Talos Rules 2021-03-30
This release adds and modifies rules in several categories.

Talos has added and modified multiple rules in the browser-other, malware-cnc, os-windows, protocol-tftp and server-webapp rule sets to provide coverage for emerging threats from these technologies.

Change logs

2021-03-30 12:38:06 UTC

Snort Subscriber Rules Update

Date: 2021-03-30

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091701.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:15421 <-> DISABLED <-> DELETED CONTENT-REPLACE AIM or ICQ deny login for unencrypted connection (deleted.rules)
 * 1:57361 <-> DISABLED <-> MALWARE-BACKDOOR PAS webshell inbound connection attempt (malware-backdoor.rules)
 * 1:57362 <-> ENABLED <-> MALWARE-BACKDOOR PAS webshell outbound connection attempt (malware-backdoor.rules)
 * 1:57363 <-> DISABLED <-> MALWARE-BACKDOOR PAS webshell inbound connection attempt (malware-backdoor.rules)
 * 1:57364 <-> DISABLED <-> MALWARE-BACKDOOR PAS webshell outbound connection attempt (malware-backdoor.rules)
 * 1:57365 <-> DISABLED <-> BROWSER-CHROME Google Chrome WebXR component use after free attempt (browser-chrome.rules)
 * 1:57366 <-> DISABLED <-> BROWSER-CHROME Google Chrome WebXR component use after free attempt (browser-chrome.rules)
 * 1:57367 <-> DISABLED <-> SERVER-WEBAPP Yealink Device Management server side request forgery attempt (server-webapp.rules)
 * 1:57368 <-> ENABLED <-> MALWARE-CNC Unix.Malware.Exaramel outbound connection attempt (malware-cnc.rules)
 * 1:57369 <-> ENABLED <-> MALWARE-CNC Unix.Malware.Exaramel outbound connection attempt (malware-cnc.rules)
 * 1:57370 <-> ENABLED <-> MALWARE-CNC Unix.Malware.Exaramel outbound connection attempt (malware-cnc.rules)
 * 1:57375 <-> DISABLED <-> BROWSER-CHROME Google Chrome WebAssembly memory corruption attempt (browser-chrome.rules)
 * 1:57376 <-> DISABLED <-> BROWSER-CHROME Google Chrome WebAssembly memory corruption attempt (browser-chrome.rules)
 * 1:57377 <-> DISABLED <-> SERVER-ORACLE Oracle Weblogic ExternalizableLite T3 remote code execution attempt (server-oracle.rules)
 * 1:57380 <-> DISABLED <-> MALWARE-CNC Win.Backdoor.Sunburst outbound connection attempt (malware-cnc.rules)
 * 1:57381 <-> DISABLED <-> SERVER-OTHER Dnsmasq DNS and DHCP server heap-buffer overflow attempt (server-other.rules)
 * 1:57382 <-> DISABLED <-> SERVER-OTHER Microsoft Exchange Server DLPUtils remote code execution attempt (server-other.rules)
 * 3:26877 <-> ENABLED <-> OS-WINDOWS Microsoft Windows TCPRecomputeMss denial of service attempt (os-windows.rules)
 * 3:26972 <-> ENABLED <-> SERVER-OTHER CUPS IPP multi-valued attribute memory corruption attempt (server-other.rules)
 * 3:27906 <-> ENABLED <-> SERVER-OTHER MIT Kerberos KDC prep_reprocess_req null pointer dereference attempt (server-other.rules)
 * 3:28487 <-> ENABLED <-> OS-WINDOWS Microsoft GDI library TIFF handling memory corruption attempt (os-windows.rules)
 * 3:28488 <-> ENABLED <-> OS-WINDOWS Microsoft GDI library TIFF handling memory corruption attempt (os-windows.rules)
 * 3:29441 <-> ENABLED <-> PROTOCOL-VOIP CISCO Telepresence VCS SIP denial of service attempt (protocol-voip.rules)
 * 3:29944 <-> ENABLED <-> FILE-IMAGE Microsoft Multiple Products potentially malicious PNG detected - large or invalid chunk size (file-image.rules)
 * 3:29945 <-> ENABLED <-> FILE-IMAGE Microsoft Multiple Products potentially malicious PNG detected - large or invalid chunk size (file-image.rules)
 * 3:30282 <-> ENABLED <-> PROTOCOL-VOIP Cisco IOS SIP header denial of service attempt (protocol-voip.rules)
 * 3:30283 <-> ENABLED <-> PROTOCOL-VOIP Cisco IOS SIP header denial of service attempt (protocol-voip.rules)
 * 3:30881 <-> ENABLED <-> MALWARE-OTHER dns request with long host name segment - possible data exfiltration attempt (malware-other.rules)
 * 3:30884 <-> ENABLED <-> PROTOCOL-VOIP Cisco MXP Telepresence gssapi-data unauthenticated denial of service attempt (protocol-voip.rules)
 * 3:30885 <-> ENABLED <-> PROTOCOL-VOIP Cisco SIP malformed date header buffer overflow attempt (protocol-voip.rules)
 * 3:30886 <-> ENABLED <-> PROTOCOL-VOIP Cisco SIP malformed date header buffer overflow attempt (protocol-voip.rules)
 * 3:30887 <-> ENABLED <-> SERVER-OTHER Cisco Tshell command injection attempt (server-other.rules)
 * 3:30888 <-> ENABLED <-> SERVER-OTHER Cisco Tshell command injection attempt (server-other.rules)
 * 3:30889 <-> ENABLED <-> PROTOCOL-VOIP Content-Type media type overflow denial of service attempt (protocol-voip.rules)
 * 3:30890 <-> ENABLED <-> PROTOCOL-VOIP Content-Type media type overflow denial of service attempt (protocol-voip.rules)
 * 3:30901 <-> ENABLED <-> FILE-FLASH known malicious flash actionscript decryption routine (file-flash.rules)
 * 3:30902 <-> ENABLED <-> FILE-OTHER Cisco Webex WRF heap corruption attempt (file-other.rules)
 * 3:30903 <-> ENABLED <-> FILE-OTHER Cisco Webex WRF heap corruption attempt (file-other.rules)
 * 3:30912 <-> ENABLED <-> FILE-OTHER Cisco Webex WRF heap corruption attempt (file-other.rules)
 * 3:30913 <-> ENABLED <-> FILE-OTHER Cisco Webex WRF heap corruption attempt (file-other.rules)
 * 3:30921 <-> ENABLED <-> FILE-OTHER Cisco WebEx Player atas32.dll memory overread attempt (file-other.rules)
 * 3:30922 <-> ENABLED <-> FILE-OTHER Cisco WebEx Player atas32.dll memory overread attempt (file-other.rules)
 * 3:30929 <-> ENABLED <-> SERVER-OTHER Cisco RV180 VPN CSRF attempt (server-other.rules)
 * 3:30931 <-> ENABLED <-> SERVER-OTHER Cisco RV180W remote file inclusion attempt (server-other.rules)
 * 3:30932 <-> ENABLED <-> FILE-OTHER Cisco WebEx WRF heap corruption attempt (file-other.rules)
 * 3:30933 <-> ENABLED <-> SERVER-OTHER Cisco RV180 VPN remote code execution attempt (server-other.rules)
 * 3:30942 <-> ENABLED <-> FILE-OTHER Cisco Webex ARF Player LZW decompress memory corruption denial of service attempt (file-other.rules)
 * 3:30943 <-> ENABLED <-> FILE-OTHER Cisco Webex ARF Player LZW decompress memory corruption denial of service attempt (file-other.rules)
 * 3:31361 <-> ENABLED <-> SERVER-OTHER OpenSSL DTLSv1.0 handshake fragment buffer overrun attempt (server-other.rules)
 * 3:31398 <-> ENABLED <-> PROTOCOL-VOIP Cisco Unified IP phone BVSMWeb portal attack attempt (protocol-voip.rules)
 * 3:31451 <-> ENABLED <-> PROTOCOL-VOIP Cisco Unified IP phone BVSMWeb portal attack attempt (protocol-voip.rules)
 * 3:31615 <-> ENABLED <-> OS-OTHER Cisco IOS EnergyWise malformed packet denial of service attempt (os-other.rules)
 * 3:31616 <-> ENABLED <-> OS-OTHER Cisco IOS EnergyWise malformed packet denial of service attempt (os-other.rules)
 * 3:31664 <-> ENABLED <-> SERVER-OTHER Cisco ASA SQLNet inspection engine denial of service attempt (server-other.rules)
 * 3:31665 <-> ENABLED <-> SERVER-OTHER Cisco ASA SQLNet inspection engine denial of service attempt (server-other.rules)
 * 3:31666 <-> ENABLED <-> SERVER-OTHER Cisco ASA SQLNet inspection engine denial of service attempt (server-other.rules)
 * 3:31667 <-> ENABLED <-> SERVER-OTHER Cisco ASA SQLNet inspection engine denial of service attempt (server-other.rules)
 * 3:31668 <-> ENABLED <-> SERVER-WEBAPP Cisco Unified Web and E-Mail Interaction Manager cross site scripting attempt (server-webapp.rules)
 * 3:31738 <-> ENABLED <-> PROTOCOL-DNS domain not found containing random-looking hostname - possible DGA detected (protocol-dns.rules)
 * 3:31891 <-> ENABLED <-> SERVER-WEBAPP Cisco ASA WebVPN auth_handle cross site scripting attempt (server-webapp.rules)
 * 3:31979 <-> ENABLED <-> SERVER-OTHER Cisco IOS MediaNet metadata over RSVP IPFIX setlen=4 denial of service attempt (server-other.rules)
 * 3:31980 <-> ENABLED <-> SERVER-OTHER Cisco IOS RSVP Path message with no session attribute denial of service attempt (server-other.rules)
 * 3:31981 <-> ENABLED <-> SERVER-OTHER Cisco RSVP Protocol invalid Set ID DoS attempt (server-other.rules)
 * 3:31982 <-> ENABLED <-> SERVER-OTHER Cisco IOS mdns memory leak (server-other.rules)
 * 3:31983 <-> ENABLED <-> OS-OTHER DHCPv6 flood denial of service attempt (os-other.rules)
 * 3:31984 <-> ENABLED <-> OS-OTHER Cisco IOS mDNS malformed rrlength denial of service attempt (os-other.rules)
 * 3:32101 <-> ENABLED <-> SERVER-WEBAPP Cisco ASA WebVPN login.html memory corruption attempt (server-webapp.rules)
 * 3:32106 <-> ENABLED <-> SERVER-OTHER Cisco ASA SCPS command injection attempt (server-other.rules)
 * 3:32107 <-> ENABLED <-> SERVER-WEBAPP Cisco ASA WebVPN directory traversal attempt (server-webapp.rules)
 * 3:32108 <-> ENABLED <-> SERVER-WEBAPP Cisco ASA WebVPN directory traversal attempt (server-webapp.rules)
 * 3:32110 <-> ENABLED <-> SERVER-OTHER Cisco ASA IKEv2 denial of service attempt (server-other.rules)
 * 3:32111 <-> ENABLED <-> SERVER-OTHER Cisco ASA IKEv2 denial of service attempt (server-other.rules)
 * 3:32112 <-> ENABLED <-> SERVER-OTHER Cisco ASA IKEv2 denial of service attempt (server-other.rules)
 * 3:32113 <-> ENABLED <-> SERVER-OTHER Cisco ASA IKEv2 denial of service attempt (server-other.rules)
 * 3:32114 <-> ENABLED <-> SERVER-OTHER Cisco ASA SunRPC inspection engine denial of service attempt (server-other.rules)
 * 3:32115 <-> ENABLED <-> SERVER-OTHER Cisco ASA SQLNet inspection engine denial of service attempt (server-other.rules)
 * 3:32116 <-> ENABLED <-> SERVER-OTHER Cisco ASA SQLNet inspection engine denial of service attempt (server-other.rules)
 * 3:32207 <-> ENABLED <-> PROTOCOL-VOIP missing media application format parameter denial-of-service attempt (protocol-voip.rules)
 * 3:32208 <-> ENABLED <-> PROTOCOL-VOIP missing media application format parameter denial-of-service attempt (protocol-voip.rules)
 * 3:32209 <-> ENABLED <-> PROTOCOL-VOIP missing media application format parameter denial-of-service attempt (protocol-voip.rules)
 * 3:32210 <-> ENABLED <-> PROTOCOL-VOIP missing media application format parameter denial-of-service attempt (protocol-voip.rules)
 * 3:32211 <-> ENABLED <-> PROTOCOL-VOIP missing media application format parameter denial-of-service attempt (protocol-voip.rules)
 * 3:32212 <-> ENABLED <-> PROTOCOL-VOIP missing media application format parameter denial-of-service attempt (protocol-voip.rules)
 * 3:32213 <-> ENABLED <-> PROTOCOL-VOIP missing media application format parameter denial-of-service attempt (protocol-voip.rules)
 * 3:32214 <-> ENABLED <-> PROTOCOL-VOIP missing media application format parameter denial-of-service attempt (protocol-voip.rules)
 * 3:32215 <-> ENABLED <-> PROTOCOL-VOIP missing media application format parameter denial-of-service attempt (protocol-voip.rules)
 * 3:32216 <-> ENABLED <-> PROTOCOL-VOIP missing media application format parameter denial-of-service attempt (protocol-voip.rules)
 * 3:32217 <-> ENABLED <-> PROTOCOL-VOIP out of range port specification exploit attempt (protocol-voip.rules)
 * 3:32218 <-> ENABLED <-> PROTOCOL-VOIP out of range port specification exploit attempt (protocol-voip.rules)
 * 3:32398 <-> ENABLED <-> SERVER-OTHER Cisco RV180W Router cross-site request forgery attempt (server-other.rules)
 * 3:33053 <-> ENABLED <-> OS-WINDOWS Microsoft RADIUS Server invalid access-request username denial of service attempt (os-windows.rules)
 * 3:33229 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Services Catalog XML external entity injection attempt (server-webapp.rules)
 * 3:33587 <-> ENABLED <-> FILE-OFFICE Microsoft RTF improper listoverride nesting attempt (file-office.rules)
 * 3:33869 <-> ENABLED <-> PROTOCOL-VOIP Cisco TelePresence Video Communication Server SDP media description denial of service attempt (protocol-voip.rules)
 * 3:33870 <-> ENABLED <-> PROTOCOL-VOIP Cisco TelePresence Video Communication Server SDP media description denial of service attempt (protocol-voip.rules)
 * 3:33871 <-> ENABLED <-> SERVER-WEBAPP Cisco TelePresence Video Communication Server authentication bypass attempt (server-webapp.rules)
 * 3:33927 <-> ENABLED <-> SERVER-OTHER Cisco IOS virtual routing and forwarding ICMP redirect denial of service attempt (server-other.rules)
 * 3:33928 <-> ENABLED <-> SERVER-OTHER Cisco IOS mDNS denial of service attempt (server-other.rules)
 * 3:33929 <-> ENABLED <-> SERVER-OTHER Cisco IOS mDNS denial of service attempt (server-other.rules)
 * 3:34022 <-> ENABLED <-> PROTOCOL-VOIP Cisco Unity Connection malformed contact header denial of service attempt (protocol-voip.rules)
 * 3:34023 <-> ENABLED <-> PROTOCOL-VOIP Unity Conversation Manager record-route INVITE anomaly denial of service attempt (protocol-voip.rules)
 * 3:34051 <-> ENABLED <-> PROTOCOL-DNS Cisco ASA memory exhaustion denial of service attempt (protocol-dns.rules)
 * 3:34180 <-> ENABLED <-> OS-OTHER Cisco Secure Desktop Applet command execution attempt (os-other.rules)
 * 3:34369 <-> ENABLED <-> SERVER-WEBAPP Cisco UCS Central command injection attempt (server-webapp.rules)
 * 3:34967 <-> ENABLED <-> SERVER-OTHER Fortinet FSSO stack buffer overflow attempt (server-other.rules)
 * 3:34968 <-> ENABLED <-> SERVER-WEBAPP Cisco Sourcefire 3D System integrated BMC arbitrary file upload attempt (server-webapp.rules)
 * 3:34971 <-> ENABLED <-> SERVER-OTHER MIT Kerberos KDC as-req sname null pointer dereference attempt (server-other.rules)
 * 3:34972 <-> ENABLED <-> SERVER-OTHER MIT Kerberos KDC as-req sname null pointer dereference attempt (server-other.rules)
 * 3:35336 <-> ENABLED <-> PROTOCOL-TFTP Cisco IOS TFTP server denial of service attempt (protocol-tftp.rules)
 * 3:35337 <-> ENABLED <-> PROTOCOL-TFTP Cisco IOS TFTP server denial of service attempt (protocol-tftp.rules)
 * 3:35338 <-> ENABLED <-> PROTOCOL-TFTP Cisco IOS TFTP server denial of service attempt (protocol-tftp.rules)
 * 3:35339 <-> ENABLED <-> PROTOCOL-TFTP Cisco IOS TFTP server denial of service attempt (protocol-tftp.rules)
 * 3:35340 <-> ENABLED <-> PROTOCOL-TFTP Cisco IOS TFTP server denial of service attempt (protocol-tftp.rules)
 * 3:35341 <-> ENABLED <-> PROTOCOL-TFTP Cisco IOS TFTP server denial of service attempt (protocol-tftp.rules)
 * 3:35342 <-> ENABLED <-> PROTOCOL-TFTP Cisco IOS TFTP server denial of service attempt (protocol-tftp.rules)
 * 3:35343 <-> ENABLED <-> PROTOCOL-TFTP Cisco IOS TFTP server denial of service attempt (protocol-tftp.rules)
 * 3:35347 <-> ENABLED <-> SERVER-WEBAPP Cisco Unified MeetingPlace password change policy bypass attempt (server-webapp.rules)
 * 3:35721 <-> ENABLED <-> OS-WINDOWS TRUFFLEHUNTER TALOS-2015-0008 attack attempt (os-windows.rules)
 * 3:35722 <-> ENABLED <-> OS-WINDOWS TRUFFLEHUNTER TALOS-2015-0008 attack attempt (os-windows.rules)
 * 3:35727 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2015-0011 attack attempt (file-other.rules)
 * 3:35728 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2015-0011 attack attempt (file-other.rules)
 * 3:35729 <-> ENABLED <-> OS-WINDOWS TRUFFLEHUNTER TALOS-2015-0009 attack attempt (os-windows.rules)
 * 3:35730 <-> ENABLED <-> OS-WINDOWS TRUFFLEHUNTER TALOS-2015-0009 attack attempt (os-windows.rules)
 * 3:35834 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-CAN-0043 attack attempt (file-multimedia.rules)
 * 3:35835 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-CAN-0043 attack attempt (file-multimedia.rules)
 * 3:35868 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer use after free attempt (browser-ie.rules)
 * 3:35869 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer use after free attempt (browser-ie.rules)
 * 3:35870 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer use after free attempt (browser-ie.rules)
 * 3:35871 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer use after free attempt (browser-ie.rules)
 * 3:35877 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader javascript AcroForm object use after free attempt (file-pdf.rules)
 * 3:35878 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader javascript AcroForm object use after free attempt (file-pdf.rules)
 * 3:35879 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader javascript AcroForm object use after free attempt (file-pdf.rules)
 * 3:35880 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader javascript AcroForm object use after free attempt (file-pdf.rules)
 * 3:35881 <-> ENABLED <-> FILE-PDF download of a PDF with embedded JavaScript and U3D objects (file-pdf.rules)
 * 3:35882 <-> ENABLED <-> FILE-PDF transfer of a PDF with embedded JavaScript and U3D objects (file-pdf.rules)
 * 3:35883 <-> ENABLED <-> NETBIOS DCERPC NCACN-IP-TCP brightstor opcode 0x13 overflow attempt (netbios.rules)
 * 3:35884 <-> ENABLED <-> POLICY-OTHER MBean retrieval attempt (policy-other.rules)
 * 3:35885 <-> ENABLED <-> POLICY-OTHER MBean retrieval attempt (policy-other.rules)
 * 3:35890 <-> ENABLED <-> SERVER-MYSQL Oracle MySQL XPath number function uninitialized pointer arbitrary code execution attempt (server-mysql.rules)
 * 3:35891 <-> ENABLED <-> SERVER-MYSQL Oracle MySQL XPath number function uninitialized pointer arbitrary code execution attempt (server-mysql.rules)
 * 3:35894 <-> ENABLED <-> SERVER-OTHER HP OpenView Data Protector Omnilnet command injection attempt (server-other.rules)
 * 3:35895 <-> ENABLED <-> SERVER-OTHER Hewlett-Packard Radia Client Automation VerbData buffer overflow attempt (server-other.rules)
 * 3:35897 <-> ENABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack command injection attempt (server-other.rules)
 * 3:35898 <-> ENABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules)
 * 3:35899 <-> ENABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack stack buffer overflow attempt (server-other.rules)
 * 3:35900 <-> ENABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack stack buffer overflow attempt (server-other.rules)
 * 3:35901 <-> ENABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack stack buffer overflow attempt (server-other.rules)
 * 3:35902 <-> ENABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack command injection attempt (server-other.rules)
 * 3:35903 <-> ENABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (server-other.rules)
 * 3:35905 <-> ENABLED <-> SERVER-OTHER HP Network Node Manager pmd.exe request detected (server-other.rules)
 * 3:35906 <-> ENABLED <-> SERVER-OTHER HP Network Node Manager pmd.exe buffer overflow attempt  (server-other.rules)
 * 3:35907 <-> ENABLED <-> SERVER-OTHER HP Network Node Manager pmd.exe request detected (server-other.rules)
 * 3:35908 <-> ENABLED <-> SERVER-OTHER HP Network Node Manager pmd.exe buffer overflow attempt  (server-other.rules)
 * 3:35911 <-> ENABLED <-> SERVER-OTHER Websense TRITON xml namespace buffer overflow attempt (server-other.rules)
 * 3:35912 <-> ENABLED <-> SERVER-OTHER Websense TRITON xml namespace buffer overflow attempt (server-other.rules)
 * 3:35913 <-> ENABLED <-> SERVER-OTHER EMC AutoStart ftAgent.exe authentication attempt (server-other.rules)
 * 3:35914 <-> ENABLED <-> SERVER-OTHER EMC AutoStart ftAgent.exe trigger creation attempt (server-other.rules)
 * 3:35915 <-> ENABLED <-> SERVER-OTHER EMC AutoStart ftAgent.exe rule creation attempt (server-other.rules)
 * 3:35918 <-> ENABLED <-> SERVER-OTHER EMC NetWorker server overflow attempt (server-other.rules)
 * 3:35919 <-> ENABLED <-> SERVER-OTHER Vinzant Global ECS Agent untrusted command execution attempt (server-other.rules)
 * 3:35922 <-> ENABLED <-> SERVER-WEBAPP Entrust Authority Enrollment Server stack buffer overflow attempt (server-webapp.rules)
 * 3:35923 <-> ENABLED <-> SERVER-WEBAPP LANDesk Management Suite arbitrary remote file upload attempt (server-webapp.rules)
 * 3:35924 <-> ENABLED <-> SERVER-WEBAPP Oracle Directory Services Manager remote jsp code execution attempt (server-webapp.rules)
 * 3:35925 <-> ENABLED <-> SERVER-WEBAPP Oracle Directory Services Manager LDAP plugin field null byte injection attempt (server-webapp.rules)
 * 3:35926 <-> ENABLED <-> SERVER-WEBAPP Oracle Identity Management authorization bypass attempt (server-webapp.rules)
 * 3:35927 <-> ENABLED <-> SERVER-WEBAPP Oracle Identity Management remote file execution attempt (server-webapp.rules)
 * 3:35928 <-> ENABLED <-> SERVER-WEBAPP IBM Domino cross site scripting attempt (server-webapp.rules)
 * 3:35929 <-> ENABLED <-> SERVER-WEBAPP Nagios XI Incident Manager SQL injection attempt (server-webapp.rules)
 * 3:35930 <-> ENABLED <-> SERVER-WEBAPP Nagios XI Incident Manager SQL injection attempt (server-webapp.rules)
 * 3:35931 <-> ENABLED <-> SERVER-WEBAPP Nagios XI Incident Manager SQL injection attempt (server-webapp.rules)
 * 3:35932 <-> ENABLED <-> SERVER-WEBAPP Nagios XI Incident Manager SQL injection attempt (server-webapp.rules)
 * 3:35941 <-> ENABLED <-> SERVER-WEBAPP Cisco Integrated Management Controller and UCS Director directory traversal attempt (server-webapp.rules)
 * 3:35942 <-> ENABLED <-> PROTOCOL-DNS ISC BIND TKEY query processing denial of service attempt (protocol-dns.rules)
 * 3:35943 <-> ENABLED <-> PROTOCOL-DNS ISC BIND TKEY query processing denial of service attempt (protocol-dns.rules)
 * 3:36153 <-> ENABLED <-> SERVER-OTHER IBM Domino LDAP server ModifyRequest stack buffer overflow attempt (server-other.rules)
 * 3:36208 <-> ENABLED <-> FILE-MULTIMEDIA Apple Quicktime invalid url atom out of bounds read attempt (file-multimedia.rules)
 * 3:36209 <-> ENABLED <-> FILE-MULTIMEDIA Apple Quicktime invalid url atom out of bounds read attempt (file-multimedia.rules)
 * 3:36210 <-> ENABLED <-> OS-WINDOWS TRUFFLEHUNTER TALOS-2015-0002 attack attempt (os-windows.rules)
 * 3:36211 <-> ENABLED <-> OS-WINDOWS TRUFFLEHUNTER TALOS-2015-0002 attack attempt (os-windows.rules)
 * 3:36214 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1119 attack attempt (file-other.rules)
 * 3:36215 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1119 attack attempt (file-other.rules)
 * 3:36218 <-> ENABLED <-> OS-WINDOWS TRUFFLEHUNTER TALOS-CAN-0056 attack attempt (os-windows.rules)
 * 3:36219 <-> ENABLED <-> OS-WINDOWS TRUFFLEHUNTER TALOS-CAN-0056 attack attempt (os-windows.rules)
 * 3:36220 <-> ENABLED <-> OS-WINDOWS TRUFFLEHUNTER TALOS-CAN-0056 attack attempt (os-windows.rules)
 * 3:36221 <-> ENABLED <-> OS-WINDOWS TRUFFLEHUNTER TALOS-CAN-0056 attack attempt (os-windows.rules)
 * 3:36222 <-> ENABLED <-> OS-WINDOWS TRUFFLEHUNTER TALOS-2015-0005 attack attempt (os-windows.rules)
 * 3:36223 <-> ENABLED <-> OS-WINDOWS TRUFFLEHUNTER TALOS-2015-0005 attack attempt (os-windows.rules)
 * 3:36246 <-> ENABLED <-> PROTOCOL-VOIP Cisco IOS SIP header parsing memory leak attempt (protocol-voip.rules)
 * 3:36557 <-> ENABLED <-> SERVER-OTHER Cisco ASA DHCPv6 relay denial of service attempt (server-other.rules)
 * 3:36558 <-> ENABLED <-> SERVER-OTHER Cisco ASA DHCPv6 relay solicit denial of service attempt (server-other.rules)
 * 3:36649 <-> ENABLED <-> SERVER-OTHER Cisco Web Security Appliance range request memory leak denial of service attempt (server-other.rules)
 * 3:36652 <-> ENABLED <-> SERVER-OTHER Cisco ESA malformed spf TXT record anti-spam bypass attempt (server-other.rules)
 * 3:36913 <-> ENABLED <-> SERVER-WEBAPP Cisco WebEx Meetings Server command injection attempt (server-webapp.rules)
 * 3:37358 <-> ENABLED <-> SERVER-WEBAPP Cisco Identity Services Engine default password authentication attempt (server-webapp.rules)
 * 3:37414 <-> ENABLED <-> SERVER-OTHER Cisco NX-OS zero length DHCP VPN suboption denial of service attempt (server-other.rules)
 * 3:37426 <-> ENABLED <-> SERVER-OTHER Cisco NX-OS DHCP option parsing denial of service attempt (server-other.rules)
 * 3:37439 <-> ENABLED <-> SERVER-WEBAPP Cisco UCS Manager getkvmurl.cgi command injection attempt (server-webapp.rules)
 * 3:37440 <-> ENABLED <-> SERVER-WEBAPP Cisco UCS Manager getkvmurl.cgi command injection attempt (server-webapp.rules)
 * 3:37492 <-> ENABLED <-> SERVER-WEBAPP Cisco RV220 platform.cgi SQL injection attempt (server-webapp.rules)
 * 3:37505 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-CAN-0086 attack attempt (file-pdf.rules)
 * 3:37506 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-CAN-0086 attack attempt (file-pdf.rules)
 * 3:37675 <-> ENABLED <-> SERVER-OTHER Cisco IOS invalid IKE fragment length memory corruption or exhaustion attempt (server-other.rules)
 * 3:37853 <-> ENABLED <-> SERVER-WEBAPP Cisco ACE A5 trace.vm command injection attempt (server-webapp.rules)
 * 3:38087 <-> ENABLED <-> SERVER-WEBAPP Cisco WLAN Controller insecure configuration wizard access attempt (server-webapp.rules)
 * 3:38137 <-> ENABLED <-> SERVER-OTHER Cisco DPC2203 arbitrary code execution attempt (server-other.rules)
 * 3:38138 <-> ENABLED <-> SERVER-OTHER Cisco DPQ3925 denial of service attempt (server-other.rules)
 * 3:38139 <-> ENABLED <-> SERVER-OTHER Cisco DPQ3939 denial of service attempt (server-other.rules)
 * 3:38244 <-> ENABLED <-> EXPLOIT-KIT Angler exploit kit Flash exploit file download (exploit-kit.rules)
 * 3:38245 <-> ENABLED <-> EXPLOIT-KIT Angler exploit kit Flash exploit file download (exploit-kit.rules)
 * 3:38285 <-> ENABLED <-> EXPLOIT-KIT Angler exploit kit Flash exploit file download attempt (exploit-kit.rules)
 * 3:38302 <-> ENABLED <-> SERVER-OTHER Cisco IOS DHCPv6 relay denial of service attempt (server-other.rules)
 * 3:38346 <-> ENABLED <-> OS-LINUX Linux kernel SCTP INIT null pointer dereference attempt (os-linux.rules)
 * 3:38347 <-> ENABLED <-> FILE-EXECUTABLE PHP libmagic PE out of bounds memory access attempt (file-executable.rules)
 * 3:38397 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Infrastructure API authentication bypass attempt (server-webapp.rules)
 * 3:38399 <-> ENABLED <-> SERVER-WEBAPP Cisco TelePresence Server denial of service attempt (server-webapp.rules)
 * 3:38400 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Infrastructure API credentials enumeration attempt (server-webapp.rules)
 * 3:38543 <-> ENABLED <-> SERVER-WEBAPP Cisco UCS Central Web Framework remote file include attempt (server-webapp.rules)
 * 3:38544 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-CAN-0121 attack attempt (server-other.rules)
 * 3:38590 <-> ENABLED <-> SERVER-OTHER Cisco Wireless LAN Controller mDNS denial of service attempt (server-other.rules)
 * 3:38591 <-> ENABLED <-> SERVER-WEBAPP Cisco WLAN Controller management interface denial of service attempt (server-webapp.rules)
 * 3:38671 <-> ENABLED <-> BROWSER-IE SFVRT-1021 attack attempt (browser-ie.rules)
 * 3:38672 <-> ENABLED <-> BROWSER-IE SFVRT-1021 attack attempt (browser-ie.rules)
 * 3:38735 <-> ENABLED <-> SERVER-WEBAPP Cisco TelePresence XML API authentication bypass attempt (server-webapp.rules)
 * 3:38736 <-> ENABLED <-> SERVER-WEBAPP Cisco TelePresence XML API authentication bypass attempt (server-webapp.rules)
 * 3:38737 <-> ENABLED <-> SERVER-WEBAPP Cisco TelePresence XML API authentication bypass attempt (server-webapp.rules)
 * 3:38738 <-> ENABLED <-> SERVER-WEBAPP Cisco TelePresence XML API authentication bypass attempt (server-webapp.rules)
 * 3:38739 <-> ENABLED <-> SERVER-WEBAPP Cisco TelePresence XML API authentication bypass attempt (server-webapp.rules)
 * 3:38740 <-> ENABLED <-> SERVER-WEBAPP Cisco TelePresence XML API authentication bypass attempt (server-webapp.rules)
 * 3:38741 <-> ENABLED <-> SERVER-WEBAPP Cisco TelePresence XML API authentication bypass attempt (server-webapp.rules)
 * 3:50037 <-> ENABLED <-> SERVER-WEBAPP Cisco Elastic Services Controller authentication bypass attempt (server-webapp.rules)
 * 3:50038 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0819 attack attempt (file-pdf.rules)
 * 3:50039 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0819 attack attempt (file-pdf.rules)
 * 3:50040 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0831 attack attempt (server-webapp.rules)
 * 3:50110 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0836 attack attempt (server-webapp.rules)
 * 3:50111 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0839 attack attempt (server-webapp.rules)
 * 3:50114 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0833 attack attempt (server-webapp.rules)
 * 3:50117 <-> ENABLED <-> SERVER-WEBAPP Cisco IOS XE Web UI command injection attempt (server-webapp.rules)
 * 3:50118 <-> ENABLED <-> SERVER-WEBAPP Cisco IOS XE Web UI command injection attempt (server-webapp.rules)
 * 3:50131 <-> ENABLED <-> PROTOCOL-SNMP Cisco Small Business Series Switches SNMP denial of service attempt (protocol-snmp.rules)
 * 3:50132 <-> ENABLED <-> FILE-OTHER Cisco WebEx Network Recording Player memory corruption attempt (file-other.rules)
 * 3:50133 <-> ENABLED <-> FILE-OTHER Cisco WebEx Network Recording Player memory corruption attempt (file-other.rules)
 * 3:50134 <-> ENABLED <-> SERVER-WEBAPP Cisco Video Surveillance Manager directory traversal attempt (server-webapp.rules)
 * 3:50135 <-> ENABLED <-> SERVER-WEBAPP Cisco Video Surveillance Manager directory traversal attempt (server-webapp.rules)
 * 3:50136 <-> ENABLED <-> SERVER-WEBAPP Cisco Video Surveillance Manager directory traversal attempt (server-webapp.rules)
 * 3:50265 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0842 attack attempt (file-image.rules)
 * 3:50266 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0842 attack attempt (file-image.rules)
 * 3:50269 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0843 attack attempt (file-image.rules)
 * 3:50270 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0843 attack attempt (file-image.rules)
 * 3:50273 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0841 attack attempt (file-image.rules)
 * 3:50274 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0841 attack attempt (file-image.rules)
 * 3:50295 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0845 attack attempt (file-other.rules)
 * 3:50296 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0845 attack attempt (file-other.rules)
 * 3:50320 <-> ENABLED <-> SERVER-OTHER Cisco Unified Communications Manager denial of service attempt (server-other.rules)
 * 3:50335 <-> ENABLED <-> SERVER-WEBAPP Cisco Industrial Network Director remote code execution attempt (server-webapp.rules)
 * 3:50427 <-> ENABLED <-> SERVER-WEBAPP Cisco IOS XE Web UI cross site request forgery attempt (server-webapp.rules)
 * 3:50469 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers denial of service attempt (server-webapp.rules)
 * 3:50470 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers denial of service attempt (server-webapp.rules)
 * 3:50471 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers denial of service attempt (server-webapp.rules)
 * 3:50472 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers denial of service attempt (server-webapp.rules)
 * 3:50485 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Service Catalog cross site scripting attempt (server-webapp.rules)
 * 3:50486 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Service Catalog cross site scripting attempt (server-webapp.rules)
 * 3:50487 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Service Catalog cross site scripting attempt (server-webapp.rules)
 * 3:50488 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Service Catalog cross site scripting attempt (server-webapp.rules)
 * 3:50489 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Service Catalog cross site request forgery attempt (server-webapp.rules)
 * 3:50492 <-> ENABLED <-> SERVER-WEBAPP Cisco SD-WAN Solution command injection attempt (server-webapp.rules)
 * 3:50502 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0848 attack attempt (file-other.rules)
 * 3:50503 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0848 attack attempt (file-other.rules)
 * 3:50512 <-> ENABLED <-> SERVER-WEBAPP Cisco Data Center Network Manager authentication bypass attempt (server-webapp.rules)
 * 3:50513 <-> ENABLED <-> SERVER-WEBAPP Cisco Data Center Network Manager arbitrary WAR file upload attempt (server-webapp.rules)
 * 3:50514 <-> ENABLED <-> SERVER-WEBAPP Cisco Data Center Network Manager arbitrary file download attempt (server-webapp.rules)
 * 3:50515 <-> ENABLED <-> SERVER-WEBAPP Cisco Data Center Network Manager information disclosure attempt (server-webapp.rules)
 * 3:50516 <-> ENABLED <-> PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0849 attack attempt (protocol-other.rules)
 * 3:50622 <-> ENABLED <-> SERVER-WEBAPP Cisco Web Security Appliance denial of service attempt (server-webapp.rules)
 * 3:50623 <-> ENABLED <-> FILE-OTHER ZIP file directory traversal attempt (file-other.rules)
 * 3:50624 <-> ENABLED <-> FILE-OTHER ZIP file directory traversal attempt (file-other.rules)
 * 3:50637 <-> ENABLED <-> SERVER-WEBAPP Cisco Small Business Series Switches denial of service attempt (server-webapp.rules)
 * 3:50650 <-> ENABLED <-> SERVER-WEBAPP Cisco Enterprise NFV command injection attempt (server-webapp.rules)
 * 3:50651 <-> ENABLED <-> SERVER-WEBAPP Cisco Enterprise NFV command injection attempt (server-webapp.rules)
 * 3:50652 <-> ENABLED <-> SERVER-WEBAPP Cisco Enterprise NFV command injection attempt (server-webapp.rules)
 * 3:50653 <-> ENABLED <-> SERVER-WEBAPP Cisco Enterprise NFV command injection attempt (server-webapp.rules)
 * 3:50730 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0856 attack attempt (file-pdf.rules)
 * 3:50731 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0856 attack attempt (file-pdf.rules)
 * 3:50738 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0855 attack attempt (file-pdf.rules)
 * 3:50739 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0855 attack attempt (file-pdf.rules)
 * 3:50745 <-> ENABLED <-> SERVER-WEBAPP Cisco Vision Dynamic Signage Director authentication bypass attempt (server-webapp.rules)
 * 3:50746 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0859 attack attempt (server-webapp.rules)
 * 3:50747 <-> ENABLED <-> PROTOCOL-TFTP TRUFFLEHUNTER TALOS-2019-0851 attack attempt (protocol-tftp.rules)
 * 3:50755 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0858 attack attempt (server-webapp.rules)
 * 3:50756 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0858 attack attempt (server-webapp.rules)
 * 3:50757 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0858 attack attempt (server-webapp.rules)
 * 3:50758 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0858 attack attempt (server-webapp.rules)
 * 3:50759 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0858 attack attempt (server-webapp.rules)
 * 3:50760 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0858 attack attempt (server-webapp.rules)
 * 3:50770 <-> ENABLED <-> PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0854 attack attempt (protocol-other.rules)
 * 3:50774 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0852 attack attempt (file-other.rules)
 * 3:50775 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0852 attack attempt (file-other.rules)
 * 3:50782 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0861 attack attempt (server-webapp.rules)
 * 3:50783 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0861 attack attempt (server-webapp.rules)
 * 3:50784 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0861 attack attempt (server-webapp.rules)
 * 3:50785 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0861 attack attempt (server-webapp.rules)
 * 3:50786 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2019-0872 attack attempt (protocol-scada.rules)
 * 3:50787 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2019-0869 attack attempt (protocol-scada.rules)
 * 3:50788 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2019-0862 attack attempt (protocol-scada.rules)
 * 3:50789 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2019-0862 attack attempt (protocol-scada.rules)
 * 3:50790 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2019-0863 attack attempt (protocol-scada.rules)
 * 3:50791 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2019-0873 attack attempt (protocol-scada.rules)
 * 3:50792 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2019-0874 attack attempt (protocol-scada.rules)
 * 3:50793 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2019-0871 attack attempt (protocol-scada.rules)
 * 3:50797 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2019-0870 attack attempt (protocol-scada.rules)
 * 3:50803 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2019-0866 attack attempt (protocol-scada.rules)
 * 3:50804 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2019-0866 attack attempt (policy-other.rules)
 * 3:50805 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2019-0868 attack attempt (policy-other.rules)
 * 3:50806 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0875 attack attempt (file-image.rules)
 * 3:50807 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0875 attack attempt (file-image.rules)
 * 3:50824 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0876 attack attempt (file-image.rules)
 * 3:50825 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0876 attack attempt (file-image.rules)
 * 3:50826 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0876 attack attempt (file-image.rules)
 * 3:50827 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0876 attack attempt (file-image.rules)
 * 3:50842 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0878 attack attempt (file-image.rules)
 * 3:50843 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0878 attack attempt (file-image.rules)
 * 3:50844 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0878 attack attempt (file-image.rules)
 * 3:50845 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0878 attack attempt (file-image.rules)
 * 3:50857 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2019-0877 attack attempt (server-other.rules)
 * 3:50864 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0880 attack attempt (file-image.rules)
 * 3:50865 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0880 attack attempt (file-image.rules)
 * 3:50866 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0880 attack attempt (file-image.rules)
 * 3:50867 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0880 attack attempt (file-image.rules)
 * 3:50868 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0881 attack attempt (file-image.rules)
 * 3:50869 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0881 attack attempt (file-image.rules)
 * 3:50897 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0884 attack attempt (file-image.rules)
 * 3:50898 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0884 attack attempt (file-image.rules)
 * 3:50899 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2019-0882 attack attempt (server-other.rules)
 * 3:50902 <-> ENABLED <-> POLICY-OTHER Cisco ASA running configuration download request detected (policy-other.rules)
 * 3:50903 <-> ENABLED <-> SERVER-WEBAPP Cisco UCS Director command injection attempt (server-webapp.rules)
 * 3:50904 <-> ENABLED <-> FILE-OTHER Cisco WebEx Network Recording Player memory corruption attempt (file-other.rules)
 * 3:50905 <-> ENABLED <-> FILE-OTHER Cisco WebEx Network Recording Player memory corruption attempt (file-other.rules)
 * 3:50906 <-> ENABLED <-> FILE-OTHER Cisco WebEx Network Recording Player memory corruption attempt (file-other.rules)
 * 3:50907 <-> ENABLED <-> FILE-OTHER Cisco WebEx Network Recording Player memory corruption attempt (file-other.rules)
 * 3:50908 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2019-0885 attack attempt (server-other.rules)
 * 3:50909 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2019-0883 attack attempt (server-other.rules)
 * 3:51111 <-> ENABLED <-> OS-OTHER VxWorks TCP URG memory corruption attempt (os-other.rules)
 * 3:51123 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2019-0886 attack attempt (file-office.rules)
 * 3:51124 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2019-0886 attack attempt (file-office.rules)
 * 3:51164 <-> ENABLED <-> SERVER-WEBAPP Cisco Integrated Management Controller Redfish API command injection attempt (server-webapp.rules)
 * 3:51173 <-> ENABLED <-> SERVER-WEBAPP Cisco UCS Director authentication bypass attempt (server-webapp.rules)
 * 3:51180 <-> ENABLED <-> SERVER-OTHER Cisco Integrated Management Controller IPMI command injection attempt (server-other.rules)
 * 3:51187 <-> ENABLED <-> SERVER-WEBAPP Cisco Integrated Management Controller buffer overflow attempt (server-webapp.rules)
 * 3:51188 <-> ENABLED <-> SERVER-WEBAPP Cisco Integrated Management Controller command injection attempt (server-webapp.rules)
 * 3:51189 <-> ENABLED <-> SERVER-WEBAPP Cisco Integrated Management Controller command injection attempt (server-webapp.rules)
 * 3:51193 <-> ENABLED <-> SERVER-WEBAPP Cisco Integrated Management Controller command injection attempt (server-webapp.rules)
 * 3:51194 <-> ENABLED <-> SERVER-WEBAPP Cisco Integrated Management Controller command injection attempt (server-webapp.rules)
 * 3:51195 <-> ENABLED <-> SERVER-WEBAPP Cisco Integrated Management Controller command injection attempt (server-webapp.rules)
 * 3:51198 <-> ENABLED <-> SERVER-WEBAPP Cisco Integrated Management Controller denial of service attempt (server-webapp.rules)
 * 3:51199 <-> ENABLED <-> SERVER-WEBAPP Cisco Integrated Management Controller denial of service attempt (server-webapp.rules)
 * 3:51200 <-> ENABLED <-> POLICY-OTHER Cisco UCS Director Intersight API unauthenticated request detected (policy-other.rules)
 * 3:51201 <-> ENABLED <-> SERVER-WEBAPP Cisco Integrated Management Controller authentication bypass attempt (server-webapp.rules)
 * 3:51293 <-> ENABLED <-> SERVER-WEBAPP Cisco 220 Series Smart Switches stack buffer overflow attempt (server-webapp.rules)
 * 3:51294 <-> ENABLED <-> SERVER-WEBAPP Cisco 220 Series Smart Switches stack buffer overflow attempt (server-webapp.rules)
 * 3:51295 <-> ENABLED <-> SERVER-WEBAPP Cisco 220 Series Smart Switches stack buffer overflow attempt (server-webapp.rules)
 * 3:51298 <-> ENABLED <-> POLICY-OTHER Cisco 220 Series Smart Switches unauthenticated request detected (policy-other.rules)
 * 3:51299 <-> ENABLED <-> POLICY-OTHER Cisco 220 Series Smart Switches unauthenticated request detected (policy-other.rules)
 * 3:51300 <-> ENABLED <-> POLICY-OTHER Cisco 220 Series Smart Switches unauthenticated request detected (policy-other.rules)
 * 3:51306 <-> ENABLED <-> SERVER-WEBAPP Cisco 220 Series Smart Switches command injection attempt (server-webapp.rules)
 * 3:51307 <-> ENABLED <-> SERVER-WEBAPP Cisco 220 Series Smart Switches command injection attempt (server-webapp.rules)
 * 3:51308 <-> ENABLED <-> SERVER-WEBAPP Cisco 220 Series Smart Switches command injection attempt (server-webapp.rules)
 * 3:51355 <-> ENABLED <-> SERVER-WEBAPP Cisco IOS XE REST API information disclosure attempt (server-webapp.rules)
 * 3:51365 <-> ENABLED <-> SERVER-WEBAPP Cisco NX-OS Software NX-API denial of service attempt (server-webapp.rules)
 * 3:51366 <-> ENABLED <-> SERVER-WEBAPP Cisco NX-OS Software NX-API denial of service attempt (server-webapp.rules)
 * 3:51367 <-> ENABLED <-> SERVER-WEBAPP Cisco NX-OS Software NX-API denial of service attempt (server-webapp.rules)
 * 3:51369 <-> ENABLED <-> OS-WINDOWS Microsoft Windows RDP DecompressUnchopper integer overflow attempt (os-windows.rules)
 * 3:51414 <-> ENABLED <-> POLICY-OTHER Cisco Industrial Network Director unauthenticated configuration request detected (policy-other.rules)
 * 3:51447 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0891 attack attempt (file-image.rules)
 * 3:51448 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0891 attack attempt (file-image.rules)
 * 3:51461 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0890 attack attempt (file-other.rules)
 * 3:51462 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0890 attack attempt (file-other.rules)
 * 3:51530 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0892 attack attempt (file-image.rules)
 * 3:51531 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0892 attack attempt (file-image.rules)
 * 3:51587 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0911 attack attempt (server-webapp.rules)
 * 3:51588 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0911 attack attempt (server-webapp.rules)
 * 3:51589 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0911 attack attempt (server-webapp.rules)
 * 3:51590 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0910 attack attempt (server-webapp.rules)
 * 3:51591 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0910 attack attempt (server-webapp.rules)
 * 3:51592 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0910 attack attempt (server-webapp.rules)
 * 3:51597 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0908 attack attempt (server-webapp.rules)
 * 3:51598 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0908 attack attempt (server-webapp.rules)
 * 3:51599 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0908 attack attempt (server-webapp.rules)
 * 3:51600 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0907 attack attempt (server-webapp.rules)
 * 3:51601 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0907 attack attempt (server-webapp.rules)
 * 3:51602 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0907 attack attempt (server-webapp.rules)
 * 3:51605 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0906 attack attempt (server-webapp.rules)
 * 3:51606 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0906 attack attempt (server-webapp.rules)
 * 3:51607 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0906 attack attempt (server-webapp.rules)
 * 3:51608 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0905 attack attempt (server-webapp.rules)
 * 3:51609 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0905 attack attempt (server-webapp.rules)
 * 3:51610 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0905 attack attempt (server-webapp.rules)
 * 3:51611 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0904 attack attempt (server-webapp.rules)
 * 3:51612 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0904 attack attempt (server-webapp.rules)
 * 3:51613 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0904 attack attempt (server-webapp.rules)
 * 3:51614 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0903 attack attempt (server-webapp.rules)
 * 3:51615 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0903 attack attempt (server-webapp.rules)
 * 3:51616 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0903 attack attempt (server-webapp.rules)
 * 3:51617 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0902 attack attempt (server-webapp.rules)
 * 3:51618 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0902 attack attempt (server-webapp.rules)
 * 3:51619 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0902 attack attempt (server-webapp.rules)
 * 3:51622 <-> ENABLED <-> SERVER-WEBAPP Cisco IOS XE Web UI command injection attempt (server-webapp.rules)
 * 3:51623 <-> ENABLED <-> SERVER-WEBAPP Cisco IOS XE Web UI command injection attempt (server-webapp.rules)
 * 3:51624 <-> ENABLED <-> SERVER-WEBAPP Cisco IOS XE Web UI command injection attempt (server-webapp.rules)
 * 3:51625 <-> ENABLED <-> SERVER-WEBAPP Cisco IOS XE Web UI command injection attempt (server-webapp.rules)
 * 3:51626 <-> ENABLED <-> PROTOCOL-VOIP Cisco IOS SIP denial of service attempt (protocol-voip.rules)
 * 3:51627 <-> ENABLED <-> PROTOCOL-VOIP Cisco IOS SIP denial of service attempt (protocol-voip.rules)
 * 3:51628 <-> ENABLED <-> POLICY-OTHER Cisco IOS Layer 2 Traceroute vlan enumeration detected (policy-other.rules)
 * 3:51645 <-> ENABLED <-> SERVER-OTHER Cisco IOx invalid TLS handshake type denial of service attempt (server-other.rules)
 * 3:51646 <-> ENABLED <-> SERVER-OTHER Cisco IOS XE FTP Application Layer Gateway denial of service attempt (server-other.rules)
 * 3:51650 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2019-0898 attack attempt (policy-other.rules)
 * 3:51651 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2019-0896 attack attempt (policy-other.rules)
 * 3:51652 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0894 attack attempt (server-webapp.rules)
 * 3:51665 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0913 attack attempt (file-other.rules)
 * 3:51666 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0913 attack attempt (file-other.rules)
 * 3:51673 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2019-0912 attack attempt (file-multimedia.rules)
 * 3:51674 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2019-0912 attack attempt (file-multimedia.rules)
 * 3:51675 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2019-0912 attack attempt (file-multimedia.rules)
 * 3:51676 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2019-0912 attack attempt (file-multimedia.rules)
 * 3:51677 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2019-0912 attack attempt (file-multimedia.rules)
 * 3:51678 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2019-0912 attack attempt (file-multimedia.rules)
 * 3:51679 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2019-0912 attack attempt (file-multimedia.rules)
 * 3:51680 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2019-0912 attack attempt (file-multimedia.rules)
 * 3:51684 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0914 attack attempt (server-webapp.rules)
 * 3:51687 <-> ENABLED <-> SERVER-WEBAPP Cisco Firepower Management Center SQL injection attempt (server-webapp.rules)
