 1:19596 <-> DISABLED <-> MALWARE-CNC Poison Ivy variant outbound connection (snort3-malware-cnc.rules)
 * 1:19597 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.cws variant outbound connection (snort3-malware-cnc.rules)
 * 1:19598 <-> DISABLED <-> PUA-ADWARE Infostealer.Gampass outbound connection (snort3-pua-adware.rules)
 * 1:19608 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Wisscmd.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:19611 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious User-Agent string INet - Win32.Virus.Jusabli.A (snort3-malware-cnc.rules)
 * 1:19612 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Banload.bvk variant outbound connection (snort3-malware-cnc.rules)
 * 1:19613 <-> DISABLED <-> MALWARE-CNC Rogue Software Registry Cleaner Pro variant outbound connection (snort3-malware-cnc.rules)
 * 1:19614 <-> ENABLED <-> MALWARE-CNC Win.Trojan.IRCBot.kkr variant outbound connection (snort3-malware-cnc.rules)
 * 1:19615 <-> DISABLED <-> MALWARE-CNC Win.Trojan.IRCBot.kkr variant outbound connection (snort3-malware-cnc.rules)
 * 1:19616 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.Win32.Banbra.mcq variant outbound connection (snort3-malware-cnc.rules)
 * 1:19622 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - pte.aspx?ver= (snort3-malware-cnc.rules)
 * 1:19623 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - vic.aspx?ver= (snort3-malware-cnc.rules)
 * 1:19625 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - .sys.php?getexe= (snort3-malware-cnc.rules)
 * 1:19626 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - /setup_b.asp?prj= (snort3-malware-cnc.rules)
 * 1:19627 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - /r_autoidcnt.asp?mer_seq= (snort3-malware-cnc.rules)
 * 1:19628 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - /1cup/script.php (snort3-malware-cnc.rules)
 * 1:19631 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - AnSSip= (snort3-malware-cnc.rules)
 * 1:19632 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - /VertexNet/adduser.php?uid= (snort3-malware-cnc.rules)
 * 1:19633 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - /VertexNet/tasks.php?uid= (snort3-malware-cnc.rules)
 * 1:19635 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - /app/?prj= (snort3-malware-cnc.rules)
 * 1:19636 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - /blog/images/3521.jpg?v (snort3-malware-cnc.rules)
 * 1:19637 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - /install.asp?mac= (snort3-malware-cnc.rules)
 * 1:19638 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - /kx4.txt (snort3-malware-cnc.rules)
 * 1:19652 <-> DISABLED <-> MALWARE-CNC Teevsock C variant outbound connection (snort3-malware-cnc.rules)
 * 1:19654 <-> DISABLED <-> MALWARE-CNC Trojan-Spy.Win32.Zbot.wti variant outbound connection (snort3-malware-cnc.rules)
 * 1:19655 <-> DISABLED <-> MALWARE-CNC Trojan-Dropper.Agent.IK variant outbound connection (snort3-malware-cnc.rules)
 * 1:19656 <-> DISABLED <-> MALWARE-CNC Trojan-Dropper.Win32.Peace.lh variant outbound connection (snort3-malware-cnc.rules)
 * 1:19657 <-> ENABLED <-> MALWARE-CNC Win.Trojan.FakeAV variant traffic (snort3-malware-cnc.rules)
 * 1:19658 <-> ENABLED <-> MALWARE-CNC Win.Trojan.MCnovogic.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:19659 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Soleseq.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:19660 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Riern.K variant outbound connection (snort3-malware-cnc.rules)
 * 1:19695 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.VB.nec variant outbound connection (snort3-malware-cnc.rules)
 * 1:19696 <-> DISABLED <-> MALWARE-CNC Win.Trojan.SdBot.nng inbound connection (snort3-malware-cnc.rules)
 * 1:19697 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Spy.Win32.VB.btm variant outbound connection (snort3-malware-cnc.rules)
 * 1:19698 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Prosti.AG variant outbound connection (snort3-malware-cnc.rules)
 * 1:19699 <-> DISABLED <-> MALWARE-CNC TrojanDownloader.Win32.Korklic.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:19700 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.tnr variant outbound connection (snort3-malware-cnc.rules)
 * 1:19701 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Hassar.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:19702 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Zboter.E variant outbound connection (snort3-malware-cnc.rules)
 * 1:19703 <-> ENABLED <-> MALWARE-CNC Win.Worm.Dusta.br outbound connnection (snort3-malware-cnc.rules)
 * 1:19704 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Agent.grdm variant outbound connection (snort3-malware-cnc.rules)
 * 1:19705 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Agent.grdm variant outbound connection (snort3-malware-cnc.rules)
 * 1:19706 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Agent.cer variant outbound connection (snort3-malware-cnc.rules)
 * 1:19711 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Jorik variant outbound connection (snort3-malware-cnc.rules)
 * 1:19712 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Downloader variant outbound connection (snort3-malware-cnc.rules)
 * 1:19715 <-> DISABLED <-> MALWARE-CNC Win.Trojan.URLZone variant outbound connection (snort3-malware-cnc.rules)
 * 1:19716 <-> DISABLED <-> MALWARE-CNC TrojanSpy.Win32.Banker.OO variant outbound connection (snort3-malware-cnc.rules)
 * 1:19717 <-> DISABLED <-> PUA-ADWARE Virus.Win32.Virut.ce outbound connection (snort3-pua-adware.rules)
 * 1:19718 <-> DISABLED <-> MALWARE-CNC Trojan-Downloader.Win32.Agent.bkap variant outbound connection (snort3-malware-cnc.rules)
 * 1:19719 <-> DISABLED <-> MALWARE-CNC Email-Worm.Win32.Bagle.of variant outbound connection (snort3-malware-cnc.rules)
 * 1:19720 <-> DISABLED <-> MALWARE-CNC Trojan-Downloader.Win32.Onestage.ws variant outbound connection (snort3-malware-cnc.rules)
 * 1:19721 <-> DISABLED <-> MALWARE-CNC Win.Trojan.IRCBot.mlh variant outbound connection (snort3-malware-cnc.rules)
 * 1:19722 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Poshtroper variant outbound connection (snort3-malware-cnc.rules)
 * 1:19723 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Pherbot variant outbound connection (snort3-malware-cnc.rules)
 * 1:19724 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent variant outbound connection (snort3-malware-cnc.rules)
 * 1:19725 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Poison variant outbound connection (snort3-malware-cnc.rules)
 * 1:19726 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Poison variant outbound connection (snort3-malware-cnc.rules)
 * 1:19727 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Bancos.DI variant outbound connection (snort3-malware-cnc.rules)
 * 1:19728 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Yayih variant outbound connection (snort3-malware-cnc.rules)
 * 1:19729 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Yayih variant outbound connection (snort3-malware-cnc.rules)
 * 1:19730 <-> ENABLED <-> MALWARE-CNC Win.Trojan.KukuBot variant outbound connection (snort3-malware-cnc.rules)
 * 1:19731 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Darkwebot variant outbound connection (snort3-malware-cnc.rules)
 * 1:19732 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Idicaf variant outbound connection (snort3-malware-cnc.rules)
 * 1:19733 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Jorik.BRU variant outbound connection (snort3-malware-cnc.rules)
 * 1:19739 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Apptom variant outbound connection (snort3-malware-cnc.rules)
 * 1:19740 <-> DISABLED <-> MALWARE-CNC Worm.Win32.AutoRun.aczu variant outbound connection (snort3-malware-cnc.rules)
 * 1:19741 <-> DISABLED <-> MALWARE-OTHER PWS.Win32.Scofted keylogger runtime detection (snort3-malware-other.rules)
 * 1:19742 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.atff variant outbound connection (snort3-malware-cnc.rules)
 * 1:19743 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Hupigon.eqlo variant outbound connection (snort3-malware-cnc.rules)
 * 1:19744 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Deecee.a variant outbound connection (snort3-malware-cnc.rules)
 * 1:19745 <-> DISABLED <-> MALWARE-CNC Win.Trojan.FraudLoad.dyl variant outbound connection (snort3-malware-cnc.rules)
 * 1:19746 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.biiw variant outbound connection (snort3-malware-cnc.rules)
 * 1:19747 <-> ENABLED <-> MALWARE-BACKDOOR Win.Trojan.GGDoor.22 variant outbound connection (snort3-malware-backdoor.rules)
 * 1:19748 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Crypt.ULPM.Gen IRC variant outbound connection (snort3-malware-cnc.rules)
 * 1:19749 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.chgp variant outbound connection (snort3-malware-cnc.rules)
 * 1:19750 <-> DISABLED <-> MALWARE-CNC PWS.Win32.Zbot.PJ variant outbound connection (snort3-malware-cnc.rules)
 * 1:19751 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Sohanad.bm variant outbound connection (snort3-malware-cnc.rules)
 * 1:19752 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader variant outbound connection (snort3-malware-cnc.rules)
 * 1:19753 <-> DISABLED <-> MALWARE-CNC Win.Trojan.TrojanSpy.Win32.Zbot.gen.C variant outbound connection (snort3-malware-cnc.rules)
 * 1:19754 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Delf.RGL variant outbound connection (snort3-malware-cnc.rules)
 * 1:19755 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Alphabet variant outbound connection (snort3-malware-cnc.rules)
 * 1:19756 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string Opera/8.89 - P2P-Worm.Win32.Palevo.ddm (snort3-malware-cnc.rules)
 * 1:19757 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.bqlu variant outbound connection (snort3-malware-cnc.rules)
 * 1:19758 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Small.yw variant outbound connection (snort3-malware-cnc.rules)
 * 1:19759 <-> DISABLED <-> MALWARE-CNC Trojan-PSW.Win32.FireThief.h variant outbound connection (snort3-malware-cnc.rules)
 * 1:19760 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Arsinfoder variant outbound connection (snort3-malware-cnc.rules)
 * 1:19761 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Ftpharvxqq variant outbound connection (snort3-malware-cnc.rules)
 * 1:19762 <-> DISABLED <-> MALWARE-CNC Win.Trojan.RDPdoor.AE variant outbound connection (snort3-malware-cnc.rules)
 * 1:19763 <-> DISABLED <-> MALWARE-CNC Win.Trojan.RDPdoor.AE variant outbound connection (snort3-malware-cnc.rules)
 * 1:19764 <-> DISABLED <-> MALWARE-CNC Win.Trojan.RDPdoor.AE variant outbound connection (snort3-malware-cnc.rules)
 * 1:19765 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Banker variant outbound connection (snort3-malware-cnc.rules)
 * 1:19766 <-> DISABLED <-> MALWARE-CNC Win.Worm.Autorun variant outbound connection (snort3-malware-cnc.rules)
 * 1:19767 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Msposer.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:19769 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Yoddos outbound indicator (snort3-malware-cnc.rules)
 * 1:19770 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Yoddos variant outbound connection (snort3-malware-cnc.rules)
 * 1:19771 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Yoddos variant outbound connection (snort3-malware-cnc.rules)
 * 1:19772 <-> ENABLED <-> MALWARE-CNC Virus.Win32.Parite.B variant outbound connection (snort3-malware-cnc.rules)
 * 1:19773 <-> DISABLED <-> MALWARE-CNC Virus.Win32.Parite.B variant outbound connection (snort3-malware-cnc.rules)
 * 1:19774 <-> DISABLED <-> MALWARE-CNC Gen-Trojan.Heur variant outbound connection (snort3-malware-cnc.rules)
 * 1:19775 <-> DISABLED <-> PUA-ADWARE PWS.Win32.Ldpinch.gen outbound connection (snort3-pua-adware.rules)
 * 1:19776 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent2.guy dropper variant outbound connection (snort3-malware-cnc.rules)
 * 1:19777 <-> DISABLED <-> PUA-ADWARE Fast Antivirus 2009 outbound connection (snort3-pua-adware.rules)
 * 1:19781 <-> DISABLED <-> MALWARE-CNC Trojan-Dropper.Win32.Agent.aqpn variant outbound connection (snort3-malware-cnc.rules)
 * 1:19782 <-> DISABLED <-> MALWARE-CNC Win.Trojan.AVKill.bc variant outbound connection (snort3-malware-cnc.rules)
 * 1:19783 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload.agcw variant outbound connection (snort3-malware-cnc.rules)
 * 1:19784 <-> DISABLED <-> MALWARE-CNC Worm.Win32.AutoRun.sde variant outbound connection (snort3-malware-cnc.rules)
 * 1:19785 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Malushka.T variant outbound connection (snort3-malware-cnc.rules)
 * 1:19786 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user agent - Mozilla (snort3-malware-cnc.rules)
 * 1:19787 <-> DISABLED <-> MALWARE-CNC Exploit-PDF.t variant outbound connection (snort3-malware-cnc.rules)
 * 1:19788 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.VB.pnc variant outbound connection (snort3-malware-cnc.rules)
 * 1:19789 <-> ENABLED <-> MALWARE-CNC P2P Worm Win.Trojan.SpyBot.pgh variant outbound connection (snort3-malware-cnc.rules)
 * 1:19790 <-> DISABLED <-> MALWARE-CNC P2P Worm Win.Trojan.SpyBot.pgh variant outbound connection (snort3-malware-cnc.rules)
 * 1:19791 <-> DISABLED <-> MALWARE-CNC Trojan-Dropper.Win32.Small.awa variant outbound connection (snort3-malware-cnc.rules)
 * 1:19792 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader Win.Trojan.Caxnet.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:19793 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader Win.Trojan.SillyFDC-DS variant outbound connection (snort3-malware-cnc.rules)
 * 1:19794 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Fnumbot variant outbound connection (snort3-malware-cnc.rules)
 * 1:19795 <-> DISABLED <-> MALWARE-CNC Win.Trojan.FakeAV NoAdware variant outbound connection (snort3-malware-cnc.rules)
 * 1:19796 <-> DISABLED <-> MALWARE-CNC Win.Trojan.DL.CashnJoy.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:19797 <-> DISABLED <-> MALWARE-CNC Safety Center variant outbound connection (snort3-malware-cnc.rules)
 * 1:19798 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent2.kxu variant outbound connection (snort3-malware-cnc.rules)
 * 1:19799 <-> DISABLED <-> MALWARE-CNC PWS.Win32.Zbot.gen.Q variant outbound connection (snort3-malware-cnc.rules)
 * 1:19800 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Pher.ij variant outbound connection (snort3-malware-cnc.rules)
 * 1:19801 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Tracur variant outbound connection (snort3-malware-cnc.rules)
 * 1:19802 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Wixud.B variant outbound connection (snort3-malware-cnc.rules)
 * 1:19803 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Renos.FH variant outbound connection (snort3-malware-cnc.rules)
 * 1:19804 <-> DISABLED <-> MALWARE-CNC Win.Trojan.VB.ktq variant outbound connection (snort3-malware-cnc.rules)
 * 1:19805 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Smser.cx variant outbound connection (snort3-malware-cnc.rules)
 * 1:19819 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ertfor.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:19820 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ertfor.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:19821 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Bagle.gen.C variant outbound connection (snort3-malware-cnc.rules)
 * 1:19822 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload.HH variant outbound connection (snort3-malware-cnc.rules)
 * 1:19823 <-> DISABLED <-> PUA-ADWARE Downloader.Banload.AKBB outbound connection (snort3-pua-adware.rules)
 * 1:19824 <-> DISABLED <-> MALWARE-CNC Gen-Trojan.Heur variant outbound connection (snort3-malware-cnc.rules)
 * 1:19825 <-> DISABLED <-> SERVER-APACHE Apache Killer denial of service tool exploit attempt (snort3-server-apache.rules)
 * 1:19827 <-> DISABLED <-> PUA-ADWARE PWS-QQGame outbound connection (snort3-pua-adware.rules)
 * 1:19828 <-> DISABLED <-> MALWARE-CNC Win.Trojan.SpyAgent.B variant outbound connection (snort3-malware-cnc.rules)
 * 1:19829 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Rbot.gen variant outbound connection (snort3-malware-cnc.rules)
 * 1:19830 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Poebot.BP variant outbound connection (snort3-malware-cnc.rules)
 * 1:19831 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zbot.SO variant outbound connection (snort3-malware-cnc.rules)
 * 1:19832 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Veslorn.gen.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:19833 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload.bda variant outbound connection (snort3-malware-cnc.rules)
 * 1:19834 <-> DISABLED <-> MALWARE-CNC Win.Trojan.ZBot.RD variant outbound connection (snort3-malware-cnc.rules)
 * 1:19835 <-> DISABLED <-> PUA-ADWARE Delphi-Piette Windows (snort3-pua-adware.rules)
 * 1:19836 <-> DISABLED <-> MALWARE-CNC Spy-Net 0.7 runtime (snort3-malware-cnc.rules)
 * 1:19837 <-> DISABLED <-> PUA-ADWARE Spyware Guard 2008 outbound connection (snort3-pua-adware.rules)
 * 1:19838 <-> DISABLED <-> PUA-ADWARE Spyware Guard 2008 outbound connection (snort3-pua-adware.rules)
 * 1:19839 <-> DISABLED <-> PUA-ADWARE Antivirus XP 2008 runtime detection (snort3-pua-adware.rules)
 * 1:19840 <-> DISABLED <-> PUA-ADWARE XP Antispyware 2009 outbound connection (snort3-pua-adware.rules)
 * 1:19841 <-> DISABLED <-> PUA-ADWARE 0desa MSN password stealer (snort3-pua-adware.rules)
 * 1:19842 <-> DISABLED <-> PUA-ADWARE Windows Antivirus 2008 (snort3-pua-adware.rules)
 * 1:19843 <-> DISABLED <-> PUA-ADWARE Windows Antivirus 2008 (snort3-pua-adware.rules)
 * 1:19848 <-> DISABLED <-> PUA-ADWARE Adware.Virtumonde runtime detection (snort3-pua-adware.rules)
 * 1:19849 <-> DISABLED <-> PUA-ADWARE Adware.Virtumonde runtime detection (snort3-pua-adware.rules)
 * 1:19850 <-> DISABLED <-> MALWARE-CNC Worm.Win32.AutoRun.qgg variant outbound connection (snort3-malware-cnc.rules)
 * 1:19851 <-> DISABLED <-> MALWARE-CNC Worm.Win32.AutoRun.qgg variant outbound connection (snort3-malware-cnc.rules)
 * 1:19852 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Delf.tbv variant outbound connection (snort3-malware-cnc.rules)
 * 1:19853 <-> DISABLED <-> PUA-ADWARE Wowpa KI outbound connection (snort3-pua-adware.rules)
 * 1:19856 <-> DISABLED <-> MALWARE-CNC Packed.Win32.Krap.i variant outbound connection (snort3-malware-cnc.rules)
 * 1:19857 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Hupigon.hhbd variant outbound connection - Windows (snort3-malware-cnc.rules)
 * 1:19858 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Hupigon.hhbd variant outbound connection - non-Windows (snort3-malware-cnc.rules)
 * 1:19859 <-> DISABLED <-> PUA-ADWARE XP Deluxe Protector outbound connection (snort3-pua-adware.rules)
 * 1:19860 <-> DISABLED <-> PUA-ADWARE Trust Warrior outbound connection (snort3-pua-adware.rules)
 * 1:19861 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.cqcv variant outbound connection (snort3-malware-cnc.rules)
 * 1:19862 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Scar.iej variant outbound connection (snort3-malware-cnc.rules)
 * 1:19863 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Httpbot.yi variant outbound connection (snort3-malware-cnc.rules)
 * 1:19864 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Nvbpass variant outbound connection (snort3-malware-cnc.rules)
 * 1:19865 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Arhost.D variant outbound connection (snort3-malware-cnc.rules)
 * 1:19895 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Delf.jwh variant outbound connection (snort3-malware-cnc.rules)
 * 1:19896 <-> DISABLED <-> PUA-ADWARE Adware.Win32.Frosty Goes Skiing Screen Saver 2.2 Install Detection (snort3-pua-adware.rules)
 * 1:19897 <-> DISABLED <-> PUA-TOOLBARS Adware.Win32.Frosty Goes Skiing Screen Saver 2.2 Runtime Detection (snort3-pua-toolbars.rules)
 * 1:19898 <-> DISABLED <-> MALWARE-CNC Cinmus Variant variant outbound connection (snort3-malware-cnc.rules)
 * 1:19899 <-> ENABLED <-> MALWARE-OTHER Tong Keylogger outbound connectiooutbound connection (snort3-malware-other.rules)
 * 1:19900 <-> DISABLED <-> MALWARE-OTHER Tong Keylogger outbound connection (snort3-malware-other.rules)
 * 1:19901 <-> DISABLED <-> MALWARE-OTHER Tong Keylogger outbound connection (snort3-malware-other.rules)
 * 1:19902 <-> DISABLED <-> PUA-ADWARE Targetedbanner.biz Adrotator outbound connection (snort3-pua-adware.rules)
 * 1:19903 <-> DISABLED <-> PUA-ADWARE Win32.Agent.vvm outbound connection (snort3-pua-adware.rules)
 * 1:19904 <-> DISABLED <-> PUA-ADWARE WinReanimator outbound connection (snort3-pua-adware.rules)
 * 1:19905 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Small.jog variant outbound connection (snort3-malware-cnc.rules)
 * 1:19906 <-> DISABLED <-> PUA-TOOLBARS 6SQ Toolbar runtime detection (snort3-pua-toolbars.rules)
 * 1:19912 <-> ENABLED <-> MALWARE-CNC Win.Trojan.DelfInject.gen!X variant outbound connection (snort3-malware-cnc.rules)
 * 1:19913 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - optima/index.php (snort3-malware-cnc.rules)
 * 1:19914 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Quivoe.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:19915 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Gnutler.apd variant outbound connection (snort3-malware-cnc.rules)
 * 1:19916 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Bancos.ACB variant outbound connection (snort3-malware-cnc.rules)
 * 1:19917 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Sogu.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:19918 <-> DISABLED <-> MALWARE-CNC Win.Worm.Ganelp.B variant outbound connection (snort3-malware-cnc.rules)
 * 1:19919 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Murcy.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:19920 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Reppserv.A outbond connection (snort3-malware-cnc.rules)
 * 1:19921 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Puprlehzae.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:19922 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Shiz.ivr variant outbound connection (snort3-malware-cnc.rules)
 * 1:19923 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Venik.B variant outbound connection (snort3-malware-cnc.rules)
 * 1:19924 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Spidern.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:19927 <-> DISABLED <-> MALWARE-BACKDOOR BRX Rat 0.02 inbound connection (snort3-malware-backdoor.rules)
 * 1:19928 <-> DISABLED <-> MALWARE-BACKDOOR BRX Rat 0.02 inbound connection (snort3-malware-backdoor.rules)
 * 1:19929 <-> DISABLED <-> MALWARE-BACKDOOR BRX Rat 0.02 inbound connection (snort3-malware-backdoor.rules)
 * 1:19930 <-> DISABLED <-> MALWARE-BACKDOOR BRX Rat 0.02 inbound connection (snort3-malware-backdoor.rules)
 * 1:19931 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Lineage.Gen.Pac.3 variant outbound connection (snort3-malware-cnc.rules)
 * 1:19934 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string MYURL (snort3-malware-cnc.rules)
 * 1:19935 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dropper Win.Trojan.Delf.aba variant outbound connection (snort3-malware-cnc.rules)
 * 1:19936 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dropper Win.Trojan.Delf.aba variant outbound connection (snort3-malware-cnc.rules)
 * 1:19939 <-> DISABLED <-> PUA-ADWARE WeatherStudio outbound connection (snort3-pua-adware.rules)
 * 1:19940 <-> DISABLED <-> MALWARE-CNC Trojan-Dropper.IRC.TKB variant outbound connection - dir4you (snort3-malware-cnc.rules)
 * 1:19941 <-> DISABLED <-> MALWARE-CNC TrojanSpy Win.Trojan.Zbot.Gen variant outbound connection (snort3-malware-cnc.rules)
 * 1:19942 <-> DISABLED <-> MALWARE-CNC TrojanSpy Win.Trojan.Zbot.Gen variant outbound connection (snort3-malware-cnc.rules)
 * 1:19944 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Banload.ykl variant outbound connection (snort3-malware-cnc.rules)
 * 1:19945 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Agent.amwd variant outbound connection (snort3-malware-cnc.rules)
 * 1:19946 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Agent.amwd variant outbound connection (snort3-malware-cnc.rules)
 * 1:19947 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.amwd variant outbound connection (snort3-malware-cnc.rules)
 * 1:19948 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.asjk variant outbound connection (snort3-malware-cnc.rules)
 * 1:19949 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.asjk variant outbound connection (snort3-malware-cnc.rules)
 * 1:19950 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Defsel inbound connection (snort3-malware-cnc.rules)
 * 1:19951 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Defsel variant outbound connection (snort3-malware-cnc.rules)
 * 1:19952 <-> ENABLED <-> MALWARE-CNC Biodox inbound connection (snort3-malware-cnc.rules)
 * 1:19953 <-> DISABLED <-> MALWARE-CNC Biodox variant outbound connection (snort3-malware-cnc.rules)
 * 1:19954 <-> DISABLED <-> MALWARE-CNC Hack Style RAT variant outbound connection (snort3-malware-cnc.rules)
 * 1:19955 <-> DISABLED <-> MALWARE-CNC PaiN RAT 0.1 variant outbound connection (snort3-malware-cnc.rules)
 * 1:19957 <-> DISABLED <-> MALWARE-CNC Arabian-Attacker 1.1.0 variant outbound connection (snort3-malware-cnc.rules)
 * 1:19958 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.aulk variant outbound connection (snort3-malware-cnc.rules)
 * 1:19959 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.aulk variant outbound connection (snort3-malware-cnc.rules)
 * 1:19960 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.aulk variant outbound connection (snort3-malware-cnc.rules)
 * 1:19961 <-> DISABLED <-> MALWARE-CNC Fouad 1.0 variant outbound connection (snort3-malware-cnc.rules)
 * 1:19962 <-> DISABLED <-> MALWARE-CNC Email-Worm.CryptBox-A variant outbound connection (snort3-malware-cnc.rules)
 * 1:19963 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Banload.aajs variant outbound connection (snort3-malware-cnc.rules)
 * 1:19965 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Agent.avzz variant outbound connection (snort3-malware-cnc.rules)
 * 1:19966 <-> DISABLED <-> MALWARE-CNC Octopus 0.1 inbound connection (snort3-malware-cnc.rules)
 * 1:19967 <-> DISABLED <-> MALWARE-CNC Trojan-PSW.Win32.Papras.dm variant outbound connection (snort3-malware-cnc.rules)
 * 1:19968 <-> DISABLED <-> MALWARE-CNC Win.Trojan.PSW.QQPass.amx variant outbound connection (snort3-malware-cnc.rules)
 * 1:19969 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Crypt.CY variant outbound connection (snort3-malware-cnc.rules)
 * 1:19970 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Smalltroj.MHYR variant outbound connection (snort3-malware-cnc.rules)
 * 1:19971 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Mudrop.lj variant outbound connection (snort3-malware-cnc.rules)
 * 1:19973 <-> DISABLED <-> MALWARE-CNC Worm.Win.Trojan.Nebuler.D variant outbound connection (snort3-malware-cnc.rules)
 * 1:19974 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Small.bwj variant outbound connection (snort3-malware-cnc.rules)
 * 1:19975 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Crypt.vb variant outbound connection (snort3-malware-cnc.rules)
 * 1:19977 <-> DISABLED <-> MALWARE-CNC Win.Trojan.LooksLike.Zaplot variant outbound connection (snort3-malware-cnc.rules)
 * 1:19979 <-> DISABLED <-> MALWARE-CNC IRCBot runtime traffic detected (snort3-malware-cnc.rules)
 * 1:19980 <-> DISABLED <-> MALWARE-CNC IRCBot runtime traffic detected (snort3-malware-cnc.rules)
 * 1:19981 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Micstus.A runtime traffic detected (snort3-malware-cnc.rules)
 * 1:19982 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.wwe variant outbound connection (snort3-malware-cnc.rules)
 * 1:19983 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Kolabc.fic variant outbound connection (snort3-malware-cnc.rules)
 * 1:19984 <-> DISABLED <-> PUA-ADWARE Antivirus 2010 outbound connection (snort3-pua-adware.rules)
 * 1:19987 <-> DISABLED <-> PUA-ADWARE PCLiveGuard outbound connection (snort3-pua-adware.rules)
 * 1:19988 <-> DISABLED <-> MALWARE-CNC Asprox variant outbound connection (snort3-malware-cnc.rules)
 * 1:19989 <-> DISABLED <-> PUA-ADWARE Total Protect 2009 outbound connection (snort3-pua-adware.rules)
 * 1:19990 <-> DISABLED <-> PUA-ADWARE Total Protect 2009 outbound connection (snort3-pua-adware.rules)
 * 1:19991 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zbot.PG runtime traffic detected (snort3-malware-cnc.rules)
 * 1:19992 <-> DISABLED <-> MALWARE-CNC Trojan-Dropper.Win32.Farfli.A runtime traffic detected (snort3-malware-cnc.rules)
 * 1:19993 <-> DISABLED <-> MALWARE-CNC Win32 Poebot runtime traffic detected (snort3-malware-cnc.rules)
 * 1:19994 <-> DISABLED <-> PUA-ADWARE Antivirus 360 outbound connection (snort3-pua-adware.rules)
 * 1:19995 <-> ENABLED <-> MALWARE-CNC Waledac variant outbound connection (snort3-malware-cnc.rules)
 * 1:19996 <-> DISABLED <-> MALWARE-CNC Worm Brontok.C variant outbound connection (snort3-malware-cnc.rules)
 * 1:19997 <-> DISABLED <-> MALWARE-CNC Win.Trojan.PSW.Win32.QQPass.gam variant outbound connection (snort3-malware-cnc.rules)
 * 1:19998 <-> ENABLED <-> PUA-ADWARE IP address disclosure to advertisement sites attempt (snort3-pua-adware.rules)
 * 1:19999 <-> DISABLED <-> PUA-ADWARE ThreatNuker outbound connection (snort3-pua-adware.rules)
 * 1:20001 <-> ENABLED <-> MALWARE-CNC Allaple.e variant outbound connection (snort3-malware-cnc.rules)
 * 1:20002 <-> DISABLED <-> MALWARE-CNC Allaple.e variant outbound connection (snort3-malware-cnc.rules)
 * 1:20003 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Spy Pilonoc runtime traffic detected (snort3-malware-cnc.rules)
 * 1:20004 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Spy Pilonoc install-time traffic detected (snort3-malware-cnc.rules)
 * 1:20005 <-> DISABLED <-> MALWARE-CNC Win32 Lecna.cr runtime traffic detected (snort3-malware-cnc.rules)
 * 1:20006 <-> DISABLED <-> MALWARE-CNC Worm Plurp.A runtime traffic detected (snort3-malware-cnc.rules)
 * 1:20007 <-> DISABLED <-> PUA-ADWARE Cinmus.asaq outbound connection (snort3-pua-adware.rules)
 * 1:20008 <-> DISABLED <-> MALWARE-CNC Malware PDFMarca.A runtime traffic detected (snort3-malware-cnc.rules)
 * 1:20009 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious User-Agent string Baby Remote - Win32/Babmote.A (snort3-malware-cnc.rules)
 * 1:20010 <-> DISABLED <-> MALWARE-CNC Win32/Babmote.A runtime TCP traffic detected (snort3-malware-cnc.rules)
 * 1:20011 <-> ENABLED <-> MALWARE-CNC Briewots.A runtime traffic detected (snort3-malware-cnc.rules)
 * 1:20012 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string feranet/0.4 - Win32/Ferabsa.A (snort3-malware-cnc.rules)
 * 1:20014 <-> DISABLED <-> MALWARE-CNC Kaju variant outbound connection - confirmation (snort3-malware-cnc.rules)
 * 1:20015 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zeus variant outbound connection (snort3-malware-cnc.rules)
 * 1:20016 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zeus variant outbound connection (snort3-malware-cnc.rules)
 * 1:20017 <-> DISABLED <-> MALWARE-CNC Win.Worm.Koobface.dq variant outbound connection (snort3-malware-cnc.rules)
 * 1:20018 <-> DISABLED <-> MALWARE-CNC Win.Worm.Autorun variant outbound connection (snort3-malware-cnc.rules)
 * 1:20019 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user agent - test (snort3-malware-cnc.rules)
 * 1:20021 <-> ENABLED <-> MALWARE-CNC Win.Worm.Brontok user-agent outbound connection (snort3-malware-cnc.rules)
 * 1:20022 <-> DISABLED <-> MALWARE-CNC Win.Worm.Padobot.z variant outbound connection (snort3-malware-cnc.rules)
 * 1:20023 <-> DISABLED <-> MALWARE-CNC Advanced Virus Remover variant outbound connection (snort3-malware-cnc.rules)
 * 1:20024 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dreamy.bc variant outbound connection (snort3-malware-cnc.rules)
 * 1:20025 <-> DISABLED <-> PUA-ADWARE VirusBye outbound connection (snort3-pua-adware.rules)
 * 1:20026 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Banker.abg.b variant outbound connection (snort3-malware-cnc.rules)
 * 1:20028 <-> DISABLED <-> MALWARE-CNC Windows Antivirus Pro variant outbound connection (snort3-malware-cnc.rules)
 * 1:20034 <-> DISABLED <-> FILE-OTHER ESTsoft ALZip MIM file buffer overflow attempt (snort3-file-other.rules)
 * 1:20035 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win32 Coinbit.A runtime traffic detected (snort3-malware-cnc.rules)
 * 1:20036 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win32 Agent.ndau runtime traffic detected (snort3-malware-cnc.rules)
 * 1:20037 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.cve runtime traffic detected (snort3-malware-cnc.rules)
 * 1:20038 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.cve runtime traffic detected (snort3-malware-cnc.rules)
 * 1:20039 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string Hardcore Software (snort3-malware-cnc.rules)
 * 1:20040 <-> DISABLED <-> MALWARE-CNC Win.Trojan.KSpyPro.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:20041 <-> DISABLED <-> PUA-ADWARE Adware.BB outbound connection (snort3-pua-adware.rules)
 * 1:20042 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Sinowal outbond connection (snort3-malware-cnc.rules)
 * 1:20043 <-> DISABLED <-> MALWARE-CNC Adware Kraddare.AZ variant outbound connection (snort3-malware-cnc.rules)
 * 1:20057 <-> DISABLED <-> MALWARE-CNC BitCoin Miner IP query (snort3-malware-cnc.rules)
 * 1:20063 <-> DISABLED <-> PUA-ADWARE SecurityTool outbound connection (snort3-pua-adware.rules)
 * 1:20064 <-> DISABLED <-> MALWARE-CNC Malware Win.Trojan.Clemag.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:20066 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win32 SensLiceld.A runtime traffic detected (snort3-malware-cnc.rules)
 * 1:20067 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win32 Zatvex.A runtime traffic detected (snort3-malware-cnc.rules)
 * 1:20068 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Jetilms.A runtime activity detected (snort3-malware-cnc.rules)
 * 1:20069 <-> DISABLED <-> MALWARE-CNC Win.Trojan.VB.alhq runtime traffic detected (snort3-malware-cnc.rules)
 * 1:20074 <-> DISABLED <-> MALWARE-CNC Win.Trojan.IRCBot.iseee variant outbound connection (snort3-malware-cnc.rules)
 * 1:20075 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ruskill.abl variant outbound connection (snort3-malware-cnc.rules)
 * 1:20076 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agobot.ast variant outbound connection (snort3-malware-cnc.rules)
 * 1:20077 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agobot.ast variant outbound connection (snort3-malware-cnc.rules)
 * 1:20078 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Russkill.C variant outbound connection (snort3-malware-cnc.rules)
 * 1:20079 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Russkill.C variant outbound connection (snort3-malware-cnc.rules)
 * 1:20080 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Derusbi.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:20081 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Yakes.cbi variant outbound connection (snort3-malware-cnc.rules)
 * 1:20082 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Inject.raw variant outbound connection (snort3-malware-cnc.rules)
 * 1:20083 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Fucobha.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:20085 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Veebuu.BX variant outbound connection (snort3-malware-cnc.rules)
 * 1:20086 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload.ABY variant outbound connection (snort3-malware-cnc.rules)
 * 1:20087 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.FGU variant outbound connection (snort3-malware-cnc.rules)
 * 1:20088 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Emudbot.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:20096 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Agent.dcir variant outbound connection (snort3-malware-cnc.rules)
 * 1:20097 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.dcir infected host at destination ip (snort3-malware-cnc.rules)
 * 1:20098 <-> DISABLED <-> MALWARE-CNC Win.Trojan.KeyLogger.wav variant outbound connection (snort3-malware-cnc.rules)
 * 1:20099 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Xtrat.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:20104 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string - InfoBot (snort3-malware-cnc.rules)
 * 1:20105 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string - IPHONE (snort3-malware-cnc.rules)
 * 1:20106 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string - darkness (snort3-malware-cnc.rules)
 * 1:20107 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Small.Cns variant outbound connection (snort3-malware-cnc.rules)
 * 1:20108 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.Pher variant outbound connection (snort3-malware-cnc.rules)
 * 1:20109 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zombie.sm variant outbound connection (snort3-malware-cnc.rules)
 * 1:20123 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ShrFmla record use after free attempt (snort3-file-office.rules)
 * 1:20128 <-> DISABLED <-> FILE-OFFICE Microsoft Office invalid MS-OGRAPH DataFormat buffer overflow attempt (snort3-file-office.rules)
 * 1:20179 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM ovlogin.exe userid parameter buffer overflow attempt (snort3-server-webapp.rules)
 * 1:20180 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM ovlogin.exe passwd parameter buffer overflow attempt (snort3-server-webapp.rules)
 * 1:20202 <-> ENABLED <-> MALWARE-CNC Apple OSX.Revir-1 variant outbound connection (snort3-malware-cnc.rules)
 * 1:20204 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Taidoor variant outbound connection (snort3-malware-cnc.rules)
 * 1:20205 <-> DISABLED <-> MALWARE-CNC Win32/Poison beaconing request (snort3-malware-cnc.rules)
 * 1:20213 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Swisyn variant outbound connection (snort3-malware-cnc.rules)
 * 1:20217 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ramagedos.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:20218 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ramagedos.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:20219 <-> DISABLED <-> MALWARE-CNC Win.Trojan.ToriaSpy.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:20220 <-> DISABLED <-> PUA-ADWARE Adware.Wizpop outbound connection (snort3-pua-adware.rules)
 * 1:20221 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Injector variant outbound connection (snort3-malware-cnc.rules)
 * 1:20222 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Payazol.B variant outbound connection (snort3-malware-cnc.rules)
 * 1:20223 <-> ENABLED <-> FILE-IDENTIFY SMI file download request (snort3-file-identify.rules)
 * 1:20224 <-> DISABLED <-> FILE-MULTIMEDIA MPlayer SMI file buffer overflow attempt (snort3-file-multimedia.rules)
 * 1:20225 <-> ENABLED <-> FILE-OTHER SMI file download request (snort3-file-other.rules)
 * 1:20226 <-> DISABLED <-> FILE-OTHER MPlayer SMI file buffer overflow attempt (snort3-file-other.rules)
 * 1:20228 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Hupigon variant outbound connection (snort3-malware-cnc.rules)
 * 1:20229 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Jinchodz variant outbound connection (snort3-malware-cnc.rules)
 * 1:20230 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string 0pera 10 (snort3-malware-cnc.rules)
 * 1:20231 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string Mozilla//4.0 (snort3-malware-cnc.rules)
 * 1:20232 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Cycbot variant outbound connection (snort3-malware-cnc.rules)
 * 1:20233 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Virut variant outbound connection (snort3-malware-cnc.rules)
 * 1:20234 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ceckno.cmz runtime traffic detected (snort3-malware-cnc.rules)
 * 1:20235 <-> DISABLED <-> MALWARE-CNC Win.Trojan.AdobeReader.Uz runtime traffic detected (snort3-malware-cnc.rules)
 * 1:20252 <-> DISABLED <-> MALWARE-CNC DroidKungFu check-in (snort3-malware-cnc.rules)
 * 1:20280 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Kazy variant outbound connection (snort3-malware-cnc.rules)
 * 1:20281 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Kazy variant outbound connection (snort3-malware-cnc.rules)
 * 1:20289 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Doschald.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:20290 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Doschald.A inbound connection (snort3-malware-cnc.rules)
 * 1:20291 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Mybios.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:20292 <-> DISABLED <-> MALWARE-CNC Win.Trojan.FresctSpy.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:20293 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string MBVDFRESCT (snort3-malware-cnc.rules)
 * 1:20387 <-> DISABLED <-> PROTOCOL-VOIP T.38 fax rate management attribute buffer overflow attempt (snort3-protocol-voip.rules)
 * 1:20388 <-> DISABLED <-> PROTOCOL-VOIP T.38 fax EC attribute buffer overflow attempt (snort3-protocol-voip.rules)
 * 1:20428 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zewit.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:20429 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader U3D CLODMeshDeceleration code execution attempt (snort3-file-pdf.rules)
 * 1:20431 <-> DISABLED <-> FILE-OTHER Wireshark DECT packet dissector overflow attempt (snort3-file-other.rules)
 * 1:20433 <-> DISABLED <-> PUA-ADWARE XP Guardian 2010 anutayadokalug host outbound connection (snort3-pua-adware.rules)
 * 1:20434 <-> DISABLED <-> PUA-ADWARE XP Guardian 2010 proantivirus21 host runtime traffic detection (snort3-pua-adware.rules)
 * 1:20435 <-> DISABLED <-> MALWARE-CNC TrojanSpy Win.Trojan.Zbot.Svr runtime traffic detected (snort3-malware-cnc.rules)
 * 1:20444 <-> DISABLED <-> FILE-JAVA Oracle Java browser plugin docbase overflow attempt (snort3-file-java.rules)
 * 1:20447 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.JAAK variant outbound connection (snort3-malware-cnc.rules)
 * 1:20448 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Meciv.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:20449 <-> DISABLED <-> MALWARE-CNC Win.Worm.Busifom.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:20525 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Duqu variant outbound connection (snort3-malware-cnc.rules)
 * 1:20527 <-> ENABLED <-> MALWARE-CNC Sirefef initial C&C connection variant outbound connection (snort3-malware-cnc.rules)
 * 1:20528 <-> DISABLED <-> SERVER-APACHE Apache mod_proxy reverse proxy information disclosure attempt (snort3-server-apache.rules)
 * 1:20558 <-> ENABLED <-> EXPLOIT-KIT URI request for known malicious URI /stat2.php (snort3-exploit-kit.rules)
 * 1:20559 <-> DISABLED <-> FILE-MULTIMEDIA Nullsoft Winamp MIDI file buffer overflow attempt (snort3-file-multimedia.rules)
 * 1:20561 <-> DISABLED <-> MALWARE-CNC Win.Trojan.PWSBanker.SHE variant outbound connection (snort3-malware-cnc.rules)
 * 1:20562 <-> DISABLED <-> MALWARE-CNC Win.Trojan.PWSBanker.SHE variant outbound connection (snort3-malware-cnc.rules)
 * 1:20565 <-> DISABLED <-> FILE-OTHER Nullsoft Winamp AMF file buffer overflow attempt (snort3-file-other.rules)
 * 1:20566 <-> DISABLED <-> FILE-OTHER Nullsoft Winamp AMF file buffer overflow attempt (snort3-file-other.rules)
 * 1:20569 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Small.kb variant outbound connection (snort3-malware-cnc.rules)
 * 1:20570 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Small.kb variant outbound connection (snort3-malware-cnc.rules)
 * 1:20571 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Small.kb variant outbound connection (snort3-malware-cnc.rules)
 * 1:20587 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Larchik.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:20595 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ixeshe.F variant outbound connection (snort3-malware-cnc.rules)
 * 1:20596 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Smoaler.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:20597 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Smoaler.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:20598 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Smoaler.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:20599 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Smoaler.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:20604 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Buzus.isqy variant outbound connection (snort3-malware-cnc.rules)
 * 1:20605 <-> DISABLED <-> MALWARE-CNC Win.Trojan.R2d2.A contact to cnc server (snort3-malware-cnc.rules)
 * 1:20606 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Domsingx.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:20619 <-> DISABLED <-> SERVER-WEBAPP CoreHTTP Long buffer overflow attempt (snort3-server-webapp.rules)
 * 1:20620 <-> DISABLED <-> SERVER-WEBAPP CoreHTTP Long buffer overflow attempt (snort3-server-webapp.rules)
 * 1:20622 <-> DISABLED <-> FILE-JAVA Oracle Java Applet remote code execution attempt (snort3-file-java.rules)
 * 1:20626 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Shylock.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:20627 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Shylock.A C&C server response (snort3-malware-cnc.rules)
 * 1:20628 <-> DISABLED <-> SERVER-WEBAPP HP Data Protector FinishedCopy SQL Injection attempt (snort3-server-webapp.rules)
 * 1:20630 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Winnti.A contact to cnc server (snort3-malware-cnc.rules)
 * 1:20632 <-> DISABLED <-> SERVER-WEBAPP AnnoncesV annonce.php remote file include attempt (snort3-server-webapp.rules)
 * 1:20635 <-> DISABLED <-> SERVER-WEBAPP HP Data Protector GetPolicies SQL Injection attempt (snort3-server-webapp.rules)
 * 1:20636 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS5 gif file heap corruption attempt (snort3-file-image.rules)
 * 1:20637 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS5 gif file heap corruption attempt (snort3-file-image.rules)
 * 1:20639 <-> DISABLED <-> MALWARE-CNC Malware Win.Trojan.Higest.N variant outbound connection (snort3-malware-cnc.rules)
 * 1:20659 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader malformed shading modifier heap corruption attempt (snort3-file-pdf.rules)
 * 1:20661 <-> DISABLED <-> MALWARE-CNC Simbda variant outbound connection (snort3-malware-cnc.rules)
 * 1:20668 <-> DISABLED <-> EXPLOIT-KIT URI request for known malicious URI - /content/v1.jar (snort3-exploit-kit.rules)
 * 1:20669 <-> DISABLED <-> EXPLOIT-KIT URI request for known malicious URI - w.php?f= (snort3-exploit-kit.rules)
 * 1:20676 <-> DISABLED <-> MALWARE-CNC Win.Trojan.EggDrop.acn variant outbound connection (snort3-malware-cnc.rules)
 * 1:20677 <-> DISABLED <-> MALWARE-CNC Win.Trojan.EggDrop.acn variant outbound connection (snort3-malware-cnc.rules)
 * 1:20678 <-> DISABLED <-> MALWARE-CNC Trojan-Downloader.Win32.Genome.aior variant outbound connection (snort3-malware-cnc.rules)
 * 1:20679 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Syrutrk variant outbound connection (snort3-malware-cnc.rules)