 * 3:51688 <-> ENABLED <-> SERVER-WEBAPP Cisco Firepower Management Center SQL injection attempt (server-webapp.rules)
 * 3:51689 <-> ENABLED <-> SERVER-WEBAPP Cisco Firepower Management Center SQL injection attempt (server-webapp.rules)
 * 3:51690 <-> ENABLED <-> SERVER-WEBAPP Cisco Firepower Management Center SQL injection attempt (server-webapp.rules)
 * 3:51691 <-> ENABLED <-> SERVER-WEBAPP Cisco Firepower Management Center SQL injection attempt (server-webapp.rules)
 * 3:51692 <-> ENABLED <-> SERVER-WEBAPP Cisco Firepower Management Center SQL injection attempt (server-webapp.rules)
 * 3:51693 <-> ENABLED <-> SERVER-WEBAPP Cisco Firepower Management Center SQL injection attempt (server-webapp.rules)
 * 3:51694 <-> ENABLED <-> SERVER-WEBAPP Cisco Firepower Management Center SQL injection attempt (server-webapp.rules)
 * 3:51695 <-> ENABLED <-> SERVER-WEBAPP Cisco Firepower Management Center SQL injection attempt (server-webapp.rules)
 * 3:51696 <-> ENABLED <-> SERVER-WEBAPP Cisco Firepower Management Center SQL injection attempt (server-webapp.rules)
 * 3:51697 <-> ENABLED <-> SERVER-WEBAPP Cisco Firepower Management Center SQL injection attempt (server-webapp.rules)
 * 3:51698 <-> ENABLED <-> SERVER-WEBAPP Cisco Firepower Management Center SQL injection attempt (server-webapp.rules)
 * 3:51699 <-> ENABLED <-> SERVER-WEBAPP Cisco Firepower Management Center SQL injection attempt (server-webapp.rules)
 * 3:51932 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0916 attack attempt (file-image.rules)
 * 3:51933 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0916 attack attempt (file-image.rules)
 * 3:51934 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0916 attack attempt (file-image.rules)
 * 3:51935 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0916 attack attempt (file-image.rules)
 * 3:51936 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0916 attack attempt (file-image.rules)
 * 3:51937 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0916 attack attempt (file-image.rules)
 * 3:51938 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0916 attack attempt (file-image.rules)
 * 3:51948 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2019-0918 attack attempt (policy-other.rules)
 * 3:51949 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0935 attack attempt (file-pdf.rules)
 * 3:51950 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0935 attack attempt (file-pdf.rules)
 * 3:51951 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0920 attack attempt (file-pdf.rules)
 * 3:51952 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0920 attack attempt (file-pdf.rules)
 * 3:52008 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0936 attack attempt (file-other.rules)
 * 3:52009 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0936 attack attempt (file-other.rules)
 * 3:52010 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0930 attack attempt (server-webapp.rules)
 * 3:52011 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0930 attack attempt (server-webapp.rules)
 * 3:52012 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2019-0927 attack attempt (policy-other.rules)
 * 3:52013 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0929 attack attempt (server-webapp.rules)
 * 3:52014 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0929 attack attempt (server-webapp.rules)
 * 3:52015 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0931 attack attempt (server-webapp.rules)
 * 3:52016 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0931 attack attempt (server-webapp.rules)
 * 3:52017 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0931 attack attempt (server-webapp.rules)
 * 3:52018 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0931 attack attempt (server-webapp.rules)
 * 3:52020 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0933 attack attempt (file-image.rules)
 * 3:52021 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0933 attack attempt (file-image.rules)
 * 3:52023 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0923 attack attempt (server-webapp.rules)
 * 3:52024 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2019-0932 attack attempt (server-other.rules)
 * 3:52025 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2019-0932 attack attempt (server-other.rules)
 * 3:52046 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0934 attack attempt (file-pdf.rules)
 * 3:52047 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0934 attack attempt (file-pdf.rules)
 * 3:52048 <-> ENABLED <-> BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2019-0943 attack attempt (browser-webkit.rules)
 * 3:52049 <-> ENABLED <-> BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2019-0943 attack attempt (browser-webkit.rules)
 * 3:52050 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0937 attack attempt (file-other.rules)
 * 3:52051 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0937 attack attempt (file-other.rules)
 * 3:52053 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0921 attack attempt (file-image.rules)
 * 3:52054 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0921 attack attempt (file-image.rules)
 * 3:52058 <-> ENABLED <-> FILE-EXECUTABLE Norton Antivirus ASPack heap corruption attempt (file-executable.rules)
 * 3:52082 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0945 attack attempt (file-image.rules)
 * 3:52083 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0945 attack attempt (file-image.rules)
 * 3:52086 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2019-0944 attack attempt (policy-other.rules)
 * 3:52095 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2019-0946 attack attempt (file-multimedia.rules)
 * 3:52096 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2019-0946 attack attempt (file-multimedia.rules)
 * 3:13511 <-> ENABLED <-> SERVER-OTHER Novell eDirectory EventsRequest invalid event count exploit attempt (server-other.rules)
 * 3:13582 <-> ENABLED <-> FILE-OFFICE Microsoft Excel sst record arbitrary code execution attempt (file-office.rules)
 * 3:13666 <-> ENABLED <-> OS-WINDOWS Microsoft Windows GDI integer overflow attempt (os-windows.rules)
 * 3:13667 <-> ENABLED <-> PROTOCOL-DNS dns cache poisoning attempt (protocol-dns.rules)
 * 3:13676 <-> ENABLED <-> OS-WINDOWS Microsoft Windows GDI emf filename buffer overflow attempt (os-windows.rules)
 * 3:13718 <-> ENABLED <-> SERVER-MAIL BDAT buffer overflow attempt (server-mail.rules)
 * 3:13773 <-> ENABLED <-> OS-LINUX linux kernel snmp nat netfilter memory corruption attempt (os-linux.rules)
 * 3:13790 <-> ENABLED <-> FILE-OFFICE Microsoft Word malformed css remote code execution attempt (file-office.rules)
 * 3:13798 <-> ENABLED <-> OS-WINDOWS Microsoft malware protection engine denial of service attempt (os-windows.rules)
 * 3:13802 <-> ENABLED <-> OS-WINDOWS Microsoft malware protection engine denial of service attempt (os-windows.rules)
 * 3:13803 <-> ENABLED <-> FILE-OFFICE RTF control word overflow attempt (file-office.rules)
 * 3:13825 <-> ENABLED <-> OS-WINDOWS Microsoft PGM fragment denial of service attempt (os-windows.rules)
 * 3:13826 <-> ENABLED <-> OS-WINDOWS Microsoft WINS arbitrary memory modification attempt (os-windows.rules)
 * 3:13835 <-> ENABLED <-> OS-WINDOWS Microsoft Active Directory LDAP cookie denial of service attempt (os-windows.rules)
 * 3:13879 <-> ENABLED <-> OS-WINDOWS Windows BMP image conversion arbitrary code execution attempt (os-windows.rules)
 * 3:13887 <-> ENABLED <-> PROTOCOL-DNS dns root nameserver poisoning attempt (protocol-dns.rules)
 * 3:13897 <-> ENABLED <-> FILE-MULTIMEDIA Apple Quicktime crgn atom parsing stack buffer overflow attempt (file-multimedia.rules)
 * 3:13921 <-> ENABLED <-> SERVER-MAIL Altrium Software MERCUR IMAPD NTLMSSP command handling memory corruption attempt (server-mail.rules)
 * 3:13946 <-> ENABLED <-> FILE-IMAGE Apple PICT/Quickdraw image converter packType 4 buffer overflow exploit attempt (file-image.rules)
 * 3:13947 <-> ENABLED <-> FILE-IMAGE Apple PICT/Quickdraw image converter packType 3 buffer overflow exploit attempt (file-image.rules)
 * 3:13954 <-> ENABLED <-> OS-WINDOWS Microsoft Color Management System EMF file processing overflow attempt (os-windows.rules)
 * 3:13958 <-> ENABLED <-> FILE-OFFICE WordPerfect Graphics file invalid RLE buffer overflow attempt (file-office.rules)
 * 3:13969 <-> ENABLED <-> FILE-OFFICE Powerpoint Viewer malformed msoDrawing property table buffer overflow attempt (file-office.rules)
 * 3:14251 <-> ENABLED <-> OS-WINDOWS Microsoft GDI malformed metarecord buffer overflow attempt (os-windows.rules)
 * 3:14252 <-> ENABLED <-> FILE-MULTIMEDIA Windows Media Player malicious playlist buffer overflow attempt (file-multimedia.rules)
 * 3:14253 <-> ENABLED <-> FILE-MULTIMEDIA Windows Media Player malicious playlist buffer overflow attempt (file-multimedia.rules)
 * 3:14254 <-> ENABLED <-> FILE-MULTIMEDIA Windows Media Player malicious playlist buffer overflow attempt (file-multimedia.rules)
 * 3:14260 <-> ENABLED <-> OS-WINDOWS Microsoft Windows GDI+ GIF image invalid number of extension blocks buffer overflow attempt (os-windows.rules)
 * 3:14263 <-> ENABLED <-> POLICY-SOCIAL Pidgin MSN MSNP2P message integer overflow attempt (policy-social.rules)
 * 3:14646 <-> ENABLED <-> OS-WINDOWS Active Directory malformed baseObject denial of service attempt (os-windows.rules)
 * 3:14655 <-> ENABLED <-> FILE-OFFICE Excel rept integer underflow attempt (file-office.rules)
 * 3:14772 <-> ENABLED <-> FILE-IMAGE libpng malformed chunk denial of service attempt (file-image.rules)
 * 3:15009 <-> ENABLED <-> OS-WINDOWS possible SMB replay attempt - overlapping encryption keys detected (os-windows.rules)
 * 3:15117 <-> ENABLED <-> FILE-OFFICE Microsoft Excel malformed OBJ record arbitrary code execution attempt (file-office.rules)
 * 3:15124 <-> ENABLED <-> OS-WINDOWS Web-based NTLM replay attack attempt (os-windows.rules)
 * 3:15125 <-> ENABLED <-> FILE-OFFICE Microsoft Word rich text file unpaired dpendgroup exploit attempt (file-office.rules)
 * 3:15148 <-> ENABLED <-> SERVER-OTHER Microsoft SMS remote control client message length denial of service attempt (server-other.rules)
 * 3:15149 <-> ENABLED <-> SERVER-ORACLE Oracle Internet Directory pre-auth ldap denial of service attempt (server-oracle.rules)
 * 3:15298 <-> ENABLED <-> FILE-OFFICE Microsoft Visio could allow remote code execution (file-office.rules)
 * 3:15300 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer EMF polyline overflow attempt (browser-ie.rules)
 * 3:15301 <-> ENABLED <-> SERVER-MAIL Exchange compressed RTF remote code execution attempt (server-mail.rules)
 * 3:15327 <-> ENABLED <-> PROTOCOL-DNS libspf2 DNS TXT record parsing buffer overflow attempt (protocol-dns.rules)
 * 3:15328 <-> ENABLED <-> FILE-JAVA Sun JDK image parsing library ICC buffer overflow attempt (file-java.rules)
 * 3:15329 <-> ENABLED <-> SERVER-MAIL Microsoft Exchange MODPROPS memory corruption attempt (server-mail.rules)
 * 3:15365 <-> ENABLED <-> FILE-OFFICE Microsoft Excel extrst record arbitrary code excecution attempt (file-office.rules)
 * 3:15433 <-> ENABLED <-> FILE-OTHER Winamp MAKI parsing integer overflow attempt (file-other.rules)
 * 3:15449 <-> ENABLED <-> MALWARE-OTHER Conficker A/B DNS traffic detected (malware-other.rules)
 * 3:15450 <-> ENABLED <-> MALWARE-OTHER Conficker C/D DNS traffic detected (malware-other.rules)
 * 3:15453 <-> ENABLED <-> OS-WINDOWS SMB replay attempt via NTLMSSP - overlapping encryption keys detected (os-windows.rules)
 * 3:15454 <-> ENABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed msofbtTextbox exploit attempt (file-office.rules)
 * 3:15465 <-> ENABLED <-> FILE-OFFICE Microsoft Excel malformed object record remote code execution attempt (file-office.rules)
 * 3:15474 <-> ENABLED <-> SERVER-OTHER Microsoft ISA Server and Forefront Threat Management Gateway invalid RST denial of service attempt (server-other.rules)
 * 3:15519 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel BRAI record remote code execution attempt (file-office.rules)
 * 3:15521 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel ExternSheet record remote code execution attempt (file-office.rules)
 * 3:15734 <-> ENABLED <-> PROTOCOL-DNS BIND named 9 dynamic update message remote dos attempt (protocol-dns.rules)
 * 3:15847 <-> ENABLED <-> OS-WINDOWS Telnet-based NTLM replay attack attempt (os-windows.rules)
 * 3:15848 <-> ENABLED <-> OS-WINDOWS WINS replication request memory corruption attempt (os-windows.rules)
 * 3:15857 <-> ENABLED <-> FILE-MULTIMEDIA Microsoft Windows AVIFile media file invalid header length (file-multimedia.rules)
 * 3:15912 <-> ENABLED <-> OS-WINDOWS TCP window closed before receiving data (os-windows.rules)
 * 3:15920 <-> ENABLED <-> FILE-MULTIMEDIA Microsoft mp3 malformed APIC header RCE attempt (file-multimedia.rules)
 * 3:15959 <-> ENABLED <-> SERVER-IIS Microsoft ASP.NET viewstate DoS attempt (server-iis.rules)
 * 3:15968 <-> ENABLED <-> SERVER-OTHER LANDesk Management Suite QIP service heal packet buffer overflow attempt (server-other.rules)
 * 3:15973 <-> ENABLED <-> SERVER-OTHER Novell eDirectory LDAP null search parameter buffer overflow attempt (server-other.rules)
 * 3:15975 <-> ENABLED <-> FILE-IMAGE OpenOffice TIFF file in little endian format parsing integer overflow attempt (file-image.rules)
 * 3:15976 <-> ENABLED <-> FILE-IMAGE OpenOffice TIFF file in big endian format parsing integer overflow attempt (file-image.rules)
 * 3:16222 <-> ENABLED <-> FILE-IMAGE Malformed BMP dimensions arbitrary code execution attempt (file-image.rules)
 * 3:16230 <-> ENABLED <-> FILE-OFFICE Microsoft Excel oversized ib memory corruption attempt (file-office.rules)
 * 3:16232 <-> ENABLED <-> OS-WINDOWS Windows TrueType font file parsing integer overflow attempt (os-windows.rules)
 * 3:16343 <-> ENABLED <-> FILE-PDF obfuscated header in PDF (file-pdf.rules)
 * 3:16370 <-> ENABLED <-> FILE-PDF Adobe Reader JP2C Region Atom CompNum memory corruption attempt (file-pdf.rules)
 * 3:16375 <-> ENABLED <-> SERVER-OTHER LDAP object parameter name buffer overflow attempt (server-other.rules)
 * 3:16394 <-> ENABLED <-> OS-WINDOWS Active Directory Kerberos referral TGT renewal DoS attempt (os-windows.rules)
 * 3:16396 <-> ENABLED <-> NETBIOS SMB server srvnet.sys driver race condition attempt (netbios.rules)
 * 3:16408 <-> ENABLED <-> OS-WINDOWS Microsoft Windows TCP SACK invalid range denial of service attempt (os-windows.rules)
 * 3:16530 <-> ENABLED <-> OS-WINDOWS CAB SIP authenticode alteration attempt (os-windows.rules)
 * 3:16531 <-> ENABLED <-> NETBIOS SMB client TRANS response ring0 remote code execution attempt (netbios.rules)
 * 3:16532 <-> ENABLED <-> NETBIOS SMB client TRANS response ring0 remote code execution attempt (netbios.rules)
 * 3:16533 <-> ENABLED <-> OS-WINDOWS Microsoft Windows ISATAP-addressed IPv6 traffic spoofing attempt (os-windows.rules)
 * 3:16649 <-> ENABLED <-> FILE-OFFICE Microsoft Excel HFPicture record stack buffer overflow attempt (file-office.rules)
 * 3:16662 <-> ENABLED <-> FILE-OFFICE Microsoft Excel SxView heap overflow attempt (file-office.rules)
 * 3:16728 <-> ENABLED <-> NETBIOS Samba SMB1 chain_reply function memory corruption attempt (netbios.rules)
 * 3:17242 <-> ENABLED <-> FILE-MULTIMEDIA Windows Media Player ASF file arbitrary code execution attempt (file-multimedia.rules)
 * 3:17251 <-> ENABLED <-> FILE-OFFICE Outlook RTF remote code execution attempt (file-office.rules)
 * 3:17300 <-> ENABLED <-> FILE-MULTIMEDIA MPlayer demux_open_vqf TwinVQ file handling buffer overflow attempt (file-multimedia.rules)
 * 3:17608 <-> ENABLED <-> FILE-MULTIMEDIA Apple QuickTime color table atom movie file handling heap corruption attempt (file-multimedia.rules)
 * 3:17632 <-> ENABLED <-> PROTOCOL-SNMP Castle Rock Computing SNMPc Network Manager community string attempted stack overflow (protocol-snmp.rules)
 * 3:17647 <-> ENABLED <-> FILE-FLASH Adobe Flash Player multimedia file DefineSceneAndFrameLabelData code execution attempt (file-flash.rules)
 * 3:17665 <-> ENABLED <-> FILE-OFFICE OpenOffice Word document table parsing multiple heap based buffer overflow attempt (file-office.rules)
 * 3:17693 <-> ENABLED <-> SERVER-MAIL MailEnable NTLM Authentication buffer overflow attempt (server-mail.rules)
 * 3:17697 <-> ENABLED <-> POLICY-SOCIAL GnuPG Message Packet Length overflow attempt (policy-social.rules)
 * 3:17699 <-> ENABLED <-> PROTOCOL-SNMP Multiple vendor SNMPv3 HMAC handling authentication bypass attempt (protocol-snmp.rules)
 * 3:17700 <-> ENABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer wav chunk string overflow attempt (file-multimedia.rules)
 * 3:17741 <-> ENABLED <-> SERVER-OTHER MIT Kerberos ASN.1 asn1_decode_generaltime uninitialized pointer reference attempt (server-other.rules)
 * 3:17762 <-> ENABLED <-> FILE-OFFICE Microsoft Excel corrupted TABLE record clean up exploit attempt (file-office.rules)
 * 3:17765 <-> ENABLED <-> OS-WINDOWS OpenType Font file parsing buffer overflow attempt (os-windows.rules)
 * 3:17775 <-> ENABLED <-> INDICATOR-SHELLCODE Shikata Ga Nai x86 polymorphic shellcode decoder detected (indicator-shellcode.rules)
 * 3:18063 <-> ENABLED <-> FILE-OFFICE Microsoft Office embedded Office Art drawings execution attempt (file-office.rules)
 * 3:18101 <-> ENABLED <-> SERVER-OTHER Sun Directory Server LDAP denial of service attempt (server-other.rules)
 * 3:18673 <-> ENABLED <-> OS-WINDOWS Microsoft Fax Cover Page Editor heap corruption attempt (os-windows.rules)
 * 3:18676 <-> ENABLED <-> FILE-OFFICE Microsoft Office Excel DV record buffer overflow attempt (file-office.rules)
 * 3:18949 <-> ENABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed RecolorInfoAtom out of bounds read attempt (file-office.rules)
 * 3:19187 <-> ENABLED <-> PROTOCOL-DNS TMG Firewall Client long host entry exploit attempt (protocol-dns.rules)
 * 3:19350 <-> ENABLED <-> FILE-MULTIMEDIA Adobe Shockwave Player Director file FFFFFF88 record integer overflow attempt (file-multimedia.rules)
 * 3:20135 <-> ENABLED <-> SERVER-OTHER HP OpenView Storage Data Protector buffer overflow attempt (server-other.rules)
 * 3:20275 <-> ENABLED <-> NETBIOS DCERPC NCACN-IP-TCP spoolss NetShareEnumAll response overflow attempt (netbios.rules)
 * 3:20825 <-> ENABLED <-> SERVER-WEBAPP generic web server hashing collision attack (server-webapp.rules)
 * 3:21352 <-> ENABLED <-> OS-WINDOWS Microsoft Fax Cover Page Editor heap corruption attempt (os-windows.rules)
 * 3:21354 <-> ENABLED <-> PROTOCOL-DNS dns query - storing query and txid (protocol-dns.rules)
 * 3:21355 <-> ENABLED <-> PROTOCOL-DNS potential dns cache poisoning attempt - mismatched txid (protocol-dns.rules)
 * 3:21619 <-> ENABLED <-> OS-WINDOWS Microsoft Windows RemoteDesktop connect-initial pdu remote code execution attempt (os-windows.rules)
 * 3:22089 <-> ENABLED <-> FILE-OFFICE Microsoft RTF improper listoverride nesting attempt (file-office.rules)
 * 3:23039 <-> ENABLED <-> PROTOCOL-DNS Multiple vendor DNS message decompression denial of service attempt (protocol-dns.rules)
 * 3:23040 <-> ENABLED <-> PROTOCOL-DNS Multiple vendor DNS message decompression denial of service attempt (protocol-dns.rules)
 * 3:23180 <-> ENABLED <-> FILE-PDF obfuscated header in PDF attachment (file-pdf.rules)
 * 3:23608 <-> ENABLED <-> PROTOCOL-DNS dns zone transfer with zero-length rdata attempt (protocol-dns.rules)
 * 3:23847 <-> ENABLED <-> NETBIOS MS-RAP NetServerEnum2 read access violation attempt (netbios.rules)
 * 3:24595 <-> ENABLED <-> SERVER-ORACLE Oracle Reports Server information disclosure attempt (server-oracle.rules)
 * 3:24596 <-> ENABLED <-> SERVER-ORACLE Oracle Reports Servlet information disclosure attempt (server-oracle.rules)
 * 3:24597 <-> ENABLED <-> SERVER-ORACLE Oracle Reports Servlet information disclosure attempt (server-oracle.rules)
 * 3:24666 <-> ENABLED <-> FILE-OFFICE Excel invalid data item buffer overflow attempt (file-office.rules)
 * 3:24671 <-> ENABLED <-> OS-WINDOWS Microsoft Windows Explorer briefcase database memory corruption attempt (os-windows.rules)
 * 3:24971 <-> ENABLED <-> FILE-OTHER Microsoft Windows ATMFD Adobe font driver reserved command denial of service attempt (file-other.rules)
 * 3:24973 <-> ENABLED <-> NETBIOS SMB Trans2 FIND_FIRST2 response file name length overflow attempt (netbios.rules)
 * 3:26213 <-> ENABLED <-> EXPLOIT-KIT g01 exploit kit dns request - doesntexist.com (exploit-kit.rules)
 * 3:26214 <-> ENABLED <-> EXPLOIT-KIT g01 exploit kit dns request - dnsalias.com (exploit-kit.rules)
 * 3:26215 <-> ENABLED <-> EXPLOIT-KIT g01 exploit kit dns request - dynalias.com (exploit-kit.rules)
 * 3:10127 <-> ENABLED <-> OS-WINDOWS Microsoft IP Options denial of service (os-windows.rules)
 * 3:10161 <-> ENABLED <-> NETBIOS SMB write_andx overflow attempt (netbios.rules)
 * 3:10480 <-> ENABLED <-> SERVER-OTHER imail ldap buffer overflow exploit attempt (server-other.rules)
 * 3:11619 <-> ENABLED <-> SERVER-MYSQL MySQL COM_TABLE_DUMP Function Stack Overflow attempt (server-mysql.rules)
 * 3:11672 <-> ENABLED <-> BROWSER-OTHER Mozilla Network Security Services SSLv2 stack overflow attempt (browser-other.rules)
 * 3:12028 <-> ENABLED <-> SERVER-MAIL Microsoft Exchange Server MIME base64 decoding code execution attempt (server-mail.rules)
 * 3:12636 <-> ENABLED <-> PROTOCOL-NNTP XHDR buffer overflow attempt (protocol-nntp.rules)
 * 3:13308 <-> ENABLED <-> SERVER-APACHE Apache HTTP server auth_ldap logging function format string vulnerability (server-apache.rules)
 * 3:13417 <-> ENABLED <-> SERVER-OTHER Citrix MetaFrame IMA authentication processing buffer overflow attempt (server-other.rules)
 * 3:13418 <-> ENABLED <-> SERVER-OTHER IBM Tivoli Director LDAP server invalid DN message buffer overflow attempt (server-other.rules)
 * 3:13425 <-> ENABLED <-> SERVER-OTHER openldap server bind request denial of service attempt (server-other.rules)
 * 3:13469 <-> ENABLED <-> FILE-OFFICE Microsoft Word ole stream memory corruption attempt (file-office.rules)
 * 3:13475 <-> ENABLED <-> OS-WINDOWS Microsoft Active Directory LDAP denial of service attempt (os-windows.rules)
 * 3:13510 <-> ENABLED <-> SERVER-OTHER Novell eDirectory EventsRequest heap overflow attempt (server-other.rules)
 * 3:38745 <-> ENABLED <-> MALWARE-OTHER known phishing x-mailer attempt (malware-other.rules)
 * 3:38746 <-> ENABLED <-> MALWARE-CNC CTFMONv4 beacon attempt (malware-cnc.rules)
 * 3:38747 <-> ENABLED <-> MALWARE-CNC FF-RAT outbound connection attempt (malware-cnc.rules)
 * 3:38748 <-> ENABLED <-> MALWARE-CNC FF-RAT outbound connection attempt (malware-cnc.rules)
 * 3:38749 <-> ENABLED <-> MALWARE-CNC FF-RAT outbound connection attempt (malware-cnc.rules)
 * 3:38750 <-> ENABLED <-> MALWARE-CNC FF-RAT outbound connection attempt (malware-cnc.rules)
 * 3:38751 <-> ENABLED <-> MALWARE-CNC Jimini outbound connection attempt (malware-cnc.rules)
 * 3:38752 <-> ENABLED <-> MALWARE-CNC HILIGHT outbound connection attempt (malware-cnc.rules)
 * 3:38753 <-> ENABLED <-> MALWARE-CNC 1.php outbound connection attempt (malware-cnc.rules)
 * 3:38754 <-> ENABLED <-> MALWARE-CNC XDOT outbound connection attempt (malware-cnc.rules)
 * 3:38755 <-> ENABLED <-> MALWARE-CNC PlugX outbound connection attempt (malware-cnc.rules)
 * 3:38756 <-> ENABLED <-> MALWARE-CNC PlugX outbound communication attempt (malware-cnc.rules)
 * 3:38757 <-> ENABLED <-> MALWARE-CNC PlugX outbound communication attempt (malware-cnc.rules)
 * 3:38758 <-> ENABLED <-> FILE-FLASH Adobe Flash Player remote code execution attempt (file-flash.rules)
 * 3:38834 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Locky variant outbound connection attempt (malware-cnc.rules)
 * 3:38958 <-> ENABLED <-> SERVER-OTHER Cisco Web Security Appliance socket exhaustion denial of service attempt (server-other.rules)
 * 3:39065 <-> ENABLED <-> SERVER-OTHER Cisco IOS NX invalid ICMPv6 neighbor discovery hop limit denial of service attempt (server-other.rules)
 * 3:39082 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-CAN-0160 attack attempt (file-office.rules)
 * 3:39083 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-CAN-0160 attack attempt (file-office.rules)
 * 3:39118 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Network Analysis Module command injection attempt (server-webapp.rules)
 * 3:39119 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Network Analysis Module command injection attempt (server-webapp.rules)
 * 3:39120 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Network Analysis Module command injection attempt (server-webapp.rules)
 * 3:39121 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Network Analysis Module command injection attempt (server-webapp.rules)
 * 3:39122 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Network Analysis Module command injection attempt (server-webapp.rules)
 * 3:39123 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Network Analysis Module command injection attempt (server-webapp.rules)
 * 3:39124 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Network Analysis Module command injection attempt (server-webapp.rules)
 * 3:39125 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Network Analysis Module command injection attempt (server-webapp.rules)
 * 3:39126 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Network Analysis Module command injection attempt (server-webapp.rules)
 * 3:39127 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Network Analysis Module command injection attempt (server-webapp.rules)
 * 3:39303 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers command injection attempt (server-webapp.rules)
 * 3:39370 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Infrastructure API authentication bypass attempt (server-webapp.rules)
 * 3:39371 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Infrastructure API default credentials authentication attempt (server-webapp.rules)
 * 3:39379 <-> ENABLED <-> FILE-EXECUTABLE Norton Antivirus ASPack heap corruption attempt (file-executable.rules)
 * 3:39678 <-> ENABLED <-> SERVER-WEBAPP Cisco UCS Performance Manager command injection attempt (server-webapp.rules)
 * 3:39679 <-> ENABLED <-> SERVER-WEBAPP Cisco UCS Performance Manager command injection attempt (server-webapp.rules)
 * 3:39775 <-> ENABLED <-> EXPLOIT-KIT malicious script detected via RBF classifier (exploit-kit.rules)
 * 3:39790 <-> ENABLED <-> SERVER-WEBAPP Cisco RV180 VPN Router platform.cgi command injection attempt (server-webapp.rules)
 * 3:39791 <-> ENABLED <-> SERVER-WEBAPP Cisco RV180 VPN Router platform.cgi command injection attempt (server-webapp.rules)
 * 3:39792 <-> ENABLED <-> SERVER-WEBAPP Cisco RV180 VPN Router platform.cgi command injection attempt (server-webapp.rules)
 * 3:39793 <-> ENABLED <-> SERVER-WEBAPP Cisco RV180 VPN Router platform.cgi directory traversal attempt (server-webapp.rules)
 * 3:39794 <-> ENABLED <-> SERVER-WEBAPP Cisco RV180 VPN Router platform.cgi directory traversal attempt (server-webapp.rules)
 * 3:39795 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers insecure guest account login attempt (server-webapp.rules)
 * 3:39796 <-> ENABLED <-> PROTOCOL-VOIP Cisco Unified Communications Manager null pointer dereference attempt (protocol-voip.rules)
 * 3:39797 <-> ENABLED <-> PROTOCOL-VOIP Cisco Unified Communications Manager null pointer dereference attempt (protocol-voip.rules)
 * 3:39878 <-> ENABLED <-> SERVER-OTHER Cisco IOS truncated NTP packet processing denial of service attempt (server-other.rules)
 * 3:39885 <-> ENABLED <-> PROTOCOL-SNMP Cisco ASA SNMP OID parsing stack buffer overflow attempt (protocol-snmp.rules)
 * 3:39897 <-> ENABLED <-> SERVER-WEBAPP Cisco FirePOWER Management Center sajaxintf.cgi command injection attempt (server-webapp.rules)
 * 3:39898 <-> ENABLED <-> SERVER-WEBAPP Cisco FirePOWER Management Center pjb.cgi privilege escalation attempt (server-webapp.rules)
 * 3:39937 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-CAN-0194 attack attempt (file-pdf.rules)
 * 3:39938 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-CAN-0194 attack attempt (file-pdf.rules)
 * 3:39994 <-> ENABLED <-> PROTOCOL-SNMP Cisco SG200 Series SNMP request via undocumented community string attempt (protocol-snmp.rules)
 * 3:40006 <-> ENABLED <-> SERVER-OTHER Cisco Small Business SPA3x/5x series denial of service attempt (server-other.rules)
 * 3:40013 <-> ENABLED <-> FILE-OTHER Cisco WebEx Meetings Player arbitrary code execution attempt (file-other.rules)
 * 3:40014 <-> ENABLED <-> FILE-OTHER Cisco WebEx Meetings Player arbitrary code execution attempt (file-other.rules)
 * 3:40049 <-> ENABLED <-> SERVER-OTHER Cisco IOS PPTP control message response information disclosure detected (server-other.rules)
 * 3:40072 <-> ENABLED <-> MALWARE-CNC Cisco ASA backdoor installer inbound connection attempt (malware-cnc.rules)
 * 3:40130 <-> ENABLED <-> OS-WINDOWS Microsoft Windows GDI emf filename buffer overflow attempt (os-windows.rules)
 * 3:40131 <-> ENABLED <-> POLICY-OTHER Cisco Prime Collaboration Assurance session ID privilege escalation attempt (policy-other.rules)
 * 3:40239 <-> ENABLED <-> SERVER-OTHER Cisco WebEx meetings server denial of service attempt (server-other.rules)
 * 3:40240 <-> ENABLED <-> SERVER-WEBAPP Cisco WebEx Meetings Server config_dmz remote code execution attempt (server-webapp.rules)
 * 3:40257 <-> ENABLED <-> SERVER-WEBAPP Cisco Cloud Services Platform dnslookup command injection attempt (server-webapp.rules)
 * 3:40275 <-> ENABLED <-> SERVER-WEBAPP Cisco ESA internal testing interface access attempt (server-webapp.rules)
 * 3:40287 <-> ENABLED <-> SERVER-OTHER Cisco prime collaboration provisioning web framework access control bypass attempt (server-other.rules)
 * 3:40298 <-> ENABLED <-> PROTOCOL-VOIP Cisco IOS malformed H.450 PER data out of bounds read attempt (protocol-voip.rules)
 * 3:40299 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2016-0195 attack attempt (file-other.rules)
 * 3:40300 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2016-0195 attack attempt (file-other.rules)
 * 3:40303 <-> ENABLED <-> PROTOCOL-SCADA Cisco IOS CIP request parser out of bounds array access attempt (protocol-scada.rules)
 * 3:40304 <-> ENABLED <-> PROTOCOL-SCADA Cisco IOS CIP request parser out of bounds array access attempt (protocol-scada.rules)
 * 3:40343 <-> ENABLED <-> SERVER-OTHER Cisco NX-OS malformed BGP UPDATE denial of service attempt (server-other.rules)
 * 3:40498 <-> ENABLED <-> SERVER-WEBAPP Cisco ASA Crypto CA Server out of bounds read attempt (server-webapp.rules)
 * 3:40499 <-> ENABLED <-> SERVER-OTHER Cisco ASA NBSTAT response stack buffer overflow attempt (server-other.rules)
 * 3:40504 <-> ENABLED <-> SERVER-OTHER Cisco Snort HTTP chunked transfer encoding processing denial of service attempt (server-other.rules)
 * 3:40552 <-> ENABLED <-> SERVER-OTHER Cisco ESA lzw attachment parsing denial of service attempt (server-other.rules)
 * 3:40553 <-> ENABLED <-> SERVER-OTHER Cisco ESA uuencode attachment processing exception denial of service attempt (server-other.rules)
 * 3:40554 <-> ENABLED <-> SERVER-OTHER Cisco ESA uuencode attachment processing exception denial of service attempt (server-other.rules)
 * 3:40580 <-> ENABLED <-> POLICY-OTHER Cisco Universal Media Services potentially unauthorized API access detected (policy-other.rules)
 * 3:40636 <-> ENABLED <-> POLICY-OTHER Cisco Prime Home API insecure SSO authentication detected (policy-other.rules)
 * 3:40637 <-> ENABLED <-> POLICY-OTHER TL1 ACT-USER login detected (policy-other.rules)
 * 3:40638 <-> ENABLED <-> PROTOCOL-VOIP Cisco Meeting Server SIP SDP media description buffer overflow attempt (protocol-voip.rules)
 * 3:40767 <-> ENABLED <-> FILE-OTHER Cisco IOS-XE update directory traversal attempt (file-other.rules)
 * 3:40768 <-> ENABLED <-> FILE-OTHER Cisco IOS-XE update directory traversal attempt (file-other.rules)
 * 3:40769 <-> ENABLED <-> FILE-OTHER Cisco IOS-XE update directory traversal attempt (file-other.rules)
 * 3:40770 <-> ENABLED <-> FILE-OTHER Cisco IOS-XE update directory traversal attempt (file-other.rules)
 * 3:40877 <-> ENABLED <-> SERVER-OTHER Cisco Application Control Engine SSL handshake parsing denial of service attempt (server-other.rules)
 * 3:40878 <-> ENABLED <-> FILE-EXECUTABLE TRUFFLEHUNTER TALOS-CAN-0188 attack attempt (file-executable.rules)
 * 3:40879 <-> ENABLED <-> FILE-EXECUTABLE TRUFFLEHUNTER TALOS-CAN-0188 attack attempt (file-executable.rules)
 * 3:41093 <-> ENABLED <-> POLICY-OTHER Docker management traffic detected (policy-other.rules)
 * 3:41137 <-> ENABLED <-> SERVER-OTHER Cisco IOS XR command line interface privilege escalation attempt (server-other.rules)
 * 3:41195 <-> ENABLED <-> PROTOCOL-SNMP Cisco IP routing configuration manipulation via SNMP attempt (protocol-snmp.rules)
 * 3:41360 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2017-0270 attack attempt (file-pdf.rules)
 * 3:41361 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2017-0270 attack attempt (file-pdf.rules)
 * 3:41362 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2017-0270 attack attempt (file-pdf.rules)
 * 3:41363 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2017-0270 attack attempt (file-pdf.rules)
 * 3:41368 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2017-0273 attack attempt (file-other.rules)
 * 3:41369 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2017-0273 attack attempt (file-other.rules)
 * 3:41372 <-> ENABLED <-> FILE-IMAGE Oracle Outside In libvs_gif out of bounds write attempt (file-image.rules)
 * 3:41373 <-> ENABLED <-> FILE-IMAGE Oracle Outside In libvs_gif out of bounds write attempt (file-image.rules)
 * 3:41415 <-> ENABLED <-> PROTOCOL-VOIP Cisco Expressway and TelePresence VCS denial of service attempt (protocol-voip.rules)
 * 3:41466 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2016-0278 attack attempt (server-other.rules)
 * 3:41468 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0272 attack attempt (file-office.rules)
 * 3:41469 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0272 attack attempt (file-office.rules)
 * 3:41487 <-> ENABLED <-> POLICY-OTHER Cisco Prime Home portlet API access detected (policy-other.rules)
 * 3:41538 <-> ENABLED <-> SERVER-WEBAPP Cisco ASA WebVPN memory corruption attempt  (server-webapp.rules)
 * 3:41547 <-> ENABLED <-> SERVER-OTHER TLS client hello session resumption detected (server-other.rules)
 * 3:41548 <-> ENABLED <-> SERVER-OTHER F5 BIG-IP TLS session ticket implementation uninitialized memory disclosure attempt (server-other.rules)
 * 3:41786 <-> ENABLED <-> SERVER-OTHER Cisco NetFlow Generation Appliance SCTP denial of service attempt (server-other.rules)
 * 3:41909 <-> ENABLED <-> SERVER-OTHER Cisco Software Cluster Management Protocol remote code execution attempt (server-other.rules)
 * 3:41910 <-> ENABLED <-> SERVER-OTHER Cisco Software Cluster Management Protocol remote code execution attempt (server-other.rules)
 * 3:42001 <-> ENABLED <-> SERVER-WEBAPP Cisco CWA and TES Client Manager Server directory traversal attempt (server-webapp.rules)
 * 3:42002 <-> ENABLED <-> SERVER-WEBAPP Cisco CWA and TES Client Manager Server directory traversal attempt (server-webapp.rules)
 * 3:42003 <-> ENABLED <-> POLICY-OTHER Cisco Mobility Express Access Point radio.cgi access detected (policy-other.rules)
 * 3:42004 <-> ENABLED <-> POLICY-OTHER Cisco Mobility Express Access Point radio.html access detected (policy-other.rules)
 * 3:42008 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0295 attack attempt (file-office.rules)
 * 3:42009 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0295 attack attempt (file-office.rules)
 * 3:42051 <-> ENABLED <-> SERVER-OTHER Cisco IOS autonomic networking discovery denial of service attempt (server-other.rules)
 * 3:42060 <-> ENABLED <-> SERVER-OTHER Cisco IOS DHCP client dummy XID denial of service attempt (server-other.rules)
 * 3:42061 <-> ENABLED <-> SERVER-WEBAPP Cisco IOS XE webui software upgrade command injection attempt (server-webapp.rules)
 * 3:42069 <-> ENABLED <-> SERVER-OTHER Cisco IOS XE DHCP vendor class identifier format string exploit attempt (server-other.rules)
 * 3:42070 <-> ENABLED <-> SERVER-OTHER Cisco IOS L2TP invalid message digest AVP denial of service attempt (server-other.rules)
 * 3:42071 <-> ENABLED <-> SERVER-WEBAPP Cisco IOS XE webui denial of service attempt (server-webapp.rules)
 * 3:42076 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0300 attack attempt (file-office.rules)
 * 3:42077 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0300 attack attempt (file-office.rules)
 * 3:42112 <-> ENABLED <-> BROWSER-OTHER multiple browsers content security policy bypass attempt (browser-other.rules)
 * 3:42139 <-> ENABLED <-> SERVER-WEBAPP Cisco Wireless LAN Controller denial of service attempt (server-webapp.rules)
 * 3:42142 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2017-0303 attack attempt (file-other.rules)
 * 3:42143 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2017-0303 attack attempt (file-other.rules)
 * 3:42144 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0301 attack attempt (file-office.rules)
 * 3:42145 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0301 attack attempt (file-office.rules)
 * 3:42146 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2017-0304 attack attempt (file-other.rules)
 * 3:42147 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2017-0304 attack attempt (file-other.rules)
 * 3:42179 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-2811 attack attempt (file-image.rules)
 * 3:42180 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-2811 attack attempt (file-image.rules)
 * 3:42191 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0309 attack attempt (file-image.rules)
 * 3:42192 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0309 attack attempt (file-image.rules)
 * 3:42193 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0309 attack attempt (file-image.rules)
 * 3:42194 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0309 attack attempt (file-image.rules)
 * 3:42277 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2017-0317 attack attempt (file-other.rules)
 * 3:42278 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2017-0317 attack attempt (file-other.rules)
 * 3:42293 <-> ENABLED <-> PROTOCOL-VOIP Cisco Unified Communications Manager SIP NOTIFY denial of service attempt (protocol-voip.rules)
 * 3:42313 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2017-0322 attack attempt (file-pdf.rules)
 * 3:42314 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2017-0322 attack attempt (file-pdf.rules)
 * 3:42399 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2017-0323 attack attempt (file-pdf.rules)
 * 3:42400 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2017-0323 attack attempt (file-pdf.rules)
 * 3:42438 <-> ENABLED <-> SERVER-MAIL IBM Domino BMP parsing integer overflow attempt (server-mail.rules)
 * 3:42489 <-> ENABLED <-> SERVER-OTHER Cisco Aironet Mobility Express PnP agent directory traversal attempt (server-other.rules)
 * 3:42493 <-> ENABLED <-> SERVER-OTHER Cisco RV Series Routers SSDP uuid stack buffer overflow attempt (server-other.rules)
 * 3:42923 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Collaboration ScriptMgr authentication bypass attempt (server-webapp.rules)
 * 3:42924 <-> ENABLED <-> POLICY-OTHER Cisco Prime Collaboration potentially unauthorized log file access detected (policy-other.rules)
 * 3:43000 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2017-0342 attack attempt (file-other.rules)
 * 3:43001 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2017-0342 attack attempt (file-other.rules)
 * 3:43060 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2017-0355 attack attempt (server-other.rules)
 * 3:43076 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2017-0354 attack attempt (server-other.rules)
 * 3:43081 <-> ENABLED <-> BROWSER-OTHER TRUFFLEHUNTER TALOS-2017-0357 attack attempt (browser-other.rules)
 * 3:43082 <-> ENABLED <-> BROWSER-OTHER TRUFFLEHUNTER TALOS-2017-0360 attack attempt (browser-other.rules)
 * 3:43120 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2017-0356 attack attempt (file-pdf.rules)
 * 3:43121 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2017-0356 attack attempt (file-pdf.rules)
 * 3:43135 <-> ENABLED <-> POLICY-OTHER JBoss Management console access detected (policy-other.rules)
 * 3:43148 <-> ENABLED <-> PROTOCOL-SCADA Rockwell Automation CIP challenge-response buffer overflow attempt (protocol-scada.rules)
 * 3:43149 <-> ENABLED <-> PROTOCOL-SCADA Rockwell Automation CIP certificate request unknown certificate detected (protocol-scada.rules)
 * 3:43150 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2017-0362 attack attempt (server-other.rules)
 * 3:43167 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2017-0361 attack attempt (file-pdf.rules)
 * 3:43168 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2017-0361 attack attempt (file-pdf.rules)
 * 3:43192 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2017-0364 attack attempt (server-other.rules)
 * 3:43211 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2017-0365 attack attempt (server-other.rules)
 * 3:43214 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0366 attack attempt (file-image.rules)
 * 3:43215 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0366 attack attempt (file-image.rules)
 * 3:43271 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Infrastructure XML external entity injection attempt (server-webapp.rules)
 * 3:43449 <-> ENABLED <-> POLICY-OTHER log file access detected (policy-other.rules)
 * 3:43452 <-> ENABLED <-> POLICY-OTHER Cisco Ultra Services Framework unauthenticated ZAB connect request detected (policy-other.rules)
 * 3:43456 <-> ENABLED <-> SERVER-WEBAPP Cisco Ultra Services Framework command injection attempt (server-webapp.rules)
 * 3:43483 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2017-0369 attack attempt (server-other.rules)
 * 3:43484 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2017-0369 attack attempt (server-other.rules)
 * 3:43485 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2017-0369 attack attempt (server-other.rules)
 * 3:43486 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2017-0368 attack attempt (server-other.rules)
 * 3:43487 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0370 attack attempt (server-webapp.rules)
 * 3:43488 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0372 attack attempt (server-webapp.rules)
 * 3:43489 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2017-0374 attack attempt (server-other.rules)
 * 3:43518 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2017-0373 attack attempt (server-other.rules)
 * 3:43555 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2017-0381 attack attempt (policy-other.rules)
 * 3:43556 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2017-0382 attack attempt (server-other.rules)
 * 3:43557 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2017-0384 attack attempt (server-other.rules)
 * 3:43558 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2017-0379 attack attempt (server-other.rules)
 * 3:43559 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2017-0378 attack attempt (server-other.rules)
 * 3:43628 <-> ENABLED <-> SERVER-WEBAPP Cisco Web Security Appliance https_proxy command injection attempt (server-webapp.rules)
 * 3:43629 <-> ENABLED <-> SERVER-WEBAPP Cisco Web Security Appliance https_proxy command injection attempt (server-webapp.rules)
 * 3:43630 <-> ENABLED <-> SERVER-WEBAPP Cisco Web Security Appliance https_proxy command injection attempt (server-webapp.rules)
 * 3:43631 <-> ENABLED <-> SERVER-WEBAPP Cisco Web Security Appliance https_proxy command injection attempt (server-webapp.rules)
 * 3:43712 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2017-0389 attack attempt (policy-other.rules)
 * 3:43713 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0385 attack attempt (server-webapp.rules)
 * 3:43714 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2017-0389 attack attempt (policy-other.rules)
 * 3:43715 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2017-0390 attack attempt (policy-other.rules)
 * 3:43716 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2017-0391 attack attempt (policy-other.rules)
 * 3:43717 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2017-0386 attack attempt (server-other.rules)
 * 3:43725 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0387 attack attempt (file-image.rules)
 * 3:43726 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0387 attack attempt (file-image.rules)
 * 3:43855 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0394 attack attempt (file-image.rules)
 * 3:43856 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0394 attack attempt (file-image.rules)
 * 3:43857 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0395 attack attempt (file-image.rules)
 * 3:43858 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0395 attack attempt (file-image.rules)
 * 3:43859 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0395 attack attempt (file-image.rules)
 * 3:43860 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0395 attack attempt (file-image.rules)
 * 3:43861 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0397 attack attempt (server-webapp.rules)
 * 3:43862 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0393 attack attempt (file-image.rules)
 * 3:43863 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0393 attack attempt (file-image.rules)
 * 3:43864 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2017-0371 attack attempt (policy-other.rules)
 * 3:44012 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2017-0411 attack attempt (policy-other.rules)
 * 3:44063 <-> ENABLED <-> SERVER-WEBAPP Cisco Ultra Services Framework AutoVNF directory traversal attempt (server-webapp.rules)
 * 3:44070 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2017-0418 attack attempt (server-other.rules)
 * 3:44071 <-> ENABLED <-> SERVER-OTHER Objectivity DB lock server buffer overflow attempt (server-other.rules)
 * 3:44082 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2017-0420 attack attempt (server-other.rules)
 * 3:44092 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0404 attack attempt (file-office.rules)
 * 3:44093 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0404 attack attempt (file-office.rules)
 * 3:44101 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0403 attack attempt (file-office.rules)
 * 3:44102 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0403 attack attempt (file-office.rules)
 * 3:44106 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0417 attack attempt (file-office.rules)
 * 3:44107 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0417 attack attempt (file-office.rules)
 * 3:44125 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Collaboration logconfigtracer directory traversal attempt (server-webapp.rules)
 * 3:44126 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Collaboration logconfigtracer directory traversal attempt (server-webapp.rules)
 * 3:44127 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Collaboration logconfigtracer directory traversal attempt (server-webapp.rules)
 * 3:44142 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2017-0424 attack attempt (policy-other.rules)
 * 3:44162 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2017-0422 attack attempt (policy-other.rules)
 * 3:44163 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0426 attack attempt (file-office.rules)
 * 3:44164 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0426 attack attempt (file-office.rules)
 * 3:44166 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0428 attack attempt (server-webapp.rules)
 * 3:44167 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0412 attack attempt (file-image.rules)
 * 3:44168 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0412 attack attempt (file-image.rules)
 * 3:44178 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0427 attack attempt (file-image.rules)
 * 3:44179 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0427 attack attempt (file-image.rules)
 * 3:44186 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2017-0425 attack attempt (file-other.rules)
 * 3:44187 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2017-0425 attack attempt (file-other.rules)
 * 3:44189 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2017-0421 attack attempt (server-other.rules)
 * 3:44223 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0406 attack attempt (file-image.rules)
 * 3:44224 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0406 attack attempt (file-image.rules)
 * 3:44225 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0406 attack attempt (file-image.rules)
 * 3:44226 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0406 attack attempt (file-image.rules)
 * 3:44227 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0406 attack attempt (file-image.rules)
 * 3:44228 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0406 attack attempt (file-image.rules)
 * 3:44229 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0406 attack attempt (file-image.rules)
 * 3:44230 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0406 attack attempt (file-image.rules)
 * 3:44237 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0410 attack attempt (file-image.rules)
 * 3:44238 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0410 attack attempt (file-image.rules)
 * 3:44239 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0410 attack attempt (file-image.rules)
 * 3:44240 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0410 attack attempt (file-image.rules)
 * 3:44241 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0410 attack attempt (file-image.rules)
 * 3:44242 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0410 attack attempt (file-image.rules)
 * 3:44243 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0410 attack attempt (file-image.rules)
 * 3:44244 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0410 attack attempt (file-image.rules)
 * 3:44245 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0409 attack attempt (file-image.rules)
 * 3:44246 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0409 attack attempt (file-image.rules)
 * 3:44247 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0409 attack attempt (file-image.rules)
 * 3:44248 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0409 attack attempt (file-image.rules)
 * 3:44249 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0411 attack attempt (file-image.rules)
 * 3:44250 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0411 attack attempt (file-image.rules)
 * 3:44251 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0408 attack attempt (file-image.rules)
 * 3:44252 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0408 attack attempt (file-image.rules)
 * 3:44253 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2017-0415 attack attempt (file-other.rules)
 * 3:44254 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2017-0415 attack attempt (file-other.rules)
 * 3:44255 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2017-0415 attack attempt (file-other.rules)
 * 3:44256 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2017-0415 attack attempt (file-other.rules)
 * 3:44257 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2017-0415 attack attempt (file-other.rules)
 * 3:44258 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2017-0415 attack attempt (file-other.rules)
 * 3:44259 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2017-0415 attack attempt (file-other.rules)
 * 3:44260 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2017-0415 attack attempt (file-other.rules)
 * 3:44261 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2017-0414 attack attempt (file-multimedia.rules)
 * 3:44262 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2017-0414 attack attempt (file-multimedia.rules)
 * 3:44263 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2017-0414 attack attempt (file-multimedia.rules)
 * 3:44264 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2017-0414 attack attempt (file-multimedia.rules)
 * 3:44265 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2017-0413 attack attempt (file-multimedia.rules)
 * 3:44266 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2017-0413 attack attempt (file-multimedia.rules)
 * 3:44267 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2017-0436 attack attempt (policy-other.rules)
 * 3:44268 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2017-0437 attack attempt (policy-other.rules)
 * 3:44269 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2017-0434 attack attempt (file-other.rules)
 * 3:44270 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2017-0434 attack attempt (file-other.rules)
 * 3:44271 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0430 attack attempt (file-office.rules)
 * 3:44272 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0430 attack attempt (file-office.rules)
 * 3:44273 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0431 attack attempt (file-office.rules)
 * 3:44274 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0431 attack attempt (file-office.rules)
 * 3:44287 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2017-0433 attack attempt (file-other.rules)
 * 3:44288 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2017-0433 attack attempt (file-other.rules)
 * 3:44294 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2017-0432 attack attempt (file-pdf.rules)
 * 3:44295 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2017-0432 attack attempt (file-pdf.rules)
 * 3:44297 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0435 attack attempt (server-webapp.rules)
 * 3:44318 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2017-0438 attack attempt (file-other.rules)
 * 3:44319 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2017-0438 attack attempt (file-other.rules)
 * 3:44344 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2017-0439 attack attempt (server-other.rules)
 * 3:44376 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2017-0452 attack attempt (file-other.rules)
 * 3:44377 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2017-0452 attack attempt (file-other.rules)
 * 3:44379 <-> ENABLED <-> PROTOCOL-DNS Cisco IOS ipnat_dns_shift_data integer underflow attempt (protocol-dns.rules)
 * 3:44380 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0450 attack attempt (server-webapp.rules)
 * 3:44381 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0449 attack attempt (server-webapp.rules)
 * 3:44397 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2017-0453 attack attempt (file-other.rules)
 * 3:44398 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2017-0453 attack attempt (file-other.rules)
 * 3:44417 <-> ENABLED <-> SERVER-WEBAPP Cisco Customer Voice Portal MyAccountEditAction.do privilege escalation attempt (server-webapp.rules)
 * 3:44419 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2017-0445 attack attempt (protocol-scada.rules)
 * 3:44420 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2017-0440 attack attempt (protocol-scada.rules)
 * 3:44421 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2017-0441 attack attempt (policy-other.rules)
 * 3:44422 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2017-0441 attack attempt (policy-other.rules)
 * 3:44423 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2017-0444 attack attempt (policy-other.rules)
 * 3:44424 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2017-0443 attack attempt (policy-other.rules)
 * 3:44425 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2017-0443 attack attempt (policy-other.rules)
 * 3:44426 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2017-0443 attack attempt (policy-other.rules)
 * 3:44427 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2017-0443 attack attempt (policy-other.rules)
 * 3:44428 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2017-0443 attack attempt (policy-other.rules)
 * 3:44429 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2017-0443 attack attempt (policy-other.rules)
 * 3:44444 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2017-0455 attack attempt (file-other.rules)
 * 3:44445 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2017-0455 attack attempt (file-other.rules)
 * 3:44446 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2017-0454 attack attempt (file-other.rules)
 * 3:44447 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2017-0454 attack attempt (file-other.rules)
 * 3:44448 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2017-0456 attack attempt (file-other.rules)
 * 3:44449 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2017-0456 attack attempt (file-other.rules)
 * 3:44451 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0458 attack attempt (file-image.rules)
 * 3:44452 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0458 attack attempt (file-image.rules)
 * 3:44457 <-> ENABLED <-> POLICY-OTHER Cisco IOS XE Web UI user administration page access detected (policy-other.rules)
 * 3:44458 <-> ENABLED <-> PROTOCOL-SCADA Cisco IE2000 CIP get attributes all packet processing memory leak attempt (protocol-scada.rules)
 * 3:44459 <-> ENABLED <-> PROTOCOL-SCADA Cisco IE2000 CIP forward open packet processing null pointer dereference attempt (protocol-scada.rules)
 * 3:44460 <-> ENABLED <-> SERVER-WEBAPP Cisco IOS XE Web UI resource path authentication bypass attempt (server-webapp.rules)
 * 3:44461 <-> ENABLED <-> SERVER-WEBAPP Cisco IOS XE Web UI resource path authentication bypass attempt (server-webapp.rules)
 * 3:44462 <-> ENABLED <-> SERVER-WEBAPP Cisco IOS XE Web UI rest path authentication bypass attempt (server-webapp.rules)
 * 3:44463 <-> ENABLED <-> SERVER-WEBAPP Cisco IOS XE Web UI rest path authentication bypass attempt (server-webapp.rules)
 * 3:44464 <-> ENABLED <-> SERVER-OTHER Cisco IOS IKEv2 session initialization denial of service attempt (server-other.rules)
 * 3:44498 <-> ENABLED <-> SERVER-WEBAPP Cisco License Manager ReportCSV directory traversal attempt (server-webapp.rules)
 * 3:44499 <-> ENABLED <-> SERVER-WEBAPP Cisco License Manager ReportCSV directory traversal attempt (server-webapp.rules)
 * 3:44500 <-> ENABLED <-> SERVER-WEBAPP Cisco License Manager ReportCSV directory traversal attempt (server-webapp.rules)
 * 3:44503 <-> ENABLED <-> SERVER-WEBAPP Cisco Adaptive Security Appliance direct authentication denial of service attempt (server-webapp.rules)
 * 3:44520 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0461 attack attempt (file-office.rules)
 * 3:44521 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0461 attack attempt (file-office.rules)
 * 3:44522 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0460 attack attempt (file-office.rules)
 * 3:44523 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0460 attack attempt (file-office.rules)
 * 3:44524 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0459 attack attempt (file-image.rules)
 * 3:44525 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0459 attack attempt (file-image.rules)
 * 3:44537 <-> ENABLED <-> SERVER-WEBAPP NEC ExpressCluster UploadFile.js arbitrary file upload attempt (server-webapp.rules)
 * 3:44538 <-> ENABLED <-> SERVER-WEBAPP NEC ExpressCluster LogCollect.js command injection attempt (server-webapp.rules)
 * 3:44539 <-> ENABLED <-> SERVER-WEBAPP NEC ExpressCluster LogCollect.js command injection attempt (server-webapp.rules)
 * 3:44540 <-> ENABLED <-> SERVER-OTHER Jiangmin Anti-Virus Network Edition information disclosure attempt (server-other.rules)
 * 3:44541 <-> ENABLED <-> SERVER-OTHER Jiangmin Anti-Virus Network Edition configuration change attempt (server-other.rules)
 * 3:44542 <-> ENABLED <-> SERVER-OTHER Jiangmin Anti-Virus Network Edition remote code execution attempt (server-other.rules)
 * 3:44543 <-> ENABLED <-> SERVER-OTHER Jiangmin Anti-Virus Network Edition information disclosure attempt (server-other.rules)
 * 3:44544 <-> ENABLED <-> FILE-PDF Nitro Pro PDF document field dereference use after free attempt (file-pdf.rules)
 * 3:44545 <-> ENABLED <-> FILE-PDF Nitro Pro PDF document field dereference use after free attempt (file-pdf.rules)
 * 3:44546 <-> ENABLED <-> FILE-PDF Nitro Pro use after free remote code execution attempt (file-pdf.rules)
 * 3:44547 <-> ENABLED <-> FILE-PDF Nitro Pro use after free remote code execution attempt (file-pdf.rules)
 * 3:44555 <-> ENABLED <-> SERVER-WEBAPP Cisco FirePower Management Center cross site scripting attempt (server-webapp.rules)
 * 3:44556 <-> ENABLED <-> SERVER-WEBAPP Cisco Unity Connection edit-nuance.do cross site scripting attempt (server-webapp.rules)
 * 3:44557 <-> ENABLED <-> SERVER-WEBAPP Cisco Unity Connection nick-name.do cross site scripting attempt (server-webapp.rules)
 * 3:44558 <-> ENABLED <-> SERVER-WEBAPP Cisco Unity Connection serviceParamEdit.do cross site scripting attempt (server-webapp.rules)
 * 3:44589 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0463 attack attempt (file-office.rules)
 * 3:44590 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0463 attack attempt (file-office.rules)
 * 3:44593 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0462 attack attempt (file-office.rules)
 * 3:44594 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0462 attack attempt (file-office.rules)
 * 3:44605 <-> ENABLED <-> SERVER-WEBAPP Nagios XI Incident Manager SQL injection attempt  (server-webapp.rules)
 * 3:44606 <-> ENABLED <-> SERVER-WEBAPP Nagios XI Incident Manager SQL injection attempt  (server-webapp.rules)
 * 3:44614 <-> ENABLED <-> SERVER-WEBAPP D-Link soap.cgi service command injection attempt (server-webapp.rules)
 * 3:44624 <-> ENABLED <-> SERVER-WEBAPP TP-Link syslog.filter.json command injection attempt (server-webapp.rules)
 * 3:44625 <-> ENABLED <-> SERVER-WEBAPP TP-Link syslog.filter.json command injection attempt (server-webapp.rules)
 * 3:44626 <-> ENABLED <-> SERVER-WEBAPP TP-Link syslog.filter.json command injection attempt (server-webapp.rules)
 * 3:44627 <-> ENABLED <-> SERVER-WEBAPP TP-Link syslog.filter.json command injection attempt (server-webapp.rules)
 * 3:44707 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0471 attack attempt (server-webapp.rules)
 * 3:44708 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0471 attack attempt (server-webapp.rules)
 * 3:44709 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0471 attack attempt (server-webapp.rules)
 * 3:44710 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0471 attack attempt (server-webapp.rules)
 * 3:44711 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0471 attack attempt (server-webapp.rules)
 * 3:44712 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0471 attack attempt (server-webapp.rules)
 * 3:44713 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2017-0464 attack attempt (policy-other.rules)
 * 3:44714 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2017-0464 attack attempt (policy-other.rules)
 * 3:44722 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Collaboration Provisioning pmclasschooser.xml SQL injection attempt (server-webapp.rules)
 * 3:44723 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Collaboration Provisioning pmclasschooser.xml SQL injection attempt (server-webapp.rules)
 * 3:44724 <-> ENABLED <-> SERVER-WEBAPP Cisco Firepower Smart Licensing command injection attempt (server-webapp.rules)
 * 3:44725 <-> ENABLED <-> PROTOCOL-SNMP Cisco Wireless LAN Controller clExtApDot11IfTable OID memory leak attempt (protocol-snmp.rules)
 * 3:44750 <-> ENABLED <-> SERVER-WEBAPP ASUS RP-AC52 login.cgi stack buffer overflow attempt  (server-webapp.rules)
 * 3:44835 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0472 attack attempt (server-webapp.rules)
 * 3:44836 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0472 attack attempt (server-webapp.rules)
 * 3:44837 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0472 attack attempt (server-webapp.rules)
 * 3:44840 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0473 attack attempt (server-webapp.rules)
 * 3:44841 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0473 attack attempt (server-webapp.rules)
 * 3:44842 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0473 attack attempt (server-webapp.rules)
 * 3:44847 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0482 attack attempt (server-webapp.rules)
 * 3:44848 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0482 attack attempt (server-webapp.rules)
 * 3:44849 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0482 attack attempt (server-webapp.rules)
 * 3:44850 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0477 attack attempt (server-webapp.rules)
 * 3:44851 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0477 attack attempt (server-webapp.rules)
 * 3:44852 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0477 attack attempt (server-webapp.rules)
 * 3:44855 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2017-0480 attack attempt (policy-other.rules)
 * 3:44858 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0474 attack attempt (server-webapp.rules)
 * 3:44863 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0483 attack attempt (server-webapp.rules)
 * 3:44908 <-> ENABLED <-> FILE-OTHER KeyView SDK WordPerfect parsing stack buffer overflow attempt (file-other.rules)
 * 3:44909 <-> ENABLED <-> FILE-OTHER KeyView SDK WordPerfect parsing stack buffer overflow attempt (file-other.rules)
 * 3:44910 <-> ENABLED <-> SERVER-OTHER Altiris Express Server Engine stack buffer overflow attempt (server-other.rules)
 * 3:44986 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2017-0486 attack attempt (server-other.rules)
 * 3:45017 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0497 attack attempt (file-image.rules)
 * 3:45018 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0497 attack attempt (file-image.rules)
 * 3:45019 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0490 attack attempt (file-image.rules)
 * 3:45020 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0490 attack attempt (file-image.rules)
 * 3:45021 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0491 attack attempt (file-image.rules)
 * 3:45022 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0491 attack attempt (file-image.rules)
 * 3:45025 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0489 attack attempt (file-image.rules)
 * 3:45026 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0489 attack attempt (file-image.rules)
 * 3:45033 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0488 attack attempt (file-image.rules)
 * 3:45034 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0488 attack attempt (file-image.rules)
 * 3:45047 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0499 attack attempt (file-image.rules)
 * 3:45048 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0499 attack attempt (file-image.rules)
 * 3:45049 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0493 attack attempt (server-webapp.rules)
 * 3:45086 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0494 attack attempt (server-webapp.rules)
 * 3:45087 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0495 attack attempt (server-webapp.rules)
 * 3:45088 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0502 attack attempt (server-webapp.rules)
 * 3:45089 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2017-0501 attack attempt (server-other.rules)
 * 3:45102 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2017-0505 attack attempt (file-pdf.rules)
 * 3:45103 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2017-0505 attack attempt (file-pdf.rules)
 * 3:45105 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2017-0504 attack attempt (file-pdf.rules)
 * 3:45106 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2017-0504 attack attempt (file-pdf.rules)
 * 3:45120 <-> ENABLED <-> SERVER-OTHER Cisco Application Control Engine padding oracle attack attempt (server-other.rules)
 * 3:45158 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2017-0506 attack attempt (file-pdf.rules)
 * 3:45159 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2017-0506 attack attempt (file-pdf.rules)
 * 3:45216 <-> ENABLED <-> FILE-EXECUTABLE TRUFFLEHUNTER TALOS-2017-0509 attack attempt (file-executable.rules)
 * 3:45217 <-> ENABLED <-> FILE-EXECUTABLE TRUFFLEHUNTER TALOS-2017-0509 attack attempt (file-executable.rules)
 * 3:45220 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2017-0507 attack attempt (server-other.rules)
 * 3:45222 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0508 attack attempt (server-webapp.rules)
 * 3:45223 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0508 attack attempt (server-webapp.rules)
 * 3:45248 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2017-0510 attack attempt (server-other.rules)
 * 3:45422 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2018-0512 attack attempt (policy-other.rules)
 * 3:45441 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0511 attack attempt (server-webapp.rules)
 * 3:45464 <-> ENABLED <-> PROTOCOL-VOIP Cisco Unified Customer Voice Portal denial of service attempt (protocol-voip.rules)
 * 3:45465 <-> ENABLED <-> SERVER-WEBAPP Splunk daemon default admin credentials login attempt (server-webapp.rules)
 * 3:45502 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0515 attack attempt (file-other.rules)
 * 3:45503 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0515 attack attempt (file-other.rules)
 * 3:45504 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0514 attack attempt (file-other.rules)
 * 3:45505 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0514 attack attempt (file-other.rules)
 * 3:45506 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2018-0517 attack attempt (file-pdf.rules)
 * 3:45507 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2018-0517 attack attempt (file-pdf.rules)
 * 3:45521 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2018-0518 attack attempt (file-pdf.rules)
 * 3:45522 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2018-0518 attack attempt (file-pdf.rules)
 * 3:45524 <-> ENABLED <-> FILE-OTHER Cisco WebEx Network Recording Player for ARF files dll-load exploit attempt (file-other.rules)
 * 3:45525 <-> ENABLED <-> FILE-OTHER Cisco WebEx Network Recording Player for ARF files dll-load exploit attempt (file-other.rules)
 * 3:45575 <-> ENABLED <-> SERVER-OTHER Cisco ASA VPN aggregateAuthDataHandler double free attempt (server-other.rules)
 * 3:45596 <-> ENABLED <-> SERVER-OTHER Cisco ASA VPN aggregateAuthDataHandler double free attempt (server-other.rules)
 * 3:45597 <-> ENABLED <-> INDICATOR-SHELLCODE Cisco ASA alloc_ch connection string (indicator-shellcode.rules)
 * 3:45599 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0520 attack attempt (file-image.rules)
 * 3:45600 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0520 attack attempt (file-image.rules)
 * 3:45602 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0522 attack attempt (file-other.rules)
 * 3:45603 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0522 attack attempt (file-other.rules)
 * 3:45604 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2018-0524 attack attempt (server-other.rules)
 * 3:45605 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0519 attack attempt (file-other.rules)
 * 3:45606 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0519 attack attempt (file-other.rules)
 * 3:45608 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2018-0525 attack attempt (file-pdf.rules)
 * 3:45609 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2018-0525 attack attempt (file-pdf.rules)
 * 3:45610 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2018-0523 attack attempt (server-other.rules)
 * 3:45621 <-> ENABLED <-> SERVER-WEBAPP Cisco UCS Central recvbackup.cgi command injection attempt (server-webapp.rules)
 * 3:45622 <-> ENABLED <-> SERVER-WEBAPP Cisco UCS Central recvbackup.cgi command injection attempt (server-webapp.rules)
 * 3:45623 <-> ENABLED <-> SERVER-WEBAPP Cisco RV132W and RV134W routers command injection attempt (server-webapp.rules)
 * 3:45652 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2018-0526 attack attempt (file-pdf.rules)
 * 3:45653 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2018-0526 attack attempt (file-pdf.rules)
 * 3:45689 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0527 attack attempt (file-office.rules)
 * 3:45690 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0527 attack attempt (file-office.rules)
 * 3:45697 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0530 attack attempt (file-other.rules)
 * 3:45698 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0530 attack attempt (file-other.rules)
 * 3:45699 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0530 attack attempt (file-other.rules)
 * 3:45700 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0530 attack attempt (file-other.rules)
 * 3:45701 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0529 attack attempt (file-other.rules)
 * 3:45702 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0529 attack attempt (file-other.rules)
 * 3:45703 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0529 attack attempt (file-other.rules)
 * 3:45704 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0529 attack attempt (file-other.rules)
 * 3:45705 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0529 attack attempt (file-other.rules)
 * 3:45706 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0529 attack attempt (file-other.rules)
 * 3:45707 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0529 attack attempt (file-other.rules)
 * 3:45708 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0529 attack attempt (file-other.rules)
 * 3:45709 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0529 attack attempt (file-other.rules)
 * 3:45710 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0529 attack attempt (file-other.rules)
 * 3:45711 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0529 attack attempt (file-other.rules)
 * 3:45712 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0529 attack attempt (file-other.rules)
 * 3:45713 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0529 attack attempt (file-other.rules)
 * 3:45714 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0529 attack attempt (file-other.rules)
 * 3:45715 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2018-0532 attack attempt (file-pdf.rules)
 * 3:45716 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2018-0532 attack attempt (file-pdf.rules)
 * 3:45717 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0528 attack attempt (file-office.rules)
 * 3:45718 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0528 attack attempt (file-office.rules)
 * 3:45729 <-> ENABLED <-> POLICY-OTHER Cisco Unified Communications Manager appuserFindList.do access detected (policy-other.rules)
 * 3:45730 <-> ENABLED <-> SERVER-OTHER Cisco TelePresence TC and TE software authentication bypass attempt (server-other.rules)
 * 3:45731 <-> ENABLED <-> SERVER-WEBAPP Cisco Elastic Services Controller authentication bypass attempt (server-webapp.rules)
 * 3:45750 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0534 attack attempt (file-office.rules)
 * 3:45751 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0534 attack attempt (file-office.rules)
 * 3:45752 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0533 attack attempt (file-other.rules)
 * 3:45753 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0533 attack attempt (file-other.rules)
 * 3:45813 <-> ENABLED <-> SERVER-WEBAPP Cisco Unified Communications Manager information disclosure attempt (server-webapp.rules)
 * 3:45823 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2018-0536 attack attempt (file-pdf.rules)
 * 3:45824 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2018-0536 attack attempt (file-pdf.rules)
 * 3:45829 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2018-0535 attack attempt (server-other.rules)
 * 3:45832 <-> ENABLED <-> SERVER-WEBAPP Cisco Unified Communications Manager appuserFindList.do SQL injection attempt (server-webapp.rules)
 * 3:45833 <-> ENABLED <-> SERVER-WEBAPP Cisco Unified Communications Manager appuserFindList.do SQL injection attempt (server-webapp.rules)
 * 3:45870 <-> ENABLED <-> SERVER-WEBAPP Cisco ACS unsafe Java object deserialization attempt (server-webapp.rules)
 * 3:45891 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0539 attack attempt (server-webapp.rules)
 * 3:45896 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0538 attack attempt (file-office.rules)
 * 3:45897 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0538 attack attempt (file-office.rules)
 * 3:45981 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0540 attack attempt (file-other.rules)
 * 3:45982 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0540 attack attempt (file-other.rules)
 * 3:45985 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0544 attack attempt (file-image.rules)
 * 3:45986 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0544 attack attempt (file-image.rules)
 * 3:45987 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0544 attack attempt (file-image.rules)
 * 3:45988 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0544 attack attempt (file-image.rules)
 * 3:45991 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0543 attack attempt (file-image.rules)
 * 3:45992 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0543 attack attempt (file-image.rules)
 * 3:45993 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0543 attack attempt (file-image.rules)
 * 3:45994 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0543 attack attempt (file-image.rules)
 * 3:45997 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0542 attack attempt (file-image.rules)
 * 3:45998 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0542 attack attempt (file-image.rules)
 * 3:45999 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0542 attack attempt (file-image.rules)
 * 3:46000 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0542 attack attempt (file-image.rules)
 * 3:46001 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0541 attack attempt (file-image.rules)
 * 3:46002 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0541 attack attempt (file-image.rules)
 * 3:46079 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0548 attack attempt (server-webapp.rules)
 * 3:46090 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0549 attack attempt (server-webapp.rules)
 * 3:46093 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0550 attack attempt (file-image.rules)
 * 3:46094 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0550 attack attempt (file-image.rules)
 * 3:46095 <-> ENABLED <-> POLICY-OTHER Cisco IOS XE default one-time password login detected (policy-other.rules)
 * 3:46101 <-> ENABLED <-> PROTOCOL-SNMP Cisco IOS SNMP ciscoFlashFileEntry OID denial of service attempt (protocol-snmp.rules)
 * 3:46102 <-> ENABLED <-> POLICY-OTHER Flash file external url request attempt (policy-other.rules)
 * 3:46103 <-> ENABLED <-> POLICY-OTHER Flash file external url request attempt (policy-other.rules)
 * 3:46104 <-> ENABLED <-> SERVER-OTHER Cisco IOS DHCP relay agent information memory corruption attempt (server-other.rules)
 * 3:46105 <-> ENABLED <-> PROTOCOL-SNMP Cisco IOS SNMP natPoolRange OID denial of service attempt (protocol-snmp.rules)
 * 3:46108 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Collaboration Provisioning writable file privilege escalation attempt (server-webapp.rules)
 * 3:46109 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Collaboration Provisioning writable file privilege escalation attempt (server-webapp.rules)
 * 3:46110 <-> ENABLED <-> SERVER-OTHER Cisco ASR1001 IKEv2 memory leak attempt (server-other.rules)
 * 3:46111 <-> ENABLED <-> SERVER-OTHER Cisco IOS Adaptive QoS message parsing stack buffer overflow attempt (server-other.rules)
 * 3:46119 <-> ENABLED <-> SERVER-OTHER Cisco IOS DHCP relay reply integer underflow attempt (server-other.rules)
 * 3:46120 <-> ENABLED <-> SERVER-OTHER Cisco IOS DHCP relay integer underflow attempt (server-other.rules)
 * 3:46125 <-> ENABLED <-> SERVER-OTHER Cisco IOS invalid IKEv1 payload denial of service attempt (server-other.rules)
 * 3:46126 <-> ENABLED <-> SERVER-OTHER Cisco IOS XE IGMP denial of service attempt (server-other.rules)
 * 3:46127 <-> ENABLED <-> SERVER-OTHER Cisco IOS XE IGMP denial of service attempt (server-other.rules)
 * 3:46128 <-> ENABLED <-> SERVER-OTHER Cisco IOS XE IGMP denial of service attempt (server-other.rules)
 * 3:46142 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0551 attack attempt (server-webapp.rules)
 * 3:46143 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0553 attack attempt (file-image.rules)
 * 3:46144 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0553 attack attempt (file-image.rules)
 * 3:46145 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0553 attack attempt (file-image.rules)
 * 3:46146 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0553 attack attempt (file-image.rules)
 * 3:46147 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0552 attack attempt (file-image.rules)
 * 3:46148 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0552 attack attempt (file-image.rules)
 * 3:46149 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0554 attack attempt (server-webapp.rules)
 * 3:46150 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0555 attack attempt (server-webapp.rules)
 * 3:46151 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0555 attack attempt (server-webapp.rules)
 * 3:46152 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0555 attack attempt (server-webapp.rules)
 * 3:46153 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0555 attack attempt (server-webapp.rules)
 * 3:46154 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0555 attack attempt (server-webapp.rules)
 * 3:46155 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0555 attack attempt (server-webapp.rules)
 * 3:46165 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0560 attack attempt (server-webapp.rules)
 * 3:46166 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0560 attack attempt (server-webapp.rules)
 * 3:46167 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0560 attack attempt (server-webapp.rules)
 * 3:46168 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0560 attack attempt (server-webapp.rules)
 * 3:46169 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0560 attack attempt (server-webapp.rules)
 * 3:46170 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0560 attack attempt (server-webapp.rules)
 * 3:46171 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0560 attack attempt (server-webapp.rules)
 * 3:46172 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0560 attack attempt (server-webapp.rules)
 * 3:46173 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0568 attack attempt (file-other.rules)
 * 3:46174 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0568 attack attempt (file-other.rules)
 * 3:46175 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0559 attack attempt (server-webapp.rules)
 * 3:46190 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0567 attack attempt (server-webapp.rules)
 * 3:46191 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0567 attack attempt (server-webapp.rules)
 * 3:46211 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0556 attack attempt (server-webapp.rules)
 * 3:46217 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2018-0557 attack attempt (policy-other.rules)
 * 3:46222 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0561 attack attempt (file-image.rules)
 * 3:46223 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0561 attack attempt (file-image.rules)
 * 3:46224 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0562 attack attempt (file-image.rules)
 * 3:46225 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0562 attack attempt (file-image.rules)
 * 3:46241 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0564 attack attempt (file-image.rules)
 * 3:46242 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0564 attack attempt (file-image.rules)
 * 3:46292 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2018-0569 attack attempt (file-pdf.rules)
 * 3:46293 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2018-0569 attack attempt (file-pdf.rules)
 * 3:46294 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0572 attack attempt (server-webapp.rules)
 * 3:46295 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0572 attack attempt (server-webapp.rules)
 * 3:46296 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0570 attack attempt (server-webapp.rules)
 * 3:46319 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0573 attack attempt (server-webapp.rules)
 * 3:46320 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2018-0576 attack attempt (policy-other.rules)
 * 3:46321 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0574 attack attempt (server-webapp.rules)
 * 3:46343 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Network Analysis graph.php directory traversal attempt (server-webapp.rules)
 * 3:46386 <-> ENABLED <-> SERVER-WEBAPP Cisco IOS XE Web UI arbitrary file write attempt (server-webapp.rules)
 * 3:46388 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0579 attack attempt (file-other.rules)
 * 3:46389 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0579 attack attempt (file-other.rules)
 * 3:46390 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0577 attack attempt (server-webapp.rules)
 * 3:46391 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0577 attack attempt (server-webapp.rules)
 * 3:46392 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0577 attack attempt (server-webapp.rules)
 * 3:46395 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0578 attack attempt (server-webapp.rules)
 * 3:46452 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0586 attack attempt (file-image.rules)
 * 3:46453 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0586 attack attempt (file-image.rules)
 * 3:46455 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0587 attack attempt (file-image.rules)
 * 3:46456 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0587 attack attempt (file-image.rules)
 * 3:46457 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2018-0588 attack attempt (file-pdf.rules)
 * 3:46458 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2018-0588 attack attempt (file-pdf.rules)
 * 3:46459 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0585 attack attempt (file-image.rules)
 * 3:46460 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0585 attack attempt (file-image.rules)
 * 3:46492 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Infrastructure directory traversal attempt (server-webapp.rules)
 * 3:46493 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Infrastructure directory traversal attempt (server-webapp.rules)
 * 3:46494 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Infrastructure directory traversal attempt (server-webapp.rules)
 * 3:46496 <-> ENABLED <-> FILE-OTHER Cisco WebEx Recording Player memory corruption attempt (file-other.rules)
 * 3:46497 <-> ENABLED <-> FILE-OTHER Cisco WebEx Recording Player memory corruption attempt (file-other.rules)
 * 3:46498 <-> ENABLED <-> FILE-OTHER Cisco WebEx Recording Player memory corruption attempt (file-other.rules)
 * 3:46499 <-> ENABLED <-> FILE-OTHER Cisco WebEx Recording Player memory corruption attempt (file-other.rules)
 * 3:46500 <-> ENABLED <-> POLICY-OTHER Docker API ContainerCreate request detected (policy-other.rules)
 * 3:46523 <-> ENABLED <-> SERVER-OTHER malicious HTML file transfer attempt (server-other.rules)
 * 3:46541 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0589 attack attempt (file-other.rules)
 * 3:46542 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0589 attack attempt (file-other.rules)
 * 3:46543 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0591 attack attempt (server-webapp.rules)
 * 3:46550 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2018-0590 attack attempt (file-pdf.rules)
 * 3:46551 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2018-0590 attack attempt (file-pdf.rules)
 * 3:46634 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2018-0592 attack attempt (file-pdf.rules)
 * 3:46635 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2018-0592 attack attempt (file-pdf.rules)
 * 3:46661 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2018-0594 attack attempt (policy-other.rules)
 * 3:46738 <-> ENABLED <-> SERVER-WEBAPP Cisco DNA Center API directory traversal attempt (server-webapp.rules)
 * 3:46739 <-> ENABLED <-> SERVER-WEBAPP Cisco DNA Center API default login attempt (server-webapp.rules)
 * 3:46740 <-> ENABLED <-> SERVER-WEBAPP Kubernetes Kubelet arbitrary command execution attempt (server-webapp.rules)
 * 3:46741 <-> ENABLED <-> SERVER-WEBAPP Kubernetes Kubelet arbitrary command execution attempt (server-webapp.rules)
 * 3:46749 <-> ENABLED <-> SERVER-OTHER Cisco Meeting Server configuration download attempt (server-other.rules)
 * 3:46750 <-> ENABLED <-> SERVER-OTHER Cisco Meeting Server user configuration download attempt (server-other.rules)
 * 3:46756 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0596 attack attempt (file-office.rules)
 * 3:46757 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0596 attack attempt (file-office.rules)
 * 3:46761 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0597 attack attempt (file-office.rules)
 * 3:46762 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0597 attack attempt (file-office.rules)
 * 3:46768 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0598 attack attempt  (file-office.rules)
 * 3:46769 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0598 attack attempt  (file-office.rules)
 * 3:46780 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2018-0595 attack attempt (server-other.rules)
 * 3:46843 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0599 attack attempt (file-office.rules)
 * 3:46844 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0599 attack attempt (file-office.rules)
 * 3:46845 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0600 attack attempt (file-office.rules)
 * 3:46846 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0600 attack attempt (file-office.rules)
 * 3:46858 <-> ENABLED <-> OS-OTHER TRUFFLEHUNTER TALOS-2018-0614 attack attempt (os-other.rules)
 * 3:46859 <-> ENABLED <-> OS-OTHER TRUFFLEHUNTER TALOS-2018-0614 attack attempt (os-other.rules)
 * 3:46864 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2018-0606 attack attempt (file-pdf.rules)
 * 3:46865 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2018-0606 attack attempt (file-pdf.rules)
 * 3:46867 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0604 attack attempt (server-webapp.rules)
 * 3:46868 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0604 attack attempt (server-webapp.rules)
 * 3:46869 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0604 attack attempt (server-webapp.rules)
 * 3:46870 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2018-0602 attack attempt (server-other.rules)
 * 3:46877 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0605 attack attempt (server-webapp.rules)
 * 3:46882 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0603 attack attempt (file-office.rules)
 * 3:46883 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0603 attack attempt (file-office.rules)
 * 3:46887 <-> ENABLED <-> SERVER-WEBAPP Cisco Network Services Orchestrator arbitrary command execution attempt (server-webapp.rules)
 * 3:46888 <-> ENABLED <-> SERVER-WEBAPP Cisco Network Services Orchestrator arbitrary command execution attempt (server-webapp.rules)
 * 3:46889 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Collaboration Provisioning SQL injection attempt (server-webapp.rules)
 * 3:46890 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Collaboration Provisioning SQL injection attempt (server-webapp.rules)
 * 3:46891 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Collaboration Provisioning SQL injection attempt (server-webapp.rules)
 * 3:46892 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Collaboration Provisioning SQL injection attempt (server-webapp.rules)
 * 3:46893 <-> ENABLED <-> SERVER-OTHER Cisco Prime Collaboration Provisioning Java remote method invocation attempt (server-other.rules)
 * 3:46897 <-> ENABLED <-> SERVER-WEBAPP Cisco Adaptive Security Appliance directory traversal attempt (server-webapp.rules)
 * 3:46899 <-> ENABLED <-> POLICY-OTHER Cisco Prime Collaboration Provisioning access control group modification request detected (policy-other.rules)
 * 3:46900 <-> ENABLED <-> BROWSER-OTHER invalid final chunk size evasion attempt (browser-other.rules)
 * 3:46901 <-> ENABLED <-> BROWSER-OTHER http chunked transfer encoding flowbit attempt (browser-other.rules)
 * 3:46902 <-> ENABLED <-> BROWSER-OTHER invalid final chunk size evasion attempt (browser-other.rules)
 * 3:46911 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Collaboration Provisioning potentially unauthenticated administrator password change attempt (server-webapp.rules)
 * 3:46914 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Collaboration Provisioning password recovery field reuse attempt (server-webapp.rules)
 * 3:46992 <-> ENABLED <-> SERVER-WEBAPP Cisco NX-OS NX-API privilege escalation attempt (server-webapp.rules)
 * 3:46993 <-> ENABLED <-> SERVER-OTHER Cisco NX-OS Fabric Services Protocol denial of service attempt (server-other.rules)
 * 3:46994 <-> ENABLED <-> SERVER-OTHER Cisco NX-OS Fabric Services Protocol denial of service attempt (server-other.rules)
 * 3:46995 <-> ENABLED <-> SERVER-OTHER Cisco NX-OS Fabric Services Protocol heap buffer overflow attempt (server-other.rules)
 * 3:46996 <-> ENABLED <-> SERVER-OTHER Cisco NX-OS Fabric Services Protocol heap buffer overflow attempt (server-other.rules)
 * 3:47003 <-> ENABLED <-> SERVER-OTHER Cisco NX-OS Fabric Services Protocol stack buffer overflow attempt (server-other.rules)
 * 3:47004 <-> ENABLED <-> SERVER-OTHER Cisco NX-OS Fabric Services Protocol stack buffer overflow attempt (server-other.rules)
 * 3:47008 <-> ENABLED <-> SERVER-WEBAPP Cisco NX-OS NX-API ins_api command injection attempt (server-webapp.rules)
 * 3:47009 <-> ENABLED <-> SERVER-WEBAPP Cisco NX-OS NX-API cli_ascii command injection attempt (server-webapp.rules)
 * 3:47010 <-> ENABLED <-> SERVER-WEBAPP Cisco FX-OS mod_nuova stack buffer overflow attempt (server-webapp.rules)
 * 3:47011 <-> ENABLED <-> SERVER-OTHER Cisco NX-OS Fabric Services Protocol TLV out of bounds read attempt (server-other.rules)
 * 3:47012 <-> ENABLED <-> SERVER-OTHER Cisco NX-OS Fabric Services Protocol TLV out of bounds read attempt (server-other.rules)
 * 3:47013 <-> ENABLED <-> SERVER-OTHER Cisco NX-OS Fabric Services Protocol TLV integer overflow attempt (server-other.rules)
 * 3:47014 <-> ENABLED <-> SERVER-OTHER Cisco NX-OS Fabric Services Protocol TLV integer overflow attempt (server-other.rules)
 * 3:47028 <-> ENABLED <-> BROWSER-OTHER TRUFFLEHUNTER TALOS-2018-0621 attack attempt (browser-other.rules)
 * 3:47029 <-> ENABLED <-> BROWSER-OTHER TRUFFLEHUNTER TALOS-2018-0621 attack attempt (browser-other.rules)
 * 3:47035 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2018-0622 attack attempt (policy-other.rules)
 * 3:47036 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2018-0622 attack attempt (policy-other.rules)
 * 3:47037 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0619 attack attempt (server-webapp.rules)
 * 3:47039 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0618 attack attempt (server-webapp.rules)
 * 3:47040 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0618 attack attempt (server-webapp.rules)
 * 3:47062 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0620 attack attempt (server-webapp.rules)
 * 3:47074 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2018-0623 attack attempt (file-pdf.rules)
 * 3:47075 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2018-0623 attack attempt (file-pdf.rules)
 * 3:47133 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0625 attack attempt (server-webapp.rules)
 * 3:47134 <-> ENABLED <-> SERVER-WEBAPP ZyXEL Armor Series Routers ozkerz command injection attempt (server-webapp.rules)
 * 3:47135 <-> ENABLED <-> SERVER-WEBAPP ZyXEL Armor Series Routers ozkerz command injection attempt (server-webapp.rules)
 * 3:47166 <-> ENABLED <-> SERVER-WEBAPP Cisco UCS Director launcher.jsp cross site scripting attempt (server-webapp.rules)
 * 3:47234 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2018-0627 attack attempt (server-other.rules)
 * 3:47272 <-> ENABLED <-> OS-OTHER DHCPv6 flood denial of service attempt (os-other.rules)
 * 3:47273 <-> ENABLED <-> OS-OTHER DHCPv6 flood denial of service attempt (os-other.rules)
 * 3:47281 <-> ENABLED <-> SERVER-OTHER Cisco SD-WAN Solution default login attempt (server-other.rules)
 * 3:47282 <-> ENABLED <-> SERVER-OTHER Cisco SD-WAN Solution default login attempt (server-other.rules)
 * 3:47285 <-> ENABLED <-> SERVER-OTHER Cisco Policy Suite interface unauthenticated access attempt (server-other.rules)
 * 3:47286 <-> ENABLED <-> SERVER-OTHER Cisco Policy Suite interface unauthenticated access attempt (server-other.rules)
 * 3:47295 <-> ENABLED <-> FILE-EXECUTABLE TRUFFLEHUNTER TALOS-2018-0635 attack attempt (file-executable.rules)
 * 3:47296 <-> ENABLED <-> FILE-EXECUTABLE TRUFFLEHUNTER TALOS-2018-0635 attack attempt (file-executable.rules)
 * 3:47336 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0638 attack attempt (file-image.rules)
 * 3:47337 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0638 attack attempt (file-image.rules)