 * 1:20680 <-> DISABLED <-> SERVER-WEBAPP Flashchat aedating4CMS.php remote file include attempt (snort3-server-webapp.rules)
 * 1:20681 <-> DISABLED <-> MALWARE-CNC Trojan-Downloader.Win32.Agent.NMS variant outbound connection (snort3-malware-cnc.rules)
 * 1:20682 <-> DISABLED <-> MALWARE-CNC Trojan-Downloader.Win32.Agent.NMS variant outbound connection (snort3-malware-cnc.rules)
 * 1:20683 <-> DISABLED <-> MALWARE-CNC Cleanvaccine variant outbound connection (snort3-malware-cnc.rules)
 * 1:20684 <-> DISABLED <-> MALWARE-CNC Cleanvaccine variant outbound connection (snort3-malware-cnc.rules)
 * 1:20685 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Heloag.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:20686 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Virut.BM connect to client (snort3-malware-cnc.rules)
 * 1:20687 <-> DISABLED <-> MALWARE-CNC Trojan-Downloader.Win32.Genome.akhg variant outbound connection (snort3-malware-cnc.rules)
 * 1:20688 <-> DISABLED <-> MALWARE-CNC Trojan-Spy.Win32.Zbot.Jeib variant outbound connection (snort3-malware-cnc.rules)
 * 1:20689 <-> DISABLED <-> MALWARE-CNC Trojan-Spy.Win32.Zbot.Jeib variant outbound connection (snort3-malware-cnc.rules)
 * 1:20691 <-> DISABLED <-> POLICY-OTHER Cisco Network Registrar default credentials authentication attempt (snort3-policy-other.rules)
 * 1:20692 <-> DISABLED <-> POLICY-OTHER Cisco network registrar default credentials authentication attempt (snort3-policy-other.rules)
 * 1:20693 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Blackcontrol.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:20694 <-> DISABLED <-> MALWARE-CNC Win.Trojan.SSonce.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:20695 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.GZW connect to cnc server (snort3-malware-cnc.rules)
 * 1:20696 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ransom.CK connect to cnc server (snort3-malware-cnc.rules)
 * 1:20697 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ransom.CK connect to cnc server (snort3-malware-cnc.rules)
 * 1:20722 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (snort3-file-office.rules)
 * 1:20728 <-> DISABLED <-> SERVER-WEBAPP WoW Roster remote file include with hslist.php and conf.php attempt (snort3-server-webapp.rules)
 * 1:20731 <-> DISABLED <-> SERVER-WEBAPP TSEP tsep_config absPath parameter PHP remote file include attempt (snort3-server-webapp.rules)
 * 1:20752 <-> DISABLED <-> PUA-ADWARE Win32.GameVance outbound connection (snort3-pua-adware.rules)
 * 1:20753 <-> DISABLED <-> PUA-ADWARE Win32.GamePlayLabs outbound connection (snort3-pua-adware.rules)
 * 1:20754 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Virut-3 variant outbound connection (snort3-malware-cnc.rules)
 * 1:20755 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Krap variant outbound connection (snort3-malware-cnc.rules)
 * 1:20756 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Jorik variant outbound connection (snort3-malware-cnc.rules)
 * 1:20759 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Gbot.oce variant outbound connection (snort3-malware-cnc.rules)
 * 1:20762 <-> ENABLED <-> MALWARE-CNC MacOS.Flashback.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:20830 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banbra.amdu variant outbound connection (snort3-malware-cnc.rules)
 * 1:20831 <-> ENABLED <-> FILE-JAVA Oracle Java Applet Rhino script engine remote code execution attempt (snort3-file-java.rules)
 * 1:20836 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zusy.A runtime traffic detected (snort3-malware-cnc.rules)
 * 1:20837 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Mecklow.C runtime traffic detected (snort3-malware-cnc.rules)
 * 1:20838 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Smokebot.A runtime traffic detected (snort3-malware-cnc.rules)
 * 1:20842 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (snort3-file-other.rules)
 * 1:20843 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (snort3-file-other.rules)
 * 1:20844 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.smxy runtime traffic detected (snort3-malware-cnc.rules)
 * 1:20845 <-> DISABLED <-> SERVER-WEBAPP HP Network Node Manager cross site scripting attempt (snort3-server-webapp.rules)
 * 1:20877 <-> DISABLED <-> MALWARE-CNC RunTime Worm.Win32.Warezov.gs variant outbound connection (snort3-malware-cnc.rules)
 * 1:20890 <-> DISABLED <-> MALWARE-CNC Win.Trojan.VB.adbp runtime traffic detected (snort3-malware-cnc.rules)
 * 1:20891 <-> DISABLED <-> MALWARE-CNC Win.Trojan.VB.adbp runtime traffic detected (snort3-malware-cnc.rules)
 * 1:20892 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Skopvel.A runtime traffic detected (snort3-malware-cnc.rules)
 * 1:20927 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Spyeye-207 variant outbound connection (snort3-malware-cnc.rules)
 * 1:20995 <-> DISABLED <-> POLICY-OTHER HP SiteScope integrationViewer default credentials policy-bypass attempt (snort3-policy-other.rules)
 * 1:20996 <-> DISABLED <-> POLICY-OTHER HP SiteScope integrationViewer default credentials policy-bypass attempt (snort3-policy-other.rules)
 * 1:21051 <-> DISABLED <-> SERVER-WEBAPP Apple OSX software update command execution attempt (snort3-server-webapp.rules)
 * 1:21055 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Utka.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:21057 <-> DISABLED <-> FILE-OTHER Java Applet Rhino script engine remote code execution attempt (snort3-file-other.rules)
 * 1:21058 <-> DISABLED <-> MALWARE-CNC Win.Trojan.AutoIt.pm runtime traffic detected (snort3-malware-cnc.rules)
 * 1:21065 <-> DISABLED <-> SERVER-WEBAPP Symantec IM Manager Edituser cross site scripting attempt (snort3-server-webapp.rules)
 * 1:21066 <-> DISABLED <-> SERVER-WEBAPP Symantec IM Manager Systemdashboard cross site scripting attempt (snort3-server-webapp.rules)
 * 1:21067 <-> DISABLED <-> SERVER-WEBAPP Symantec IM Manager TOC_simple cross site scripting attempt (snort3-server-webapp.rules)
 * 1:21082 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel window2 record use after free attempt (snort3-file-office.rules)
 * 1:21083 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel window2 record use after free attempt (snort3-file-office.rules)
 * 1:21087 <-> DISABLED <-> MALWARE-CNC Bindow.Worm runtime traffic detected (snort3-malware-cnc.rules)
 * 1:21093 <-> DISABLED <-> FILE-MULTIMEDIA A-PDF Wav to mp3 converter buffer overfow (snort3-file-multimedia.rules)
 * 1:21100 <-> DISABLED <-> PROTOCOL-RPC Novell Netware xdr decode string length buffer overflow attempt (snort3-protocol-rpc.rules)
 * 1:21107 <-> DISABLED <-> FILE-MULTIMEDIA MJM Quickplayer s3m buffer overflow (snort3-file-multimedia.rules)
 * 1:21112 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer mpeg width integer memory underflow attempt (snort3-file-multimedia.rules)
 * 1:21116 <-> DISABLED <-> FILE-OTHER Cisco Webex selector and size2 subrecords corruption attempt (snort3-file-other.rules)
 * 1:21122 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Bandok.zp runtime traffic detected (snort3-malware-cnc.rules)
 * 1:21123 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Flymux.A runtime traffic detected (snort3-malware-cnc.rules)
 * 1:21124 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Opachki.A runtime traffic detected (snort3-malware-cnc.rules)
 * 1:21125 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Alureon.DG runtime traffic detected (snort3-malware-cnc.rules)
 * 1:21126 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Koutodoor.C runtime traffic detected (snort3-malware-cnc.rules)
 * 1:21127 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Setfic.A runtime traffic detected (snort3-malware-cnc.rules)
 * 1:21128 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dromedan.A runtime traffic detected (snort3-malware-cnc.rules)
 * 1:21142 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zbot.PKJ runtime traffic detected (snort3-malware-cnc.rules)
 * 1:21143 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zbot.PKJ runtime traffic detected (snort3-malware-cnc.rules)
 * 1:21144 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zbot.PKJ runtime traffic detected (snort3-malware-cnc.rules)
 * 1:21145 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Neraweq.A runtime traffic detected (snort3-malware-cnc.rules)
 * 1:21151 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Stegae.A runtime traffic detected (snort3-malware-cnc.rules)
 * 1:21160 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (snort3-file-image.rules)
 * 1:21169 <-> DISABLED <-> PUA-ADWARE Apperhand SDK advertising data request - Counterclank (snort3-pua-adware.rules)
 * 1:21170 <-> DISABLED <-> FILE-OFFICE Microsoft Office OLESS stream object name corruption attempt (snort3-file-office.rules)
 * 1:21175 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string Win32 Amti (snort3-malware-cnc.rules)
 * 1:21176 <-> DISABLED <-> PUA-ADWARE Win32.WindowsOptimizationAndSecurity outbound connection (snort3-pua-adware.rules)
 * 1:21177 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ganipin.A inbound connection (snort3-malware-cnc.rules)
 * 1:21178 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader Win.Trojan.Chekafe.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:21179 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Coofus.RFM variant outbound connection (snort3-malware-cnc.rules)
 * 1:21180 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Magania.clfv variant outbound connection (snort3-malware-cnc.rules)
 * 1:21181 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.czgu variant outbound connection (snort3-malware-cnc.rules)
 * 1:21182 <-> DISABLED <-> MALWARE-CNC Win.Trojan.MeSub.ac variant outbound connection (snort3-malware-cnc.rules)
 * 1:21183 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.alfu variant outbound connection (snort3-malware-cnc.rules)
 * 1:21184 <-> DISABLED <-> PUA-ADWARE Internet Security 2010 outbound connection (snort3-pua-adware.rules)
 * 1:21185 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Kufgal.A inbound connection (snort3-malware-cnc.rules)
 * 1:21187 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Xlahlah.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:21192 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Syswrt.dvd variant outbound connection (snort3-malware-cnc.rules)
 * 1:21193 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dalbot.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:21194 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Wealwedst.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:21195 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Protux.B variant outbound connection (snort3-malware-cnc.rules)
 * 1:21196 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Caphaw.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:21197 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Caphaw.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:21198 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Qinubot.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:21199 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Qinubot.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:21202 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Scapzilla.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:21203 <-> DISABLED <-> MALWARE-CNC Virus Win.Trojan.Induc.B variant outbound connection (snort3-malware-cnc.rules)
 * 1:21204 <-> DISABLED <-> MALWARE-CNC Virus Win.Trojan.Induc.B variant outbound connection (snort3-malware-cnc.rules)
 * 1:21205 <-> DISABLED <-> MALWARE-CNC Virus Win.Trojan.Induc.B variant outbound connection (snort3-malware-cnc.rules)
 * 1:21206 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string Aldi Bot (snort3-malware-cnc.rules)
 * 1:21207 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dekara.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:21208 <-> ENABLED <-> MALWARE-CNC Win.Trojan.RShot.brw variant outbound connection (snort3-malware-cnc.rules)
 * 1:21209 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Enviserv.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:21210 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Rallovs.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:21211 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.slrj variant outbound connection (snort3-malware-cnc.rules)
 * 1:21212 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Hupigon.nkor variant outbound connection (snort3-malware-cnc.rules)
 * 1:21213 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Cridex.B variant outbound connection (snort3-malware-cnc.rules)
 * 1:21214 <-> DISABLED <-> SERVER-APACHE Apache server mod_proxy reverse proxy bypass attempt (snort3-server-apache.rules)
 * 1:21215 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.Am variant outbound connection (snort3-malware-cnc.rules)
 * 1:21216 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.Am variant outbound connection (snort3-malware-cnc.rules)
 * 1:21217 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.Am variant outbound connection (snort3-malware-cnc.rules)
 * 1:21218 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Sodager.C variant outbound connection (snort3-malware-cnc.rules)
 * 1:21219 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Sysckbc variant outbound connection (snort3-malware-cnc.rules)
 * 1:21220 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Susnatache.A inbound connection (snort3-malware-cnc.rules)
 * 1:21221 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Susnatache.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:21222 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Kcahneila.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:21223 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Gyplit.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:21224 <-> DISABLED <-> MALWARE-CNC Win.Trojan.MacOS.DevilRobber.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:21225 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string Flag (snort3-malware-cnc.rules)
 * 1:21226 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Louisdreyfu.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:21227 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Bulknet variant outbound connection (snort3-malware-cnc.rules)
 * 1:21228 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Cerberat variant outbound connection (snort3-malware-cnc.rules)
 * 1:21229 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Synljdos variant outbound connection (snort3-malware-cnc.rules)
 * 1:21230 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Betad variant outbound connection (snort3-malware-cnc.rules)
 * 1:21243 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher 2003 EscherStm memory corruption attempt (snort3-file-office.rules)
 * 1:21249 <-> DISABLED <-> MALWARE-CNC Win.Trojan.VBasddsa.A runtime traffic detected (snort3-malware-cnc.rules)
 * 1:21250 <-> DISABLED <-> MALWARE-CNC Win.Trojan.VBasddsa.A runtime traffic detected (snort3-malware-cnc.rules)
 * 1:21251 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Sirefef.P variant outbound connection (snort3-malware-cnc.rules)
 * 1:21252 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Sirefef.P variant outbound connection (snort3-malware-cnc.rules)
 * 1:21253 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader malformed shading modifier heap corruption attempt (snort3-file-pdf.rules)
 * 1:21254 <-> DISABLED <-> FILE-PDF Foxit Reader createDataObject file write attempt (snort3-file-pdf.rules)
 * 1:21273 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Tusha variant runtime traffic detected (snort3-malware-cnc.rules)
 * 1:21274 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Tusha variant runtime traffic detected (snort3-malware-cnc.rules)
 * 1:21277 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Shexie.A runtime traffic detected (snort3-malware-cnc.rules)
 * 1:21278 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string Google Bot (snort3-malware-cnc.rules)
 * 1:21279 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Kbot.s runtime traffic detected (snort3-malware-cnc.rules)
 * 1:21280 <-> DISABLED <-> MALWARE-CNC Win32 Turkojan.C runtime traffic detected (snort3-malware-cnc.rules)
 * 1:21289 <-> DISABLED <-> OS-WINDOWS Microsoft Color Control Panel STI.dll dll-load exploit attempt (snort3-os-windows.rules)
 * 1:21290 <-> DISABLED <-> OS-WINDOWS Microsoft Color Control Panel STI.dll dll-load exploit attempt (snort3-os-windows.rules)
 * 1:21294 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Bancodor.be runtime traffic detected (snort3-malware-cnc.rules)
 * 1:21303 <-> DISABLED <-> MALWARE-CNC Win32 Initor.ag runtime traffic detected (snort3-malware-cnc.rules)
 * 1:21349 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector stack overflow attempt (snort3-server-other.rules)
 * 1:21350 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector stack overflow attempt (snort3-server-other.rules)
 * 1:21378 <-> DISABLED <-> SERVER-OTHER Novell iPrint attributes-natural-language buffer overflow attempt (snort3-server-other.rules)
 * 1:21379 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Genome.Amqj runtime traffic detected (snort3-malware-cnc.rules)
 * 1:21380 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string - QvodDown (snort3-malware-cnc.rules)
 * 1:21381 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dialer.ngb runtime traffic detected (snort3-malware-cnc.rules)
 * 1:21382 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Nuqel.Q host setting3.yeahost.com runtime traffic detected (snort3-malware-cnc.rules)
 * 1:21383 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Nuqel.Q host 9999mb.com runtime traffic detected (snort3-malware-cnc.rules)
 * 1:21384 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Nuqel.Q host freewebs.com runtime traffic detected (snort3-malware-cnc.rules)
 * 1:21386 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Wadolin.A runtime traffic detected (snort3-malware-cnc.rules)
 * 1:21387 <-> DISABLED <-> FILE-JAVA Oracle Java runtime RMIConnectionImpl deserialization execution attempt (snort3-file-java.rules)
 * 1:21390 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agobot.dl runtime traffic detected (snort3-malware-cnc.rules)
 * 1:21391 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.dcac runtime traffic detected (snort3-malware-cnc.rules)
 * 1:21393 <-> DISABLED <-> FILE-MULTIMEDIA Magix Musik Maker 16 buffer overflow attempt (snort3-file-multimedia.rules)
 * 1:21397 <-> DISABLED <-> FILE-MULTIMEDIA MicroP mppl stack buffer overflow (snort3-file-multimedia.rules)
 * 1:21413 <-> DISABLED <-> FILE-OTHER PeaZip command injection attempt (snort3-file-other.rules)
 * 1:21418 <-> ENABLED <-> MALWARE-CNC Win.Trojan.FareIt variant outbound connection (snort3-malware-cnc.rules)
 * 1:21421 <-> DISABLED <-> PROTOCOL-DNS ISC BIND DNSSEC authority response record overflow attempt (snort3-protocol-dns.rules)
 * 1:21464 <-> DISABLED <-> MALWARE-CNC Downloader-CEW.b runtime traffic detected (snort3-malware-cnc.rules)
 * 1:21466 <-> DISABLED <-> MALWARE-CNC Autorun.BDS runtime traffic detected (snort3-malware-cnc.rules)
 * 1:21469 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string 1234567890 (snort3-malware-cnc.rules)
 * 1:21473 <-> DISABLED <-> MALWARE-CNC Win.Trojan.GameThief variant outbound connection (snort3-malware-cnc.rules)
 * 1:21477 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Noobot variant outbound connection (snort3-malware-cnc.rules)
 * 1:21486 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zbot variant outbound connection (snort3-malware-cnc.rules)
 * 1:21491 <-> DISABLED <-> PROTOCOL-SCADA Sielco Sistemi Winlog Pro stack buffer overflow attempt (snort3-protocol-scada.rules)
 * 1:21495 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Vilsel variant outbound connection (snort3-malware-cnc.rules)
 * 1:21496 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Saeeka variant outbound connection (snort3-malware-cnc.rules)
 * 1:21497 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Saeeka variant outbound connection (snort3-malware-cnc.rules)
 * 1:21511 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Vaxpy variant outbound connection (snort3-malware-cnc.rules)
 * 1:21520 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Bayrob variant outbound connection (snort3-malware-cnc.rules)
 * 1:21521 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Bayrob update connection (snort3-malware-cnc.rules)
 * 1:21527 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader registration connection detection (snort3-malware-cnc.rules)
 * 1:21528 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader keep-alive connection detection (snort3-malware-cnc.rules)
 * 1:21557 <-> DISABLED <-> FILE-OTHER Apple OSX ZIP archive shell script execution attempt (snort3-file-other.rules)
 * 1:21563 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Kelihos variant outbound connection (snort3-malware-cnc.rules)
 * 1:21564 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Kelihos variant outbound connection (snort3-malware-cnc.rules)
 * 1:21566 <-> DISABLED <-> OS-WINDOWS Microsoft Expression Design wintab32.dll dll-load exploit attempt (snort3-os-windows.rules)
 * 1:21595 <-> DISABLED <-> OS-MOBILE Android/Nickispy.D initialization request detection (snort3-os-mobile.rules)
 * 1:21596 <-> DISABLED <-> OS-MOBILE Android/Nickispy.D initialization response detection (snort3-os-mobile.rules)
 * 1:21597 <-> DISABLED <-> OS-MOBILE Android/Nickispy.D sms logging request detection (snort3-os-mobile.rules)
 * 1:21598 <-> DISABLED <-> OS-MOBILE Android/Nickispy.D sms logging response detection (snort3-os-mobile.rules)
 * 1:21609 <-> DISABLED <-> SERVER-WEBAPP SurgeMail webmail.exe page format string exploit attempt (snort3-server-webapp.rules)
 * 1:21669 <-> DISABLED <-> PROTOCOL-VOIP Digium Asterisk missing SIP version denial of service attempt (snort3-protocol-voip.rules)
 * 1:21760 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Swisyn variant outbound connection (snort3-malware-cnc.rules)
 * 1:21761 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Swisyn variant outbound connection (snort3-malware-cnc.rules)
 * 1:21764 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word unicode parsing buffer overflow attempt (snort3-file-office.rules)
 * 1:2179 <-> DISABLED <-> PROTOCOL-FTP PASS format string attempt (snort3-protocol-ftp.rules)
 * 1:21858 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader msiexec.exe file load exploit attempt (snort3-file-pdf.rules)
 * 1:21859 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader msiexec.exe file load exploit attempt (snort3-file-pdf.rules)
 * 1:21913 <-> DISABLED <-> SERVER-OTHER EMC data protection advisor DOS attempt (snort3-server-other.rules)
 * 1:21914 <-> DISABLED <-> SERVER-OTHER Novell ZENWorks configuration management preboot opcode 6C request buffer overflow attempt (snort3-server-other.rules)
 * 1:21922 <-> DISABLED <-> FILE-OTHER VLC mms hostname buffer overflow attempt (snort3-file-other.rules)
 * 1:21947 <-> DISABLED <-> MALWARE-CNC Win.Trojan.VicSpy.A variant outbound connection (snort3-malware-cnc.rules)
 * 1:21967 <-> DISABLED <-> MALWARE-BACKDOOR Rebhip.A runtime detection (snort3-malware-backdoor.rules)
 * 1:21970 <-> ENABLED <-> MALWARE-BACKDOOR Win.Backdoor.Zlob.P variant outbound connection (snort3-malware-backdoor.rules)
 * 1:21971 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.Zlob.P variant inbound connection (snort3-malware-backdoor.rules)
 * 1:21972 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.ZZSlash variant outbound connection (snort3-malware-backdoor.rules)
 * 1:21973 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.ZZSlash runtime detection (snort3-malware-backdoor.rules)
 * 1:21974 <-> DISABLED <-> MALWARE-CNC Worm.Expichu variant inbound connection (snort3-malware-cnc.rules)
 * 1:21975 <-> DISABLED <-> MALWARE-CNC Worm.Expichu variant inbound connection (snort3-malware-cnc.rules)
 * 1:21976 <-> DISABLED <-> MALWARE-CNC Trojan-Downloader.Win32.Lapurd.D variant outbound connection (snort3-malware-cnc.rules)
 * 1:21982 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Insain variant outbound connection (snort3-malware-cnc.rules)
 * 1:21995 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Dorkbot variant outbound connection (snort3-malware-cnc.rules)
 * 1:21996 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dorkbot variant outbound connection (snort3-malware-cnc.rules)
 * 1:22048 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Zeus P2P outbound connection (snort3-malware-cnc.rules)
 * 1:22078 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid Window2 BIFF record value attempt (snort3-file-office.rules)
 * 1:22947 <-> DISABLED <-> FILE-OTHER Novell Groupwise Addressbook buffer overflow attempt (snort3-file-other.rules)
 * 1:22948 <-> DISABLED <-> PROTOCOL-VOIP Avaya WinPDM header buffer overflow attempt (snort3-protocol-voip.rules)
 * 1:22950 <-> DISABLED <-> SERVER-WEBAPP EXIF header parsing integer overflow attempt big endian (snort3-server-webapp.rules)
 * 1:22951 <-> DISABLED <-> SERVER-WEBAPP EXIF header parsing integer overflow attempt little endian (snort3-server-webapp.rules)
 * 1:23008 <-> DISABLED <-> FILE-JAVA Oracle Java Rhino script engine remote code execution attempt (snort3-file-java.rules)
 * 1:23014 <-> DISABLED <-> FILE-OTHER Adobe Photoshop asset elements stack based buffer overflow attempt (snort3-file-other.rules)
 * 1:23046 <-> DISABLED <-> SERVER-WEBAPP Oracle GlassFish Enterprise server cross site scripting attempt (snort3-server-webapp.rules)
 * 1:23047 <-> DISABLED <-> SERVER-WEBAPP Oracle GlassFish Enterprise server cross site scripting attempt (snort3-server-webapp.rules)
 * 1:23051 <-> DISABLED <-> MALWARE-CNC Dybalom.A runtime traffic detected (snort3-malware-cnc.rules)
 * 1:23055 <-> DISABLED <-> PROTOCOL-FTP Cisco IOS FTP MKD buffer overflow attempt (snort3-protocol-ftp.rules)
 * 1:23056 <-> DISABLED <-> SERVER-OTHER SAP NetWeaver Dispatcher DiagTraceR3Info buffer overflow attempt (snort3-server-other.rules)
 * 1:23099 <-> DISABLED <-> SERVER-OTHER SAP NetWeaver Dispatcher DiagTraceHex denial of service attempt (snort3-server-other.rules)
 * 1:23102 <-> DISABLED <-> POLICY-OTHER Seagate BlackArmor administrator password reset attempt (snort3-policy-other.rules)
 * 1:23111 <-> DISABLED <-> POLICY-OTHER PHP uri tag injection attempt (snort3-policy-other.rules)
 * 1:23170 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MPEG stream padding buffer overflow attempt (snort3-file-multimedia.rules)
 * 1:23176 <-> DISABLED <-> MALWARE-CNC Donbot.A runtime traffic detected (snort3-malware-cnc.rules)
 * 1:23177 <-> DISABLED <-> SERVER-WEBAPP Symantec Web Gateway timer.php cross site scripting attempt (snort3-server-webapp.rules)
 * 1:23178 <-> DISABLED <-> PROTOCOL-ICMP IPv6 router advertisement flood attempt (snort3-protocol-icmp.rules)
 * 1:23213 <-> DISABLED <-> SQL Ruby on rails SQL injection attempt (snort3-sql.rules)
 * 1:23234 <-> DISABLED <-> MALWARE-CNC Frethog.MK runtime traffic detected (snort3-malware-cnc.rules)
 * 1:23235 <-> DISABLED <-> MALWARE-CNC PBin.A runtime traffic detected (snort3-malware-cnc.rules)
 * 1:23238 <-> DISABLED <-> NETBIOS Wireshark console.lua file load exploit attempt (snort3-netbios.rules)
 * 1:23239 <-> DISABLED <-> SERVER-OTHER Wireshark console.lua file load exploit attempt (snort3-server-other.rules)
 * 1:23241 <-> DISABLED <-> SERVER-OTHER HP DPNECentral RequestCopy type SQL injection attempt (snort3-server-other.rules)
 * 1:23243 <-> DISABLED <-> FILE-JAVA Oracle Java Zip file directory record overflow attempt (snort3-file-java.rules)
 * 1:23269 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording integer overflow attempt (snort3-file-other.rules)
 * 1:23271 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (snort3-file-multimedia.rules)
 * 1:23272 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (snort3-file-multimedia.rules)
 * 1:23340 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Nitol.B variant outbound connection (snort3-malware-cnc.rules)
 * 1:23341 <-> ENABLED <-> MALWARE-BACKDOOR Win.Backdoor.Tinrot.A runtime detection (snort3-malware-backdoor.rules)
 * 1:23346 <-> DISABLED <-> FILE-OTHER Oracle outside in Lotus 1-2-3 heap overflow attempt (snort3-file-other.rules)
 * 1:23355 <-> DISABLED <-> SERVER-OTHER Trend Micro Control Manager AddTask stack buffer overflow attempt (snort3-server-other.rules)
 * 1:23368 <-> DISABLED <-> PROTOCOL-DNS Tftpd32 DNS server denial of service attempt (snort3-protocol-dns.rules)
 * 1:23397 <-> DISABLED <-> SERVER-OTHER Citrix Provisioning Services stack buffer overflow attempt (snort3-server-other.rules)
 * 1:23398 <-> DISABLED <-> SERVER-OTHER Citrix Provisioning Services stack buffer overflow attempt (snort3-server-other.rules)
 * 1:23401 <-> DISABLED <-> SERVER-WEBAPP Oracle GlassFish server REST interface cross site request forgery attempt (snort3-server-webapp.rules)
 * 1:23480 <-> DISABLED <-> SERVER-WEBAPP IBM Lotus Domino webadmin.nsf directory traversal attempt (snort3-server-webapp.rules)
 * 1:23484 <-> DISABLED <-> INDICATOR-COMPROMISE Wordpress Invit0r plugin non-image file upload attempt (snort3-indicator-compromise.rules)
 * 1:23485 <-> DISABLED <-> SERVER-WEBAPP Wordpress Invit0r plugin php upload attempt (snort3-server-webapp.rules)
 * 1:23544 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt (snort3-file-office.rules)
 * 1:23560 <-> DISABLED <-> FILE-JAVA Oracle Java Zip file directory record overflow attempt (snort3-file-java.rules)
 * 1:23577 <-> DISABLED <-> FILE-OTHER VLC mms hostname buffer overflow attempt (snort3-file-other.rules)
 * 1:23580 <-> DISABLED <-> FILE-OTHER Novell Groupwise Addressbook buffer overflow attempt (snort3-file-other.rules)
 * 1:23581 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MPEG stream padding buffer overflow attempt (snort3-file-multimedia.rules)
 * 1:23587 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (snort3-file-multimedia.rules)
 * 1:23588 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (snort3-file-multimedia.rules)
 * 1:23589 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (snort3-file-image.rules)
 * 1:23590 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (snort3-file-image.rules)
 * 1:23598 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Slagent outgoing connection (snort3-malware-cnc.rules)
 * 1:23599 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Slagent outgoing connection (snort3-malware-cnc.rules)
 * 1:23624 <-> DISABLED <-> SERVER-OTHER Ubisoft Uplay browser plugin backdoor attempt (snort3-server-other.rules)
 * 1:23783 <-> DISABLED <-> SERVER-WEBAPP Symantec Web Gateway pbcontrol.php filename parameter command injection attempt (snort3-server-webapp.rules)
 * 1:23839 <-> ENABLED <-> OS-WINDOWS Microsoft Windows SMB RAP API NetServerEnum2 long server name buffer overflow attempt (snort3-os-windows.rules)
 * 1:23879 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader Texture Declaration buffer overflow attempt (snort3-file-pdf.rules)
 * 1:23880 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader Texture Declaration buffer overflow attempt (snort3-file-pdf.rules)
 * 1:23934 <-> DISABLED <-> SERVER-WEBAPP Symantec Web Gateway blocked.php blind sql injection attempt (snort3-server-webapp.rules)
 * 1:23938 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Ibabyfa.dldr variant outbound connection (snort3-malware-cnc.rules)
 * 1:23940 <-> DISABLED <-> SERVER-ORACLE Oracle Business Transaction Management FlashTunnelService directory traversal attempt (snort3-server-oracle.rules)
 * 1:24007 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB RAP API NetServerEnum2 long server name buffer overflow attempt (snort3-os-windows.rules)
 * 1:24026 <-> ENABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (snort3-file-java.rules)
 * 1:24029 <-> DISABLED <-> FILE-OTHER Oracle outside in Lotus 1-2-3 heap overflow attempt (snort3-file-other.rules)
 * 1:24083 <-> ENABLED <-> FILE-OTHER ESTsoft ALZip MIM file buffer overflow attempt (snort3-file-other.rules)
 * 1:24123 <-> DISABLED <-> MALWARE-BACKDOOR Virus.Win32.Xpaj.A variant outbound connection (snort3-malware-backdoor.rules)
 * 1:24128 <-> DISABLED <-> OS-WINDOWS Microsoft SCCM ReportChart xss attempt (snort3-os-windows.rules)
 * 1:24147 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager nnmRptConfig.exe multiple parameters buffer overflow attempt (snort3-server-webapp.rules)
 * 1:2417 <-> DISABLED <-> PROTOCOL-FTP format string attempt (snort3-protocol-ftp.rules)
 * 1:24206 <-> ENABLED <-> FILE-IDENTIFY LZH archive file magic detected (snort3-file-identify.rules)
 * 1:24207 <-> DISABLED <-> FILE-OTHER IBM Lotus Notes LZH Attachment Viewer buffer overflow (snort3-file-other.rules)
 * 1:24208 <-> DISABLED <-> FILE-OTHER IBM Lotus Notes LZH Attachment Viewer buffer overflow (snort3-file-other.rules)
 * 1:24209 <-> DISABLED <-> FILE-OTHER IBM Lotus Notes LZH Attachment Viewer buffer overflow (snort3-file-other.rules)
 * 1:24240 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel drawing layer use after free attempt (snort3-file-office.rules)
 * 1:24241 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel drawing layer use after free attempt (snort3-file-office.rules)
 * 1:24242 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel drawing layer use after free attempt (snort3-file-office.rules)
 * 1:24256 <-> ENABLED <-> MALWARE-BACKDOOR phpMyAdmin server_sync.php backdoor access attempt (snort3-malware-backdoor.rules)
 * 1:24291 <-> DISABLED <-> SERVER-WEBAPP HP SiteScope APISiteScopeImpl information disclosure attempt (snort3-server-webapp.rules)
 * 1:24292 <-> DISABLED <-> SERVER-WEBAPP HP SiteScope APISiteScopeImpl information disclosure attempt (snort3-server-webapp.rules)
 * 1:24296 <-> DISABLED <-> PROTOCOL-ICMP IPv6 router advertisement invalid prefix option attempt (snort3-protocol-icmp.rules)
 * 1:24321 <-> DISABLED <-> SERVER-OTHER HP StorageWorks File Migration Agent buffer overflow attempt (snort3-server-other.rules)
 * 1:24337 <-> DISABLED <-> SERVER-OTHER Novell Remote Manager off-by-one denial of service attempt (snort3-server-other.rules)
 * 1:24446 <-> DISABLED <-> SERVER-OTHER EMC NetWorker SunRPC format string exploit attempt (snort3-server-other.rules)
 * 1:24480 <-> DISABLED <-> PROTOCOL-SCADA WellinTech Kingview HMI history server buffer overflow attempt (snort3-protocol-scada.rules)
 * 1:24487 <-> DISABLED <-> FILE-PDF Microsoft Windows kernel-mode drivers core font parsing integer overflow attempt (snort3-file-pdf.rules)
 * 1:24507 <-> DISABLED <-> FILE-PDF Adobe Acrobat font parsing integer overflow attempt (snort3-file-pdf.rules)
 * 1:24508 <-> DISABLED <-> FILE-PDF Adobe Acrobat font parsing integer overflow attempt (snort3-file-pdf.rules)
 * 1:24518 <-> DISABLED <-> SERVER-WEBAPP Symantec Web Gateway PHP remote code injection attempt (snort3-server-webapp.rules)
 * 1:24519 <-> DISABLED <-> SERVER-WEBAPP Symantec Web Gateway PHP remote code execution attempt (snort3-server-webapp.rules)
 * 1:24520 <-> DISABLED <-> SERVER-WEBAPP Avaya IP Office Customer Call Reporter invalid file upload attempt (snort3-server-webapp.rules)
 * 1:24524 <-> DISABLED <-> SERVER-MAIL Novell GroupWise internet agent iCalendar parsing denial of service attempt (snort3-server-mail.rules)
 * 1:24536 <-> DISABLED <-> SERVER-OTHER HP Intelligent Management Center uam.exe stack buffer overflow attempt (snort3-server-other.rules)
 * 1:24537 <-> DISABLED <-> SERVER-OTHER HP Intelligent Management Center uam.exe stack buffer overflow attempt (snort3-server-other.rules)
 * 1:24538 <-> DISABLED <-> SERVER-OTHER HP Intelligent Management Center uam.exe stack buffer overflow attempt (snort3-server-other.rules)
 * 1:24628 <-> DISABLED <-> SERVER-WEBAPP Webmin show.cgi arbitrary command injection attempt (snort3-server-webapp.rules)
 * 1:24647 <-> DISABLED <-> SERVER-WEBAPP D-Link Wireless Router CAPTCHA data processing buffer overflow attempt (snort3-server-webapp.rules)
 * 1:24652 <-> DISABLED <-> FILE-OTHER Microsoft proxy autoconfig script system library import attempt (snort3-file-other.rules)
 * 1:24686 <-> DISABLED <-> SERVER-OTHER HP StorageWorks file migration agent buffer overflow attempt (snort3-server-other.rules)
 * 1:24696 <-> DISABLED <-> PROTOCOL-RPC EMC Networker nsrindexd.exe procedure 0x01 buffer overflow attempt (snort3-protocol-rpc.rules)
 * 1:24699 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime text track descriptors heap buffer overflow attempt (snort3-file-multimedia.rules)
 * 1:24700 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime text track descriptors heap buffer overflow attempt (snort3-file-multimedia.rules)
 * 1:24701 <-> DISABLED <-> FILE-JAVA Oracle Java Runtime true type font idef opcode heap buffer overflow attempt (snort3-file-java.rules)
 * 1:24706 <-> DISABLED <-> SERVER-WEBAPP Netop Remote Control dws file buffer overflow attempt (snort3-server-webapp.rules)
 * 1:24707 <-> DISABLED <-> SERVER-WEBAPP Netop Remote Control dws file buffer overflow attempt (snort3-server-webapp.rules)
 * 1:24765 <-> DISABLED <-> SERVER-WEBAPP Novell File Reporter SRS request heap overflow attempt (snort3-server-webapp.rules)
 * 1:24766 <-> DISABLED <-> SERVER-WEBAPP Novell File Reporter SRS request arbitrary file download attempt (snort3-server-webapp.rules)
 * 1:24767 <-> DISABLED <-> SERVER-WEBAPP Novell File Reporter FSFUI request directory traversal attempt (snort3-server-webapp.rules)
 * 1:24801 <-> DISABLED <-> SERVER-WEBAPP IBM Tivoli Provisioning Manager Express asset.getmimetype sql injection attempt (snort3-server-webapp.rules)
 * 1:24802 <-> DISABLED <-> SERVER-OTHER HP Database Archiving Software GIOP parsing buffer overflow attempt (snort3-server-other.rules)
 * 1:24915 <-> DISABLED <-> FILE-JAVA Oracle Java Runtime true type font idef opcode heap buffer overflow attempt (snort3-file-java.rules)
 * 1:24987 <-> DISABLED <-> POLICY-OTHER Adobe InDesign SOAP interface RunScript method access attempt (snort3-policy-other.rules)
 * 1:24993 <-> DISABLED <-> FILE-JAVA Oracle Java Applet remote code execution attempt (snort3-file-java.rules)
 * 1:25007 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Wealwedst variant outbound connection (snort3-malware-cnc.rules)
 * 1:25318 <-> DISABLED <-> SERVER-WEBAPP InduSoft Web Studio arbitrary file upload attempt (snort3-server-webapp.rules)
 * 1:25319 <-> DISABLED <-> SERVER-WEBAPP InduSoft Web Studio arbitrary file upload attempt (snort3-server-webapp.rules)
 * 1:25321 <-> DISABLED <-> SERVER-ORACLE Oracle Database tablefunc_asown buffer overflow attempt (snort3-server-oracle.rules)
 * 1:25345 <-> DISABLED <-> SERVER-WEBAPP Symantec IM Manager Web interface arbitrary command execution attempt (snort3-server-webapp.rules)
 * 1:25346 <-> DISABLED <-> FILE-IMAGE ImageMagick EXIF resolutionunit handling memory corruption attempt (snort3-file-image.rules)
 * 1:25347 <-> DISABLED <-> FILE-IMAGE ImageMagick EXIF resolutionunit handling memory corruption attempt (snort3-file-image.rules)
 * 1:25348 <-> DISABLED <-> FILE-IMAGE ImageMagick EXIF resolutionunit handling memory corruption attempt (snort3-file-image.rules)
 * 1:25353 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (snort3-file-office.rules)
 * 1:25354 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (snort3-file-office.rules)
 * 1:25355 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (snort3-file-office.rules)
 * 1:25366 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid Window2 BIFF record value attempt (snort3-file-office.rules)
 * 1:25367 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid Window2 BIFF record value attempt (snort3-file-office.rules)
 * 1:25369 <-> DISABLED <-> OS-WINDOWS NVIDIA graphics driver nvsr named pipe buffer overflow attempt (snort3-os-windows.rules)
 * 1:25392 <-> DISABLED <-> FILE-JAVA Oracle Java Rhino script engine remote code execution attempt (snort3-file-java.rules)
 * 1:25449 <-> ENABLED <-> FILE-PDF Javascript openDoc UNC network request attempt (snort3-file-pdf.rules)
 * 1:25450 <-> ENABLED <-> FILE-PDF Javascript openDoc UNC network request attempt (snort3-file-pdf.rules)
 * 1:25534 <-> DISABLED <-> SERVER-WEBAPP Sonicwall Global Management System authentication bypass attempt (snort3-server-webapp.rules)
 * 1:25542 <-> DISABLED <-> PROTOCOL-RPC EMC NetWorker nsrindexd service buffer overflow attempt (snort3-protocol-rpc.rules)
 * 1:25581 <-> ENABLED <-> SERVER-OTHER EMC AlphaStor Device Manager command injection attempt (snort3-server-other.rules)
 * 1:25582 <-> ENABLED <-> SERVER-OTHER EMC AlphaStor Device Manager command injection attempt (snort3-server-other.rules)
 * 1:25583 <-> ENABLED <-> SERVER-OTHER EMC AlphaStor Device Manager command injection attempt (snort3-server-other.rules)
 * 1:25584 <-> ENABLED <-> SERVER-OTHER EMC AlphaStor Device Manager command injection attempt (snort3-server-other.rules)
 * 1:25585 <-> ENABLED <-> SERVER-OTHER EMC AlphaStor Device Manager command injection attempt (snort3-server-other.rules)
 * 1:25586 <-> DISABLED <-> SERVER-WEBAPP Nagios Core get_history buffer overflow attempt (snort3-server-webapp.rules)
 * 1:25767 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JPX malformed code-block width memory corruption attempt (snort3-file-pdf.rules)
 * 1:25810 <-> DISABLED <-> FILE-OTHER VMWare OVF Tool format string exploit attempt (snort3-file-other.rules)
 * 1:25811 <-> DISABLED <-> FILE-OTHER VMWare OVF Tool format string exploit attempt (snort3-file-other.rules)
 * 1:25812 <-> DISABLED <-> FILE-OTHER VMWare OVF Tool format string exploit attempt (snort3-file-other.rules)
 * 1:25813 <-> DISABLED <-> FILE-OTHER VMWare OVF Tool format string exploit attempt (snort3-file-other.rules)
 * 1:25818 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader known malicious variable exploit attempt (snort3-file-pdf.rules)
 * 1:25819 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader known malicious variable exploit attempt (snort3-file-pdf.rules)
 * 1:25855 <-> DISABLED <-> SERVER-WEBAPP Nagios XI alert cloud cross site scripting attempt (snort3-server-webapp.rules)
 * 1:26073 <-> DISABLED <-> SERVER-OTHER SAP NetWeaver Message Server buffer overflow attempt (snort3-server-other.rules)
 * 1:26074 <-> DISABLED <-> SERVER-OTHER SAP NetWeaver Message Server buffer overflow attempt (snort3-server-other.rules)
 * 1:26081 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - Suspected Crimepack (snort3-malware-cnc.rules)
 * 1:26082 <-> DISABLED <-> FILE-PDF Nuance PDF reader launch overflow attempt (snort3-file-pdf.rules)
 * 1:26103 <-> DISABLED <-> SERVER-OTHER HP LeftHand Virtual SAN hydra ping request buffer overflow attempt (snort3-server-other.rules)
 * 1:26105 <-> DISABLED <-> SERVER-OTHER BigAnt IM Server buffer overflow attempt (snort3-server-other.rules)
 * 1:26107 <-> DISABLED <-> SERVER-OTHER HP Linux Imaging and Printing Project hpssd daemon command injection attempt (snort3-server-other.rules)
 * 1:26108 <-> DISABLED <-> SERVER-OTHER HP Linux Imaging and Printing Project hpssd daemon command injection attempt (snort3-server-other.rules)
 * 1:26178 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Hiloti variant outbound connection (snort3-malware-cnc.rules)
 * 1:26185 <-> ENABLED <-> FILE-JAVA Oracle Java Gmbal package sandbox breach attempt (snort3-file-java.rules)
 * 1:26186 <-> ENABLED <-> FILE-JAVA Oracle Java Gmbal package sandbox breach attempt (snort3-file-java.rules)
 * 1:26195 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp integer overflow attempt (snort3-file-java.rules)
 * 1:26196 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib LookupOp integer overflow attempt (snort3-file-java.rules)
 * 1:26197 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib ConvolveOp integer overflow attempt (snort3-file-java.rules)
 * 1:26198 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp integer overflow attempt (snort3-file-java.rules)
 * 1:26199 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib LookupOp integer overflow attempt (snort3-file-java.rules)
 * 1:26200 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib ConvolveOp integer overflow attempt (snort3-file-java.rules)
 * 1:26209 <-> DISABLED <-> FILE-OTHER CyberLink Power2Go name parameter overflow attempt (snort3-file-other.rules)
 * 1:26210 <-> DISABLED <-> FILE-OTHER CyberLink Power2Go name parameter overflow attempt (snort3-file-other.rules)
 * 1:26230 <-> DISABLED <-> SERVER-WEBAPP Alcatel-Lucent OmniPCX arbitrary command execution attempt (snort3-server-webapp.rules)
 * 1:26242 <-> DISABLED <-> FILE-MULTIMEDIA CCMPlayer m3u buffer overflow attempt (snort3-file-multimedia.rules)
 * 1:26243 <-> DISABLED <-> FILE-MULTIMEDIA CCMPlayer m3u buffer overflow attempt (snort3-file-multimedia.rules)
 * 1:26262 <-> DISABLED <-> SERVER-OTHER MongoDB nativeHelper.apply method command injection attempt (snort3-server-other.rules)
 * 1:26274 <-> DISABLED <-> SERVER-WEBAPP Nagios3 statuswml.cgi remote command execution attempt (snort3-server-webapp.rules)
 * 1:26280 <-> DISABLED <-> FILE-PDF Foxit Reader remote query string buffer overflow attempt (snort3-file-pdf.rules)
 * 1:26281 <-> DISABLED <-> FILE-PDF Foxit Reader remote query string buffer overflow attempt (snort3-file-pdf.rules)
 * 1:26282 <-> DISABLED <-> FILE-PDF Foxit Reader remote query string buffer overflow attempt (snort3-file-pdf.rules)
 * 1:26283 <-> DISABLED <-> FILE-PDF Foxit Reader remote query string buffer overflow attempt (snort3-file-pdf.rules)
 * 1:26320 <-> DISABLED <-> SERVER-WEBAPP Redmine SCM rev parameter command injection attempt (snort3-server-webapp.rules)
 * 1:26333 <-> DISABLED <-> SERVER-OTHER HP LeftHand Virtual SAN hydra diag request buffer overflow attempt (snort3-server-other.rules)
 * 1:26334 <-> DISABLED <-> SERVER-OTHER HP LeftHand Virtual SAN hydra diag request buffer overflow attempt (snort3-server-other.rules)
 * 1:26336 <-> DISABLED <-> SERVER-OTHER HP LeftHand Virtual SAN hydra snmp request buffer overflow attempt (snort3-server-other.rules)
 * 1:26389 <-> DISABLED <-> SERVER-OTHER BigAnt Document Service DUPF command arbitrary file upload attempt (snort3-server-other.rules)
 * 1:26390 <-> DISABLED <-> SERVER-OTHER BigAnt Document Service DUPF command arbitrary file upload attempt (snort3-server-other.rules)
 * 1:26416 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center mibFileUpload servlet arbitrary file upload attempt (snort3-server-webapp.rules)
 * 1:26417 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center mibFileUpload servlet arbitrary file upload attempt (snort3-server-webapp.rules)
 * 1:26418 <-> DISABLED <-> SERVER-WEBAPP HP System Management iprange parameter buffer overflow attempt (snort3-server-webapp.rules)
 * 1:26425 <-> DISABLED <-> PROTOCOL-VOIP Digium Asterisk SIP SDP header parsing stack buffer overflow attempt (snort3-protocol-voip.rules)
 * 1:26426 <-> DISABLED <-> PROTOCOL-VOIP Digium Asterisk SIP SDP header parsing stack buffer overflow attempt (snort3-protocol-voip.rules)
 * 1:26435 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Duqu variant outbound connection (snort3-malware-cnc.rules)
 * 1:26436 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center FaultDownloadServlet information disclosure attempt (snort3-server-webapp.rules)
 * 1:26471 <-> DISABLED <-> PROTOCOL-FTP VanDyke AbsoluteFTP LIST command stack buffer overflow attempt (snort3-protocol-ftp.rules)
 * 1:26473 <-> DISABLED <-> FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (snort3-file-other.rules)
 * 1:26474 <-> DISABLED <-> FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (snort3-file-other.rules)
 * 1:26475 <-> DISABLED <-> FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (snort3-file-other.rules)
 * 1:26476 <-> DISABLED <-> FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (snort3-file-other.rules)
 * 1:26477 <-> DISABLED <-> FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (snort3-file-other.rules)