 * 3:47340 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2018-0639 attack attempt (file-pdf.rules)
 * 3:47341 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2018-0639 attack attempt (file-pdf.rules)
 * 3:47342 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2018-0637 attack attempt (server-other.rules)
 * 3:47363 <-> ENABLED <-> FILE-OTHER Cisco WebEx Network Recording Player out of bounds write attempt (file-other.rules)
 * 3:47364 <-> ENABLED <-> FILE-OTHER Cisco WebEx Network Recording Player out of bounds write attempt (file-other.rules)
 * 3:47394 <-> ENABLED <-> FILE-OTHER Cisco WebEx Network Recording Player out of bounds write attempt (file-other.rules)
 * 3:47395 <-> ENABLED <-> FILE-OTHER Cisco WebEx Network Recording Player out of bounds write attempt (file-other.rules)
 * 3:47403 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0641 attack attempt (file-office.rules)
 * 3:47404 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0641 attack attempt (file-office.rules)
 * 3:47405 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0641 attack attempt (file-office.rules)
 * 3:47406 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0641 attack attempt (file-office.rules)
 * 3:47407 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0641 attack attempt (file-office.rules)
 * 3:47408 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0641 attack attempt (file-office.rules)
 * 3:47409 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0641 attack attempt (file-office.rules)
 * 3:47410 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0641 attack attempt (file-office.rules)
 * 3:47411 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0641 attack attempt (file-office.rules)
 * 3:47412 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0641 attack attempt (file-office.rules)
 * 3:47426 <-> ENABLED <-> PROTOCOL-VOIP Cisco SPA514G SDP field processing denial of service attempt (protocol-voip.rules)
 * 3:47428 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0645 attack attempt (file-image.rules)
 * 3:47429 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0645 attack attempt (file-image.rules)
 * 3:47430 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0644 attack attempt (file-image.rules)
 * 3:47431 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0644 attack attempt (file-image.rules)
 * 3:47432 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0644 attack attempt (file-image.rules)
 * 3:47433 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0644 attack attempt (file-image.rules)
 * 3:47442 <-> ENABLED <-> BROWSER-OTHER TRUFFLEHUNTER TALOS-2018-0647 attack attempt (browser-other.rules)
 * 3:47443 <-> ENABLED <-> BROWSER-OTHER TRUFFLEHUNTER TALOS-2018-0647 attack attempt (browser-other.rules)
 * 3:47456 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0646 attack attempt (file-office.rules)
 * 3:47457 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0646 attack attempt (file-office.rules)
 * 3:47521 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0652 attack attempt (file-office.rules)
 * 3:47522 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0652 attack attempt (file-office.rules)
 * 3:47523 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0651 attack attempt (file-office.rules)
 * 3:47524 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0651 attack attempt (file-office.rules)
 * 3:47527 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0650 attack attempt (file-office.rules)
 * 3:47528 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0650 attack attempt (file-office.rules)
 * 3:47571 <-> ENABLED <-> SERVER-WEBAPP Cisco Web Security Appliance proxy denial of service attempt (server-webapp.rules)
 * 3:47572 <-> ENABLED <-> SERVER-WEBAPP Cisco Web Security Appliance proxy denial of service attempt (server-webapp.rules)
 * 3:47573 <-> ENABLED <-> SERVER-WEBAPP Cisco Web Security Appliance proxy denial of service attempt (server-webapp.rules)
 * 3:47595 <-> ENABLED <-> OS-OTHER Intel x86 L1 data cache side-channel analysis information leak attempt (os-other.rules)
 * 3:47596 <-> ENABLED <-> OS-OTHER Intel x86 L1 data cache side-channel analysis information leak attempt (os-other.rules)
 * 3:47597 <-> ENABLED <-> OS-OTHER Intel x86 L1 data cache side-channel analysis information leak attempt (os-other.rules)
 * 3:47598 <-> ENABLED <-> OS-OTHER Intel x86 L1 data cache side-channel analysis information leak attempt (os-other.rules)
 * 3:47632 <-> ENABLED <-> SERVER-WEBAPP Cogent DataHub arbitrary command execution attempt (server-webapp.rules)
 * 3:47633 <-> ENABLED <-> POLICY-OTHER Accelerite Endpoint Management default credentials login attempt (policy-other.rules)
 * 3:47663 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2018-0653 attack attempt (server-other.rules)
 * 3:47665 <-> ENABLED <-> SERVER-WEBAPP ASUS RP-AC52 SetAVTransportURI SOAP action command injection attempt (server-webapp.rules)
 * 3:47677 <-> ENABLED <-> SERVER-WEBAPP Dell SonicWall Scrutinizer hidden webmin credentials login attempt (server-webapp.rules)
 * 3:47679 <-> ENABLED <-> SERVER-WEBAPP Cisco TelePresence command injection attempt (server-webapp.rules)
 * 3:47680 <-> ENABLED <-> SERVER-WEBAPP Cisco TelePresence command injection attempt (server-webapp.rules)
 * 3:47681 <-> ENABLED <-> SERVER-WEBAPP Cisco TelePresence command injection attempt (server-webapp.rules)
 * 3:47684 <-> ENABLED <-> SERVER-OTHER Mikrotik RouterOS directory traversal attempt (server-other.rules)
 * 3:47698 <-> ENABLED <-> SERVER-WEBAPP Cisco Integrated Management Controller command injection attempt (server-webapp.rules)
 * 3:47704 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers command injection attempt (server-webapp.rules)
 * 3:47705 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers command injection attempt (server-webapp.rules)
 * 3:47706 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers command injection attempt (server-webapp.rules)
 * 3:47707 <-> ENABLED <-> SERVER-OTHER Cisco RV Series Router information disclosure attempt (server-other.rules)
 * 3:47709 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers arbitrary file read attempt (server-webapp.rules)
 * 3:47710 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Router buffer overflow attempt (server-webapp.rules)
 * 3:47711 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Router buffer overflow attempt (server-webapp.rules)
 * 3:47713 <-> ENABLED <-> SERVER-WEBAPP Cisco Data Center Network Manager command injection attempt (server-webapp.rules)
 * 3:47714 <-> ENABLED <-> SERVER-WEBAPP Cisco Data Center Network Manager command injection attempt (server-webapp.rules)
 * 3:47715 <-> ENABLED <-> SERVER-WEBAPP Cisco Data Center Network Manager command injection attempt (server-webapp.rules)
 * 3:47716 <-> ENABLED <-> SERVER-WEBAPP HP Client Automation Server directory traversal attempt (server-webapp.rules)
 * 3:47721 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0670 attack attempt (file-other.rules)
 * 3:47722 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0670 attack attempt (file-other.rules)
 * 3:47727 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2018-0662 attack attempt (file-pdf.rules)
 * 3:47728 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2018-0662 attack attempt (file-pdf.rules)
 * 3:47729 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2018-0659 attack attempt (server-other.rules)
 * 3:47750 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0657 attack attempt (file-other.rules)
 * 3:47751 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0657 attack attempt (file-other.rules)
 * 3:47753 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0669 attack attempt (file-office.rules)
 * 3:47754 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0669 attack attempt (file-office.rules)
 * 3:47755 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0667 attack attempt (file-office.rules)
 * 3:47756 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0667 attack attempt (file-office.rules)
 * 3:47757 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0666 attack attempt (file-office.rules)
 * 3:47758 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0666 attack attempt (file-office.rules)
 * 3:47759 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0666 attack attempt (file-office.rules)
 * 3:47760 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0666 attack attempt (file-office.rules)
 * 3:47762 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0668 attack attempt (file-office.rules)
 * 3:47763 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0668 attack attempt (file-office.rules)
 * 3:47801 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0673 attack attempt (file-other.rules)
 * 3:47802 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0673 attack attempt (file-other.rules)
 * 3:47803 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0675 attack attempt (file-other.rules)
 * 3:47804 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0675 attack attempt (file-other.rules)
 * 3:47809 <-> ENABLED <-> PROTOCOL-DNS TRUFFLEHUNTER TALOS-2018-0672 attack attempt (protocol-dns.rules)
 * 3:47811 <-> ENABLED <-> PROTOCOL-DNS TRUFFLEHUNTER TALOS-2018-0671 attack attempt (protocol-dns.rules)
 * 3:47840 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0680 attack attempt (file-other.rules)
 * 3:47841 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0680 attack attempt (file-other.rules)
 * 3:47842 <-> ENABLED <-> PROTOCOL-DNS TRUFFLEHUNTER TALOS-2018-0681 attack attempt (protocol-dns.rules)
 * 3:47878 <-> ENABLED <-> FILE-OTHER Cisco WebEx Network Recording Player stack buffer overflow attempt (file-other.rules)
 * 3:47879 <-> ENABLED <-> FILE-OTHER Cisco WebEx Network Recording Player stack buffer overflow attempt (file-other.rules)
 * 3:47880 <-> ENABLED <-> POLICY-OTHER Cisco Video Surveillance Operations Manager default password use attempt (policy-other.rules)
 * 3:47893 <-> ENABLED <-> SERVER-WEBAPP Cisco IOS XE Web UI denial of service attempt (server-webapp.rules)
 * 3:47894 <-> ENABLED <-> SERVER-WEBAPP Cisco IOS XE Web UI denial of service attempt (server-webapp.rules)
 * 3:47916 <-> ENABLED <-> SERVER-WEBAPP Cisco IOS XE denial of service attempt (server-webapp.rules)
 * 3:47917 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0682 attack attempt (file-other.rules)
 * 3:47918 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0682 attack attempt (file-other.rules)
 * 3:47919 <-> ENABLED <-> PROTOCOL-VOIP Cisco IOS XE NAT SIP application layer gateway denial of service attempt (protocol-voip.rules)
 * 3:48015 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Infrastructure arbitrary JSP file upload attempt (server-webapp.rules)
 * 3:48023 <-> ENABLED <-> SERVER-WEBAPP Cisco DNA Center unauthenticated user creation attempt (server-webapp.rules)
 * 3:48037 <-> ENABLED <-> SERVER-OTHER Cisco Prime Collaboration Provisioning hardcoded LDAP password authentication attempt (server-other.rules)
 * 3:48066 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0685 attack attempt (server-webapp.rules)
 * 3:48067 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0684 attack attempt (server-webapp.rules)
 * 3:48068 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0684 attack attempt (server-webapp.rules)
 * 3:48069 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0689 attack attempt (server-webapp.rules)
 * 3:48178 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0690 attack attempt (server-webapp.rules)
 * 3:48201 <-> ENABLED <-> SERVER-OTHER Cisco Wireless LAN Controller CAPWAP denial of service attempt (server-other.rules)
 * 3:48204 <-> ENABLED <-> SERVER-OTHER Cisco Wireless LAN Controller CAPWAP information disclosure attempt (server-other.rules)
 * 3:48209 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0693 attack attempt (file-other.rules)
 * 3:48210 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0693 attack attempt (file-other.rules)
 * 3:48213 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2018-0694 attack attempt (file-multimedia.rules)
 * 3:48214 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2018-0694 attack attempt (file-multimedia.rules)
 * 3:48239 <-> ENABLED <-> SERVER-OTHER Cisco NX-OS precision time protocol denial of service attempt (server-other.rules)
 * 3:48240 <-> ENABLED <-> SERVER-OTHER Cisco NX-OS precision time protocol denial of service attempt (server-other.rules)
 * 3:48250 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0697 attack attempt (server-webapp.rules)
 * 3:48251 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0699 attack attempt (server-webapp.rules)
 * 3:48253 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0698 attack attempt (server-webapp.rules)
 * 3:48254 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0696 attack attempt (server-webapp.rules)
 * 3:48255 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0695 attack attempt (server-webapp.rules)
 * 3:48261 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0703 attack attempt (server-webapp.rules)
 * 3:48262 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0703 attack attempt (server-webapp.rules)
 * 3:48297 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0705 attack attempt (file-other.rules)
 * 3:48298 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0705 attack attempt (file-other.rules)
 * 3:48357 <-> ENABLED <-> SERVER-WEBAPP Cisco Energy Management Suite external executeScript attempt (server-webapp.rules)
 * 3:48358 <-> ENABLED <-> SERVER-WEBAPP Cisco Stealthwatch Management Console authentication bypass attempt (server-webapp.rules)
 * 3:48385 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0713 attack attempt (file-office.rules)
 * 3:48386 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0713 attack attempt (file-office.rules)
 * 3:48389 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0711 attack attempt (file-office.rules)
 * 3:48390 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0711 attack attempt (file-office.rules)
 * 3:48391 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0712 attack attempt (file-office.rules)
 * 3:48392 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0712 attack attempt (file-office.rules)
 * 3:48418 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2018-0714 attack attempt (file-pdf.rules)
 * 3:48419 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2018-0714 attack attempt (file-pdf.rules)
 * 3:48433 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0724 attack attempt (file-other.rules)
 * 3:48434 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2018-0724 attack attempt (file-other.rules)
 * 3:48450 <-> ENABLED <-> FILE-EXECUTABLE TRUFFLEHUNTER TALOS-2018-0729 attack attempt (file-executable.rules)
 * 3:48451 <-> ENABLED <-> FILE-EXECUTABLE TRUFFLEHUNTER TALOS-2018-0729 attack attempt (file-executable.rules)
 * 3:48452 <-> ENABLED <-> FILE-EXECUTABLE TRUFFLEHUNTER TALOS-2018-0728 attack attempt (file-executable.rules)
 * 3:48453 <-> ENABLED <-> FILE-EXECUTABLE TRUFFLEHUNTER TALOS-2018-0728 attack attempt (file-executable.rules)
 * 3:48454 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime License Manager SQL injection attempt (server-webapp.rules)
 * 3:48455 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime License Manager SQL injection attempt (server-webapp.rules)
 * 3:48456 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0730 attack attempt (server-webapp.rules)
 * 3:48457 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0730 attack attempt (server-webapp.rules)
 * 3:48458 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2018-0733 attack attempt (server-other.rules)
 * 3:48459 <-> ENABLED <-> BROWSER-IE TRUFFLEHUNTER TALOS-2018-0734 attack attempt (browser-ie.rules)
 * 3:48460 <-> ENABLED <-> BROWSER-IE TRUFFLEHUNTER TALOS-2018-0734 attack attempt (browser-ie.rules)
 * 3:48521 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2018-0739 attack attempt (protocol-scada.rules)
 * 3:48522 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2018-0738 attack attempt (protocol-scada.rules)
 * 3:48523 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2018-0738 attack attempt (protocol-scada.rules)
 * 3:48524 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2018-0735 attack attempt (protocol-scada.rules)
 * 3:48525 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2018-0741 attack attempt (protocol-scada.rules)
 * 3:48526 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2018-0740 attack attempt (protocol-scada.rules)
 * 3:48527 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2018-0737 attack attempt (protocol-scada.rules)
 * 3:48528 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2018-0736 attack attempt (protocol-scada.rules)
 * 3:48529 <-> ENABLED <-> BROWSER-OTHER TRUFFLEHUNTER TALOS-2018-0744 attack attempt (browser-other.rules)
 * 3:48530 <-> ENABLED <-> BROWSER-OTHER TRUFFLEHUNTER TALOS-2018-0744 attack attempt (browser-other.rules)
 * 3:48600 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0755 attack attempt (server-webapp.rules)
 * 3:48603 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0756 attack attempt (server-webapp.rules)
 * 3:48614 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0752 attack attempt (server-webapp.rules)
 * 3:48615 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0748 attack attempt (server-webapp.rules)
 * 3:48616 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0748 attack attempt (server-webapp.rules)
 * 3:48617 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0746 attack attempt (server-webapp.rules)
 * 3:48618 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2018-0747 attack attempt (policy-other.rules)
 * 3:48619 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0750 attack attempt (server-webapp.rules)
 * 3:48620 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2018-0754 attack attempt (policy-other.rules)
 * 3:48621 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0749 attack attempt (server-webapp.rules)
 * 3:48635 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0753 attack attempt (server-webapp.rules)
 * 3:48638 <-> ENABLED <-> SERVER-WEBAPP ZyXEL Armor Series Routers photobak command injection attempt (server-webapp.rules)
 * 3:48639 <-> ENABLED <-> SERVER-WEBAPP ZyXEL Armor Series Routers photobak command injection attempt (server-webapp.rules)
 * 3:48644 <-> ENABLED <-> POLICY-OTHER Cisco Adaptive Security Appliance admin REST API access attempt (policy-other.rules)
 * 3:48747 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0751 attack attempt (server-webapp.rules)
 * 3:48850 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0760 attack attempt (file-other.rules)
 * 3:48851 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0760 attack attempt (file-other.rules)
 * 3:48852 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0757 attack attempt (file-other.rules)
 * 3:48853 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0757 attack attempt (file-other.rules)
 * 3:48854 <-> ENABLED <-> PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0758 attack attempt (protocol-other.rules)
 * 3:48855 <-> ENABLED <-> PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0758 attack attempt (protocol-other.rules)
 * 3:48946 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers command injection attempt (server-webapp.rules)
 * 3:48947 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers command injection attempt (server-webapp.rules)
 * 3:48948 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers command injection attempt (server-webapp.rules)
 * 3:48949 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers information disclosure attempt (server-webapp.rules)
 * 3:48950 <-> ENABLED <-> FILE-OTHER Cisco WebEx Network Recording Player memory corruption attempt (file-other.rules)
 * 3:48951 <-> ENABLED <-> FILE-OTHER Cisco WebEx Network Recording Player memory corruption attempt (file-other.rules)
 * 3:48952 <-> ENABLED <-> FILE-OTHER Cisco WebEx Network Recording Player memory corruption attempt (file-other.rules)
 * 3:48953 <-> ENABLED <-> FILE-OTHER Cisco WebEx Network Recording Player memory corruption attempt (file-other.rules)
 * 3:48954 <-> ENABLED <-> FILE-OTHER Cisco WebEx Network Recording Player memory corruption attempt (file-other.rules)
 * 3:48955 <-> ENABLED <-> FILE-OTHER Cisco WebEx Network Recording Player memory corruption attempt (file-other.rules)
 * 3:48956 <-> ENABLED <-> FILE-OTHER Cisco WebEx Network Recording Player memory corruption attempt (file-other.rules)
 * 3:48957 <-> ENABLED <-> FILE-OTHER Cisco WebEx Network Recording Player memory corruption attempt (file-other.rules)
 * 3:48958 <-> ENABLED <-> FILE-OTHER Cisco WebEx Network Recording Player memory corruption attempt (file-other.rules)
 * 3:48959 <-> ENABLED <-> FILE-OTHER Cisco WebEx Network Recording Player memory corruption attempt (file-other.rules)
 * 3:48960 <-> ENABLED <-> BROWSER-OTHER Cisco Webex Teams command line injection attempt (browser-other.rules)
 * 3:48961 <-> ENABLED <-> BROWSER-OTHER Cisco Webex Teams command line injection attempt (browser-other.rules)
 * 3:48962 <-> ENABLED <-> SERVER-OTHER Cisco IoT Field Network Director UDP flood attempt (server-other.rules)
 * 3:48975 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2019-0767 attack attempt (protocol-scada.rules)
 * 3:48976 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2019-0769 attack attempt (protocol-scada.rules)
 * 3:48977 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2019-0770 attack attempt (protocol-scada.rules)
 * 3:48978 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2019-0768 attack attempt (protocol-scada.rules)
 * 3:48979 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2019-0764 attack attempt (protocol-scada.rules)
 * 3:48980 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2019-0766 attack attempt (protocol-scada.rules)
 * 3:48981 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2019-0765 attack attempt (protocol-scada.rules)
 * 3:49045 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0762 attack attempt (file-other.rules)
 * 3:49046 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0762 attack attempt (file-other.rules)
 * 3:49047 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2019-0763 attack attempt (protocol-scada.rules)
 * 3:49087 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2019-0775 attack attempt (policy-other.rules)
 * 3:49088 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0773 attack attempt (file-other.rules)
 * 3:49089 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0773 attack attempt (file-other.rules)
 * 3:49189 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0778 attack attempt (file-pdf.rules)
 * 3:49190 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0778 attack attempt (file-pdf.rules)
 * 3:49198 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0783 attack attempt (server-webapp.rules)
 * 3:49205 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0779 attack attempt (file-other.rules)
 * 3:49206 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0779 attack attempt (file-other.rules)
 * 3:49209 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2019-0780 attack attempt (file-office.rules)
 * 3:49210 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2019-0780 attack attempt (file-office.rules)
 * 3:49237 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0781 attack attempt (file-other.rules)
 * 3:49238 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0781 attack attempt (file-other.rules)
 * 3:49239 <-> ENABLED <-> SERVER-WEBAPP Exhibitor for ZooKeeper javaEnvironment command injection attempt (server-webapp.rules)
 * 3:49240 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Collaboration Assurance unauthorized access attempt (server-webapp.rules)
 * 3:49241 <-> ENABLED <-> PROTOCOL-TFTP Read Request directory traversal attempt (protocol-tftp.rules)
 * 3:49293 <-> ENABLED <-> NETBIOS Cisco WebEx WebExService.exe remote code execution attempt (netbios.rules)
 * 3:49296 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (server-webapp.rules)
 * 3:49334 <-> ENABLED <-> SERVER-OTHER Cisco NX-OS Fabric Services Protocol stack buffer overflow attempt (server-other.rules)
 * 3:49335 <-> ENABLED <-> SERVER-OTHER Cisco NX-OS Fabric Services Protocol stack buffer overflow attempt (server-other.rules)
 * 3:49336 <-> ENABLED <-> SERVER-OTHER Cisco FXOS and NX-OS LDAP denial of service attempt (server-other.rules)
 * 3:49339 <-> ENABLED <-> SERVER-WEBAPP Cisco Identity Services Engine cross site scripting attempt (server-webapp.rules)
 * 3:49340 <-> ENABLED <-> SERVER-WEBAPP Cisco Identity Services Engine cross site scripting attempt (server-webapp.rules)
 * 3:49341 <-> ENABLED <-> SERVER-WEBAPP Cisco Identity Services Engine cross site scripting attempt (server-webapp.rules)
 * 3:49342 <-> ENABLED <-> SERVER-WEBAPP Cisco Identity Services Engine cross site scripting attempt (server-webapp.rules)
 * 3:49343 <-> ENABLED <-> SERVER-WEBAPP Cisco Identity Services Engine cross site scripting attempt (server-webapp.rules)
 * 3:49344 <-> ENABLED <-> SERVER-WEBAPP Cisco Identity Services Engine cross site scripting attempt (server-webapp.rules)
 * 3:49345 <-> ENABLED <-> SERVER-WEBAPP Cisco Identity Services Engine cross site scripting attempt (server-webapp.rules)
 * 3:49346 <-> ENABLED <-> SERVER-WEBAPP Cisco Identity Services Engine cross site scripting attempt (server-webapp.rules)
 * 3:49347 <-> ENABLED <-> SERVER-WEBAPP Cisco Identity Services Engine cross site scripting attempt (server-webapp.rules)
 * 3:49348 <-> ENABLED <-> SERVER-WEBAPP Cisco Identity Services Engine cross site scripting attempt (server-webapp.rules)
 * 3:49349 <-> ENABLED <-> SERVER-WEBAPP Cisco WebEx Meeting Server cross site scripting attempt (server-webapp.rules)
 * 3:49350 <-> ENABLED <-> SERVER-WEBAPP Cisco NX-OS System Software NX-API command injection attempt (server-webapp.rules)
 * 3:49362 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0787 attack attempt (server-webapp.rules)
 * 3:49363 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0786 attack attempt (server-webapp.rules)
 * 3:49370 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2019-0788 attack attempt (policy-other.rules)
 * 3:49373 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2019-0789 attack attempt (policy-other.rules)
 * 3:49442 <-> ENABLED <-> BROWSER-CHROME TRUFFLEHUNTER TALOS-2019-0791 attack attempt (browser-chrome.rules)
 * 3:49443 <-> ENABLED <-> BROWSER-CHROME TRUFFLEHUNTER TALOS-2019-0791 attack attempt (browser-chrome.rules)
 * 3:49509 <-> ENABLED <-> SERVER-WEBAPP Cisco IP Phone web interface authorization bypass attempt (server-webapp.rules)
 * 3:49510 <-> ENABLED <-> SERVER-WEBAPP Cisco IP Phone web interface directory traversal attempt (server-webapp.rules)
 * 3:49511 <-> ENABLED <-> SERVER-WEBAPP Cisco IP Phone web interface stack buffer overflow attempt (server-webapp.rules)
 * 3:49588 <-> ENABLED <-> SERVER-WEBAPP Cisco IOS XE webui debugBundle command injection attempt (server-webapp.rules)
 * 3:49589 <-> ENABLED <-> SERVER-WEBAPP Cisco IOS XE webui debugBundle command injection attempt (server-webapp.rules)
 * 3:49590 <-> ENABLED <-> SERVER-WEBAPP Cisco IOS XE webui debugBundle command injection attempt (server-webapp.rules)
 * 3:49591 <-> ENABLED <-> SERVER-WEBAPP Cisco IOS XE webui directory traversal attempt (server-webapp.rules)
 * 3:49606 <-> ENABLED <-> PROTOCOL-VOIP Cisco IOS SIP calling display name denial of service attempt (protocol-voip.rules)
 * 3:49607 <-> ENABLED <-> PROTOCOL-VOIP Cisco IOS SIP calling display name denial of service attempt (protocol-voip.rules)
 * 3:49608 <-> ENABLED <-> SERVER-WEBAPP Cisco IOS XE webui execPython access attempt (server-webapp.rules)
 * 3:49609 <-> ENABLED <-> SERVER-WEBAPP Cisco IOS XE webui cdp resource command injection attempt (server-webapp.rules)
 * 3:49610 <-> ENABLED <-> SERVER-WEBAPP Cisco IOS XE webui dhcp resource command injection attempt (server-webapp.rules)
 * 3:49611 <-> ENABLED <-> SERVER-WEBAPP Cisco IOS XE webui information disclosure attempt (server-webapp.rules)
 * 3:49612 <-> ENABLED <-> POLICY-OTHER Cisco Virtual Switching System standby interested message detected (policy-other.rules)
 * 3:49613 <-> ENABLED <-> POLICY-OTHER Cisco Virtual Switching System master request message detected (policy-other.rules)
 * 3:49614 <-> ENABLED <-> SERVER-WEBAPP Cisco IOS XE webui rathrottler command injection attempt (server-webapp.rules)
 * 3:49615 <-> ENABLED <-> SERVER-WEBAPP Cisco IOS XE webui rathrottler command injection attempt (server-webapp.rules)
 * 3:49616 <-> ENABLED <-> SERVER-WEBAPP Cisco IOS XE webui rathrottler command injection attempt (server-webapp.rules)
 * 3:49619 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers information disclosure attempt (server-webapp.rules)
 * 3:49648 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0793 attack attempt (file-pdf.rules)
 * 3:49649 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0793 attack attempt (file-pdf.rules)
 * 3:49684 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0796 attack attempt (file-pdf.rules)
 * 3:49685 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0796 attack attempt (file-pdf.rules)
 * 3:49756 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2019-0794 attack attempt (file-office.rules)
 * 3:49757 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2019-0794 attack attempt (file-office.rules)
 * 3:49760 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2019-0795 attack attempt (file-office.rules)
 * 3:49761 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2019-0795 attack attempt (file-office.rules)
 * 3:49780 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2019-0806 attack attempt (protocol-scada.rules)
 * 3:49787 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2019-0807 attack attempt (protocol-scada.rules)
 * 3:49797 <-> ENABLED <-> PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0798 attack attempt (protocol-other.rules)
 * 3:49798 <-> ENABLED <-> PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0798 attack attempt (protocol-other.rules)
 * 3:49801 <-> ENABLED <-> PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0800 attack attempt (protocol-other.rules)
 * 3:49802 <-> ENABLED <-> PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0800 attack attempt (protocol-other.rules)
 * 3:49803 <-> ENABLED <-> PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0799 attack attempt (protocol-other.rules)
 * 3:49804 <-> ENABLED <-> PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0799 attack attempt (protocol-other.rules)
 * 3:49813 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0802 attack attempt (file-other.rules)
 * 3:49814 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0802 attack attempt (file-other.rules)
 * 3:49815 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0802 attack attempt (file-other.rules)
 * 3:49816 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0802 attack attempt (file-other.rules)
 * 3:49843 <-> ENABLED <-> PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0797 attack attempt (protocol-other.rules)
 * 3:49844 <-> ENABLED <-> PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0797 attack attempt (protocol-other.rules)
 * 3:49850 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0804 attack attempt (file-other.rules)
 * 3:49851 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0804 attack attempt (file-other.rules)
 * 3:49852 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2019-0805 attack attempt (file-office.rules)
 * 3:49853 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2019-0805 attack attempt (file-office.rules)
 * 3:49854 <-> ENABLED <-> PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0803 attack attempt (protocol-other.rules)
 * 3:49855 <-> ENABLED <-> PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0803 attack attempt (protocol-other.rules)
 * 3:49856 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0801 attack attempt (file-other.rules)
 * 3:49857 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0801 attack attempt (file-other.rules)
 * 3:49858 <-> ENABLED <-> PROTOCOL-VOIP Cisco VCS exponential XML entity expansion attack attempt (protocol-voip.rules)
 * 3:49859 <-> ENABLED <-> SERVER-WEBAPP Cisco Wireless LAN Controller cross site request forgery attempt (server-webapp.rules)
 * 3:49866 <-> ENABLED <-> SERVER-WEBAPP Cisco Wireless LAN Controller denial of service attempt (server-webapp.rules)
 * 3:49867 <-> ENABLED <-> SERVER-WEBAPP Cisco Wireless LAN Controller denial of service attempt (server-webapp.rules)
 * 3:49879 <-> ENABLED <-> SERVER-OTHER Cisco Wireless LAN Controller IAPP message denial of service attempt (server-other.rules)
 * 3:49894 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0812 attack attempt (file-other.rules)
 * 3:49895 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0812 attack attempt (file-other.rules)
 * 3:49896 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0813 attack attempt (file-other.rules)
 * 3:49897 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0813 attack attempt (file-other.rules)
 * 3:49906 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0814 attack attempt (file-pdf.rules)
 * 3:49907 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0814 attack attempt (file-pdf.rules)
 * 3:49908 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0815 attack attempt (file-pdf.rules)
 * 3:49909 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0815 attack attempt (file-pdf.rules)
 * 3:49910 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0816 attack attempt (file-pdf.rules)
 * 3:49911 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0816 attack attempt (file-pdf.rules)
 * 3:49912 <-> ENABLED <-> PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0811 attack attempt (protocol-other.rules)
 * 3:49939 <-> ENABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed RecolorInfoAtom out of bounds read attempt (file-office.rules)
 * 3:49948 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0817 attack attempt (file-pdf.rules)
 * 3:49949 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0817 attack attempt (file-pdf.rules)
 * 3:49978 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0818 attack attempt (file-other.rules)
 * 3:49979 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0818 attack attempt (file-other.rules)
 * 3:49982 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2019-0822 attack attempt (policy-other.rules)
 * 3:49983 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2019-0827 attack attempt (policy-other.rules)
 * 3:49984 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Infrastructure SQL injection attempt (server-webapp.rules)
 * 3:49985 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Infrastructure SQL injection attempt (server-webapp.rules)
 * 3:49986 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Infrastructure arbitrary JSP file upload attempt (server-webapp.rules)
 * 3:49987 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Infrastructure arbitrary file upload to tftpRoot attempt (server-webapp.rules)
 * 3:49990 <-> ENABLED <-> PROTOCOL-VOIP Cisco IP Phone malformed SIP presence information data denial of service attempt (protocol-voip.rules)
 * 3:49992 <-> ENABLED <-> SERVER-WEBAPP Cisco Web Security Appliance command injection attempt (server-webapp.rules)
 * 3:49993 <-> ENABLED <-> SERVER-WEBAPP Cisco Web Security Appliance command injection attempt (server-webapp.rules)
 * 3:49994 <-> ENABLED <-> SERVER-WEBAPP Cisco Web Security Appliance command injection attempt (server-webapp.rules)
 * 3:49995 <-> ENABLED <-> SERVER-WEBAPP Cisco Web Security Appliance command injection attempt (server-webapp.rules)
 * 3:49996 <-> ENABLED <-> SERVER-WEBAPP Cisco ASA secure desktop login denial of service attempt (server-webapp.rules)
 * 3:49997 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers session hijack attempt (server-webapp.rules)
 * 3:49998 <-> ENABLED <-> SERVER-WEBAPP Cisco Adaptive Security Appliance admin command interface access attempt (server-webapp.rules)
 * 3:49999 <-> ENABLED <-> SERVER-WEBAPP Cisco Adaptive Security Appliance admin command interface access attempt (server-webapp.rules)
 * 3:50006 <-> ENABLED <-> SERVER-WEBAPP Cisco Web Security Appliance proxy service buffer overflow attempt (server-webapp.rules)
 * 3:50007 <-> ENABLED <-> SERVER-WEBAPP Cisco ASA WebVPN expired session page direct access denial of service attempt (server-webapp.rules)
 * 3:50035 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0821 attack attempt (file-image.rules)
 * 3:50036 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0821 attack attempt (file-image.rules)
 * 3:52097 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0947 attack attempt (file-pdf.rules)
 * 3:52098 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0947 attack attempt (file-pdf.rules)
 * 3:52102 <-> ENABLED <-> FILE-OTHER Cisco Webex Network Recording Player memory corruption attempt (file-other.rules)
 * 3:52103 <-> ENABLED <-> FILE-OTHER Cisco Webex Network Recording Player memory corruption attempt (file-other.rules)
 * 3:52104 <-> ENABLED <-> FILE-OTHER Cisco Webex Network Recording Player memory corruption attempt (file-other.rules)
 * 3:52105 <-> ENABLED <-> FILE-OTHER Cisco Webex Network Recording Player memory corruption attempt (file-other.rules)
 * 3:52106 <-> ENABLED <-> FILE-OTHER Cisco Webex Network Recording Player memory corruption attempt (file-other.rules)
 * 3:52107 <-> ENABLED <-> FILE-OTHER Cisco Webex Network Recording Player memory corruption attempt (file-other.rules)
 * 3:52108 <-> ENABLED <-> FILE-OTHER Cisco Webex Network Recording Player memory corruption attempt (file-other.rules)
 * 3:52109 <-> ENABLED <-> FILE-OTHER Cisco Webex Network Recording Player memory corruption attempt (file-other.rules)
 * 3:52110 <-> ENABLED <-> FILE-OTHER Cisco Webex Network Recording Player memory corruption attempt (file-other.rules)
 * 3:52111 <-> ENABLED <-> FILE-OTHER Cisco Webex Network Recording Player memory corruption attempt (file-other.rules)
 * 3:52119 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers command injection attempt (server-webapp.rules)
 * 3:52120 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers command injection attempt (server-webapp.rules)
 * 3:52121 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers command injection attempt (server-webapp.rules)
 * 3:52122 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers command injection attempt (server-webapp.rules)
 * 3:52126 <-> ENABLED <-> SERVER-WEBAPP Cisco Wireless LAN Controller denial of service attempt (server-webapp.rules)
 * 3:52127 <-> ENABLED <-> POLICY-OTHER Cisco Web Security Appliance system setup wizard access detected (policy-other.rules)
 * 3:52128 <-> ENABLED <-> POLICY-OTHER Cisco Web Security Appliance system setup wizard access detected (policy-other.rules)
 * 3:52129 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Infrastructure directory traversal attempt (server-webapp.rules)
 * 3:52131 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2019-0948 attack attempt (server-other.rules)
 * 3:52237 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0953 attack attempt (server-webapp.rules)
 * 3:52238 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2019-0954 attack attempt (policy-other.rules)
 * 3:52241 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0955 attack attempt (server-webapp.rules)
 * 3:52247 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2017-0510 attack attempt (server-other.rules)
 * 3:52269 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0957 attack attempt (file-other.rules)
 * 3:52270 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0957 attack attempt (file-other.rules)
 * 3:52274 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2019-0951 attack attempt (policy-other.rules)
 * 3:52275 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2019-0951 attack attempt (policy-other.rules)
 * 3:52331 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0959 attack attempt (file-pdf.rules)
 * 3:52332 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0959 attack attempt (file-pdf.rules)
 * 3:52345 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0960 attack attempt (server-webapp.rules)
 * 3:52346 <-> ENABLED <-> PROTOCOL-SNMP TRUFFLEHUNTER TALOS-2019-0960 attack attempt (protocol-snmp.rules)
 * 3:52367 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0964 attack attempt (file-other.rules)
 * 3:52368 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0964 attack attempt (file-other.rules)
 * 3:52407 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2019-0961 attack attempt (policy-other.rules)
 * 3:52408 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0962 attack attempt (file-other.rules)
 * 3:52409 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0962 attack attempt (file-other.rules)
 * 3:52412 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0963 attack attempt (file-other.rules)
 * 3:52413 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0966 attack attempt (file-other.rules)
 * 3:52414 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0965 attack attempt (file-other.rules)
 * 3:52415 <-> ENABLED <-> BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2019-0967 attack attempt (browser-webkit.rules)
 * 3:52416 <-> ENABLED <-> BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2019-0967 attack attempt (browser-webkit.rules)
 * 3:52417 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2019-0968 attack attempt (file-office.rules)
 * 3:52418 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2019-0968 attack attempt (file-office.rules)
 * 3:52432 <-> ENABLED <-> OS-WINDOWS TRUFFLEHUNTER TALOS-2019-0970 attack attempt (os-windows.rules)
 * 3:52433 <-> ENABLED <-> OS-WINDOWS TRUFFLEHUNTER TALOS-2019-0970 attack attempt (os-windows.rules)
 * 3:52444 <-> ENABLED <-> FILE-OTHER Winamp MAKI parsing integer overflow attempt (file-other.rules)
 * 3:52490 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0972 attack attempt (file-image.rules)
 * 3:52491 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0972 attack attempt (file-image.rules)
 * 3:52492 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0972 attack attempt (file-image.rules)
 * 3:52493 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0972 attack attempt (file-image.rules)
 * 3:52495 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0971 attack attempt (file-other.rules)
 * 3:52496 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0971 attack attempt (file-other.rules)
 * 3:52525 <-> ENABLED <-> SERVER-WEBAPP Cisco Data Center Network Manager XML external entity injection attempt (server-webapp.rules)
 * 3:52526 <-> ENABLED <-> SERVER-WEBAPP Cisco Data Center Network Manager XML external entity injection attempt (server-webapp.rules)
 * 3:52527 <-> ENABLED <-> SERVER-WEBAPP Cisco Data Center Network Manager XML external entity injection attempt (server-webapp.rules)
 * 3:52528 <-> ENABLED <-> SERVER-WEBAPP Cisco Data Center Network Manager directory traversal attempt (server-webapp.rules)
 * 3:52529 <-> ENABLED <-> SERVER-WEBAPP Cisco Data Center Network Manager directory traversal attempt (server-webapp.rules)
 * 3:52530 <-> ENABLED <-> SERVER-WEBAPP Cisco Data Center Network Manager directory traversal attempt (server-webapp.rules)
 * 3:52531 <-> ENABLED <-> SERVER-WEBAPP Cisco Data Center Network Manager directory traversal attempt (server-webapp.rules)
 * 3:52532 <-> ENABLED <-> SERVER-WEBAPP Cisco Data Center Network Manager directory traversal attempt (server-webapp.rules)
 * 3:52533 <-> ENABLED <-> SERVER-WEBAPP Cisco Data Center Network Manager directory traversal attempt (server-webapp.rules)
 * 3:52534 <-> ENABLED <-> SERVER-WEBAPP Cisco Data Center Network Manager directory traversal attempt (server-webapp.rules)
 * 3:52535 <-> ENABLED <-> SERVER-WEBAPP Cisco Data Center Network Manager directory traversal attempt (server-webapp.rules)
 * 3:52536 <-> ENABLED <-> SERVER-WEBAPP Cisco Data Center Network Manager directory traversal attempt (server-webapp.rules)
 * 3:52537 <-> ENABLED <-> SERVER-WEBAPP Cisco Data Center Network Manager directory traversal attempt (server-webapp.rules)
 * 3:52538 <-> ENABLED <-> SERVER-WEBAPP Cisco Data Center Network Manager directory traversal attempt (server-webapp.rules)
 * 3:52539 <-> ENABLED <-> SERVER-WEBAPP Cisco Data Center Network Manager directory traversal attempt (server-webapp.rules)
 * 3:52540 <-> ENABLED <-> SERVER-WEBAPP Cisco Data Center Network Manager directory traversal attempt (server-webapp.rules)
 * 3:52541 <-> ENABLED <-> SERVER-WEBAPP Cisco Data Center Network Manager directory traversal attempt (server-webapp.rules)
 * 3:52542 <-> ENABLED <-> SERVER-WEBAPP Cisco Data Center Network Manager displayServerInfos information disclosure attempt (server-webapp.rules)
 * 3:52543 <-> ENABLED <-> SERVER-WEBAPP Cisco Data Center Network Manager SQL injection attempt (server-webapp.rules)
 * 3:52544 <-> ENABLED <-> SERVER-WEBAPP Cisco Data Center Network Manager SQL injection attempt (server-webapp.rules)
 * 3:52545 <-> ENABLED <-> SERVER-WEBAPP Cisco Data Center Network Manager directory traversal attempt (server-webapp.rules)
 * 3:52546 <-> ENABLED <-> SERVER-WEBAPP Cisco Data Center Network Manager LanFabricImpl createLanFabric command injection attempt (server-webapp.rules)
 * 3:52547 <-> ENABLED <-> SERVER-WEBAPP Cisco Data Center Network Manager SanWS importTS arbitrary file upload attempt (server-webapp.rules)
 * 3:52555 <-> ENABLED <-> SERVER-WEBAPP Cisco Webex Video Mesh Node command injection attempt (server-webapp.rules)
 * 3:52559 <-> ENABLED <-> SERVER-WEBAPP Cisco IOS Web UI cross site request forgery attempt (server-webapp.rules)
 * 3:52560 <-> ENABLED <-> SERVER-WEBAPP Cisco IOS Web UI cross site request forgery attempt (server-webapp.rules)
 * 3:52570 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0973 attack attempt (file-other.rules)
 * 3:52571 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2019-0973 attack attempt (file-other.rules)
 * 3:52627 <-> ENABLED <-> SERVER-WEBAPP Cisco Firepower Management Center LDAP authentication bypass attempt (server-webapp.rules)
 * 3:52628 <-> ENABLED <-> SERVER-WEBAPP Cisco Firepower Management Center LDAP authentication bypass attempt (server-webapp.rules)
 * 3:52629 <-> ENABLED <-> SERVER-WEBAPP Cisco Firepower Management Center LDAP authentication bypass attempt (server-webapp.rules)
 * 3:52630 <-> ENABLED <-> SERVER-WEBAPP Cisco Firepower Management Center LDAP authentication bypass attempt (server-webapp.rules)
 * 3:52631 <-> ENABLED <-> SERVER-WEBAPP Cisco Firepower Management Center LDAP authentication bypass attempt (server-webapp.rules)
 * 3:52632 <-> ENABLED <-> SERVER-WEBAPP Cisco Firepower Management Center LDAP authentication bypass attempt (server-webapp.rules)
 * 3:52633 <-> ENABLED <-> SERVER-OTHER Cisco IOS EVPN NLRI parsing denial of service attempt (server-other.rules)
 * 3:52641 <-> ENABLED <-> SERVER-WEBAPP Cisco Smart Software Manager unauthorized password change attempt (server-webapp.rules)
 * 3:52642 <-> ENABLED <-> SERVER-WEBAPP Cisco Smart Software Manager unauthorized password change attempt (server-webapp.rules)
 * 3:52643 <-> ENABLED <-> SERVER-WEBAPP Cisco Smart Software Manager denial of service attempt (server-webapp.rules)
 * 3:52644 <-> ENABLED <-> SERVER-WEBAPP Cisco Smart Software Manager denial of service attempt (server-webapp.rules)
 * 3:52645 <-> ENABLED <-> PROTOCOL-SNMP Cisco IOS IS-IS SNMP denial of service attempt (protocol-snmp.rules)
 * 3:52646 <-> ENABLED <-> PROTOCOL-SNMP Cisco IOS IS-IS SNMP denial of service attempt (protocol-snmp.rules)
 * 3:52647 <-> ENABLED <-> PROTOCOL-SNMP Cisco IOS IS-IS SNMP denial of service attempt (protocol-snmp.rules)
 * 3:52648 <-> ENABLED <-> PROTOCOL-SNMP Cisco IOS IS-IS SNMP denial of service attempt (protocol-snmp.rules)
 * 3:52649 <-> ENABLED <-> PROTOCOL-SNMP Cisco IOS IS-IS SNMP denial of service attempt (protocol-snmp.rules)
 * 3:52666 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0981 attack attempt (file-other.rules)
 * 3:52667 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0981 attack attempt (file-other.rules)
 * 3:52668 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0982 attack attempt (file-other.rules)
 * 3:52669 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0982 attack attempt (file-other.rules)
 * 3:52818 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0979 attack attempt (file-other.rules)
 * 3:52819 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0979 attack attempt (file-other.rules)
 * 3:52836 <-> ENABLED <-> PROTOCOL-SNMP TRUFFLEHUNTER TALOS-2020-0976 attack attempt (protocol-snmp.rules)
 * 3:52837 <-> ENABLED <-> PROTOCOL-SNMP TRUFFLEHUNTER TALOS-2020-0976 attack attempt (protocol-snmp.rules)
 * 3:52838 <-> ENABLED <-> PROTOCOL-SNMP TRUFFLEHUNTER TALOS-2020-0975 attack attempt (protocol-snmp.rules)
 * 3:52839 <-> ENABLED <-> PROTOCOL-SNMP TRUFFLEHUNTER TALOS-2020-0975 attack attempt (protocol-snmp.rules)
 * 3:52840 <-> ENABLED <-> PROTOCOL-SNMP TRUFFLEHUNTER TALOS-2020-0975 attack attempt (protocol-snmp.rules)
 * 3:52841 <-> ENABLED <-> PROTOCOL-SNMP TRUFFLEHUNTER TALOS-2020-0975 attack attempt (protocol-snmp.rules)
 * 3:52842 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0978 attack attempt (file-other.rules)
 * 3:52843 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0978 attack attempt (file-other.rules)
 * 3:52850 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0980 attack attempt (file-other.rules)
 * 3:52851 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0980 attack attempt (file-other.rules)
 * 3:52993 <-> ENABLED <-> POLICY-OTHER Cisco Small Business Series Switches admin settings page access detected (policy-other.rules)
 * 3:52994 <-> ENABLED <-> POLICY-OTHER Cisco Small Business Series Switches device configuration page access detected (policy-other.rules)
 * 3:52995 <-> ENABLED <-> POLICY-OTHER Cisco Small Business Series Switches device configuration page access detected (policy-other.rules)
 * 3:52996 <-> ENABLED <-> SERVER-WEBAPP Cisco Small Business Series Switches information disclosure attempt (server-webapp.rules)
 * 3:52997 <-> ENABLED <-> SERVER-WEBAPP Cisco Small Business Series Switches cross site scripting attempt (server-webapp.rules)
 * 3:52998 <-> ENABLED <-> SERVER-WEBAPP Cisco Small Business Series Switches denial of service attempt (server-webapp.rules)
 * 3:53000 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0983 attack attempt (file-other.rules)
 * 3:53001 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0983 attack attempt (file-other.rules)
 * 3:53002 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-0993 attack attempt (file-image.rules)
 * 3:53003 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-0993 attack attempt (file-image.rules)
 * 3:53004 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0988 attack attempt (file-other.rules)
 * 3:53005 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0988 attack attempt (file-other.rules)
 * 3:53006 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-0998 attack attempt (file-image.rules)
 * 3:53007 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-0998 attack attempt (file-image.rules)
 * 3:53008 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0989 attack attempt (file-other.rules)
 * 3:53009 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0989 attack attempt (file-other.rules)
 * 3:53010 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2020-1003 attack attempt (policy-other.rules)
 * 3:53011 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-0991 attack attempt (file-image.rules)
 * 3:53012 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-0991 attack attempt (file-image.rules)
 * 3:53013 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-0991 attack attempt (file-image.rules)
 * 3:53014 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-0991 attack attempt (file-image.rules)
 * 3:53015 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-0987 attack attempt (file-image.rules)
 * 3:53016 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-0987 attack attempt (file-image.rules)
 * 3:53032 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-0986 attack attempt (file-image.rules)
 * 3:53033 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-0986 attack attempt (file-image.rules)
 * 3:53034 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-0986 attack attempt (file-image.rules)
 * 3:53035 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-0986 attack attempt (file-image.rules)
 * 3:53036 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-0997 attack attempt (file-pdf.rules)
 * 3:53037 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-0997 attack attempt (file-pdf.rules)
 * 3:53038 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-0990 attack attempt (file-image.rules)
 * 3:53039 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-0990 attack attempt (file-image.rules)
 * 3:53040 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-0990 attack attempt (file-image.rules)
 * 3:53041 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-0990 attack attempt (file-image.rules)
 * 3:53042 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-0990 attack attempt (file-image.rules)
 * 3:53043 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-0990 attack attempt (file-image.rules)
 * 3:53044 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-0984 attack attempt (server-webapp.rules)
 * 3:53045 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-0985 attack attempt (server-webapp.rules)
 * 3:53046 <-> ENABLED <-> PROTOCOL-DNS TRUFFLEHUNTER TALOS-2020-1001 attack attempt (protocol-dns.rules)
 * 3:53049 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1006 attack attempt (protocol-scada.rules)
 * 3:53065 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1004 attack attempt (file-image.rules)
 * 3:53066 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1004 attack attempt (file-image.rules)
 * 3:53067 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-0999 attack attempt (file-image.rules)
 * 3:53068 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-0999 attack attempt (file-image.rules)
 * 3:53069 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2020-1011 attack attempt (policy-other.rules)
 * 3:53070 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2020-1011 attack attempt (policy-other.rules)
 * 3:53071 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2020-0996 attack attempt (server-other.rules)
 * 3:53081 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2020-1010 attack attempt (policy-other.rules)
 * 3:53093 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2020-1012 attack attempt (file-multimedia.rules)
 * 3:53094 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2020-1012 attack attempt (file-multimedia.rules)
 * 3:53097 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1009 attack attempt (file-image.rules)
 * 3:53098 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1009 attack attempt (file-image.rules)
 * 3:53099 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2020-1000 attack attempt (server-other.rules)
 * 3:53102 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2020-1002 attack attempt (server-other.rules)
 * 3:53103 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2020-1002 attack attempt (server-other.rules)
 * 3:53114 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1013 attack attempt (file-pdf.rules)
 * 3:53115 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1013 attack attempt (file-pdf.rules)
 * 3:53125 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1005 attack attempt (protocol-scada.rules)
 * 3:53126 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1008 attack attempt (protocol-scada.rules)
 * 3:53127 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1007 attack attempt (protocol-scada.rules)
 * 3:53128 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1007 attack attempt (protocol-scada.rules)
 * 3:53168 <-> ENABLED <-> SERVER-WEBAPP Cisco Unified Contact Center Express arbitrary JSP file upload attempt (server-webapp.rules)
 * 3:53169 <-> ENABLED <-> POLICY-OTHER PostgreSQL default credential login detected (policy-other.rules)
 * 3:53170 <-> ENABLED <-> SERVER-OTHER Cisco Email Security Appliance mail log parsing denial of service attempt (server-other.rules)
 * 3:53171 <-> ENABLED <-> POLICY-OTHER Cisco Data Center Network Manager password change detected (policy-other.rules)
 * 3:53172 <-> ENABLED <-> POLICY-OTHER Cisco Data Center Network Manager user add detected (policy-other.rules)
 * 3:53173 <-> ENABLED <-> POLICY-OTHER Cisco Data Center Network Manager server properties update detected (policy-other.rules)
 * 3:53174 <-> ENABLED <-> POLICY-OTHER Cisco Data Center Network Manager saveDefaultCredentials detected (policy-other.rules)
 * 3:53175 <-> ENABLED <-> SERVER-WEBAPP Cisco Data Center Network Manager cross site request forgery attempt (server-webapp.rules)
 * 3:53176 <-> ENABLED <-> SERVER-WEBAPP Cisco Data Center Network Manager cross site request forgery attempt (server-webapp.rules)
 * 3:53252 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1017 attack attempt (file-image.rules)
 * 3:53253 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1017 attack attempt (file-image.rules)
 * 3:53254 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1017 attack attempt (file-image.rules)
 * 3:53255 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1017 attack attempt (file-image.rules)
 * 3:53257 <-> ENABLED <-> OS-WINDOWS TRUFFLEHUNTER TALOS-2020-1016 attack attempt (os-windows.rules)
 * 3:53258 <-> ENABLED <-> OS-WINDOWS TRUFFLEHUNTER TALOS-2020-1016 attack attempt (os-windows.rules)
 * 3:53265 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1014 attack attempt (file-pdf.rules)
 * 3:53266 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1014 attack attempt (file-pdf.rules)
 * 3:53268 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2020-1015 attack attempt (file-office.rules)
 * 3:53269 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2020-1015 attack attempt (file-office.rules)
 * 3:53384 <-> ENABLED <-> FILE-OTHER Cisco Webex Network Recording Player memory corruption attempt (file-other.rules)
 * 3:53385 <-> ENABLED <-> FILE-OTHER Cisco Webex Network Recording Player memory corruption attempt (file-other.rules)
 * 3:53386 <-> ENABLED <-> FILE-OTHER Cisco Webex Network Recording Player memory corruption attempt (file-other.rules)
 * 3:53387 <-> ENABLED <-> FILE-OTHER Cisco Webex Network Recording Player memory corruption attempt (file-other.rules)
 * 3:53388 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Network Registrar cross site request forgery attempt (server-webapp.rules)
 * 3:53389 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Network Registrar cross site request forgery attempt (server-webapp.rules)
 * 3:53390 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Network Registrar cross site request forgery attempt (server-webapp.rules)
 * 3:53391 <-> ENABLED <-> SERVER-WEBAPP Cisco Prime Network Registrar cross site request forgery attempt (server-webapp.rules)
 * 3:53392 <-> ENABLED <-> POLICY-OTHER Cisco Prime Network Registrar AddObject request detected (policy-other.rules)
 * 3:53393 <-> ENABLED <-> POLICY-OTHER Cisco Prime Network Registrar EditAdmin request detected (policy-other.rules)
 * 3:53418 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2020-1018 attack attempt (server-other.rules)
 * 3:53441 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1020 attack attempt (protocol-scada.rules)
 * 3:53442 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1021 attack attempt (protocol-scada.rules)
 * 3:53443 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1022 attack attempt (protocol-scada.rules)
 * 3:53444 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1023 attack attempt (protocol-scada.rules)
 * 3:53445 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1024 attack attempt (protocol-scada.rules)
 * 3:53470 <-> ENABLED <-> SERVER-OTHER Cisco IOS EnergyWise heap buffer overflow attempt (server-other.rules)
 * 3:53471 <-> ENABLED <-> SERVER-OTHER Cisco IOS EnergyWise integer underflow attempt (server-other.rules)
 * 3:53472 <-> ENABLED <-> SERVER-OTHER Cisco IOS EnergyWise out of bounds read attempt (server-other.rules)
 * 3:53480 <-> ENABLED <-> SERVER-WEBAPP Cisco SD-WAN vManage SQL injection attempt (server-webapp.rules)
 * 3:53481 <-> ENABLED <-> SERVER-WEBAPP Cisco SD-WAN vManage SQL injection attempt (server-webapp.rules)
 * 3:53482 <-> ENABLED <-> SERVER-WEBAPP Cisco SD-WAN vManage cross site scripting attempt (server-webapp.rules)
 * 3:53483 <-> ENABLED <-> SERVER-WEBAPP Cisco SD-WAN vManage cross site scripting attempt (server-webapp.rules)
 * 3:53484 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1025 attack attempt (protocol-scada.rules)
 * 3:53485 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1028 attack attempt (file-pdf.rules)
 * 3:53486 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1028 attack attempt (file-pdf.rules)
 * 3:53487 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2020-1027 attack attempt (file-office.rules)
 * 3:53488 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2020-1027 attack attempt (file-office.rules)
 * 3:53497 <-> ENABLED <-> SERVER-WEBAPP Cisco IOS XE Web UI command injection attempt (server-webapp.rules)
 * 3:53498 <-> ENABLED <-> SERVER-WEBAPP Cisco IOS XE Web UI file upload directory traversal attempt (server-webapp.rules)
 * 3:53499 <-> ENABLED <-> SERVER-WEBAPP Cisco IOS XE Web UI file upload remote code execution attempt (server-webapp.rules)
 * 3:53500 <-> ENABLED <-> SERVER-WEBAPP Cisco IOS XE Web UI file upload remote code execution attempt (server-webapp.rules)
 * 3:53501 <-> ENABLED <-> SERVER-WEBAPP Cisco IOS XE Web UI command injection attempt (server-webapp.rules)
 * 3:53502 <-> ENABLED <-> SERVER-WEBAPP Cisco IOS XE Web UI command injection attempt (server-webapp.rules)
 * 3:53503 <-> ENABLED <-> SERVER-WEBAPP Cisco IOS XE Web UI command injection attempt (server-webapp.rules)
 * 3:53504 <-> ENABLED <-> FILE-OTHER TAR file directory traversal attempt (file-other.rules)
 * 3:53517 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1037 attack attempt (file-other.rules)
 * 3:53518 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1037 attack attempt (file-other.rules)
 * 3:53519 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1038 attack attempt (file-other.rules)
 * 3:53520 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1038 attack attempt (file-other.rules)
 * 3:53521 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1039 attack attempt (file-other.rules)
 * 3:53522 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1039 attack attempt (file-other.rules)
 * 3:53523 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1034 attack attempt (file-other.rules)
 * 3:53524 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1034 attack attempt (file-other.rules)
 * 3:53531 <-> ENABLED <-> OS-WINDOWS TRUFFLEHUNTER TALOS-2020-1033 attack attempt (os-windows.rules)
 * 3:53532 <-> ENABLED <-> OS-WINDOWS TRUFFLEHUNTER TALOS-2020-1033 attack attempt (os-windows.rules)
 * 3:53535 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1035 attack attempt (file-other.rules)
 * 3:53536 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1035 attack attempt (file-other.rules)
 * 3:53537 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1036 attack attempt (file-other.rules)
 * 3:53538 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1036 attack attempt (file-other.rules)
 * 3:53545 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1040 attack attempt (file-other.rules)
 * 3:53546 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1040 attack attempt (file-other.rules)
 * 3:53549 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1043 attack attempt (file-other.rules)
 * 3:53550 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1043 attack attempt (file-other.rules)
 * 3:53553 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1042 attack attempt (file-other.rules)
 * 3:53554 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1042 attack attempt (file-other.rules)
 * 3:53562 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2020-1030 attack attempt (server-other.rules)
 * 3:53563 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1031 attack attempt (file-pdf.rules)
 * 3:53564 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1031 attack attempt (file-pdf.rules)
 * 3:53565 <-> ENABLED <-> PROTOCOL-TFTP TRUFFLEHUNTER TALOS-2020-1029 attack attempt (protocol-tftp.rules)
 * 3:53571 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2020-1032 attack attempt (file-multimedia.rules)
 * 3:53572 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2020-1032 attack attempt (file-multimedia.rules)
 * 3:53573 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2020-1032 attack attempt (file-multimedia.rules)
 * 3:53574 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2020-1032 attack attempt (file-multimedia.rules)
 * 3:53575 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2020-1032 attack attempt (file-multimedia.rules)
 * 3:53576 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2020-1032 attack attempt (file-multimedia.rules)
 * 3:53577 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2020-1032 attack attempt (file-multimedia.rules)
 * 3:53578 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2020-1032 attack attempt (file-multimedia.rules)
 * 3:53599 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1044 attack attempt (file-pdf.rules)
 * 3:53600 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1044 attack attempt (file-pdf.rules)
 * 3:53650 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2020-1045 attack attempt (file-office.rules)
 * 3:53651 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2020-1045 attack attempt (file-office.rules)
 * 3:53660 <-> ENABLED <-> FILE-OTHER Cisco Webex Network Recording Player memory corruption attempt (file-other.rules)
 * 3:53661 <-> ENABLED <-> FILE-OTHER Cisco Webex Network Recording Player memory corruption attempt (file-other.rules)
 * 3:53666 <-> ENABLED <-> SERVER-OTHER Cisco Wireless Lan Controller CAPWAP out of bounds access attempt (server-other.rules)
 * 3:53667 <-> ENABLED <-> POLICY-OTHER Cisco Unified Communications Manager TAPS RMI method lookup detected (policy-other.rules)
 * 3:53668 <-> ENABLED <-> SERVER-OTHER Cisco Unified Communications Manager TAPS RMI directory traversal attempt (server-other.rules)
 * 3:53669 <-> ENABLED <-> SERVER-WEBAPP Cisco IP Phone libHTTPService.so stack buffer overflow attempt (server-webapp.rules)
 * 3:53670 <-> ENABLED <-> SERVER-WEBAPP Cisco IP Phone libHTTPService.so stack buffer overflow attempt (server-webapp.rules)
 * 3:53671 <-> ENABLED <-> SERVER-WEBAPP Cisco UCS Director authentication bypass attempt (server-webapp.rules)
 * 3:53672 <-> ENABLED <-> SERVER-WEBAPP Cisco UCS Director REST API directory traversal attempt (server-webapp.rules)
 * 3:53673 <-> ENABLED <-> SERVER-WEBAPP Cisco UCS Director REST API directory traversal attempt (server-webapp.rules)
 * 3:53674 <-> ENABLED <-> SERVER-WEBAPP Cisco UCS Director REST API directory traversal attempt (server-webapp.rules)
 * 3:53675 <-> ENABLED <-> SERVER-WEBAPP Cisco UCS Director LargeFileUploadServlet directory traversal attempt (server-webapp.rules)
 * 3:53676 <-> ENABLED <-> SERVER-WEBAPP Cisco UCS Director LargeFileUploadServlet directory traversal attempt (server-webapp.rules)
 * 3:53677 <-> ENABLED <-> SERVER-WEBAPP Cisco UCS Director ClientServlet directory traversal attempt (server-webapp.rules)
 * 3:53678 <-> ENABLED <-> SERVER-WEBAPP Cisco UCS Director ClientServlet directory traversal attempt (server-webapp.rules)
 * 3:53679 <-> ENABLED <-> SERVER-WEBAPP Cisco UCS Director ClientServlet directory traversal attempt (server-webapp.rules)
 * 3:53680 <-> ENABLED <-> SERVER-WEBAPP Cisco UCS Director filename directory traversal attempt (server-webapp.rules)
 * 3:53681 <-> ENABLED <-> SERVER-WEBAPP Cisco UCS Director arbitrary JSP file upload attempt (server-webapp.rules)
 * 3:53682 <-> ENABLED <-> SERVER-WEBAPP Cisco Mobility Express cross site request forgery attempt (server-webapp.rules)
 * 3:53683 <-> ENABLED <-> SERVER-WEBAPP Cisco Mobility Express cross site request forgery attempt (server-webapp.rules)
 * 3:53684 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1047 attack attempt (file-other.rules)
 * 3:53685 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1047 attack attempt (file-other.rules)
 * 3:53686 <-> ENABLED <-> BROWSER-OTHER TRUFFLEHUNTER TALOS-2020-1055 attack attempt (browser-other.rules)
 * 3:53729 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1050 attack attempt (file-other.rules)
 * 3:53730 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1050 attack attempt (file-other.rules)
 * 3:53731 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1046 attack attempt (file-other.rules)
 * 3:53732 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1046 attack attempt (file-other.rules)
 * 3:53742 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1048 attack attempt (file-other.rules)
 * 3:53743 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1048 attack attempt (file-other.rules)
 * 3:53755 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2020-1051 attack attempt (server-other.rules)
 * 3:53756 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2020-1051 attack attempt (server-other.rules)
 * 3:53759 <-> ENABLED <-> BROWSER-OTHER TRUFFLEHUNTER TALOS-2020-1053 attack attempt (browser-other.rules)
 * 3:53760 <-> ENABLED <-> BROWSER-OTHER TRUFFLEHUNTER TALOS-2020-1053 attack attempt (browser-other.rules)
 * 3:53761 <-> ENABLED <-> BROWSER-OTHER TRUFFLEHUNTER TALOS-2020-1054 attack attempt (browser-other.rules)
 * 3:53762 <-> ENABLED <-> BROWSER-OTHER TRUFFLEHUNTER TALOS-2020-1054 attack attempt (browser-other.rules)
 * 3:53839 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2020-1059 attack attempt (policy-other.rules)
 * 3:53840 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2020-1060 attack attempt (policy-other.rules)
 * 3:53847 <-> ENABLED <-> PROTOCOL-OTHER Cisco ASA and FTD malformed OSPF denial of service attempt (protocol-other.rules)
 * 3:53850 <-> ENABLED <-> SERVER-WEBAPP Cisco ASA and FTD memory disclosure attempt (server-webapp.rules)
 * 3:53851 <-> ENABLED <-> SERVER-WEBAPP Cisco ASA and FTD directory traversal attempt (server-webapp.rules)
 * 3:53864 <-> ENABLED <-> POLICY-OTHER Cisco Firepower User Agent Service default MySQL credentials detected (policy-other.rules)
 * 3:53867 <-> ENABLED <-> PROTOCOL-DNS Cisco ASA and FTD IPv6 DNS request stack buffer overflow attempt (protocol-dns.rules)
 * 3:53868 <-> ENABLED <-> SERVER-OTHER Cisco ASA and FTD MGCP denial of service attempt (server-other.rules)
 * 3:53869 <-> ENABLED <-> SERVER-OTHER Cisco ASA and FTD MGCP denial of service attempt (server-other.rules)
 * 3:53870 <-> ENABLED <-> SERVER-OTHER Cisco ASA and FTD MGCP denial of service attempt (server-other.rules)
 * 3:53871 <-> ENABLED <-> SERVER-OTHER Cisco ASA and FTD MGCP denial of service attempt (server-other.rules)
 * 3:53944 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1067 attack attempt (server-webapp.rules)
 * 3:53945 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1067 attack attempt (server-webapp.rules)
 * 3:53948 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1063 attack attempt (file-pdf.rules)
 * 3:53949 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1063 attack attempt (file-pdf.rules)
 * 3:53959 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2020-1065 attack attempt (server-other.rules)
 * 3:53990 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1062 attack attempt (file-pdf.rules)
 * 3:53991 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1062 attack attempt (file-pdf.rules)
 * 3:53992 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1068 attack attempt (file-pdf.rules)
 * 3:53993 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1068 attack attempt (file-pdf.rules)
 * 3:54009 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2020-1071 attack attempt (policy-other.rules)
 * 3:54010 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1070 attack attempt (file-pdf.rules)
 * 3:54011 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1070 attack attempt (file-pdf.rules)
 * 3:54024 <-> ENABLED <-> POLICY-OTHER Cisco Unified Contact Center Express vulnerable Java RMI class access detected (policy-other.rules)
 * 3:54025 <-> ENABLED <-> POLICY-OTHER Cisco Unified Contact Center Express vulnerable Java RMI class access detected (policy-other.rules)
 * 3:54026 <-> ENABLED <-> POLICY-OTHER Cisco Unified Contact Center Express vulnerable Java RMI class access detected (policy-other.rules)
 * 3:54027 <-> ENABLED <-> POLICY-OTHER Cisco Unified Contact Center Express vulnerable Java RMI class access detected (policy-other.rules)
 * 3:54028 <-> ENABLED <-> INDICATOR-SHELLCODE Java RMI deserialization exploit attempt (indicator-shellcode.rules)
 * 3:54034 <-> ENABLED <-> SERVER-OTHER Cisco Prime Network Registrar denial of service attempt (server-other.rules)
 * 3:54047 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1084 attack attempt (file-pdf.rules)
 * 3:54048 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1084 attack attempt (file-pdf.rules)
 * 3:54049 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1087 attack attempt (server-webapp.rules)
 * 3:54050 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1087 attack attempt (server-webapp.rules)
 * 3:54051 <-> ENABLED <-> BROWSER-CHROME TRUFFLEHUNTER TALOS-2020-1085 attack attempt (browser-chrome.rules)
 * 3:54052 <-> ENABLED <-> BROWSER-CHROME TRUFFLEHUNTER TALOS-2020-1085 attack attempt (browser-chrome.rules)
 * 3:54120 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2019-0912 attack attempt (file-multimedia.rules)
 * 3:54121 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2019-0912 attack attempt (file-multimedia.rules)
 * 3:54123 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1077 attack attempt (server-webapp.rules)
 * 3:54124 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1077 attack attempt (server-webapp.rules)
 * 3:54125 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1077 attack attempt (server-webapp.rules)
 * 3:54126 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1077 attack attempt (server-webapp.rules)
 * 3:54127 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1077 attack attempt (server-webapp.rules)
 * 3:54128 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1077 attack attempt (server-webapp.rules)
 * 3:54129 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1077 attack attempt (server-webapp.rules)
 * 3:54130 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1077 attack attempt (server-webapp.rules)
 * 3:54131 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1077 attack attempt (server-webapp.rules)
 * 3:54132 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1072 attack attempt (server-webapp.rules)
 * 3:54133 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1072 attack attempt (server-webapp.rules)
 * 3:54134 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1072 attack attempt (server-webapp.rules)
 * 3:54135 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1073 attack attempt (server-webapp.rules)
 * 3:54136 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1073 attack attempt (server-webapp.rules)
 * 3:54137 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1073 attack attempt (server-webapp.rules)
 * 3:54138 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1074 attack attempt (server-webapp.rules)
 * 3:54139 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1075 attack attempt (server-webapp.rules)
 * 3:54140 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1075 attack attempt (server-webapp.rules)
 * 3:54141 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1075 attack attempt (server-webapp.rules)
 * 3:54142 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1076 attack attempt (server-webapp.rules)
 * 3:54143 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1076 attack attempt (server-webapp.rules)
 * 3:54144 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1076 attack attempt (server-webapp.rules)
 * 3:54155 <-> ENABLED <-> SERVER-OTHER Cisco IOx Application Environment external VDS control message attempt (server-other.rules)
 * 3:54158 <-> ENABLED <-> PROTOCOL-OTHER Cisco IOS XE NetFlow packet parsing denial of service attempt (protocol-other.rules)
 * 3:54159 <-> ENABLED <-> SERVER-OTHER Cisco IOS IKE2 invalid port denial of service attempt (server-other.rules)
 * 3:54160 <-> ENABLED <-> SERVER-OTHER Cisco IOS IKE2 invalid port denial of service attempt (server-other.rules)
 * 3:54161 <-> ENABLED <-> POLICY-OTHER Cisco IOx token service access detected (policy-other.rules)
 * 3:54163 <-> ENABLED <-> PROTOCOL-VOIP Cisco IOS malformed SIP Via header denial of service attempt (protocol-voip.rules)
 * 3:54164 <-> ENABLED <-> PROTOCOL-VOIP Cisco IOS malformed SIP Via header denial of service attempt (protocol-voip.rules)
 * 3:54251 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1080 attack attempt (server-webapp.rules)
 * 3:54252 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1080 attack attempt (server-webapp.rules)
 * 3:54253 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1080 attack attempt (server-webapp.rules)
 * 3:54254 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1082 attack attempt (server-webapp.rules)
 * 3:54255 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1082 attack attempt (server-webapp.rules)
 * 3:54256 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1082 attack attempt (server-webapp.rules)
 * 3:54257 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1083 attack attempt (server-webapp.rules)
 * 3:54258 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1083 attack attempt (server-webapp.rules)
 * 3:54259 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1078 attack attempt (server-webapp.rules)
 * 3:54260 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1078 attack attempt (server-webapp.rules)
 * 3:54261 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1078 attack attempt (server-webapp.rules)
 * 3:54262 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1079 attack attempt (server-webapp.rules)
 * 3:54263 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1079 attack attempt (server-webapp.rules)
 * 3:54264 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1079 attack attempt (server-webapp.rules)
 * 3:54265 <-> ENABLED <-> BROWSER-OTHER TRUFFLEHUNTER TALOS-2020-1088 attack attempt (browser-other.rules)
 * 3:51700 <-> ENABLED <-> SERVER-WEBAPP Cisco Firepower Management Center SQL injection attempt (server-webapp.rules)
 * 3:51701 <-> ENABLED <-> SERVER-WEBAPP Cisco Firepower Management Center SQL injection attempt (server-webapp.rules)
 * 3:51702 <-> ENABLED <-> SERVER-WEBAPP Cisco Firepower Management Center SQL injection attempt (server-webapp.rules)
 * 3:51703 <-> ENABLED <-> SERVER-WEBAPP Cisco Firepower Management Center SQL injection attempt (server-webapp.rules)
 * 3:51704 <-> ENABLED <-> SERVER-WEBAPP Cisco Firepower Management Center SQL injection attempt (server-webapp.rules)
 * 3:51705 <-> ENABLED <-> SERVER-WEBAPP Cisco Firepower Management Center directory traversal attempt (server-webapp.rules)
 * 3:51706 <-> ENABLED <-> SERVER-WEBAPP Cisco Firepower Management Center directory traversal attempt (server-webapp.rules)
 * 3:51707 <-> ENABLED <-> SERVER-WEBAPP Cisco Firepower Management Center directory traversal attempt (server-webapp.rules)
 * 3:51708 <-> ENABLED <-> SERVER-WEBAPP Cisco Firepower Management Center command injection attempt (server-webapp.rules)
 * 3:51709 <-> ENABLED <-> SERVER-WEBAPP Cisco Firepower Management Center command injection attempt (server-webapp.rules)
 * 3:51710 <-> ENABLED <-> SERVER-WEBAPP Cisco Firepower Management Center command injection attempt (server-webapp.rules)
 * 3:51711 <-> ENABLED <-> SERVER-WEBAPP Cisco Firepower Management Center command injection attempt (server-webapp.rules)
 * 3:51713 <-> ENABLED <-> SERVER-WEBAPP Cisco WebVPN denial of service attempt (server-webapp.rules)
 * 3:51716 <-> ENABLED <-> SERVER-WEBAPP Cisco Firepower Management Center command injection attempt (server-webapp.rules)
 * 3:51717 <-> ENABLED <-> SERVER-WEBAPP Cisco Firepower Management Center command injection attempt (server-webapp.rules)
 * 3:51718 <-> ENABLED <-> SERVER-WEBAPP Cisco Firepower Management Center command injection attempt (server-webapp.rules)
 * 3:51719 <-> ENABLED <-> SERVER-WEBAPP Cisco Firepower Management Center command injection attempt (server-webapp.rules)
 * 3:51728 <-> ENABLED <-> SERVER-WEBAPP Cisco WebVPN cross site scripting attempt (server-webapp.rules)
 * 3:51729 <-> ENABLED <-> SERVER-WEBAPP Cisco WebVPN cross site scripting attempt (server-webapp.rules)
 * 3:51737 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0915 attack attempt (file-pdf.rules)
 * 3:51738 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2019-0915 attack attempt (file-pdf.rules)
 * 3:51890 <-> ENABLED <-> SERVER-WEBAPP Cisco SPA100 Series analog telephone adapters buffer overflow attempt (server-webapp.rules)
 * 3:51891 <-> ENABLED <-> SERVER-WEBAPP Cisco SPA100 Series analog telephone adapters buffer overflow attempt (server-webapp.rules)
 * 3:51892 <-> ENABLED <-> SERVER-WEBAPP Cisco SPA100 Series analog telephone adapters buffer overflow attempt (server-webapp.rules)
 * 3:51893 <-> ENABLED <-> SERVER-WEBAPP Cisco SPA100 Series analog telephone adapters buffer overflow attempt (server-webapp.rules)
 * 3:51894 <-> ENABLED <-> SERVER-WEBAPP Cisco SPA100 Series analog telephone adapters buffer overflow attempt (server-webapp.rules)
 * 3:51895 <-> ENABLED <-> SERVER-WEBAPP Cisco SPA100 Series analog telephone adapters buffer overflow attempt (server-webapp.rules)
 * 3:51900 <-> ENABLED <-> SERVER-WEBAPP Cisco Small Business Switches cross site scripting attempt (server-webapp.rules)
 * 3:51901 <-> ENABLED <-> SERVER-WEBAPP Cisco Small Business Switches denial of service attempt (server-webapp.rules)
 * 3:51902 <-> ENABLED <-> SERVER-WEBAPP Cisco Small Business Switches cross site scripting attempt (server-webapp.rules)
 * 3:51903 <-> ENABLED <-> SERVER-WEBAPP Cisco Small Business Switches cross site scripting attempt (server-webapp.rules)
 * 3:51904 <-> ENABLED <-> SERVER-WEBAPP Cisco Small Business Switches cross site scripting attempt (server-webapp.rules)
 * 3:51905 <-> ENABLED <-> SERVER-WEBAPP Cisco Small Business Switches cross site scripting attempt (server-webapp.rules)
 * 3:51906 <-> ENABLED <-> SERVER-WEBAPP Cisco Small Business Switches cross site scripting attempt (server-webapp.rules)
 * 3:51907 <-> ENABLED <-> SERVER-WEBAPP Cisco Small Business Switches cross site scripting attempt (server-webapp.rules)
 * 3:51924 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0917 attack attempt (server-webapp.rules)
 * 3:51925 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0917 attack attempt (server-webapp.rules)
 * 3:51926 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0917 attack attempt (server-webapp.rules)
 * 3:51927 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0917 attack attempt (server-webapp.rules)
 * 3:51928 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0917 attack attempt (server-webapp.rules)
 * 3:51929 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0919 attack attempt (server-webapp.rules)
 * 3:51931 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0916 attack attempt (file-image.rules)
 * 3:54266 <-> ENABLED <-> BROWSER-OTHER TRUFFLEHUNTER TALOS-2020-1088 attack attempt (browser-other.rules)
 * 3:54267 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1081 attack attempt (server-webapp.rules)
 * 3:54268 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1081 attack attempt (server-webapp.rules)
 * 3:54269 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1081 attack attempt (server-webapp.rules)
 * 3:54282 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1092 attack attempt (file-pdf.rules)
 * 3:54283 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1092 attack attempt (file-pdf.rules)
 * 3:54290 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1091 attack attempt (server-webapp.rules)
 * 3:54308 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1094 attack attempt (file-other.rules)
 * 3:54309 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1094 attack attempt (file-other.rules)
 * 3:54310 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1094 attack attempt (file-other.rules)
 * 3:54311 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1094 attack attempt (file-other.rules)
 * 3:54312 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1094 attack attempt (file-other.rules)
 * 3:54313 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1094 attack attempt (file-other.rules)
 * 3:54314 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1094 attack attempt (file-other.rules)
 * 3:54315 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1094 attack attempt (file-other.rules)
 * 3:54320 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers command injection attempt (server-webapp.rules)
 * 3:54321 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers command injection attempt (server-webapp.rules)
 * 3:54322 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers command injection attempt (server-webapp.rules)
 * 3:54323 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers command injection attempt (server-webapp.rules)
 * 3:54324 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers command injection attempt (server-webapp.rules)
 * 3:54325 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers command injection attempt (server-webapp.rules)
 * 3:54326 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers command injection attempt (server-webapp.rules)
 * 3:54327 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers command injection attempt (server-webapp.rules)
 * 3:54328 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers command injection attempt (server-webapp.rules)
 * 3:54329 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers command injection attempt (server-webapp.rules)
 * 3:54330 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers command injection attempt (server-webapp.rules)
 * 3:54331 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers command injection attempt (server-webapp.rules)
 * 3:54332 <-> ENABLED <-> POLICY-OTHER Cisco TelePresence API SoftwareUpgrade SystemUnit command detected (policy-other.rules)
 * 3:54333 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (server-webapp.rules)
 * 3:54334 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (server-webapp.rules)
 * 3:54335 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (server-webapp.rules)
 * 3:54336 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (server-webapp.rules)
 * 3:54337 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (server-webapp.rules)
 * 3:54338 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (server-webapp.rules)
 * 3:54339 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (server-webapp.rules)
 * 3:54340 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (server-webapp.rules)
 * 3:54341 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (server-webapp.rules)
 * 3:54342 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (server-webapp.rules)
 * 3:54343 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers command injection attempt (server-webapp.rules)
 * 3:54344 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers command injection attempt (server-webapp.rules)
 * 3:54345 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers command injection attempt (server-webapp.rules)
 * 3:54346 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers command injection attempt (server-webapp.rules)
 * 3:54347 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (server-webapp.rules)
 * 3:54348 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (server-webapp.rules)
 * 3:54349 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (server-webapp.rules)
 * 3:54350 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (server-webapp.rules)
 * 3:54351 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (server-webapp.rules)
 * 3:54352 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (server-webapp.rules)
 * 3:54353 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (server-webapp.rules)
 * 3:54354 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (server-webapp.rules)
 * 3:54355 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (server-webapp.rules)
 * 3:54356 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (server-webapp.rules)
 * 3:54358 <-> ENABLED <-> BROWSER-OTHER Cisco Webex Meetings Desktop App arbitrary program execution attempt (browser-other.rules)
 * 3:54359 <-> ENABLED <-> BROWSER-OTHER Cisco Webex Meetings Desktop App arbitrary program execution attempt (browser-other.rules)
 * 3:54360 <-> ENABLED <-> BROWSER-OTHER Cisco Webex Meetings Desktop App arbitrary program execution attempt (browser-other.rules)
 * 3:54361 <-> ENABLED <-> BROWSER-OTHER Cisco Webex Meetings Desktop App arbitrary program execution attempt (browser-other.rules)
 * 3:54362 <-> ENABLED <-> BROWSER-OTHER Cisco Webex Meetings Desktop App arbitrary program execution attempt (browser-other.rules)
 * 3:54363 <-> ENABLED <-> BROWSER-OTHER Cisco Webex Meetings Desktop App arbitrary program execution attempt (browser-other.rules)
 * 3:54364 <-> ENABLED <-> BROWSER-OTHER Cisco Webex Meetings Desktop App arbitrary program execution attempt (browser-other.rules)
 * 3:54365 <-> ENABLED <-> BROWSER-OTHER Cisco Webex Meetings Desktop App arbitrary program execution attempt (browser-other.rules)
 * 3:54366 <-> ENABLED <-> BROWSER-OTHER Cisco Webex Meetings Desktop App arbitrary program execution attempt (browser-other.rules)
 * 3:54367 <-> ENABLED <-> BROWSER-OTHER Cisco Webex Meetings Desktop App arbitrary program execution attempt (browser-other.rules)
 * 3:54368 <-> ENABLED <-> BROWSER-OTHER Cisco Webex Meetings Desktop App arbitrary program execution attempt (browser-other.rules)
 * 3:54369 <-> ENABLED <-> BROWSER-OTHER Cisco Webex Meetings Desktop App arbitrary program execution attempt (browser-other.rules)
 * 3:54370 <-> ENABLED <-> BROWSER-OTHER Cisco Webex Meetings Desktop App arbitrary program execution attempt (browser-other.rules)
 * 3:54371 <-> ENABLED <-> BROWSER-OTHER Cisco Webex Meetings Desktop App arbitrary program execution attempt (browser-other.rules)
 * 3:54372 <-> ENABLED <-> BROWSER-OTHER Cisco Webex Meetings Desktop App arbitrary program execution attempt (browser-other.rules)
 * 3:54390 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1096 attack attempt (file-image.rules)
 * 3:54391 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1096 attack attempt (file-image.rules)
 * 3:54392 <-> ENABLED <-> OS-WINDOWS TRUFFLEHUNTER TALOS-2020-1098 attack attempt (os-windows.rules)
 * 3:54393 <-> ENABLED <-> OS-WINDOWS TRUFFLEHUNTER TALOS-2020-1098 attack attempt (os-windows.rules)
 * 3:54411 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1095 attack attempt (file-image.rules)
 * 3:54412 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1095 attack attempt (file-image.rules)
 * 3:54413 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1095 attack attempt (file-image.rules)
 * 3:54414 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1095 attack attempt (file-image.rules)
 * 3:54415 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1101 attack attempt (file-other.rules)
 * 3:54416 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1101 attack attempt (file-other.rules)
 * 3:54430 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1094 attack attempt (file-other.rules)
 * 3:54431 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1094 attack attempt (file-other.rules)
 * 3:54432 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1094 attack attempt (file-other.rules)
 * 3:54433 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1094 attack attempt (file-other.rules)
 * 3:54440 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1110 attack attempt (file-other.rules)
 * 3:54441 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1110 attack attempt (file-other.rules)
 * 3:54442 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1110 attack attempt (file-other.rules)
 * 3:54443 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1110 attack attempt (file-other.rules)
 * 3:54444 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1110 attack attempt (file-other.rules)
 * 3:54445 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1110 attack attempt (file-other.rules)
 * 3:54446 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1111 attack attempt (file-other.rules)
 * 3:54447 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1111 attack attempt (file-other.rules)
 * 3:54448 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1111 attack attempt (file-other.rules)
 * 3:54449 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1111 attack attempt (file-other.rules)
 * 3:54450 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1111 attack attempt (file-other.rules)
 * 3:54451 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1111 attack attempt (file-other.rules)
 * 3:54452 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1112 attack attempt (file-other.rules)
 * 3:54453 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1112 attack attempt (file-other.rules)
 * 3:54454 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1113 attack attempt (file-other.rules)
 * 3:54455 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1113 attack attempt (file-other.rules)
 * 3:54456 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1114 attack attempt (file-other.rules)
 * 3:54457 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1114 attack attempt (file-other.rules)
 * 3:54458 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1115 attack attempt (file-other.rules)
 * 3:54459 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1115 attack attempt (file-other.rules)
 * 3:54460 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1116 attack attempt (file-other.rules)
 * 3:54461 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1116 attack attempt (file-other.rules)
 * 3:54465 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1102 attack attempt (file-other.rules)
 * 3:54466 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1102 attack attempt (file-other.rules)
 * 3:54467 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1105 attack attempt (file-other.rules)
 * 3:54468 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1105 attack attempt (file-other.rules)
 * 3:54469 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1105 attack attempt (file-other.rules)
 * 3:54470 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1105 attack attempt (file-other.rules)
 * 3:54471 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1105 attack attempt (file-other.rules)
 * 3:54472 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1105 attack attempt (file-other.rules)
 * 3:54477 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1097 attack attempt (server-webapp.rules)
 * 3:54478 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1106 attack attempt (server-webapp.rules)
 * 3:54479 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1107 attack attempt (server-webapp.rules)
 * 3:54480 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1108 attack attempt (server-webapp.rules)
 * 3:54481 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1109 attack attempt (server-webapp.rules)
 * 3:54488 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1104 attack attempt (file-other.rules)
 * 3:54489 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1104 attack attempt (file-other.rules)
 * 3:54490 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1104 attack attempt (file-other.rules)
 * 3:54491 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1104 attack attempt (file-other.rules)
 * 3:54492 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1103 attack attempt (file-other.rules)
 * 3:54493 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1103 attack attempt (file-other.rules)
 * 3:54494 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2020-1100 attack attempt (server-other.rules)
 * 3:54501 <-> ENABLED <-> OS-OTHER TRUFFLEHUNTER TALOS-2020-1118 attack attempt (os-other.rules)
 * 3:54502 <-> ENABLED <-> OS-OTHER TRUFFLEHUNTER TALOS-2020-1118 attack attempt (os-other.rules)
 * 3:54503 <-> ENABLED <-> OS-OTHER TRUFFLEHUNTER TALOS-2020-1117 attack attempt (os-other.rules)
 * 3:54504 <-> ENABLED <-> OS-OTHER TRUFFLEHUNTER TALOS-2020-1117 attack attempt (os-other.rules)
 * 3:54519 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1120 attack attempt (file-other.rules)
 * 3:54520 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1120 attack attempt (file-other.rules)
 * 3:54538 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers command injection attempt (server-webapp.rules)
 * 3:54539 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers command injection attempt (server-webapp.rules)
 * 3:54540 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers command injection attempt (server-webapp.rules)
 * 3:54541 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers command injection attempt (server-webapp.rules)
 * 3:54542 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers heap buffer overflow attempt (server-webapp.rules)
 * 3:54543 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers heap buffer overflow attempt (server-webapp.rules)