 * 1:26478 <-> DISABLED <-> FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (snort3-file-other.rules)
 * 1:26479 <-> DISABLED <-> SERVER-OTHER ActFax LPD Server data field buffer overflow attempt (snort3-server-other.rules)
 * 1:26495 <-> DISABLED <-> FILE-OTHER WellinTech KingView KingMessage log file parsing buffer overflow attempt (snort3-file-other.rules)
 * 1:26496 <-> DISABLED <-> FILE-OTHER WellinTech KingView KingMessage log file parsing buffer overflow attempt (snort3-file-other.rules)
 * 1:26501 <-> DISABLED <-> SERVER-OTHER BigAnt Document Service DDNF request stack buffer overflow attempt (snort3-server-other.rules)
 * 1:26502 <-> DISABLED <-> PROTOCOL-SCADA 3S CoDeSys Gateway Server stack buffer overflow attempt (snort3-protocol-scada.rules)
 * 1:26503 <-> DISABLED <-> PROTOCOL-SCADA 3S CoDeSys Gateway Server stack buffer overflow attempt (snort3-protocol-scada.rules)
 * 1:26504 <-> DISABLED <-> PROTOCOL-SCADA 3S CoDeSys Gateway Server stack buffer overflow attempt (snort3-protocol-scada.rules)
 * 1:26505 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center IctDownloadServlet information disclosure attempt (snort3-server-webapp.rules)
 * 1:26520 <-> DISABLED <-> FILE-OTHER Maple Maplet File Creation and Command Execution attempt (snort3-file-other.rules)
 * 1:26521 <-> DISABLED <-> FILE-OTHER Maple Maplet File Creation and Command Execution attempt (snort3-file-other.rules)
 * 1:26523 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center ReportImgServlet information disclosure attempt (snort3-server-webapp.rules)
 * 1:26547 <-> DISABLED <-> SERVER-WEBAPP phpMyAdmin preg_replace remote code execution attempt (snort3-server-webapp.rules)
 * 1:26626 <-> DISABLED <-> FILE-OFFICE XML parameter entity reference local file disclosure attempt (snort3-file-office.rules)
 * 1:26645 <-> DISABLED <-> SERVER-OTHER SSL TLS deflate compression weakness brute force attempt (snort3-server-other.rules)
 * 1:26648 <-> DISABLED <-> FILE-OTHER Microsoft Windows uniscribe fonts parsing memory corruption attempt (snort3-file-other.rules)
 * 1:26649 <-> DISABLED <-> FILE-OTHER Microsoft Windows uniscribe fonts parsing memory corruption attempt (snort3-file-other.rules)
 * 1:26651 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (snort3-file-pdf.rules)
 * 1:26652 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (snort3-file-pdf.rules)
 * 1:26664 <-> ENABLED <-> FILE-IMAGE BMP extremely large xpos opcodes (snort3-file-image.rules)
 * 1:26669 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center SyslogDownloadServlet information disclosure attempt (snort3-server-webapp.rules)
 * 1:26672 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word TextBox sub-document memory corruption attempt (snort3-file-office.rules)
 * 1:26673 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word TextBox sub-document memory corruption attempt (snort3-file-office.rules)
 * 1:26674 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word TextBox sub-document memory corruption attempt (snort3-file-office.rules)
 * 1:26676 <-> DISABLED <-> FILE-OFFICE Microsoft Windows WordPad sprmTSetBrc SPRM overflow attempt (snort3-file-office.rules)
 * 1:26759 <-> DISABLED <-> SERVER-OTHER MIT Kerberos libkdb_ldap principal name handling denial of service attempt (snort3-server-other.rules)
 * 1:26769 <-> DISABLED <-> SERVER-OTHER MIT Kerberos kpasswd process_chpw_request denial of service attempt (snort3-server-other.rules)
 * 1:26794 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center UAM acmServletDownload information disclosure attempt (snort3-server-webapp.rules)
 * 1:26797 <-> DISABLED <-> SERVER-WEBAPP Mutiny editdocument servlet arbitrary file access attempt (snort3-server-webapp.rules)
 * 1:26798 <-> DISABLED <-> SERVER-WEBAPP Mutiny editdocument servlet arbitrary file upload attempt (snort3-server-webapp.rules)
 * 1:26905 <-> DISABLED <-> SERVER-WEBAPP FosWiki and TWiki MAKETEXT macro memory consumption denial of service attempt (snort3-server-webapp.rules)
 * 1:26922 <-> DISABLED <-> OS-WINDOWS Microsoft Windows FlattenPath paged memory consumption privilege escalation attempt (snort3-os-windows.rules)
 * 1:26927 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (snort3-file-pdf.rules)
 * 1:26928 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (snort3-file-pdf.rules)
 * 1:26953 <-> DISABLED <-> SERVER-WEBAPP D-Link DIR-300/DIR-600 unauthenticated remote command execution attempt (snort3-server-webapp.rules)
 * 1:26990 <-> DISABLED <-> SERVER-WEBAPP WordPress Super Cache & W3 Total Cache remote code execution attempt (snort3-server-webapp.rules)
 * 1:26991 <-> DISABLED <-> SERVER-WEBAPP WordPress Super Cache & W3 Total Cache remote code execution attempt (snort3-server-webapp.rules)
 * 1:26992 <-> DISABLED <-> SERVER-WEBAPP WordPress Super Cache & W3 Total Cache remote code execution attempt (snort3-server-webapp.rules)
 * 1:27018 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Mobile Management dusap.php directory traversal attempt (snort3-server-webapp.rules)
 * 1:27019 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Mobile Management dusap.php directory traversal attempt (snort3-server-webapp.rules)
 * 1:27020 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Mobile Management dusap.php directory traversal attempt (snort3-server-webapp.rules)
 * 1:27028 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Mobile Management mdm.php directory traversal attempt (snort3-server-webapp.rules)
 * 1:27029 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Mobile Management mdm.php directory traversal attempt (snort3-server-webapp.rules)
 * 1:27030 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Mobile Management mdm.php directory traversal attempt (snort3-server-webapp.rules)
 * 1:27036 <-> DISABLED <-> SERVER-OTHER Novell NetIQ User Manager modifyAccounts policy bypass attempt (snort3-server-other.rules)
 * 1:27075 <-> DISABLED <-> SERVER-OTHER Novell NetIQ User Manager ldapagnt_eval remote code execution attempt (snort3-server-other.rules)
 * 1:27076 <-> ENABLED <-> FILE-JAVA Oracle Java Applet disable security manager attempt (snort3-file-java.rules)
 * 1:27077 <-> ENABLED <-> FILE-JAVA Oracle Java Applet disable security manager attempt (snort3-file-java.rules)
 * 1:27102 <-> ENABLED <-> FILE-MULTIMEDIA Apple QuickTime enof atom parsing heap buffer overflow attempt (snort3-file-multimedia.rules)
 * 1:27103 <-> ENABLED <-> FILE-MULTIMEDIA Apple QuickTime enof atom parsing heap buffer overflow attempt (snort3-file-multimedia.rules)
 * 1:27104 <-> ENABLED <-> SERVER-WEBAPP HP System Management arbitrary command injection attempt (snort3-server-webapp.rules)
 * 1:27105 <-> ENABLED <-> SERVER-WEBAPP HP System Management arbitrary command injection attempt (snort3-server-webapp.rules)
 * 1:27122 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 305 buffer overflow attempt (snort3-server-other.rules)
 * 1:27124 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 1092 buffer overflow attempt (snort3-server-other.rules)
 * 1:27125 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 211 buffer overflow attempt (snort3-server-other.rules)
 * 1:27170 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 1091 buffer overflow attempt (snort3-server-other.rules)
 * 1:27188 <-> ENABLED <-> FILE-JAVA Oracle Java Applet ProviderSkeleton sandbox bypass attempt (snort3-file-java.rules)
 * 1:27189 <-> ENABLED <-> FILE-JAVA Oracle Java Applet ProviderSkeleton sandbox bypass attempt (snort3-file-java.rules)
 * 1:27190 <-> ENABLED <-> FILE-JAVA Oracle Java Applet ProviderSkeleton sandbox bypass attempt (snort3-file-java.rules)
 * 1:27191 <-> ENABLED <-> FILE-JAVA Oracle Java Applet ProviderSkeleton sandbox bypass attempt (snort3-file-java.rules)
 * 1:27192 <-> DISABLED <-> SERVER-WEBAPP DM Albums album.php remote file include attempt (snort3-server-webapp.rules)
 * 1:27210 <-> ENABLED <-> SERVER-OTHER IPMI RAKP cipher zero remote authentication bypass attempt (snort3-server-other.rules)
 * 1:27217 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 260 buffer overflow attempt (snort3-server-other.rules)
 * 1:27224 <-> ENABLED <-> SERVER-OTHER Adobe ColdFusion websocket invoke method access (snort3-server-other.rules)
 * 1:27225 <-> DISABLED <-> SERVER-OTHER Adobe ColdFusion JRun error page getWriter denial of service attempt (snort3-server-other.rules)
 * 1:27226 <-> DISABLED <-> SERVER-WEBAPP DokuWiki PHP file inclusion attempt (snort3-server-webapp.rules)
 * 1:27231 <-> DISABLED <-> OS-WINDOWS Microsoft Windows FlattenPath paged memory consumption privilege escalation attempt (snort3-os-windows.rules)
 * 1:27237 <-> DISABLED <-> SERVER-OTHER IPMI default username - root (snort3-server-other.rules)
 * 1:27238 <-> DISABLED <-> SERVER-OTHER IPMI default username - admin (snort3-server-other.rules)
 * 1:27239 <-> DISABLED <-> SERVER-OTHER IPMI default username - USERID (snort3-server-other.rules)
 * 1:27240 <-> DISABLED <-> SERVER-OTHER multiple vendors IPMI RAKP username brute force attempt (snort3-server-other.rules)
 * 1:27264 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 227 buffer overflow attempt (snort3-server-other.rules)
 * 1:27532 <-> DISABLED <-> SERVER-MAIL Exim and Dovecot mail from remote command execution attempt (snort3-server-mail.rules)
 * 1:27539 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 234 buffer overflow attempt (snort3-server-other.rules)
 * 1:27552 <-> DISABLED <-> OS-MOBILE Android Exploit Extra_Field APK file download attempt (snort3-os-mobile.rules)
 * 1:27571 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 235 buffer overflow attempt (snort3-server-other.rules)
 * 1:27572 <-> ENABLED <-> SERVER-APACHE Apache Struts wildcard matching OGNL remote code execution attempt (snort3-server-apache.rules)
 * 1:27573 <-> ENABLED <-> SERVER-APACHE Apache Struts wildcard matching OGNL remote code execution attempt (snort3-server-apache.rules)
 * 1:27574 <-> ENABLED <-> SERVER-APACHE Apache Struts OGNL getRuntime.exec static method access attempt (snort3-server-apache.rules)
 * 1:27575 <-> ENABLED <-> SERVER-APACHE Apache Struts arbitrary OGNL remote code execution attempt (snort3-server-apache.rules)
 * 1:27617 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 264 buffer overflow attempt (snort3-server-other.rules)
 * 1:27621 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (snort3-file-java.rules)
 * 1:27622 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (snort3-file-java.rules)
 * 1:27623 <-> DISABLED <-> SERVER-OTHER Joomla media.php arbitrary file upload attempt (snort3-server-other.rules)
 * 1:27646 <-> DISABLED <-> SERVER-OTHER HP LeftHand Virtual SAN hydra login request buffer overflow attempt (snort3-server-other.rules)
 * 1:27667 <-> DISABLED <-> SERVER-WEBAPP Joomla media.php file.upload direct administrator access attempt (snort3-server-webapp.rules)
 * 1:27672 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (snort3-file-java.rules)
 * 1:27673 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (snort3-file-java.rules)
 * 1:27674 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (snort3-file-java.rules)
 * 1:27675 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (snort3-file-java.rules)
 * 1:27676 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (snort3-file-java.rules)
 * 1:27677 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (snort3-file-java.rules)
 * 1:27688 <-> DISABLED <-> SERVER-WEBAPP mxBB MX Faq module_root_path file inclusion attempt (snort3-server-webapp.rules)
 * 1:27691 <-> ENABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster integer overflow attempt (snort3-file-java.rules)
 * 1:27692 <-> ENABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster integer overflow attempt (snort3-file-java.rules)
 * 1:27750 <-> ENABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster integer overflow attempt (snort3-file-java.rules)
 * 1:27751 <-> ENABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster integer overflow attempt (snort3-file-java.rules)
 * 1:27753 <-> DISABLED <-> SERVER-WEBAPP Click N Print Coupons coupon_detail.asp SQL injection attempt (snort3-server-webapp.rules)
 * 1:27756 <-> DISABLED <-> SERVER-WEBAPP RedHat Piranha Virtual Server Package default passwd and arbitrary command execution attempt (snort3-server-webapp.rules)
 * 1:27769 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 207 buffer overflow attempt (snort3-server-other.rules)
 * 1:27770 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 210 buffer overflow attempt (snort3-server-other.rules)
 * 1:27771 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 236 buffer overflow attempt (snort3-server-other.rules)
 * 1:27772 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 243 buffer overflow attempt (snort3-server-other.rules)
 * 1:27773 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 265 buffer overflow attempt (snort3-server-other.rules)
 * 1:27861 <-> DISABLED <-> SERVER-ORACLE Oracle Enterprise Manager Database Control directory traversal attempt (snort3-server-oracle.rules)
 * 1:27862 <-> DISABLED <-> SERVER-WEBAPP Avaya IP Office Customer Call Reporter invalid file upload attempt (snort3-server-webapp.rules)
 * 1:27863 <-> DISABLED <-> SERVER-WEBAPP Ektron CMS XSLT transform remote code execution attempt (snort3-server-webapp.rules)
 * 1:27921 <-> DISABLED <-> SERVER-ORACLE Oracle Endeca Server createDataStore remote command injection attempt (snort3-server-oracle.rules)
 * 1:27937 <-> ENABLED <-> SERVER-OTHER HP ProCurve Manager SNAC UpdateCertificatesServlet directory traversal attempt (snort3-server-other.rules)
 * 1:27941 <-> ENABLED <-> SERVER-OTHER HP ProCurve Manager SNAC UpdateDomainControllerServlet directory traversal attempt (snort3-server-other.rules)
 * 1:27942 <-> ENABLED <-> SERVER-WEBAPP Sophos Web Protection Appliance sblistpack arbitrary command execution attempt (snort3-server-webapp.rules)
 * 1:28047 <-> DISABLED <-> SERVER-WEBAPP RaidSonic Multiple Products arbitrary command injection attempt (snort3-server-webapp.rules)
 * 1:28052 <-> DISABLED <-> SERVER-WEBAPP Linksys WRT110 ping.cgi remote command execution attempt (snort3-server-webapp.rules)
 * 1:28093 <-> DISABLED <-> SERVER-WEBAPP Western Digital Arkeia Appliance directory traversal attempt (snort3-server-webapp.rules)
 * 1:28124 <-> DISABLED <-> FILE-OTHER PCRE character class heap buffer overflow attempt (snort3-file-other.rules)
 * 1:28137 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ShrFmla record use after free attempt (snort3-file-office.rules)
 * 1:28145 <-> DISABLED <-> SERVER-WEBAPP OpenEMR information disclosure attempt (snort3-server-webapp.rules)
 * 1:28149 <-> DISABLED <-> SERVER-OTHER Quest Software Big Brother attempted arbitrary file deletion (snort3-server-other.rules)
 * 1:28150 <-> DISABLED <-> SERVER-OTHER Quest Software Big Brother attempted arbitrary file upload  (snort3-server-other.rules)
 * 1:28165 <-> DISABLED <-> PROTOCOL-VOIP attempted DOS detected (snort3-protocol-voip.rules)
 * 1:28227 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 211 buffer overflow attempt (snort3-server-other.rules)
 * 1:28251 <-> DISABLED <-> SERVER-WEBAPP Zabbix httpmon.php SQL injection attempt (snort3-server-webapp.rules)
 * 1:28252 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (snort3-file-pdf.rules)
 * 1:28263 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording integer overflow attempt (snort3-file-other.rules)
 * 1:28276 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (snort3-file-java.rules)
 * 1:28277 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (snort3-file-java.rules)
 * 1:28278 <-> DISABLED <-> SERVER-WEBAPP IBM Tivoli Provisioning Manager express user.updateUserValue sql injection attempt (snort3-server-webapp.rules)
 * 1:28289 <-> ENABLED <-> SERVER-WEBAPP Tenda W302R root remote code execution attempt (snort3-server-webapp.rules)
 * 1:28290 <-> ENABLED <-> SERVER-WEBAPP Tenda W302R iwpriv remote code execution attempt (snort3-server-webapp.rules)
 * 1:28361 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader malformed shading modifier heap corruption attempt (snort3-file-pdf.rules)
 * 1:28388 <-> DISABLED <-> FILE-PDF Adobe Acrobat TrueType font handling remote code execution attempt (snort3-file-pdf.rules)
 * 1:28389 <-> DISABLED <-> FILE-PDF Adobe Acrobat TrueType font handling remote code execution attempt (snort3-file-pdf.rules)
 * 1:28393 <-> DISABLED <-> SERVER-OTHER EMC Replication Manager irccd remote command execution attempt (snort3-server-other.rules)
 * 1:28394 <-> DISABLED <-> SERVER-OTHER EMC AlphaStore format string vulnerability exploit attempt (snort3-server-other.rules)
 * 1:28395 <-> DISABLED <-> SERVER-OTHER EMC AlphaStore format string vulnerability exploit attempt (snort3-server-other.rules)
 * 1:28396 <-> DISABLED <-> SERVER-OTHER EMC AlphaStore format string vulnerability exploit attempt (snort3-server-other.rules)
 * 1:28397 <-> DISABLED <-> SERVER-OTHER EMC AlphaStore format string vulnerability exploit attempt (snort3-server-other.rules)
 * 1:28398 <-> DISABLED <-> SERVER-OTHER EMC AlphaStore format string vulnerability exploit attempt (snort3-server-other.rules)
 * 1:28407 <-> ENABLED <-> SERVER-WEBAPP HP Intelligent Management Center BIMS UploadServlet arbitrary file upload attempt (snort3-server-webapp.rules)
 * 1:28427 <-> DISABLED <-> FILE-PDF Adobe Acrobat universal 3D format memory corruption attempt (snort3-file-pdf.rules)
 * 1:28448 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center BIMS bimsDownload directory traversal attempt (snort3-server-webapp.rules)
 * 1:28461 <-> DISABLED <-> FILE-PDF Adobe Acrobat font parsing integer overflow attempt (snort3-file-pdf.rules)
 * 1:28462 <-> DISABLED <-> FILE-PDF Adobe Acrobat font parsing integer overflow attempt (snort3-file-pdf.rules)
 * 1:28464 <-> ENABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (snort3-file-office.rules)
 * 1:28465 <-> ENABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (snort3-file-office.rules)
 * 1:28466 <-> ENABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (snort3-file-office.rules)
 * 1:28467 <-> ENABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (snort3-file-office.rules)
 * 1:28468 <-> ENABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (snort3-file-office.rules)
 * 1:28469 <-> ENABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (snort3-file-office.rules)
 * 1:28470 <-> ENABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (snort3-file-office.rules)
 * 1:28471 <-> ENABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (snort3-file-office.rules)
 * 1:28472 <-> ENABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (snort3-file-office.rules)
 * 1:28473 <-> ENABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (snort3-file-office.rules)
 * 1:28525 <-> ENABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (snort3-file-office.rules)
 * 1:28526 <-> ENABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (snort3-file-office.rules)
 * 1:28534 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML description attribute overflow attempt (snort3-file-other.rules)
 * 1:28535 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML description attribute overflow attempt (snort3-file-other.rules)
 * 1:28536 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML description attribute overflow attempt (snort3-file-other.rules)
 * 1:28537 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML description attribute overflow attempt (snort3-file-other.rules)
 * 1:28575 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Reader FDF submitForm cross-site scripting attempt (snort3-file-other.rules)
 * 1:28576 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Reader FDF submitForm cross-site scripting attempt (snort3-file-other.rules)
 * 1:28597 <-> ENABLED <-> FILE-PDF Adobe Acrobat and Adobe Acrobat Reader field dictionary null pointer dereference attempt (snort3-file-pdf.rules)
 * 1:28598 <-> ENABLED <-> FILE-PDF Adobe Acrobat and Adobe Acrobat Reader field dictionary null pointer dereference attempt (snort3-file-pdf.rules)
 * 1:28621 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (snort3-file-pdf.rules)
 * 1:28622 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed shading modifier heap corruption attempt (snort3-file-pdf.rules)
 * 1:28623 <-> DISABLED <-> FILE-PDF Adobe Acrobat font parsing integer overflow attempt (snort3-file-pdf.rules)
 * 1:28624 <-> DISABLED <-> FILE-PDF Adobe Acrobat font parsing integer overflow attempt (snort3-file-pdf.rules)
 * 1:28625 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader U3D rgba parsing overflow attempt (snort3-file-pdf.rules)
 * 1:28633 <-> DISABLED <-> FILE-PDF Adobe Acrobat Universal 3D stream memory corruption attempt (snort3-file-pdf.rules)
 * 1:28642 <-> DISABLED <-> FILE-PDF Adobe Acrobat TrueType font handling remote code execution attempt (snort3-file-pdf.rules)
 * 1:28643 <-> DISABLED <-> FILE-PDF Adobe Acrobat TrueType font handling remote code execution attempt (snort3-file-pdf.rules)
 * 1:28659 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader known malicious variable exploit attempt (snort3-file-pdf.rules)
 * 1:28709 <-> DISABLED <-> FILE-PDF Adobe Acrobat Universal 3D stream memory corruption attempt (snort3-file-pdf.rules)
 * 1:28746 <-> DISABLED <-> SERVER-WEBAPP SAP NetWeaver SXPG_CALL_SYSTEM remote code execution attempt (snort3-server-webapp.rules)
 * 1:28747 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader universal 3D format memory corruption attempt (snort3-file-pdf.rules)
 * 1:28748 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader universal 3D format memory corruption attempt (snort3-file-pdf.rules)
 * 1:28790 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader universal 3D stream memory corruption attempt (snort3-file-pdf.rules)
 * 1:28794 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SerAuxTrend biff record corruption attempt (snort3-file-office.rules)
 * 1:28818 <-> DISABLED <-> FILE-OTHER 7-Zip ARJ archive handling buffer overflow attempt (snort3-file-other.rules)
 * 1:28819 <-> DISABLED <-> FILE-OTHER 7-Zip ARJ archive handling buffer overflow attempt (snort3-file-other.rules)
 * 1:28831 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro d2d1.dll dll-load exploit attempt (snort3-file-other.rules)
 * 1:28833 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro ipl.dll dll-load exploit attempt (snort3-file-other.rules)
 * 1:28834 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uipl.dll dll-load exploit attempt (snort3-file-other.rules)
 * 1:28835 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uvipl.dll dll-load exploit attempt (snort3-file-other.rules)
 * 1:28836 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro wintab32.dll dll-load exploit attempt (snort3-file-other.rules)
 * 1:28837 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro d2d1.dll dll-load exploit attempt (snort3-file-other.rules)
 * 1:28839 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro ipl.dll dll-load exploit attempt (snort3-file-other.rules)
 * 1:28840 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uipl.dll dll-load exploit attempt (snort3-file-other.rules)
 * 1:28841 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uvipl.dll dll-load exploit attempt (snort3-file-other.rules)
 * 1:28842 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro wintab32.dll dll-load exploit attempt (snort3-file-other.rules)
 * 1:28843 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader javascript toolbar button use after free attempt (snort3-file-pdf.rules)
 * 1:28844 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader javascript toolbar button use after free attempt (snort3-file-pdf.rules)
 * 1:28845 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader javascript toolbar button use after free attempt (snort3-file-pdf.rules)
 * 1:28846 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader javascript toolbar button use after free attempt (snort3-file-pdf.rules)
 * 1:28867 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NDProxy.sys privilege escalation attempt (snort3-os-windows.rules)
 * 1:28868 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NDProxy.sys privilege escalation attempt (snort3-os-windows.rules)
 * 1:28869 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NDProxy.sys privilege escalation attempt (snort3-os-windows.rules)
 * 1:28870 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NDProxy.sys privilege escalation attempt (snort3-os-windows.rules)
 * 1:28871 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NDProxy.sys privilege escalation attempt (snort3-os-windows.rules)
 * 1:28872 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NDProxy.sys privilege escalation attempt (snort3-os-windows.rules)
 * 1:28902 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (snort3-file-other.rules)
 * 1:28903 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (snort3-file-other.rules)
 * 1:28904 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (snort3-file-other.rules)
 * 1:28905 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (snort3-file-other.rules)
 * 1:28906 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (snort3-file-other.rules)
 * 1:28907 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (snort3-file-other.rules)
 * 1:28908 <-> DISABLED <-> SERVER-OTHER Nagios core config manager tfpassword sql injection attempt (snort3-server-other.rules)
 * 1:28909 <-> DISABLED <-> SERVER-WEBAPP OTManager ADM_Pagina.php remote file include attempt (snort3-server-webapp.rules)
 * 1:28910 <-> DISABLED <-> SERVER-WEBAPP mcRefer install.php arbitrary PHP code injection attempt (snort3-server-webapp.rules)
 * 1:28912 <-> DISABLED <-> SERVER-WEBAPP Joomla simple RSS reader admin.rssreader.php remote file include attempt (snort3-server-webapp.rules)
 * 1:28915 <-> ENABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster.verify method integer overflow attempt (snort3-file-java.rules)
 * 1:28916 <-> ENABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster.verify method integer overflow attempt (snort3-file-java.rules)
 * 1:28917 <-> DISABLED <-> PROTOCOL-SCADA Microsys Promotic directory traversal attempt (snort3-protocol-scada.rules)
 * 1:28936 <-> DISABLED <-> SERVER-WEBAPP Horde groupware webmail edition ingo filter cross-site request forgery attempt (snort3-server-webapp.rules)
 * 1:28937 <-> DISABLED <-> SERVER-WEBAPP HP SiteScope issuesiebelcmd soap request code execution attempt (snort3-server-webapp.rules)
 * 1:28942 <-> DISABLED <-> SERVER-WEBAPP BoonEx Dolphin 6.1.2 remote file include attempt (snort3-server-webapp.rules)
 * 1:28943 <-> DISABLED <-> SERVER-WEBAPP BoonEx Dolphin 6.1.2 remote file include attempt (snort3-server-webapp.rules)
 * 1:28944 <-> DISABLED <-> SERVER-WEBAPP BoonEx Dolphin 6.1.2 remote file include attempt (snort3-server-webapp.rules)
 * 1:28946 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint server callback function cross-site scripting attempt (snort3-server-webapp.rules)
 * 1:28956 <-> DISABLED <-> SERVER-WEBAPP Novell Zenworks configuration management umaninv information disclosure attempt (snort3-server-webapp.rules)
 * 1:28957 <-> DISABLED <-> SERVER-WEBAPP RSS-aggregator display.php remote file include attempt (snort3-server-webapp.rules)
 * 1:28961 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer RealMedia URL length buffer overflow attempt (snort3-file-multimedia.rules)
 * 1:28962 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer RealMedia URL length buffer overflow attempt (snort3-file-multimedia.rules)
 * 1:28993 <-> DISABLED <-> PROTOCOL-VOIP Sipvicious User-Agent detected (snort3-protocol-voip.rules)
 * 1:28998 <-> DISABLED <-> OS-LINUX Linux kernel ARM put_user write outside process address space privilege escalation attempt (snort3-os-linux.rules)
 * 1:28999 <-> DISABLED <-> OS-LINUX Linux kernel ARM put_user write outside process address space privilege escalation attempt (snort3-os-linux.rules)
 * 1:29005 <-> DISABLED <-> SERVER-WEBAPP IBM Platform Symphony SOAP request processing buffer overflow attempt (snort3-server-webapp.rules)
 * 1:29014 <-> DISABLED <-> OS-WINDOWS Microsoft Windows embedded OpenType font engine LZX decompression buffer overflow attempt (snort3-os-windows.rules)
 * 1:29017 <-> ENABLED <-> SERVER-WEBAPP HP LoadRunner Virtual User Generator EmulationAdmin directory traversal attempt (snort3-server-webapp.rules)
 * 1:29018 <-> DISABLED <-> SERVER-WEBAPP HP LoadRunner Virtual User Generator EmulationAdmin getReport SQL injection attempt (snort3-server-webapp.rules)
 * 1:29019 <-> ENABLED <-> SERVER-WEBAPP HP LoadRunner Virtual User Generator EmulationAdmin directory traversal attempt (snort3-server-webapp.rules)
 * 1:29028 <-> DISABLED <-> SERVER-MSSQL Microsoft SQL Server TDS packet fragment handling remote denial of service attempt (snort3-server-mssql.rules)
 * 1:29029 <-> DISABLED <-> SERVER-MSSQL Microsoft SQL Server TDS packet fragment handling remote denial of service attempt (snort3-server-mssql.rules)
 * 1:29040 <-> DISABLED <-> SERVER-WEBAPP Zimbra remote code execution attempt (snort3-server-webapp.rules)
 * 1:29041 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Data Center Network Manager processImageSave.jsp directory traversal attempt (snort3-server-webapp.rules)
 * 1:29042 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Data Center Network Manager processImageSave.jsp directory traversal attempt (snort3-server-webapp.rules)
 * 1:29061 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash Player memory corruption attempt (snort3-file-multimedia.rules)
 * 1:29062 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader malformed JBIG2 decode segment null pointer crash attempt (snort3-file-pdf.rules)
 * 1:29063 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader malformed JBIG2 decode segment null pointer crash attempt (snort3-file-pdf.rules)
 * 1:29110 <-> DISABLED <-> SERVER-WEBAPP Symantec Messaging Gateway save.do cross site request forgery attempt (snort3-server-webapp.rules)
 * 1:29118 <-> DISABLED <-> SERVER-WEBAPP Novell Groupwise Messenger Server process memory information disclosure attempt (snort3-server-webapp.rules)
 * 1:29141 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Data Center Network Manager FileUploadServlet arbitrary file upload attempt (snort3-server-webapp.rules)
 * 1:29142 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Data Center Network Manager FileUploadServlet arbitrary file upload attempt (snort3-server-webapp.rules)
 * 1:29182 <-> ENABLED <-> FILE-OTHER RealNetworks RealPlayer RMP stack buffer overflow attempt (snort3-file-other.rules)
 * 1:29183 <-> ENABLED <-> FILE-OTHER RealNetworks RealPlayer RMP stack buffer overflow attempt (snort3-file-other.rules)
 * 1:29184 <-> ENABLED <-> FILE-OTHER RealNetworks RealPlayer RMP stack buffer overflow attempt (snort3-file-other.rules)
 * 1:29185 <-> ENABLED <-> FILE-OTHER RealNetworks RealPlayer RMP stack buffer overflow attempt (snort3-file-other.rules)
 * 1:29192 <-> DISABLED <-> SERVER-WEBAPP Zimbra remote code execution attempt (snort3-server-webapp.rules)
 * 1:29193 <-> DISABLED <-> SERVER-WEBAPP Zimbra remote code execution attempt (snort3-server-webapp.rules)
 * 1:29207 <-> ENABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (snort3-file-other.rules)
 * 1:29208 <-> ENABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (snort3-file-other.rules)
 * 1:29209 <-> ENABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (snort3-file-other.rules)
 * 1:29210 <-> ENABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (snort3-file-other.rules)
 * 1:29211 <-> ENABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (snort3-file-other.rules)
 * 1:29212 <-> ENABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (snort3-file-other.rules)
 * 1:29267 <-> DISABLED <-> SERVER-WEBAPP Nagios3 statuswml.cgi remote command execution attempt (snort3-server-webapp.rules)
 * 1:29277 <-> DISABLED <-> FILE-OTHER IBM Forms Viewer XFDL form processing stack buffer overflow attempt (snort3-file-other.rules)
 * 1:29278 <-> DISABLED <-> FILE-OTHER IBM Forms Viewer XFDL form processing stack buffer overflow attempt (snort3-file-other.rules)
 * 1:29279 <-> DISABLED <-> FILE-OTHER IBM Forms Viewer XFDL form processing stack buffer overflow attempt (snort3-file-other.rules)
 * 1:29280 <-> DISABLED <-> FILE-OTHER IBM Forms Viewer XFDL form processing stack buffer overflow attempt (snort3-file-other.rules)
 * 1:29296 <-> ENABLED <-> SERVER-WEBAPP Red Hat CloudForms agent controller filename directory traversal attempt (snort3-server-webapp.rules)
 * 1:29297 <-> ENABLED <-> SERVER-WEBAPP Red Hat CloudForms agent controller filename directory traversal attempt (snort3-server-webapp.rules)
 * 1:29362 <-> DISABLED <-> SERVER-OTHER Novell NetWare AFP denial of service attempt (snort3-server-other.rules)
 * 1:29387 <-> ENABLED <-> SERVER-WEBAPP Synology DiskStation Manager SLICEUPLOAD remote command execution attempt (snort3-server-webapp.rules)
 * 1:29390 <-> ENABLED <-> SERVER-WEBAPP EMC Connectrix Manager FileUploadController directory traversal attempt (snort3-server-webapp.rules)
 * 1:29391 <-> ENABLED <-> SERVER-WEBAPP EMC Connectrix Manager FileUploadController directory traversal attempt (snort3-server-webapp.rules)
 * 1:29392 <-> ENABLED <-> SERVER-WEBAPP EMC Connectrix Manager FileUploadController directory traversal attempt (snort3-server-webapp.rules)
 * 1:29400 <-> DISABLED <-> SERVER-WEBAPP vTiger CRM AddEmailAttachment directory traversal attempt (snort3-server-webapp.rules)
 * 1:29409 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader javascript toolbar button use after free attempt (snort3-file-pdf.rules)
 * 1:29410 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader javascript toolbar button use after free attempt (snort3-file-pdf.rules)
 * 1:29418 <-> DISABLED <-> OS-MOBILE Android signature validation bypass APK file download attempt (snort3-os-mobile.rules)
 * 1:29419 <-> DISABLED <-> OS-MOBILE Android signature validation bypass APK file download attempt (snort3-os-mobile.rules)
 * 1:29465 <-> DISABLED <-> FILE-OTHER Corel PDF fusion XPS stack buffer overflow attempt (snort3-file-other.rules)
 * 1:29466 <-> DISABLED <-> FILE-OTHER Corel PDF fusion XPS stack buffer overflow attempt (snort3-file-other.rules)
 * 1:29467 <-> DISABLED <-> FILE-OTHER Corel PDF fusion XPS stack buffer overflow attempt (snort3-file-other.rules)
 * 1:29468 <-> DISABLED <-> FILE-OTHER Corel PDF fusion XPS stack buffer overflow attempt (snort3-file-other.rules)
 * 1:29485 <-> ENABLED <-> SERVER-WEBAPP EMC Connectrix Manager ManualBootImageUpload directory traversal attempt (snort3-server-webapp.rules)
 * 1:29486 <-> ENABLED <-> SERVER-WEBAPP EMC Connectrix Manager ManualBootImageUpload directory traversal attempt (snort3-server-webapp.rules)
 * 1:29487 <-> ENABLED <-> SERVER-WEBAPP EMC Connectrix Manager ManualBootImageUpload directory traversal attempt (snort3-server-webapp.rules)
 * 1:29488 <-> ENABLED <-> SERVER-WEBAPP EMC Connectrix Manager ManualBootImageUpload directory traversal attempt (snort3-server-webapp.rules)
 * 1:29490 <-> ENABLED <-> FILE-JAVA Oracle Java ShortComponentRaster integer overflow attempt (snort3-file-java.rules)
 * 1:29491 <-> ENABLED <-> FILE-JAVA Oracle Java ShortComponentRaster integer overflow attempt (snort3-file-java.rules)
 * 1:29498 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center sdFileDownload information disclosure attempt (snort3-server-webapp.rules)
 * 1:29499 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center sdFileDownload information disclosure attempt (snort3-server-webapp.rules)
 * 1:29516 <-> DISABLED <-> SERVER-OTHER HP LeftHand Virtual SAN hydra information disclosure attempt (snort3-server-other.rules)
 * 1:29517 <-> DISABLED <-> SERVER-OTHER HP LeftHand Virtual SAN hydra information disclosure attempt (snort3-server-other.rules)
 * 1:29520 <-> DISABLED <-> FILE-MULTIMEDIA Flip4Mac Windows media components WMV parsing memory corruption attempt (snort3-file-multimedia.rules)
 * 1:29521 <-> DISABLED <-> FILE-MULTIMEDIA Flip4Mac Windows media components WMV parsing memory corruption attempt (snort3-file-multimedia.rules)
 * 1:29526 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (snort3-file-other.rules)
 * 1:29527 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (snort3-file-other.rules)
 * 1:29528 <-> DISABLED <-> SERVER-OTHER OpenView Network Node Manager ovalarmsrv opcode 46 integer overflow attempt (snort3-server-other.rules)
 * 1:29529 <-> DISABLED <-> SERVER-OTHER OpenView Network Node Manager ovalarmsrv opcode 47 integer overflow attempt (snort3-server-other.rules)
 * 1:29530 <-> DISABLED <-> SERVER-OTHER OpenView Network Node Manager ovalarmsrv opcode 54 integer overflow attempt (snort3-server-other.rules)
 * 1:29531 <-> DISABLED <-> SERVER-OTHER OpenView Network Node Manager ovalarmsrv opcode 25 integer overflow attempt (snort3-server-other.rules)
 * 1:29532 <-> DISABLED <-> SERVER-OTHER OpenView Network Node Manager ovalarmsrv opcode 81 integer overflow attempt (snort3-server-other.rules)
 * 1:29535 <-> DISABLED <-> FILE-JAVA Oracle Java Rhino script engine remote code execution attempt (snort3-file-java.rules)
 * 1:29537 <-> DISABLED <-> SERVER-WEBAPP HP SiteScope APIMonitorImpl information disclosure attempt (snort3-server-webapp.rules)
 * 1:29570 <-> DISABLED <-> FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (snort3-file-other.rules)
 * 1:29571 <-> DISABLED <-> FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (snort3-file-other.rules)
 * 1:29572 <-> DISABLED <-> FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (snort3-file-other.rules)
 * 1:29573 <-> DISABLED <-> FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (snort3-file-other.rules)
 * 1:29574 <-> DISABLED <-> FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (snort3-file-other.rules)
 * 1:29575 <-> DISABLED <-> FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (snort3-file-other.rules)
 * 1:29576 <-> DISABLED <-> FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (snort3-file-other.rules)
 * 1:29577 <-> DISABLED <-> FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (snort3-file-other.rules)
 * 1:29581 <-> DISABLED <-> SERVER-OTHER CA Brightstor SUN RPC malformed string buffer overflow attempt (snort3-server-other.rules)
 * 1:29592 <-> DISABLED <-> SERVER-APACHE Apache Struts wildcard matching OGNL remote code execution attempt (snort3-server-apache.rules)
 * 1:29596 <-> DISABLED <-> SERVER-WEBAPP HP SiteScope soap request code execution attempt (snort3-server-webapp.rules)
 * 1:29597 <-> DISABLED <-> SERVER-WEBAPP HP SiteScope soap request code execution attempt (snort3-server-webapp.rules)
 * 1:29605 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp integer overflow attempt (snort3-file-java.rules)
 * 1:29606 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp integer overflow attempt (snort3-file-java.rules)
 * 1:29610 <-> DISABLED <-> SERVER-OTHER IBM Cognos TM1 Server tm1admsd.exe buffer overflow attempt (snort3-server-other.rules)
 * 1:29611 <-> DISABLED <-> SERVER-OTHER IBM Cognos TM1 Server tm1admsd.exe buffer overflow attempt (snort3-server-other.rules)
 * 1:29622 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed shading modifier heap corruption attempt (snort3-file-pdf.rules)
 * 1:29639 <-> DISABLED <-> SERVER-APACHE Apache Struts wildcard matching OGNL remote code execution attempt (snort3-server-apache.rules)
 * 1:29647 <-> DISABLED <-> SERVER-APACHE Apache Roller OGNL injection remote code execution attempt (snort3-server-apache.rules)
 * 1:29648 <-> DISABLED <-> SERVER-APACHE Apache Roller OGNL injection remote code execution attempt (snort3-server-apache.rules)
 * 1:29649 <-> DISABLED <-> SERVER-APACHE Apache Roller allowStaticMethodAccess invocation attempt (snort3-server-apache.rules)
 * 1:29669 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader pattern object memory corruption attempt (snort3-file-pdf.rules)
 * 1:29746 <-> DISABLED <-> SERVER-WEBAPP Symantec Web Gateway languagetest.php language parameter directory traversal attempt (snort3-server-webapp.rules)
 * 1:29750 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center SOM authentication bypass attempt (snort3-server-webapp.rules)
 * 1:29751 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center SOM authentication bypass attempt (snort3-server-webapp.rules)
 * 1:29752 <-> ENABLED <-> SERVER-WEBAPP HP Intelligent Management Center SOM authentication bypass attempt (snort3-server-webapp.rules)
 * 1:29756 <-> DISABLED <-> SERVER-WEBAPP IBM Tivoli Provisioning Manager express user.updateUserValue sql injection attempt (snort3-server-webapp.rules)
 * 1:29792 <-> DISABLED <-> SERVER-OTHER Novell iPrint Server remote code execution attempt (snort3-server-other.rules)
 * 1:29798 <-> DISABLED <-> SERVER-WEBAPP CuteFlow pre-authenticated admin account creation attempt (snort3-server-webapp.rules)
 * 1:29799 <-> DISABLED <-> SERVER-WEBAPP CuteFlow pre-authenticated admin account creation attempt (snort3-server-webapp.rules)
 * 1:29808 <-> DISABLED <-> SERVER-WEBAPP Nagios XI alert cloud cross site scripting attempt (snort3-server-webapp.rules)
 * 1:29823 <-> DISABLED <-> OS-WINDOWS Microsoft Windows secure channel malformed certificate request memory corruption attempt (snort3-os-windows.rules)
 * 1:29937 <-> DISABLED <-> SERVER-OTHER SAP NetWeaver Dispatcher DiagTraceR3Info buffer overflow attempt (snort3-server-other.rules)
 * 1:29939 <-> DISABLED <-> SERVER-OTHER EMC AlphaStore buffer overflow attempt (snort3-server-other.rules)
 * 1:29940 <-> DISABLED <-> SERVER-OTHER EMC AlphaStore buffer overflow attempt (snort3-server-other.rules)
 * 1:29941 <-> DISABLED <-> SERVER-OTHER EMC AlphaStore buffer overflow attempt (snort3-server-other.rules)
 * 1:29942 <-> DISABLED <-> SERVER-OTHER EMC AlphaStore buffer overflow attempt (snort3-server-other.rules)
 * 1:29946 <-> DISABLED <-> SERVER-OTHER IBM DB2 Universal Database receiveDASMessage buffer overflow attempt (snort3-server-other.rules)
 * 1:29947 <-> DISABLED <-> SERVER-OTHER IBM DB2 Universal Database receiveDASMessage buffer overflow attempt (snort3-server-other.rules)
 * 1:29948 <-> DISABLED <-> SERVER-OTHER IBM DB2 Universal Database receiveDASMessage buffer overflow attempt (snort3-server-other.rules)
 * 1:29950 <-> DISABLED <-> SERVER-OTHER TP-Link TL-WR740N wireless router remote denial of service attempt (snort3-server-other.rules)
 * 1:29967 <-> DISABLED <-> SERVER-OTHER Python socket.recvfrom_into remote buffer overflow attempt (snort3-server-other.rules)
 * 1:29968 <-> DISABLED <-> SERVER-OTHER Python socket.recvfrom_into remote buffer overflow attempt (snort3-server-other.rules)
 * 1:29992 <-> DISABLED <-> SERVER-WEBAPP Linksys WRT120N tmUnblock.cgi TM_Block_URL parameter fprintf stack buffer overflow attempt (snort3-server-webapp.rules)
 * 1:30010 <-> DISABLED <-> SERVER-APACHE Apache Solr SolrResourceLoader directory traversal attempt (snort3-server-apache.rules)
 * 1:30011 <-> DISABLED <-> SERVER-WEBAPP GE Proficy CIMPLICITY CimWebServer remote code execution attempt (snort3-server-webapp.rules)
 * 1:30012 <-> DISABLED <-> SERVER-WEBAPP ESF pfSense Snort log view remote file inclusion attempt (snort3-server-webapp.rules)
 * 1:30013 <-> DISABLED <-> SERVER-WEBAPP ESF pfSense Snort log view remote file inclusion attempt (snort3-server-webapp.rules)
 * 1:30031 <-> DISABLED <-> SERVER-WEBAPP IBM Lotus Domino stack buffer overflow attempt (snort3-server-webapp.rules)
 * 1:30032 <-> DISABLED <-> SERVER-OTHER Borland VisiBroker Smart Agent heap overflow attempt (snort3-server-other.rules)
 * 1:30150 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash Player memory corruption attempt (snort3-file-multimedia.rules)
 * 1:30151 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash Player memory corruption attempt (snort3-file-multimedia.rules)
 * 1:30152 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash Player memory corruption attempt (snort3-file-multimedia.rules)
 * 1:30199 <-> DISABLED <-> SERVER-WEBAPP PHP DateInterval heap buffer overread denial of service attempt (snort3-server-webapp.rules)
 * 1:30200 <-> DISABLED <-> SERVER-WEBAPP PHP DateInterval heap buffer overread denial of service attempt (snort3-server-webapp.rules)
 * 1:30205 <-> ENABLED <-> SERVER-OTHER HP AIO Archive Query Server stack buffer overflow attempt (snort3-server-other.rules)
 * 1:30206 <-> ENABLED <-> SERVER-OTHER HP AIO Archive Query Server stack buffer overflow attempt (snort3-server-other.rules)
 * 1:30207 <-> ENABLED <-> SERVER-OTHER HP AIO Archive Query Server stack buffer overflow attempt (snort3-server-other.rules)
 * 1:30215 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player Live555 RTSP plugin stack-based buffer overflow attempt (snort3-file-multimedia.rules)
 * 1:30263 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector opcode 42 directory traversal attempt (snort3-server-other.rules)
 * 1:30264 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector opcode 42 directory traversal attempt (snort3-server-other.rules)
 * 1:30265 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector opcode 42 directory traversal attempt (snort3-server-other.rules)
 * 1:30266 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector opcode 42 directory traversal attempt (snort3-server-other.rules)
 * 1:30267 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector opcode 42 directory traversal attempt (snort3-server-other.rules)
 * 1:30268 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector opcode 42 directory traversal attempt (snort3-server-other.rules)
 * 1:30280 <-> DISABLED <-> SERVER-WEBAPP FreePBX config.php remote code execution attempt (snort3-server-webapp.rules)
 * 1:30291 <-> DISABLED <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt (snort3-server-webapp.rules)
 * 1:30292 <-> DISABLED <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt (snort3-server-webapp.rules)
 * 1:30293 <-> DISABLED <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt (snort3-server-webapp.rules)
 * 1:30294 <-> DISABLED <-> SERVER-WEBAPP SePortal poll.php SQL injection attempt (snort3-server-webapp.rules)
 * 1:30295 <-> DISABLED <-> SERVER-WEBAPP SePortal print.php SQL injection attempt (snort3-server-webapp.rules)
 * 1:30296 <-> DISABLED <-> SERVER-WEBAPP SePortal staticpages.php SQL injection attempt (snort3-server-webapp.rules)
 * 1:30305 <-> DISABLED <-> SERVER-WEBAPP Horde Framework variables.php unserialize PHP code execution attempt (snort3-server-webapp.rules)
 * 1:30307 <-> DISABLED <-> SERVER-WEBAPP EMC Connectrix Manager FileUploadController directory traversal attempt (snort3-server-webapp.rules)
 * 1:30329 <-> DISABLED <-> SERVER-OTHER McAfee Asset Manager downloadReport information disclosure attempt (snort3-server-other.rules)
 * 1:30330 <-> DISABLED <-> SERVER-OTHER McAfee Asset Manager downloadReport information disclosure attempt (snort3-server-other.rules)
 * 1:30343 <-> DISABLED <-> SERVER-WEBAPP Joomla weblinks-categories SQL injection attempt (snort3-server-webapp.rules)
 * 1:30526 <-> DISABLED <-> SERVER-WEBAPP Joomla komento extension cross site scripting attempt (snort3-server-webapp.rules)
 * 1:30527 <-> DISABLED <-> SERVER-WEBAPP Joomla komento extension cross site scripting attempt (snort3-server-webapp.rules)
 * 1:30528 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader javascript toolbar button use after free attempt (snort3-file-pdf.rules)
 * 1:30529 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader javascript toolbar button use after free attempt (snort3-file-pdf.rules)
 * 1:30774 <-> DISABLED <-> SERVER-WEBAPP Splunk collect file parameter directory traversal attempt (snort3-server-webapp.rules)
 * 1:30790 <-> DISABLED <-> SERVER-APACHE Apache Struts ParametersInterceptor classloader access attempt (snort3-server-apache.rules)
 * 1:30792 <-> DISABLED <-> SERVER-APACHE Apache Struts ParametersInterceptor classloader access attempt (snort3-server-apache.rules)
 * 1:30797 <-> DISABLED <-> PROTOCOL-SCADA Yokogawa CENTUM CS 3000 RETR bkbcopyd buffer overflow attempt (snort3-protocol-scada.rules)