 * 3:54544 <-> ENABLED <-> POLICY-OTHER Cisco RV110W Router default credential login detected (policy-other.rules)
 * 3:54545 <-> ENABLED <-> SERVER-WEBAPP Cisco SD-WAN vManage arbitrary Java object deserialization attempt (server-webapp.rules)
 * 3:54546 <-> ENABLED <-> SERVER-WEBAPP Cisco SD-WAN vManage cypher query language injection attempt (server-webapp.rules)
 * 3:54547 <-> ENABLED <-> SERVER-WEBAPP Cisco SD-WAN vManage cypher query language injection attempt (server-webapp.rules)
 * 3:54548 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (server-webapp.rules)
 * 3:54549 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (server-webapp.rules)
 * 3:54550 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (server-webapp.rules)
 * 3:54551 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (server-webapp.rules)
 * 3:54552 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers null pointer dereference attempt (server-webapp.rules)
 * 3:54553 <-> ENABLED <-> POLICY-OTHER Cisco SD-WAN vManage file upload detected (policy-other.rules)
 * 3:54557 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers authentication bypass attempt (server-webapp.rules)
 * 3:54560 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (server-webapp.rules)
 * 3:54561 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (server-webapp.rules)
 * 3:54562 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (server-webapp.rules)
 * 3:54563 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (server-webapp.rules)
 * 3:54564 <-> ENABLED <-> POLICY-OTHER Cisco RV Series Routers configuration download detected (policy-other.rules)
 * 3:54568 <-> ENABLED <-> POLICY-OTHER Cisco Prime License Manager password reset detected (policy-other.rules)
 * 3:54579 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1122 attack attempt (file-other.rules)
 * 3:54580 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1122 attack attempt (file-other.rules)
 * 3:54581 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1121 attack attempt (file-other.rules)
 * 3:54582 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1121 attack attempt (file-other.rules)
 * 3:54584 <-> ENABLED <-> BROWSER-CHROME TRUFFLEHUNTER TALOS-2020-1123 attack attempt (browser-chrome.rules)
 * 3:54585 <-> ENABLED <-> BROWSER-CHROME TRUFFLEHUNTER TALOS-2020-1123 attack attempt (browser-chrome.rules)
 * 3:54586 <-> ENABLED <-> BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2020-1124 attack attempt (browser-webkit.rules)
 * 3:54587 <-> ENABLED <-> BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2020-1124 attack attempt (browser-webkit.rules)
 * 3:54588 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1125 attack attempt (file-other.rules)
 * 3:54589 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1125 attack attempt (file-other.rules)
 * 3:54598 <-> ENABLED <-> SERVER-WEBAPP Cisco ASA directory traversal attempt (server-webapp.rules)
 * 3:54599 <-> ENABLED <-> SERVER-WEBAPP Cisco ASA directory traversal attempt (server-webapp.rules)
 * 3:54600 <-> ENABLED <-> SERVER-WEBAPP Cisco ASA directory traversal attempt (server-webapp.rules)
 * 3:54601 <-> ENABLED <-> SERVER-WEBAPP Cisco ASA directory traversal attempt (server-webapp.rules)
 * 3:54606 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1126 attack attempt (server-webapp.rules)
 * 3:54607 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1126 attack attempt (server-webapp.rules)
 * 3:54608 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1126 attack attempt (server-webapp.rules)
 * 3:54638 <-> ENABLED <-> BROWSER-CHROME TRUFFLEHUNTER TALOS-2020-1127 attack attempt (browser-chrome.rules)
 * 3:54639 <-> ENABLED <-> BROWSER-CHROME TRUFFLEHUNTER TALOS-2020-1127 attack attempt (browser-chrome.rules)
 * 3:54645 <-> ENABLED <-> OS-OTHER TRUFFLEHUNTER TALOS-2020-1128 attack attempt (os-other.rules)
 * 3:54646 <-> ENABLED <-> OS-OTHER TRUFFLEHUNTER TALOS-2020-1128 attack attempt (os-other.rules)
 * 3:54647 <-> ENABLED <-> OS-OTHER TRUFFLEHUNTER TALOS-2020-1129 attack attempt (os-other.rules)
 * 3:54648 <-> ENABLED <-> OS-OTHER TRUFFLEHUNTER TALOS-2020-1129 attack attempt (os-other.rules)
 * 3:54655 <-> ENABLED <-> SERVER-WEBAPP Cisco Data Center Network Manager command injection attempt (server-webapp.rules)
 * 3:54656 <-> ENABLED <-> POLICY-OTHER Cisco Data Center Network Manager device manager access detected (policy-other.rules)
 * 3:54667 <-> ENABLED <-> FILE-OTHER TAR file directory traversal attempt (file-other.rules)
 * 3:54668 <-> ENABLED <-> SERVER-WEBAPP Cisco Data Center Network Manager directory traversal attempt (server-webapp.rules)
 * 3:54680 <-> ENABLED <-> OS-OTHER TRUFFLEHUNTER TALOS-2020-1131 attack attempt (os-other.rules)
 * 3:54681 <-> ENABLED <-> OS-OTHER TRUFFLEHUNTER TALOS-2020-1131 attack attempt (os-other.rules)
 * 3:54682 <-> ENABLED <-> OS-OTHER TRUFFLEHUNTER TALOS-2020-1130 attack attempt (os-other.rules)
 * 3:54683 <-> ENABLED <-> OS-OTHER TRUFFLEHUNTER TALOS-2020-1130 attack attempt (os-other.rules)
 * 3:54694 <-> ENABLED <-> FILE-OTHER Cisco AnyConnect Secure Mobility Client dll-load exploit attempt (file-other.rules)
 * 3:54695 <-> ENABLED <-> FILE-OTHER Cisco AnyConnect Secure Mobility Client dll-load exploit attempt (file-other.rules)
 * 3:54696 <-> ENABLED <-> POLICY-OTHER Cisco Data Center Network Manager privileged API access detected (policy-other.rules)
 * 3:54697 <-> ENABLED <-> POLICY-OTHER Cisco Data Center Network Manager privileged API access detected (policy-other.rules)
 * 3:54698 <-> ENABLED <-> POLICY-OTHER Cisco Data Center Network Manager privileged API access detected (policy-other.rules)
 * 3:54699 <-> ENABLED <-> POLICY-OTHER Cisco Data Center Network Manager privileged API access detected (policy-other.rules)
 * 3:54700 <-> ENABLED <-> POLICY-OTHER Cisco Data Center Network Manager privileged API access detected (policy-other.rules)
 * 3:54701 <-> ENABLED <-> OS-OTHER TRUFFLEHUNTER TALOS-2020-1133 attack attempt (os-other.rules)
 * 3:54702 <-> ENABLED <-> OS-OTHER TRUFFLEHUNTER TALOS-2020-1133 attack attempt (os-other.rules)
 * 3:54729 <-> ENABLED <-> OS-OTHER TRUFFLEHUNTER TALOS-2020-1138 attack attempt (os-other.rules)
 * 3:54730 <-> ENABLED <-> OS-OTHER TRUFFLEHUNTER TALOS-2020-1138 attack attempt (os-other.rules)
 * 3:54731 <-> ENABLED <-> OS-OTHER TRUFFLEHUNTER TALOS-2020-1134 attack attempt (os-other.rules)
 * 3:54732 <-> ENABLED <-> OS-OTHER TRUFFLEHUNTER TALOS-2020-1134 attack attempt (os-other.rules)
 * 3:54762 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2020-1135 attack attempt (policy-other.rules)
 * 3:54763 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2020-1135 attack attempt (policy-other.rules)
 * 3:54764 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2020-1135 attack attempt (policy-other.rules)
 * 3:54798 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1135 attack attempt (server-webapp.rules)
 * 3:54799 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1135 attack attempt (server-webapp.rules)
 * 3:54800 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1135 attack attempt (server-webapp.rules)
 * 3:54829 <-> ENABLED <-> OS-OTHER TRUFFLEHUNTER TALOS-2020-1139 attack attempt (os-other.rules)
 * 3:54830 <-> ENABLED <-> OS-OTHER TRUFFLEHUNTER TALOS-2020-1139 attack attempt (os-other.rules)
 * 3:54831 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2020-1142 attack attempt (policy-other.rules)
 * 3:54832 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2020-1143 attack attempt (server-other.rules)
 * 3:54866 <-> ENABLED <-> OS-OTHER TRUFFLEHUNTER TALOS-2020-1141 attack attempt (os-other.rules)
 * 3:54867 <-> ENABLED <-> OS-OTHER TRUFFLEHUNTER TALOS-2020-1141 attack attempt (os-other.rules)
 * 3:54894 <-> ENABLED <-> SERVER-WEBAPP Cisco Data Center Network Manager SQL injection attempt (server-webapp.rules)
 * 3:54895 <-> ENABLED <-> SERVER-WEBAPP Cisco Data Center Network Manager SQL injection attempt (server-webapp.rules)
 * 3:54896 <-> ENABLED <-> SERVER-OTHER Cisco NX-OS malformed BGP UPDATE denial of service attempt (server-other.rules)
 * 3:54899 <-> ENABLED <-> PROTOCOL-OTHER Cisco NX-OS protocol independent multicast denial of service attempt (protocol-other.rules)
 * 3:54902 <-> ENABLED <-> PROTOCOL-OTHER IGMP DVMRP scan attempt (protocol-other.rules)
 * 3:54922 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1145 attack attempt (file-other.rules)
 * 3:54923 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1145 attack attempt (file-other.rules)
 * 3:55016 <-> ENABLED <-> SERVER-OTHER Cisco Jabber for Windows protocol handler command injection attempt (server-other.rules)
 * 3:55017 <-> ENABLED <-> SERVER-OTHER Cisco Jabber for Windows protocol handler command injection attempt (server-other.rules)
 * 3:55018 <-> ENABLED <-> SERVER-OTHER Cisco Jabber for Windows protocol handler command injection attempt (server-other.rules)
 * 3:55035 <-> ENABLED <-> SERVER-OTHER Cisco Jabber client remote code execution attempt (server-other.rules)
 * 3:55036 <-> ENABLED <-> BROWSER-CHROME TRUFFLEHUNTER TALOS-2020-1152 attack attempt (browser-chrome.rules)
 * 3:55037 <-> ENABLED <-> BROWSER-CHROME TRUFFLEHUNTER TALOS-2020-1152 attack attempt (browser-chrome.rules)
 * 3:55641 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1151 attack attempt (file-other.rules)
 * 3:55642 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1151 attack attempt (file-other.rules)
 * 3:55643 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1151 attack attempt (file-other.rules)
 * 3:55644 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1151 attack attempt (file-other.rules)
 * 3:55645 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1151 attack attempt (file-other.rules)
 * 3:55646 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1151 attack attempt (file-other.rules)
 * 3:55748 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2020-1153 attack attempt (file-office.rules)
 * 3:55749 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2020-1153 attack attempt (file-office.rules)
 * 3:55806 <-> ENABLED <-> SERVER-OTHER Cisco Wireless LAN Controller CAPWAP denial of service attempt (server-other.rules)
 * 3:55807 <-> ENABLED <-> SERVER-OTHER Cisco Wireless LAN Controller CAPWAP denial of service attempt (server-other.rules)
 * 3:55808 <-> ENABLED <-> POLICY-OTHER Cisco IOS Software VLPWA file read detected (policy-other.rules)
 * 3:55815 <-> ENABLED <-> POLICY-OTHER Cisco IOS XE WebUI administrative access detected (policy-other.rules)
 * 3:55816 <-> ENABLED <-> POLICY-OTHER Cisco IOS XE WebUI administrative access detected (policy-other.rules)
 * 3:55817 <-> ENABLED <-> POLICY-OTHER Cisco IOS XE WebUI administrative access detected (policy-other.rules)
 * 3:55818 <-> ENABLED <-> POLICY-OTHER Cisco IOS XE WebUI administrative access detected (policy-other.rules)
 * 3:55819 <-> ENABLED <-> SERVER-OTHER Cisco IOS Common Open Policy Service denial of service attempt (server-other.rules)
 * 3:55820 <-> ENABLED <-> PROTOCOL-OTHER Cisco IOS XE Flexible NetFlow denial of service attempt (protocol-other.rules)
 * 3:55822 <-> ENABLED <-> PROTOCOL-DNS Cisco IOS XE Umbrella Connector denial of service attempt (protocol-dns.rules)
 * 3:55830 <-> ENABLED <-> SERVER-OTHER Cisco Wireless LAN Controller CAPWAP denial of service attempt (server-other.rules)
 * 3:55831 <-> ENABLED <-> SERVER-OTHER Cisco Wireless LAN Controller CAPWAP denial of service attempt (server-other.rules)
 * 3:55832 <-> ENABLED <-> SERVER-OTHER Cisco IOS XE mDNS denial of service attempt (server-other.rules)
 * 3:55833 <-> ENABLED <-> POLICY-OTHER Cisco IOS XE WebUI restricted character in authentication detected (policy-other.rules)
 * 3:55842 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1156 attack attempt (file-pdf.rules)
 * 3:55843 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1156 attack attempt (file-pdf.rules)
 * 3:55844 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1155 attack attempt (file-other.rules)
 * 3:55845 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1155 attack attempt (file-other.rules)
 * 3:55917 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1159 attack attempt (server-webapp.rules)
 * 3:55924 <-> ENABLED <-> SERVER-OTHER Cisco Wireless LAN Controller CAPWAP denial of service attempt (server-other.rules)
 * 3:55925 <-> ENABLED <-> SERVER-OTHER Cisco Wireless LAN Controller CAPWAP denial of service attempt (server-other.rules)
 * 3:55985 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1161 attack attempt (file-other.rules)
 * 3:55986 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1161 attack attempt (file-other.rules)
 * 3:55987 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1162 attack attempt (file-other.rules)
 * 3:55988 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1162 attack attempt (file-other.rules)
 * 3:55991 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1163 attack attempt (file-other.rules)
 * 3:55992 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1163 attack attempt (file-other.rules)
 * 3:56048 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1168 attack attempt (server-webapp.rules)
 * 3:56049 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1168 attack attempt (server-webapp.rules)
 * 3:56050 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1168 attack attempt (server-webapp.rules)
 * 3:56053 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1171 attack attempt (file-pdf.rules)
 * 3:56054 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1171 attack attempt (file-pdf.rules)
 * 3:56059 <-> ENABLED <-> PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2020-1170 attack attempt (protocol-other.rules)
 * 3:56060 <-> ENABLED <-> PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2020-1170 attack attempt (protocol-other.rules)
 * 3:56063 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1166 attack attempt (file-pdf.rules)
 * 3:56064 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1166 attack attempt (file-pdf.rules)
 * 3:56065 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1165 attack attempt (file-pdf.rules)
 * 3:56066 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1165 attack attempt (file-pdf.rules)
 * 3:56084 <-> ENABLED <-> SERVER-WEBAPP Cisco FXOS Software Firepower Chassis Manager cross site request forgery attempt (server-webapp.rules)
 * 3:56085 <-> ENABLED <-> SERVER-WEBAPP Cisco FXOS Software Firepower Chassis Manager cross site request forgery attempt (server-webapp.rules)
 * 3:56087 <-> ENABLED <-> SERVER-WEBAPP Cisco ASA and FTD web services large file upload denial of service attempt (server-webapp.rules)
 * 3:56089 <-> ENABLED <-> SERVER-WEBAPP Cisco ASA and FTD denial of service attempt (server-webapp.rules)
 * 3:56090 <-> ENABLED <-> SERVER-OTHER Cisco ASA/FTD OSPF LLS denial of service attempt (server-other.rules)
 * 3:56091 <-> ENABLED <-> SERVER-OTHER Cisco ASA/FTD OSPF LLS denial of service attempt (server-other.rules)
 * 3:56122 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1175 attack attempt (file-pdf.rules)
 * 3:56123 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2020-1175 attack attempt (file-pdf.rules)
 * 3:56126 <-> ENABLED <-> BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2020-1172 attack attempt (browser-webkit.rules)
 * 3:56127 <-> ENABLED <-> BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2020-1172 attack attempt (browser-webkit.rules)
 * 3:56128 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1174 attack attempt (protocol-scada.rules)
 * 3:56129 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1174 attack attempt (protocol-scada.rules)
 * 3:56137 <-> ENABLED <-> POLICY-OTHER TRUFFLEHUNTER TALOS-2020-1173 attack attempt (policy-other.rules)
 * 3:56143 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1177 attack attempt (server-webapp.rules)
 * 3:56144 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1177 attack attempt (server-webapp.rules)
 * 3:56145 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1177 attack attempt (server-webapp.rules)
 * 3:56146 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1177 attack attempt (server-webapp.rules)
 * 3:56147 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1179 attack attempt (server-webapp.rules)
 * 3:56148 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1179 attack attempt (server-webapp.rules)
 * 3:56149 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1179 attack attempt (server-webapp.rules)
 * 3:56152 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1178 attack attempt (server-webapp.rules)
 * 3:56153 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1178 attack attempt (server-webapp.rules)
 * 3:56158 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1176 attack attempt (file-image.rules)
 * 3:56159 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1176 attack attempt (file-image.rules)
 * 3:56160 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1176 attack attempt (file-image.rules)
 * 3:56161 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1176 attack attempt (file-image.rules)
 * 3:56199 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1193 attack attempt (server-webapp.rules)
 * 3:56208 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1184 attack attempt (protocol-scada.rules)
 * 3:56209 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2020-1192 attack attempt (file-office.rules)
 * 3:56210 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2020-1192 attack attempt (file-office.rules)
 * 3:56211 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1185 attack attempt (server-webapp.rules)
 * 3:56212 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2020-1191 attack attempt (file-office.rules)
 * 3:56213 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2020-1191 attack attempt (file-office.rules)
 * 3:56216 <-> ENABLED <-> FILE-OTHER Cisco Webex Network Recording Player out of bounds write attempt (file-other.rules)
 * 3:56217 <-> ENABLED <-> FILE-OTHER Cisco Webex Network Recording Player out of bounds write attempt (file-other.rules)
 * 3:56218 <-> ENABLED <-> FILE-OTHER Cisco Webex Network Recording Player buffer overflow attempt (file-other.rules)
 * 3:56219 <-> ENABLED <-> FILE-OTHER Cisco Webex Network Recording Player buffer overflow attempt (file-other.rules)
 * 3:56220 <-> ENABLED <-> SERVER-WEBAPP Cisco SD-WAN vManage directory traversal attempt (server-webapp.rules)
 * 3:56221 <-> ENABLED <-> FILE-OTHER Cisco AnyConnect Secure Mobility Client arbitrary code execution attempt (file-other.rules)
 * 3:56222 <-> ENABLED <-> FILE-OTHER Cisco AnyConnect Secure Mobility Client arbitrary code execution attempt (file-other.rules)
 * 3:56225 <-> ENABLED <-> SERVER-OTHER Cisco Webex Meetings virtual channel remote code execution attempt (server-other.rules)
 * 3:56226 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2020-1190 attack attempt (file-office.rules)
 * 3:56227 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2020-1190 attack attempt (file-office.rules)
 * 3:56228 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2020-1190 attack attempt (file-office.rules)
 * 3:56229 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2020-1190 attack attempt (file-office.rules)
 * 3:56275 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2020-1185 attack attempt (server-other.rules)
 * 3:56297 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1189 attack attempt (server-webapp.rules)
 * 3:56298 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2020-1189 attack attempt (server-other.rules)
 * 3:56306 <-> ENABLED <-> SERVER-WEBAPP Cisco Data Center Network Manager arbitrary file download attempt (server-webapp.rules)
 * 3:56307 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1188 attack attempt (server-webapp.rules)
 * 3:56308 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2020-1188 attack attempt (server-other.rules)
 * 3:56365 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1183 attack attempt (file-image.rules)
 * 3:56366 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1183 attack attempt (file-image.rules)
 * 3:56379 <-> ENABLED <-> BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2020-1195 attack attempt (browser-webkit.rules)
 * 3:56380 <-> ENABLED <-> BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2020-1195 attack attempt (browser-webkit.rules)
 * 3:56381 <-> ENABLED <-> BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2020-1195 attack attempt (browser-webkit.rules)
 * 3:56382 <-> ENABLED <-> BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2020-1195 attack attempt (browser-webkit.rules)
 * 3:56389 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2020-1197 attack attempt (file-office.rules)
 * 3:56390 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2020-1197 attack attempt (file-office.rules)
 * 3:56424 <-> ENABLED <-> SERVER-WEBAPP Cisco DNA Spaces Connector command injection attempt (server-webapp.rules)
 * 3:56431 <-> ENABLED <-> POLICY-OTHER Cisco IoT Field Network Director access detected (policy-other.rules)
 * 3:56440 <-> ENABLED <-> SERVER-WEBAPP Cisco Integrated Management Controller stack buffer overflow attempt (server-webapp.rules)
 * 3:56441 <-> ENABLED <-> SERVER-WEBAPP Cisco Integrated Management Controller stack buffer overflow attempt (server-webapp.rules)
 * 3:56442 <-> ENABLED <-> SERVER-WEBAPP Cisco Integrated Management Controller stack buffer overflow attempt (server-webapp.rules)
 * 3:56443 <-> ENABLED <-> SERVER-WEBAPP Cisco Integrated Management Controller stack buffer overflow attempt (server-webapp.rules)
 * 3:56444 <-> ENABLED <-> SERVER-WEBAPP Cisco Integrated Management Controller stack buffer overflow attempt (server-webapp.rules)
 * 3:56447 <-> ENABLED <-> POLICY-OTHER Cisco IoT Field Network Director access detected (policy-other.rules)
 * 3:56448 <-> ENABLED <-> POLICY-OTHER Cisco IoT Field Network Director access detected (policy-other.rules)
 * 3:56451 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1196 attack attempt (file-image.rules)
 * 3:56452 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1196 attack attempt (file-image.rules)
 * 3:56475 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1205 attack attempt (server-webapp.rules)
 * 3:56476 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1205 attack attempt (server-webapp.rules)
 * 3:56477 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1205 attack attempt (server-webapp.rules)
 * 3:56478 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1207 attack attempt (server-webapp.rules)
 * 3:56479 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1207 attack attempt (server-webapp.rules)
 * 3:56480 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1207 attack attempt (server-webapp.rules)
 * 3:56481 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1206 attack attempt (server-webapp.rules)
 * 3:56482 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1206 attack attempt (server-webapp.rules)
 * 3:56483 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1206 attack attempt (server-webapp.rules)
 * 3:56486 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1202 attack attempt (server-webapp.rules)
 * 3:56487 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1202 attack attempt (server-webapp.rules)
 * 3:56488 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1202 attack attempt (server-webapp.rules)
 * 3:56489 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1203 attack attempt (server-webapp.rules)
 * 3:56496 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1198 attack attempt (server-webapp.rules)
 * 3:56500 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1200 attack attempt (server-webapp.rules)
 * 3:56501 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1200 attack attempt (server-webapp.rules)
 * 3:56502 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1200 attack attempt (server-webapp.rules)
 * 3:56503 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1201 attack attempt (server-webapp.rules)
 * 3:56504 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1199 attack attempt (server-webapp.rules)
 * 3:56505 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1199 attack attempt (server-webapp.rules)
 * 3:56506 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1199 attack attempt (server-webapp.rules)
 * 3:56507 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1186 attack attempt (server-webapp.rules)
 * 3:56508 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2020-1186 attack attempt (server-other.rules)
 * 3:56509 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1187 attack attempt (server-webapp.rules)
 * 3:56510 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2020-1187 attack attempt (server-other.rules)
 * 3:56526 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2020-1210 attack attempt (file-office.rules)
 * 3:56527 <-> ENABLED <-> FILE-OFFICE TRUFFLEHUNTER TALOS-2020-1210 attack attempt (file-office.rules)
 * 3:56539 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1212 attack attempt (file-other.rules)
 * 3:56540 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1212 attack attempt (file-other.rules)
 * 3:56548 <-> ENABLED <-> OS-OTHER TRUFFLEHUNTER TALOS-2020-1209 attack attempt (os-other.rules)
 * 3:56549 <-> ENABLED <-> OS-OTHER TRUFFLEHUNTER TALOS-2020-1209 attack attempt (os-other.rules)
 * 3:56572 <-> ENABLED <-> BROWSER-OTHER Cisco Jabber protocol handler command line argument injection attempt (browser-other.rules)
 * 3:56573 <-> ENABLED <-> BROWSER-OTHER Cisco Jabber protocol handler command line argument injection attempt (browser-other.rules)
 * 3:56575 <-> ENABLED <-> BROWSER-OTHER Cisco Jabber protocol handler command line argument injection attempt (browser-other.rules)
 * 3:56576 <-> ENABLED <-> BROWSER-OTHER Cisco Jabber protocol handler command line argument injection attempt (browser-other.rules)
 * 3:56588 <-> ENABLED <-> BROWSER-OTHER Cisco Jabber XMPP cross site scripting attempt (browser-other.rules)
 * 3:56589 <-> ENABLED <-> BROWSER-OTHER Cisco Jabber XMPP cross site scripting attempt (browser-other.rules)
 * 3:56590 <-> ENABLED <-> BROWSER-OTHER Cisco Jabber XMPP cross site scripting attempt (browser-other.rules)
 * 3:56591 <-> ENABLED <-> BROWSER-OTHER Cisco Jabber XMPP cross site scripting attempt (browser-other.rules)
 * 3:56658 <-> ENABLED <-> BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2020-1214 attack attempt (browser-webkit.rules)
 * 3:56659 <-> ENABLED <-> BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2020-1214 attack attempt (browser-webkit.rules)
 * 3:56721 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1213 attack attempt (file-other.rules)
 * 3:56722 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1213 attack attempt (file-other.rules)
 * 3:56723 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1215 attack attempt (file-other.rules)
 * 3:56724 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1215 attack attempt (file-other.rules)
 * 3:56725 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1218 attack attempt (file-other.rules)
 * 3:56726 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1218 attack attempt (file-other.rules)
 * 3:56727 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1219 attack attempt (file-other.rules)
 * 3:56728 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1219 attack attempt (file-other.rules)
 * 3:56729 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2020-1217 attack attempt (server-other.rules)
 * 3:56832 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1221 attack attempt (server-webapp.rules)
 * 3:56838 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers command injection attempt (server-webapp.rules)
 * 3:56839 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (server-webapp.rules)
 * 3:56840 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (server-webapp.rules)
 * 3:56841 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (server-webapp.rules)
 * 3:56842 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (server-webapp.rules)
 * 3:56843 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (server-webapp.rules)
 * 3:56844 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (server-webapp.rules)
 * 3:56847 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1222 attack attempt (file-other.rules)
 * 3:56848 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1222 attack attempt (file-other.rules)
 * 3:56861 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (server-webapp.rules)
 * 3:56866 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (server-webapp.rules)
 * 3:56867 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (server-webapp.rules)
 * 3:56868 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (server-webapp.rules)
 * 3:56869 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (server-webapp.rules)
 * 3:56870 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (server-webapp.rules)
 * 3:56871 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (server-webapp.rules)
 * 3:56872 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (server-webapp.rules)
 * 3:56873 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (server-webapp.rules)
 * 3:56874 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (server-webapp.rules)
 * 3:56875 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (server-webapp.rules)
 * 3:56876 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (server-webapp.rules)
 * 3:56881 <-> ENABLED <-> FILE-OTHER Cisco AnyConnect information disclosure attempt (file-other.rules)
 * 3:56882 <-> ENABLED <-> FILE-OTHER Cisco AnyConnect information disclosure attempt (file-other.rules)
 * 3:56883 <-> ENABLED <-> FILE-OTHER Cisco AnyConnect information disclosure attempt (file-other.rules)
 * 3:56884 <-> ENABLED <-> FILE-OTHER Cisco AnyConnect information disclosure attempt (file-other.rules)
 * 3:56885 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (server-webapp.rules)
 * 3:56893 <-> ENABLED <-> FILE-OTHER OpenSSL configuration arbitrary DLL load attempt (file-other.rules)
 * 3:56894 <-> ENABLED <-> FILE-OTHER OpenSSL configuration arbitrary DLL load attempt (file-other.rules)
 * 3:56938 <-> ENABLED <-> SERVER-WEBAPP Cisco Smart Software Manager Satellite Web UI command injection attempt (server-webapp.rules)
 * 3:56939 <-> ENABLED <-> SERVER-WEBAPP Cisco Smart Software Manager Satellite Web UI command injection attempt (server-webapp.rules)
 * 3:56940 <-> ENABLED <-> SERVER-WEBAPP Cisco Smart Software Manager Satellite Web UI command injection attempt (server-webapp.rules)
 * 3:56941 <-> ENABLED <-> SERVER-WEBAPP Cisco Smart Software Manager Satellite Web UI command injection attempt (server-webapp.rules)
 * 3:56942 <-> ENABLED <-> SERVER-WEBAPP Cisco SD-WAN vManage directory traversal attempt (server-webapp.rules)
 * 3:56943 <-> ENABLED <-> SERVER-WEBAPP Cisco SD-WAN vManage directory traversal attempt (server-webapp.rules)
 * 3:56944 <-> ENABLED <-> SERVER-WEBAPP Cisco SD-WAN vManage directory traversal attempt (server-webapp.rules)
 * 3:56945 <-> ENABLED <-> SERVER-WEBAPP Cisco Smart Software Manager Satellite Web UI command injection attempt (server-webapp.rules)
 * 3:56946 <-> ENABLED <-> SERVER-WEBAPP Cisco SD-WAN WebUI command injection attempt (server-webapp.rules)
 * 3:56947 <-> ENABLED <-> SERVER-WEBAPP Cisco Data Center Network Manager SQL injection attempt (server-webapp.rules)
 * 3:56950 <-> ENABLED <-> SERVER-WEBAPP Cisco DNA Center command injection attempt (server-webapp.rules)
 * 3:56953 <-> ENABLED <-> SERVER-WEBAPP Cisco Smart Software Manager Satellite Web UI command injection attempt (server-webapp.rules)
 * 3:56954 <-> ENABLED <-> SERVER-WEBAPP Cisco Data Center Network Manager SQL injection attempt (server-webapp.rules)
 * 3:56955 <-> ENABLED <-> POLICY-OTHER Cisco Smart Software Manager Satellite Web UI user creation detected (policy-other.rules)
 * 3:56956 <-> ENABLED <-> POLICY-OTHER Cisco Data Center Network Manager session validation request detected (policy-other.rules)
 * 3:56957 <-> ENABLED <-> POLICY-OTHER Cisco SD-WAN vManage terminal request detected (policy-other.rules)
 * 3:56958 <-> ENABLED <-> POLICY-OTHER Cisco SD-WAN vManage terminal request detected (policy-other.rules)
 * 3:56959 <-> ENABLED <-> POLICY-OTHER Cisco SD-WAN vManage enumeration request detected (policy-other.rules)
 * 3:56960 <-> ENABLED <-> POLICY-OTHER Cisco SD-WAN vManage enumeration request detected (policy-other.rules)
 * 3:56961 <-> ENABLED <-> POLICY-OTHER Cisco SD-WAN vManage enumeration request detected (policy-other.rules)
 * 3:56962 <-> ENABLED <-> POLICY-OTHER Cisco SD-WAN vManage configuration request detected (policy-other.rules)
 * 3:56963 <-> ENABLED <-> POLICY-OTHER Cisco SD-WAN vManage request detected (policy-other.rules)
 * 3:56994 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1226 attack attempt (file-other.rules)
 * 3:56995 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1226 attack attempt (file-other.rules)
 * 3:57000 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1224 attack attempt (file-other.rules)
 * 3:57001 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1224 attack attempt (file-other.rules)
 * 3:57011 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1227 attack attempt (file-image.rules)
 * 3:57012 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1227 attack attempt (file-image.rules)
 * 3:57013 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1227 attack attempt (file-image.rules)
 * 3:57014 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1227 attack attempt (file-image.rules)
 * 3:57015 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1227 attack attempt (file-image.rules)
 * 3:57016 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1227 attack attempt (file-image.rules)
 * 3:57017 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1227 attack attempt (file-image.rules)
 * 3:57018 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1227 attack attempt (file-image.rules)
 * 3:57045 <-> ENABLED <-> BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2021-1229 attack attempt (browser-webkit.rules)
 * 3:57046 <-> ENABLED <-> BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2021-1229 attack attempt (browser-webkit.rules)
 * 3:57052 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1232 attack attempt (file-image.rules)
 * 3:57053 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1232 attack attempt (file-image.rules)
 * 3:57056 <-> ENABLED <-> PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2021-1234 attack attempt (protocol-scada.rules)
 * 3:57057 <-> ENABLED <-> BROWSER-CHROME TRUFFLEHUNTER TALOS-2021-1235 attack attempt (browser-chrome.rules)
 * 3:57058 <-> ENABLED <-> BROWSER-CHROME TRUFFLEHUNTER TALOS-2021-1235 attack attempt (browser-chrome.rules)
 * 3:57059 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2021-1233 attack attempt (file-pdf.rules)
 * 3:57060 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2021-1233 attack attempt (file-pdf.rules)
 * 3:57115 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2021-1237 attack attempt (server-other.rules)
 * 3:57116 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2021-1237 attack attempt (server-other.rules)
 * 3:57117 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2021-1237 attack attempt (server-other.rules)
 * 3:57118 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2021-1237 attack attempt (server-other.rules)
 * 3:57119 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1231 attack attempt (file-other.rules)
 * 3:57120 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1231 attack attempt (file-other.rules)
 * 3:57121 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1230 attack attempt (file-other.rules)
 * 3:57122 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2021-1230 attack attempt (file-other.rules)
 * 3:57124 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1244 attack attempt (file-image.rules)
 * 3:57125 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1244 attack attempt (file-image.rules)
 * 3:57134 <-> ENABLED <-> BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2021-1238 attack attempt (browser-webkit.rules)
 * 3:57135 <-> ENABLED <-> BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2021-1238 attack attempt (browser-webkit.rules)
 * 3:57136 <-> ENABLED <-> NETBIOS TRUFFLEHUNTER TALOS-2021-1246 attack attempt (netbios.rules)
 * 3:57139 <-> ENABLED <-> OS-OTHER TRUFFLEHUNTER TALOS-2021-1247 attack attempt (os-other.rules)
 * 3:57140 <-> ENABLED <-> OS-OTHER TRUFFLEHUNTER TALOS-2021-1247 attack attempt (os-other.rules)
 * 3:57162 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1248 attack attempt (file-image.rules)
 * 3:57163 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1248 attack attempt (file-image.rules)
 * 3:57164 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1248 attack attempt (file-image.rules)
 * 3:57165 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1248 attack attempt (file-image.rules)
 * 3:57166 <-> ENABLED <-> OS-OTHER TRUFFLEHUNTER TALOS-2021-1249 attack attempt (os-other.rules)
 * 3:57167 <-> ENABLED <-> OS-OTHER TRUFFLEHUNTER TALOS-2021-1249 attack attempt (os-other.rules)
 * 3:57186 <-> ENABLED <-> OS-OTHER TRUFFLEHUNTER TALOS-2021-1250 attack attempt (os-other.rules)
 * 3:57187 <-> ENABLED <-> OS-OTHER TRUFFLEHUNTER TALOS-2021-1250 attack attempt (os-other.rules)
 * 3:57189 <-> ENABLED <-> FILE-EXECUTABLE TRUFFLEHUNTER TALOS-2021-1255 attack attempt (file-executable.rules)
 * 3:57190 <-> ENABLED <-> FILE-EXECUTABLE TRUFFLEHUNTER TALOS-2021-1255 attack attempt (file-executable.rules)
 * 3:57222 <-> ENABLED <-> SERVER-OTHER Cisco NX-OS arbitrary file write attempt (server-other.rules)
 * 3:57223 <-> ENABLED <-> POLICY-OTHER Cisco Application Services Engine API access detected (policy-other.rules)
 * 3:57227 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1225 attack attempt (file-other.rules)
 * 3:57228 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1225 attack attempt (file-other.rules)
 * 3:57230 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1223 attack attempt (file-other.rules)
 * 3:57231 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-1223 attack attempt (file-other.rules)
 * 3:57232 <-> ENABLED <-> NETBIOS TRUFFLEHUNTER TALOS-2021-1258 attack attempt (netbios.rules)
 * 3:57249 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1257 attack attempt (file-image.rules)
 * 3:57250 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1257 attack attempt (file-image.rules)
 * 3:57265 <-> ENABLED <-> NETBIOS TRUFFLEHUNTER TALOS-2021-1263 attack attempt (netbios.rules)
 * 3:57266 <-> ENABLED <-> OS-OTHER TRUFFLEHUNTER TALOS-2021-1262 attack attempt (os-other.rules)
 * 3:57267 <-> ENABLED <-> OS-OTHER TRUFFLEHUNTER TALOS-2021-1262 attack attempt (os-other.rules)
 * 3:57270 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1261 attack attempt (file-image.rules)
 * 3:57271 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1261 attack attempt (file-image.rules)
 * 3:57272 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1261 attack attempt (file-image.rules)
 * 3:57273 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1261 attack attempt (file-image.rules)
 * 3:57282 <-> ENABLED <-> NETBIOS TRUFFLEHUNTER TALOS-2021-1260 attack attempt (netbios.rules)
 * 3:57290 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1270 attack attempt (server-webapp.rules)
 * 3:57291 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1270 attack attempt (server-webapp.rules)
 * 3:57292 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1271 attack attempt (server-webapp.rules)
 * 3:57293 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1271 attack attempt (server-webapp.rules)
 * 3:57294 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2021-1265 attack attempt (file-pdf.rules)
 * 3:57295 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2021-1265 attack attempt (file-pdf.rules)
 * 3:57296 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2021-1267 attack attempt (file-pdf.rules)
 * 3:57297 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2021-1267 attack attempt (file-pdf.rules)
 * 3:57300 <-> ENABLED <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (server-webapp.rules)
 * 3:57301 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1264 attack attempt (file-image.rules)
 * 3:57302 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1264 attack attempt (file-image.rules)
 * 3:57303 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2021-1266 attack attempt (file-pdf.rules)
 * 3:57304 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2021-1266 attack attempt (file-pdf.rules)
 * 3:57305 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1272 attack attempt (server-webapp.rules)
 * 3:57306 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1272 attack attempt (server-webapp.rules)
 * 3:57307 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1274 attack attempt (server-webapp.rules)
 * 3:57308 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1274 attack attempt (server-webapp.rules)
 * 3:57309 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1274 attack attempt (server-webapp.rules)
 * 3:57310 <-> ENABLED <-> NETBIOS TRUFFLEHUNTER TALOS-2021-1268 attack attempt (netbios.rules)
 * 3:57338 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1273 attack attempt (server-webapp.rules)
 * 3:57339 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1273 attack attempt (server-webapp.rules)
 * 3:57340 <-> ENABLED <-> NETBIOS TRUFFLEHUNTER TALOS-2021-1269 attack attempt (netbios.rules)
 * 3:57343 <-> ENABLED <-> SERVER-WEBAPP Cisco IOS and IOS-XE Application Environment directory traversal attempt (server-webapp.rules)
 * 3:57344 <-> ENABLED <-> SERVER-WEBAPP Cisco IOS-XE Software Plug-and-Play command execution attempt (server-webapp.rules)
 * 3:57345 <-> ENABLED <-> SERVER-WEBAPP Cisco IOS XE Software cross site request forgery attempt (server-webapp.rules)
 * 3:57346 <-> ENABLED <-> SERVER-WEBAPP Cisco IOS XE Software cross site request forgery attempt (server-webapp.rules)
 * 3:57349 <-> ENABLED <-> SERVER-OTHER Cisco Virtual Switching System stack buffer overflow attempt (server-other.rules)
 * 3:57350 <-> ENABLED <-> SERVER-OTHER invalid multicast DNS name length response attempt (server-other.rules)
 * 3:57351 <-> ENABLED <-> BROWSER-OTHER Cisco Jabber XMPP mention message denial of service attempt (browser-other.rules)
 * 3:57352 <-> ENABLED <-> BROWSER-OTHER Cisco Jabber XMPP cross site scripting attempt (browser-other.rules)
 * 3:57353 <-> ENABLED <-> BROWSER-OTHER Cisco Jabber XMPP cross site scripting attempt (browser-other.rules)
 * 3:57354 <-> ENABLED <-> BROWSER-OTHER Cisco Jabber XMPP cross site scripting attempt (browser-other.rules)
 * 3:57355 <-> ENABLED <-> SERVER-WEBAPP Cisco IOS XE Web UI command injection attempt (server-webapp.rules)
 * 3:57356 <-> ENABLED <-> SERVER-WEBAPP Cisco IOS XE Web UI command injection attempt (server-webapp.rules)
 * 3:57357 <-> ENABLED <-> SERVER-WEBAPP Cisco IOS XE Web UI command injection attempt (server-webapp.rules)
 * 3:57358 <-> ENABLED <-> SERVER-WEBAPP Cisco IOS XE Web UI command injection attempt (server-webapp.rules)
 * 3:57359 <-> ENABLED <-> BROWSER-OTHER Cisco Jabber XMPP information disclosure attempt (browser-other.rules)
 * 3:57360 <-> ENABLED <-> SERVER-OTHER Cisco IOS XE Wireless Controller Software CAPWAP denial of service attempt (server-other.rules)
 * 3:57371 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1277 attack attempt (server-webapp.rules)
 * 3:57372 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1277 attack attempt (server-webapp.rules)
 * 3:57373 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1277 attack attempt (server-webapp.rules)
 * 3:57374 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1277 attack attempt (server-webapp.rules)
 * 3:57378 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1275 attack attempt (file-image.rules)
 * 3:57379 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1275 attack attempt (file-image.rules)
 * 3:7019 <-> ENABLED <-> PUA-P2P WinNY connection attempt (pua-p2p.rules)
 * 3:7196 <-> ENABLED <-> OS-OTHER Multiple Operating Systems invalid DHCP option attempt (os-other.rules)
 * 3:8092 <-> ENABLED <-> OS-WINDOWS IGMP IP Options validation attempt (os-windows.rules)
 * 3:8351 <-> ENABLED <-> OS-WINDOWS PGM nak list overflow attempt (os-windows.rules)

Modified Rules:


 * 1:1191 <-> DISABLED <-> SERVER-WEBAPP Netscape Enterprise Server directory view (server-webapp.rules)
 * 1:1192 <-> DISABLED <-> SERVER-WEBAPP Trend Micro OfficeScan access (server-webapp.rules)
 * 1:1193 <-> DISABLED <-> SERVER-WEBAPP oracle web arbitrary command execution attempt (server-webapp.rules)
 * 1:1194 <-> DISABLED <-> SERVER-WEBAPP sojourn.cgi File attempt (server-webapp.rules)
 * 1:11940 <-> DISABLED <-> BROWSER-PLUGINS Westbyte Internet Download Accelerator ActiveX function call access (browser-plugins.rules)
 * 1:11942 <-> DISABLED <-> BROWSER-PLUGINS Westbyte internet download accelerator ActiveX clsid access (browser-plugins.rules)
 * 1:11943 <-> DISABLED <-> BROWSER-PLUGINS HP ModemUtil ActiveX clsid access (browser-plugins.rules)
 * 1:11945 <-> DISABLED <-> NETBIOS SMB Trans2 OPEN2 maximum param count overflow attempt (netbios.rules)
 * 1:11946 <-> DISABLED <-> NETBIOS Datagram Service NetDDE attack (netbios.rules)
 * 1:11947 <-> DISABLED <-> OS-WINDOWS Microsoft Windows schannel security package (os-windows.rules)
 * 1:11948 <-> DISABLED <-> PUA-TOOLBARS Hijacker snap toolbar runtime detection - cookie (pua-toolbars.rules)
 * 1:11949 <-> DISABLED <-> MALWARE-BACKDOOR lame rat v1.0 runtime detection (malware-backdoor.rules)
 * 1:1195 <-> DISABLED <-> SERVER-WEBAPP sojourn.cgi access (server-webapp.rules)
 * 1:11950 <-> DISABLED <-> MALWARE-CNC killav_gj (malware-cnc.rules)
 * 1:11951 <-> DISABLED <-> MALWARE-BACKDOOR winshadow runtime detection - init connection request (malware-backdoor.rules)
 * 1:11952 <-> DISABLED <-> MALWARE-BACKDOOR winshadow runtime detection - udp response (malware-backdoor.rules)
 * 1:11953 <-> ENABLED <-> MALWARE-BACKDOOR supervisor plus runtime detection (malware-backdoor.rules)
 * 1:11954 <-> DISABLED <-> MALWARE-BACKDOOR supervisor plus runtime detection (malware-backdoor.rules)
 * 1:11955 <-> DISABLED <-> NETBIOS SMB-DS Trans2 OPEN2 maximum param count overflow attempt (netbios.rules)
 * 1:11956 <-> DISABLED <-> NETBIOS SMB-DS Trans2 OPEN2 unicode maximum param count overflow attempt (netbios.rules)
 * 1:11957 <-> DISABLED <-> NETBIOS SMB Trans2 OPEN2 maximum param count overflow attempt (netbios.rules)
 * 1:11958 <-> DISABLED <-> NETBIOS SMB Trans2 OPEN2 unicode maximum param count overflow attempt (netbios.rules)
 * 1:11959 <-> DISABLED <-> NETBIOS SMB Trans2 OPEN2 andx maximum param count overflow attempt (netbios.rules)
 * 1:1196 <-> DISABLED <-> SERVER-WEBAPP SGI InfoSearch fname attempt (server-webapp.rules)
 * 1:11960 <-> DISABLED <-> NETBIOS SMB Trans2 OPEN2 unicode andx maximum param count overflow attempt (netbios.rules)
 * 1:11961 <-> DISABLED <-> NETBIOS SMB-DS Trans2 OPEN2 andx maximum param count overflow attempt (netbios.rules)
 * 1:11962 <-> DISABLED <-> NETBIOS SMB-DS Trans2 OPEN2 unicode andx maximum param count overflow attempt (netbios.rules)
 * 1:11963 <-> DISABLED <-> NETBIOS SMB Trans2 OPEN2 andx maximum param count overflow attempt (netbios.rules)
 * 1:11964 <-> DISABLED <-> NETBIOS SMB Trans2 OPEN2 unicode andx maximum param count overflow attempt (netbios.rules)
 * 1:13750 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 18 ActiveX clsid access (browser-plugins.rules)
 * 1:13752 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 19 ActiveX clsid access (browser-plugins.rules)
 * 1:13754 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 20 ActiveX clsid access (browser-plugins.rules)
 * 1:13756 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 21 ActiveX clsid access (browser-plugins.rules)
 * 1:13758 <-> DISABLED <-> BROWSER-PLUGINS Microsoft HeartbeatCtl ActiveX clsid access (browser-plugins.rules)
 * 1:1376 <-> DISABLED <-> SERVER-WEBAPP jrun directory browse attempt (server-webapp.rules)
 * 1:13760 <-> DISABLED <-> BROWSER-PLUGINS Microsoft HeartbeatCtl ActiveX function call access (browser-plugins.rules)
 * 1:13762 <-> DISABLED <-> PUA-ADWARE Adware system defender runtime detection (pua-adware.rules)
 * 1:13764 <-> DISABLED <-> PUA-ADWARE Snoopware xpress remote outbound connection - init connection (pua-adware.rules)
 * 1:13765 <-> DISABLED <-> PUA-ADWARE Adware winxdefender runtime detection - presale request (pua-adware.rules)
 * 1:13766 <-> DISABLED <-> PUA-ADWARE Adware winxdefender runtime detection - auto update (pua-adware.rules)
 * 1:13767 <-> ENABLED <-> MALWARE-OTHER Keylogger cyber sitter runtime detection (malware-other.rules)
 * 1:13768 <-> DISABLED <-> MALWARE-OTHER Keylogger cyber sitter runtime detection (malware-other.rules)
 * 1:13769 <-> DISABLED <-> PUA-TOOLBARS Hijacker searchnine toolbar runtime detection - hijacks address bar (pua-toolbars.rules)
 * 1:1377 <-> DISABLED <-> PROTOCOL-FTP wu-ftp bad file completion attempt (protocol-ftp.rules)
 * 1:13770 <-> DISABLED <-> PUA-TOOLBARS Hijacker searchnine toolbar runtime detection - redirects search function (pua-toolbars.rules)
 * 1:13771 <-> DISABLED <-> PUA-TOOLBARS Hijacker music of faith toolbar runtime detection - hijacks search engine traffic #1 (pua-toolbars.rules)
 * 1:13772 <-> DISABLED <-> PUA-TOOLBARS Hijacker music of faith toolbar runtime detection - hijacks search engine traffic #2 (pua-toolbars.rules)
 * 1:13774 <-> DISABLED <-> PUA-ADWARE Trickler trojan ecodec outbound connection - initial server connection #1 (pua-adware.rules)
 * 1:13775 <-> DISABLED <-> PUA-ADWARE Trickler trojan ecodec outbound connection - initial server connection #2 (pua-adware.rules)
 * 1:13776 <-> DISABLED <-> MALWARE-OTHER Trackware syscleaner runtime detection - presale traffic (malware-other.rules)
 * 1:13777 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user agent - SysCleaner (malware-cnc.rules)
 * 1:13778 <-> DISABLED <-> MALWARE-OTHER Keylogger kgb employee monitor runtime detection (malware-other.rules)
 * 1:13779 <-> DISABLED <-> PUA-TOOLBARS Trackware proofile toolbar runtime detection (pua-toolbars.rules)
 * 1:1378 <-> DISABLED <-> PROTOCOL-FTP wu-ftp bad file completion attempt (protocol-ftp.rules)
 * 1:13780 <-> DISABLED <-> PUA-TOOLBARS Hijacker find.fm toolbar runtime detection - automatic updates (pua-toolbars.rules)
 * 1:13781 <-> DISABLED <-> PUA-TOOLBARS Hijacker find.fm toolbar runtime detection - hijacks address bar (pua-toolbars.rules)
 * 1:13782 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user agent - EzReward (malware-cnc.rules)
 * 1:13783 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Assistant ActiveX clsid access (browser-plugins.rules)
 * 1:13785 <-> DISABLED <-> BROWSER-PLUGINS Ourgame GLWorld ActiveX clsid access (browser-plugins.rules)
 * 1:13787 <-> DISABLED <-> BROWSER-PLUGINS Ourgame GLWorld ActiveX function call access (browser-plugins.rules)
 * 1:1379 <-> DISABLED <-> PROTOCOL-FTP STAT overflow attempt (protocol-ftp.rules)
 * 1:13791 <-> DISABLED <-> INDICATOR-OBFUSCATION oversized cast statement - possible sql injection obfuscation (indicator-obfuscation.rules)
 * 1:13797 <-> ENABLED <-> FILE-IDENTIFY Portable Executable compact binary file magic detected (file-identify.rules)
 * 1:1380 <-> DISABLED <-> SERVER-IIS Form_VBScript.asp access (server-iis.rules)
 * 1:13800 <-> DISABLED <-> SERVER-OTHER ARCServe LGServer service data overflow attempt (server-other.rules)
 * 1:13801 <-> ENABLED <-> FILE-IDENTIFY RTF file download request (file-identify.rules)
 * 1:13804 <-> DISABLED <-> SERVER-OTHER Borland Software InterBase ibserver.exe Service Attach Request buffer overflow attempt (server-other.rules)
 * 1:13805 <-> DISABLED <-> PROTOCOL-RPC portmap CA BrightStor ARCserve tcp procedure 234 attempt (protocol-rpc.rules)
 * 1:13806 <-> DISABLED <-> PROTOCOL-RPC portmap CA BrightStor ARCserve udp procedure 234 attempt (protocol-rpc.rules)
 * 1:13807 <-> DISABLED <-> FILE-IMAGE Microsoft Windows metafile SetPaletteEntries heap overflow attempt (file-image.rules)
 * 1:13808 <-> DISABLED <-> PUA-ADWARE Adware ie antivirus runtime detection - presale request (pua-adware.rules)
 * 1:13809 <-> DISABLED <-> PUA-ADWARE Adware ie antivirus runtime detection - update request (pua-adware.rules)
 * 1:1381 <-> DISABLED <-> SERVER-WEBAPP Trend Micro OfficeScan attempt (server-webapp.rules)
 * 1:13810 <-> DISABLED <-> PUA-ADWARE Trickler Adware.Win32.Ejik runtime detection - udp payload (pua-adware.rules)
 * 1:13811 <-> DISABLED <-> PUA-ADWARE Adware xp antivirus runtime detection (pua-adware.rules)
 * 1:13812 <-> DISABLED <-> MALWARE-OTHER Keylogger refog Keylogger runtime detection (malware-other.rules)
 * 1:13813 <-> DISABLED <-> PUA-ADWARE Trickler mm.exe outbound connection (pua-adware.rules)
 * 1:13814 <-> DISABLED <-> MALWARE-CNC passhax variant outbound connection (malware-cnc.rules)
 * 1:13815 <-> DISABLED <-> MALWARE-CNC zombget.03 variant outbound connection (malware-cnc.rules)
 * 1:13816 <-> DISABLED <-> SERVER-WEBAPP PHP xmlrpc.php command injection attempt (server-webapp.rules)
 * 1:13817 <-> DISABLED <-> SERVER-WEBAPP PHP xmlrpc.php command injection attempt (server-webapp.rules)
 * 1:13818 <-> DISABLED <-> SERVER-WEBAPP PHP alternate xmlrpc.php command injection attempt (server-webapp.rules)
 * 1:13819 <-> DISABLED <-> SERVER-WEBAPP IBM Lotus Domino Web Server Accept-Language header buffer overflow attempt (server-webapp.rules)
 * 1:1382 <-> DISABLED <-> SERVER-OTHER CHAT IRC Ettercap parse overflow attempt (server-other.rules)
 * 1:13820 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF scene and label data memory corruption attempt (file-flash.rules)
 * 1:13821 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF scene and label data memory corruption attempt (file-flash.rules)
 * 1:13822 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF scene and label data memory corruption attempt (file-flash.rules)
 * 1:13823 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX SAMI file parsing buffer overflow attempt (file-multimedia.rules)
 * 1:13824 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX malformed mjpeg arbitrary code execution attempt (file-multimedia.rules)
 * 1:13827 <-> DISABLED <-> OS-WINDOWS Microsoft Windows PGM denial of service attempt (os-windows.rules)
 * 1:13828 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer sapi.dll ActiveX clsid access attempt (browser-plugins.rules)
 * 1:13830 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer sapi.dll ActiveX clsid access attempt (browser-plugins.rules)
 * 1:13832 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer backweb ActiveX clsid access (browser-plugins.rules)
 * 1:13834 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer request header overwrite (browser-ie.rules)
 * 1:13838 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox IFRAME style change handling code execution (browser-firefox.rules)
 * 1:13839 <-> DISABLED <-> SERVER-OTHER CA ARCServ NetBackup remote file upload attempt (server-other.rules)
 * 1:1384 <-> DISABLED <-> OS-WINDOWS Microsoft Windows UPnP malformed advertisement (os-windows.rules)
 * 1:13840 <-> DISABLED <-> SERVER-OTHER Borland Interbase service attach operation buffer overflow (server-other.rules)
 * 1:13841 <-> DISABLED <-> SERVER-OTHER Borland Interbase create operation buffer overflow (server-other.rules)
 * 1:13842 <-> DISABLED <-> SERVER-OTHER Borland Interbase operation buffer overflow (server-other.rules)
 * 1:13843 <-> DISABLED <-> SERVER-OTHER MaxDB WebDBM get buffer overflow (server-other.rules)
 * 1:13844 <-> DISABLED <-> SERVER-MAIL BDAT size longer than contents exploit attempt (server-mail.rules)
 * 1:13845 <-> DISABLED <-> SERVER-MAIL BDAT size public exploit attempt (server-mail.rules)
 * 1:13846 <-> DISABLED <-> SERVER-OTHER Veritas Backup Agent password overflow attempt (server-other.rules)
 * 1:13847 <-> DISABLED <-> PUA-ADWARE Adware phoenician casino runtime detection (pua-adware.rules)
 * 1:13848 <-> DISABLED <-> PUA-ADWARE Trickler zwinky runtime detection (pua-adware.rules)
 * 1:13849 <-> DISABLED <-> PUA-ADWARE Hijacker rcse 4.4 outbound connection - hijack ie browser (pua-adware.rules)
 * 1:1385 <-> DISABLED <-> SERVER-WEBAPP mod-plsql administration access (server-webapp.rules)
 * 1:13850 <-> DISABLED <-> PUA-ADWARE Adware roogoo 2.0 runtime detection - popup ads (pua-adware.rules)
 * 1:13851 <-> DISABLED <-> PUA-ADWARE Adware roogoo 2.0 runtime detection - upgrade (pua-adware.rules)
 * 1:13852 <-> DISABLED <-> PUA-ADWARE Hijacker bitroll 5.0 outbound connection (pua-adware.rules)
 * 1:13853 <-> DISABLED <-> PUA-TOOLBARS Hijacker alot toolbar runtime detection - weather request (pua-toolbars.rules)
 * 1:13854 <-> DISABLED <-> PUA-TOOLBARS Hijacker alot toolbar runtime detection - auto update (pua-toolbars.rules)
 * 1:13855 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user agent - SpeedRunner (malware-cnc.rules)
 * 1:13856 <-> DISABLED <-> MALWARE-CNC Win.Trojan.wintrim.z variant outbound connection (malware-cnc.rules)
 * 1:13857 <-> DISABLED <-> BROWSER-PLUGINS HP Instant Support DataManager ActiveX clsid access (browser-plugins.rules)
 * 1:13859 <-> DISABLED <-> BROWSER-PLUGINS HP Instant Support DataManager ActiveX function call access (browser-plugins.rules)
 * 1:1386 <-> DISABLED <-> SERVER-MSSQL raiserror possible buffer overflow (server-mssql.rules)
 * 1:13861 <-> DISABLED <-> POLICY-SOCIAL Habbo chat client avatar control (policy-social.rules)
 * 1:13862 <-> DISABLED <-> POLICY-SOCIAL Habbo chat client item information download (policy-social.rules)
 * 1:13863 <-> DISABLED <-> POLICY-SOCIAL Habbo chat client successful login (policy-social.rules)
 * 1:13864 <-> DISABLED <-> POLICY-OTHER Microsoft Windows Dr. Watson error reporting attempt (policy-other.rules)
 * 1:13865 <-> DISABLED <-> FILE-IMAGE BMP image handler buffer overflow attempt (file-image.rules)
 * 1:13866 <-> DISABLED <-> MALWARE-OTHER Trackware adclicker-fc.gen.a runtime detection - popup ads (malware-other.rules)
 * 1:13867 <-> DISABLED <-> MALWARE-OTHER Trackware adclicker-fc.gen.a runtime detection (malware-other.rules)
 * 1:13868 <-> DISABLED <-> PUA-ADWARE Adware antispywaremaster runtime detection - start fake scanning (pua-adware.rules)
 * 1:13869 <-> DISABLED <-> PUA-ADWARE Adware antispywaremaster runtime detection - sale/register request (pua-adware.rules)
 * 1:1387 <-> DISABLED <-> SQL raiserror possible buffer overflow (sql.rules)
 * 1:13870 <-> DISABLED <-> PUA-ADWARE Adware coopen 5.0.0.87 runtime detection - init conn (pua-adware.rules)
 * 1:13871 <-> DISABLED <-> PUA-ADWARE Adware coopen 5.0.0.87 runtime detection - ads (pua-adware.rules)
 * 1:13872 <-> DISABLED <-> PUA-ADWARE Trickler fushion 1.2.4.17 outbound connection - notice (pua-adware.rules)
 * 1:13873 <-> DISABLED <-> PUA-ADWARE Trickler fushion 1.2.4.17 outbound connection - underground traffic (pua-adware.rules)
 * 1:13874 <-> DISABLED <-> PUA-ADWARE Adware malware destructor 4.5 runtime detection - order request (pua-adware.rules)
 * 1:13875 <-> DISABLED <-> PUA-ADWARE Adware malware destructor 4.5 runtime detection - auto update (pua-adware.rules)
 * 1:13876 <-> DISABLED <-> MALWARE-CNC zlob.acc variant outbound connection (malware-cnc.rules)
 * 1:13877 <-> DISABLED <-> MALWARE-CNC Win.Trojan.delf.uv variant outbound connection (malware-cnc.rules)
 * 1:13878 <-> DISABLED <-> MALWARE-CNC Win.Trojan.delf.uv inbound connection (malware-cnc.rules)
 * 1:1388 <-> DISABLED <-> OS-WINDOWS Microsoft Windows UPnP Location overflow attempt (os-windows.rules)
 * 1:13883 <-> DISABLED <-> BROWSER-PLUGINS UUSee UUUpgrade ActiveX clsid access (browser-plugins.rules)
 * 1:13885 <-> DISABLED <-> BROWSER-PLUGINS UUSee UUUpgrade ActiveX function call access (browser-plugins.rules)
 * 1:13888 <-> DISABLED <-> FILE-OTHER Microsoft SQL Server Backup Database File integer overflow attempt (file-other.rules)
 * 1:13889 <-> DISABLED <-> FILE-OTHER Microsoft SQL Server Backup Database File integer overflow attempt (file-other.rules)
 * 1:13890 <-> DISABLED <-> FILE-OTHER Microsoft SQL Server Backup Database File integer overflow attempt (file-other.rules)
 * 1:13891 <-> DISABLED <-> SERVER-MSSQL Memory page overwrite attempt  (server-mssql.rules)
 * 1:13892 <-> DISABLED <-> SERVER-MSSQL Convert function style overwrite  (server-mssql.rules)
 * 1:13893 <-> DISABLED <-> FILE-OTHER Microsoft malformed saved search heap corruption attempt (file-other.rules)
 * 1:13894 <-> DISABLED <-> SERVER-MAIL Microsoft Office Outlook Web Access From field cross-site scripting attempt  (server-mail.rules)
 * 1:13895 <-> DISABLED <-> SERVER-MAIL Microsoft Office Outlook Web Access invalid CSS escape sequence script execution attempt  (server-mail.rules)
 * 1:13896 <-> DISABLED <-> SERVER-MSSQL Microsoft SQL server MTF file download (server-mssql.rules)
 * 1:13898 <-> ENABLED <-> APP-DETECT Apple iTunes client request for server info (app-detect.rules)
 * 1:13899 <-> DISABLED <-> APP-DETECT Apple iTunes client login attempt (app-detect.rules)
 * 1:1390 <-> DISABLED <-> INDICATOR-SHELLCODE x86 inc ebx NOOP (indicator-shellcode.rules)
 * 1:13900 <-> DISABLED <-> APP-DETECT Apple iTunes server multicast DNS response (app-detect.rules)
 * 1:13901 <-> DISABLED <-> NETBIOS SMB server response heap overflow attempt (netbios.rules)
 * 1:13902 <-> DISABLED <-> SERVER-OTHER IBM Lotus Sametime multiplexer stack buffer overflow attempt (server-other.rules)
 * 1:13903 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Access Snapshot Viewer ActiveX clsid access attempt (browser-plugins.rules)
 * 1:152 <-> DISABLED <-> MALWARE-BACKDOOR BackConstruction 2.1 Connection (malware-backdoor.rules)
 * 1:1520 <-> DISABLED <-> SERVER-WEBAPP server-info access (server-webapp.rules)
 * 1:15200 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE unicode andx param_count underflow attempt (os-windows.rules)
 * 1:15201 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE andx param_count underflow attempt (os-windows.rules)
 * 1:15202 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE unicode andx param_count underflow attempt (os-windows.rules)
 * 1:15203 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE andx param_count underflow attempt (os-windows.rules)
 * 1:15204 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE unicode max_param_count underflow attempt (os-windows.rules)
 * 1:15205 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE unicode max_param_count underflow attempt (os-windows.rules)
 * 1:15206 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE max_param_count underflow attempt (os-windows.rules)
 * 1:15207 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE max_param_count underflow attempt (os-windows.rules)
 * 1:15208 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE unicode andx max_param_count underflow attempt (os-windows.rules)
 * 1:15209 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE unicode andx max_param_count underflow attempt (os-windows.rules)
 * 1:1521 <-> DISABLED <-> SERVER-WEBAPP server-status access (server-webapp.rules)
 * 1:15210 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE andx max_param_count underflow attempt (os-windows.rules)
 * 1:15211 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE andx max_param_count underflow attempt (os-windows.rules)
 * 1:15212 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 max_param_count underflow attempt (os-windows.rules)
 * 1:15213 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 unicode max_param_count underflow attempt (os-windows.rules)
 * 1:15214 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 max_param_count underflow attempt (os-windows.rules)
 * 1:15215 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 unicode max_param_count underflow attempt (os-windows.rules)
 * 1:15216 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 andx max_param_count underflow attempt (os-windows.rules)
 * 1:15217 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 unicode andx max_param_count underflow attempt (os-windows.rules)
 * 1:15218 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 andx max_param_count underflow attempt (os-windows.rules)
 * 1:15219 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 unicode andx max_param_count underflow attempt (os-windows.rules)
 * 1:1522 <-> DISABLED <-> SERVER-WEBAPP ans.pl attempt (server-webapp.rules)
 * 1:15220 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 unicode param_count underflow attempt (os-windows.rules)
 * 1:15221 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 param_count underflow attempt (os-windows.rules)
 * 1:15222 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 param_count underflow attempt (os-windows.rules)
 * 1:15223 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 unicode param_count underflow attempt (os-windows.rules)
 * 1:15224 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 unicode andx param_count underflow attempt (os-windows.rules)
 * 1:15225 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 andx param_count underflow attempt (os-windows.rules)
 * 1:15226 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 andx param_count underflow attempt (os-windows.rules)
 * 1:15227 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 unicode andx param_count underflow attempt (os-windows.rules)
 * 1:15228 <-> DISABLED <-> BROWSER-PLUGINS Ciansoft PDFBuilderX ActiveX clsid access (browser-plugins.rules)
 * 1:1523 <-> DISABLED <-> SERVER-WEBAPP ans.pl access (server-webapp.rules)
 * 1:15230 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Viewer 2 ActiveX clsid access (browser-plugins.rules)
 * 1:15232 <-> DISABLED <-> BROWSER-PLUGINS Easy Grid ActiveX clsid access (browser-plugins.rules)
 * 1:15234 <-> DISABLED <-> BROWSER-PLUGINS Easy Grid ActiveX function call access (browser-plugins.rules)
 * 1:15236 <-> DISABLED <-> FILE-IMAGE ACD Systems ACDSee XPM file format overflow attempt (file-image.rules)
 * 1:15237 <-> ENABLED <-> FILE-IDENTIFY Java .class file download request (file-identify.rules)
 * 1:15238 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime for Java toQTPointer function memory corruption attempt (file-multimedia.rules)
 * 1:15239 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealMedia format file download request (file-identify.rules)
 * 1:1524 <-> DISABLED <-> SERVER-WEBAPP Axis Storpoint CD attempt (server-webapp.rules)
 * 1:15240 <-> ENABLED <-> FILE-IDENTIFY RealNetworks RealMedia format file download request (file-identify.rules)
 * 1:15241 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC real.c ReadRealIndex real demuxer integer overflow attempt (file-multimedia.rules)
 * 1:15243 <-> DISABLED <-> BROWSER-PLUGINS AXIS Camera ActiveX clsid access (browser-plugins.rules)
 * 1:15245 <-> DISABLED <-> BROWSER-PLUGINS AXIS Camera ActiveX function call access (browser-plugins.rules)
 * 1:15247 <-> DISABLED <-> BROWSER-PLUGINS JamDTA ActiveX clsid access (browser-plugins.rules)
 * 1:15249 <-> DISABLED <-> BROWSER-PLUGINS SmartVMD ActiveX clsid access (browser-plugins.rules)
 * 1:1525 <-> DISABLED <-> SERVER-WEBAPP Axis Storpoint CD access (server-webapp.rules)
 * 1:15251 <-> DISABLED <-> BROWSER-PLUGINS MetaProducts MetaTreeX ActiveX clsid access (browser-plugins.rules)
 * 1:15253 <-> DISABLED <-> BROWSER-PLUGINS MetaProducts MetaTreeX ActiveX function call access (browser-plugins.rules)
 * 1:15255 <-> DISABLED <-> SERVER-ORACLE Secure Backup msgid 0x901 username field overflow attempt (server-oracle.rules)
 * 1:15256 <-> DISABLED <-> SERVER-ORACLE BPEL process manager XSS injection attempt (server-oracle.rules)
 * 1:15257 <-> DISABLED <-> SERVER-ORACLE Secure Backup common.php variable based command injection attempt (server-oracle.rules)
 * 1:15258 <-> DISABLED <-> SERVER-ORACLE Secure Backup login.php variable based command injection attempt (server-oracle.rules)
 * 1:15259 <-> DISABLED <-> PROTOCOL-DNS DNS root query traffic amplification attempt (protocol-dns.rules)
 * 1:1526 <-> DISABLED <-> SERVER-WEBAPP basilix sendmail.inc access (server-webapp.rules)
 * 1:15260 <-> DISABLED <-> PROTOCOL-DNS DNS root query response traffic amplification attempt (protocol-dns.rules)
 * 1:15261 <-> DISABLED <-> SERVER-ORACLE Secure Backup exec_qr command injection attempt (server-oracle.rules)
 * 1:15262 <-> DISABLED <-> SERVER-ORACLE Secure Backup POST exec_qr command injection attempt (server-oracle.rules)
 * 1:15264 <-> DISABLED <-> SERVER-WEBAPP Oracle TimesTen In-Memory Database evtdump CGI module format string exploit attempt (server-webapp.rules)
 * 1:15266 <-> DISABLED <-> BROWSER-PLUGINS MW6 Technologies Barcode.dll ActiveX clsid access attempt (browser-plugins.rules)
 * 1:15268 <-> DISABLED <-> BROWSER-PLUGINS MW6 Technologies Barcode ActiveX function call access (browser-plugins.rules)
 * 1:1527 <-> DISABLED <-> SERVER-WEBAPP basilix mysql.class access (server-webapp.rules)
 * 1:15270 <-> DISABLED <-> BROWSER-PLUGINS MW6 Technologies PDF417 ActiveX clsid access (browser-plugins.rules)
 * 1:15272 <-> DISABLED <-> BROWSER-PLUGINS MW6 Technologies PDF417 ActiveX function call access (browser-plugins.rules)
 * 1:15274 <-> DISABLED <-> BROWSER-PLUGINS MW6 Technologies DataMatrix ActiveX clsid access (browser-plugins.rules)
 * 1:15276 <-> DISABLED <-> BROWSER-PLUGINS MW6 Technologies DataMatrix ActiveX function call access (browser-plugins.rules)
 * 1:15278 <-> DISABLED <-> BROWSER-PLUGINS MW6 Technologies Aztec ActiveX clsid access (browser-plugins.rules)
 * 1:1528 <-> DISABLED <-> SERVER-WEBAPP BBoard access (server-webapp.rules)
 * 1:15280 <-> DISABLED <-> BROWSER-PLUGINS MW6 Technologies Aztec ActiveX function call access (browser-plugins.rules)
 * 1:15282 <-> DISABLED <-> BROWSER-PLUGINS FlexCell Grid ActiveX clsid access (browser-plugins.rules)
 * 1:15284 <-> DISABLED <-> BROWSER-PLUGINS NCTAudioGrabber2 ActiveX clsid access (browser-plugins.rules)
 * 1:15286 <-> DISABLED <-> BROWSER-PLUGINS NCTAudioGrabber2 ActiveX function call access (browser-plugins.rules)
 * 1:15288 <-> DISABLED <-> BROWSER-PLUGINS NCTAudioInformation2 ActiveX clsid access (browser-plugins.rules)
 * 1:1529 <-> DISABLED <-> PROTOCOL-FTP SITE overflow attempt (protocol-ftp.rules)
 * 1:15290 <-> DISABLED <-> BROWSER-PLUGINS NCTAudioInformation2 ActiveX function call access (browser-plugins.rules)
 * 1:15292 <-> DISABLED <-> POLICY-SOCIAL QQ protocol detected - version 2006 (policy-social.rules)
 * 1:15293 <-> DISABLED <-> POLICY-SOCIAL QQ protocol detected - version 2008 (policy-social.rules)
 * 1:15294 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Visio file download request (file-identify.rules)
 * 1:15295 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Bankpatch configuration download (malware-cnc.rules)
 * 1:15296 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Bankpatch malicious file download (malware-cnc.rules)
 * 1:15297 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Bankpatch report home (malware-cnc.rules)
 * 1:15299 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio invalid ho tag attempt (file-office.rules)
 * 1:15302 <-> DISABLED <-> SERVER-MAIL Microsoft Windows Exchange System Attendant denial of service attempt (server-mail.rules)
 * 1:15303 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio Malformed IconBitsComponent arbitrary code execution attempt (file-office.rules)
 * 1:15304 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer object clone deletion memory corruption attempt (browser-ie.rules)
 * 1:15305 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer dynamic style update memory corruption attempt (browser-ie.rules)
 * 1:15306 <-> DISABLED <-> FILE-EXECUTABLE Portable Executable binary file magic detected (file-executable.rules)
 * 1:15307 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Animation Control ActiveX clsid access (browser-plugins.rules)
 * 1:15309 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Animation Control ActiveX function call access (browser-plugins.rules)
 * 1:1531 <-> DISABLED <-> SERVER-WEBAPP bb-hist.sh attempt (server-webapp.rules)
 * 1:15311 <-> DISABLED <-> BROWSER-PLUGINS Research In Motion AxLoader ActiveX clsid access (browser-plugins.rules)
 * 1:15313 <-> DISABLED <-> BROWSER-PLUGINS Research In Motion AxLoader ActiveX function call access (browser-plugins.rules)
 * 1:15315 <-> DISABLED <-> BROWSER-PLUGINS Akamai DownloadManager ActiveX clsid access (browser-plugins.rules)
 * 1:15317 <-> DISABLED <-> BROWSER-PLUGINS Akamai DownloadManager ActiveX function call access (browser-plugins.rules)
 * 1:15319 <-> ENABLED <-> NETBIOS SMB /sql/query create tree attempt (netbios.rules)
 * 1:1532 <-> DISABLED <-> SERVER-WEBAPP bb-hostscv.sh attempt (server-webapp.rules)
 * 1:15320 <-> ENABLED <-> NETBIOS SMB /sql/query unicode create tree attempt (netbios.rules)
 * 1:15321 <-> ENABLED <-> NETBIOS SMB /sql/query create tree attempt (netbios.rules)
 * 1:15322 <-> ENABLED <-> NETBIOS SMB /sql/query unicode create tree attempt (netbios.rules)
 * 1:15323 <-> ENABLED <-> NETBIOS SMB /sql/query andx create tree attempt (netbios.rules)
 * 1:15324 <-> ENABLED <-> NETBIOS SMB /sql/query unicode andx create tree attempt (netbios.rules)
 * 1:15325 <-> ENABLED <-> NETBIOS SMB /sql/query andx create tree attempt (netbios.rules)
 * 1:15326 <-> ENABLED <-> NETBIOS SMB /sql/query unicode andx create tree attempt (netbios.rules)
 * 1:1533 <-> DISABLED <-> SERVER-WEBAPP bb-hostscv.sh access (server-webapp.rules)
 * 1:15330 <-> DISABLED <-> BROWSER-PLUGINS Nokia Phoenix Service 1 ActiveX clsid access (browser-plugins.rules)
 * 1:15332 <-> DISABLED <-> BROWSER-PLUGINS Nokia Phoenix Service 2 ActiveX clsid access (browser-plugins.rules)
 * 1:15334 <-> DISABLED <-> BROWSER-PLUGINS GeoVision LiveX 7000 ActiveX clsid access (browser-plugins.rules)
 * 1:15336 <-> DISABLED <-> BROWSER-PLUGINS GeoVision LiveX 7000 ActiveX function call access (browser-plugins.rules)
 * 1:15338 <-> DISABLED <-> BROWSER-PLUGINS GeoVision LiveX 8120 ActiveX clsid access (browser-plugins.rules)
 * 1:1534 <-> DISABLED <-> SERVER-WEBAPP agora.cgi attempt (server-webapp.rules)
 * 1:15340 <-> DISABLED <-> BROWSER-PLUGINS GeoVision LiveX 8120 ActiveX function call access (browser-plugins.rules)
 * 1:15342 <-> DISABLED <-> BROWSER-PLUGINS GeoVision LiveX 8200 ActiveX clsid access (browser-plugins.rules)
 * 1:15344 <-> DISABLED <-> BROWSER-PLUGINS GeoVision LiveX 8200 ActiveX function call access (browser-plugins.rules)
 * 1:15346 <-> DISABLED <-> BROWSER-PLUGINS Synactis ALL In-The-Box ActiveX clsid access (browser-plugins.rules)
 * 1:15348 <-> DISABLED <-> BROWSER-PLUGINS Synactis ALL In-The-Box ActiveX function call access (browser-plugins.rules)
 * 1:1535 <-> DISABLED <-> SERVER-WEBAPP bizdbsearch access (server-webapp.rules)
 * 1:15350 <-> DISABLED <-> BROWSER-PLUGINS Web on Windows ActiveX clsid access (browser-plugins.rules)
 * 1:15352 <-> DISABLED <-> BROWSER-PLUGINS Web on Windows ActiveX function call access (browser-plugins.rules)
 * 1:15357 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JBIG2 remote code execution attempt (file-pdf.rules)
 * 1:15358 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JBIG2 remote code execution attempt (file-pdf.rules)
 * 1:1536 <-> DISABLED <-> SERVER-WEBAPP calendar_admin.pl arbitrary command execution attempt (server-webapp.rules)
 * 1:15361 <-> ENABLED <-> FILE-PDF pdf file sent via email (file-pdf.rules)
 * 1:15362 <-> DISABLED <-> INDICATOR-OBFUSCATION obfuscated javascript excessive fromCharCode - potential attack (indicator-obfuscation.rules)
 * 1:15363 <-> DISABLED <-> INDICATOR-OBFUSCATION Potential obfuscated javascript eval unescape attack attempt (indicator-obfuscation.rules)
 * 1:15364 <-> DISABLED <-> SERVER-OTHER Ganglia Meta Daemon process_path stack buffer overflow attempt (server-other.rules)
 * 1:15367 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook web access script injection attempt (file-office.rules)
 * 1:15368 <-> DISABLED <-> BROWSER-PLUGINS FathFTP ActiveX clsid access (browser-plugins.rules)
 * 1:1537 <-> DISABLED <-> SERVER-WEBAPP calendar_admin.pl access (server-webapp.rules)
 * 1:15370 <-> DISABLED <-> BROWSER-PLUGINS FathFTP ActiveX function call access (browser-plugins.rules)
 * 1:15372 <-> DISABLED <-> BROWSER-PLUGINS iDefense COMRaider ActiveX clsid access (browser-plugins.rules)
 * 1:15374 <-> DISABLED <-> BROWSER-PLUGINS iDefense COMRaider ActiveX function call access (browser-plugins.rules)
 * 1:15376 <-> DISABLED <-> BROWSER-PLUGINS Sopcast SopCore ActiveX clsid access (browser-plugins.rules)
 * 1:15378 <-> DISABLED <-> BROWSER-PLUGINS Sopcast SopCore ActiveX function call access (browser-plugins.rules)
 * 1:1538 <-> DISABLED <-> PROTOCOL-NNTP AUTHINFO USER overflow attempt (protocol-nntp.rules)
 * 1:15380 <-> DISABLED <-> BROWSER-PLUGINS HP Virtual Rooms v7 ActiveX clsid access (browser-plugins.rules)
 * 1:15382 <-> DISABLED <-> SERVER-OTHER X.Org X Font Server QueryXBitmaps and QueryXExtents Handlers integer overflow attempt (server-other.rules)
 * 1:15383 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox XBL Event Handler Tags Removal memory corruption attempt (browser-firefox.rules)
 * 1:15384 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime pict image poly structure memory corruption attempt (file-multimedia.rules)
 * 1:15385 <-> ENABLED <-> FILE-IDENTIFY TwinVQ file download request (file-identify.rules)
 * 1:15386 <-> DISABLED <-> OS-WINDOWS Microsoft Windows wpad dynamic update request  (os-windows.rules)
 * 1:15387 <-> DISABLED <-> OS-WINDOWS udp WINS WPAD registration attempt (os-windows.rules)
 * 1:15389 <-> DISABLED <-> PROTOCOL-SCADA OMRON-FINS memory area write attempt (protocol-scada.rules)
 * 1:1539 <-> DISABLED <-> SERVER-WEBAPP /cgi-bin/ls access (server-webapp.rules)
 * 1:15390 <-> DISABLED <-> PROTOCOL-SCADA OMRON-FINS memory area fill attempt (protocol-scada.rules)
 * 1:15391 <-> DISABLED <-> PROTOCOL-SCADA OMRON-FINS memory area transfer attempt (protocol-scada.rules)
 * 1:15392 <-> DISABLED <-> PROTOCOL-SCADA OMRON-FINS parameter area write attempt (protocol-scada.rules)
 * 1:15393 <-> DISABLED <-> PROTOCOL-SCADA OMRON-FINS parameter area clear attempt (protocol-scada.rules)
 * 1:15394 <-> DISABLED <-> PROTOCOL-SCADA OMRON-FINS program area protect attempt (protocol-scada.rules)
 * 1:15395 <-> DISABLED <-> PROTOCOL-SCADA OMRON-FINS program area protect clear attempt (protocol-scada.rules)
 * 1:15396 <-> DISABLED <-> PROTOCOL-SCADA OMRON-FINS program area write attempt (protocol-scada.rules)
 * 1:15397 <-> DISABLED <-> PROTOCOL-SCADA OMRON-FINS program area clear attempt (protocol-scada.rules)
 * 1:15398 <-> DISABLED <-> PROTOCOL-SCADA OMRON-FINS RUN attempt (protocol-scada.rules)
 * 1:15399 <-> DISABLED <-> PROTOCOL-SCADA OMRON-FINS STOP attempt (protocol-scada.rules)
 * 1:1540 <-> DISABLED <-> SERVER-OTHER Adobe Coldfusion ?Mode=debug attempt (server-other.rules)
 * 1:15400 <-> DISABLED <-> PROTOCOL-SCADA OMRON-FINS clock write attempt (protocol-scada.rules)
 * 1:15401 <-> DISABLED <-> PROTOCOL-SCADA OMRON-FINS access right acquire attempt (protocol-scada.rules)
 * 1:15402 <-> DISABLED <-> PROTOCOL-SCADA OMRON-FINS access right forced acquire attempt (protocol-scada.rules)
 * 1:15403 <-> DISABLED <-> PROTOCOL-SCADA OMRON-FINS single file write attempt (protocol-scada.rules)
 * 1:15404 <-> DISABLED <-> PROTOCOL-SCADA OMRON-FINS file delete attempt (protocol-scada.rules)
 * 1:15405 <-> DISABLED <-> PROTOCOL-SCADA OMRON-FINS forced set/reset attempt (protocol-scada.rules)
 * 1:15406 <-> DISABLED <-> PROTOCOL-SCADA OMRON-FINS forced set/reset cancel attempt (protocol-scada.rules)
 * 1:15407 <-> DISABLED <-> PROTOCOL-SCADA OMRON-FINS file memory write attempt (protocol-scada.rules)
 * 1:15408 <-> DISABLED <-> PROTOCOL-SCADA OMRON-FINS data link table write attempt (protocol-scada.rules)
 * 1:15409 <-> DISABLED <-> PROTOCOL-SCADA OMRON-FINS RESET attempt (protocol-scada.rules)
 * 1:1541 <-> DISABLED <-> PROTOCOL-FINGER version query (protocol-finger.rules)
 * 1:15410 <-> DISABLED <-> PROTOCOL-SCADA OMRON-FINS name delete attempt (protocol-scada.rules)
 * 1:15411 <-> DISABLED <-> PROTOCOL-SCADA OMRON-FINS memory card format attempt (protocol-scada.rules)
 * 1:15412 <-> DISABLED <-> PROTOCOL-SCADA OMRON-FINS memory area write overflow attempt (protocol-scada.rules)
 * 1:15413 <-> DISABLED <-> PROTOCOL-SCADA OMRON-FINS memory area fill overflow attempt (protocol-scada.rules)
 * 1:15414 <-> DISABLED <-> PROTOCOL-SCADA OMRON-FINS program area protect clear brute force attempt (protocol-scada.rules)
 * 1:15415 <-> DISABLED <-> CONTENT-REPLACE AIM or ICQ deny unencrypted login connection (content-replace.rules)
 * 1:15416 <-> DISABLED <-> CONTENT-REPLACE ICQ deny http proxy login (content-replace.rules)
 * 1:15417 <-> DISABLED <-> CONTENT-REPLACE AIM deny server certificate for encrypted login (content-replace.rules)
 * 1:15418 <-> DISABLED <-> POLICY-SOCIAL AIM server certificate for encrypted login (policy-social.rules)
 * 1:1542 <-> DISABLED <-> SERVER-WEBAPP cgimail access (server-webapp.rules)
 * 1:15420 <-> DISABLED <-> CONTENT-REPLACE MSN deny login (content-replace.rules)
 * 1:15422 <-> DISABLED <-> SERVER-OTHER Sun One web proxy server overflow attempt (server-other.rules)
 * 1:15423 <-> DISABLED <-> MALWARE-CNC Clampi virus communication detected (malware-cnc.rules)
 * 1:15424 <-> DISABLED <-> SERVER-WEBAPP phpBB mod shoutbox sql injection attempt (server-webapp.rules)
 * 1:15425 <-> DISABLED <-> SERVER-WEBAPP phpBB mod tag board sql injection attempt (server-webapp.rules)
 * 1:15426 <-> ENABLED <-> FILE-IDENTIFY MAKI file download request (file-identify.rules)
 * 1:15427 <-> ENABLED <-> FILE-IDENTIFY SVG file download request (file-identify.rules)
 * 1:15428 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox SVG data processing memory corruption attempt (browser-firefox.rules)
 * 1:15429 <-> DISABLED <-> CONTENT-REPLACE Yahoo Messenger deny outbound login attempt (content-replace.rules)
 * 1:1543 <-> DISABLED <-> SERVER-WEBAPP cgiwrap access (server-webapp.rules)
 * 1:15430 <-> DISABLED <-> FILE-OTHER Microsoft EMF+ GpFont.SetData buffer overflow attempt (file-other.rules)
 * 1:15431 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox 3 xsl parsing heap overflow attempt (browser-firefox.rules)
 * 1:15432 <-> DISABLED <-> SERVER-WEBAPP wordpress cat parameter arbitrary file execution attempt (server-webapp.rules)
 * 1:15434 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager OvOSLocale parameter buffer overflow attempt (server-webapp.rules)
 * 1:15435 <-> DISABLED <-> SERVER-OTHER IBM Director CIM server consumer name handling denial of service attempt (server-other.rules)
 * 1:15436 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager Express Backup counter heap corruption attempt (server-other.rules)
 * 1:15437 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager Express Backup message length heap corruption attempt (server-other.rules)
 * 1:15438 <-> DISABLED <-> CONTENT-REPLACE QQ 2009 deny udp login (content-replace.rules)
 * 1:15439 <-> DISABLED <-> CONTENT-REPLACE QQ 2009 deny tcp login (content-replace.rules)
 * 1:1544 <-> DISABLED <-> SERVER-WEBAPP Cisco Catalyst command execution attempt (server-webapp.rules)
 * 1:15440 <-> DISABLED <-> CONTENT-REPLACE QQ 2008 deny udp login (content-replace.rules)
 * 1:15441 <-> DISABLED <-> CONTENT-REPLACE QQ 2009 deny tcp login (content-replace.rules)
 * 1:15442 <-> DISABLED <-> SERVER-MYSQL XML Functions ExtractValue Scalar XPath denial of service attempt (server-mysql.rules)
 * 1:15443 <-> DISABLED <-> SERVER-MYSQL XML Functions UpdateXML Scalar XPath denial of service attempt (server-mysql.rules)
 * 1:15444 <-> ENABLED <-> FILE-IDENTIFY Core Audio Format file download request (file-identify.rules)
 * 1:15445 <-> DISABLED <-> SERVER-ORACLE Application Server BPEL module cross site scripting attempt (server-oracle.rules)
 * 1:15446 <-> DISABLED <-> SERVER-WEBAPP Novell eDirectory management console Accept-Language buffer overflow attempt (server-webapp.rules)
 * 1:15448 <-> DISABLED <-> NETBIOS DCERPC NCADG-IP-UDP srvsvc NetrShareEnum null policy handle attempt (netbios.rules)
 * 1:1545 <-> DISABLED <-> SERVER-OTHER Cisco denial of service attempt (server-other.rules)
 * 1:15451 <-> DISABLED <-> MALWARE-CNC possible Conficker.C HTTP traffic 1  (malware-cnc.rules)
 * 1:15452 <-> DISABLED <-> MALWARE-CNC possible Conficker.C HTTP traffic 2  (malware-cnc.rules)
 * 1:15455 <-> DISABLED <-> FILE-OFFICE Microsoft Office WordPad and Office Text Converters XST parsing buffer overflow attempt (file-office.rules)
 * 1:15456 <-> DISABLED <-> SERVER-OTHER WinHTTP SSL/TLS impersonation attempt  (server-other.rules)
 * 1:15457 <-> DISABLED <-> OS-WINDOWS Microsoft Windows DirectShow MJPEG arbitrary code execution attempt (os-windows.rules)
 * 1:11966 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS tag memory corruption attempt (browser-ie.rules)
 * 1:11968 <-> DISABLED <-> PROTOCOL-VOIP inbound INVITE message (protocol-voip.rules)
 * 1:11969 <-> DISABLED <-> PROTOCOL-VOIP inbound 401 unauthorized message (protocol-voip.rules)
 * 1:1197 <-> DISABLED <-> SERVER-WEBAPP Phorum code access (server-webapp.rules)
 * 1:11970 <-> DISABLED <-> PROTOCOL-VOIP Cisco 7940/7960 INVITE Remote-Party-ID header denial of service attempt (protocol-voip.rules)
 * 1:11971 <-> DISABLED <-> PROTOCOL-VOIP CSeq buffer overflow attempt (protocol-voip.rules)
 * 1:11972 <-> DISABLED <-> PROTOCOL-VOIP Max-Forwards value over 70 (protocol-voip.rules)
 * 1:11973 <-> DISABLED <-> PROTOCOL-VOIP Via header hostname buffer overflow attempt (protocol-voip.rules)
 * 1:11975 <-> DISABLED <-> PROTOCOL-VOIP Via header missing SIP field (protocol-voip.rules)
 * 1:11976 <-> DISABLED <-> PROTOCOL-VOIP SIP URI type overflow attempt (protocol-voip.rules)
 * 1:11977 <-> DISABLED <-> PROTOCOL-VOIP TEL URI type overflow attempt (protocol-voip.rules)
 * 1:11979 <-> DISABLED <-> PROTOCOL-VOIP Media header port field invalid value (protocol-voip.rules)
 * 1:1198 <-> DISABLED <-> SERVER-WEBAPP Netscape Enterprise Server directory view (server-webapp.rules)
 * 1:11980 <-> DISABLED <-> PROTOCOL-VOIP Attribute header buffer overflow attempt (protocol-voip.rules)
 * 1:11981 <-> DISABLED <-> PROTOCOL-VOIP MultiTech INVITE message buffer overflow attempt (protocol-voip.rules)
 * 1:11982 <-> DISABLED <-> PROTOCOL-VOIP To header contains recursive URL-encoded data (protocol-voip.rules)
 * 1:11983 <-> DISABLED <-> PROTOCOL-VOIP Time header contains negative value (protocol-voip.rules)
 * 1:11984 <-> DISABLED <-> PROTOCOL-VOIP Time header contains long value (protocol-voip.rules)
 * 1:11985 <-> DISABLED <-> PROTOCOL-VOIP Expires header overflow attempt (protocol-voip.rules)
 * 1:11986 <-> DISABLED <-> PROTOCOL-VOIP Authorization header invalid characters in response parameter (protocol-voip.rules)
 * 1:11987 <-> DISABLED <-> PROTOCOL-VOIP Via header format string attempt (protocol-voip.rules)
 * 1:11988 <-> DISABLED <-> PROTOCOL-VOIP From header format string attempt (protocol-voip.rules)
 * 1:11989 <-> DISABLED <-> PROTOCOL-VOIP Call-ID header format string attempt (protocol-voip.rules)
 * 1:1199 <-> DISABLED <-> SERVER-WEBAPP Compaq Insight directory traversal (server-webapp.rules)
 * 1:11990 <-> DISABLED <-> PROTOCOL-VOIP Contact header format string attempt (protocol-voip.rules)
 * 1:11991 <-> DISABLED <-> PROTOCOL-VOIP CSeq header format string attempt (protocol-voip.rules)
 * 1:11992 <-> DISABLED <-> PROTOCOL-VOIP Content-Type header format string attempt (protocol-voip.rules)
 * 1:11993 <-> DISABLED <-> PROTOCOL-VOIP Call-ID header invalid characters detected (protocol-voip.rules)
 * 1:11994 <-> DISABLED <-> PROTOCOL-VOIP Contact header invalid characters detected (protocol-voip.rules)
 * 1:11995 <-> DISABLED <-> PROTOCOL-VOIP Content-Type header invalid characters detected (protocol-voip.rules)
 * 1:11996 <-> DISABLED <-> PROTOCOL-VOIP CSeq header invalid characters detected (protocol-voip.rules)
 * 1:11997 <-> DISABLED <-> PROTOCOL-VOIP From header invalid characters detected (protocol-voip.rules)
 * 1:11998 <-> DISABLED <-> PROTOCOL-VOIP To header invalid characters detected (protocol-voip.rules)
 * 1:11999 <-> DISABLED <-> PROTOCOL-VOIP Via header invalid characters detected (protocol-voip.rules)
 * 1:1200 <-> DISABLED <-> INDICATOR-COMPROMISE Invalid URL (indicator-compromise.rules)
 * 1:12000 <-> DISABLED <-> PROTOCOL-VOIP INVITE message invalid IP address (protocol-voip.rules)
 * 1:12001 <-> DISABLED <-> PROTOCOL-VOIP Version header overflow attempt (protocol-voip.rules)
 * 1:12002 <-> DISABLED <-> PROTOCOL-VOIP BYE flood (protocol-voip.rules)
 * 1:12003 <-> DISABLED <-> PROTOCOL-VOIP CANCEL flood (protocol-voip.rules)
 * 1:12004 <-> DISABLED <-> PROTOCOL-VOIP INVITE message Content-Length header size of zero (protocol-voip.rules)
 * 1:12005 <-> DISABLED <-> PROTOCOL-VOIP Connection header invalid value (protocol-voip.rules)
 * 1:12006 <-> DISABLED <-> PROTOCOL-VOIP outbound INVITE message (protocol-voip.rules)
 * 1:12007 <-> DISABLED <-> PROTOCOL-VOIP outbound 401 Unauthorized message (protocol-voip.rules)
 * 1:12009 <-> DISABLED <-> SQL Firebird SQL Fbserver buffer overflow attempt (sql.rules)
 * 1:1201 <-> DISABLED <-> INDICATOR-COMPROMISE 403 Forbidden (indicator-compromise.rules)
 * 1:12010 <-> DISABLED <-> BROWSER-PLUGINS RKD Software BarCode ActiveX clsid access (browser-plugins.rules)
 * 1:12012 <-> DISABLED <-> BROWSER-PLUGINS RKD Software BarCode ActiveX function call access (browser-plugins.rules)
 * 1:12014 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer navcancl.htm url spoofing attempt (browser-ie.rules)
 * 1:12015 <-> DISABLED <-> BROWSER-PLUGINS NCTAudioStudio2 NCT WavChunksEditor ActiveX clsid access (browser-plugins.rules)
 * 1:12017 <-> DISABLED <-> BROWSER-PLUGINS NCTAudioStudio2 NCT WavChunksEditor ActiveX function call access (browser-plugins.rules)
 * 1:12019 <-> DISABLED <-> BROWSER-PLUGINS NCTsoft NCTAudioFile2 NCTWMAFile ActiveX clsid access (browser-plugins.rules)
 * 1:1202 <-> DISABLED <-> SERVER-WEBAPP search.vts access (server-webapp.rules)
 * 1:12021 <-> DISABLED <-> BROWSER-PLUGINS NCTsoft NCTAudioFile2 NCTWMAFile ActiveX function call access (browser-plugins.rules)
 * 1:12027 <-> ENABLED <-> SQL Ingres Database uuid_from_char buffer overflow attempt (sql.rules)
 * 1:12029 <-> DISABLED <-> BROWSER-PLUGINS HP Digital Imaging hpqxml.dll ActiveX clsid access (browser-plugins.rules)
 * 1:12031 <-> DISABLED <-> CONTENT-REPLACE MSN deny in-bound file transfer attempts (content-replace.rules)
 * 1:12032 <-> DISABLED <-> CONTENT-REPLACE MSN deny out-bound file transfer attempts (content-replace.rules)
 * 1:12033 <-> DISABLED <-> CONTENT-REPLACE Jabber deny in-bound file transfer attempts (content-replace.rules)
 * 1:12034 <-> DISABLED <-> CONTENT-REPLACE Jabber deny out-bound file transfer attempts (content-replace.rules)
 * 1:12035 <-> DISABLED <-> CONTENT-REPLACE IRC deny in-bound file transfer attempts (content-replace.rules)
 * 1:12036 <-> DISABLED <-> CONTENT-REPLACE IRC deny out-bound file transfer attempts (content-replace.rules)
 * 1:12037 <-> DISABLED <-> CONTENT-REPLACE AIM deny in-bound file transfer attempts (content-replace.rules)
 * 1:12038 <-> DISABLED <-> CONTENT-REPLACE AIM deny out-bound file transfer attempts (content-replace.rules)
 * 1:12039 <-> DISABLED <-> CONTENT-REPLACE Yahoo Messenger deny in-bound file transfer attempts (content-replace.rules)
 * 1:1204 <-> DISABLED <-> SERVER-WEBAPP ax-admin.cgi access (server-webapp.rules)
 * 1:12040 <-> DISABLED <-> CONTENT-REPLACE Yahoo Messenger deny out-bound file transfer attempts (content-replace.rules)
 * 1:12041 <-> DISABLED <-> CONTENT-REPLACE Yahoo Messenger V7 deny in-bound file transfer attempts (content-replace.rules)
 * 1:12042 <-> DISABLED <-> CONTENT-REPLACE Yahoo Messenger V7 deny out-bound file transfer attempts (content-replace.rules)
 * 1:12043 <-> DISABLED <-> SERVER-IIS Microsoft XML parser IIS WebDAV attack attempt (server-iis.rules)
 * 1:12044 <-> DISABLED <-> SERVER-ORACLE Oracle Web Cache denial of service attempt (server-oracle.rules)
 * 1:12045 <-> DISABLED <-> SERVER-ORACLE Oracle Web Cache denial of service attempt (server-oracle.rules)
 * 1:12046 <-> DISABLED <-> PROTOCOL-RPC MIT Kerberos kadmind RPC Library unix authentication buffer overflow attempt (protocol-rpc.rules)
 * 1:12047 <-> DISABLED <-> PUA-ADWARE Adware yayad runtime detection (pua-adware.rules)
 * 1:12048 <-> DISABLED <-> MALWARE-OTHER Keylogger computer Keylogger runtime detection (malware-other.rules)
 * 1:12049 <-> DISABLED <-> MALWARE-OTHER Keylogger apophis spy 1.0 runtime detection (malware-other.rules)
 * 1:1205 <-> DISABLED <-> SERVER-WEBAPP axs.cgi access (server-webapp.rules)
 * 1:12050 <-> DISABLED <-> PUA-TOOLBARS Hijacker ez-greets toolbar runtime detection (pua-toolbars.rules)
 * 1:12051 <-> DISABLED <-> MALWARE-BACKDOOR ultimate rat 2.1 runtime detection (malware-backdoor.rules)
 * 1:12052 <-> DISABLED <-> MALWARE-BACKDOOR the[x] 1.2 runtime detection - execute command (malware-backdoor.rules)
 * 1:12053 <-> DISABLED <-> MALWARE-BACKDOOR trail of destruction 2.0 runtime detection - get system info (malware-backdoor.rules)
 * 1:12054 <-> ENABLED <-> MALWARE-BACKDOOR tron runtime detection - init connection - flowbit set (malware-backdoor.rules)
 * 1:12055 <-> DISABLED <-> MALWARE-BACKDOOR tron runtime detection - init connection (malware-backdoor.rules)
 * 1:12057 <-> DISABLED <-> SERVER-WEBAPP Ipswitch WhatsUpGold configuration access (server-webapp.rules)
 * 1:12058 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SPNEGO ASN.1 library heap corruption overflow attempt (os-windows.rules)
 * 1:15458 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer navigating between pages race condition attempt (browser-ie.rules)
 * 1:15459 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer deleted/unitialized object memory corruption attempt (browser-ie.rules)
 * 1:1546 <-> DISABLED <-> SERVER-WEBAPP Cisco HTTP double-percent DOS attempt (server-webapp.rules)
 * 1:15460 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer ActiveX load/unload race condition attempt (browser-ie.rules)
 * 1:15462 <-> DISABLED <-> BROWSER-OTHER Multiple web browsers HTTP chunked transfer-encoding memory corruption attempt (browser-other.rules)
 * 1:15463 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file download request (file-identify.rules)
 * 1:15464 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file download request (file-identify.rules)
 * 1:15466 <-> DISABLED <-> FILE-OFFICE Microsoft Office WordPad WordPerfect 6.x converter buffer overflow attempt (file-office.rules)
 * 1:15467 <-> DISABLED <-> FILE-OFFICE Microsoft Office WordPad and Office Text Converters PlcPcd aCP buffer overflow attempt (file-office.rules)
 * 1:15468 <-> ENABLED <-> BROWSER-IE Apple Safari-Internet Explorer SearchPath blended threat dll request (browser-ie.rules)
 * 1:15469 <-> DISABLED <-> FILE-OFFICE Microsoft Office WordPad and Office text converters integer underflow attempt (file-office.rules)
 * 1:1547 <-> DISABLED <-> SERVER-WEBAPP csSearch.cgi arbitrary command execution attempt (server-webapp.rules)
 * 1:15470 <-> DISABLED <-> FILE-EXECUTABLE IIS ASP/ASP.NET potentially malicious file upload attempt  (file-executable.rules)
 * 1:15472 <-> DISABLED <-> FILE-MULTIMEDIA Multiple MP3 player PLS buffer overflow attempt (file-multimedia.rules)
 * 1:15473 <-> DISABLED <-> FILE-MULTIMEDIA Multiple media players M3U playlist file handling buffer overflow attempt (file-multimedia.rules)
 * 1:15475 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ISA Server cross-site scripting attempt (os-windows.rules)
 * 1:15476 <-> DISABLED <-> PUA-ADWARE Waledac spam bot HTTP POST request (pua-adware.rules)
 * 1:15477 <-> DISABLED <-> SERVER-WEBAPP Oracle BEA WebLogic overlong JESSIONID buffer overflow attempt (server-webapp.rules)
 * 1:15478 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid object reference code execution attempt (file-flash.rules)
 * 1:15479 <-> DISABLED <-> SERVER-OTHER RealNetworks Helix Server RTSP Request Proxy-Require header heap buffer overflow attempt (server-other.rules)
 * 1:1548 <-> DISABLED <-> SERVER-WEBAPP csSearch.cgi access (server-webapp.rules)
 * 1:15480 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime movie record invalid version number exploit attempt (file-multimedia.rules)
 * 1:15481 <-> DISABLED <-> MALWARE-CNC Zeus/Zbot malware config file download request (malware-cnc.rules)
 * 1:15482 <-> DISABLED <-> SERVER-OTHER Oracle Java System sockd authentication buffer overflow attempt (server-other.rules)
 * 1:15483 <-> ENABLED <-> FILE-IDENTIFY Adobe Shockwave Flash file download request (file-identify.rules)
 * 1:15484 <-> DISABLED <-> PROTOCOL-IMAP CRAM-MD5 authentication method buffer overflow attempt (protocol-imap.rules)
 * 1:15485 <-> DISABLED <-> SERVER-MAIL IBM Lotus Notes DOC attachment viewer buffer overflow (server-mail.rules)
 * 1:15487 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime SMIL qtnext redirect file execution attempt (file-multimedia.rules)
 * 1:15488 <-> DISABLED <-> SERVER-ORACLE Oracle Database Application Express Component APEX password hash disclosure attempt (server-oracle.rules)
 * 1:15489 <-> DISABLED <-> PUA-OTHER Cerulean Studios Trillian image filename handling XML tag overflow attempt (pua-other.rules)
 * 1:1549 <-> DISABLED <-> SERVER-MAIL HELO overflow attempt (server-mail.rules)
 * 1:15490 <-> DISABLED <-> OS-LINUX Linux SCTP malformed forward-tsn chunk arbitrary code execution attempt (os-linux.rules)
 * 1:15491 <-> DISABLED <-> SERVER-WEBAPP Subversion 1.0.2 dated-rev-report buffer overflow over http attempt (server-webapp.rules)
 * 1:15492 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader spell.customDictionaryOpen exploit attempt (file-pdf.rules)
 * 1:15493 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader getAnnots exploit attempt (file-pdf.rules)
 * 1:15499 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint PP7 Component buffer overflow attempt (file-office.rules)
 * 1:1550 <-> DISABLED <-> SERVER-MAIL ETRN overflow attempt (server-mail.rules)
 * 1:15500 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint LinkedSlide memory corruption (file-office.rules)