 * 1:30798 <-> DISABLED <-> PROTOCOL-SCADA Yokogawa CENTUM CS 3000 STOR bkbcopyd buffer overflow attempt (snort3-protocol-scada.rules)
 * 1:30799 <-> DISABLED <-> PROTOCOL-SCADA Yokogawa CENTUM CS 3000 ATTR bkbcopyd buffer overflow attempt (snort3-protocol-scada.rules)
 * 1:30800 <-> DISABLED <-> PROTOCOL-SCADA Yokogawa CENTUM CS 3000 XATR bkbcopyd buffer overflow attempt (snort3-protocol-scada.rules)
 * 1:30801 <-> DISABLED <-> PROTOCOL-SCADA Yokogawa CENTUM CS 3000 PMODE bkbcopyd buffer overflow attempt (snort3-protocol-scada.rules)
 * 1:30802 <-> ENABLED <-> PROTOCOL-SCADA Yokogawa CENTUM CS 3000 bkclogserv buffer overflow attempt (snort3-protocol-scada.rules)
 * 1:3085 <-> DISABLED <-> SERVER-OTHER AOL Instant Messenger goaway message buffer overflow attempt (snort3-server-other.rules)
 * 1:30876 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (snort3-file-multimedia.rules)
 * 1:30877 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (snort3-file-multimedia.rules)
 * 1:30928 <-> ENABLED <-> SERVER-OTHER SAP NetWeaver dir content listing attempt (snort3-server-other.rules)
 * 1:30944 <-> DISABLED <-> SERVER-APACHE Apache Struts CookieInterceptor classloader access attempt (snort3-server-apache.rules)
 * 1:31015 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader integer overflow attempt (snort3-file-pdf.rules)
 * 1:31016 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader integer overflow attempt (snort3-file-pdf.rules)
 * 1:31021 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader api call handling arbitrary execution attempt (snort3-file-pdf.rules)
 * 1:31022 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader api call handling arbitrary execution attempt (snort3-file-pdf.rules)
 * 1:31056 <-> DISABLED <-> PROTOCOL-SNMP Motorola Netopia 3347 series WEP key enumeration attempt (snort3-protocol-snmp.rules)
 * 1:31057 <-> DISABLED <-> PROTOCOL-SNMP Motorola Netopia 3347 series WPA key enumeration attempt (snort3-protocol-snmp.rules)
 * 1:31058 <-> DISABLED <-> PROTOCOL-SNMP Brocade snAgentUserAccntName enumeration attempt (snort3-protocol-snmp.rules)
 * 1:31059 <-> DISABLED <-> PROTOCOL-SNMP Brocade snAgentUserAccntPassword enumeration attempt (snort3-protocol-snmp.rules)
 * 1:31067 <-> DISABLED <-> SERVER-WEBAPP Advantech WebAccess ChartThemeConfig SQL injection attempt (snort3-server-webapp.rules)
 * 1:31068 <-> DISABLED <-> SERVER-OTHER F5 BIG-IP iControl API hostname command injection attempt (snort3-server-other.rules)
 * 1:31095 <-> DISABLED <-> PROTOCOL-SNMP Ubee DDW3611 series WEP key enumeration attempt (snort3-protocol-snmp.rules)
 * 1:31096 <-> DISABLED <-> PROTOCOL-SNMP Ubee DDW3611 series WPA key enumeration attempt (snort3-protocol-snmp.rules)
 * 1:31097 <-> DISABLED <-> PROTOCOL-SNMP CableHome Devices cabhPsDevUIPassword enumeration attempt (snort3-protocol-snmp.rules)
 * 1:31098 <-> DISABLED <-> PROTOCOL-SNMP Ubee U10C019 series WEP key enumeration attempt (snort3-protocol-snmp.rules)
 * 1:31099 <-> DISABLED <-> PROTOCOL-SNMP Ubee U10C019 series WPA key enumeration attempt (snort3-protocol-snmp.rules)
 * 1:31100 <-> DISABLED <-> PROTOCOL-SNMP Ubee U10C019 series password enumeration attempt (snort3-protocol-snmp.rules)
 * 1:31103 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (snort3-file-pdf.rules)
 * 1:31104 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (snort3-file-pdf.rules)
 * 1:31105 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (snort3-file-pdf.rules)
 * 1:31106 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (snort3-file-pdf.rules)
 * 1:31128 <-> DISABLED <-> PROTOCOL-FTP CoreFTP FTP Server TYPE command denial of service attempt (snort3-protocol-ftp.rules)
 * 1:31143 <-> DISABLED <-> SERVER-WEBAPP CA ERwin Web Portal ConfigServiceProvider directory traversal attempt (snort3-server-webapp.rules)
 * 1:31148 <-> DISABLED <-> SERVER-WEBAPP Supermicro Intelligent Management Controller login.cgi buffer overflow attempt (snort3-server-webapp.rules)
 * 1:31149 <-> DISABLED <-> SERVER-WEBAPP Supermicro Intelligent Management Controller login.cgi buffer overflow attempt (snort3-server-webapp.rules)
 * 1:31157 <-> DISABLED <-> SERVER-WEBAPP Cogent DataHub getpermissions.asp command injection attempt (snort3-server-webapp.rules)
 * 1:31158 <-> DISABLED <-> SERVER-WEBAPP Cogent DataHub getpermissions.asp command injection attempt (snort3-server-webapp.rules)
 * 1:31159 <-> DISABLED <-> SERVER-WEBAPP Cogent DataHub getpermissions.asp command injection attempt (snort3-server-webapp.rules)
 * 1:31160 <-> DISABLED <-> SERVER-WEBAPP Cogent DataHub getpermissions.asp command injection attempt (snort3-server-webapp.rules)
 * 1:31176 <-> DISABLED <-> SERVER-OTHER GnuTLS Server Hello Session ID heap overflow attempt (snort3-server-other.rules)
 * 1:31177 <-> DISABLED <-> SERVER-OTHER GnuTLS Server Hello Session ID heap overflow attempt (snort3-server-other.rules)
 * 1:31178 <-> DISABLED <-> SERVER-OTHER GnuTLS Server Hello Session ID heap overflow attempt (snort3-server-other.rules)
 * 1:31179 <-> DISABLED <-> SERVER-OTHER GnuTLS Server Hello Session ID heap overflow attempt (snort3-server-other.rules)
 * 1:31195 <-> DISABLED <-> SERVER-WEBAPP VMTurbo Operations Manager directory traversal attempt (snort3-server-webapp.rules)
 * 1:31210 <-> ENABLED <-> SERVER-WEBAPP Supermicro Intelligent Management Controller close_window.cgi buffer overflow attempt (snort3-server-webapp.rules)
 * 1:31211 <-> ENABLED <-> SERVER-WEBAPP Supermicro Intelligent Management Controller close_window.cgi buffer overflow attempt (snort3-server-webapp.rules)
 * 1:31259 <-> DISABLED <-> SERVER-WEBAPP Supermicro Intelligent Management Controller url_redirect.cgi directory traversal attempt (snort3-server-webapp.rules)
 * 1:31300 <-> ENABLED <-> SERVER-OTHER Xerox DocuShare SQL injection attempt (snort3-server-other.rules)
 * 1:31305 <-> DISABLED <-> SERVER-WEBAPP Rocket Servergraph Admin Center fileRequestor directory traversal attempt (snort3-server-webapp.rules)
 * 1:31310 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word SmartTag record code execution attempt (snort3-file-office.rules)
 * 1:31311 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word SmartTag record code execution attempt (snort3-file-office.rules)
 * 1:31312 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word SmartTag record code execution attempt (snort3-file-office.rules)
 * 1:31330 <-> ENABLED <-> SERVER-WEBAPP AlienVault OSSIM av-centerd update_system_info_debian_package command injection attempt (snort3-server-webapp.rules)
 * 1:31337 <-> DISABLED <-> SERVER-OTHER Nagios NRPE command execution attempt (snort3-server-other.rules)
 * 1:31338 <-> DISABLED <-> SERVER-OTHER OpenAFS GetStatistics buffer overflow attempt (snort3-server-other.rules)
 * 1:31360 <-> DISABLED <-> SERVER-WEBAPP PHP include parameter remote file include attempt (snort3-server-webapp.rules)
 * 1:31362 <-> DISABLED <-> SERVER-WEBAPP MiniBB PHP arbitrary remote code execution attempt (snort3-server-webapp.rules)
 * 1:31363 <-> DISABLED <-> SERVER-WEBAPP MF Piadas admin.php page parameter PHP remote file include attempt (snort3-server-webapp.rules)
 * 1:31364 <-> DISABLED <-> SERVER-WEBAPP FlashGameScript index.php func parameter PHP remote file include attempt (snort3-server-webapp.rules)
 * 1:31366 <-> ENABLED <-> FILE-JAVA Oracle Java sun.tracing.ProviderSkeleton sandbox bypass attempt (snort3-file-java.rules)
 * 1:31367 <-> ENABLED <-> FILE-JAVA Oracle Java sun.tracing.ProviderSkeleton sandbox bypass attempt (snort3-file-java.rules)
 * 1:31373 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM ovwebsnmpsrv.exe command line argument buffer overflow attempt (snort3-server-webapp.rules)
 * 1:31376 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer mpeg width integer memory underflow attempt (snort3-file-multimedia.rules)
 * 1:31377 <-> DISABLED <-> SERVER-WEBAPP PHP includedir parameter remote file include attempt (snort3-server-webapp.rules)
 * 1:31378 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Converter sprmTSplit overflow attempt (snort3-file-office.rules)
 * 1:31379 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Converter sprmTTextFflow overflow attempt (snort3-file-office.rules)
 * 1:31411 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder wmerrorDAN.dll dll-load exploit attempt (snort3-os-windows.rules)
 * 1:31412 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder winietDAN.dll dll-load exploit attempt (snort3-os-windows.rules)
 * 1:31413 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder asferrorDAN.dll dll-load exploit attempt (snort3-os-windows.rules)
 * 1:31414 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder wmerrorDAN.dll dll-load exploit attempt (snort3-os-windows.rules)
 * 1:31415 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder winietDAN.dll dll-load exploit attempt (snort3-os-windows.rules)
 * 1:31416 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder asferrorDAN.dll dll-load exploit attempt (snort3-os-windows.rules)
 * 1:31425 <-> DISABLED <-> SERVER-WEBAPP PHP Simple Shop abs_path parameter PHP remote file include attempt (snort3-server-webapp.rules)
 * 1:31426 <-> DISABLED <-> SERVER-WEBAPP Jevontech PHPenpals PersonalID SQL injection attempt (snort3-server-webapp.rules)
 * 1:31429 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint server callback function cross-site scripting attempt (snort3-server-webapp.rules)
 * 1:31439 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader Texture Declaration buffer overflow attempt (snort3-file-pdf.rules)
 * 1:31440 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader Texture Declaration buffer overflow attempt (snort3-file-pdf.rules)
 * 1:31443 <-> DISABLED <-> SERVER-WEBAPP ActiveState ActivePerl perlIIS.dll server URI buffer overflow attempt (snort3-server-webapp.rules)
 * 1:31497 <-> DISABLED <-> SERVER-WEBAPP Oracle Event Processing FileUploadServlet directory traversal attempt (snort3-server-webapp.rules)
 * 1:31498 <-> DISABLED <-> SERVER-WEBAPP Oracle Event Processing FileUploadServlet directory traversal attempt (snort3-server-webapp.rules)
 * 1:31505 <-> ENABLED <-> SERVER-WEBAPP AlienVault OSSIM av-centerd get_license command injection attempt (snort3-server-webapp.rules)
 * 1:31506 <-> ENABLED <-> SERVER-WEBAPP AlienVault OSSIM av-centerd get_log_line command injection attempt (snort3-server-webapp.rules)
 * 1:31519 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (snort3-file-multimedia.rules)
 * 1:31520 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (snort3-file-multimedia.rules)
 * 1:31521 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (snort3-file-multimedia.rules)
 * 1:31522 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (snort3-file-multimedia.rules)
 * 1:31523 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (snort3-file-multimedia.rules)
 * 1:31524 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (snort3-file-multimedia.rules)
 * 1:31525 <-> ENABLED <-> SERVER-OTHER HP AutoPass License Server CommunicationServlet directory traversal attempt (snort3-server-other.rules)
 * 1:31526 <-> ENABLED <-> SERVER-OTHER HP AutoPass License Server CommunicationServlet directory traversal attempt (snort3-server-other.rules)
 * 1:31529 <-> ENABLED <-> SERVER-OTHER D-Link Multiple Products HNAP request buffer overflow attempt (snort3-server-other.rules)
 * 1:31534 <-> ENABLED <-> FILE-OFFICE Microsoft Access memory corruption attempt (snort3-file-office.rules)
 * 1:31535 <-> ENABLED <-> FILE-OFFICE Microsoft Access memory corruption attempt (snort3-file-office.rules)
 * 1:31536 <-> ENABLED <-> FILE-OFFICE Microsoft Access memory corruption attempt (snort3-file-office.rules)
 * 1:31537 <-> ENABLED <-> FILE-OFFICE Microsoft Access memory corruption attempt (snort3-file-office.rules)
 * 1:31540 <-> ENABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster integer overflow attempt (snort3-file-java.rules)
 * 1:31541 <-> ENABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster integer overflow attempt (snort3-file-java.rules)
 * 1:31542 <-> DISABLED <-> SERVER-WEBAPP D-Link Multiple Products info.cgi request buffer overflow attempt (snort3-server-webapp.rules)
 * 1:31555 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader U3D CLODMeshDeceleration code execution attempt (snort3-file-pdf.rules)
 * 1:31562 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word global array index heap overflow attempt (snort3-file-office.rules)
 * 1:31565 <-> DISABLED <-> SERVER-WEBAPP Flashchat aedatingCMS2.php remote file include attempt (snort3-server-webapp.rules)
 * 1:31566 <-> DISABLED <-> SERVER-WEBAPP Flashchat aedatingCMS.php remote file include attempt (snort3-server-webapp.rules)
 * 1:31567 <-> DISABLED <-> SERVER-WEBAPP Gitlist remote command injection attempt (snort3-server-webapp.rules)
 * 1:31569 <-> DISABLED <-> SERVER-WEBAPP Tiki Wiki 8.3 unserialize PHP remote code execution attempt (snort3-server-webapp.rules)
 * 1:31570 <-> DISABLED <-> SERVER-MYSQL MySQL/MariaDB mysql.cc buffer overflow attempt (snort3-server-mysql.rules)
 * 1:31588 <-> DISABLED <-> SERVER-WEBAPP D-Link Multiple Products hedwig.cgi cookie buffer overflow attempt (snort3-server-webapp.rules)
 * 1:31637 <-> DISABLED <-> SERVER-WEBAPP Ad Fundum Integrateable News Script remote include path attempt (snort3-server-webapp.rules)
 * 1:31638 <-> DISABLED <-> SERVER-WEBAPP Voodoo Chat index.php remote include path attempt (snort3-server-webapp.rules)
 * 1:31647 <-> DISABLED <-> SERVER-WEBAPP AVM FritzBox webcm command injection attempt (snort3-server-webapp.rules)
 * 1:31648 <-> DISABLED <-> SERVER-WEBAPP AVM FritzBox webcm command injection attempt (snort3-server-webapp.rules)
 * 1:31651 <-> DISABLED <-> SERVER-WEBAPP VMTurbo Operations Manager vmtadmin.cgi command injection attempt (snort3-server-webapp.rules)
 * 1:31652 <-> DISABLED <-> SERVER-WEBAPP VMTurbo Operations Manager vmtadmin.cgi command injection attempt (snort3-server-webapp.rules)
 * 1:31686 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (snort3-file-pdf.rules)
 * 1:31687 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (snort3-file-pdf.rules)
 * 1:31696 <-> DISABLED <-> SERVER-WEBAPP Jira Issue Collector Plugin directory traversal attempt (snort3-server-webapp.rules)
 * 1:12079 <-> DISABLED <-> SERVER-OTHER CA BrightStor ARCserve LGServer stack buffer overflow attempt (snort3-server-other.rules)
 * 1:1209 <-> DISABLED <-> SERVER-WEBAPP .nsconfig access (snort3-server-webapp.rules)

2018-09-18 14:19:43 UTC

Snort Subscriber Rules Update

Date: 2018-09-18

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2990.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:47815 <-> DISABLED <-> SERVER-WEBAPP CloudByte ElastiStor LicenseServlet directory traversal attempt (server-webapp.rules)
 * 1:47826 <-> ENABLED <-> MALWARE-CNC Win.Trojan.njrat njRAT trojan variant download (malware-cnc.rules)
 * 1:47838 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro SGI RGB run-length encoding out of bounds read attempt (file-image.rules)
 * 1:47830 <-> DISABLED <-> POLICY-OTHER phpmyadmin external SQL query detected (policy-other.rules)
 * 1:47834 <-> DISABLED <-> FILE-FLASH Adobe Flash Player COM server BrokerCreateFile sandbox escape attempt (file-flash.rules)
 * 1:47814 <-> DISABLED <-> SERVER-WEBAPP CloudByte ElastiStor imageUploadServlet directory traversal attempt (server-webapp.rules)
 * 1:47820 <-> DISABLED <-> SERVER-OTHER OpenSSL invalid Diffie-Hellman parameter NULL pointer dereference attempt (server-other.rules)
 * 1:47822 <-> ENABLED <-> MALWARE-CNC Win.Trojan.njrat njRAT trojan outbound attempt (malware-cnc.rules)
 * 1:47829 <-> ENABLED <-> SERVER-OTHER JBoss Richfaces expression language injection attempt (server-other.rules)
 * 1:47817 <-> DISABLED <-> SERVER-WEBAPP SoftNAS StorageCenter snserv.php command injection attempt (server-webapp.rules)
 * 1:47843 <-> ENABLED <-> MALWARE-CNC Java.Trojan.Adwind variant outbound connection (malware-cnc.rules)
 * 1:47847 <-> ENABLED <-> MALWARE-OTHER Win.Downloader.DDECmdExec variant download (malware-other.rules)
 * 1:47831 <-> DISABLED <-> SERVER-WEBAPP phpmyadmin post-authentication local file inclusion attempt (server-webapp.rules)
 * 1:47844 <-> ENABLED <-> MALWARE-OTHER Win.Downloader.DDECmdExec variant download (malware-other.rules)
 * 1:47851 <-> ENABLED <-> OS-WINDOWS Microsoft Windows SystemCollector privilege escalation attempt (os-windows.rules)
 * 1:47813 <-> DISABLED <-> SERVER-WEBAPP CloudByte ElastiStor imageUploadServlet directory traversal attempt (server-webapp.rules)
 * 1:47816 <-> DISABLED <-> SERVER-WEBAPP CloudByte ElastiStor LicenseServlet arbitrary JSP file upload attempt (server-webapp.rules)
 * 1:47846 <-> ENABLED <-> MALWARE-OTHER Win.Downloader.DDECmdExec variant download (malware-other.rules)
 * 1:47823 <-> ENABLED <-> MALWARE-CNC Win.Trojan.njrat njRAT trojan variant download (malware-cnc.rules)
 * 1:47848 <-> ENABLED <-> MALWARE-OTHER Win.Downloader.DDECmdExec variant download (malware-other.rules)
 * 1:47837 <-> ENABLED <-> MALWARE-CNC Win.Trojan.DownloadGuide variant outbound traffic (malware-cnc.rules)
 * 1:47839 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro SGI RGB run-length encoding out of bounds read attempt (file-image.rules)
 * 1:47849 <-> ENABLED <-> MALWARE-OTHER Win.Downloader.DDECmdExec variant download (malware-other.rules)
 * 1:47824 <-> ENABLED <-> MALWARE-CNC Win.Trojan.njrat njRAT trojan variant download (malware-cnc.rules)
 * 1:47827 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat EmfPlusDrawImagePoints out of bounds read attempt (file-image.rules)
 * 1:47819 <-> DISABLED <-> SERVER-WEBAPP SoftNAS StorageCenter snserv.php command injection attempt (server-webapp.rules)
 * 1:47836 <-> ENABLED <-> MALWARE-CNC Win.Trojan.DownloadGuide variant outbound traffic (malware-cnc.rules)
 * 1:47835 <-> ENABLED <-> MALWARE-CNC Win.Trojan.DownloadGuide variant outbound traffic (malware-cnc.rules)
 * 1:47845 <-> ENABLED <-> MALWARE-OTHER Win.Downloader.DDECmdExec variant download (malware-other.rules)
 * 1:47825 <-> ENABLED <-> MALWARE-CNC Win.Trojan.njrat njRAT trojan variant download (malware-cnc.rules)
 * 1:47850 <-> ENABLED <-> OS-WINDOWS Microsoft Windows SystemCollector privilege escalation attempt (os-windows.rules)
 * 1:47833 <-> DISABLED <-> FILE-FLASH Adobe Flash Player COM server BrokerCreateFile sandbox escape attempt (file-flash.rules)
 * 1:47812 <-> DISABLED <-> SERVER-WEBAPP CloudByte ElastiStor imageUploadServlet arbitrary JSP file upload attempt (server-webapp.rules)
 * 1:47821 <-> DISABLED <-> SERVER-OTHER OpenSSL invalid Diffie-Hellman parameter NULL pointer dereference attempt (server-other.rules)
 * 1:47832 <-> DISABLED <-> SERVER-WEBAPP WordPress Responsive Thumbnail Slider arbitrary PHP file upload attempt (server-webapp.rules)
 * 1:47828 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat EmfPlusDrawImagePoints out of bounds read attempt (file-image.rules)
 * 1:47818 <-> DISABLED <-> SERVER-WEBAPP SoftNAS StorageCenter snserv.php command injection attempt (server-webapp.rules)
 * 3:47842 <-> ENABLED <-> PROTOCOL-DNS TRUFFLEHUNTER TALOS-2018-0681 attack attempt (protocol-dns.rules)
 * 3:47840 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0680 attack attempt (file-other.rules)
 * 3:47841 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0680 attack attempt (file-other.rules)

Modified Rules:


 * 1:32382 <-> DISABLED <-> SERVER-OTHER OpenSSL DTLS SRTP extension parsing denial-of-service attempt (server-other.rules)
 * 1:46640 <-> DISABLED <-> INDICATOR-COMPROMISE Win.Worm.Brontok outbound HTTP request attempt (indicator-compromise.rules)
 * 1:46482 <-> ENABLED <-> MALWARE-CNC Installation Keylogger Osx.Trojan.Mokes data exfiltration (malware-cnc.rules)
 * 1:34160 <-> DISABLED <-> SERVER-OTHER Oracle Outside In Paradox database denial of service attempt (server-other.rules)
 * 1:33009 <-> DISABLED <-> SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx UserName buffer overflow attempt (server-webapp.rules)
 * 1:34912 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro VC1DecDll.dll dll-load exploit attempt (file-other.rules)
 * 1:35702 <-> DISABLED <-> SERVER-WEBAPP ManageEngine OpManager agentKey SQL injection attempt (server-webapp.rules)
 * 1:36527 <-> ENABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:34245 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:32793 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader XRef object integer overflow attempt (file-pdf.rules)
 * 1:37943 <-> DISABLED <-> SERVER-WEBAPP AlienVault OSSIM a_deployment.php command injection attempt (server-webapp.rules)
 * 1:36376 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Management Framework lcfd endpoint daemon buffer overflow attempt (server-other.rules)
 * 1:36658 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules)
 * 1:34358 <-> DISABLED <-> SERVER-WEBAPP Dell SonicWALL SonicOS macIpSpoofView cross site scripting attempt (server-webapp.rules)
 * 1:34104 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management directory traversal attempt (server-webapp.rules)
 * 1:32276 <-> DISABLED <-> SERVER-WEBAPP WordPress Infusionsoft Gravity Forms Plugin arbitrary code execution attempt (server-webapp.rules)
 * 1:34538 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ByteArray shading memory leak attempt (file-flash.rules)
 * 1:33074 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Multiple Products WsDiscoveryServlet directory traversal attempt (server-webapp.rules)
 * 1:32346 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 1091 directory traversal attempt (server-other.rules)
 * 1:36507 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:32753 <-> ENABLED <-> SERVER-WEBAPP FreePBX Framework Asterisk recording interface PHP unserialize code execution attempt (server-webapp.rules)
 * 1:34375 <-> DISABLED <-> SERVER-OTHER PHP zip_cdir_new function integer overflow file download attempt (server-other.rules)
 * 1:34106 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management directory traversal attempt (server-webapp.rules)
 * 1:35532 <-> DISABLED <-> SERVER-WEBAPP Apache HTTP server mod_cache denial of service attempt (server-webapp.rules)
 * 1:34938 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules)
 * 1:36562 <-> DISABLED <-> OS-WINDOWS Microsoft Windows cng.sys memory leak kernel ASLR bypass attempt (os-windows.rules)
 * 1:32739 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime text track descriptors heap buffer overflow attempt (file-multimedia.rules)
 * 1:31882 <-> DISABLED <-> SERVER-OTHER HP Application Life Cycle Management ActiveX arbitrary code execution attempt (server-other.rules)
 * 1:32744 <-> DISABLED <-> SERVER-WEBAPP ManageEngine NetFlow Analyzer DisplayChartPDF directory traversal attempt (server-webapp.rules)
 * 1:31846 <-> DISABLED <-> POLICY-OTHER HP Universal CMDB default credentials authentication attempt (policy-other.rules)
 * 1:33938 <-> DISABLED <-> SERVER-WEBAPP Seagate BlackArmor NAS send_test_email command injection attempt (server-webapp.rules)
 * 1:35033 <-> DISABLED <-> SERVER-WEBAPP LANDesk Management Suite remote file include attempt (server-webapp.rules)
 * 1:32603 <-> DISABLED <-> POLICY-OTHER ManageEngine Eventlog Analyzer information disclosure attempt (policy-other.rules)
 * 1:38012 <-> DISABLED <-> SERVER-WEBAPP Alienvault OSSIM graph_geoloc.php SQL injection attempt (server-webapp.rules)
 * 1:35734 <-> DISABLED <-> SERVER-WEBAPP Netgear WNDR4700 and R6200 admin interface authentication bypass attempt (server-webapp.rules)
 * 1:34619 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management rtrlet.class directory traversal attempt (server-webapp.rules)
 * 1:34343 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player XSPF integer overflow attempt (file-multimedia.rules)
 * 1:34806 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:36900 <-> DISABLED <-> SERVER-WEBAPP Oracle BeeHive showRecxml.jsp directory traversal attempt (server-webapp.rules)
 * 1:36156 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray domainMemory use after free attempt (file-flash.rules)
 * 1:36564 <-> DISABLED <-> FILE-MULTIMEDIA libav LZO integer overflow attempt (file-multimedia.rules)
 * 1:34426 <-> DISABLED <-> OS-WINDOWS Microsoft Windows cng.sys memory leak kernel ASLR bypass attempt (os-windows.rules)
 * 1:32076 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 1091 directory traversal attempt (server-other.rules)
 * 1:31856 <-> DISABLED <-> PROTOCOL-SNMP Multiple Products WPA key enumeration attempt (protocol-snmp.rules)
 * 1:38266 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word HTML linked objects memory corruption attempt (file-office.rules)
 * 1:34911 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro VC1DecDll.dll dll-load exploit attempt (file-other.rules)
 * 1:35679 <-> DISABLED <-> SERVER-WEBAPP Dell KACE Appliance downloadpxy.php directory traversal attempt (server-webapp.rules)
 * 1:32582 <-> DISABLED <-> SERVER-WEBAPP Mantis Bug Tracker XmlImportExport plugin PHP code injection attempt (server-webapp.rules)
 * 1:34539 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ByteArray shading memory leak attempt (file-flash.rules)
 * 1:34239 <-> DISABLED <-> SERVER-OTHER PHP zip_cdir_new function integer overflow file upload attempt (server-other.rules)
 * 1:32885 <-> DISABLED <-> SERVER-WEBAPP Enalean Tuleap PHP unserialize code execution attempt (server-webapp.rules)
 * 1:34447 <-> DISABLED <-> POLICY-OTHER ProFTPD mod_copy unauthenticated file copy attempt (policy-other.rules)
 * 1:32961 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher 2003 EscherStm memory corruption attempt (file-office.rules)
 * 1:32324 <-> DISABLED <-> SERVER-WEBAPP WordPress Custom Contact Forms plugin arbitrary SQL execution attempt (server-webapp.rules)
 * 1:35678 <-> DISABLED <-> SERVER-WEBAPP Dell KACE Appliance downloadpxy.php directory traversal attempt (server-webapp.rules)
 * 1:37134 <-> DISABLED <-> SERVER-WEBAPP Joomla com_youtubegallery module SQL injection attempt (server-webapp.rules)
 * 1:32403 <-> ENABLED <-> SERVER-OTHER HP Network Node Manager ovopi.dll buffer overflow attempt (server-other.rules)
 * 1:37939 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:37934 <-> DISABLED <-> PROTOCOL-FTP Computer Associates eTrust Secure Content Manager LIST stack overflow attempt (protocol-ftp.rules)
 * 1:32044 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Eventlog Analyzer directory traversal attempt (server-webapp.rules)
 * 1:37242 <-> ENABLED <-> SERVER-WEBAPP D-Link DCS-900 Series Network Camera arbitrary file upload attempt (server-webapp.rules)
 * 1:32235 <-> ENABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:34493 <-> DISABLED <-> FILE-FLASH Adobe Flash Player same origin policy security bypass attempt (file-flash.rules)
 * 1:35413 <-> DISABLED <-> FILE-MULTIMEDIA Apple iLife iPhoto Photocast XML format string code injection attempt (file-multimedia.rules)
 * 1:31747 <-> DISABLED <-> SERVER-WEBAPP Gitlab ssh key upload command injection attempt (server-webapp.rules)
 * 1:32149 <-> DISABLED <-> FILE-OTHER Microsoft System.Uri heap corruption attempt (file-other.rules)
 * 1:34159 <-> ENABLED <-> FILE-FLASH Adobe Flash Player EAC3 memory corruption attempt (file-flash.rules)
 * 1:32056 <-> DISABLED <-> SERVER-WEBAPP ManageEngine FileCollector servlet directory traversal attempt (server-webapp.rules)
 * 1:35374 <-> DISABLED <-> SERVER-WEBAPP WebUI mainfile.php command injection attempt (server-webapp.rules)
 * 1:34525 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader CoolType blend memory corruption attempt (file-pdf.rules)
 * 1:31879 <-> DISABLED <-> SERVER-OTHER HP Application Life Cycle Management ActiveX arbitrary code execution attempt (server-other.rules)
 * 1:31731 <-> DISABLED <-> SERVER-WEBAPP Symantec Web Gateway dbutils.php SQL injection attempt (server-webapp.rules)
 * 1:35765 <-> DISABLED <-> SERVER-OTHER gnuTLS _asn1_extract_der_octet memory error inbound malicious client dos attempt (server-other.rules)
 * 1:34486 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (os-other.rules)
 * 1:38274 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word formatted disk pages table memory corruption attempt (file-office.rules)
 * 1:34620 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management rtrlet.class directory traversal attempt (server-webapp.rules)
 * 1:34907 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uhDSPlay.dll dll-load exploit attempt (file-other.rules)
 * 1:34359 <-> DISABLED <-> SERVER-WEBAPP ESF pfSense deletefile directory traversal attempt (server-webapp.rules)
 * 1:31729 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Password Manager MetadataServlet SQL injection attempt (server-webapp.rules)
 * 1:36384 <-> DISABLED <-> OS-WINDOWS Microsoft Windows FlattenPath paged memory consumption privilege escalation attempt (os-windows.rules)
 * 1:34526 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader Cooltype callother memory corruption attempt (file-pdf.rules)
 * 1:34167 <-> ENABLED <-> FILE-FLASH Adobe Flash Player byte array double free attempt (file-flash.rules)
 * 1:47744 <-> DISABLED <-> SERVER-WEBAPP Quest DR Series Disk Backup CustomerPortalService.pm command injection attempt (server-webapp.rules)
 * 1:32234 <-> ENABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:31987 <-> ENABLED <-> FILE-OTHER Wireshark MPEG dissector stack buffer overflow attempt (file-other.rules)
 * 1:33514 <-> DISABLED <-> SERVER-WEBAPP WordPress Photo Gallery PHP code execution attempt (server-webapp.rules)
 * 1:36565 <-> DISABLED <-> FILE-MULTIMEDIA libav LZO integer overflow attempt (file-multimedia.rules)
 * 1:33653 <-> DISABLED <-> SERVER-WEBAPP Solarwinds Orion AccountManagement SQL injection attempt (server-webapp.rules)
 * 1:35032 <-> DISABLED <-> SERVER-WEBAPP LANDesk Management Suite remote file include attempt (server-webapp.rules)
 * 1:37802 <-> DISABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster integer overflow attempt (file-java.rules)
 * 1:35049 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (file-flash.rules)
 * 1:34350 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules)
 * 1:33517 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (file-image.rules)
 * 1:35763 <-> DISABLED <-> SERVER-OTHER gnuTLS _asn1_extract_der_octet memory error inbound malicious server dos attempt (server-other.rules)
 * 1:37133 <-> DISABLED <-> SERVER-WEBAPP Joomla com_youtubegallery module SQL injection attempt (server-webapp.rules)
 * 1:34527 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader Cooltype callother memory corruption attempt (file-pdf.rules)
 * 1:33937 <-> DISABLED <-> SERVER-WEBAPP TRENDnet TN200 Network Storage System command injection attempt (server-webapp.rules)
 * 1:33039 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (file-other.rules)
 * 1:34353 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules)
 * 1:35048 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (file-flash.rules)
 * 1:34056 <-> DISABLED <-> SERVER-WEBAPP Lexmark Markvision Enterprise LibraryFileUploadServlet directory traversal attempt (server-webapp.rules)
 * 1:36261 <-> DISABLED <-> SERVER-WEBAPP PHP fileinfo cdf_read_property_info denial of service attempt (server-webapp.rules)
 * 1:36529 <-> ENABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:32109 <-> DISABLED <-> SERVER-WEBAPP Easy File Management stack buffer overflow attempt (server-webapp.rules)
 * 1:31765 <-> DISABLED <-> SERVER-OTHER MIT Kerberos KDC TGS request cross-realm referral null pointer dereference denial of service attempt (server-other.rules)
 * 1:33599 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Desktop Central MSP StatusUpdateServlet directory traversal attempt (server-webapp.rules)
 * 1:36544 <-> DISABLED <-> SERVER-WEBAPP pChart script parameter directory traversal attempt (server-webapp.rules)
 * 1:35535 <-> DISABLED <-> SERVER-WEBAPP ManageEngine IT360 BSIntegInfoHandler resIds SQL injection attempt (server-webapp.rules)
 * 1:36510 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:33916 <-> DISABLED <-> SERVER-WEBAPP HP ArcSight Logger directory traversal attempt (server-webapp.rules)
 * 1:33031 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (file-other.rules)
 * 1:35314 <-> DISABLED <-> SERVER-APACHE Apache HTTP Server mod_proxy denial of service attempt (server-apache.rules)
 * 1:32068 <-> DISABLED <-> POLICY-OTHER SolarWinds Log and Event Manager default credentials authentication attempt (policy-other.rules)
 * 1:33448 <-> DISABLED <-> SERVER-WEBAPP Symantec Encryption Management Server command injection attempt (server-webapp.rules)
 * 1:33516 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (file-image.rules)
 * 1:33035 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (file-other.rules)
 * 1:31942 <-> DISABLED <-> SERVER-WEBAPP Novell GroupWise Admin Service FileUploadServlet directory traversal attempt (server-webapp.rules)
 * 1:32526 <-> DISABLED <-> POLICY-OTHER Visual Mining NetCharts default credentials authentication attempt (policy-other.rules)
 * 1:34483 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (os-other.rules)
 * 1:33581 <-> DISABLED <-> SERVER-WEBAPP nginx URI processing security bypass attempt (server-webapp.rules)
 * 1:33037 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (file-other.rules)
 * 1:31798 <-> DISABLED <-> SERVER-WEBAPP HP Network Virtualization storedNtxFile directory traversal attempt (server-webapp.rules)
 * 1:33894 <-> DISABLED <-> SERVER-WEBAPP TWiki debugenableplugins arbitrary perl code injection attempt (server-webapp.rules)
 * 1:37805 <-> DISABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster integer overflow attempt (file-java.rules)
 * 1:36462 <-> DISABLED <-> SERVER-OTHER Novell eDirectory DHost verifypwd buffer overflow attempt (server-other.rules)
 * 1:35077 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Applications Manager getMGList groupId SQL injection attempt (server-webapp.rules)
 * 1:38272 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word formatted disk pages table memory corruption attempt (file-office.rules)
 * 1:36528 <-> ENABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:32323 <-> DISABLED <-> SERVER-WEBAPP WordPress Custom Contact Forms plugin SQL export attempt (server-webapp.rules)
 * 1:34899 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro wacommt.dll dll-load exploit attempt (file-other.rules)
 * 1:36493 <-> DISABLED <-> SERVER-OTHER Squid snmphandleUDP off-by-one buffer overflow attempt (server-other.rules)
 * 1:34349 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules)
 * 1:32352 <-> ENABLED <-> SERVER-WEBAPP Centreon displayServiceStatus.php command injection attempt (server-webapp.rules)
 * 1:32348 <-> DISABLED <-> SERVER-WEBAPP ManageEngine FileCollector servlet directory traversal attempt (server-webapp.rules)
 * 1:35281 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Applications Manager haid SQL injection attempt (server-webapp.rules)
 * 1:32967 <-> DISABLED <-> POLICY-OTHER ManageEngine Desktop Central DCPlugin insecure admin account creation attempt (policy-other.rules)
 * 1:33006 <-> DISABLED <-> SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx NodeName buffer overflow attempt (server-webapp.rules)
 * 1:35427 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Applications Manager customerName SQL injection attempt (server-webapp.rules)
 * 1:33008 <-> DISABLED <-> SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx NodeName buffer overflow attempt (server-webapp.rules)
 * 1:33651 <-> DISABLED <-> SERVER-WEBAPP Solarwinds Orion AccountManagement SQL injection attempt (server-webapp.rules)
 * 1:34941 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules)
 * 1:33573 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Multiple Products FailOverHelperServlet information disclosure attempt (server-webapp.rules)
 * 1:34717 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Desktop Central FileUploadServlet directory traversal attempt (server-webapp.rules)
 * 1:33038 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (file-other.rules)
 * 1:34901 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro igfxcmrt32.dll dll-load exploit attempt (file-other.rules)
 * 1:33665 <-> ENABLED <-> SERVER-OTHER HP Client Automation command injection attempt (server-other.rules)
 * 1:32974 <-> DISABLED <-> OS-MOBILE Android ObjectInputStream privilege escalation attempt (os-mobile.rules)
 * 1:36886 <-> DISABLED <-> FILE-PDF Adobe Acrobat font parsing integer overflow attempt (file-pdf.rules)
 * 1:33032 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (file-other.rules)
 * 1:32901 <-> DISABLED <-> FILE-OTHER Advantech ADAMView GeniDAQ display designer stack buffer overflow attempt (file-other.rules)
 * 1:32232 <-> ENABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:34894 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro FxManagedCommands dll-load exploit attempt (file-other.rules)
 * 1:34285 <-> DISABLED <-> SERVER-WEBAPP ESF pfSense firewall_shaper cross site scripting attempt (server-webapp.rules)
 * 1:37628 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray domainMemory use after free attempt (file-flash.rules)
 * 1:31745 <-> DISABLED <-> SERVER-WEBAPP vTiger CRM install module command injection attempt (server-webapp.rules)
 * 1:34158 <-> ENABLED <-> FILE-FLASH Adobe Flash Player EAC3 memory corruption attempt (file-flash.rules)
 * 1:34352 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules)
 * 1:34055 <-> DISABLED <-> SERVER-WEBAPP Lexmark Markvision Enterprise LibraryFileUploadServlet directory traversal attempt (server-webapp.rules)
 * 1:34798 <-> DISABLED <-> SERVER-OTHER HP LoadRunner launcher.dll stack buffer overflow attempt (server-other.rules)
 * 1:33659 <-> DISABLED <-> SERVER-WEBAPP Dell ScriptLogic Asset Manager SQL injection attempt (server-webapp.rules)
 * 1:34472 <-> DISABLED <-> SERVER-WEBAPP Symantec Critical System Protection SQL injection attempt (server-webapp.rules)
 * 1:34914 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro VC1DecDll_SSE3.dll dll-load exploit attempt (file-other.rules)
 * 1:33447 <-> DISABLED <-> SERVER-WEBAPP Symantec Encryption Management Server command injection attempt (server-webapp.rules)
 * 1:34244 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:32233 <-> ENABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:34904 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro MSPStyleLib.dll dll-load exploit attempt (file-other.rules)
 * 1:37664 <-> ENABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:34896 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro TD_Mgd_3.08_9.dll dll-load exploit attempt (file-other.rules)
 * 1:32902 <-> DISABLED <-> FILE-OTHER Advantech ADAMView GeniDAQ display designer stack buffer overflow attempt (file-other.rules)
 * 1:38191 <-> ENABLED <-> FILE-FLASH Adobe Flash Player si32 integer overflow attempt (file-flash.rules)
 * 1:34524 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader CoolType blend memory corruption attempt (file-pdf.rules)
 * 1:35541 <-> ENABLED <-> SERVER-OTHER EMC AutoStart ftagent SQL injection attempt (server-other.rules)
 * 1:32199 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 305 directory traversal attempt (server-other.rules)
 * 1:34940 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules)
 * 1:34300 <-> ENABLED <-> SERVER-WEBAPP D-Link multiple products HNAP SOAPAction header command injection attempt (server-webapp.rules)
 * 1:31818 <-> DISABLED <-> SERVER-WEBAPP ManageEngine DesktopCentral statusUpdate servlet directory traversal attempt (server-webapp.rules)
 * 1:37915 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (policy-other.rules)
 * 1:45399 <-> DISABLED <-> FILE-OTHER Adobe Photoshop asset elements stack based buffer overflow attempt (file-other.rules)
 * 1:35253 <-> DISABLED <-> SERVER-OTHER LibreOffice Impress socket manager Use After Free attempt (server-other.rules)
 * 1:32084 <-> ENABLED <-> SERVER-OTHER HP Network Node Manager ovopi.dll buffer overflow attempt (server-other.rules)
 * 1:35367 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34897 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro TD_Mgd_3.08_9.dll dll-load exploit attempt (file-other.rules)
 * 1:31730 <-> DISABLED <-> SERVER-WEBAPP Symantec Web Gateway dbutils.php SQL injection attempt (server-webapp.rules)
 * 1:36596 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Kerberos privilege escalation attempt (os-windows.rules)
 * 1:37362 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher 2007 conversion library code execution attempt (file-office.rules)
 * 1:35364 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:35677 <-> DISABLED <-> SERVER-WEBAPP Dell KACE Appliance KSudoClient privilege escalation attempt (server-webapp.rules)
 * 1:35531 <-> DISABLED <-> SERVER-WEBAPP Apache HTTP server mod_cache denial of service attempt (server-webapp.rules)
 * 1:35682 <-> DISABLED <-> SERVER-WEBAPP Dell KACE Appliance kbot_upload.php directory traversal attempt (server-webapp.rules)
 * 1:36661 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules)
 * 1:35704 <-> DISABLED <-> SERVER-WEBAPP Maarch LetterBox arbitrary PHP file upload attempt (server-webapp.rules)
 * 1:34024 <-> DISABLED <-> POLICY-OTHER ManageEngine Desktop Central insecure admin password reset attempt (policy-other.rules)
 * 1:35000 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management queryid SQL injection attempt (server-webapp.rules)
 * 1:4637 <-> DISABLED <-> SERVER-OTHER MailEnable HTTPMail buffer overflow attempt (server-other.rules)
 * 1:32970 <-> DISABLED <-> SERVER-WEBAPP F5 BIG-IP name parameter directory traversal attempt (server-webapp.rules)
 * 1:34890 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro u32ZLib.dll dll-load exploit attempt (file-other.rules)
 * 1:35118 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Kerberos privilege escalation attempt (os-windows.rules)
 * 1:37804 <-> DISABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster integer overflow attempt (file-java.rules)
 * 1:33875 <-> DISABLED <-> POLICY-OTHER SolarWinds Firewall Security Manager insecure userlogin.jsp access attempt (policy-other.rules)
 * 1:34169 <-> ENABLED <-> FILE-FLASH Adobe Flash Player byte array double free attempt (file-flash.rules)
 * 1:34157 <-> ENABLED <-> FILE-FLASH Adobe Flash Player EAC3 memory corruption attempt (file-flash.rules)
 * 1:36461 <-> DISABLED <-> SERVER-OTHER Novell eDirectory DHost sadminpwd buffer overflow attempt (server-other.rules)
 * 1:31877 <-> DISABLED <-> SERVER-OTHER HP Application Life Cycle Management ActiveX arbitrary code execution attempt (server-other.rules)
 * 1:37830 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (file-other.rules)
 * 1:31823 <-> ENABLED <-> SERVER-WEBAPP AlienVault OSSIM remote_task command injection attempt (server-webapp.rules)
 * 1:33197 <-> DISABLED <-> SERVER-OTHER BMC Track-It FileStorageService directory traversal attempt (server-other.rules)
 * 1:34902 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro ipl.dll dll-load exploit attempt (file-other.rules)
 * 1:34168 <-> ENABLED <-> FILE-FLASH Adobe Flash Player byte array double free attempt (file-flash.rules)
 * 1:31956 <-> DISABLED <-> SERVER-WEBAPP Rejetto HttpFileServer command injection attempt (server-webapp.rules)
 * 1:35703 <-> DISABLED <-> SERVER-WEBAPP ManageEngine OpManager agentKey SQL injection attempt (server-webapp.rules)
 * 1:35094 <-> DISABLED <-> FILE-OTHER Microsoft proxy autoconfig script system library import attempt (file-other.rules)
 * 1:37854 <-> DISABLED <-> SERVER-WEBAPP D-Link DSL router cross site scripting attempt (server-webapp.rules)
 * 1:34900 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro igfxcmrt32.dll dll-load exploit attempt (file-other.rules)
 * 1:32092 <-> DISABLED <-> POLICY-OTHER ManageEngine DeviceExpert user credentials enumeration attempt (policy-other.rules)
 * 1:34915 <-> DISABLED <-> NETBIOS SMB Corel PaintShop Pro quserex.dll dll-load exploit attempt (netbios.rules)
 * 1:33598 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Desktop Central MSP StatusUpdateServlet directory traversal attempt (server-webapp.rules)
 * 1:31890 <-> DISABLED <-> SERVER-MAIL Exim Dovecot LDA sender_address command injection attempt (server-mail.rules)
 * 1:38965 <-> DISABLED <-> SERVER-WEBAPP VMware vCenter Chargeback Manager ImageUploadServlet arbitrary JSP file upload attempt (server-webapp.rules)
 * 1:34376 <-> DISABLED <-> SERVER-OTHER PHP zip_cdir_new function integer overflow file download attempt (server-other.rules)
 * 1:32740 <-> DISABLED <-> POLICY-OTHER Arris VAP2500 default credentials authentication attempt (policy-other.rules)
 * 1:33040 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (file-other.rules)
 * 1:35680 <-> DISABLED <-> SERVER-WEBAPP Dell KACE Appliance downloadpxy.php directory traversal attempt (server-webapp.rules)
 * 1:31851 <-> DISABLED <-> PROTOCOL-SNMP Arris DG950A 128 bit WEP key enumeration attempt (protocol-snmp.rules)
 * 1:34898 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro wacommt.dll dll-load exploit attempt (file-other.rules)
 * 1:33011 <-> DISABLED <-> SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx UserName buffer overflow attempt (server-webapp.rules)
 * 1:32628 <-> ENABLED <-> SERVER-OTHER HP Network Node Manager ovopi.dll buffer overflow attempt (server-other.rules)
 * 1:34360 <-> DISABLED <-> SERVER-WEBAPP ESF pfSense deletefile directory traversal attempt (server-webapp.rules)
 * 1:35399 <-> DISABLED <-> SERVER-WEBAPP WordPress MailChimp Subscribe Forms PHP Code Execution command injection attempt (server-webapp.rules)
 * 1:36191 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:32745 <-> DISABLED <-> SERVER-WEBAPP ManageEngine NetFlow Analyzer information disclosure attempt (server-webapp.rules)
 * 1:33036 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (file-other.rules)
 * 1:37096 <-> DISABLED <-> SERVER-WEBAPP Joomla Component com_gmaps SQL injection attempt (server-webapp.rules)
 * 1:33033 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (file-other.rules)
 * 1:35429 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Applications Manager customerName SQL injection attempt (server-webapp.rules)
 * 1:35014 <-> ENABLED <-> SERVER-WEBAPP Centreon GetXMLTrapsForVendor.php SQL injection attempt (server-webapp.rules)
 * 1:43674 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word SmartTag record code execution attempt (file-office.rules)
 * 1:36659 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules)
 * 1:34635 <-> DISABLED <-> SERVER-WEBAPP Visual Mining NetCharts projectContents.jsp directory traversal attempt (server-webapp.rules)
 * 1:34846 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader setPageAction use after free attempt (file-pdf.rules)
 * 1:35442 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (file-office.rules)
 * 1:36508 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:34799 <-> ENABLED <-> SERVER-WEBAPP UPnP AddPortMapping SOAP action command injection attempt (server-webapp.rules)
 * 1:36613 <-> DISABLED <-> SERVER-WEBAPP McAfee Cloud Single Sign ExtensionAccessServlet directory traversal attempt (server-webapp.rules)
 * 1:37832 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (file-other.rules)
 * 1:35533 <-> DISABLED <-> SERVER-WEBAPP ManageEngine IT360 BSIntegInfoHandler resIds SQL injection attempt (server-webapp.rules)
 * 1:34942 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules)
 * 1:34344 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player XSPF integer overflow attempt (file-multimedia.rules)
 * 1:32962 <-> DISABLED <-> SERVER-WEBAPP Lexmark MarkVision Enterprise GfdFileUploadServlet directory traversal attempt (server-webapp.rules)
 * 1:31912 <-> DISABLED <-> SERVER-WEBAPP cPanel 9.01 multiple URI parameters cross site scripting attempt (server-webapp.rules)
 * 1:37941 <-> DISABLED <-> SERVER-WEBAPP AlienVault OSSIM a_deployment.php command injection attempt (server-webapp.rules)
 * 1:34910 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uvipl.dll dll-load exploit attempt (file-other.rules)
 * 1:34492 <-> DISABLED <-> FILE-FLASH Adobe Flash Player same origin policy security bypass attempt (file-flash.rules)
 * 1:35279 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Applications Manager haid SQL injection attempt (server-webapp.rules)
 * 1:32738 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime text track descriptors heap buffer overflow attempt (file-multimedia.rules)
 * 1:33676 <-> DISABLED <-> SERVER-WEBAPP Symantec Web Gateway restore.php command injection attempt (server-webapp.rules)
 * 1:36025 <-> DISABLED <-> SERVER-OTHER Digium Asterisk TLS Certificate Common Name null byte validation bypass attempt (server-other.rules)
 * 1:36901 <-> DISABLED <-> SERVER-WEBAPP Oracle BeeHive showRecxml.jsp directory traversal attempt (server-webapp.rules)
 * 1:35016 <-> ENABLED <-> SERVER-WEBAPP Centreon cmdGetExample.php SQL injection attempt (server-webapp.rules)
 * 1:34221 <-> DISABLED <-> SERVER-WEBAPP Barracuda Networks Web Filter index.cgi command injection attempt (server-webapp.rules)
 * 1:43675 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word SmartTag record code execution attempt (file-office.rules)
 * 1:35406 <-> DISABLED <-> SERVER-APACHE Apache HTTP Server mod_status heap buffer overflow attempt (server-apache.rules)
 * 1:35372 <-> DISABLED <-> SERVER-WEBAPP WebUI mainfile.php command injection attempt (server-webapp.rules)
 * 1:34238 <-> DISABLED <-> SERVER-OTHER PHP zip_cdir_new function integer overflow file upload attempt (server-other.rules)
 * 1:34351 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules)
 * 1:31881 <-> DISABLED <-> SERVER-OTHER HP Application Life Cycle Management ActiveX arbitrary code execution attempt (server-other.rules)
 * 1:34495 <-> DISABLED <-> FILE-FLASH Adobe Flash Player same origin policy security bypass attempt (file-flash.rules)
 * 1:37803 <-> DISABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster integer overflow attempt (file-java.rules)
 * 1:33917 <-> DISABLED <-> SERVER-WEBAPP HP ArcSight Logger directory traversal attempt (server-webapp.rules)
 * 1:31743 <-> DISABLED <-> SERVER-WEBAPP Wordpress WPTouch file upload remote code execution attempt (server-webapp.rules)
 * 1:34284 <-> DISABLED <-> SERVER-WEBAPP ESF pfSense firewall_rules cross site scripting attempt (server-webapp.rules)
 * 1:31986 <-> ENABLED <-> FILE-OTHER Wireshark MPEG dissector stack buffer overflow attempt (file-other.rules)
 * 1:32602 <-> DISABLED <-> POLICY-OTHER ManageEngine Eventlog Analyzer credential disclosure attempt (policy-other.rules)
 * 1:32057 <-> DISABLED <-> SERVER-WEBAPP ManageEngine multipartRequest servlet directory traversal attempt (server-webapp.rules)
 * 1:37097 <-> DISABLED <-> SERVER-WEBAPP Joomla Component com_gmaps SQL injection attempt (server-webapp.rules)
 * 1:32975 <-> DISABLED <-> OS-MOBILE Android ObjectInputStream privilege escalation attempt (os-mobile.rules)
 * 1:31852 <-> DISABLED <-> PROTOCOL-SNMP Arris DG950A 64 bit WEP key enumeration attempt (protocol-snmp.rules)
 * 1:32349 <-> DISABLED <-> SERVER-WEBAPP ManageEngine FileCollector servlet directory traversal attempt (server-webapp.rules)
 * 1:34634 <-> DISABLED <-> SERVER-WEBAPP Visual Mining NetCharts projectContents.jsp directory traversal attempt (server-webapp.rules)
 * 1:34240 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34481 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (os-other.rules)
 * 1:32059 <-> ENABLED <-> PROTOCOL-SCADA KingSCADA Alarm Server stack buffer overflow attempt (protocol-scada.rules)
 * 1:33812 <-> ENABLED <-> SERVER-WEBAPP Seagate NAS remote code execution attempt (server-webapp.rules)
 * 1:34373 <-> DISABLED <-> SERVER-OTHER PHP zip_cdir_new function integer overflow file download attempt (server-other.rules)
 * 1:34184 <-> DISABLED <-> SERVER-WEBAPP ESF pfSense services_unbound_acls cross site scripting attempt (server-webapp.rules)
 * 1:32151 <-> DISABLED <-> FILE-OTHER Microsoft System.Uri heap corruption attempt (file-other.rules)
 * 1:34584 <-> DISABLED <-> POLICY-OTHER Novell ZENworks Configuration Management session id disclosure attempt (policy-other.rules)
 * 1:32351 <-> DISABLED <-> SERVER-WEBAPP ManageEngine multipartRequest servlet directory traversal attempt (server-webapp.rules)
 * 1:34913 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro VC1DecDll_SSE3.dll dll-load exploit attempt (file-other.rules)
 * 1:34225 <-> DISABLED <-> PROTOCOL-FTP ProFTPD mod_copy remote code execution attempt (protocol-ftp.rules)
 * 1:34487 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (os-other.rules)
 * 1:37855 <-> DISABLED <-> SERVER-WEBAPP D-Link DSL router cross site scripting attempt (server-webapp.rules)
 * 1:33986 <-> DISABLED <-> POLICY-OTHER ManageEngine Desktop Central insecure admin password reset attempt (policy-other.rules)
 * 1:33010 <-> DISABLED <-> SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx UserName buffer overflow attempt (server-webapp.rules)
 * 1:32369 <-> DISABLED <-> PROTOCOL-ICMP FreeBSD rtsold dname_labeldec stack buffer overflow attempt (protocol-icmp.rules)
 * 1:32152 <-> DISABLED <-> FILE-OTHER Microsoft System.Uri heap corruption attempt (file-other.rules)
 * 1:34482 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (os-other.rules)
 * 1:34939 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules)
 * 1:36885 <-> DISABLED <-> FILE-PDF Adobe Acrobat font parsing integer overflow attempt (file-pdf.rules)
 * 1:34892 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro quserex.dll dll-load exploit attempt (file-other.rules)
 * 1:36383 <-> DISABLED <-> OS-WINDOWS Microsoft Windows FlattenPath paged memory consumption privilege escalation attempt (os-windows.rules)
 * 1:32968 <-> DISABLED <-> SERVER-WEBAPP F5 BIG-IP name parameter directory traversal attempt (server-webapp.rules)
 * 1:32530 <-> ENABLED <-> SERVER-OTHER HP Network Node Manager ovopi.dll buffer overflow attempt (server-other.rules)
 * 1:33518 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (file-image.rules)
 * 1:36157 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray domainMemory use after free attempt (file-flash.rules)
 * 1:33034 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (file-other.rules)
 * 1:35681 <-> DISABLED <-> SERVER-WEBAPP Dell KACE Appliance kbot_upload.php authentication bypass attempt (server-webapp.rules)
 * 1:31880 <-> DISABLED <-> SERVER-OTHER HP Application Life Cycle Management ActiveX arbitrary code execution attempt (server-other.rules)
 * 1:33087 <-> DISABLED <-> FILE-PDF Foxit Reader remote query string buffer overflow attempt (file-pdf.rules)
 * 1:34569 <-> DISABLED <-> SERVER-WEBAPP Wordpress Creative Contact Form arbitrary PHP file upload attempt (server-webapp.rules)
 * 1:34893 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro quserex.dll dll-load exploit attempt (file-other.rules)
 * 1:33007 <-> DISABLED <-> SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx NodeName buffer overflow attempt (server-webapp.rules)
 * 1:35414 <-> DISABLED <-> FILE-MULTIMEDIA Apple iLife iPhoto Photocast XML format string code injection attempt (file-multimedia.rules)
 * 1:31878 <-> DISABLED <-> SERVER-OTHER HP Application Life Cycle Management ActiveX arbitrary code execution attempt (server-other.rules)
 * 1:33446 <-> DISABLED <-> SERVER-WEBAPP Symantec Encryption Management Server command injection attempt (server-webapp.rules)
 * 1:37857 <-> DISABLED <-> SERVER-WEBAPP D-Link DSL router cross site scripting attempt (server-webapp.rules)
 * 1:32528 <-> DISABLED <-> SERVER-WEBAPP Visual Mining NetCharts directory traversal attempt (server-webapp.rules)
 * 1:34242 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34603 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules)
 * 1:31855 <-> DISABLED <-> PROTOCOL-SNMP Multiple Products 64 bit WEP key enumeration attempt (protocol-snmp.rules)
 * 1:38229 <-> DISABLED <-> SERVER-WEBAPP Wordpress Simple Ads Manager sam-ajax-admin.php directory traversal attempt (server-webapp.rules)
 * 1:36530 <-> ENABLED <-> FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (file-flash.rules)
 * 1:37913 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (policy-other.rules)
 * 1:35857 <-> DISABLED <-> FILE-OTHER Microsoft System.Uri heap corruption attempt (file-other.rules)
 * 1:34485 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (os-other.rules)
 * 1:35017 <-> ENABLED <-> SERVER-WEBAPP Centreon makeXML_ListMetrics.php SQL injection attempt (server-webapp.rules)
 * 1:34552 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader malformed shading modifier heap corruption attempt (file-pdf.rules)
 * 1:34805 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34891 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro u32Zlib.dll dll-load exploit attempt (file-other.rules)
 * 1:36154 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray domainMemory use after free attempt (file-flash.rules)
 * 1:36854 <-> DISABLED <-> FILE-OTHER IDEAL Administration IPJ file handling stack overflow attempt (file-other.rules)
 * 1:36823 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack Server buffer overflow attempt (server-other.rules)
 * 1:33890 <-> DISABLED <-> SERVER-WEBAPP Websense Triton CommandLineServlet command injection attempt (server-webapp.rules)
 * 1:37831 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (file-other.rules)
 * 1:41907 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (policy-other.rules)
 * 1:35443 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (file-office.rules)
 * 1:31889 <-> DISABLED <-> SERVER-MAIL Exim Dovecot LDA sender_address command injection attempt (server-mail.rules)
 * 1:33515 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (file-image.rules)
 * 1:32370 <-> DISABLED <-> SERVER-OTHER AOL Instant Messenger goaway message buffer overflow attempt (server-other.rules)
 * 1:37665 <-> ENABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:34804 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:35940 <-> DISABLED <-> SERVER-WEBAPP PHP phar_parse_tarfile method integer overflow attempt (server-webapp.rules)
 * 1:37916 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (policy-other.rules)
 * 1:32886 <-> DISABLED <-> SERVER-WEBAPP Enalean Tuleap PHP unserialize code execution attempt (server-webapp.rules)
 * 1:38898 <-> DISABLED <-> FILE-OTHER Adobe Illustrator CS4 aires.dll dll-load exploit attempt (file-other.rules)
 * 1:36660 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules)
 * 1:34484 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (os-other.rules)
 * 1:33832 <-> DISABLED <-> SERVER-WEBAPP Seagate BlackArmor NAS getAlias.php command injection attempt (server-webapp.rules)
 * 1:33005 <-> DISABLED <-> SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx NodeName buffer overflow attempt (server-webapp.rules)
 * 1:33895 <-> DISABLED <-> SERVER-WEBAPP TWiki debugenableplugins arbitrary perl code injection attempt (server-webapp.rules)
 * 1:33652 <-> DISABLED <-> SERVER-WEBAPP Solarwinds Orion AccountManagement SQL injection attempt (server-webapp.rules)
 * 1:34845 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader setPageAction use after free attempt (file-pdf.rules)
 * 1:32729 <-> DISABLED <-> POLICY-OTHER HP Network Node Manager ovopi.dll command 685 insecure pointer dereference attempt (policy-other.rules)
 * 1:36855 <-> ENABLED <-> FILE-OTHER Wireshark DECT packet dissector overflow attempt (file-other.rules)
 * 1:35684 <-> DISABLED <-> SERVER-WEBAPP Dell KACE Appliance kbot_upload.php directory traversal attempt (server-webapp.rules)
 * 1:31764 <-> DISABLED <-> SERVER-OTHER MIT Kerberos KDC TGS request cross-realm referral null pointer dereference denial of service attempt (server-other.rules)
 * 1:37942 <-> DISABLED <-> SERVER-WEBAPP AlienVault OSSIM a_deployment.php command injection attempt (server-webapp.rules)
 * 1:33657 <-> DISABLED <-> SERVER-WEBAPP Dell ScriptLogic Asset Manager SQL injection attempt (server-webapp.rules)
 * 1:34633 <-> DISABLED <-> SERVER-WEBAPP Visual Mining NetCharts projectContents.jsp directory traversal attempt (server-webapp.rules)
 * 1:36061 <-> DISABLED <-> SERVER-OTHER SAP SQL Anywhere .NET malformed integer buffer overflow attempt (server-other.rules)
 * 1:34943 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules)
 * 1:37856 <-> DISABLED <-> SERVER-WEBAPP D-Link DSL router cross site scripting attempt (server-webapp.rules)
 * 1:38273 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word formatted disk pages table memory corruption attempt (file-office.rules)
 * 1:32350 <-> DISABLED <-> SERVER-WEBAPP ManageEngine multipartRequest servlet directory traversal attempt (server-webapp.rules)
 * 1:34374 <-> DISABLED <-> SERVER-OTHER PHP zip_cdir_new function integer overflow file download attempt (server-other.rules)
 * 1:37098 <-> DISABLED <-> SERVER-WEBAPP Joomla Component com_gmaps SQL injection attempt (server-webapp.rules)
 * 1:3827 <-> DISABLED <-> SERVER-WEBAPP PHP xmlrpc.php post attempt (server-webapp.rules)
 * 1:33076 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Multiple Products WsDiscoveryServlet directory traversal attempt (server-webapp.rules)
 * 1:37099 <-> DISABLED <-> SERVER-WEBAPP Joomla Component com_gmaps SQL injection attempt (server-webapp.rules)
 * 1:34222 <-> DISABLED <-> SERVER-WEBAPP Barracuda Networks Web Filter index.cgi command injection attempt (server-webapp.rules)
 * 1:32887 <-> DISABLED <-> SERVER-WEBAPP ActualScripts ActualAnalyzer aa.php command injection attempt (server-webapp.rules)
 * 1:34166 <-> ENABLED <-> FILE-FLASH Adobe Flash Player byte array double free attempt (file-flash.rules)
 * 1:34905 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uFioUtil.dll dll-load exploit attempt (file-other.rules)
 * 1:33597 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Desktop Central MSP StatusUpdateServlet directory traversal attempt (server-webapp.rules)
 * 1:32964 <-> DISABLED <-> SERVER-WEBAPP Lexmark MarkVision Enterprise GfdFileUploadServlet directory traversal attempt (server-webapp.rules)
 * 1:33277 <-> DISABLED <-> SERVER-WEBAPP AlienVault OSSIM a_deployment.php command injection attempt (server-webapp.rules)
 * 1:34909 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uipl.dll dll-load exploit attempt (file-other.rules)
 * 1:34139 <-> DISABLED <-> SERVER-OTHER Novell ZenWorks configuration management file upload directory traversal attempt (server-other.rules)
 * 1:33029 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (file-other.rules)
 * 1:33632 <-> DISABLED <-> SERVER-WEBAPP PHP xmlrpc.php command injection attempt (server-webapp.rules)
 * 1:34906 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uFioUtil.dll dll-load exploit attempt (file-other.rules)
 * 1:37026 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (policy-other.rules)
 * 1:32347 <-> DISABLED <-> SERVER-WEBAPP ManageEngine FileCollector servlet directory traversal attempt (server-webapp.rules)
 * 1:36192 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:3519 <-> DISABLED <-> SERVER-MYSQL MaxDB WebSQL wppassword buffer overflow default port (server-mysql.rules)
 * 1:34577 <-> DISABLED <-> FILE-FLASH Adobe Flash Player uninitialized register memory leak attempt (file-flash.rules)
 * 1:32342 <-> ENABLED <-> SERVER-OTHER AlienVault OSSIM framework backup_restore action command injection attempt (server-other.rules)
 * 1:36375 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Management Framework Endpoint default HTTP password authentication attempt (server-other.rules)
 * 1:3518 <-> DISABLED <-> SERVER-MYSQL MaxDB WebSQL wppassword buffer overflow (server-mysql.rules)
 * 1:37690 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid object reference code execution attempt (file-flash.rules)
 * 1:32085 <-> ENABLED <-> SERVER-OTHER HP Network Node Manager ovopi.dll buffer overflow attempt (server-other.rules)
 * 1:34916 <-> DISABLED <-> NETBIOS SMB Corel PaintShop Pro u32zlib.dll dll-load exploit attempt (netbios.rules)
 * 1:46641 <-> DISABLED <-> INDICATOR-COMPROMISE Win.Worm.Brontok outbound HTTP request attempt (indicator-compromise.rules)
 * 1:47033 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MPEG stream padding buffer overflow attempt (file-multimedia.rules)
 * 1:46642 <-> ENABLED <-> MALWARE-CNC Win.Worm.Brontok user-agent outbound connection (malware-cnc.rules)
 * 1:604 <-> DISABLED <-> PROTOCOL-SERVICES Unix rlogin froot parameter root access attempt (protocol-services.rules)
 * 1:47032 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MPEG stream padding buffer overflow attempt (file-multimedia.rules)
 * 1:494 <-> DISABLED <-> INDICATOR-COMPROMISE command completed (indicator-compromise.rules)
 * 1:33276 <-> DISABLED <-> SERVER-WEBAPP AlienVault OSSIM a_deployment.php command injection attempt (server-webapp.rules)
 * 1:33615 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS5 gif file heap corruption attempt (file-image.rules)
 * 1:34000 <-> DISABLED <-> SERVER-WEBAPP Berta Content Management System PHP code execution attempt (server-webapp.rules)
 * 1:37937 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:33075 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Multiple Products WsDiscoveryServlet directory traversal attempt (server-webapp.rules)
 * 1:35683 <-> DISABLED <-> SERVER-WEBAPP Dell KACE Appliance kbot_upload.php directory traversal attempt (server-webapp.rules)
 * 1:38964 <-> DISABLED <-> POLICY-OTHER VMware vCenter Chargeback Manager ImageUploadServlet arbitrary JSP file upload attempt (policy-other.rules)
 * 1:35701 <-> DISABLED <-> SERVER-WEBAPP ManageEngine OpManager agentKey SQL injection attempt (server-webapp.rules)
 * 1:38190 <-> DISABLED <-> FILE-FLASH Adobe Flash Player si32 integer overflow attempt (file-flash.rules)
 * 1:34718 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Desktop Central FileUploadServlet directory traversal attempt (server-webapp.rules)
 * 1:34604 <-> DISABLED <-> SERVER-WEBAPP Visual Mining NetCharts saveFile.jsp directory traversal attempt (server-webapp.rules)
 * 1:37912 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (policy-other.rules)
 * 1:32527 <-> DISABLED <-> SERVER-WEBAPP Visual Mining NetCharts directory traversal attempt (server-webapp.rules)
 * 1:34895 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro FxManagedCommands dll-load exploit attempt (file-other.rules)
 * 1:35440 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (file-office.rules)
 * 1:35015 <-> ENABLED <-> SERVER-WEBAPP Centreon GetXmlTree.php SQL injection attempt (server-webapp.rules)
 * 1:33813 <-> DISABLED <-> SERVER-WEBAPP Eclipse Foundation Jetty HttpParser information disclosure attempt (server-webapp.rules)
 * 1:33279 <-> DISABLED <-> SERVER-WEBAPP McAfee ePolicy Orchestrator XML external entity injection attempt (server-webapp.rules)
 * 1:32377 <-> DISABLED <-> FILE-OFFICE Microsoft Office invalid MS-OGRAPH DataFormat buffer overflow attempt (file-office.rules)
 * 1:33853 <-> DISABLED <-> SERVER-WEBAPP D-Link multiple products ping.ccp command injection attempt (server-webapp.rules)
 * 1:33104 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Multiple Products directory traversal attempt (server-webapp.rules)
 * 1:36197 <-> DISABLED <-> SERVER-WEBAPP nginx SMTP proxy STARTTLS plaintext command injection attempt (server-webapp.rules)
 * 1:34999 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management queryid SQL injection attempt (server-webapp.rules)
 * 1:38351 <-> DISABLED <-> SERVER-WEBAPP Cisco Prime Data Center Network Manager processImageSave.jsp directory traversal attempt (server-webapp.rules)
 * 1:34606 <-> DISABLED <-> SERVER-WEBAPP Visual Mining NetCharts saveFile.jsp directory traversal attempt (server-webapp.rules)
 * 1:34105 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management directory traversal attempt (server-webapp.rules)
 * 1:37829 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:33440 <-> DISABLED <-> SERVER-WEBAPP WordPress EasyCart PHP code execution attempt (server-webapp.rules)
 * 1:35418 <-> DISABLED <-> SERVER-OTHER Fortinet Single Sign On hello message denial of service attempt (server-other.rules)
 * 1:33889 <-> DISABLED <-> SERVER-WEBAPP Websense Triton CommandLineServlet command injection attempt (server-webapp.rules)
 * 1:37833 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (file-other.rules)
 * 1:36509 <-> ENABLED <-> FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (file-flash.rules)
 * 1:36563 <-> DISABLED <-> OS-WINDOWS Microsoft Windows cng.sys memory leak kernel ASLR bypass attempt (os-windows.rules)
 * 1:32381 <-> DISABLED <-> SERVER-OTHER OpenSSL DTLS SRTP extension parsing denial-of-service attempt (server-other.rules)
 * 1:36262 <-> DISABLED <-> SERVER-WEBAPP PHP fileinfo cdf_read_property_info denial of service attempt (server-webapp.rules)
 * 1:32963 <-> DISABLED <-> SERVER-WEBAPP Lexmark MarkVision Enterprise GfdFileUploadServlet directory traversal attempt (server-webapp.rules)
 * 1:34903 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro MSPStyleLib.dll dll-load exploit attempt (file-other.rules)
 * 1:33041 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (file-multimedia.rules)
 * 1:32969 <-> DISABLED <-> SERVER-WEBAPP F5 BIG-IP name parameter directory traversal attempt (server-webapp.rules)
 * 1:38897 <-> DISABLED <-> FILE-OTHER Adobe Illustrator CS4 aires.dll dll-load exploit attempt (file-other.rules)
 * 1:38192 <-> ENABLED <-> FILE-FLASH Adobe Flash Player si32 integer overflow attempt (file-flash.rules)
 * 1:37938 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:37828 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:37363 <-> DISABLED <-> SERVER-OTHER Java Library SpringFramework unauthorized serialized object attempt (server-other.rules)
 * 1:31651 <-> DISABLED <-> SERVER-WEBAPP VMTurbo Operations Manager vmtadmin.cgi command injection attempt (server-webapp.rules)
 * 1:33442 <-> DISABLED <-> FILE-OFFICE Microsoft Office OLESS stream object name corruption attempt (file-office.rules)
 * 1:34241 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:33012 <-> DISABLED <-> SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx UserName buffer overflow attempt (server-webapp.rules)
 * 1:34803 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:34427 <-> DISABLED <-> OS-WINDOWS Microsoft Windows cng.sys memory leak kernel ASLR bypass attempt (os-windows.rules)
 * 1:35764 <-> DISABLED <-> SERVER-OTHER gnuTLS _asn1_extract_der_octet memory error inbound malicious server dos attempt (server-other.rules)
 * 1:32619 <-> DISABLED <-> FILE-OTHER MostGear EasyLanFolderShare serial key overflow attempt (file-other.rules)
 * 1:34621 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management rtrlet.class directory traversal attempt (server-webapp.rules)
 * 1:34361 <-> DISABLED <-> SERVER-WEBAPP ESF pfSense deletefile directory traversal attempt (server-webapp.rules)
 * 1:34494 <-> DISABLED <-> FILE-FLASH Adobe Flash Player same origin policy security bypass attempt (file-flash.rules)
 * 1:35375 <-> DISABLED <-> SERVER-WEBAPP WebUI mainfile.php command injection attempt (server-webapp.rules)
 * 1:34578 <-> DISABLED <-> FILE-FLASH Adobe Flash Player uninitialized register memory leak attempt (file-flash.rules)
 * 1:33030 <-> DISABLED <-> FILE-OTHER Poster Software Publish-It buffer overflow attempt (file-other.rules)
 * 1:32563 <-> DISABLED <-> SERVER-WEBAPP Visual Mining NetCharts arbitrary file upload attempt (server-webapp.rules)
 * 1:37940 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:34156 <-> ENABLED <-> FILE-FLASH Adobe Flash Player EAC3 memory corruption attempt (file-flash.rules)
 * 1:32741 <-> DISABLED <-> POLICY-OTHER Arris VAP2500 default credentials authentication attempt (policy-other.rules)
 * 1:32742 <-> ENABLED <-> SERVER-WEBAPP Arris VAP2500 tools_command.php command execution attempt (server-webapp.rules)
 * 1:35428 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Applications Manager customerName SQL injection attempt (server-webapp.rules)
 * 1:34488 <-> DISABLED <-> OS-OTHER QEMU floppy disk controller buffer overflow attempt (os-other.rules)
 * 1:33114 <-> DISABLED <-> SERVER-WEBAPP HP System Management Homepage cross site scripting attempt (server-webapp.rules)
 * 1:33935 <-> DISABLED <-> SERVER-WEBAPP Wordpress WP Marketplace plugin privilege escalation attempt (server-webapp.rules)
 * 1:35858 <-> DISABLED <-> FILE-OTHER Microsoft System.Uri heap corruption attempt (file-other.rules)
 * 1:33278 <-> DISABLED <-> SERVER-WEBAPP AlienVault OSSIM a_deployment.php command injection attempt (server-webapp.rules)
 * 1:31945 <-> DISABLED <-> SERVER-WEBAPP PhpWiki Ploticus plugin command injection attempt (server-webapp.rules)
 * 1:39391 <-> DISABLED <-> PROTOCOL-SCADA 3S CoDeSys Gateway Server stack buffer overflow attempt (protocol-scada.rules)
 * 1:36059 <-> DISABLED <-> SERVER-WEBAPP PHP CDF file handling infinite loop dos attempt (server-webapp.rules)
 * 1:33915 <-> DISABLED <-> SERVER-WEBAPP HP ArcSight Logger directory traversal attempt (server-webapp.rules)
 * 1:34220 <-> DISABLED <-> SERVER-WEBAPP Barracuda Networks Web Filter index.cgi command injection attempt (server-webapp.rules)
 * 1:35078 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Applications Manager getMGList groupId SQL injection attempt (server-webapp.rules)
 * 1:33574 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Multiple Products FailOverHelperServlet information disclosure attempt (server-webapp.rules)
 * 1:34580 <-> DISABLED <-> FILE-FLASH Adobe Flash Player uninitialized register memory leak attempt (file-flash.rules)
 * 1:33441 <-> DISABLED <-> FILE-OFFICE Microsoft Office OLESS stream object name corruption attempt (file-office.rules)
 * 1:35534 <-> DISABLED <-> SERVER-WEBAPP ManageEngine IT360 BSIntegInfoHandler resIds SQL injection attempt (server-webapp.rules)
 * 1:31853 <-> DISABLED <-> PROTOCOL-SNMP Arris DG950A WPA key enumeration attempt (protocol-snmp.rules)
 * 1:31854 <-> DISABLED <-> PROTOCOL-SNMP Multiple Products 128 bit WEP key enumeration attempt (protocol-snmp.rules)
 * 1:32371 <-> ENABLED <-> SERVER-OTHER HP Network Node Manager ovopi.dll buffer overflow attempt (server-other.rules)
 * 1:35441 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (file-office.rules)
 * 1:37627 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray domainMemory use after free attempt (file-flash.rules)
 * 1:31838 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Eventlog Analyzer directory traversal attempt (server-webapp.rules)
 * 1:31819 <-> DISABLED <-> SERVER-WEBAPP HP Network Virtualization toServerObject directory traversal attempt (server-webapp.rules)
 * 1:32150 <-> DISABLED <-> FILE-OTHER Microsoft System.Uri heap corruption attempt (file-other.rules)
 * 1:33113 <-> DISABLED <-> SERVER-WEBAPP Novell eDirectory IMONITOR cross site scripting attempt (server-webapp.rules)
 * 1:35560 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime invalid stsd atom out of bounds read attempt (file-multimedia.rules)
 * 1:32620 <-> DISABLED <-> FILE-OTHER MostGear EasyLanFolderShare serial key overflow attempt (file-other.rules)
 * 1:31892 <-> DISABLED <-> SERVER-WEBAPP HybridAuth install.php code injection attempt (server-webapp.rules)
 * 1:35766 <-> DISABLED <-> SERVER-OTHER gnuTLS _asn1_extract_der_octet memory error inbound malicious client dos attempt (server-other.rules)
 * 1:37025 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (policy-other.rules)
 * 1:34185 <-> DISABLED <-> SERVER-WEBAPP ESF pfSense status_captiveportal cross site scripting attempt (server-webapp.rules)
 * 1:34363 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management GetStoredResult.class SQL injection attempt (server-webapp.rules)
 * 1:36155 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ByteArray domainMemory use after free attempt (file-flash.rules)
 * 1:36902 <-> DISABLED <-> SERVER-WEBAPP Oracle BeeHive showRecxml.jsp directory traversal attempt (server-webapp.rules)
 * 1:34579 <-> DISABLED <-> FILE-FLASH Adobe Flash Player uninitialized register memory leak attempt (file-flash.rules)
 * 1:33934 <-> DISABLED <-> SERVER-WEBAPP Wordpress WP Marketplace plugin directory traversal attempt (server-webapp.rules)
 * 1:32581 <-> DISABLED <-> SERVER-WEBAPP Mantis Bug Tracker XmlImportExport plugin PHP code injection attempt (server-webapp.rules)
 * 1:33896 <-> DISABLED <-> SERVER-WEBAPP OpenNMS XML external entity injection attempt (server-webapp.rules)
 * 1:32601 <-> DISABLED <-> SERVER-OTHER Hikvision DVR RTSP request buffer overflow attempt (server-other.rules)
 * 1:36614 <-> DISABLED <-> SERVER-WEBAPP McAfee Cloud Single Sign ExtensionAccessServlet directory traversal attempt (server-webapp.rules)
 * 1:34364 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management rtrlet.class directory traversal attempt (server-webapp.rules)
 * 1:35366 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:38189 <-> DISABLED <-> FILE-FLASH Adobe Flash Player si32 integer overflow attempt (file-flash.rules)
 * 1:31771 <-> DISABLED <-> SERVER-WEBAPP SolarWinds Storage Manager directory traversal attempt (server-webapp.rules)
 * 1:34243 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:32794 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader XRef object integer overflow attempt (file-pdf.rules)
 * 1:33658 <-> DISABLED <-> SERVER-WEBAPP Dell ScriptLogic Asset Manager SQL injection attempt (server-webapp.rules)
 * 1:34215 <-> DISABLED <-> SERVER-WEBAPP ESF pfSense diag_logs_filter cross site scripting attempt (server-webapp.rules)
 * 1:34716 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Desktop Central FileUploadServlet directory traversal attempt (server-webapp.rules)
 * 1:35079 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Applications Manager getMGList groupId SQL injection attempt (server-webapp.rules)
 * 1:34602 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management rtrlet.class directory traversal attempt (server-webapp.rules)
 * 1:35373 <-> DISABLED <-> SERVER-WEBAPP WebUI mainfile.php command injection attempt (server-webapp.rules)
 * 1:37914 <-> DISABLED <-> POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (policy-other.rules)
 * 1:32014 <-> DISABLED <-> SERVER-WEBAPP GetSimpleCMS arbitrary PHP code execution attempt (server-webapp.rules)
 * 1:35939 <-> DISABLED <-> FILE-MULTIMEDIA PLF playlist name buffer overflow attempt (file-multimedia.rules)
 * 1:35280 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Applications Manager haid SQL injection attempt (server-webapp.rules)
 * 1:34908 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uhDSPlay.dll dll-load exploit attempt (file-other.rules)
 * 1:37148 <-> DISABLED <-> SERVER-WEBAPP WordPress Gallery Objects Plugin viewid SQL injection attempt (server-webapp.rules)
 * 1:38267 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word HTML linked objects memory corruption attempt (file-office.rules)
 * 1:35365 <-> ENABLED <-> FILE-FLASH Adobe Flash Player thread write double-free attempt (file-flash.rules)
 * 1:35417 <-> DISABLED <-> SERVER-OTHER Fortinet Single Sign On hello message denial of service attempt (server-other.rules)
 * 1:32971 <-> DISABLED <-> SERVER-WEBAPP HP System Management iprange parameter buffer overflow attempt (server-webapp.rules)
 * 1:33936 <-> DISABLED <-> SERVER-WEBAPP TRENDnet TN200 Network Storage System command injection attempt (server-webapp.rules)
 * 1:34471 <-> ENABLED <-> SERVER-WEBAPP Symantec Critical System Protection directory traversal attempt (server-webapp.rules)
 * 1:36784 <-> DISABLED <-> POLICY-OTHER Symantec LiveUpdate forcepasswd.do insecure password change attempt (policy-other.rules)
 * 1:34605 <-> DISABLED <-> SERVER-WEBAPP Visual Mining NetCharts saveFile.jsp directory traversal attempt (server-webapp.rules)
 * 1:32337 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader pattern object memory corruption attempt (file-pdf.rules)
 * 1:35944 <-> ENABLED <-> SERVER-MAIL IBM Domino BMP color palette stack buffer overflow attempt (server-mail.rules)
 * 1:31687 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:31728 <-> DISABLED <-> SERVER-WEBAPP ManageEngine Desktop Central LinkViewFetchServlet SQL injection attempt (server-webapp.rules)
 * 1:31696 <-> DISABLED <-> SERVER-WEBAPP Jira Issue Collector Plugin directory traversal attempt (server-webapp.rules)
 * 1:31697 <-> DISABLED <-> SERVER-WEBAPP Jira Issue Collector Plugin directory traversal attempt (server-webapp.rules)
 * 1:31698 <-> DISABLED <-> SERVER-WEBAPP Jira Issue Collector Plugin directory traversal attempt (server-webapp.rules)
 * 1:8085 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager connectedNodes.ovpl command injection attempt (server-webapp.rules)
 * 1:8086 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager cdpView.ovpl command injection attempt (server-webapp.rules)
 * 1:8087 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager freeIPaddrs.ovpl command injection attempt (server-webapp.rules)
 * 1:8088 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager connectedNodes.ovpl command injection attempt (server-webapp.rules)
 * 1:8089 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager cdpView.ovpl command injection attempt (server-webapp.rules)
 * 1:8090 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager freeIPaddrs.ovpl command injection attempt (server-webapp.rules)
 * 1:8734 <-> DISABLED <-> SERVER-WEBAPP Pajax call_dispatcher className directory traversal attempt (server-webapp.rules)
 * 1:9620 <-> DISABLED <-> SERVER-WEBAPP Pajax call_dispatcher remote code execution attempt (server-webapp.rules)
 * 1:12079 <-> DISABLED <-> SERVER-OTHER CA BrightStor ARCserve LGServer stack buffer overflow attempt (server-other.rules)
 * 1:1209 <-> DISABLED <-> SERVER-WEBAPP .nsconfig access (server-webapp.rules)
 * 1:12286 <-> DISABLED <-> FILE-OTHER PCRE character class heap buffer overflow attempt (file-other.rules)
 * 1:12362 <-> DISABLED <-> SERVER-WEBAPP Squid HTTP Proxy-Authorization overflow attempt (server-webapp.rules)
 * 1:12746 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime invalid stsd atom out of bounds read attempt (file-multimedia.rules)
 * 1:12784 <-> DISABLED <-> SERVER-OTHER CA ARCserve LGServer stack buffer overflow attempt (server-other.rules)
 * 1:12785 <-> DISABLED <-> SERVER-OTHER CA ARCserve LGServer stack buffer overflow attempt (server-other.rules)
 * 1:12786 <-> DISABLED <-> SERVER-OTHER CA ARCserve LGServer stack buffer overflow attempt (server-other.rules)
 * 1:13293 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime panorama atoms buffer overflow attempt (file-multimedia.rules)
 * 1:13487 <-> DISABLED <-> PUA-ADWARE Adware elite protector runtime detection (pua-adware.rules)
 * 1:13816 <-> DISABLED <-> SERVER-WEBAPP PHP xmlrpc.php command injection attempt (server-webapp.rules)
 * 1:13817 <-> DISABLED <-> SERVER-WEBAPP PHP xmlrpc.php command injection attempt (server-webapp.rules)
 * 1:13818 <-> DISABLED <-> SERVER-WEBAPP PHP alternate xmlrpc.php command injection attempt (server-webapp.rules)
 * 1:13819 <-> DISABLED <-> SERVER-WEBAPP IBM Lotus Domino Web Server Accept-Language header buffer overflow attempt (server-webapp.rules)
 * 1:13866 <-> DISABLED <-> MALWARE-OTHER Trackware adclicker-fc.gen.a runtime detection - popup ads (malware-other.rules)
 * 1:13867 <-> DISABLED <-> MALWARE-OTHER Trackware adclicker-fc.gen.a runtime detection (malware-other.rules)
 * 1:13902 <-> DISABLED <-> SERVER-OTHER IBM Lotus Sametime multiplexer stack buffer overflow attempt (server-other.rules)
 * 1:13916 <-> DISABLED <-> SERVER-WEBAPP Alt-N SecurityGateway username buffer overflow attempt (server-webapp.rules)
 * 1:13925 <-> DISABLED <-> PROTOCOL-FTP Computer Associates eTrust Secure Content Manager PASV stack overflow attempt (protocol-ftp.rules)
 * 1:13927 <-> DISABLED <-> PROTOCOL-TFTP Open TFTP Server log generation buffer overflow attempt (protocol-tftp.rules)
 * 1:13940 <-> DISABLED <-> PUA-ADWARE Hijacker win32.bho.bgf outbound connection (pua-adware.rules)
 * 1:13990 <-> DISABLED <-> SQL union select - possible sql injection attempt - GET parameter (sql.rules)
 * 1:14230 <-> DISABLED <-> SERVER-WEBAPP SAP DB web server stack buffer overflow attempt (server-webapp.rules)
 * 1:14265 <-> DISABLED <-> PROTOCOL-SCADA Multiple Schneider Electric SCADA products buffer overflow attempt (protocol-scada.rules)
 * 1:14607 <-> DISABLED <-> SERVER-OTHER CA Brightstor SUN RPC malformed string buffer overflow attempt (server-other.rules)
 * 1:14608 <-> DISABLED <-> PROTOCOL-VOIP T.38 fax rate management attribute buffer overflow attempt (protocol-voip.rules)
 * 1:14609 <-> DISABLED <-> PROTOCOL-VOIP T.38 fax EC attribute buffer overflow attempt (protocol-voip.rules)
 * 1:14771 <-> DISABLED <-> SERVER-APACHE BEA WebLogic Apache Oracle connector Transfer-Encoding buffer overflow attempt (server-apache.rules)
 * 1:1478 <-> DISABLED <-> SERVER-WEBAPP Simple Web Counter URI Parameter Buffer Overflow attempt (server-webapp.rules)
 * 1:1485 <-> DISABLED <-> SERVER-IIS mkilog.exe access (server-iis.rules)
 * 1:15472 <-> DISABLED <-> FILE-MULTIMEDIA Multiple MP3 player PLS buffer overflow attempt (file-multimedia.rules)
 * 1:15484 <-> DISABLED <-> PROTOCOL-IMAP CRAM-MD5 authentication method buffer overflow attempt (protocol-imap.rules)
 * 1:15562 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JPX malformed code-block width memory corruption attempt (file-pdf.rules)
 * 1:15896 <-> DISABLED <-> SERVER-OTHER Firebird SQL op_connect_request denial of service attempt (server-other.rules)
 * 1:15939 <-> DISABLED <-> SERVER-OTHER MSN Messenger IRC bot calling home attempt (server-other.rules)
 * 1:16051 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher 2007 conversion library code execution attempt (file-office.rules)
 * 1:16098 <-> DISABLED <-> MALWARE-CNC Win.Trojan.cekar variant outbound connection (malware-cnc.rules)
 * 1:16131 <-> DISABLED <-> MALWARE-OTHER Trackware adclicker trojan zlob.dnz runtime detection - ads (malware-other.rules)
 * 1:16140 <-> DISABLED <-> MALWARE-CNC torpig-mebroot command and control checkin (malware-cnc.rules)
 * 1:16184 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (file-image.rules)
 * 1:16217 <-> DISABLED <-> SERVER-OTHER OpenView Network Node Manager ovalarmsrv opcode 45 integer overflow attempt (server-other.rules)
 * 1:16231 <-> DISABLED <-> FILE-PDF Microsoft Windows kernel-mode drivers core font parsing integer overflow attempt (file-pdf.rules)
 * 1:16271 <-> DISABLED <-> MALWARE-CNC Win.Trojan.TDSS.1.Gen keepalive detection (malware-cnc.rules)
 * 1:16365 <-> DISABLED <-> PUA-ADWARE OnlineGames download attempt (pua-adware.rules)
 * 1:16366 <-> DISABLED <-> OS-WINDOWS Microsoft Windows embedded OpenType font engine LZX decompression buffer overflow attempt (os-windows.rules)
 * 1:16494 <-> DISABLED <-> PUA-ADWARE Cutwail spambot server communication attempt (pua-adware.rules)
 * 1:16498 <-> DISABLED <-> PUA-ADWARE PC Antispyware 2010 FakeAV download/update attempt (pua-adware.rules)
 * 1:16598 <-> DISABLED <-> SERVER-OTHER Green Dam URL handling overflow attempt (server-other.rules)
 * 1:16606 <-> DISABLED <-> SERVER-ORACLE BEA WebLogic Server Plug-ins Certificate overflow attempt (server-oracle.rules)
 * 1:16636 <-> DISABLED <-> OS-WINDOWS Microsoft Windows .NET framework XMLDsig data tampering attempt (os-windows.rules)
 * 1:16638 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt (file-office.rules)
 * 1:16665 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Help Centre escape sequence XSS attempt (os-windows.rules)
 * 1:16688 <-> DISABLED <-> SERVER-OTHER iscsi target format string code execution attempt (server-other.rules)
 * 1:16689 <-> DISABLED <-> SERVER-OTHER Palo Alto Networks Firewall editUser.esp XSS attempt (server-other.rules)
 * 1:16692 <-> DISABLED <-> FILE-MULTIMEDIA PLF playlist name buffer overflow attempt (file-multimedia.rules)
 * 1:16696 <-> DISABLED <-> FILE-OTHER Astonsoft Deepburner db file path buffer overflow attempt (file-other.rules)
 * 1:16726 <-> DISABLED <-> FILE-OTHER gAlan malformed file stack overflow attempt (file-other.rules)
 * 1:16727 <-> DISABLED <-> FILE-OTHER IDEAL Administration IPJ file handling stack overflow attempt (file-other.rules)
 * 1:16731 <-> DISABLED <-> FILE-OTHER ProShow Gold PSH file handling overflow attempt (file-other.rules)
 * 1:16732 <-> DISABLED <-> FILE-OTHER SafeNet SoftRemote multiple policy file local overflow attempt (file-other.rules)
 * 1:16733 <-> DISABLED <-> FILE-OTHER UltraISO CCD file handling overflow attempt (file-other.rules)
 * 1:16736 <-> DISABLED <-> FILE-OTHER VariCAD multiple products DWB file handling overflow attempt (file-other.rules)
 * 1:16737 <-> DISABLED <-> FILE-MULTIMEDIA Xenorate Media Player XPL file handling overflow attempt - 1 (file-multimedia.rules)
 * 1:16738 <-> DISABLED <-> FILE-MULTIMEDIA Xenorate Media Player XPL file handling overflow attempt - 2 (file-multimedia.rules)
 * 1:16751 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player SMB module Win32AddConnection buffer overflow attempt (file-multimedia.rules)
 * 1:16752 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player SMB module Win32AddConnection buffer overflow attempt (file-multimedia.rules)
 * 1:16753 <-> DISABLED <-> SERVER-WEBAPP VideoLAN VLC Media Player SMB module Win32AddConnection buffer overflow attempt (server-webapp.rules)
 * 1:16787 <-> DISABLED <-> FILE-OTHER Symantec multiple products AeXNSConsoleUtilities RunCMD buffer overflow attempt (file-other.rules)
 * 1:17103 <-> DISABLED <-> SERVER-IIS IIS 5.1 alternate data stream authentication bypass attempt (server-iis.rules)
 * 1:17139 <-> DISABLED <-> SERVER-OTHER Symantec Alert Management System HNDLRSVC arbitrary command execution attempt (server-other.rules)
 * 1:17155 <-> DISABLED <-> SERVER-OTHER Multiple vendors OPIE off-by-one stack buffer overflow attempt (server-other.rules)
 * 1:17234 <-> ENABLED <-> MALWARE-CNC VBMania mass mailing worm activity (malware-cnc.rules)
 * 1:17235 <-> ENABLED <-> MALWARE-CNC VBMania mass mailing worm download (malware-cnc.rules)
 * 1:17238 <-> DISABLED <-> FILE-OTHER ACD Systems ACDSee Products XBM file handling buffer overflow attempt (file-other.rules)
 * 1:17250 <-> DISABLED <-> FILE-OFFICE Microsoft Windows WordPad sprmTSetBrc SPRM overflow attempt (file-office.rules)
 * 1:17256 <-> DISABLED <-> OS-WINDOWS Microsoft Windows uniscribe fonts parsing memory corruption attempt (os-windows.rules)
 * 1:17301 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word TextBox sub-document memory corruption attempt (file-office.rules)
 * 1:17308 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word SmartTag record code execution attempt (file-office.rules)
 * 1:17373 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime panorama atoms buffer overflow attempt (file-multimedia.rules)
 * 1:17440 <-> DISABLED <-> SERVER-IIS RSA authentication agent for web redirect buffer overflow attempt (server-iis.rules)
 * 1:17505 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word formatted disk pages table memory corruption attempt (file-office.rules)
 * 1:17506 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word formatted disk pages table memory corruption attempt (file-office.rules)
 * 1:17507 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word formatted disk pages table memory corruption attempt (file-office.rules)
 * 1:17560 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word global array index heap overflow attempt (file-office.rules)
 * 1:17805 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Neeris.BF variant outbound connection (malware-cnc.rules)
 * 1:18102 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader invalid PDF JavaScript printSeps extension call attempt (file-pdf.rules)
 * 1:18222 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder wmerrorenu.dll dll-load exploit attempt (os-windows.rules)
 * 1:18223 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder winietenu.dll dll-load exploit attempt (os-windows.rules)
 * 1:18224 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder asferrorenu.dll dll-load exploit attempt (os-windows.rules)
 * 1:18225 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder wmerrorenu.dll dll-load exploit attempt (os-windows.rules)
 * 1:18226 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder winietenu.dll dll-load exploit attempt (os-windows.rules)
 * 1:18227 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder asferrorenu.dll dll-load exploit attempt (os-windows.rules)
 * 1:18244 <-> DISABLED <-> FILE-JAVA Oracle Java browser plugin docbase overflow attempt (file-java.rules)
 * 1:18247 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious User-Agent ErrCode - W32/Fujacks.htm (malware-cnc.rules)
 * 1:18279 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Karagany.A variant outbound connection (malware-cnc.rules)
 * 1:18281 <-> DISABLED <-> MALWARE-CNC Win.Trojan.VB.njz variant outbound connection (malware-cnc.rules)
 * 1:18311 <-> DISABLED <-> SERVER-WEBAPP Novell iManager getMultiPartParameters arbitrary file upload attempt (server-webapp.rules)
 * 1:18448 <-> DISABLED <-> FILE-PDF Adobe Acrobat Universal 3D stream memory corruption attempt (file-pdf.rules)
 * 1:18451 <-> DISABLED <-> FILE-PDF Adobe Acrobat ICC color integer overflow attempt (file-pdf.rules)
 * 1:18453 <-> DISABLED <-> FILE-PDF Adobe Acrobat universal 3D format memory corruption attempt (file-pdf.rules)
 * 1:18457 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader U3D rgba parsing overflow attempt (file-pdf.rules)
 * 1:18478 <-> DISABLED <-> SERVER-WEBAPP miniBB rss.php premodDir remote file include attempt (server-webapp.rules)
 * 1:18479 <-> DISABLED <-> SERVER-WEBAPP miniBB rss.php pathToFiles remote file include attempt (server-webapp.rules)
 * 1:18488 <-> DISABLED <-> FILE-OTHER Adobe Photoshop wintab32.dll dll-load exploit attempt (file-other.rules)
 * 1:18489 <-> DISABLED <-> FILE-OTHER Adobe Photoshop wintab32.dll dll-load exploit attempt (file-other.rules)
 * 1:18506 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader CCITT stream compression filter invalid image size heap overflow attempt (file-pdf.rules)
 * 1:18507 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader CCITT stream compression filter invalid image size heap overflow attempt (file-pdf.rules)
 * 1:18511 <-> DISABLED <-> SERVER-OTHER Sourcefire Snort packet fragmentation reassembly denial of service attempt (server-other.rules)
 * 1:18524 <-> DISABLED <-> SERVER-OTHER Multiple vendor anti-virus extended ASCII filename scan bypass attempt (server-other.rules)
 * 1:18526 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader shell metacharacter code execution attempt (file-pdf.rules)
 * 1:18527 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader shell metacharacter code execution attempt (file-pdf.rules)
 * 1:18529 <-> DISABLED <-> FILE-OTHER Adobe Premiere Pro ibfs32.dll dll-load exploit attempt (file-other.rules)
 * 1:18530 <-> DISABLED <-> FILE-OTHER Adobe Premier Pro ibfs32.dll dll-load exploit attempt (file-other.rules)
 * 1:18531 <-> DISABLED <-> SERVER-OTHER Multiple Vendors iacenc.dll dll-load exploit attempt (server-other.rules)
 * 1:18532 <-> DISABLED <-> OS-WINDOWS Multiple Vendors iacenc.dll dll-load exploit attempt (os-windows.rules)
 * 1:18535 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word file sprmTSetBrc processing buffer overflow attempt (file-office.rules)
 * 1:18562 <-> DISABLED <-> MALWARE-CNC RogueSoftware.Win32.LivePcCare variant outbound connection (malware-cnc.rules)
 * 1:18575 <-> DISABLED <-> PROTOCOL-FTP Computer Associates eTrust Secure Content Manager LIST stack overflow attempt (protocol-ftp.rules)
 * 1:18577 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.agum variant outbound connection (malware-cnc.rules)
 * 1:18587 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 267 buffer overflow attempt (server-other.rules)
 * 1:18618 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Scar.dpvy/Parkchicers.A/Delf checkin (malware-cnc.rules)
 * 1:18638 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel drawing layer use after free attempt (file-office.rules)
 * 1:18642 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Converter sprmTSplit overflow attempt (file-office.rules)
 * 1:18643 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Converter sprmTTextFflow overflow attempt (file-office.rules)
 * 1:18707 <-> DISABLED <-> MALWARE-CNC RogueSoftware.Win32.ControlCenter variant outbound connection (malware-cnc.rules)
 * 1:18708 <-> DISABLED <-> MALWARE-CNC RogueSoftware.Win32.AntivirusSoft variant outbound connection (malware-cnc.rules)
 * 1:18709 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.aufm variant outbound connection (malware-cnc.rules)
 * 1:18711 <-> DISABLED <-> MALWARE-CNC RogueSoftware.Win32.SecurityCentral variant outbound connection (malware-cnc.rules)
 * 1:18712 <-> DISABLED <-> MALWARE-CNC RogueSoftware.Win32.XJRAntivirus variant outbound connection (malware-cnc.rules)
 * 1:18715 <-> ENABLED <-> MALWARE-CNC Ozdok botnet communication with C&C server (malware-cnc.rules)
 * 1:18716 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.H variant outbound connection (malware-cnc.rules)
 * 1:18717 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.QO variant outbound connection (malware-cnc.rules)
 * 1:18718 <-> DISABLED <-> MALWARE-CNC RogueSoftware.Win32.AdvancedDefender variant outbound connection (malware-cnc.rules)
 * 1:18719 <-> DISABLED <-> MALWARE-CNC Win.Trojan.IRCBot.CBY variant outbound connection (malware-cnc.rules)
 * 1:18720 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Terzib.A variant outbound connection (malware-cnc.rules)
 * 1:18723 <-> DISABLED <-> MALWARE-CNC RogueSoftware.Win32.CleanV variant outbound connection (malware-cnc.rules)
 * 1:18724 <-> DISABLED <-> MALWARE-CNC RogueSoftware.Win32.ZeroClean variant outbound connection (malware-cnc.rules)
 * 1:18739 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Koobface.D variant outbound connection (malware-cnc.rules)
 * 1:18753 <-> DISABLED <-> SERVER-OTHER Zend Server Java Bridge remote code execution attempt (server-other.rules)
 * 1:18764 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager nnmRptConfig.exe multiple parameters buffer overflow attempt (server-webapp.rules)
 * 1:18768 <-> DISABLED <-> SERVER-MAIL Novell GroupWise Internet Agent RRULE parsing buffer overflow attempt (server-mail.rules)
 * 1:18808 <-> DISABLED <-> SERVER-MAIL Ipswitch IMail Server List Mailer Reply-To address buffer overflow attempt (server-mail.rules)
 * 1:18934 <-> ENABLED <-> MALWARE-CNC known command and control channel traffic (Coreflood -- malware-cnc.rules)
 * 1:18936 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - Win.Trojan.FakeAV (malware-cnc.rules)
 * 1:18937 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - Win.Trojan.Krap (malware-cnc.rules)
 * 1:18939 <-> ENABLED <-> MALWARE-CNC known command and control channel traffic (malware-cnc.rules)
 * 1:18940 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - Sality (malware-cnc.rules)
 * 1:18941 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - FakeAV (malware-cnc.rules)
 * 1:18942 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - MacProtector (malware-cnc.rules)
 * 1:18943 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - MacDefender (malware-cnc.rules)
 * 1:18945 <-> DISABLED <-> MALWARE-CNC Virus.Win32.Feberr variant outbound connection (malware-cnc.rules)
 * 1:18946 <-> ENABLED <-> MALWARE-CNC Win.Trojan.IRCBot.FC variant outbound connection (malware-cnc.rules)
 * 1:18947 <-> DISABLED <-> MALWARE-CNC Win.Trojan.IRCBot.FC variant outbound connection (malware-cnc.rules)
 * 1:18952 <-> DISABLED <-> FILE-OTHER Microsoft Windows uniscribe fonts parsing memory corruption attempt (file-other.rules)
 * 1:18976 <-> DISABLED <-> MALWARE-CNC Rogue-Software.AVCare variant outbound connection (malware-cnc.rules)
 * 1:18977 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Proxy variant outbound connection (malware-cnc.rules)
 * 1:18978 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Pasta.aoq variant outbound connection (malware-cnc.rules)
 * 1:18980 <-> DISABLED <-> MALWARE-CNC WinSpywareProtect variant outbound connection (malware-cnc.rules)
 * 1:18981 <-> DISABLED <-> MALWARE-CNC WinSpywareProtect variant outbound connection (malware-cnc.rules)
 * 1:18982 <-> DISABLED <-> MALWARE-CNC WinSpywareProtect variant outbound connection (malware-cnc.rules)
 * 1:18984 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - Win32/Trojanclicker (malware-cnc.rules)
 * 1:18998 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM ovwebsnmpsrv.exe command line argument buffer overflow attempt (server-webapp.rules)
 * 1:19016 <-> ENABLED <-> MALWARE-CNC MacBack Win.Trojan.variant outbound connection (malware-cnc.rules)
 * 1:19017 <-> ENABLED <-> MALWARE-CNC MacBack Win.Trojan.variant outbound connection (malware-cnc.rules)
 * 1:19018 <-> ENABLED <-> MALWARE-CNC MacBack Win.Trojan.variant outbound connection (malware-cnc.rules)
 * 1:19019 <-> ENABLED <-> MALWARE-CNC MacBack Win.Trojan.variant outbound connection (malware-cnc.rules)
 * 1:19021 <-> ENABLED <-> MALWARE-CNC Win.Trojan-Downloader.Win32.FraudLoad.dzm variant outbound connection (malware-cnc.rules)
 * 1:19023 <-> DISABLED <-> MALWARE-CNC IRC.Zapchast.zwrc variant outbound connection (malware-cnc.rules)
 * 1:19024 <-> DISABLED <-> MALWARE-CNC Win.Trojan.StartPage variant outbound connection (malware-cnc.rules)
 * 1:19025 <-> DISABLED <-> MALWARE-CNC Win.Trojan-Banker.Win32.Bancos.etf variant outbound connection (malware-cnc.rules)
 * 1:19027 <-> DISABLED <-> MALWARE-CNC BrowserModifier.Win32.Kerlofost variant outbound connection (malware-cnc.rules)
 * 1:19028 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Mailbot variant outbound connection (malware-cnc.rules)
 * 1:19030 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Uloadis variant outbound connection (malware-cnc.rules)
 * 1:19031 <-> DISABLED <-> MALWARE-CNC iPRIVACY variant outbound connection (malware-cnc.rules)
 * 1:19032 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Cornfemo variant outbound connection (malware-cnc.rules)
 * 1:19033 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Cornfemo variant outbound connection (malware-cnc.rules)
 * 1:19035 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Vilsel.baqb variant outbound connection (malware-cnc.rules)
 * 1:19036 <-> ENABLED <-> MALWARE-CNC Win.Trojan.IRCBrute.I variant outbound connection (malware-cnc.rules)
 * 1:19037 <-> DISABLED <-> MALWARE-CNC Win.Trojan.IRCBrute.I variant outbound connection (malware-cnc.rules)
 * 1:19038 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Jzzer.A variant outbound connection (malware-cnc.rules)
 * 1:19039 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Linkbot.alr variant outbound connection (malware-cnc.rules)
 * 1:19040 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Linkbot.alr variant outbound connection (malware-cnc.rules)
 * 1:19041 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Carberp.C variant outbound connection (malware-cnc.rules)
 * 1:19042 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.ACQE variant outbound connection (malware-cnc.rules)
 * 1:19043 <-> DISABLED <-> PUA-ADWARE RogueSoftware.Win32.BestBoan outbound connection (pua-adware.rules)
 * 1:19044 <-> DISABLED <-> PUA-ADWARE RogueSoftware.Win32.ThinkPoint outbound connection (pua-adware.rules)
 * 1:19045 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Bancos.XQ variant outbound connection (malware-cnc.rules)
 * 1:19046 <-> DISABLED <-> PUA-ADWARE RogueSoftware.Win32.Winwebsec outbound connection (pua-adware.rules)
 * 1:19047 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user agent - RCleanT (malware-cnc.rules)
 * 1:19048 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Darkness variant outbound connection (malware-cnc.rules)
 * 1:19050 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banbra.fxe variant outbound connection (malware-cnc.rules)
 * 1:19052 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Httpbot.qdc variant outbound connection (malware-cnc.rules)
 * 1:19053 <-> ENABLED <-> MALWARE-CNC Worm.Win32.Nusump.A variant outbound connection (malware-cnc.rules)
 * 1:19054 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Sisron.nelo variant outbound connection (malware-cnc.rules)
 * 1:19055 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Gosik.A registration (malware-cnc.rules)
 * 1:19056 <-> ENABLED <-> MALWARE-CNC Win.Trojan.QQFish variant outbound connection (malware-cnc.rules)
 * 1:19057 <-> ENABLED <-> MALWARE-CNC Win.Trojan.QQFish variant outbound connection (malware-cnc.rules)
 * 1:19058 <-> ENABLED <-> MALWARE-CNC Worm.Win32.Faketube update request (malware-cnc.rules)
 * 1:19059 <-> DISABLED <-> PUA-ADWARE RogueSoftware.Win32.SystemDefragmenter outbound connection (pua-adware.rules)
 * 1:19060 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ponmocup.A variant outbound connection (malware-cnc.rules)
 * 1:19061 <-> DISABLED <-> PUA-ADWARE Adware.Win32.Cashtitan contact to server attempt (pua-adware.rules)
 * 1:19062 <-> DISABLED <-> MALWARE-CNC Win.Trojan.FakePlus variant outbound connection (malware-cnc.rules)
 * 1:19105 <-> DISABLED <-> SERVER-OTHER HP Data Protector Manager MMD service buffer overflow attempt (server-other.rules)
 * 1:19138 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM getnnmdata.exe CGI hostname parameter buffer overflow attempt (server-webapp.rules)
 * 1:19164 <-> ENABLED <-> MALWARE-CNC Win.Trojan.SpyEye variant outbound connection (malware-cnc.rules)
 * 1:19206 <-> DISABLED <-> SERVER-OTHER IBM DB2 Universal Database receiveDASMessage buffer overflow attempt (server-other.rules)
 * 1:19225 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SerAuxTrend biff record corruption attempt (file-office.rules)
 * 1:19309 <-> DISABLED <-> PUA-ADWARE hijacker starware videos outbound connection (pua-adware.rules)
 * 1:19310 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Gen3 variant outbound connection (malware-cnc.rules)
 * 1:19312 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.aah variant outbound connection (malware-cnc.rules)
 * 1:19328 <-> ENABLED <-> MALWARE-CNC PointGuide variant outbound connection (malware-cnc.rules)
 * 1:19329 <-> DISABLED <-> MALWARE-CNC Faceback.exe variant outbound connection (malware-cnc.rules)
 * 1:19330 <-> DISABLED <-> MALWARE-CNC Adclicker Win.Trojan.Zlob.dnz variant outbound connection (malware-cnc.rules)
 * 1:19331 <-> DISABLED <-> MALWARE-CNC Adclicker Win.Trojan.Zlob.dnz variant outbound connection (malware-cnc.rules)
 * 1:19332 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Clampi variant outbound connection (malware-cnc.rules)
 * 1:19339 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Dropper Win.Trojan.Agent.alda variant outbound connection (malware-cnc.rules)
 * 1:19340 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Fakeav TREAntivirus variant outbound connection (malware-cnc.rules)
 * 1:19341 <-> DISABLED <-> MALWARE-CNC Worm MSIL.AiO.a variant outbound connection (malware-cnc.rules)
 * 1:19342 <-> DISABLED <-> MALWARE-CNC Adware Professional variant outbound connection (malware-cnc.rules)
 * 1:19343 <-> DISABLED <-> MALWARE-CNC Adware Pro variant outbound connection (malware-cnc.rules)
 * 1:19344 <-> DISABLED <-> MALWARE-CNC AntiMalware Pro variant outbound connection (malware-cnc.rules)
 * 1:19345 <-> DISABLED <-> MALWARE-CNC REAnti variant outbound connection (malware-cnc.rules)
 * 1:19346 <-> DISABLED <-> MALWARE-CNC Additional Guard variant outbound connection (malware-cnc.rules)
 * 1:19348 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Downloader Win.Trojan.FraudLoad.emq variant outbound connection (malware-cnc.rules)
 * 1:19349 <-> DISABLED <-> MALWARE-CNC Fakeav Vaccineclear variant outbound connection (malware-cnc.rules)
 * 1:19351 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Clicker Win.Trojan.Hatigh.C variant outbound connection (malware-cnc.rules)
 * 1:19352 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Small.D variant outbound connection (malware-cnc.rules)
 * 1:19353 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Banker.bkhu variant outbound connection (malware-cnc.rules)
 * 1:19357 <-> ENABLED <-> MALWARE-CNC Win.Worm.Sohanad.ila variant outbound connection (malware-cnc.rules)
 * 1:19358 <-> ENABLED <-> MALWARE-CNC Win.Trojan.XYTvn.A variant outbound connection (malware-cnc.rules)
 * 1:19359 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dcbavict.A variant outbound connection (malware-cnc.rules)
 * 1:19360 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dcbavict.A variant outbound connection (malware-cnc.rules)
 * 1:19361 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dcbavict.A variant outbound connection (malware-cnc.rules)
 * 1:19363 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dorkbot.B variant outbound connection (malware-cnc.rules)
 * 1:19366 <-> DISABLED <-> MALWARE-CNC Win.Trojan.HXWAN.A variant outbound connection (malware-cnc.rules)
 * 1:19367 <-> DISABLED <-> MALWARE-CNC Win.Worm.Vaubeg.A variant outbound connection (malware-cnc.rules)
 * 1:19368 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Carberp.D variant outbound connection (malware-cnc.rules)
 * 1:19369 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Carberp.D variant outbound connection (malware-cnc.rules)
 * 1:19370 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Carberp.D variant outbound connection (malware-cnc.rules)
 * 1:19371 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.IC variant outbound connection (malware-cnc.rules)
 * 1:19372 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string javasw - Trojan.Banload (malware-cnc.rules)
 * 1:19391 <-> DISABLED <-> PUA-ADWARE Lost Door v3.0 (pua-adware.rules)
 * 1:19392 <-> ENABLED <-> MALWARE-OTHER Keylogger Monitor.win32.perflogger (malware-other.rules)
 * 1:19393 <-> DISABLED <-> MALWARE-OTHER Keylogger Monitor.win32.perflogger (malware-other.rules)
 * 1:19394 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Tidserv variant outbound connection (malware-cnc.rules)
 * 1:19395 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader Win.Trojan.Monkif.J inbound connection - dest ip infected (malware-cnc.rules)
 * 1:19396 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Beastdoor.b variant outbound connection (malware-cnc.rules)
 * 1:19397 <-> DISABLED <-> MALWARE-CNC Win.Trojan.UltimateDefender.xv variant outbound connection (malware-cnc.rules)
 * 1:19398 <-> DISABLED <-> MALWARE-CNC Win.Trojan.BAT.Shutdown.ef variant outbound connection (malware-cnc.rules)
 * 1:19399 <-> DISABLED <-> MALWARE-CNC Email Worm Win32.Zhelatin.ch variant outbound connection (malware-cnc.rules)
 * 1:19400 <-> DISABLED <-> MALWARE-CNC Win.Worm.Sddrop.D variant outbound connection (malware-cnc.rules)
 * 1:19401 <-> DISABLED <-> MALWARE-CNC Win.Worm.Sddrop.D variant outbound connection (malware-cnc.rules)
 * 1:19402 <-> DISABLED <-> MALWARE-CNC P2P Worm.Win32.Malas.r variant outbound connection (malware-cnc.rules)
 * 1:19404 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ozdok variant outbound connection (malware-cnc.rules)
 * 1:19426 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader Win.Trojan.Crypter.i variant outbound connection (malware-cnc.rules)
 * 1:19427 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.amjz variant outbound connection (malware-cnc.rules)
 * 1:19428 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader Win.Trojan.Adload.BG variant outbound connection (malware-cnc.rules)
 * 1:19429 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Proxy Win.Trojan.Dosenjo.C variant outbound connection (malware-cnc.rules)
 * 1:19433 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Fujacks.aw variant outbound connection (malware-cnc.rules)
 * 1:19434 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string ErrCode (malware-cnc.rules)
 * 1:19435 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Litmus.203 variant outbound connection (malware-cnc.rules)
 * 1:19453 <-> DISABLED <-> PUA-ADWARE Sus.BancDI-B trojan outbound connection (pua-adware.rules)
 * 1:19454 <-> DISABLED <-> MALWARE-CNC Win.Trojan.PWS.Win32.QQPass.IK variant outbound connection (malware-cnc.rules)
 * 1:19456 <-> DISABLED <-> MALWARE-CNC Packed.Win32.Klone.bj variant outbound connection (malware-cnc.rules)
 * 1:19457 <-> DISABLED <-> MALWARE-CNC Trojan-Clicker.Win32.Vesloruki.ajb variant outbound connection (malware-cnc.rules)
 * 1:19458 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word sprmCMajority record buffer overflow attempt (file-office.rules)
 * 1:19459 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word sprmCMajority record buffer overflow attempt (file-office.rules)
 * 1:19476 <-> DISABLED <-> MALWARE-CNC Exploit.Win32.SqlShell.r variant outbound connection (malware-cnc.rules)
 * 1:19477 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Krap.af variant outbound connection (malware-cnc.rules)
 * 1:19478 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Taterf.B variant outbound connection (malware-cnc.rules)
 * 1:19479 <-> DISABLED <-> MALWARE-CNC Net-Worm.Win32.Piloyd.m variant outbound connection - request html (malware-cnc.rules)
 * 1:19480 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string STORMDDOS - Backdoor.Win32.Inject.ctt (malware-cnc.rules)
 * 1:19481 <-> DISABLED <-> MALWARE-CNC Email-Worm.Win32.Agent.bx variant outbound connection (malware-cnc.rules)
 * 1:19482 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string ErrorFix (malware-cnc.rules)
 * 1:19483 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Reload.fy variant outbound connection (malware-cnc.rules)
 * 1:19485 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user agent - RAV1 (malware-cnc.rules)
 * 1:19486 <-> DISABLED <-> PUA-ADWARE W32.Fiala.A outbound connection (pua-adware.rules)
 * 1:19487 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.kih variant outbound connection (malware-cnc.rules)
 * 1:19488 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Failnum.A variant outbound connection (malware-cnc.rules)
 * 1:19489 <-> DISABLED <-> MALWARE-CNC Win.Trojan.DeAlfa.fa variant outbound connection (malware-cnc.rules)
 * 1:19490 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Koceg.B variant outbound connection (malware-cnc.rules)
 * 1:19491 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader Win.Trojan.Genome.vau variant outbound connection (malware-cnc.rules)
 * 1:19492 <-> DISABLED <-> MALWARE-CNC Windows System Defender variant outbound connection (malware-cnc.rules)
 * 1:19493 <-> ENABLED <-> MALWARE-CNC URI request for known malicious uri config.ini on 3322.org domain (malware-cnc.rules)
 * 1:19494 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Licum variant outbound connection (malware-cnc.rules)
 * 1:19495 <-> DISABLED <-> MALWARE-CNC Win.Worm.Pilleuz variant outbound connection (malware-cnc.rules)
 * 1:19554 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Fakeav Antivirus Xp Pro variant outbound connection (malware-cnc.rules)
 * 1:19555 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Small variant outbound connection (malware-cnc.rules)
 * 1:19556 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Homa variant outbound connection (malware-cnc.rules)
 * 1:19557 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Shark.ag variant outbound connection (malware-cnc.rules)
 * 1:19566 <-> DISABLED <-> PUA-ADWARE W32.Ackantta.C.mm mass-mailer outbound connection (pua-adware.rules)
 * 1:19567 <-> DISABLED <-> PUA-ADWARE W32.Ackantta.C.mm mass-mailer outbound connection (pua-adware.rules)
 * 1:19568 <-> DISABLED <-> MALWARE-CNC Trojan-Spy.Win32.PerfectKeylogger variant outbound connection (malware-cnc.rules)
 * 1:19569 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Perkesh variant outbound connection (malware-cnc.rules)
 * 1:19570 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user agent - ie 11.0 sp6 (malware-cnc.rules)
 * 1:19571 <-> DISABLED <-> PUA-ADWARE Antivirus Agent Pro outbound connection (pua-adware.rules)
 * 1:19572 <-> DISABLED <-> MALWARE-CNC Win.Trojan.FFSearch variant outbound connection (malware-cnc.rules)
 * 1:19573 <-> DISABLED <-> MALWARE-CNC Win.Worm.Chiviper.C variant outbound connection (malware-cnc.rules)
 * 1:19574 <-> DISABLED <-> MALWARE-CNC Win.Worm.Chiviper.C variant outbound connection (malware-cnc.rules)
 * 1:19575 <-> DISABLED <-> MALWARE-CNC Win.Worm.Emold.U variant outbound connection (malware-cnc.rules)
 * 1:19576 <-> DISABLED <-> PUA-ADWARE Antivirus Pro 2010 outbound connection (pua-adware.rules)
 * 1:19577 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dropper Win.Trojan.Dogrobot.E variant outbound connection (malware-cnc.rules)
 * 1:19578 <-> DISABLED <-> PUA-ADWARE Personal Guard 2009 outbound connection (pua-adware.rules)
 * 1:19579 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Potao.A variant outbound connection (malware-cnc.rules)
 * 1:19580 <-> DISABLED <-> MALWARE-CNC Win.Worm.Basun.wsc inbound connection (malware-cnc.rules)
 * 1:19581 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Apher.gpd variant outbound connection (malware-cnc.rules)
 * 1:19582 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Apher.gpd variant outbound connection (malware-cnc.rules)
 * 1:19583 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Bumat.rts variant outbound connection (malware-cnc.rules)
 * 1:19584 <-> DISABLED <-> MALWARE-CNC Win.Worm.Dref.C variant outbound connection (malware-cnc.rules)
 * 1:19585 <-> DISABLED <-> MALWARE-CNC Win.Worm.Dref.C variant outbound connection - notification (malware-cnc.rules)
 * 1:19586 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Clicker Win.Trojan.Agent.dlg variant outbound connection (malware-cnc.rules)
 * 1:19587 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Sereki.B variant outbound connection (malware-cnc.rules)
 * 1:19588 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Sereki.B successful connection (malware-cnc.rules)
 * 1:19589 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious User-Agent string MacProtector (malware-cnc.rules)
 * 1:19590 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Savnut.B variant outbound connection (malware-cnc.rules)
 * 1:19591 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Powp.pyv variant outbound connection (malware-cnc.rules)
 * 1:19592 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent variant outbound connection (malware-cnc.rules)
 * 1:19593 <-> DISABLED <-> MALWARE-CNC Win.Worm.Agent.btxm variant outbound connection IRC (malware-cnc.rules)
 * 1:19594 <-> DISABLED <-> PUA-ADWARE Win32.Fruspam outbound connection (pua-adware.rules)
 * 1:19595 <-> DISABLED <-> MALWARE-OTHER known malicious email string - You have received a Hallmark E-Card (malware-other.rules)
 * 1:19596 <-> DISABLED <-> MALWARE-CNC Poison Ivy variant outbound connection (malware-cnc.rules)
 * 1:19597 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.cws variant outbound connection (malware-cnc.rules)
 * 1:19598 <-> DISABLED <-> PUA-ADWARE Infostealer.Gampass outbound connection (pua-adware.rules)
 * 1:19608 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Wisscmd.A variant outbound connection (malware-cnc.rules)
 * 1:19611 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious User-Agent string INet - Win32.Virus.Jusabli.A (malware-cnc.rules)
 * 1:19612 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Banload.bvk variant outbound connection (malware-cnc.rules)
 * 1:19613 <-> DISABLED <-> MALWARE-CNC Rogue Software Registry Cleaner Pro variant outbound connection (malware-cnc.rules)
 * 1:19614 <-> ENABLED <-> MALWARE-CNC Win.Trojan.IRCBot.kkr variant outbound connection (malware-cnc.rules)
 * 1:19615 <-> DISABLED <-> MALWARE-CNC Win.Trojan.IRCBot.kkr variant outbound connection (malware-cnc.rules)
 * 1:19616 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.Win32.Banbra.mcq variant outbound connection (malware-cnc.rules)
 * 1:19622 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - pte.aspx?ver= (malware-cnc.rules)
 * 1:19623 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - vic.aspx?ver= (malware-cnc.rules)
 * 1:19625 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - .sys.php?getexe= (malware-cnc.rules)
 * 1:19626 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - /setup_b.asp?prj= (malware-cnc.rules)
 * 1:19627 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - /r_autoidcnt.asp?mer_seq= (malware-cnc.rules)
 * 1:19628 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - /1cup/script.php (malware-cnc.rules)
 * 1:19631 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - AnSSip= (malware-cnc.rules)
 * 1:19632 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - /VertexNet/adduser.php?uid= (malware-cnc.rules)
 * 1:19633 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - /VertexNet/tasks.php?uid= (malware-cnc.rules)
 * 1:19635 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - /app/?prj= (malware-cnc.rules)
 * 1:19636 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - /blog/images/3521.jpg?v (malware-cnc.rules)
 * 1:19637 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - /install.asp?mac= (malware-cnc.rules)
 * 1:19638 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - /kx4.txt (malware-cnc.rules)
 * 1:19652 <-> DISABLED <-> MALWARE-CNC Teevsock C variant outbound connection (malware-cnc.rules)
 * 1:19654 <-> DISABLED <-> MALWARE-CNC Trojan-Spy.Win32.Zbot.wti variant outbound connection (malware-cnc.rules)
 * 1:19655 <-> DISABLED <-> MALWARE-CNC Trojan-Dropper.Agent.IK variant outbound connection (malware-cnc.rules)
 * 1:19656 <-> DISABLED <-> MALWARE-CNC Trojan-Dropper.Win32.Peace.lh variant outbound connection (malware-cnc.rules)
 * 1:19657 <-> ENABLED <-> MALWARE-CNC Win.Trojan.FakeAV variant traffic (malware-cnc.rules)
 * 1:19658 <-> ENABLED <-> MALWARE-CNC Win.Trojan.MCnovogic.A variant outbound connection (malware-cnc.rules)
 * 1:19659 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Soleseq.A variant outbound connection (malware-cnc.rules)
 * 1:19660 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Riern.K variant outbound connection (malware-cnc.rules)
 * 1:19695 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.VB.nec variant outbound connection (malware-cnc.rules)
 * 1:19696 <-> DISABLED <-> MALWARE-CNC Win.Trojan.SdBot.nng inbound connection (malware-cnc.rules)
 * 1:19697 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Spy.Win32.VB.btm variant outbound connection (malware-cnc.rules)
 * 1:19698 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Prosti.AG variant outbound connection (malware-cnc.rules)
 * 1:19699 <-> DISABLED <-> MALWARE-CNC TrojanDownloader.Win32.Korklic.A variant outbound connection (malware-cnc.rules)
 * 1:19700 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.tnr variant outbound connection (malware-cnc.rules)
 * 1:19701 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Hassar.A variant outbound connection (malware-cnc.rules)
 * 1:19702 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Zboter.E variant outbound connection (malware-cnc.rules)
 * 1:19703 <-> ENABLED <-> MALWARE-CNC Win.Worm.Dusta.br outbound connnection (malware-cnc.rules)
 * 1:19704 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Agent.grdm variant outbound connection (malware-cnc.rules)
 * 1:19705 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Agent.grdm variant outbound connection (malware-cnc.rules)
 * 1:19706 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Agent.cer variant outbound connection (malware-cnc.rules)
 * 1:19711 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Jorik variant outbound connection (malware-cnc.rules)
 * 1:19712 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Downloader variant outbound connection (malware-cnc.rules)
 * 1:19715 <-> DISABLED <-> MALWARE-CNC Win.Trojan.URLZone variant outbound connection (malware-cnc.rules)
 * 1:19716 <-> DISABLED <-> MALWARE-CNC TrojanSpy.Win32.Banker.OO variant outbound connection (malware-cnc.rules)
 * 1:19717 <-> DISABLED <-> PUA-ADWARE Virus.Win32.Virut.ce outbound connection (pua-adware.rules)
 * 1:19718 <-> DISABLED <-> MALWARE-CNC Trojan-Downloader.Win32.Agent.bkap variant outbound connection (malware-cnc.rules)
 * 1:19719 <-> DISABLED <-> MALWARE-CNC Email-Worm.Win32.Bagle.of variant outbound connection (malware-cnc.rules)
 * 1:19720 <-> DISABLED <-> MALWARE-CNC Trojan-Downloader.Win32.Onestage.ws variant outbound connection (malware-cnc.rules)
 * 1:19721 <-> DISABLED <-> MALWARE-CNC Win.Trojan.IRCBot.mlh variant outbound connection (malware-cnc.rules)
 * 1:19722 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Poshtroper variant outbound connection (malware-cnc.rules)
 * 1:19723 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Pherbot variant outbound connection (malware-cnc.rules)
 * 1:19724 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent variant outbound connection (malware-cnc.rules)
 * 1:19725 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Poison variant outbound connection (malware-cnc.rules)
 * 1:19726 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Poison variant outbound connection (malware-cnc.rules)
 * 1:19727 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Bancos.DI variant outbound connection (malware-cnc.rules)
 * 1:19728 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Yayih variant outbound connection (malware-cnc.rules)
 * 1:19729 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Yayih variant outbound connection (malware-cnc.rules)
 * 1:19730 <-> ENABLED <-> MALWARE-CNC Win.Trojan.KukuBot variant outbound connection (malware-cnc.rules)
 * 1:19731 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Darkwebot variant outbound connection (malware-cnc.rules)
 * 1:19732 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Idicaf variant outbound connection (malware-cnc.rules)
 * 1:19733 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Jorik.BRU variant outbound connection (malware-cnc.rules)
 * 1:19739 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Apptom variant outbound connection (malware-cnc.rules)
 * 1:19740 <-> DISABLED <-> MALWARE-CNC Worm.Win32.AutoRun.aczu variant outbound connection (malware-cnc.rules)
 * 1:19741 <-> DISABLED <-> MALWARE-OTHER PWS.Win32.Scofted keylogger runtime detection (malware-other.rules)
 * 1:19742 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.atff variant outbound connection (malware-cnc.rules)
 * 1:19743 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Hupigon.eqlo variant outbound connection (malware-cnc.rules)
 * 1:19744 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Deecee.a variant outbound connection (malware-cnc.rules)
 * 1:19745 <-> DISABLED <-> MALWARE-CNC Win.Trojan.FraudLoad.dyl variant outbound connection (malware-cnc.rules)
 * 1:19746 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.biiw variant outbound connection (malware-cnc.rules)
 * 1:19747 <-> ENABLED <-> MALWARE-BACKDOOR Win.Trojan.GGDoor.22 variant outbound connection (malware-backdoor.rules)
 * 1:19748 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Crypt.ULPM.Gen IRC variant outbound connection (malware-cnc.rules)
 * 1:19749 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.chgp variant outbound connection (malware-cnc.rules)
 * 1:19750 <-> DISABLED <-> MALWARE-CNC PWS.Win32.Zbot.PJ variant outbound connection (malware-cnc.rules)
 * 1:19751 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Sohanad.bm variant outbound connection (malware-cnc.rules)
 * 1:19752 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader variant outbound connection (malware-cnc.rules)
 * 1:19753 <-> DISABLED <-> MALWARE-CNC Win.Trojan.TrojanSpy.Win32.Zbot.gen.C variant outbound connection (malware-cnc.rules)
 * 1:19754 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Delf.RGL variant outbound connection (malware-cnc.rules)
 * 1:19755 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Alphabet variant outbound connection (malware-cnc.rules)
 * 1:19756 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string Opera/8.89 - P2P-Worm.Win32.Palevo.ddm (malware-cnc.rules)
 * 1:19757 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.bqlu variant outbound connection (malware-cnc.rules)
 * 1:19758 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Small.yw variant outbound connection (malware-cnc.rules)
 * 1:19759 <-> DISABLED <-> MALWARE-CNC Trojan-PSW.Win32.FireThief.h variant outbound connection (malware-cnc.rules)
 * 1:19760 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Arsinfoder variant outbound connection (malware-cnc.rules)
 * 1:19761 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Ftpharvxqq variant outbound connection (malware-cnc.rules)
 * 1:19762 <-> DISABLED <-> MALWARE-CNC Win.Trojan.RDPdoor.AE variant outbound connection (malware-cnc.rules)
 * 1:19763 <-> DISABLED <-> MALWARE-CNC Win.Trojan.RDPdoor.AE variant outbound connection (malware-cnc.rules)
 * 1:19764 <-> DISABLED <-> MALWARE-CNC Win.Trojan.RDPdoor.AE variant outbound connection (malware-cnc.rules)
 * 1:19765 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Banker variant outbound connection (malware-cnc.rules)
 * 1:19766 <-> DISABLED <-> MALWARE-CNC Win.Worm.Autorun variant outbound connection (malware-cnc.rules)
 * 1:19767 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Msposer.A variant outbound connection (malware-cnc.rules)
 * 1:19769 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Yoddos outbound indicator (malware-cnc.rules)
 * 1:19770 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Yoddos variant outbound connection (malware-cnc.rules)
 * 1:19771 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Yoddos variant outbound connection (malware-cnc.rules)
 * 1:19772 <-> ENABLED <-> MALWARE-CNC Virus.Win32.Parite.B variant outbound connection (malware-cnc.rules)
 * 1:19773 <-> DISABLED <-> MALWARE-CNC Virus.Win32.Parite.B variant outbound connection (malware-cnc.rules)
 * 1:19774 <-> DISABLED <-> MALWARE-CNC Gen-Trojan.Heur variant outbound connection (malware-cnc.rules)
 * 1:19775 <-> DISABLED <-> PUA-ADWARE PWS.Win32.Ldpinch.gen outbound connection (pua-adware.rules)
 * 1:19776 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent2.guy dropper variant outbound connection (malware-cnc.rules)
 * 1:19777 <-> DISABLED <-> PUA-ADWARE Fast Antivirus 2009 outbound connection (pua-adware.rules)
 * 1:19781 <-> DISABLED <-> MALWARE-CNC Trojan-Dropper.Win32.Agent.aqpn variant outbound connection (malware-cnc.rules)
 * 1:19782 <-> DISABLED <-> MALWARE-CNC Win.Trojan.AVKill.bc variant outbound connection (malware-cnc.rules)
 * 1:19783 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload.agcw variant outbound connection (malware-cnc.rules)
 * 1:19784 <-> DISABLED <-> MALWARE-CNC Worm.Win32.AutoRun.sde variant outbound connection (malware-cnc.rules)
 * 1:19785 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Malushka.T variant outbound connection (malware-cnc.rules)
 * 1:19786 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user agent - Mozilla (malware-cnc.rules)
 * 1:19787 <-> DISABLED <-> MALWARE-CNC Exploit-PDF.t variant outbound connection (malware-cnc.rules)
 * 1:19788 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.VB.pnc variant outbound connection (malware-cnc.rules)
 * 1:19789 <-> ENABLED <-> MALWARE-CNC P2P Worm Win.Trojan.SpyBot.pgh variant outbound connection (malware-cnc.rules)
 * 1:19790 <-> DISABLED <-> MALWARE-CNC P2P Worm Win.Trojan.SpyBot.pgh variant outbound connection (malware-cnc.rules)
 * 1:19791 <-> DISABLED <-> MALWARE-CNC Trojan-Dropper.Win32.Small.awa variant outbound connection (malware-cnc.rules)
 * 1:19792 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader Win.Trojan.Caxnet.A variant outbound connection (malware-cnc.rules)
 * 1:19793 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader Win.Trojan.SillyFDC-DS variant outbound connection (malware-cnc.rules)
 * 1:19794 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Fnumbot variant outbound connection (malware-cnc.rules)
 * 1:19795 <-> DISABLED <-> MALWARE-CNC Win.Trojan.FakeAV NoAdware variant outbound connection (malware-cnc.rules)
 * 1:19796 <-> DISABLED <-> MALWARE-CNC Win.Trojan.DL.CashnJoy.A variant outbound connection (malware-cnc.rules)
 * 1:19797 <-> DISABLED <-> MALWARE-CNC Safety Center variant outbound connection (malware-cnc.rules)
 * 1:19798 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent2.kxu variant outbound connection (malware-cnc.rules)
 * 1:19799 <-> DISABLED <-> MALWARE-CNC PWS.Win32.Zbot.gen.Q variant outbound connection (malware-cnc.rules)
 * 1:19800 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Pher.ij variant outbound connection (malware-cnc.rules)
 * 1:19801 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Tracur variant outbound connection (malware-cnc.rules)
 * 1:19802 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Wixud.B variant outbound connection (malware-cnc.rules)
 * 1:19803 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Renos.FH variant outbound connection (malware-cnc.rules)
 * 1:19804 <-> DISABLED <-> MALWARE-CNC Win.Trojan.VB.ktq variant outbound connection (malware-cnc.rules)
 * 1:19805 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Smser.cx variant outbound connection (malware-cnc.rules)
 * 1:19819 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ertfor.A variant outbound connection (malware-cnc.rules)
 * 1:19820 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ertfor.A variant outbound connection (malware-cnc.rules)
 * 1:19821 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Bagle.gen.C variant outbound connection (malware-cnc.rules)
 * 1:19822 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload.HH variant outbound connection (malware-cnc.rules)
 * 1:19823 <-> DISABLED <-> PUA-ADWARE Downloader.Banload.AKBB outbound connection (pua-adware.rules)
 * 1:19824 <-> DISABLED <-> MALWARE-CNC Gen-Trojan.Heur variant outbound connection (malware-cnc.rules)
 * 1:19825 <-> DISABLED <-> SERVER-APACHE Apache Killer denial of service tool exploit attempt (server-apache.rules)
 * 1:19827 <-> DISABLED <-> PUA-ADWARE PWS-QQGame outbound connection (pua-adware.rules)
 * 1:19828 <-> DISABLED <-> MALWARE-CNC Win.Trojan.SpyAgent.B variant outbound connection (malware-cnc.rules)
 * 1:19829 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Rbot.gen variant outbound connection (malware-cnc.rules)
 * 1:19830 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Poebot.BP variant outbound connection (malware-cnc.rules)
 * 1:19831 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zbot.SO variant outbound connection (malware-cnc.rules)
 * 1:19832 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Veslorn.gen.A variant outbound connection (malware-cnc.rules)
 * 1:19833 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload.bda variant outbound connection (malware-cnc.rules)
 * 1:19834 <-> DISABLED <-> MALWARE-CNC Win.Trojan.ZBot.RD variant outbound connection (malware-cnc.rules)
 * 1:19835 <-> DISABLED <-> PUA-ADWARE Delphi-Piette Windows (pua-adware.rules)
 * 1:19836 <-> DISABLED <-> MALWARE-CNC Spy-Net 0.7 runtime (malware-cnc.rules)
 * 1:19837 <-> DISABLED <-> PUA-ADWARE Spyware Guard 2008 outbound connection (pua-adware.rules)
 * 1:19838 <-> DISABLED <-> PUA-ADWARE Spyware Guard 2008 outbound connection (pua-adware.rules)
 * 1:19839 <-> DISABLED <-> PUA-ADWARE Antivirus XP 2008 runtime detection (pua-adware.rules)
 * 1:19840 <-> DISABLED <-> PUA-ADWARE XP Antispyware 2009 outbound connection (pua-adware.rules)
 * 1:19841 <-> DISABLED <-> PUA-ADWARE 0desa MSN password stealer (pua-adware.rules)
 * 1:19842 <-> DISABLED <-> PUA-ADWARE Windows Antivirus 2008 (pua-adware.rules)
 * 1:19843 <-> DISABLED <-> PUA-ADWARE Windows Antivirus 2008 (pua-adware.rules)
 * 1:19848 <-> DISABLED <-> PUA-ADWARE Adware.Virtumonde runtime detection (pua-adware.rules)
 * 1:19849 <-> DISABLED <-> PUA-ADWARE Adware.Virtumonde runtime detection (pua-adware.rules)
 * 1:19850 <-> DISABLED <-> MALWARE-CNC Worm.Win32.AutoRun.qgg variant outbound connection (malware-cnc.rules)
 * 1:19851 <-> DISABLED <-> MALWARE-CNC Worm.Win32.AutoRun.qgg variant outbound connection (malware-cnc.rules)
 * 1:19852 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Delf.tbv variant outbound connection (malware-cnc.rules)
 * 1:19853 <-> DISABLED <-> PUA-ADWARE Wowpa KI outbound connection (pua-adware.rules)
 * 1:19856 <-> DISABLED <-> MALWARE-CNC Packed.Win32.Krap.i variant outbound connection (malware-cnc.rules)
 * 1:19857 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Hupigon.hhbd variant outbound connection - Windows (malware-cnc.rules)
 * 1:19858 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Hupigon.hhbd variant outbound connection - non-Windows (malware-cnc.rules)
 * 1:19859 <-> DISABLED <-> PUA-ADWARE XP Deluxe Protector outbound connection (pua-adware.rules)
 * 1:19860 <-> DISABLED <-> PUA-ADWARE Trust Warrior outbound connection (pua-adware.rules)
 * 1:19861 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.cqcv variant outbound connection (malware-cnc.rules)
 * 1:19862 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Scar.iej variant outbound connection (malware-cnc.rules)
 * 1:19863 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Httpbot.yi variant outbound connection (malware-cnc.rules)
 * 1:19864 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Nvbpass variant outbound connection (malware-cnc.rules)
 * 1:19865 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Arhost.D variant outbound connection (malware-cnc.rules)
 * 1:19895 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Delf.jwh variant outbound connection (malware-cnc.rules)
 * 1:19896 <-> DISABLED <-> PUA-ADWARE Adware.Win32.Frosty Goes Skiing Screen Saver 2.2 Install Detection (pua-adware.rules)
 * 1:19897 <-> DISABLED <-> PUA-TOOLBARS Adware.Win32.Frosty Goes Skiing Screen Saver 2.2 Runtime Detection (pua-toolbars.rules)
 * 1:19898 <-> DISABLED <-> MALWARE-CNC Cinmus Variant variant outbound connection (malware-cnc.rules)
 * 1:19899 <-> ENABLED <-> MALWARE-OTHER Tong Keylogger outbound connectiooutbound connection (malware-other.rules)
 * 1:19900 <-> DISABLED <-> MALWARE-OTHER Tong Keylogger outbound connection (malware-other.rules)
 * 1:19901 <-> DISABLED <-> MALWARE-OTHER Tong Keylogger outbound connection (malware-other.rules)
 * 1:19902 <-> DISABLED <-> PUA-ADWARE Targetedbanner.biz Adrotator outbound connection (pua-adware.rules)
 * 1:19903 <-> DISABLED <-> PUA-ADWARE Win32.Agent.vvm outbound connection (pua-adware.rules)
 * 1:19904 <-> DISABLED <-> PUA-ADWARE WinReanimator outbound connection (pua-adware.rules)
 * 1:19905 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Small.jog variant outbound connection (malware-cnc.rules)
 * 1:19906 <-> DISABLED <-> PUA-TOOLBARS 6SQ Toolbar runtime detection (pua-toolbars.rules)
 * 1:19912 <-> ENABLED <-> MALWARE-CNC Win.Trojan.DelfInject.gen!X variant outbound connection (malware-cnc.rules)
 * 1:19913 <-> ENABLED <-> MALWARE-CNC URI request for known malicious URI - optima/index.php (malware-cnc.rules)
 * 1:19914 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Quivoe.A variant outbound connection (malware-cnc.rules)
 * 1:19915 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Gnutler.apd variant outbound connection (malware-cnc.rules)
 * 1:19916 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Bancos.ACB variant outbound connection (malware-cnc.rules)
 * 1:19917 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Sogu.A variant outbound connection (malware-cnc.rules)
 * 1:19918 <-> DISABLED <-> MALWARE-CNC Win.Worm.Ganelp.B variant outbound connection (malware-cnc.rules)
 * 1:19919 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Murcy.A variant outbound connection (malware-cnc.rules)
 * 1:19920 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Reppserv.A outbond connection (malware-cnc.rules)
 * 1:19921 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Puprlehzae.A variant outbound connection (malware-cnc.rules)
 * 1:19922 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Shiz.ivr variant outbound connection (malware-cnc.rules)
 * 1:19923 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Venik.B variant outbound connection (malware-cnc.rules)
 * 1:19924 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Spidern.A variant outbound connection (malware-cnc.rules)
 * 1:19927 <-> DISABLED <-> MALWARE-BACKDOOR BRX Rat 0.02 inbound connection (malware-backdoor.rules)
 * 1:19928 <-> DISABLED <-> MALWARE-BACKDOOR BRX Rat 0.02 inbound connection (malware-backdoor.rules)
 * 1:19929 <-> DISABLED <-> MALWARE-BACKDOOR BRX Rat 0.02 inbound connection (malware-backdoor.rules)
 * 1:19930 <-> DISABLED <-> MALWARE-BACKDOOR BRX Rat 0.02 inbound connection (malware-backdoor.rules)
 * 1:19931 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Lineage.Gen.Pac.3 variant outbound connection (malware-cnc.rules)
 * 1:19934 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string MYURL (malware-cnc.rules)
 * 1:19935 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dropper Win.Trojan.Delf.aba variant outbound connection (malware-cnc.rules)
 * 1:19936 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dropper Win.Trojan.Delf.aba variant outbound connection (malware-cnc.rules)
 * 1:19939 <-> DISABLED <-> PUA-ADWARE WeatherStudio outbound connection (pua-adware.rules)
 * 1:19940 <-> DISABLED <-> MALWARE-CNC Trojan-Dropper.IRC.TKB variant outbound connection - dir4you (malware-cnc.rules)
 * 1:19941 <-> DISABLED <-> MALWARE-CNC TrojanSpy Win.Trojan.Zbot.Gen variant outbound connection (malware-cnc.rules)
 * 1:19942 <-> DISABLED <-> MALWARE-CNC TrojanSpy Win.Trojan.Zbot.Gen variant outbound connection (malware-cnc.rules)
 * 1:19944 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Banload.ykl variant outbound connection (malware-cnc.rules)
 * 1:19945 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Agent.amwd variant outbound connection (malware-cnc.rules)
 * 1:19946 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Agent.amwd variant outbound connection (malware-cnc.rules)
 * 1:19947 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.amwd variant outbound connection (malware-cnc.rules)
 * 1:19948 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.asjk variant outbound connection (malware-cnc.rules)
 * 1:19949 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.asjk variant outbound connection (malware-cnc.rules)
 * 1:19950 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Defsel inbound connection (malware-cnc.rules)
 * 1:19951 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Defsel variant outbound connection (malware-cnc.rules)
 * 1:19952 <-> ENABLED <-> MALWARE-CNC Biodox inbound connection (malware-cnc.rules)
 * 1:19953 <-> DISABLED <-> MALWARE-CNC Biodox variant outbound connection (malware-cnc.rules)
 * 1:19954 <-> DISABLED <-> MALWARE-CNC Hack Style RAT variant outbound connection (malware-cnc.rules)
 * 1:19955 <-> DISABLED <-> MALWARE-CNC PaiN RAT 0.1 variant outbound connection (malware-cnc.rules)
 * 1:19957 <-> DISABLED <-> MALWARE-CNC Arabian-Attacker 1.1.0 variant outbound connection (malware-cnc.rules)
 * 1:19958 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.aulk variant outbound connection (malware-cnc.rules)
 * 1:19959 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.aulk variant outbound connection (malware-cnc.rules)
 * 1:19960 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.aulk variant outbound connection (malware-cnc.rules)
 * 1:19961 <-> DISABLED <-> MALWARE-CNC Fouad 1.0 variant outbound connection (malware-cnc.rules)
 * 1:19962 <-> DISABLED <-> MALWARE-CNC Email-Worm.CryptBox-A variant outbound connection (malware-cnc.rules)
 * 1:19963 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Banload.aajs variant outbound connection (malware-cnc.rules)
 * 1:19965 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Agent.avzz variant outbound connection (malware-cnc.rules)
 * 1:19966 <-> DISABLED <-> MALWARE-CNC Octopus 0.1 inbound connection (malware-cnc.rules)
 * 1:19967 <-> DISABLED <-> MALWARE-CNC Trojan-PSW.Win32.Papras.dm variant outbound connection (malware-cnc.rules)
 * 1:19968 <-> DISABLED <-> MALWARE-CNC Win.Trojan.PSW.QQPass.amx variant outbound connection (malware-cnc.rules)
 * 1:19969 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Crypt.CY variant outbound connection (malware-cnc.rules)
 * 1:19970 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Smalltroj.MHYR variant outbound connection (malware-cnc.rules)
 * 1:19971 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Mudrop.lj variant outbound connection (malware-cnc.rules)
 * 1:19973 <-> DISABLED <-> MALWARE-CNC Worm.Win.Trojan.Nebuler.D variant outbound connection (malware-cnc.rules)
 * 1:19974 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Small.bwj variant outbound connection (malware-cnc.rules)
 * 1:19975 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Crypt.vb variant outbound connection (malware-cnc.rules)
 * 1:19977 <-> DISABLED <-> MALWARE-CNC Win.Trojan.LooksLike.Zaplot variant outbound connection (malware-cnc.rules)
 * 1:19979 <-> DISABLED <-> MALWARE-CNC IRCBot runtime traffic detected (malware-cnc.rules)
 * 1:19980 <-> DISABLED <-> MALWARE-CNC IRCBot runtime traffic detected (malware-cnc.rules)
 * 1:19981 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Micstus.A runtime traffic detected (malware-cnc.rules)
 * 1:19982 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.wwe variant outbound connection (malware-cnc.rules)
 * 1:19983 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Kolabc.fic variant outbound connection (malware-cnc.rules)
 * 1:19984 <-> DISABLED <-> PUA-ADWARE Antivirus 2010 outbound connection (pua-adware.rules)
 * 1:19987 <-> DISABLED <-> PUA-ADWARE PCLiveGuard outbound connection (pua-adware.rules)
 * 1:19988 <-> DISABLED <-> MALWARE-CNC Asprox variant outbound connection (malware-cnc.rules)
 * 1:19989 <-> DISABLED <-> PUA-ADWARE Total Protect 2009 outbound connection (pua-adware.rules)
 * 1:19990 <-> DISABLED <-> PUA-ADWARE Total Protect 2009 outbound connection (pua-adware.rules)
 * 1:19991 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zbot.PG runtime traffic detected (malware-cnc.rules)
 * 1:19992 <-> DISABLED <-> MALWARE-CNC Trojan-Dropper.Win32.Farfli.A runtime traffic detected (malware-cnc.rules)
 * 1:19993 <-> DISABLED <-> MALWARE-CNC Win32 Poebot runtime traffic detected (malware-cnc.rules)
 * 1:19994 <-> DISABLED <-> PUA-ADWARE Antivirus 360 outbound connection (pua-adware.rules)
 * 1:19995 <-> ENABLED <-> MALWARE-CNC Waledac variant outbound connection (malware-cnc.rules)
 * 1:19996 <-> DISABLED <-> MALWARE-CNC Worm Brontok.C variant outbound connection (malware-cnc.rules)
 * 1:19997 <-> DISABLED <-> MALWARE-CNC Win.Trojan.PSW.Win32.QQPass.gam variant outbound connection (malware-cnc.rules)
 * 1:19998 <-> ENABLED <-> PUA-ADWARE IP address disclosure to advertisement sites attempt (pua-adware.rules)
 * 1:19999 <-> DISABLED <-> PUA-ADWARE ThreatNuker outbound connection (pua-adware.rules)
 * 1:20001 <-> ENABLED <-> MALWARE-CNC Allaple.e variant outbound connection (malware-cnc.rules)
 * 1:20002 <-> DISABLED <-> MALWARE-CNC Allaple.e variant outbound connection (malware-cnc.rules)
 * 1:20003 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Spy Pilonoc runtime traffic detected (malware-cnc.rules)
 * 1:20004 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Spy Pilonoc install-time traffic detected (malware-cnc.rules)
 * 1:20005 <-> DISABLED <-> MALWARE-CNC Win32 Lecna.cr runtime traffic detected (malware-cnc.rules)
 * 1:20006 <-> DISABLED <-> MALWARE-CNC Worm Plurp.A runtime traffic detected (malware-cnc.rules)
 * 1:20007 <-> DISABLED <-> PUA-ADWARE Cinmus.asaq outbound connection (pua-adware.rules)
 * 1:20008 <-> DISABLED <-> MALWARE-CNC Malware PDFMarca.A runtime traffic detected (malware-cnc.rules)
 * 1:20009 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious User-Agent string Baby Remote - Win32/Babmote.A (malware-cnc.rules)
 * 1:20010 <-> DISABLED <-> MALWARE-CNC Win32/Babmote.A runtime TCP traffic detected (malware-cnc.rules)
 * 1:20011 <-> ENABLED <-> MALWARE-CNC Briewots.A runtime traffic detected (malware-cnc.rules)
 * 1:20012 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string feranet/0.4 - Win32/Ferabsa.A (malware-cnc.rules)
 * 1:20014 <-> DISABLED <-> MALWARE-CNC Kaju variant outbound connection - confirmation (malware-cnc.rules)
 * 1:20015 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zeus variant outbound connection (malware-cnc.rules)
 * 1:20016 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zeus variant outbound connection (malware-cnc.rules)
 * 1:20017 <-> DISABLED <-> MALWARE-CNC Win.Worm.Koobface.dq variant outbound connection (malware-cnc.rules)
 * 1:20018 <-> DISABLED <-> MALWARE-CNC Win.Worm.Autorun variant outbound connection (malware-cnc.rules)
 * 1:20019 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user agent - test (malware-cnc.rules)
 * 1:20021 <-> ENABLED <-> MALWARE-CNC Win.Worm.Brontok user-agent outbound connection (malware-cnc.rules)
 * 1:20022 <-> DISABLED <-> MALWARE-CNC Win.Worm.Padobot.z variant outbound connection (malware-cnc.rules)
 * 1:20023 <-> DISABLED <-> MALWARE-CNC Advanced Virus Remover variant outbound connection (malware-cnc.rules)
 * 1:20024 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dreamy.bc variant outbound connection (malware-cnc.rules)
 * 1:20025 <-> DISABLED <-> PUA-ADWARE VirusBye outbound connection (pua-adware.rules)
 * 1:20026 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Banker.abg.b variant outbound connection (malware-cnc.rules)
 * 1:20028 <-> DISABLED <-> MALWARE-CNC Windows Antivirus Pro variant outbound connection (malware-cnc.rules)
 * 1:20034 <-> DISABLED <-> FILE-OTHER ESTsoft ALZip MIM file buffer overflow attempt (file-other.rules)
 * 1:20035 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win32 Coinbit.A runtime traffic detected (malware-cnc.rules)
 * 1:20036 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win32 Agent.ndau runtime traffic detected (malware-cnc.rules)
 * 1:20037 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.cve runtime traffic detected (malware-cnc.rules)
 * 1:20038 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.cve runtime traffic detected (malware-cnc.rules)
 * 1:20039 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string Hardcore Software (malware-cnc.rules)
 * 1:20040 <-> DISABLED <-> MALWARE-CNC Win.Trojan.KSpyPro.A variant outbound connection (malware-cnc.rules)
 * 1:20041 <-> DISABLED <-> PUA-ADWARE Adware.BB outbound connection (pua-adware.rules)
 * 1:20042 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Sinowal outbond connection (malware-cnc.rules)
 * 1:20043 <-> DISABLED <-> MALWARE-CNC Adware Kraddare.AZ variant outbound connection (malware-cnc.rules)
 * 1:20057 <-> DISABLED <-> MALWARE-CNC BitCoin Miner IP query (malware-cnc.rules)
 * 1:20063 <-> DISABLED <-> PUA-ADWARE SecurityTool outbound connection (pua-adware.rules)
 * 1:20064 <-> DISABLED <-> MALWARE-CNC Malware Win.Trojan.Clemag.A variant outbound connection (malware-cnc.rules)
 * 1:20066 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win32 SensLiceld.A runtime traffic detected (malware-cnc.rules)
 * 1:20067 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win32 Zatvex.A runtime traffic detected (malware-cnc.rules)
 * 1:20068 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Jetilms.A runtime activity detected (malware-cnc.rules)
 * 1:20069 <-> DISABLED <-> MALWARE-CNC Win.Trojan.VB.alhq runtime traffic detected (malware-cnc.rules)
 * 1:20074 <-> DISABLED <-> MALWARE-CNC Win.Trojan.IRCBot.iseee variant outbound connection (malware-cnc.rules)
 * 1:20075 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ruskill.abl variant outbound connection (malware-cnc.rules)
 * 1:20076 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agobot.ast variant outbound connection (malware-cnc.rules)
 * 1:20077 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agobot.ast variant outbound connection (malware-cnc.rules)
 * 1:20078 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Russkill.C variant outbound connection (malware-cnc.rules)
 * 1:20079 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Russkill.C variant outbound connection (malware-cnc.rules)
 * 1:20080 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Derusbi.A variant outbound connection (malware-cnc.rules)
 * 1:20081 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Yakes.cbi variant outbound connection (malware-cnc.rules)
 * 1:20082 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Inject.raw variant outbound connection (malware-cnc.rules)
 * 1:20083 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Fucobha.A variant outbound connection (malware-cnc.rules)
 * 1:20085 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Veebuu.BX variant outbound connection (malware-cnc.rules)
 * 1:20086 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload.ABY variant outbound connection (malware-cnc.rules)
 * 1:20087 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.FGU variant outbound connection (malware-cnc.rules)
 * 1:20088 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Emudbot.A variant outbound connection (malware-cnc.rules)
 * 1:20096 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Agent.dcir variant outbound connection (malware-cnc.rules)
 * 1:20097 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.dcir infected host at destination ip (malware-cnc.rules)
 * 1:20098 <-> DISABLED <-> MALWARE-CNC Win.Trojan.KeyLogger.wav variant outbound connection (malware-cnc.rules)
 * 1:20099 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Xtrat.A variant outbound connection (malware-cnc.rules)
 * 1:20104 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string - InfoBot (malware-cnc.rules)
 * 1:20105 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string - IPHONE (malware-cnc.rules)
 * 1:20106 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string - darkness (malware-cnc.rules)
 * 1:20107 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Small.Cns variant outbound connection (malware-cnc.rules)
 * 1:20108 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.Pher variant outbound connection (malware-cnc.rules)
 * 1:20109 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zombie.sm variant outbound connection (malware-cnc.rules)
 * 1:20123 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ShrFmla record use after free attempt (file-office.rules)
 * 1:20128 <-> DISABLED <-> FILE-OFFICE Microsoft Office invalid MS-OGRAPH DataFormat buffer overflow attempt (file-office.rules)
 * 1:20179 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM ovlogin.exe userid parameter buffer overflow attempt (server-webapp.rules)
 * 1:20180 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM ovlogin.exe passwd parameter buffer overflow attempt (server-webapp.rules)
 * 1:20202 <-> ENABLED <-> MALWARE-CNC Apple OSX.Revir-1 variant outbound connection (malware-cnc.rules)
 * 1:20204 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Taidoor variant outbound connection (malware-cnc.rules)
 * 1:20205 <-> DISABLED <-> MALWARE-CNC Win32/Poison beaconing request (malware-cnc.rules)
 * 1:20213 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Swisyn variant outbound connection (malware-cnc.rules)
 * 1:20217 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ramagedos.A variant outbound connection (malware-cnc.rules)
 * 1:20218 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ramagedos.A variant outbound connection (malware-cnc.rules)
 * 1:20219 <-> DISABLED <-> MALWARE-CNC Win.Trojan.ToriaSpy.A variant outbound connection (malware-cnc.rules)
 * 1:20220 <-> DISABLED <-> PUA-ADWARE Adware.Wizpop outbound connection (pua-adware.rules)
 * 1:20221 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Injector variant outbound connection (malware-cnc.rules)
 * 1:20222 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Payazol.B variant outbound connection (malware-cnc.rules)
 * 1:20223 <-> ENABLED <-> FILE-IDENTIFY SMI file download request (file-identify.rules)
 * 1:20224 <-> DISABLED <-> FILE-MULTIMEDIA MPlayer SMI file buffer overflow attempt (file-multimedia.rules)
 * 1:20225 <-> ENABLED <-> FILE-OTHER SMI file download request (file-other.rules)
 * 1:20226 <-> DISABLED <-> FILE-OTHER MPlayer SMI file buffer overflow attempt (file-other.rules)
 * 1:20228 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Hupigon variant outbound connection (malware-cnc.rules)
 * 1:20229 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Jinchodz variant outbound connection (malware-cnc.rules)
 * 1:20230 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string 0pera 10 (malware-cnc.rules)
 * 1:20231 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string Mozilla//4.0 (malware-cnc.rules)
 * 1:20232 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Cycbot variant outbound connection (malware-cnc.rules)
 * 1:20233 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Virut variant outbound connection (malware-cnc.rules)
 * 1:20234 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ceckno.cmz runtime traffic detected (malware-cnc.rules)
 * 1:20235 <-> DISABLED <-> MALWARE-CNC Win.Trojan.AdobeReader.Uz runtime traffic detected (malware-cnc.rules)
 * 1:20252 <-> DISABLED <-> MALWARE-CNC DroidKungFu check-in (malware-cnc.rules)
 * 1:20280 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Kazy variant outbound connection (malware-cnc.rules)
 * 1:20281 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Kazy variant outbound connection (malware-cnc.rules)
 * 1:20289 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Doschald.A variant outbound connection (malware-cnc.rules)
 * 1:20290 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Doschald.A inbound connection (malware-cnc.rules)
 * 1:20291 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Mybios.A variant outbound connection (malware-cnc.rules)
 * 1:20292 <-> DISABLED <-> MALWARE-CNC Win.Trojan.FresctSpy.A variant outbound connection (malware-cnc.rules)
 * 1:20293 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string MBVDFRESCT (malware-cnc.rules)
 * 1:20387 <-> DISABLED <-> PROTOCOL-VOIP T.38 fax rate management attribute buffer overflow attempt (protocol-voip.rules)
 * 1:20388 <-> DISABLED <-> PROTOCOL-VOIP T.38 fax EC attribute buffer overflow attempt (protocol-voip.rules)
 * 1:20428 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zewit.A variant outbound connection (malware-cnc.rules)
 * 1:20429 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader U3D CLODMeshDeceleration code execution attempt (file-pdf.rules)
 * 1:20431 <-> DISABLED <-> FILE-OTHER Wireshark DECT packet dissector overflow attempt (file-other.rules)
 * 1:20433 <-> DISABLED <-> PUA-ADWARE XP Guardian 2010 anutayadokalug host outbound connection (pua-adware.rules)
 * 1:20434 <-> DISABLED <-> PUA-ADWARE XP Guardian 2010 proantivirus21 host runtime traffic detection (pua-adware.rules)
 * 1:20435 <-> DISABLED <-> MALWARE-CNC TrojanSpy Win.Trojan.Zbot.Svr runtime traffic detected (malware-cnc.rules)
 * 1:20444 <-> DISABLED <-> FILE-JAVA Oracle Java browser plugin docbase overflow attempt (file-java.rules)
 * 1:20447 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.JAAK variant outbound connection (malware-cnc.rules)
 * 1:20448 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Meciv.A variant outbound connection (malware-cnc.rules)
 * 1:20449 <-> DISABLED <-> MALWARE-CNC Win.Worm.Busifom.A variant outbound connection (malware-cnc.rules)
 * 1:20525 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Duqu variant outbound connection (malware-cnc.rules)
 * 1:20527 <-> ENABLED <-> MALWARE-CNC Sirefef initial C&C connection variant outbound connection (malware-cnc.rules)
 * 1:20528 <-> DISABLED <-> SERVER-APACHE Apache mod_proxy reverse proxy information disclosure attempt (server-apache.rules)
 * 1:20558 <-> ENABLED <-> EXPLOIT-KIT URI request for known malicious URI /stat2.php (exploit-kit.rules)
 * 1:20559 <-> DISABLED <-> FILE-MULTIMEDIA Nullsoft Winamp MIDI file buffer overflow attempt (file-multimedia.rules)
 * 1:20561 <-> DISABLED <-> MALWARE-CNC Win.Trojan.PWSBanker.SHE variant outbound connection (malware-cnc.rules)
 * 1:20562 <-> DISABLED <-> MALWARE-CNC Win.Trojan.PWSBanker.SHE variant outbound connection (malware-cnc.rules)
 * 1:20565 <-> DISABLED <-> FILE-OTHER Nullsoft Winamp AMF file buffer overflow attempt (file-other.rules)
 * 1:20566 <-> DISABLED <-> FILE-OTHER Nullsoft Winamp AMF file buffer overflow attempt (file-other.rules)
 * 1:20569 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Small.kb variant outbound connection (malware-cnc.rules)
 * 1:20570 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Small.kb variant outbound connection (malware-cnc.rules)
 * 1:20571 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Small.kb variant outbound connection (malware-cnc.rules)
 * 1:20587 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Larchik.A variant outbound connection (malware-cnc.rules)
 * 1:20595 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ixeshe.F variant outbound connection (malware-cnc.rules)
 * 1:20596 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Smoaler.A variant outbound connection (malware-cnc.rules)
 * 1:20597 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Smoaler.A variant outbound connection (malware-cnc.rules)
 * 1:20598 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Smoaler.A variant outbound connection (malware-cnc.rules)
 * 1:20599 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Smoaler.A variant outbound connection (malware-cnc.rules)
 * 1:20604 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Buzus.isqy variant outbound connection (malware-cnc.rules)
 * 1:20605 <-> DISABLED <-> MALWARE-CNC Win.Trojan.R2d2.A contact to cnc server (malware-cnc.rules)
 * 1:20606 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Domsingx.A variant outbound connection (malware-cnc.rules)
 * 1:20619 <-> DISABLED <-> SERVER-WEBAPP CoreHTTP Long buffer overflow attempt (server-webapp.rules)
 * 1:20620 <-> DISABLED <-> SERVER-WEBAPP CoreHTTP Long buffer overflow attempt (server-webapp.rules)
 * 1:20622 <-> DISABLED <-> FILE-JAVA Oracle Java Applet remote code execution attempt (file-java.rules)
 * 1:20626 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Shylock.A variant outbound connection (malware-cnc.rules)
 * 1:20627 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Shylock.A C&C server response (malware-cnc.rules)
 * 1:20628 <-> DISABLED <-> SERVER-WEBAPP HP Data Protector FinishedCopy SQL Injection attempt (server-webapp.rules)
 * 1:20630 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Winnti.A contact to cnc server (malware-cnc.rules)
 * 1:20632 <-> DISABLED <-> SERVER-WEBAPP AnnoncesV annonce.php remote file include attempt (server-webapp.rules)
 * 1:20635 <-> DISABLED <-> SERVER-WEBAPP HP Data Protector GetPolicies SQL Injection attempt (server-webapp.rules)
 * 1:20636 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS5 gif file heap corruption attempt (file-image.rules)
 * 1:20637 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS5 gif file heap corruption attempt (file-image.rules)
 * 1:20639 <-> DISABLED <-> MALWARE-CNC Malware Win.Trojan.Higest.N variant outbound connection (malware-cnc.rules)
 * 1:20659 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader malformed shading modifier heap corruption attempt (file-pdf.rules)
 * 1:20661 <-> DISABLED <-> MALWARE-CNC Simbda variant outbound connection (malware-cnc.rules)
 * 1:20668 <-> DISABLED <-> EXPLOIT-KIT URI request for known malicious URI - /content/v1.jar (exploit-kit.rules)
 * 1:20669 <-> DISABLED <-> EXPLOIT-KIT URI request for known malicious URI - w.php?f= (exploit-kit.rules)
 * 1:20676 <-> DISABLED <-> MALWARE-CNC Win.Trojan.EggDrop.acn variant outbound connection (malware-cnc.rules)
 * 1:20677 <-> DISABLED <-> MALWARE-CNC Win.Trojan.EggDrop.acn variant outbound connection (malware-cnc.rules)
 * 1:20678 <-> DISABLED <-> MALWARE-CNC Trojan-Downloader.Win32.Genome.aior variant outbound connection (malware-cnc.rules)
 * 1:20679 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Syrutrk variant outbound connection (malware-cnc.rules)
 * 1:20680 <-> DISABLED <-> SERVER-WEBAPP Flashchat aedating4CMS.php remote file include attempt (server-webapp.rules)
 * 1:20681 <-> DISABLED <-> MALWARE-CNC Trojan-Downloader.Win32.Agent.NMS variant outbound connection (malware-cnc.rules)
 * 1:20682 <-> DISABLED <-> MALWARE-CNC Trojan-Downloader.Win32.Agent.NMS variant outbound connection (malware-cnc.rules)
 * 1:20683 <-> DISABLED <-> MALWARE-CNC Cleanvaccine variant outbound connection (malware-cnc.rules)
 * 1:20684 <-> DISABLED <-> MALWARE-CNC Cleanvaccine variant outbound connection (malware-cnc.rules)
 * 1:20685 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Heloag.A variant outbound connection (malware-cnc.rules)
 * 1:20686 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Virut.BM connect to client (malware-cnc.rules)
 * 1:20687 <-> DISABLED <-> MALWARE-CNC Trojan-Downloader.Win32.Genome.akhg variant outbound connection (malware-cnc.rules)
 * 1:20688 <-> DISABLED <-> MALWARE-CNC Trojan-Spy.Win32.Zbot.Jeib variant outbound connection (malware-cnc.rules)
 * 1:20689 <-> DISABLED <-> MALWARE-CNC Trojan-Spy.Win32.Zbot.Jeib variant outbound connection (malware-cnc.rules)
 * 1:20691 <-> DISABLED <-> POLICY-OTHER Cisco Network Registrar default credentials authentication attempt (policy-other.rules)
 * 1:20692 <-> DISABLED <-> POLICY-OTHER Cisco network registrar default credentials authentication attempt (policy-other.rules)
 * 1:20693 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Blackcontrol.A variant outbound connection (malware-cnc.rules)
 * 1:20694 <-> DISABLED <-> MALWARE-CNC Win.Trojan.SSonce.A variant outbound connection (malware-cnc.rules)
 * 1:20695 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.GZW connect to cnc server (malware-cnc.rules)
 * 1:20696 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ransom.CK connect to cnc server (malware-cnc.rules)
 * 1:20697 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ransom.CK connect to cnc server (malware-cnc.rules)
 * 1:20722 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (file-office.rules)
 * 1:20728 <-> DISABLED <-> SERVER-WEBAPP WoW Roster remote file include with hslist.php and conf.php attempt (server-webapp.rules)
 * 1:20731 <-> DISABLED <-> SERVER-WEBAPP TSEP tsep_config absPath parameter PHP remote file include attempt (server-webapp.rules)
 * 1:20752 <-> DISABLED <-> PUA-ADWARE Win32.GameVance outbound connection (pua-adware.rules)
 * 1:20753 <-> DISABLED <-> PUA-ADWARE Win32.GamePlayLabs outbound connection (pua-adware.rules)
 * 1:20754 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Virut-3 variant outbound connection (malware-cnc.rules)
 * 1:20755 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Krap variant outbound connection (malware-cnc.rules)
 * 1:20756 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Jorik variant outbound connection (malware-cnc.rules)
 * 1:20759 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Gbot.oce variant outbound connection (malware-cnc.rules)
 * 1:20762 <-> ENABLED <-> MALWARE-CNC MacOS.Flashback.A variant outbound connection (malware-cnc.rules)
 * 1:20830 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banbra.amdu variant outbound connection (malware-cnc.rules)
 * 1:20831 <-> ENABLED <-> FILE-JAVA Oracle Java Applet Rhino script engine remote code execution attempt (file-java.rules)
 * 1:20836 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zusy.A runtime traffic detected (malware-cnc.rules)
 * 1:20837 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Mecklow.C runtime traffic detected (malware-cnc.rules)
 * 1:20838 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Smokebot.A runtime traffic detected (malware-cnc.rules)
 * 1:20842 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules)
 * 1:20843 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules)
 * 1:20844 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.smxy runtime traffic detected (malware-cnc.rules)
 * 1:20845 <-> DISABLED <-> SERVER-WEBAPP HP Network Node Manager cross site scripting attempt (server-webapp.rules)
 * 1:20877 <-> DISABLED <-> MALWARE-CNC RunTime Worm.Win32.Warezov.gs variant outbound connection (malware-cnc.rules)
 * 1:20890 <-> DISABLED <-> MALWARE-CNC Win.Trojan.VB.adbp runtime traffic detected (malware-cnc.rules)
 * 1:20891 <-> DISABLED <-> MALWARE-CNC Win.Trojan.VB.adbp runtime traffic detected (malware-cnc.rules)
 * 1:20892 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Skopvel.A runtime traffic detected (malware-cnc.rules)
 * 1:20927 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Spyeye-207 variant outbound connection (malware-cnc.rules)
 * 1:20995 <-> DISABLED <-> POLICY-OTHER HP SiteScope integrationViewer default credentials policy-bypass attempt (policy-other.rules)
 * 1:20996 <-> DISABLED <-> POLICY-OTHER HP SiteScope integrationViewer default credentials policy-bypass attempt (policy-other.rules)
 * 1:21051 <-> DISABLED <-> SERVER-WEBAPP Apple OSX software update command execution attempt (server-webapp.rules)
 * 1:21055 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Utka.A variant outbound connection (malware-cnc.rules)
 * 1:21057 <-> DISABLED <-> FILE-OTHER Java Applet Rhino script engine remote code execution attempt (file-other.rules)
 * 1:21058 <-> DISABLED <-> MALWARE-CNC Win.Trojan.AutoIt.pm runtime traffic detected (malware-cnc.rules)
 * 1:21065 <-> DISABLED <-> SERVER-WEBAPP Symantec IM Manager Edituser cross site scripting attempt (server-webapp.rules)
 * 1:21066 <-> DISABLED <-> SERVER-WEBAPP Symantec IM Manager Systemdashboard cross site scripting attempt (server-webapp.rules)
 * 1:21067 <-> DISABLED <-> SERVER-WEBAPP Symantec IM Manager TOC_simple cross site scripting attempt (server-webapp.rules)
 * 1:21082 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel window2 record use after free attempt (file-office.rules)
 * 1:21083 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel window2 record use after free attempt (file-office.rules)
 * 1:21087 <-> DISABLED <-> MALWARE-CNC Bindow.Worm runtime traffic detected (malware-cnc.rules)
 * 1:21093 <-> DISABLED <-> FILE-MULTIMEDIA A-PDF Wav to mp3 converter buffer overfow (file-multimedia.rules)
 * 1:21100 <-> DISABLED <-> PROTOCOL-RPC Novell Netware xdr decode string length buffer overflow attempt (protocol-rpc.rules)
 * 1:21107 <-> DISABLED <-> FILE-MULTIMEDIA MJM Quickplayer s3m buffer overflow (file-multimedia.rules)
 * 1:21112 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer mpeg width integer memory underflow attempt (file-multimedia.rules)
 * 1:21116 <-> DISABLED <-> FILE-OTHER Cisco Webex selector and size2 subrecords corruption attempt (file-other.rules)
 * 1:21122 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Bandok.zp runtime traffic detected (malware-cnc.rules)
 * 1:21123 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Flymux.A runtime traffic detected (malware-cnc.rules)
 * 1:21124 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Opachki.A runtime traffic detected (malware-cnc.rules)
 * 1:21125 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Alureon.DG runtime traffic detected (malware-cnc.rules)
 * 1:21126 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Koutodoor.C runtime traffic detected (malware-cnc.rules)
 * 1:21127 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Setfic.A runtime traffic detected (malware-cnc.rules)
 * 1:21128 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dromedan.A runtime traffic detected (malware-cnc.rules)
 * 1:21142 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zbot.PKJ runtime traffic detected (malware-cnc.rules)
 * 1:21143 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zbot.PKJ runtime traffic detected (malware-cnc.rules)
 * 1:21144 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zbot.PKJ runtime traffic detected (malware-cnc.rules)
 * 1:21145 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Neraweq.A runtime traffic detected (malware-cnc.rules)
 * 1:21151 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Stegae.A runtime traffic detected (malware-cnc.rules)
 * 1:21160 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (file-image.rules)
 * 1:21169 <-> DISABLED <-> PUA-ADWARE Apperhand SDK advertising data request - Counterclank (pua-adware.rules)
 * 1:21170 <-> DISABLED <-> FILE-OFFICE Microsoft Office OLESS stream object name corruption attempt (file-office.rules)
 * 1:21175 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string Win32 Amti (malware-cnc.rules)
 * 1:21176 <-> DISABLED <-> PUA-ADWARE Win32.WindowsOptimizationAndSecurity outbound connection (pua-adware.rules)
 * 1:21177 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ganipin.A inbound connection (malware-cnc.rules)
 * 1:21178 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader Win.Trojan.Chekafe.A variant outbound connection (malware-cnc.rules)
 * 1:21179 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Coofus.RFM variant outbound connection (malware-cnc.rules)
 * 1:21180 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Magania.clfv variant outbound connection (malware-cnc.rules)
 * 1:21181 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.czgu variant outbound connection (malware-cnc.rules)
 * 1:21182 <-> DISABLED <-> MALWARE-CNC Win.Trojan.MeSub.ac variant outbound connection (malware-cnc.rules)
 * 1:21183 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.alfu variant outbound connection (malware-cnc.rules)
 * 1:21184 <-> DISABLED <-> PUA-ADWARE Internet Security 2010 outbound connection (pua-adware.rules)
 * 1:21185 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Kufgal.A inbound connection (malware-cnc.rules)
 * 1:21187 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Xlahlah.A variant outbound connection (malware-cnc.rules)
 * 1:21192 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Syswrt.dvd variant outbound connection (malware-cnc.rules)
 * 1:21193 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dalbot.A variant outbound connection (malware-cnc.rules)
 * 1:21194 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Wealwedst.A variant outbound connection (malware-cnc.rules)
 * 1:21195 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Protux.B variant outbound connection (malware-cnc.rules)
 * 1:21196 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Caphaw.A variant outbound connection (malware-cnc.rules)
 * 1:21197 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Caphaw.A variant outbound connection (malware-cnc.rules)
 * 1:21198 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Qinubot.A variant outbound connection (malware-cnc.rules)
 * 1:21199 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Qinubot.A variant outbound connection (malware-cnc.rules)
 * 1:21202 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Scapzilla.A variant outbound connection (malware-cnc.rules)
 * 1:21203 <-> DISABLED <-> MALWARE-CNC Virus Win.Trojan.Induc.B variant outbound connection (malware-cnc.rules)
 * 1:21204 <-> DISABLED <-> MALWARE-CNC Virus Win.Trojan.Induc.B variant outbound connection (malware-cnc.rules)
 * 1:21205 <-> DISABLED <-> MALWARE-CNC Virus Win.Trojan.Induc.B variant outbound connection (malware-cnc.rules)
 * 1:21206 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string Aldi Bot (malware-cnc.rules)
 * 1:21207 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dekara.A variant outbound connection (malware-cnc.rules)
 * 1:21208 <-> ENABLED <-> MALWARE-CNC Win.Trojan.RShot.brw variant outbound connection (malware-cnc.rules)
 * 1:21209 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Enviserv.A variant outbound connection (malware-cnc.rules)
 * 1:21210 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Rallovs.A variant outbound connection (malware-cnc.rules)
 * 1:21211 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.slrj variant outbound connection (malware-cnc.rules)
 * 1:21212 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Hupigon.nkor variant outbound connection (malware-cnc.rules)
 * 1:21213 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Cridex.B variant outbound connection (malware-cnc.rules)
 * 1:21214 <-> DISABLED <-> SERVER-APACHE Apache server mod_proxy reverse proxy bypass attempt (server-apache.rules)
 * 1:21215 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.Am variant outbound connection (malware-cnc.rules)
 * 1:21216 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.Am variant outbound connection (malware-cnc.rules)
 * 1:21217 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.Am variant outbound connection (malware-cnc.rules)
 * 1:21218 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Sodager.C variant outbound connection (malware-cnc.rules)
 * 1:21219 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Sysckbc variant outbound connection (malware-cnc.rules)
 * 1:21220 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Susnatache.A inbound connection (malware-cnc.rules)
 * 1:21221 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Susnatache.A variant outbound connection (malware-cnc.rules)
 * 1:21222 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Kcahneila.A variant outbound connection (malware-cnc.rules)
 * 1:21223 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Gyplit.A variant outbound connection (malware-cnc.rules)
 * 1:21224 <-> DISABLED <-> MALWARE-CNC Win.Trojan.MacOS.DevilRobber.A variant outbound connection (malware-cnc.rules)
 * 1:21225 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string Flag (malware-cnc.rules)
 * 1:21226 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Louisdreyfu.A variant outbound connection (malware-cnc.rules)
 * 1:21227 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Bulknet variant outbound connection (malware-cnc.rules)
 * 1:21228 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Cerberat variant outbound connection (malware-cnc.rules)
 * 1:21229 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Synljdos variant outbound connection (malware-cnc.rules)
 * 1:21230 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Betad variant outbound connection (malware-cnc.rules)
 * 1:21243 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher 2003 EscherStm memory corruption attempt (file-office.rules)
 * 1:21249 <-> DISABLED <-> MALWARE-CNC Win.Trojan.VBasddsa.A runtime traffic detected (malware-cnc.rules)
 * 1:21250 <-> DISABLED <-> MALWARE-CNC Win.Trojan.VBasddsa.A runtime traffic detected (malware-cnc.rules)
 * 1:21251 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Sirefef.P variant outbound connection (malware-cnc.rules)
 * 1:21252 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Sirefef.P variant outbound connection (malware-cnc.rules)
 * 1:21253 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader malformed shading modifier heap corruption attempt (file-pdf.rules)
 * 1:21254 <-> DISABLED <-> FILE-PDF Foxit Reader createDataObject file write attempt (file-pdf.rules)
 * 1:21273 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Tusha variant runtime traffic detected (malware-cnc.rules)
 * 1:21274 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Tusha variant runtime traffic detected (malware-cnc.rules)
 * 1:21277 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Shexie.A runtime traffic detected (malware-cnc.rules)
 * 1:21278 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string Google Bot (malware-cnc.rules)
 * 1:21279 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Kbot.s runtime traffic detected (malware-cnc.rules)
 * 1:21280 <-> DISABLED <-> MALWARE-CNC Win32 Turkojan.C runtime traffic detected (malware-cnc.rules)
 * 1:21289 <-> DISABLED <-> OS-WINDOWS Microsoft Color Control Panel STI.dll dll-load exploit attempt (os-windows.rules)
 * 1:21290 <-> DISABLED <-> OS-WINDOWS Microsoft Color Control Panel STI.dll dll-load exploit attempt (os-windows.rules)
 * 1:21294 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Bancodor.be runtime traffic detected (malware-cnc.rules)
 * 1:21303 <-> DISABLED <-> MALWARE-CNC Win32 Initor.ag runtime traffic detected (malware-cnc.rules)
 * 1:21349 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector stack overflow attempt (server-other.rules)
 * 1:21350 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector stack overflow attempt (server-other.rules)
 * 1:21378 <-> DISABLED <-> SERVER-OTHER Novell iPrint attributes-natural-language buffer overflow attempt (server-other.rules)
 * 1:21379 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Genome.Amqj runtime traffic detected (malware-cnc.rules)
 * 1:21380 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string - QvodDown (malware-cnc.rules)
 * 1:21381 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dialer.ngb runtime traffic detected (malware-cnc.rules)
 * 1:21382 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Nuqel.Q host setting3.yeahost.com runtime traffic detected (malware-cnc.rules)
 * 1:21383 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Nuqel.Q host 9999mb.com runtime traffic detected (malware-cnc.rules)
 * 1:21384 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Nuqel.Q host freewebs.com runtime traffic detected (malware-cnc.rules)
 * 1:21386 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Wadolin.A runtime traffic detected (malware-cnc.rules)
 * 1:21387 <-> DISABLED <-> FILE-JAVA Oracle Java runtime RMIConnectionImpl deserialization execution attempt (file-java.rules)
 * 1:21390 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agobot.dl runtime traffic detected (malware-cnc.rules)
 * 1:21391 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.dcac runtime traffic detected (malware-cnc.rules)
 * 1:21393 <-> DISABLED <-> FILE-MULTIMEDIA Magix Musik Maker 16 buffer overflow attempt (file-multimedia.rules)
 * 1:21397 <-> DISABLED <-> FILE-MULTIMEDIA MicroP mppl stack buffer overflow (file-multimedia.rules)
 * 1:21413 <-> DISABLED <-> FILE-OTHER PeaZip command injection attempt (file-other.rules)
 * 1:21418 <-> ENABLED <-> MALWARE-CNC Win.Trojan.FareIt variant outbound connection (malware-cnc.rules)
 * 1:21421 <-> DISABLED <-> PROTOCOL-DNS ISC BIND DNSSEC authority response record overflow attempt (protocol-dns.rules)
 * 1:21464 <-> DISABLED <-> MALWARE-CNC Downloader-CEW.b runtime traffic detected (malware-cnc.rules)
 * 1:21466 <-> DISABLED <-> MALWARE-CNC Autorun.BDS runtime traffic detected (malware-cnc.rules)
 * 1:21469 <-> ENABLED <-> MALWARE-CNC User-Agent known malicious user-agent string 1234567890 (malware-cnc.rules)
 * 1:21473 <-> DISABLED <-> MALWARE-CNC Win.Trojan.GameThief variant outbound connection (malware-cnc.rules)
 * 1:21477 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Noobot variant outbound connection (malware-cnc.rules)
 * 1:21486 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zbot variant outbound connection (malware-cnc.rules)
 * 1:21491 <-> DISABLED <-> PROTOCOL-SCADA Sielco Sistemi Winlog Pro stack buffer overflow attempt (protocol-scada.rules)
 * 1:21495 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Vilsel variant outbound connection (malware-cnc.rules)
 * 1:21496 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Saeeka variant outbound connection (malware-cnc.rules)
 * 1:21497 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Saeeka variant outbound connection (malware-cnc.rules)
 * 1:21511 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Vaxpy variant outbound connection (malware-cnc.rules)
 * 1:21520 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Bayrob variant outbound connection (malware-cnc.rules)
 * 1:21521 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Bayrob update connection (malware-cnc.rules)
 * 1:21527 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader registration connection detection (malware-cnc.rules)
 * 1:21528 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader keep-alive connection detection (malware-cnc.rules)
 * 1:21557 <-> DISABLED <-> FILE-OTHER Apple OSX ZIP archive shell script execution attempt (file-other.rules)
 * 1:21563 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Kelihos variant outbound connection (malware-cnc.rules)
 * 1:21564 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Kelihos variant outbound connection (malware-cnc.rules)
 * 1:21566 <-> DISABLED <-> OS-WINDOWS Microsoft Expression Design wintab32.dll dll-load exploit attempt (os-windows.rules)
 * 1:21595 <-> DISABLED <-> OS-MOBILE Android/Nickispy.D initialization request detection (os-mobile.rules)
 * 1:21596 <-> DISABLED <-> OS-MOBILE Android/Nickispy.D initialization response detection (os-mobile.rules)
 * 1:21597 <-> DISABLED <-> OS-MOBILE Android/Nickispy.D sms logging request detection (os-mobile.rules)
 * 1:21598 <-> DISABLED <-> OS-MOBILE Android/Nickispy.D sms logging response detection (os-mobile.rules)
 * 1:21609 <-> DISABLED <-> SERVER-WEBAPP SurgeMail webmail.exe page format string exploit attempt (server-webapp.rules)
 * 1:21669 <-> DISABLED <-> PROTOCOL-VOIP Digium Asterisk missing SIP version denial of service attempt (protocol-voip.rules)
 * 1:21760 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Swisyn variant outbound connection (malware-cnc.rules)
 * 1:21761 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Swisyn variant outbound connection (malware-cnc.rules)
 * 1:21764 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word unicode parsing buffer overflow attempt (file-office.rules)
 * 1:2179 <-> DISABLED <-> PROTOCOL-FTP PASS format string attempt (protocol-ftp.rules)
 * 1:21858 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader msiexec.exe file load exploit attempt (file-pdf.rules)
 * 1:21859 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader msiexec.exe file load exploit attempt (file-pdf.rules)
 * 1:21913 <-> DISABLED <-> SERVER-OTHER EMC data protection advisor DOS attempt (server-other.rules)
 * 1:21914 <-> DISABLED <-> SERVER-OTHER Novell ZENWorks configuration management preboot opcode 6C request buffer overflow attempt (server-other.rules)
 * 1:21922 <-> DISABLED <-> FILE-OTHER VLC mms hostname buffer overflow attempt (file-other.rules)
 * 1:21947 <-> DISABLED <-> MALWARE-CNC Win.Trojan.VicSpy.A variant outbound connection (malware-cnc.rules)
 * 1:21967 <-> DISABLED <-> MALWARE-BACKDOOR Rebhip.A runtime detection (malware-backdoor.rules)
 * 1:21970 <-> ENABLED <-> MALWARE-BACKDOOR Win.Backdoor.Zlob.P variant outbound connection (malware-backdoor.rules)
 * 1:21971 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.Zlob.P variant inbound connection (malware-backdoor.rules)
 * 1:21972 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.ZZSlash variant outbound connection (malware-backdoor.rules)
 * 1:21973 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.ZZSlash runtime detection (malware-backdoor.rules)
 * 1:21974 <-> DISABLED <-> MALWARE-CNC Worm.Expichu variant inbound connection (malware-cnc.rules)
 * 1:21975 <-> DISABLED <-> MALWARE-CNC Worm.Expichu variant inbound connection (malware-cnc.rules)
 * 1:21976 <-> DISABLED <-> MALWARE-CNC Trojan-Downloader.Win32.Lapurd.D variant outbound connection (malware-cnc.rules)
 * 1:21982 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Insain variant outbound connection (malware-cnc.rules)
 * 1:21995 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Dorkbot variant outbound connection (malware-cnc.rules)
 * 1:21996 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dorkbot variant outbound connection (malware-cnc.rules)
 * 1:22048 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Zeus P2P outbound connection (malware-cnc.rules)
 * 1:22078 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid Window2 BIFF record value attempt (file-office.rules)
 * 1:22947 <-> DISABLED <-> FILE-OTHER Novell Groupwise Addressbook buffer overflow attempt (file-other.rules)
 * 1:22948 <-> DISABLED <-> PROTOCOL-VOIP Avaya WinPDM header buffer overflow attempt (protocol-voip.rules)
 * 1:22950 <-> DISABLED <-> SERVER-WEBAPP EXIF header parsing integer overflow attempt big endian (server-webapp.rules)
 * 1:22951 <-> DISABLED <-> SERVER-WEBAPP EXIF header parsing integer overflow attempt little endian (server-webapp.rules)
 * 1:23008 <-> DISABLED <-> FILE-JAVA Oracle Java Rhino script engine remote code execution attempt (file-java.rules)
 * 1:23014 <-> DISABLED <-> FILE-OTHER Adobe Photoshop asset elements stack based buffer overflow attempt (file-other.rules)
 * 1:23046 <-> DISABLED <-> SERVER-WEBAPP Oracle GlassFish Enterprise server cross site scripting attempt (server-webapp.rules)
 * 1:23047 <-> DISABLED <-> SERVER-WEBAPP Oracle GlassFish Enterprise server cross site scripting attempt (server-webapp.rules)
 * 1:23051 <-> DISABLED <-> MALWARE-CNC Dybalom.A runtime traffic detected (malware-cnc.rules)
 * 1:23055 <-> DISABLED <-> PROTOCOL-FTP Cisco IOS FTP MKD buffer overflow attempt (protocol-ftp.rules)
 * 1:23056 <-> DISABLED <-> SERVER-OTHER SAP NetWeaver Dispatcher DiagTraceR3Info buffer overflow attempt (server-other.rules)
 * 1:23099 <-> DISABLED <-> SERVER-OTHER SAP NetWeaver Dispatcher DiagTraceHex denial of service attempt (server-other.rules)
 * 1:23102 <-> DISABLED <-> POLICY-OTHER Seagate BlackArmor administrator password reset attempt (policy-other.rules)
 * 1:23111 <-> DISABLED <-> POLICY-OTHER PHP uri tag injection attempt (policy-other.rules)
 * 1:23170 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MPEG stream padding buffer overflow attempt (file-multimedia.rules)
 * 1:23176 <-> DISABLED <-> MALWARE-CNC Donbot.A runtime traffic detected (malware-cnc.rules)
 * 1:23177 <-> DISABLED <-> SERVER-WEBAPP Symantec Web Gateway timer.php cross site scripting attempt (server-webapp.rules)
 * 1:23178 <-> DISABLED <-> PROTOCOL-ICMP IPv6 router advertisement flood attempt (protocol-icmp.rules)
 * 1:23213 <-> DISABLED <-> SQL Ruby on rails SQL injection attempt (sql.rules)
 * 1:23234 <-> DISABLED <-> MALWARE-CNC Frethog.MK runtime traffic detected (malware-cnc.rules)
 * 1:23235 <-> DISABLED <-> MALWARE-CNC PBin.A runtime traffic detected (malware-cnc.rules)
 * 1:23238 <-> DISABLED <-> NETBIOS Wireshark console.lua file load exploit attempt (netbios.rules)
 * 1:23239 <-> DISABLED <-> SERVER-OTHER Wireshark console.lua file load exploit attempt (server-other.rules)
 * 1:23241 <-> DISABLED <-> SERVER-OTHER HP DPNECentral RequestCopy type SQL injection attempt (server-other.rules)
 * 1:23243 <-> DISABLED <-> FILE-JAVA Oracle Java Zip file directory record overflow attempt (file-java.rules)
 * 1:23269 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording integer overflow attempt (file-other.rules)
 * 1:23271 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (file-multimedia.rules)
 * 1:23272 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (file-multimedia.rules)
 * 1:23340 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Nitol.B variant outbound connection (malware-cnc.rules)
 * 1:23341 <-> ENABLED <-> MALWARE-BACKDOOR Win.Backdoor.Tinrot.A runtime detection (malware-backdoor.rules)
 * 1:23346 <-> DISABLED <-> FILE-OTHER Oracle outside in Lotus 1-2-3 heap overflow attempt (file-other.rules)
 * 1:23355 <-> DISABLED <-> SERVER-OTHER Trend Micro Control Manager AddTask stack buffer overflow attempt (server-other.rules)
 * 1:23368 <-> DISABLED <-> PROTOCOL-DNS Tftpd32 DNS server denial of service attempt (protocol-dns.rules)
 * 1:23397 <-> DISABLED <-> SERVER-OTHER Citrix Provisioning Services stack buffer overflow attempt (server-other.rules)
 * 1:23398 <-> DISABLED <-> SERVER-OTHER Citrix Provisioning Services stack buffer overflow attempt (server-other.rules)
 * 1:23401 <-> DISABLED <-> SERVER-WEBAPP Oracle GlassFish server REST interface cross site request forgery attempt (server-webapp.rules)
 * 1:23480 <-> DISABLED <-> SERVER-WEBAPP IBM Lotus Domino webadmin.nsf directory traversal attempt (server-webapp.rules)
 * 1:23484 <-> DISABLED <-> INDICATOR-COMPROMISE Wordpress Invit0r plugin non-image file upload attempt (indicator-compromise.rules)
 * 1:23485 <-> DISABLED <-> SERVER-WEBAPP Wordpress Invit0r plugin php upload attempt (server-webapp.rules)
 * 1:23544 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt (file-office.rules)
 * 1:23560 <-> DISABLED <-> FILE-JAVA Oracle Java Zip file directory record overflow attempt (file-java.rules)
 * 1:23577 <-> DISABLED <-> FILE-OTHER VLC mms hostname buffer overflow attempt (file-other.rules)
 * 1:23580 <-> DISABLED <-> FILE-OTHER Novell Groupwise Addressbook buffer overflow attempt (file-other.rules)
 * 1:23581 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MPEG stream padding buffer overflow attempt (file-multimedia.rules)
 * 1:23587 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (file-multimedia.rules)
 * 1:23588 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (file-multimedia.rules)
 * 1:23589 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (file-image.rules)
 * 1:23590 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (file-image.rules)
 * 1:23598 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Slagent outgoing connection (malware-cnc.rules)
 * 1:23599 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Slagent outgoing connection (malware-cnc.rules)
 * 1:23624 <-> DISABLED <-> SERVER-OTHER Ubisoft Uplay browser plugin backdoor attempt (server-other.rules)
 * 1:23783 <-> DISABLED <-> SERVER-WEBAPP Symantec Web Gateway pbcontrol.php filename parameter command injection attempt (server-webapp.rules)
 * 1:23839 <-> ENABLED <-> OS-WINDOWS Microsoft Windows SMB RAP API NetServerEnum2 long server name buffer overflow attempt (os-windows.rules)
 * 1:23879 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader Texture Declaration buffer overflow attempt (file-pdf.rules)
 * 1:23880 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader Texture Declaration buffer overflow attempt (file-pdf.rules)
 * 1:23934 <-> DISABLED <-> SERVER-WEBAPP Symantec Web Gateway blocked.php blind sql injection attempt (server-webapp.rules)
 * 1:23938 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Ibabyfa.dldr variant outbound connection (malware-cnc.rules)
 * 1:23940 <-> DISABLED <-> SERVER-ORACLE Oracle Business Transaction Management FlashTunnelService directory traversal attempt (server-oracle.rules)
 * 1:24007 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB RAP API NetServerEnum2 long server name buffer overflow attempt (os-windows.rules)
 * 1:24026 <-> ENABLED <-> FILE-JAVA Oracle Java privileged protection domain exploitation attempt (file-java.rules)
 * 1:24029 <-> DISABLED <-> FILE-OTHER Oracle outside in Lotus 1-2-3 heap overflow attempt (file-other.rules)
 * 1:24083 <-> ENABLED <-> FILE-OTHER ESTsoft ALZip MIM file buffer overflow attempt (file-other.rules)
 * 1:24123 <-> DISABLED <-> MALWARE-BACKDOOR Virus.Win32.Xpaj.A variant outbound connection (malware-backdoor.rules)
 * 1:24128 <-> DISABLED <-> OS-WINDOWS Microsoft SCCM ReportChart xss attempt (os-windows.rules)
 * 1:24147 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager nnmRptConfig.exe multiple parameters buffer overflow attempt (server-webapp.rules)
 * 1:2417 <-> DISABLED <-> PROTOCOL-FTP format string attempt (protocol-ftp.rules)
 * 1:24206 <-> ENABLED <-> FILE-IDENTIFY LZH archive file magic detected (file-identify.rules)
 * 1:24207 <-> DISABLED <-> FILE-OTHER IBM Lotus Notes LZH Attachment Viewer buffer overflow (file-other.rules)
 * 1:24208 <-> DISABLED <-> FILE-OTHER IBM Lotus Notes LZH Attachment Viewer buffer overflow (file-other.rules)
 * 1:24209 <-> DISABLED <-> FILE-OTHER IBM Lotus Notes LZH Attachment Viewer buffer overflow (file-other.rules)
 * 1:24240 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel drawing layer use after free attempt (file-office.rules)
 * 1:24241 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel drawing layer use after free attempt (file-office.rules)
 * 1:24242 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel drawing layer use after free attempt (file-office.rules)
 * 1:24256 <-> ENABLED <-> MALWARE-BACKDOOR phpMyAdmin server_sync.php backdoor access attempt (malware-backdoor.rules)
 * 1:24291 <-> DISABLED <-> SERVER-WEBAPP HP SiteScope APISiteScopeImpl information disclosure attempt (server-webapp.rules)
 * 1:24292 <-> DISABLED <-> SERVER-WEBAPP HP SiteScope APISiteScopeImpl information disclosure attempt (server-webapp.rules)
 * 1:24296 <-> DISABLED <-> PROTOCOL-ICMP IPv6 router advertisement invalid prefix option attempt (protocol-icmp.rules)
 * 1:24321 <-> DISABLED <-> SERVER-OTHER HP StorageWorks File Migration Agent buffer overflow attempt (server-other.rules)
 * 1:24337 <-> DISABLED <-> SERVER-OTHER Novell Remote Manager off-by-one denial of service attempt (server-other.rules)
 * 1:24446 <-> DISABLED <-> SERVER-OTHER EMC NetWorker SunRPC format string exploit attempt (server-other.rules)
 * 1:24480 <-> DISABLED <-> PROTOCOL-SCADA WellinTech Kingview HMI history server buffer overflow attempt (protocol-scada.rules)
 * 1:24487 <-> DISABLED <-> FILE-PDF Microsoft Windows kernel-mode drivers core font parsing integer overflow attempt (file-pdf.rules)
 * 1:24507 <-> DISABLED <-> FILE-PDF Adobe Acrobat font parsing integer overflow attempt (file-pdf.rules)
 * 1:24508 <-> DISABLED <-> FILE-PDF Adobe Acrobat font parsing integer overflow attempt (file-pdf.rules)
 * 1:24518 <-> DISABLED <-> SERVER-WEBAPP Symantec Web Gateway PHP remote code injection attempt (server-webapp.rules)
 * 1:24519 <-> DISABLED <-> SERVER-WEBAPP Symantec Web Gateway PHP remote code execution attempt (server-webapp.rules)
 * 1:24520 <-> DISABLED <-> SERVER-WEBAPP Avaya IP Office Customer Call Reporter invalid file upload attempt (server-webapp.rules)
 * 1:24524 <-> DISABLED <-> SERVER-MAIL Novell GroupWise internet agent iCalendar parsing denial of service attempt (server-mail.rules)
 * 1:24536 <-> DISABLED <-> SERVER-OTHER HP Intelligent Management Center uam.exe stack buffer overflow attempt (server-other.rules)
 * 1:24537 <-> DISABLED <-> SERVER-OTHER HP Intelligent Management Center uam.exe stack buffer overflow attempt (server-other.rules)
 * 1:24538 <-> DISABLED <-> SERVER-OTHER HP Intelligent Management Center uam.exe stack buffer overflow attempt (server-other.rules)
 * 1:24628 <-> DISABLED <-> SERVER-WEBAPP Webmin show.cgi arbitrary command injection attempt (server-webapp.rules)
 * 1:24647 <-> DISABLED <-> SERVER-WEBAPP D-Link Wireless Router CAPTCHA data processing buffer overflow attempt (server-webapp.rules)
 * 1:24652 <-> DISABLED <-> FILE-OTHER Microsoft proxy autoconfig script system library import attempt (file-other.rules)
 * 1:24686 <-> DISABLED <-> SERVER-OTHER HP StorageWorks file migration agent buffer overflow attempt (server-other.rules)
 * 1:24696 <-> DISABLED <-> PROTOCOL-RPC EMC Networker nsrindexd.exe procedure 0x01 buffer overflow attempt (protocol-rpc.rules)
 * 1:24699 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime text track descriptors heap buffer overflow attempt (file-multimedia.rules)
 * 1:24700 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime text track descriptors heap buffer overflow attempt (file-multimedia.rules)
 * 1:24701 <-> DISABLED <-> FILE-JAVA Oracle Java Runtime true type font idef opcode heap buffer overflow attempt (file-java.rules)
 * 1:24706 <-> DISABLED <-> SERVER-WEBAPP Netop Remote Control dws file buffer overflow attempt (server-webapp.rules)
 * 1:24707 <-> DISABLED <-> SERVER-WEBAPP Netop Remote Control dws file buffer overflow attempt (server-webapp.rules)
 * 1:24765 <-> DISABLED <-> SERVER-WEBAPP Novell File Reporter SRS request heap overflow attempt (server-webapp.rules)
 * 1:24766 <-> DISABLED <-> SERVER-WEBAPP Novell File Reporter SRS request arbitrary file download attempt (server-webapp.rules)
 * 1:24767 <-> DISABLED <-> SERVER-WEBAPP Novell File Reporter FSFUI request directory traversal attempt (server-webapp.rules)
 * 1:24801 <-> DISABLED <-> SERVER-WEBAPP IBM Tivoli Provisioning Manager Express asset.getmimetype sql injection attempt (server-webapp.rules)
 * 1:24802 <-> DISABLED <-> SERVER-OTHER HP Database Archiving Software GIOP parsing buffer overflow attempt (server-other.rules)
 * 1:24915 <-> DISABLED <-> FILE-JAVA Oracle Java Runtime true type font idef opcode heap buffer overflow attempt (file-java.rules)
 * 1:24987 <-> DISABLED <-> POLICY-OTHER Adobe InDesign SOAP interface RunScript method access attempt (policy-other.rules)
 * 1:24993 <-> DISABLED <-> FILE-JAVA Oracle Java Applet remote code execution attempt (file-java.rules)
 * 1:25007 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Wealwedst variant outbound connection (malware-cnc.rules)
 * 1:25318 <-> DISABLED <-> SERVER-WEBAPP InduSoft Web Studio arbitrary file upload attempt (server-webapp.rules)
 * 1:25319 <-> DISABLED <-> SERVER-WEBAPP InduSoft Web Studio arbitrary file upload attempt (server-webapp.rules)
 * 1:25321 <-> DISABLED <-> SERVER-ORACLE Oracle Database tablefunc_asown buffer overflow attempt (server-oracle.rules)
 * 1:25345 <-> DISABLED <-> SERVER-WEBAPP Symantec IM Manager Web interface arbitrary command execution attempt (server-webapp.rules)
 * 1:25346 <-> DISABLED <-> FILE-IMAGE ImageMagick EXIF resolutionunit handling memory corruption attempt (file-image.rules)
 * 1:25347 <-> DISABLED <-> FILE-IMAGE ImageMagick EXIF resolutionunit handling memory corruption attempt (file-image.rules)
 * 1:25348 <-> DISABLED <-> FILE-IMAGE ImageMagick EXIF resolutionunit handling memory corruption attempt (file-image.rules)
 * 1:25353 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (file-office.rules)
 * 1:25354 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (file-office.rules)
 * 1:25355 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (file-office.rules)
 * 1:25366 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid Window2 BIFF record value attempt (file-office.rules)
 * 1:25367 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid Window2 BIFF record value attempt (file-office.rules)
 * 1:25369 <-> DISABLED <-> OS-WINDOWS NVIDIA graphics driver nvsr named pipe buffer overflow attempt (os-windows.rules)
 * 1:25392 <-> DISABLED <-> FILE-JAVA Oracle Java Rhino script engine remote code execution attempt (file-java.rules)
 * 1:25449 <-> ENABLED <-> FILE-PDF Javascript openDoc UNC network request attempt (file-pdf.rules)
 * 1:25450 <-> ENABLED <-> FILE-PDF Javascript openDoc UNC network request attempt (file-pdf.rules)
 * 1:25534 <-> DISABLED <-> SERVER-WEBAPP Sonicwall Global Management System authentication bypass attempt (server-webapp.rules)
 * 1:25542 <-> DISABLED <-> PROTOCOL-RPC EMC NetWorker nsrindexd service buffer overflow attempt (protocol-rpc.rules)
 * 1:25581 <-> ENABLED <-> SERVER-OTHER EMC AlphaStor Device Manager command injection attempt (server-other.rules)
 * 1:25582 <-> ENABLED <-> SERVER-OTHER EMC AlphaStor Device Manager command injection attempt (server-other.rules)
 * 1:25583 <-> ENABLED <-> SERVER-OTHER EMC AlphaStor Device Manager command injection attempt (server-other.rules)
 * 1:25584 <-> ENABLED <-> SERVER-OTHER EMC AlphaStor Device Manager command injection attempt (server-other.rules)
 * 1:25585 <-> ENABLED <-> SERVER-OTHER EMC AlphaStor Device Manager command injection attempt (server-other.rules)
 * 1:25586 <-> DISABLED <-> SERVER-WEBAPP Nagios Core get_history buffer overflow attempt (server-webapp.rules)
 * 1:25767 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JPX malformed code-block width memory corruption attempt (file-pdf.rules)
 * 1:25810 <-> DISABLED <-> FILE-OTHER VMWare OVF Tool format string exploit attempt (file-other.rules)
 * 1:25811 <-> DISABLED <-> FILE-OTHER VMWare OVF Tool format string exploit attempt (file-other.rules)
 * 1:25812 <-> DISABLED <-> FILE-OTHER VMWare OVF Tool format string exploit attempt (file-other.rules)
 * 1:25813 <-> DISABLED <-> FILE-OTHER VMWare OVF Tool format string exploit attempt (file-other.rules)
 * 1:25818 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader known malicious variable exploit attempt (file-pdf.rules)
 * 1:25819 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader known malicious variable exploit attempt (file-pdf.rules)
 * 1:25855 <-> DISABLED <-> SERVER-WEBAPP Nagios XI alert cloud cross site scripting attempt (server-webapp.rules)
 * 1:26073 <-> DISABLED <-> SERVER-OTHER SAP NetWeaver Message Server buffer overflow attempt (server-other.rules)
 * 1:26074 <-> DISABLED <-> SERVER-OTHER SAP NetWeaver Message Server buffer overflow attempt (server-other.rules)
 * 1:26081 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - Suspected Crimepack (malware-cnc.rules)
 * 1:26082 <-> DISABLED <-> FILE-PDF Nuance PDF reader launch overflow attempt (file-pdf.rules)
 * 1:26103 <-> DISABLED <-> SERVER-OTHER HP LeftHand Virtual SAN hydra ping request buffer overflow attempt (server-other.rules)
 * 1:26105 <-> DISABLED <-> SERVER-OTHER BigAnt IM Server buffer overflow attempt (server-other.rules)
 * 1:26107 <-> DISABLED <-> SERVER-OTHER HP Linux Imaging and Printing Project hpssd daemon command injection attempt (server-other.rules)
 * 1:26108 <-> DISABLED <-> SERVER-OTHER HP Linux Imaging and Printing Project hpssd daemon command injection attempt (server-other.rules)
 * 1:26178 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Hiloti variant outbound connection (malware-cnc.rules)
 * 1:26185 <-> ENABLED <-> FILE-JAVA Oracle Java Gmbal package sandbox breach attempt (file-java.rules)
 * 1:26186 <-> ENABLED <-> FILE-JAVA Oracle Java Gmbal package sandbox breach attempt (file-java.rules)
 * 1:26195 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp integer overflow attempt (file-java.rules)
 * 1:26196 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib LookupOp integer overflow attempt (file-java.rules)
 * 1:26197 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib ConvolveOp integer overflow attempt (file-java.rules)
 * 1:26198 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp integer overflow attempt (file-java.rules)
 * 1:26199 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib LookupOp integer overflow attempt (file-java.rules)
 * 1:26200 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib ConvolveOp integer overflow attempt (file-java.rules)
 * 1:26209 <-> DISABLED <-> FILE-OTHER CyberLink Power2Go name parameter overflow attempt (file-other.rules)
 * 1:26210 <-> DISABLED <-> FILE-OTHER CyberLink Power2Go name parameter overflow attempt (file-other.rules)
 * 1:26230 <-> DISABLED <-> SERVER-WEBAPP Alcatel-Lucent OmniPCX arbitrary command execution attempt (server-webapp.rules)
 * 1:26242 <-> DISABLED <-> FILE-MULTIMEDIA CCMPlayer m3u buffer overflow attempt (file-multimedia.rules)
 * 1:26243 <-> DISABLED <-> FILE-MULTIMEDIA CCMPlayer m3u buffer overflow attempt (file-multimedia.rules)
 * 1:26262 <-> DISABLED <-> SERVER-OTHER MongoDB nativeHelper.apply method command injection attempt (server-other.rules)
 * 1:26274 <-> DISABLED <-> SERVER-WEBAPP Nagios3 statuswml.cgi remote command execution attempt (server-webapp.rules)
 * 1:26280 <-> DISABLED <-> FILE-PDF Foxit Reader remote query string buffer overflow attempt (file-pdf.rules)
 * 1:26281 <-> DISABLED <-> FILE-PDF Foxit Reader remote query string buffer overflow attempt (file-pdf.rules)
 * 1:26282 <-> DISABLED <-> FILE-PDF Foxit Reader remote query string buffer overflow attempt (file-pdf.rules)
 * 1:26283 <-> DISABLED <-> FILE-PDF Foxit Reader remote query string buffer overflow attempt (file-pdf.rules)
 * 1:26320 <-> DISABLED <-> SERVER-WEBAPP Redmine SCM rev parameter command injection attempt (server-webapp.rules)
 * 1:26333 <-> DISABLED <-> SERVER-OTHER HP LeftHand Virtual SAN hydra diag request buffer overflow attempt (server-other.rules)
 * 1:26334 <-> DISABLED <-> SERVER-OTHER HP LeftHand Virtual SAN hydra diag request buffer overflow attempt (server-other.rules)
 * 1:26336 <-> DISABLED <-> SERVER-OTHER HP LeftHand Virtual SAN hydra snmp request buffer overflow attempt (server-other.rules)
 * 1:26389 <-> DISABLED <-> SERVER-OTHER BigAnt Document Service DUPF command arbitrary file upload attempt (server-other.rules)
 * 1:26390 <-> DISABLED <-> SERVER-OTHER BigAnt Document Service DUPF command arbitrary file upload attempt (server-other.rules)
 * 1:26416 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center mibFileUpload servlet arbitrary file upload attempt (server-webapp.rules)
 * 1:26417 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center mibFileUpload servlet arbitrary file upload attempt (server-webapp.rules)
 * 1:26418 <-> DISABLED <-> SERVER-WEBAPP HP System Management iprange parameter buffer overflow attempt (server-webapp.rules)
 * 1:26425 <-> DISABLED <-> PROTOCOL-VOIP Digium Asterisk SIP SDP header parsing stack buffer overflow attempt (protocol-voip.rules)
 * 1:26426 <-> DISABLED <-> PROTOCOL-VOIP Digium Asterisk SIP SDP header parsing stack buffer overflow attempt (protocol-voip.rules)
 * 1:26435 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Duqu variant outbound connection (malware-cnc.rules)
 * 1:26436 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center FaultDownloadServlet information disclosure attempt (server-webapp.rules)
 * 1:26471 <-> DISABLED <-> PROTOCOL-FTP VanDyke AbsoluteFTP LIST command stack buffer overflow attempt (protocol-ftp.rules)
 * 1:26473 <-> DISABLED <-> FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (file-other.rules)
 * 1:26474 <-> DISABLED <-> FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (file-other.rules)
 * 1:26475 <-> DISABLED <-> FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (file-other.rules)
 * 1:26476 <-> DISABLED <-> FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (file-other.rules)
 * 1:26477 <-> DISABLED <-> FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (file-other.rules)
 * 1:26478 <-> DISABLED <-> FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (file-other.rules)
 * 1:26479 <-> DISABLED <-> SERVER-OTHER ActFax LPD Server data field buffer overflow attempt (server-other.rules)
 * 1:26495 <-> DISABLED <-> FILE-OTHER WellinTech KingView KingMessage log file parsing buffer overflow attempt (file-other.rules)
 * 1:26496 <-> DISABLED <-> FILE-OTHER WellinTech KingView KingMessage log file parsing buffer overflow attempt (file-other.rules)
 * 1:26501 <-> DISABLED <-> SERVER-OTHER BigAnt Document Service DDNF request stack buffer overflow attempt (server-other.rules)
 * 1:26502 <-> DISABLED <-> PROTOCOL-SCADA 3S CoDeSys Gateway Server stack buffer overflow attempt (protocol-scada.rules)
 * 1:26503 <-> DISABLED <-> PROTOCOL-SCADA 3S CoDeSys Gateway Server stack buffer overflow attempt (protocol-scada.rules)
 * 1:26504 <-> DISABLED <-> PROTOCOL-SCADA 3S CoDeSys Gateway Server stack buffer overflow attempt (protocol-scada.rules)
 * 1:26505 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center IctDownloadServlet information disclosure attempt (server-webapp.rules)
 * 1:26520 <-> DISABLED <-> FILE-OTHER Maple Maplet File Creation and Command Execution attempt (file-other.rules)
 * 1:26521 <-> DISABLED <-> FILE-OTHER Maple Maplet File Creation and Command Execution attempt (file-other.rules)
 * 1:26523 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center ReportImgServlet information disclosure attempt (server-webapp.rules)
 * 1:26547 <-> DISABLED <-> SERVER-WEBAPP phpMyAdmin preg_replace remote code execution attempt (server-webapp.rules)
 * 1:26626 <-> DISABLED <-> FILE-OFFICE XML parameter entity reference local file disclosure attempt (file-office.rules)
 * 1:26645 <-> DISABLED <-> SERVER-OTHER SSL TLS deflate compression weakness brute force attempt (server-other.rules)
 * 1:26648 <-> DISABLED <-> FILE-OTHER Microsoft Windows uniscribe fonts parsing memory corruption attempt (file-other.rules)
 * 1:26649 <-> DISABLED <-> FILE-OTHER Microsoft Windows uniscribe fonts parsing memory corruption attempt (file-other.rules)
 * 1:26651 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:26652 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:26664 <-> ENABLED <-> FILE-IMAGE BMP extremely large xpos opcodes (file-image.rules)
 * 1:26669 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center SyslogDownloadServlet information disclosure attempt (server-webapp.rules)
 * 1:26672 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word TextBox sub-document memory corruption attempt (file-office.rules)
 * 1:26673 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word TextBox sub-document memory corruption attempt (file-office.rules)
 * 1:26674 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word TextBox sub-document memory corruption attempt (file-office.rules)
 * 1:26676 <-> DISABLED <-> FILE-OFFICE Microsoft Windows WordPad sprmTSetBrc SPRM overflow attempt (file-office.rules)
 * 1:26759 <-> DISABLED <-> SERVER-OTHER MIT Kerberos libkdb_ldap principal name handling denial of service attempt (server-other.rules)
 * 1:26769 <-> DISABLED <-> SERVER-OTHER MIT Kerberos kpasswd process_chpw_request denial of service attempt (server-other.rules)
 * 1:26794 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center UAM acmServletDownload information disclosure attempt (server-webapp.rules)
 * 1:26797 <-> DISABLED <-> SERVER-WEBAPP Mutiny editdocument servlet arbitrary file access attempt (server-webapp.rules)
 * 1:26798 <-> DISABLED <-> SERVER-WEBAPP Mutiny editdocument servlet arbitrary file upload attempt (server-webapp.rules)
 * 1:26905 <-> DISABLED <-> SERVER-WEBAPP FosWiki and TWiki MAKETEXT macro memory consumption denial of service attempt (server-webapp.rules)
 * 1:26922 <-> DISABLED <-> OS-WINDOWS Microsoft Windows FlattenPath paged memory consumption privilege escalation attempt (os-windows.rules)
 * 1:26927 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:26928 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:26953 <-> DISABLED <-> SERVER-WEBAPP D-Link DIR-300/DIR-600 unauthenticated remote command execution attempt (server-webapp.rules)
 * 1:26990 <-> DISABLED <-> SERVER-WEBAPP WordPress Super Cache & W3 Total Cache remote code execution attempt (server-webapp.rules)
 * 1:26991 <-> DISABLED <-> SERVER-WEBAPP WordPress Super Cache & W3 Total Cache remote code execution attempt (server-webapp.rules)
 * 1:26992 <-> DISABLED <-> SERVER-WEBAPP WordPress Super Cache & W3 Total Cache remote code execution attempt (server-webapp.rules)
 * 1:27018 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Mobile Management dusap.php directory traversal attempt (server-webapp.rules)
 * 1:27019 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Mobile Management dusap.php directory traversal attempt (server-webapp.rules)
 * 1:27020 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Mobile Management dusap.php directory traversal attempt (server-webapp.rules)
 * 1:27028 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Mobile Management mdm.php directory traversal attempt (server-webapp.rules)
 * 1:27029 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Mobile Management mdm.php directory traversal attempt (server-webapp.rules)
 * 1:27030 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Mobile Management mdm.php directory traversal attempt (server-webapp.rules)
 * 1:27036 <-> DISABLED <-> SERVER-OTHER Novell NetIQ User Manager modifyAccounts policy bypass attempt (server-other.rules)
 * 1:27075 <-> DISABLED <-> SERVER-OTHER Novell NetIQ User Manager ldapagnt_eval remote code execution attempt (server-other.rules)
 * 1:27076 <-> ENABLED <-> FILE-JAVA Oracle Java Applet disable security manager attempt (file-java.rules)
 * 1:27077 <-> ENABLED <-> FILE-JAVA Oracle Java Applet disable security manager attempt (file-java.rules)
 * 1:27102 <-> ENABLED <-> FILE-MULTIMEDIA Apple QuickTime enof atom parsing heap buffer overflow attempt (file-multimedia.rules)
 * 1:27103 <-> ENABLED <-> FILE-MULTIMEDIA Apple QuickTime enof atom parsing heap buffer overflow attempt (file-multimedia.rules)
 * 1:27104 <-> ENABLED <-> SERVER-WEBAPP HP System Management arbitrary command injection attempt (server-webapp.rules)
 * 1:27105 <-> ENABLED <-> SERVER-WEBAPP HP System Management arbitrary command injection attempt (server-webapp.rules)
 * 1:27122 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 305 buffer overflow attempt (server-other.rules)
 * 1:27124 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 1092 buffer overflow attempt (server-other.rules)
 * 1:27125 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 211 buffer overflow attempt (server-other.rules)
 * 1:27170 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 1091 buffer overflow attempt (server-other.rules)
 * 1:27188 <-> ENABLED <-> FILE-JAVA Oracle Java Applet ProviderSkeleton sandbox bypass attempt (file-java.rules)
 * 1:27189 <-> ENABLED <-> FILE-JAVA Oracle Java Applet ProviderSkeleton sandbox bypass attempt (file-java.rules)
 * 1:27190 <-> ENABLED <-> FILE-JAVA Oracle Java Applet ProviderSkeleton sandbox bypass attempt (file-java.rules)
 * 1:27191 <-> ENABLED <-> FILE-JAVA Oracle Java Applet ProviderSkeleton sandbox bypass attempt (file-java.rules)
 * 1:27192 <-> DISABLED <-> SERVER-WEBAPP DM Albums album.php remote file include attempt (server-webapp.rules)
 * 1:27210 <-> ENABLED <-> SERVER-OTHER IPMI RAKP cipher zero remote authentication bypass attempt (server-other.rules)
 * 1:27217 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 260 buffer overflow attempt (server-other.rules)
 * 1:27224 <-> ENABLED <-> SERVER-OTHER Adobe ColdFusion websocket invoke method access (server-other.rules)
 * 1:27225 <-> DISABLED <-> SERVER-OTHER Adobe ColdFusion JRun error page getWriter denial of service attempt (server-other.rules)
 * 1:27226 <-> DISABLED <-> SERVER-WEBAPP DokuWiki PHP file inclusion attempt (server-webapp.rules)
 * 1:27231 <-> DISABLED <-> OS-WINDOWS Microsoft Windows FlattenPath paged memory consumption privilege escalation attempt (os-windows.rules)
 * 1:27237 <-> DISABLED <-> SERVER-OTHER IPMI default username - root (server-other.rules)
 * 1:27238 <-> DISABLED <-> SERVER-OTHER IPMI default username - admin (server-other.rules)
 * 1:27239 <-> DISABLED <-> SERVER-OTHER IPMI default username - USERID (server-other.rules)
 * 1:27240 <-> DISABLED <-> SERVER-OTHER multiple vendors IPMI RAKP username brute force attempt (server-other.rules)
 * 1:27264 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 227 buffer overflow attempt (server-other.rules)
 * 1:27532 <-> DISABLED <-> SERVER-MAIL Exim and Dovecot mail from remote command execution attempt (server-mail.rules)
 * 1:27539 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 234 buffer overflow attempt (server-other.rules)
 * 1:27552 <-> DISABLED <-> OS-MOBILE Android Exploit Extra_Field APK file download attempt (os-mobile.rules)
 * 1:27571 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 235 buffer overflow attempt (server-other.rules)
 * 1:27572 <-> ENABLED <-> SERVER-APACHE Apache Struts wildcard matching OGNL remote code execution attempt (server-apache.rules)
 * 1:27573 <-> ENABLED <-> SERVER-APACHE Apache Struts wildcard matching OGNL remote code execution attempt (server-apache.rules)
 * 1:27574 <-> ENABLED <-> SERVER-APACHE Apache Struts OGNL getRuntime.exec static method access attempt (server-apache.rules)
 * 1:27575 <-> ENABLED <-> SERVER-APACHE Apache Struts arbitrary OGNL remote code execution attempt (server-apache.rules)
 * 1:27617 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 264 buffer overflow attempt (server-other.rules)
 * 1:27621 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27622 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27623 <-> DISABLED <-> SERVER-OTHER Joomla media.php arbitrary file upload attempt (server-other.rules)
 * 1:27646 <-> DISABLED <-> SERVER-OTHER HP LeftHand Virtual SAN hydra login request buffer overflow attempt (server-other.rules)
 * 1:27667 <-> DISABLED <-> SERVER-WEBAPP Joomla media.php file.upload direct administrator access attempt (server-webapp.rules)
 * 1:27672 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27673 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27674 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27675 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27676 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27677 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:27688 <-> DISABLED <-> SERVER-WEBAPP mxBB MX Faq module_root_path file inclusion attempt (server-webapp.rules)
 * 1:27691 <-> ENABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster integer overflow attempt (file-java.rules)
 * 1:27692 <-> ENABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster integer overflow attempt (file-java.rules)
 * 1:27750 <-> ENABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster integer overflow attempt (file-java.rules)
 * 1:27751 <-> ENABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster integer overflow attempt (file-java.rules)
 * 1:27753 <-> DISABLED <-> SERVER-WEBAPP Click N Print Coupons coupon_detail.asp SQL injection attempt (server-webapp.rules)
 * 1:27756 <-> DISABLED <-> SERVER-WEBAPP RedHat Piranha Virtual Server Package default passwd and arbitrary command execution attempt (server-webapp.rules)
 * 1:27769 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 207 buffer overflow attempt (server-other.rules)
 * 1:27770 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 210 buffer overflow attempt (server-other.rules)
 * 1:27771 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 236 buffer overflow attempt (server-other.rules)
 * 1:27772 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 243 buffer overflow attempt (server-other.rules)
 * 1:27773 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 265 buffer overflow attempt (server-other.rules)
 * 1:27861 <-> DISABLED <-> SERVER-ORACLE Oracle Enterprise Manager Database Control directory traversal attempt (server-oracle.rules)
 * 1:27862 <-> DISABLED <-> SERVER-WEBAPP Avaya IP Office Customer Call Reporter invalid file upload attempt (server-webapp.rules)
 * 1:27863 <-> DISABLED <-> SERVER-WEBAPP Ektron CMS XSLT transform remote code execution attempt (server-webapp.rules)
 * 1:27921 <-> DISABLED <-> SERVER-ORACLE Oracle Endeca Server createDataStore remote command injection attempt (server-oracle.rules)
 * 1:27937 <-> ENABLED <-> SERVER-OTHER HP ProCurve Manager SNAC UpdateCertificatesServlet directory traversal attempt (server-other.rules)
 * 1:27941 <-> ENABLED <-> SERVER-OTHER HP ProCurve Manager SNAC UpdateDomainControllerServlet directory traversal attempt (server-other.rules)
 * 1:27942 <-> ENABLED <-> SERVER-WEBAPP Sophos Web Protection Appliance sblistpack arbitrary command execution attempt (server-webapp.rules)
 * 1:28047 <-> DISABLED <-> SERVER-WEBAPP RaidSonic Multiple Products arbitrary command injection attempt (server-webapp.rules)
 * 1:28052 <-> DISABLED <-> SERVER-WEBAPP Linksys WRT110 ping.cgi remote command execution attempt (server-webapp.rules)
 * 1:28093 <-> DISABLED <-> SERVER-WEBAPP Western Digital Arkeia Appliance directory traversal attempt (server-webapp.rules)
 * 1:28124 <-> DISABLED <-> FILE-OTHER PCRE character class heap buffer overflow attempt (file-other.rules)
 * 1:28137 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ShrFmla record use after free attempt (file-office.rules)
 * 1:28145 <-> DISABLED <-> SERVER-WEBAPP OpenEMR information disclosure attempt (server-webapp.rules)
 * 1:28149 <-> DISABLED <-> SERVER-OTHER Quest Software Big Brother attempted arbitrary file deletion (server-other.rules)
 * 1:28150 <-> DISABLED <-> SERVER-OTHER Quest Software Big Brother attempted arbitrary file upload  (server-other.rules)
 * 1:28165 <-> DISABLED <-> PROTOCOL-VOIP attempted DOS detected (protocol-voip.rules)
 * 1:28227 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 211 buffer overflow attempt (server-other.rules)
 * 1:28251 <-> DISABLED <-> SERVER-WEBAPP Zabbix httpmon.php SQL injection attempt (server-webapp.rules)
 * 1:28252 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:28263 <-> DISABLED <-> FILE-OTHER Cisco WebEx recording integer overflow attempt (file-other.rules)
 * 1:28276 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:28277 <-> ENABLED <-> FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (file-java.rules)
 * 1:28278 <-> DISABLED <-> SERVER-WEBAPP IBM Tivoli Provisioning Manager express user.updateUserValue sql injection attempt (server-webapp.rules)
 * 1:28289 <-> ENABLED <-> SERVER-WEBAPP Tenda W302R root remote code execution attempt (server-webapp.rules)
 * 1:28290 <-> ENABLED <-> SERVER-WEBAPP Tenda W302R iwpriv remote code execution attempt (server-webapp.rules)
 * 1:28361 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader malformed shading modifier heap corruption attempt (file-pdf.rules)
 * 1:28388 <-> DISABLED <-> FILE-PDF Adobe Acrobat TrueType font handling remote code execution attempt (file-pdf.rules)
 * 1:28389 <-> DISABLED <-> FILE-PDF Adobe Acrobat TrueType font handling remote code execution attempt (file-pdf.rules)
 * 1:28393 <-> DISABLED <-> SERVER-OTHER EMC Replication Manager irccd remote command execution attempt (server-other.rules)
 * 1:28394 <-> DISABLED <-> SERVER-OTHER EMC AlphaStore format string vulnerability exploit attempt (server-other.rules)
 * 1:28395 <-> DISABLED <-> SERVER-OTHER EMC AlphaStore format string vulnerability exploit attempt (server-other.rules)
 * 1:28396 <-> DISABLED <-> SERVER-OTHER EMC AlphaStore format string vulnerability exploit attempt (server-other.rules)
 * 1:28397 <-> DISABLED <-> SERVER-OTHER EMC AlphaStore format string vulnerability exploit attempt (server-other.rules)
 * 1:28398 <-> DISABLED <-> SERVER-OTHER EMC AlphaStore format string vulnerability exploit attempt (server-other.rules)
 * 1:28407 <-> ENABLED <-> SERVER-WEBAPP HP Intelligent Management Center BIMS UploadServlet arbitrary file upload attempt (server-webapp.rules)
 * 1:28427 <-> DISABLED <-> FILE-PDF Adobe Acrobat universal 3D format memory corruption attempt (file-pdf.rules)
 * 1:28448 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center BIMS bimsDownload directory traversal attempt (server-webapp.rules)
 * 1:28461 <-> DISABLED <-> FILE-PDF Adobe Acrobat font parsing integer overflow attempt (file-pdf.rules)
 * 1:28462 <-> DISABLED <-> FILE-PDF Adobe Acrobat font parsing integer overflow attempt (file-pdf.rules)
 * 1:28464 <-> ENABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28465 <-> ENABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28466 <-> ENABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28467 <-> ENABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28468 <-> ENABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28469 <-> ENABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28470 <-> ENABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28471 <-> ENABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28472 <-> ENABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28473 <-> ENABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28525 <-> ENABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28526 <-> ENABLED <-> FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (file-office.rules)
 * 1:28534 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML description attribute overflow attempt (file-other.rules)
 * 1:28535 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML description attribute overflow attempt (file-other.rules)
 * 1:28536 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML description attribute overflow attempt (file-other.rules)
 * 1:28537 <-> DISABLED <-> FILE-OTHER Apple Quicktime TeXML description attribute overflow attempt (file-other.rules)
 * 1:28575 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Reader FDF submitForm cross-site scripting attempt (file-other.rules)
 * 1:28576 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Reader FDF submitForm cross-site scripting attempt (file-other.rules)
 * 1:28597 <-> ENABLED <-> FILE-PDF Adobe Acrobat and Adobe Acrobat Reader field dictionary null pointer dereference attempt (file-pdf.rules)
 * 1:28598 <-> ENABLED <-> FILE-PDF Adobe Acrobat and Adobe Acrobat Reader field dictionary null pointer dereference attempt (file-pdf.rules)
 * 1:28621 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (file-pdf.rules)
 * 1:28622 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed shading modifier heap corruption attempt (file-pdf.rules)
 * 1:28623 <-> DISABLED <-> FILE-PDF Adobe Acrobat font parsing integer overflow attempt (file-pdf.rules)
 * 1:28624 <-> DISABLED <-> FILE-PDF Adobe Acrobat font parsing integer overflow attempt (file-pdf.rules)
 * 1:28625 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader U3D rgba parsing overflow attempt (file-pdf.rules)
 * 1:28633 <-> DISABLED <-> FILE-PDF Adobe Acrobat Universal 3D stream memory corruption attempt (file-pdf.rules)
 * 1:28642 <-> DISABLED <-> FILE-PDF Adobe Acrobat TrueType font handling remote code execution attempt (file-pdf.rules)
 * 1:28643 <-> DISABLED <-> FILE-PDF Adobe Acrobat TrueType font handling remote code execution attempt (file-pdf.rules)
 * 1:28659 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader known malicious variable exploit attempt (file-pdf.rules)
 * 1:28709 <-> DISABLED <-> FILE-PDF Adobe Acrobat Universal 3D stream memory corruption attempt (file-pdf.rules)
 * 1:28746 <-> DISABLED <-> SERVER-WEBAPP SAP NetWeaver SXPG_CALL_SYSTEM remote code execution attempt (server-webapp.rules)
 * 1:28747 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader universal 3D format memory corruption attempt (file-pdf.rules)
 * 1:28748 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader universal 3D format memory corruption attempt (file-pdf.rules)
 * 1:28790 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader universal 3D stream memory corruption attempt (file-pdf.rules)
 * 1:28794 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SerAuxTrend biff record corruption attempt (file-office.rules)
 * 1:28818 <-> DISABLED <-> FILE-OTHER 7-Zip ARJ archive handling buffer overflow attempt (file-other.rules)
 * 1:28819 <-> DISABLED <-> FILE-OTHER 7-Zip ARJ archive handling buffer overflow attempt (file-other.rules)
 * 1:28831 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro d2d1.dll dll-load exploit attempt (file-other.rules)
 * 1:28833 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro ipl.dll dll-load exploit attempt (file-other.rules)
 * 1:28834 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uipl.dll dll-load exploit attempt (file-other.rules)
 * 1:28835 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uvipl.dll dll-load exploit attempt (file-other.rules)
 * 1:28836 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro wintab32.dll dll-load exploit attempt (file-other.rules)
 * 1:28837 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro d2d1.dll dll-load exploit attempt (file-other.rules)
 * 1:28839 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro ipl.dll dll-load exploit attempt (file-other.rules)
 * 1:28840 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uipl.dll dll-load exploit attempt (file-other.rules)
 * 1:28841 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro uvipl.dll dll-load exploit attempt (file-other.rules)
 * 1:28842 <-> DISABLED <-> FILE-OTHER Corel PaintShop Pro wintab32.dll dll-load exploit attempt (file-other.rules)
 * 1:28843 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader javascript toolbar button use after free attempt (file-pdf.rules)
 * 1:28844 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader javascript toolbar button use after free attempt (file-pdf.rules)
 * 1:28845 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader javascript toolbar button use after free attempt (file-pdf.rules)
 * 1:28846 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader javascript toolbar button use after free attempt (file-pdf.rules)
 * 1:28867 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NDProxy.sys privilege escalation attempt (os-windows.rules)
 * 1:28868 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NDProxy.sys privilege escalation attempt (os-windows.rules)
 * 1:28869 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NDProxy.sys privilege escalation attempt (os-windows.rules)
 * 1:28870 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NDProxy.sys privilege escalation attempt (os-windows.rules)
 * 1:28871 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NDProxy.sys privilege escalation attempt (os-windows.rules)
 * 1:28872 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NDProxy.sys privilege escalation attempt (os-windows.rules)
 * 1:28902 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules)
 * 1:28903 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules)
 * 1:28904 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules)
 * 1:28905 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules)
 * 1:28906 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules)
 * 1:28907 <-> DISABLED <-> FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (file-other.rules)
 * 1:28908 <-> DISABLED <-> SERVER-OTHER Nagios core config manager tfpassword sql injection attempt (server-other.rules)
 * 1:28909 <-> DISABLED <-> SERVER-WEBAPP OTManager ADM_Pagina.php remote file include attempt (server-webapp.rules)
 * 1:28910 <-> DISABLED <-> SERVER-WEBAPP mcRefer install.php arbitrary PHP code injection attempt (server-webapp.rules)
 * 1:28912 <-> DISABLED <-> SERVER-WEBAPP Joomla simple RSS reader admin.rssreader.php remote file include attempt (server-webapp.rules)
 * 1:28915 <-> ENABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster.verify method integer overflow attempt (file-java.rules)
 * 1:28916 <-> ENABLED <-> FILE-JAVA Oracle Java IntegerInterleavedRaster.verify method integer overflow attempt (file-java.rules)
 * 1:28917 <-> DISABLED <-> PROTOCOL-SCADA Microsys Promotic directory traversal attempt (protocol-scada.rules)
 * 1:28936 <-> DISABLED <-> SERVER-WEBAPP Horde groupware webmail edition ingo filter cross-site request forgery attempt (server-webapp.rules)
 * 1:28937 <-> DISABLED <-> SERVER-WEBAPP HP SiteScope issuesiebelcmd soap request code execution attempt (server-webapp.rules)
 * 1:28942 <-> DISABLED <-> SERVER-WEBAPP BoonEx Dolphin 6.1.2 remote file include attempt (server-webapp.rules)
 * 1:28943 <-> DISABLED <-> SERVER-WEBAPP BoonEx Dolphin 6.1.2 remote file include attempt (server-webapp.rules)
 * 1:28944 <-> DISABLED <-> SERVER-WEBAPP BoonEx Dolphin 6.1.2 remote file include attempt (server-webapp.rules)
 * 1:28946 <-> DISABLED <-> SERVER-WEBAPP Microsoft Sharepoint server callback function cross-site scripting attempt (server-webapp.rules)
 * 1:28956 <-> DISABLED <-> SERVER-WEBAPP Novell Zenworks configuration management umaninv information disclosure attempt (server-webapp.rules)
 * 1:28957 <-> DISABLED <-> SERVER-WEBAPP RSS-aggregator display.php remote file include attempt (server-webapp.rules)
 * 1:28961 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer RealMedia URL length buffer overflow attempt (file-multimedia.rules)
 * 1:28962 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer RealMedia URL length buffer overflow attempt (file-multimedia.rules)
 * 1:28993 <-> DISABLED <-> PROTOCOL-VOIP Sipvicious User-Agent detected (protocol-voip.rules)
 * 1:28998 <-> DISABLED <-> OS-LINUX Linux kernel ARM put_user write outside process address space privilege escalation attempt (os-linux.rules)
 * 1:28999 <-> DISABLED <-> OS-LINUX Linux kernel ARM put_user write outside process address space privilege escalation attempt (os-linux.rules)
 * 1:29005 <-> DISABLED <-> SERVER-WEBAPP IBM Platform Symphony SOAP request processing buffer overflow attempt (server-webapp.rules)
 * 1:29014 <-> DISABLED <-> OS-WINDOWS Microsoft Windows embedded OpenType font engine LZX decompression buffer overflow attempt (os-windows.rules)
 * 1:29017 <-> ENABLED <-> SERVER-WEBAPP HP LoadRunner Virtual User Generator EmulationAdmin directory traversal attempt (server-webapp.rules)
 * 1:29018 <-> DISABLED <-> SERVER-WEBAPP HP LoadRunner Virtual User Generator EmulationAdmin getReport SQL injection attempt (server-webapp.rules)
 * 1:29019 <-> ENABLED <-> SERVER-WEBAPP HP LoadRunner Virtual User Generator EmulationAdmin directory traversal attempt (server-webapp.rules)
 * 1:29028 <-> DISABLED <-> SERVER-MSSQL Microsoft SQL Server TDS packet fragment handling remote denial of service attempt (server-mssql.rules)
 * 1:29029 <-> DISABLED <-> SERVER-MSSQL Microsoft SQL Server TDS packet fragment handling remote denial of service attempt (server-mssql.rules)
 * 1:29040 <-> DISABLED <-> SERVER-WEBAPP Zimbra remote code execution attempt (server-webapp.rules)
 * 1:29041 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Data Center Network Manager processImageSave.jsp directory traversal attempt (server-webapp.rules)
 * 1:29042 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Data Center Network Manager processImageSave.jsp directory traversal attempt (server-webapp.rules)
 * 1:29061 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Flash Player memory corruption attempt (file-multimedia.rules)
 * 1:29062 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader malformed JBIG2 decode segment null pointer crash attempt (file-pdf.rules)
 * 1:29063 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader malformed JBIG2 decode segment null pointer crash attempt (file-pdf.rules)
 * 1:29110 <-> DISABLED <-> SERVER-WEBAPP Symantec Messaging Gateway save.do cross site request forgery attempt (server-webapp.rules)
 * 1:29118 <-> DISABLED <-> SERVER-WEBAPP Novell Groupwise Messenger Server process memory information disclosure attempt (server-webapp.rules)
 * 1:29141 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Data Center Network Manager FileUploadServlet arbitrary file upload attempt (server-webapp.rules)
 * 1:29142 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Data Center Network Manager FileUploadServlet arbitrary file upload attempt (server-webapp.rules)
 * 1:29182 <-> ENABLED <-> FILE-OTHER RealNetworks RealPlayer RMP stack buffer overflow attempt (file-other.rules)
 * 1:29183 <-> ENABLED <-> FILE-OTHER RealNetworks RealPlayer RMP stack buffer overflow attempt (file-other.rules)
 * 1:29184 <-> ENABLED <-> FILE-OTHER RealNetworks RealPlayer RMP stack buffer overflow attempt (file-other.rules)
 * 1:29185 <-> ENABLED <-> FILE-OTHER RealNetworks RealPlayer RMP stack buffer overflow attempt (file-other.rules)
 * 1:29192 <-> DISABLED <-> SERVER-WEBAPP Zimbra remote code execution attempt (server-webapp.rules)
 * 1:29193 <-> DISABLED <-> SERVER-WEBAPP Zimbra remote code execution attempt (server-webapp.rules)
 * 1:29207 <-> ENABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (file-other.rules)
 * 1:29208 <-> ENABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (file-other.rules)
 * 1:29209 <-> ENABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (file-other.rules)
 * 1:29210 <-> ENABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (file-other.rules)
 * 1:29211 <-> ENABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (file-other.rules)
 * 1:29212 <-> ENABLED <-> FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (file-other.rules)
 * 1:29267 <-> DISABLED <-> SERVER-WEBAPP Nagios3 statuswml.cgi remote command execution attempt (server-webapp.rules)
 * 1:29277 <-> DISABLED <-> FILE-OTHER IBM Forms Viewer XFDL form processing stack buffer overflow attempt (file-other.rules)
 * 1:29278 <-> DISABLED <-> FILE-OTHER IBM Forms Viewer XFDL form processing stack buffer overflow attempt (file-other.rules)
 * 1:29279 <-> DISABLED <-> FILE-OTHER IBM Forms Viewer XFDL form processing stack buffer overflow attempt (file-other.rules)
 * 1:29280 <-> DISABLED <-> FILE-OTHER IBM Forms Viewer XFDL form processing stack buffer overflow attempt (file-other.rules)
 * 1:29296 <-> ENABLED <-> SERVER-WEBAPP Red Hat CloudForms agent controller filename directory traversal attempt (server-webapp.rules)
 * 1:29297 <-> ENABLED <-> SERVER-WEBAPP Red Hat CloudForms agent controller filename directory traversal attempt (server-webapp.rules)
 * 1:29362 <-> DISABLED <-> SERVER-OTHER Novell NetWare AFP denial of service attempt (server-other.rules)
 * 1:29387 <-> ENABLED <-> SERVER-WEBAPP Synology DiskStation Manager