 * 1:15501 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint ParaBuildAtom memory corruption attempt (file-office.rules)
 * 1:15502 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint DiagramBuildContainer memory corruption attempt (file-office.rules)
 * 1:15503 <-> ENABLED <-> FILE-OFFICE Download of PowerPoint 95 file (file-office.rules)
 * 1:15504 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint Download of version 4.0 file (file-office.rules)
 * 1:15505 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint HashCode10Atom memory corruption attempt (file-office.rules)
 * 1:15506 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint CurrentUserAtom remote code execution attempt (file-office.rules)
 * 1:15508 <-> DISABLED <-> SERVER-OTHER DCERPC NCADG-IP-UDP lsarpc LsarLookupSids translated_names overflow attempt (server-other.rules)
 * 1:15509 <-> DISABLED <-> SERVER-OTHER IBM DB2 database server CONNECT denial of service attempt (server-other.rules)
 * 1:1551 <-> DISABLED <-> SERVER-WEBAPP /CVS/Entries access (server-webapp.rules)
 * 1:15510 <-> DISABLED <-> SERVER-OTHER Trend Micro OfficeScan Server cgiRecvFile overflow attempt (server-other.rules)
 * 1:15511 <-> DISABLED <-> SERVER-APACHE Oracle WebLogic Apache Connector buffer overflow attempt (server-apache.rules)
 * 1:15512 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP rpcss2_RemoteGetClassObject attempt (os-windows.rules)
 * 1:15513 <-> DISABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP rpcss2_RemoteGetClassObject attempt (os-windows.rules)
 * 1:15514 <-> DISABLED <-> SERVER-OTHER Multiple Vendors NTP Daemon Autokey stack buffer overflow attempt (server-other.rules)
 * 1:15515 <-> DISABLED <-> SERVER-ORACLE Oracle Database Server RollbackWorkspace SQL injection attempt (server-oracle.rules)
 * 1:15516 <-> ENABLED <-> FILE-IDENTIFY AVI multimedia file download request (file-identify.rules)
 * 1:15517 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows AVI DirectShow QuickTime parsing overflow attempt (file-multimedia.rules)
 * 1:15518 <-> ENABLED <-> FILE-IDENTIFY Embedded Open Type Font file download request (file-identify.rules)
 * 1:1552 <-> DISABLED <-> SERVER-WEBAPP cvsweb version access (server-webapp.rules)
 * 1:15522 <-> DISABLED <-> SERVER-OTHER Active Directory invalid OID denial of service attempt  (server-other.rules)
 * 1:15523 <-> DISABLED <-> OS-WINDOWS Microsoft Windows srvsvc NetrShareEnum netname overflow attempt (os-windows.rules)
 * 1:15524 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:15525 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:15526 <-> DISABLED <-> FILE-OFFICE Microsoft Works 4.x converter font name buffer overflow attempt (file-office.rules)
 * 1:15527 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Active Directory LDAP denial of service attempt (os-windows.rules)
 * 1:15528 <-> ENABLED <-> OS-WINDOWS Microsoft Windows DCERPC NCACN-IP-TCP spoolss RpcSetPrinterDataEx attempt (os-windows.rules)
 * 1:15529 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer cross-domain navigation cookie stealing attempt (browser-ie.rules)
 * 1:15531 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Unexpected method call remote code execution attempt (browser-ie.rules)
 * 1:15534 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer XML HttpRequest race condition exploit attempt (browser-ie.rules)
 * 1:15535 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer setCapture heap corruption exploit attempt (browser-ie.rules)
 * 1:15538 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer onreadystatechange memory corruption attempt (browser-ie.rules)
 * 1:15539 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Formula record remote code execution attempt (file-office.rules)
 * 1:1554 <-> DISABLED <-> SERVER-WEBAPP dbman db.cgi access (server-webapp.rules)
 * 1:15540 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer layout object use after free attempt (browser-ie.rules)
 * 1:15541 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SST record remote code execution attempt (file-office.rules)
 * 1:15542 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Qsir and Qsif record remote code execution attempt (file-office.rules)
 * 1:15543 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Communications Control v6 ActiveX clsid access (browser-plugins.rules)
 * 1:15545 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Communications Control v6 ActiveX function call access (browser-plugins.rules)
 * 1:15547 <-> DISABLED <-> BROWSER-PLUGINS eBay Picture Uploads control 1 ActiveX clsid access (browser-plugins.rules)
 * 1:15549 <-> DISABLED <-> BROWSER-PLUGINS eBay Picture Uploads control 1 ActiveX function call access (browser-plugins.rules)
 * 1:1555 <-> DISABLED <-> SERVER-WEBAPP DCShop access (server-webapp.rules)
 * 1:15551 <-> DISABLED <-> BROWSER-PLUGINS eBay Picture Uploads control 2 ActiveX clsid access (browser-plugins.rules)
 * 1:15553 <-> DISABLED <-> MALWARE-CNC Sality virus HTTP GET request (malware-cnc.rules)
 * 1:15554 <-> DISABLED <-> SERVER-ORACLE Application Server 10g OPMN service format string vulnerability exploit attempt (server-oracle.rules)
 * 1:15555 <-> DISABLED <-> SERVER-OTHER Symantec Alert Management System Intel Alert Originator Service buffer overflow attempt (server-other.rules)
 * 1:15557 <-> DISABLED <-> BROWSER-PLUGINS SAP AG SAPgui EnjoySAP ActiveX clsid access (browser-plugins.rules)
 * 1:15559 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime movie file clipping region handling heap buffer overflow attempt (file-multimedia.rules)
 * 1:1556 <-> DISABLED <-> SERVER-WEBAPP DCShop orders.txt access (server-webapp.rules)
 * 1:15560 <-> DISABLED <-> POLICY-SOCIAL Yahoo Messenger web client activity (policy-social.rules)
 * 1:15561 <-> DISABLED <-> POLICY-SOCIAL AOL Aimexpress web client login (policy-social.rules)
 * 1:15562 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JPX malformed code-block width memory corruption attempt (file-pdf.rules)
 * 1:15563 <-> DISABLED <-> MALWARE-CNC RSPlug Win.Trojan.server connection (malware-cnc.rules)
 * 1:15564 <-> DISABLED <-> MALWARE-CNC RSPlug Win.Trojan.file download (malware-cnc.rules)
 * 1:15565 <-> DISABLED <-> MALWARE-CNC RSPlug Win.Trojan.file download (malware-cnc.rules)
 * 1:15566 <-> DISABLED <-> PUA-ADWARE Gumblar HTTP GET request attempt (pua-adware.rules)
 * 1:15567 <-> DISABLED <-> PUA-ADWARE Martuz HTTP GET request attempt (pua-adware.rules)
 * 1:15568 <-> DISABLED <-> POLICY-SOCIAL AIM encrypted login attempt (policy-social.rules)
 * 1:15569 <-> DISABLED <-> POLICY-SOCIAL Yahoo encrypted login attempt (policy-social.rules)
 * 1:1557 <-> DISABLED <-> SERVER-WEBAPP DCShop auth_user_file.txt access (server-webapp.rules)
 * 1:15570 <-> DISABLED <-> CONTENT-REPLACE Google Talk deny login (content-replace.rules)
 * 1:15571 <-> DISABLED <-> SERVER-OTHER RealNetworks Helix Server RTSP SETUP stack buffer overflow attempt (server-other.rules)
 * 1:15572 <-> DISABLED <-> SERVER-OTHER Curse of Silence Nokia SMS DoS attempt (server-other.rules)
 * 1:15573 <-> DISABLED <-> SERVER-OTHER RealNetworks Helix Server RTSP SET_PARAMETER heap buffer overflow attempt (server-other.rules)
 * 1:15574 <-> DISABLED <-> SERVER-MAIL MAIL FROM command overflow attempt (server-mail.rules)
 * 1:15575 <-> DISABLED <-> FILE-IDENTIFY WordPerfect file magic detected (file-identify.rules)
 * 1:15576 <-> DISABLED <-> POLICY-SOCIAL Microsoft MSN Messenger web client login (policy-social.rules)
 * 1:15577 <-> DISABLED <-> POLICY-SOCIAL Microsoft MSN Messenger web client activity (policy-social.rules)
 * 1:15578 <-> DISABLED <-> MALWARE-TOOLS Slowloris http DoS tool (malware-tools.rules)
 * 1:15579 <-> DISABLED <-> SERVER-OTHER Squid NTLM fakeauth_auth Helper denial of service attempt (server-other.rules)
 * 1:1558 <-> DISABLED <-> SERVER-WEBAPP Delegate whois overflow attempt (server-webapp.rules)
 * 1:15580 <-> DISABLED <-> SERVER-OTHER Squid oversized reply header handling exploit attempt (server-other.rules)
 * 1:15581 <-> DISABLED <-> SERVER-SAMBA Samba wildcard filename matching denial of service attempt (server-samba.rules)
 * 1:15582 <-> ENABLED <-> FILE-IDENTIFY ARJ format file download request (file-identify.rules)
 * 1:15583 <-> DISABLED <-> FILE-OTHER F-Secure AntiVirus library heap overflow attempt (file-other.rules)
 * 1:15584 <-> DISABLED <-> SQL char and sysobjects - possible sql injection recon attempt (sql.rules)
 * 1:15586 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office PowerPoint file download request (file-identify.rules)
 * 1:15587 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word file download request (file-identify.rules)
 * 1:15588 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 1 ActiveX clsid access (browser-plugins.rules)
 * 1:1559 <-> DISABLED <-> SERVER-WEBAPP /doc/packages access (server-webapp.rules)
 * 1:15590 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 10 ActiveX clsid access (browser-plugins.rules)
 * 1:15592 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 11 ActiveX clsid access (browser-plugins.rules)
 * 1:15594 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 12 ActiveX clsid access (browser-plugins.rules)
 * 1:15596 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 13 ActiveX clsid access (browser-plugins.rules)
 * 1:15598 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 14 ActiveX clsid access (browser-plugins.rules)
 * 1:1560 <-> DISABLED <-> SERVER-WEBAPP /doc/ access (server-webapp.rules)
 * 1:15600 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 15 ActiveX clsid access (browser-plugins.rules)
 * 1:15602 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 16 ActiveX clsid access (browser-plugins.rules)
 * 1:15604 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 17 ActiveX clsid access (browser-plugins.rules)
 * 1:15606 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 18 ActiveX clsid access (browser-plugins.rules)
 * 1:15608 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 19 ActiveX clsid access (browser-plugins.rules)
 * 1:15610 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 2 ActiveX clsid access (browser-plugins.rules)
 * 1:15612 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 20 ActiveX clsid access (browser-plugins.rules)
 * 1:15614 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 21 ActiveX clsid access (browser-plugins.rules)
 * 1:15616 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 22 ActiveX clsid access (browser-plugins.rules)
 * 1:15618 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 23 ActiveX clsid access (browser-plugins.rules)
 * 1:1562 <-> DISABLED <-> PROTOCOL-FTP SITE CHOWN overflow attempt (protocol-ftp.rules)
 * 1:15620 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 24 ActiveX clsid access (browser-plugins.rules)
 * 1:15622 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 25 ActiveX clsid access (browser-plugins.rules)
 * 1:15624 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 26 ActiveX clsid access (browser-plugins.rules)
 * 1:15626 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 27 ActiveX clsid access (browser-plugins.rules)
 * 1:15628 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 28 ActiveX clsid access (browser-plugins.rules)
 * 1:1563 <-> DISABLED <-> SERVER-WEBAPP login.htm attempt (server-webapp.rules)
 * 1:15630 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 29 ActiveX clsid access (browser-plugins.rules)
 * 1:15632 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 3 ActiveX clsid access (browser-plugins.rules)
 * 1:15634 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 30 ActiveX clsid access (browser-plugins.rules)
 * 1:15636 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 31 ActiveX clsid access (browser-plugins.rules)
 * 1:15638 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 32 ActiveX clsid access (browser-plugins.rules)
 * 1:1564 <-> DISABLED <-> SERVER-WEBAPP login.htm access (server-webapp.rules)
 * 1:15640 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 33 ActiveX clsid access (browser-plugins.rules)
 * 1:15642 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 34 ActiveX clsid access (browser-plugins.rules)
 * 1:15644 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 35 ActiveX clsid access (browser-plugins.rules)
 * 1:15646 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 36 ActiveX clsid access (browser-plugins.rules)
 * 1:15648 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 37 ActiveX clsid access (browser-plugins.rules)
 * 1:1565 <-> DISABLED <-> SERVER-WEBAPP eshop.pl arbitrary command execution attempt (server-webapp.rules)
 * 1:15650 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 38 ActiveX clsid access (browser-plugins.rules)
 * 1:15652 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 39 ActiveX clsid access (browser-plugins.rules)
 * 1:15654 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 4 ActiveX clsid access (browser-plugins.rules)
 * 1:15656 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 40 ActiveX clsid access (browser-plugins.rules)
 * 1:15658 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 41 ActiveX clsid access (browser-plugins.rules)
 * 1:1566 <-> DISABLED <-> SERVER-WEBAPP eshop.pl access (server-webapp.rules)
 * 1:15660 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 42 ActiveX clsid access (browser-plugins.rules)
 * 1:15662 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 43 ActiveX clsid access (browser-plugins.rules)
 * 1:15664 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 44 ActiveX clsid access (browser-plugins.rules)
 * 1:15666 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 45 ActiveX clsid access (browser-plugins.rules)
 * 1:15668 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 5 ActiveX clsid access (browser-plugins.rules)
 * 1:1567 <-> DISABLED <-> SERVER-IIS /exchange/root.asp attempt (server-iis.rules)
 * 1:15670 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 6 ActiveX clsid access (browser-plugins.rules)
 * 1:15671 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 6 ActiveX function call (browser-plugins.rules)
 * 1:15672 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 7 ActiveX clsid access (browser-plugins.rules)
 * 1:15674 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 8 ActiveX clsid access (browser-plugins.rules)
 * 1:15676 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Video 9 ActiveX clsid access (browser-plugins.rules)
 * 1:12392 <-> DISABLED <-> SERVER-MAIL GNU Mailutils request tag format string vulnerability attempt (server-mail.rules)
 * 1:12393 <-> DISABLED <-> BROWSER-PLUGINS Intuit QuickBooks Online Edition 1 ActiveX clsid access (browser-plugins.rules)
 * 1:12395 <-> DISABLED <-> BROWSER-PLUGINS Intuit QuickBooks Online Edition 2 ActiveX clsid access (browser-plugins.rules)
 * 1:12397 <-> DISABLED <-> BROWSER-PLUGINS Intuit QuickBooks Online Edition 3 ActiveX clsid access (browser-plugins.rules)
 * 1:12399 <-> DISABLED <-> BROWSER-PLUGINS Intuit QuickBooks Online Edition 4 ActiveX clsid access (browser-plugins.rules)
 * 1:1240 <-> DISABLED <-> SERVER-OTHER MDBMS overflow (server-other.rules)
 * 1:12401 <-> DISABLED <-> BROWSER-PLUGINS Intuit QuickBooks Online Edition 5 ActiveX clsid access (browser-plugins.rules)
 * 1:12403 <-> DISABLED <-> BROWSER-PLUGINS Intuit QuickBooks Online Edition 6 ActiveX clsid access (browser-plugins.rules)
 * 1:12405 <-> DISABLED <-> BROWSER-PLUGINS Intuit QuickBooks Online Edition 7 ActiveX clsid access (browser-plugins.rules)
 * 1:12407 <-> DISABLED <-> BROWSER-PLUGINS Intuit QuickBooks Online Edition 8 ActiveX clsid access (browser-plugins.rules)
 * 1:12409 <-> DISABLED <-> BROWSER-PLUGINS Intuit QuickBooks Online Edition 9 ActiveX clsid access (browser-plugins.rules)
 * 1:1241 <-> DISABLED <-> SERVER-WEBAPP SWEditServlet directory traversal attempt (server-webapp.rules)
 * 1:12411 <-> DISABLED <-> BROWSER-PLUGINS Intuit QuickBooks Online Edition 10 ActiveX clsid access (browser-plugins.rules)
 * 1:12413 <-> DISABLED <-> BROWSER-PLUGINS Earth Resource Mapper NCSView ActiveX clsid access (browser-plugins.rules)
 * 1:12415 <-> DISABLED <-> BROWSER-PLUGINS Earth Resource Mapper NCSView ActiveX function call access (browser-plugins.rules)
 * 1:12417 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual FoxPro ActiveX clsid access (browser-plugins.rules)
 * 1:12419 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual FoxPro ActiveX function call access (browser-plugins.rules)
 * 1:1242 <-> DISABLED <-> SERVER-IIS ISAPI .ida access (server-iis.rules)
 * 1:12421 <-> DISABLED <-> SERVER-OTHER RealNetworks Helix RTSP long transport header (server-other.rules)
 * 1:12422 <-> DISABLED <-> SERVER-OTHER RealNetworks Helix RTSP long describe request exploit attempt (server-other.rules)
 * 1:12423 <-> DISABLED <-> SERVER-MAIL Microsoft Windows Exchange CDO long header name (server-mail.rules)
 * 1:12424 <-> DISABLED <-> PROTOCOL-RPC MIT Kerberos kadmind rpc RPCSEC_GSS buffer overflow attempt (protocol-rpc.rules)
 * 1:12425 <-> DISABLED <-> PUA-P2P Ruckus P2P client activity (pua-p2p.rules)
 * 1:12426 <-> DISABLED <-> PUA-P2P Ruckus P2P broadcast domain probe (pua-p2p.rules)
 * 1:12427 <-> DISABLED <-> PUA-P2P Ruckus P2P encrypted authentication connection (pua-p2p.rules)
 * 1:12428 <-> DISABLED <-> BROWSER-PLUGINS GlobalLink glitemflat.dll ActiveX clsid access (browser-plugins.rules)
 * 1:1243 <-> DISABLED <-> SERVER-IIS ISAPI .ida attempt (server-iis.rules)
 * 1:12430 <-> DISABLED <-> BROWSER-PLUGINS EDraw Office Viewer Component ActiveX clsid access (browser-plugins.rules)
 * 1:12432 <-> DISABLED <-> BROWSER-PLUGINS EDraw Office Viewer Component ActiveX function call access (browser-plugins.rules)
 * 1:12434 <-> DISABLED <-> BROWSER-PLUGINS BaoFeng Storm MPS.dll ActiveX clsid access (browser-plugins.rules)
 * 1:12436 <-> DISABLED <-> POLICY-MULTIMEDIA Youtube video player file request (policy-multimedia.rules)
 * 1:12437 <-> DISABLED <-> POLICY-MULTIMEDIA Google video player request (policy-multimedia.rules)
 * 1:12438 <-> DISABLED <-> BROWSER-PLUGINS Ultra Crypto Component CryptoX.dll ActiveX clsid access (browser-plugins.rules)
 * 1:1244 <-> DISABLED <-> SERVER-IIS ISAPI .idq attempt (server-iis.rules)
 * 1:12440 <-> DISABLED <-> BROWSER-PLUGINS Ultra Crypto Component CryptoX.dll ActiveX function call access (browser-plugins.rules)
 * 1:12442 <-> DISABLED <-> BROWSER-PLUGINS Ultra Crypto Component CryptoX.dll 2 ActiveX clsid access (browser-plugins.rules)
 * 1:12444 <-> DISABLED <-> BROWSER-PLUGINS Microsoft SQL Server Distributed Management Objects ActiveX clsid access (browser-plugins.rules)
 * 1:12446 <-> DISABLED <-> BROWSER-PLUGINS Microsoft SQL Server Distributed Management Objects ActiveX function call access (browser-plugins.rules)
 * 1:12448 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Agent Control ActiveX clsid access (browser-plugins.rules)
 * 1:1245 <-> DISABLED <-> SERVER-IIS ISAPI .idq access (server-iis.rules)
 * 1:12450 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Agent Control ActiveX function call access (browser-plugins.rules)
 * 1:12452 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Agent File Provider ActiveX clsid access (browser-plugins.rules)
 * 1:12454 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media ASF file magic detected (file-identify.rules)
 * 1:12455 <-> ENABLED <-> FILE-IDENTIFY SAP Crystal Reports file download request (file-identify.rules)
 * 1:12456 <-> DISABLED <-> FILE-IDENTIFY SAP Crystal Reports file magic detected (file-identify.rules)
 * 1:12457 <-> DISABLED <-> POLICY-SOCIAL Microsoft Live chat video feed initiation (policy-social.rules)
 * 1:12458 <-> DISABLED <-> PROTOCOL-RPC Solaris TCP portmap sadmin port query request attempt (protocol-rpc.rules)
 * 1:12459 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Studio 6 PDWizard.ocx ActiveX clsid access attempt (browser-plugins.rules)
 * 1:12461 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Studio 6 VBTOVSI.dll ActiveX clsid access (browser-plugins.rules)
 * 1:12463 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Visual Studio Crystal Reports RPT file handling buffer overflow attempt (os-windows.rules)
 * 1:12464 <-> DISABLED <-> PROTOCOL-NNTP cancel overflow attempt (protocol-nntp.rules)
 * 1:12465 <-> DISABLED <-> SERVER-APACHE Apache APR memory corruption attempt (server-apache.rules)
 * 1:12466 <-> DISABLED <-> BROWSER-PLUGINS MW6 Technologies QRCode ActiveX clsid access (browser-plugins.rules)
 * 1:12468 <-> DISABLED <-> BROWSER-PLUGINS COWON America JetAudio JetFlExt.dll ActiveX clsid access (browser-plugins.rules)
 * 1:12470 <-> DISABLED <-> BROWSER-PLUGINS COWON America JetAudio JetFlExt.dll ActiveX function call access (browser-plugins.rules)
 * 1:12472 <-> DISABLED <-> BROWSER-PLUGINS Oracle Java Web Start ActiveX clsid access (browser-plugins.rules)
 * 1:12474 <-> DISABLED <-> BROWSER-PLUGINS Oracle Java Web Start ActiveX function call access (browser-plugins.rules)
 * 1:12476 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Messenger CYFT ActiveX clsid access (browser-plugins.rules)
 * 1:12478 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Messenger CYFT ActiveX function call access (browser-plugins.rules)
 * 1:1248 <-> DISABLED <-> SERVER-OTHER Microsoft Frontpage rad fp30reg.dll access (server-other.rules)
 * 1:12480 <-> ENABLED <-> MALWARE-OTHER Keylogger inside website logger 2.4 runtime detection (malware-other.rules)
 * 1:12481 <-> DISABLED <-> PUA-TOOLBARS Hijacker 411web toolbar runtime detection (pua-toolbars.rules)
 * 1:12482 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user agent - ZOMBIES_HTTP_GET (malware-cnc.rules)
 * 1:12483 <-> DISABLED <-> PUA-ADWARE Other-Technologies virusprotectpro 3.7 outbound connection (pua-adware.rules)
 * 1:12484 <-> DISABLED <-> PUA-ADWARE Adware instant buzz runtime detection - ads for members (pua-adware.rules)
 * 1:12485 <-> DISABLED <-> PUA-ADWARE Adware instant buzz runtime detection - random text ads (pua-adware.rules)
 * 1:12486 <-> DISABLED <-> PUA-TOOLBARS Hijacker soso toolbar runtime detection - get weather information (pua-toolbars.rules)
 * 1:12487 <-> DISABLED <-> PUA-TOOLBARS Hijacker soso toolbar runtime detection - hijack ie auto searches / soso toolbar searches requests (pua-toolbars.rules)
 * 1:12489 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP wkssvc NetrWkstaGetInfo attempt (netbios.rules)
 * 1:1249 <-> DISABLED <-> SERVER-OTHER Microsoft Frontpage rad fp4areg.dll access (server-other.rules)
 * 1:1250 <-> DISABLED <-> OS-OTHER Cisco IOS HTTP configuration attempt (os-other.rules)
 * 1:1252 <-> DISABLED <-> PROTOCOL-TELNET bsd telnet exploit response (protocol-telnet.rules)
 * 1:1253 <-> DISABLED <-> PROTOCOL-TELNET bsd exploit client finishing (protocol-telnet.rules)
 * 1:1254 <-> DISABLED <-> SERVER-WEBAPP PHPLIB remote command attempt (server-webapp.rules)
 * 1:1255 <-> DISABLED <-> SERVER-WEBAPP PHPLIB remote command attempt (server-webapp.rules)
 * 1:1256 <-> DISABLED <-> SERVER-IIS CodeRed v2 root.exe access (server-iis.rules)
 * 1:1257 <-> DISABLED <-> SERVER-OTHER Winnuke attack (server-other.rules)
 * 1:1259 <-> DISABLED <-> SERVER-WEBAPP SWEditServlet access (server-webapp.rules)
 * 1:12591 <-> DISABLED <-> SERVER-APACHE Apache mod_cache denial of service attempt (server-apache.rules)
 * 1:12592 <-> DISABLED <-> SERVER-MAIL Recipient arbitrary command injection attempt (server-mail.rules)
 * 1:12593 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Apple Quicktime chrome exploit (browser-firefox.rules)
 * 1:12594 <-> DISABLED <-> SERVER-OTHER Oracle TNS Service_CurLoad command (server-other.rules)
 * 1:12595 <-> DISABLED <-> SERVER-IIS malicious ASP file upload attempt (server-iis.rules)
 * 1:12596 <-> DISABLED <-> SERVER-OTHER CA BrightStor LGServer username buffer overflow attempt (server-other.rules)
 * 1:12597 <-> DISABLED <-> SERVER-OTHER utf8 filename transfer attempt (server-other.rules)
 * 1:12598 <-> DISABLED <-> BROWSER-PLUGINS Xunlei Web Thunder ActiveX clsid access (browser-plugins.rules)
 * 1:12600 <-> DISABLED <-> BROWSER-PLUGINS ebCrypt IncrementalHash ActiveX clsid access (browser-plugins.rules)
 * 1:12602 <-> DISABLED <-> BROWSER-PLUGINS ebCrypt IncrementalHash ActiveX function call access (browser-plugins.rules)
 * 1:12604 <-> DISABLED <-> BROWSER-PLUGINS ebCrypt PRNGenerator ActiveX clsid access (browser-plugins.rules)
 * 1:12606 <-> DISABLED <-> BROWSER-PLUGINS ebCrypt PRNGenerator ActiveX function call access (browser-plugins.rules)
 * 1:12608 <-> DISABLED <-> PROTOCOL-RPC portmap walld udp request (protocol-rpc.rules)
 * 1:12609 <-> DISABLED <-> PROTOCOL-RPC portmap walld udp format string attack attempt (protocol-rpc.rules)
 * 1:1261 <-> DISABLED <-> SERVER-OTHER AIX pdnsd overflow (server-other.rules)
 * 1:12610 <-> DISABLED <-> SERVER-WEBAPP phpBB viewtopic double URL encoding attempt (server-webapp.rules)
 * 1:12611 <-> DISABLED <-> POLICY-SOCIAL ebuddy.com login attempt (policy-social.rules)
 * 1:12612 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows MFC Library ActiveX clsid access (browser-plugins.rules)
 * 1:12614 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows MFC Library ActiveX function call access (browser-plugins.rules)
 * 1:12616 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Studio 6 PDWizard.ocx ActiveX function call access attempt (browser-plugins.rules)
 * 1:12618 <-> DISABLED <-> FILE-OTHER Microsoft Visual Basic VBP file reference overflow attempt (file-other.rules)
 * 1:12619 <-> DISABLED <-> SERVER-MAIL Microsoft Windows Exchange ical/vcal malformed property (server-mail.rules)
 * 1:1262 <-> DISABLED <-> PROTOCOL-RPC portmap admind request TCP (protocol-rpc.rules)
 * 1:12620 <-> DISABLED <-> PUA-ADWARE Adware drive cleaner 1.0.111 runtime detection (pua-adware.rules)
 * 1:12621 <-> DISABLED <-> PUA-TOOLBARS Trackware extra toolbar 1.0 runtime detection (pua-toolbars.rules)
 * 1:12622 <-> DISABLED <-> PUA-TOOLBARS Trackware extra toolbar 1.0 runtime detection - file download (pua-toolbars.rules)
 * 1:12623 <-> DISABLED <-> PUA-ADWARE Hijacker onestepsearch 1.0.118 outbound connection (pua-adware.rules)
 * 1:12624 <-> DISABLED <-> PUA-ADWARE Hijacker onestepsearch 1.0.118 outbound connection - upgrade (pua-adware.rules)
 * 1:12625 <-> DISABLED <-> MALWARE-OTHER Keylogger windows family safety 2.0 runtime detection (malware-other.rules)
 * 1:12627 <-> DISABLED <-> PROTOCOL-RPC Solaris TCP portmapper sadmin port query attempt (protocol-rpc.rules)
 * 1:12628 <-> DISABLED <-> PROTOCOL-RPC Solaris UDP portmapper sadmin port query attempt (protocol-rpc.rules)
 * 1:12629 <-> DISABLED <-> SERVER-WEBAPP Microsoft Office SharePoint cross site scripting attempt (server-webapp.rules)
 * 1:1263 <-> DISABLED <-> PROTOCOL-RPC portmap amountd request TCP (protocol-rpc.rules)
 * 1:12630 <-> DISABLED <-> INDICATOR-SHELLCODE unescape unicode encoded shellcode (indicator-shellcode.rules)
 * 1:12631 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 2000 Kodak Imaging small offset malformed jpeg tables (os-windows.rules)
 * 1:12632 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 2000 Kodak Imaging large offset malformed jpeg tables (os-windows.rules)
 * 1:12634 <-> DISABLED <-> FILE-IMAGE Microsoft Windows 2000 Kodak Imaging large offset malformed tiff 2 (file-image.rules)
 * 1:12635 <-> DISABLED <-> OS-WINDOWS RPC NTLMSSP malformed credentials attempt (os-windows.rules)
 * 1:12637 <-> DISABLED <-> BROWSER-PLUGINS Kaspersky Online Scanner KAVWebScan.dll ActiveX clsid access (browser-plugins.rules)
 * 1:12639 <-> DISABLED <-> BROWSER-PLUGINS Kaspersky Online Scanner KAVWebScan.dll ActiveX function call access (browser-plugins.rules)
 * 1:1264 <-> DISABLED <-> PROTOCOL-RPC portmap bootparam request TCP (protocol-rpc.rules)
 * 1:12641 <-> DISABLED <-> FILE-IDENTIFY Microsoft Word for Mac 5 file magic detected (file-identify.rules)
 * 1:12642 <-> DISABLED <-> OS-WINDOWS RPC NTLMSSP malformed credentials (os-windows.rules)
 * 1:12643 <-> DISABLED <-> OS-WINDOWS Microsoft Windows URI External handler arbitrary command attempt (os-windows.rules)
 * 1:12644 <-> DISABLED <-> BROWSER-PLUGINS PBEmail7 ActiveX clsid access (browser-plugins.rules)
 * 1:12646 <-> DISABLED <-> BROWSER-PLUGINS PBEmail7 ActiveX function call access (browser-plugins.rules)
 * 1:12648 <-> DISABLED <-> BROWSER-PLUGINS DB Software Laboratory VImpX ActiveX clsid access (browser-plugins.rules)
 * 1:1265 <-> DISABLED <-> PROTOCOL-RPC portmap cmsd request TCP (protocol-rpc.rules)
 * 1:13905 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Access Snapshot Viewer ActiveX function call access attempt (browser-plugins.rules)
 * 1:13907 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Access Snapshot Viewer ActiveX clsid access attempt (browser-plugins.rules)
 * 1:13911 <-> ENABLED <-> FILE-IDENTIFY Microsoft search file download request (file-identify.rules)
 * 1:13912 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer isComponentInstalled attack attempt (browser-ie.rules)
 * 1:13913 <-> DISABLED <-> BROWSER-PLUGINS AcroPDF.PDF ActiveX clsid access attempt (browser-plugins.rules)
 * 1:13915 <-> ENABLED <-> FILE-IDENTIFY BAK file download request (file-identify.rules)
 * 1:13916 <-> DISABLED <-> SERVER-WEBAPP Alt-N SecurityGateway username buffer overflow attempt (server-webapp.rules)
 * 1:13917 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MOV file string handling integer overflow attempt (file-multimedia.rules)
 * 1:13918 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MOV file string handling integer overflow attempt (file-multimedia.rules)
 * 1:13919 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MOV file string handling integer overflow attempt (file-multimedia.rules)
 * 1:1392 <-> DISABLED <-> SERVER-WEBAPP lastlines.cgi access (server-webapp.rules)
 * 1:13920 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime Obji Atom parsing stack buffer overflow attempt (file-multimedia.rules)
 * 1:13922 <-> DISABLED <-> SERVER-IIS Microsoft IIS HTMLEncode Unicode string buffer overflow  (server-iis.rules)
 * 1:13923 <-> DISABLED <-> SERVER-MAIL MailEnable SMTP HELO command denial of service attempt (server-mail.rules)
 * 1:13925 <-> DISABLED <-> PROTOCOL-FTP Computer Associates eTrust Secure Content Manager PASV stack overflow attempt (protocol-ftp.rules)
 * 1:13926 <-> DISABLED <-> SERVER-OTHER Novell Groupwise HTTP response message parsing overflow (server-other.rules)
 * 1:13927 <-> DISABLED <-> PROTOCOL-TFTP Open TFTP Server log generation buffer overflow attempt (protocol-tftp.rules)
 * 1:13928 <-> DISABLED <-> SERVER-WEBAPP Adobe RoboHelp rx SQL injection attempt (server-webapp.rules)
 * 1:13929 <-> DISABLED <-> SERVER-WEBAPP Adobe RoboHelp rx SQL injection attempt (server-webapp.rules)
 * 1:13930 <-> DISABLED <-> PUA-ADWARE Trickler pc privacy cleaner outbound connection - order/register request (pua-adware.rules)
 * 1:13931 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user agent - PcPcUpdater (malware-cnc.rules)
 * 1:13932 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user agent - opera (malware-cnc.rules)
 * 1:13933 <-> DISABLED <-> MALWARE-OTHER Trackware rightonadz.biz adrotator runtime detection - ads (malware-other.rules)
 * 1:13934 <-> DISABLED <-> MALWARE-CNC Hijacker mediatubecodec 1.470.0 variant outbound connection hijack ie (malware-cnc.rules)
 * 1:13935 <-> DISABLED <-> MALWARE-CNC Hijacker mediatubecodec 1.470.0 variant outbound connection download other malware (malware-cnc.rules)
 * 1:13936 <-> DISABLED <-> MALWARE-CNC Trickler dropper agent.rqg variant outbound connection call home (malware-cnc.rules)
 * 1:13937 <-> DISABLED <-> PUA-ADWARE Hijacker adware.win32.ejik.ec variant runtime detection - call home (pua-adware.rules)
 * 1:13938 <-> ENABLED <-> PUA-ADWARE Hijacker adware.win32.ejik.ec variant outbound connection (pua-adware.rules)
 * 1:13939 <-> DISABLED <-> PUA-ADWARE Hijacker adware.win32.ejik.ec variant runtime detection - auto update (pua-adware.rules)
 * 1:1394 <-> DISABLED <-> INDICATOR-SHELLCODE x86 inc ecx NOOP (indicator-shellcode.rules)
 * 1:13940 <-> DISABLED <-> PUA-ADWARE Hijacker win32.bho.bgf outbound connection (pua-adware.rules)
 * 1:13941 <-> DISABLED <-> MALWARE-CNC Win.Trojan.agent.nac variant outbound connection click fraud (malware-cnc.rules)
 * 1:13942 <-> DISABLED <-> MALWARE-CNC Win.Trojan.agent.nac variant outbound connection call home (malware-cnc.rules)
 * 1:13943 <-> ENABLED <-> PUA-ADWARE Trickler dropper agent.rqg outbound connection (pua-adware.rules)
 * 1:13944 <-> DISABLED <-> MALWARE-CNC Win.Trojan.small.gy variant outbound connection get whitelist (malware-cnc.rules)
 * 1:13945 <-> DISABLED <-> MALWARE-CNC Win.Trojan.small.gy variant outbound connection update (malware-cnc.rules)
 * 1:13948 <-> DISABLED <-> PROTOCOL-DNS large number of NXDOMAIN replies - possible DNS cache poisoning (protocol-dns.rules)
 * 1:13949 <-> DISABLED <-> PROTOCOL-DNS excessive outbound NXDOMAIN replies - possible spoof of domain run by local DNS servers (protocol-dns.rules)
 * 1:1395 <-> DISABLED <-> SERVER-WEBAPP zml.cgi attempt (server-webapp.rules)
 * 1:13950 <-> DISABLED <-> FILE-JAVA Oracle Java Web Start JNLP attribute buffer overflow attempt (file-java.rules)
 * 1:13951 <-> DISABLED <-> SERVER-WEBAPP Oracle Database Server buffer overflow attempt (server-webapp.rules)
 * 1:13953 <-> DISABLED <-> MALWARE-CNC Asprox trojan initial query (malware-cnc.rules)
 * 1:1396 <-> DISABLED <-> SERVER-WEBAPP zml.cgi access (server-webapp.rules)
 * 1:13960 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer static text range overflow attempt (browser-ie.rules)
 * 1:13961 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer table layout access violation vulnerability (browser-ie.rules)
 * 1:13962 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer MHTML zone control bypass attempt (browser-ie.rules)
 * 1:13963 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer argument validation in print preview handling exploitation attempt (browser-ie.rules)
 * 1:13964 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer span frontier parsing memory corruption attempt (browser-ie.rules)
 * 1:13965 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Message System ActiveX clsid access (browser-plugins.rules)
 * 1:13967 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Message System ActiveX function call access (browser-plugins.rules)
 * 1:1397 <-> DISABLED <-> SERVER-WEBAPP wayboard attempt (server-webapp.rules)
 * 1:13970 <-> DISABLED <-> FILE-OFFICE Microsoft Office eps filters memory corruption attempt (file-office.rules)
 * 1:13971 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint TxMasterStyle10Atom atom numLevels buffer overflow attempt (file-office.rules)
 * 1:13972 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel country record arbitrary code execution attempt (file-office.rules)
 * 1:13974 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer XHTML element memory corruption attempt (browser-ie.rules)
 * 1:13975 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Event System ActiveX clsid access  (browser-plugins.rules)
 * 1:13976 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Event System ActiveX clsid unicode access  (browser-plugins.rules)
 * 1:13977 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Event System ActiveX function call access  (browser-plugins.rules)
 * 1:13978 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Event System ActiveX function call unicode access  (browser-plugins.rules)
 * 1:13979 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Event System Subscription VBScript access (os-windows.rules)
 * 1:1398 <-> DISABLED <-> SERVER-OTHER CDE dtspcd exploit attempt (server-other.rules)
 * 1:13980 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer http status response memory corruption vulnerability (browser-ie.rules)
 * 1:13981 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed chart arbitrary code execution attempt (file-office.rules)
 * 1:13983 <-> ENABLED <-> FILE-IDENTIFY EPS file download request (file-identify.rules)
 * 1:13987 <-> DISABLED <-> INDICATOR-OBFUSCATION oversized convert statement - possible sql injection obfuscation (indicator-obfuscation.rules)
 * 1:13988 <-> DISABLED <-> INDICATOR-OBFUSCATION large number of calls to ascii function - possible sql injection obfuscation (indicator-obfuscation.rules)
 * 1:13989 <-> DISABLED <-> INDICATOR-OBFUSCATION large number of calls to char function - possible sql injection obfuscation (indicator-obfuscation.rules)
 * 1:1399 <-> DISABLED <-> SERVER-WEBAPP PHP-Nuke remote file include attempt (server-webapp.rules)
 * 1:13990 <-> DISABLED <-> SQL union select - possible sql injection attempt - GET parameter (sql.rules)
 * 1:13991 <-> DISABLED <-> SQL xp_regaddmultistring attempt (sql.rules)
 * 1:13992 <-> DISABLED <-> SQL xp_regdeletevalue attempt (sql.rules)
 * 1:13993 <-> DISABLED <-> SQL xp_regenumkeys attempt (sql.rules)
 * 1:13994 <-> DISABLED <-> SQL xp_regenumvalues attempt (sql.rules)
 * 1:13995 <-> DISABLED <-> SQL xp_regremovemultistring attempt (sql.rules)
 * 1:13996 <-> DISABLED <-> SQL xp_servicecontrol attempt (sql.rules)
 * 1:13997 <-> DISABLED <-> SQL xp_loginconfig attempt (sql.rules)
 * 1:13998 <-> DISABLED <-> SQL xp_terminate_process attempt (sql.rules)
 * 1:1400 <-> DISABLED <-> SERVER-IIS /scripts/samples/ access (server-iis.rules)
 * 1:14008 <-> DISABLED <-> INDICATOR-OBFUSCATION large number of calls to concat function - possible sql injection obfuscation (indicator-obfuscation.rules)
 * 1:1401 <-> DISABLED <-> SERVER-IIS /msadc/samples/ access (server-iis.rules)
 * 1:14013 <-> DISABLED <-> BROWSER-PLUGINS Cisco WebEx Meeting Manager atucfobj ActiveX clsid access (browser-plugins.rules)
 * 1:14015 <-> DISABLED <-> BROWSER-PLUGINS Cisco WebEx Meeting Manager atucfobj ActiveX function call access (browser-plugins.rules)
 * 1:14017 <-> ENABLED <-> FILE-IDENTIFY MPEG Layer 3 playlist file download request (file-identify.rules)
 * 1:14018 <-> ENABLED <-> FILE-IDENTIFY PLS multimedia playlist file download request (file-identify.rules)
 * 1:14019 <-> DISABLED <-> FILE-MULTIMEDIA CyberLink PowerDVD playlist file handling stack overflow attempt (file-multimedia.rules)
 * 1:1402 <-> DISABLED <-> SERVER-IIS iissamples access (server-iis.rules)
 * 1:14020 <-> DISABLED <-> FILE-MULTIMEDIA CyberLink PowerDVD playlist file handling stack overflow attempt (file-multimedia.rules)
 * 1:14021 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Studio Msmask32 ActiveX clsid access (browser-plugins.rules)
 * 1:14023 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Studio Msmask32 ActiveX function call access (browser-plugins.rules)
 * 1:14025 <-> DISABLED <-> BROWSER-PLUGINS Computer Associates gui_cm_ctrls ActiveX clsid access (browser-plugins.rules)
 * 1:14027 <-> DISABLED <-> BROWSER-PLUGINS CA DSM gui_cm_ctrls ActiveX function call access (browser-plugins.rules)
 * 1:14029 <-> DISABLED <-> BROWSER-PLUGINS Computer Associates gui_cm_ctrls ActiveX clsid access (browser-plugins.rules)
 * 1:14031 <-> DISABLED <-> BROWSER-PLUGINS Computer Associates gui_cm_ctrls ActiveX function call access (browser-plugins.rules)
 * 1:14033 <-> DISABLED <-> BROWSER-PLUGINS Orbit Downloader ActiveX clsid access (browser-plugins.rules)
 * 1:14035 <-> DISABLED <-> BROWSER-PLUGINS Orbit Downloader ActiveX function call access (browser-plugins.rules)
 * 1:14037 <-> DISABLED <-> BROWSER-PLUGINS Novell iPrint ActiveX clsid access (browser-plugins.rules)
 * 1:14038 <-> DISABLED <-> BROWSER-PLUGINS Novell iPrint ActiveX function call access (browser-plugins.rules)
 * 1:14039 <-> DISABLED <-> FILE-OTHER GNOME Project libxslt RC4 key string buffer overflow attempt (file-other.rules)
 * 1:14040 <-> DISABLED <-> SERVER-OTHER GNOME Project libxslt RC4 key string buffer overflow attempt (server-other.rules)
 * 1:14041 <-> DISABLED <-> SERVER-OTHER GNOME Project libxslt RC4 key string buffer overflow attempt - 2 (server-other.rules)
 * 1:14042 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer General Property Page ActiveX clsid access (browser-plugins.rules)
 * 1:14044 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer Playback Handler ActiveX function call access (browser-plugins.rules)
 * 1:14046 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RMP Download Handler ActiveX function call access (browser-plugins.rules)
 * 1:14048 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RNX Download Handler ActiveX function call access (browser-plugins.rules)
 * 1:1405 <-> DISABLED <-> SERVER-WEBAPP AHG search.cgi access (server-webapp.rules)
 * 1:14050 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer SMIL Download Handler ActiveX function call access (browser-plugins.rules)
 * 1:14052 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer Stream Handler ActiveX function call access (browser-plugins.rules)
 * 1:14054 <-> DISABLED <-> PUA-ADWARE Adware AdwareALERT runtime detection - auto update (pua-adware.rules)
 * 1:14055 <-> DISABLED <-> PUA-TOOLBARS Hijacker rediff toolbar runtime detection - hijack ie auto search (pua-toolbars.rules)
 * 1:14056 <-> DISABLED <-> PUA-TOOLBARS Hijacker rediff toolbar runtime detection - get news info (pua-toolbars.rules)
 * 1:14057 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user agent - DMFR (malware-cnc.rules)
 * 1:14058 <-> DISABLED <-> PUA-ADWARE Hijacker cpush 2 outbound connection - pass info to controlling server (pua-adware.rules)
 * 1:14059 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user agent - CPUSH_HOMEPAGE (malware-cnc.rules)
 * 1:1406 <-> DISABLED <-> SERVER-WEBAPP agora.cgi access (server-webapp.rules)
 * 1:14060 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user agent - CPUSH_UPDATER (malware-cnc.rules)
 * 1:14061 <-> DISABLED <-> PUA-ADWARE Trickler antimalware guard runtime detection - order/register request (pua-adware.rules)
 * 1:14062 <-> DISABLED <-> PUA-ADWARE Trickler antimalware guard runtime detection - auto update (pua-adware.rules)
 * 1:14063 <-> DISABLED <-> PUA-ADWARE Hijacker cashon outbound connection - hijack ie searches (pua-adware.rules)
 * 1:14064 <-> DISABLED <-> PUA-ADWARE Hijacker cashon outbound connection - auto update (pua-adware.rules)
 * 1:14065 <-> DISABLED <-> MALWARE-OTHER Keylogger emptybase j runtime detection (malware-other.rules)
 * 1:14066 <-> DISABLED <-> PUA-ADWARE Adware winsecuredisc runtime detection (pua-adware.rules)
 * 1:14067 <-> DISABLED <-> PUA-ADWARE Adware swizzor runtime detection (pua-adware.rules)
 * 1:14068 <-> DISABLED <-> PUA-ADWARE Adware rond runtime detection (pua-adware.rules)
 * 1:14069 <-> DISABLED <-> PUA-ADWARE Adware brave sentry runtime detection - order request (pua-adware.rules)
 * 1:1407 <-> DISABLED <-> SERVER-WEBAPP smssend.php access (server-webapp.rules)
 * 1:14070 <-> DISABLED <-> PUA-ADWARE Adware brave sentry runtime detection - self update (pua-adware.rules)
 * 1:14071 <-> DISABLED <-> PUA-ADWARE Hijacker Adware bho.gen runtime detection - pop-up window traffic #1 (pua-adware.rules)
 * 1:14072 <-> DISABLED <-> PUA-ADWARE Hijacker Adware bho.gen runtime detection - pop-up window traffic #2 (pua-adware.rules)
 * 1:14073 <-> DISABLED <-> PUA-ADWARE Hijacker Adware bho.gen runtime detection - prompt download page (pua-adware.rules)
 * 1:14074 <-> DISABLED <-> MALWARE-OTHER Keylogger spybosspro 4.2 runtime detection (malware-other.rules)
 * 1:14075 <-> DISABLED <-> MALWARE-OTHER Keylogger ultimate Keylogger pro runtime detection (malware-other.rules)
 * 1:14076 <-> DISABLED <-> PUA-ADWARE Hijacker Adware win32 mostofate runtime detection - hijack search (pua-adware.rules)
 * 1:14077 <-> DISABLED <-> PUA-ADWARE Hijacker Adware win32 mostofate runtime detection - redirect search results (pua-adware.rules)
 * 1:14078 <-> DISABLED <-> PUA-ADWARE Adware winspywareprotect runtime detection - download malicous code (pua-adware.rules)
 * 1:14079 <-> DISABLED <-> PUA-ADWARE Adware winspywareprotect runtime detection - connection to malicious sites (pua-adware.rules)
 * 1:1408 <-> DISABLED <-> SERVER-OTHER MSDTC attempt (server-other.rules)
 * 1:14080 <-> DISABLED <-> PUA-ADWARE Adware winspywareprotect runtime detection - connection to malicious server (pua-adware.rules)
 * 1:14081 <-> DISABLED <-> MALWARE-CNC Win.Trojan.agent.aarm variant outbound connection call home (malware-cnc.rules)
 * 1:14082 <-> DISABLED <-> MALWARE-CNC Win.Trojan.agent.aarm variant outbound connection spread via spam (malware-cnc.rules)
 * 1:14083 <-> DISABLED <-> MALWARE-CNC Win.Trojan.agent.aarm variant outbound connection download other malware (malware-cnc.rules)
 * 1:14084 <-> DISABLED <-> MALWARE-CNC infostealer.banker.c variant outbound connection download cfg.bin (malware-cnc.rules)
 * 1:14085 <-> DISABLED <-> MALWARE-CNC infostealer.banker.c variant outbound connection collect user info (malware-cnc.rules)
 * 1:14086 <-> DISABLED <-> MALWARE-CNC Adware.Win32.Agent.BM variant outbound connection 1 (malware-cnc.rules)
 * 1:14087 <-> DISABLED <-> MALWARE-CNC Adware.Win32.Agent.BM variant outbound connection 2 (malware-cnc.rules)
 * 1:14088 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 1 ActiveX clsid access (browser-plugins.rules)
 * 1:1409 <-> DISABLED <-> PROTOCOL-SNMP community string buffer overflow attempt (protocol-snmp.rules)
 * 1:14090 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 2 ActiveX clsid access (browser-plugins.rules)
 * 1:14092 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 3 ActiveX clsid access (browser-plugins.rules)
 * 1:14094 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 4 ActiveX clsid access (browser-plugins.rules)
 * 1:14096 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 5 ActiveX clsid access (browser-plugins.rules)
 * 1:14098 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 6 ActiveX clsid access (browser-plugins.rules)
 * 1:141 <-> DISABLED <-> MALWARE-BACKDOOR HackAttack 1.20 Connect (malware-backdoor.rules)
 * 1:1410 <-> DISABLED <-> SERVER-WEBAPP dcboard.cgi access (server-webapp.rules)
 * 1:14100 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 7 ActiveX clsid access (browser-plugins.rules)
 * 1:14102 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 8 ActiveX clsid access (browser-plugins.rules)
 * 1:14104 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 9 ActiveX clsid access (browser-plugins.rules)
 * 1:14106 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 10 ActiveX clsid access (browser-plugins.rules)
 * 1:14108 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 11 ActiveX clsid access (browser-plugins.rules)
 * 1:1411 <-> DISABLED <-> PROTOCOL-SNMP public access udp (protocol-snmp.rules)
 * 1:14110 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 12 ActiveX clsid access (browser-plugins.rules)
 * 1:14112 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 13 ActiveX clsid access (browser-plugins.rules)
 * 1:14114 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 14 ActiveX clsid access (browser-plugins.rules)
 * 1:14116 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 15 ActiveX clsid access (browser-plugins.rules)
 * 1:14118 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 16 ActiveX clsid access (browser-plugins.rules)
 * 1:1412 <-> DISABLED <-> PROTOCOL-SNMP public access tcp (protocol-snmp.rules)
 * 1:14120 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 17 ActiveX clsid access (browser-plugins.rules)
 * 1:14122 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 18 ActiveX clsid access (browser-plugins.rules)
 * 1:14124 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 19 ActiveX clsid access (browser-plugins.rules)
 * 1:14126 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 20 ActiveX clsid access (browser-plugins.rules)
 * 1:1206 <-> DISABLED <-> SERVER-WEBAPP cachemgr.cgi access (server-webapp.rules)
 * 1:12062 <-> DISABLED <-> BROWSER-PLUGINS HP Instant Support ActiveX clsid access (browser-plugins.rules)
 * 1:12064 <-> DISABLED <-> SERVER-IIS w3svc _vti_bin null pointer dereference attempt (server-iis.rules)
 * 1:12065 <-> DISABLED <-> POLICY-OTHER Outbound Teredo traffic detected (policy-other.rules)
 * 1:12066 <-> DISABLED <-> POLICY-OTHER Inbound Teredo traffic detected (policy-other.rules)
 * 1:12067 <-> DISABLED <-> POLICY-OTHER Outbound Teredo traffic detected (policy-other.rules)
 * 1:12068 <-> DISABLED <-> POLICY-OTHER Inbound Teredo traffic detected (policy-other.rules)
 * 1:12069 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Active Directory Crafted LDAP ModifyRequest (os-windows.rules)
 * 1:1207 <-> DISABLED <-> SERVER-WEBAPP htgrep access (server-webapp.rules)
 * 1:12070 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed version field (file-office.rules)
 * 1:12073 <-> DISABLED <-> PROTOCOL-VOIP inbound 100 Trying message (protocol-voip.rules)
 * 1:12074 <-> DISABLED <-> PROTOCOL-VOIP outbound 100 Trying message (protocol-voip.rules)
 * 1:12075 <-> DISABLED <-> PROTOCOL-RPC MIT Kerberos kadmind rpc library uninitialized pointer arbitrary code execution attempt (protocol-rpc.rules)
 * 1:12076 <-> DISABLED <-> SERVER-OTHER Ipswitch WS_FTP log server long unicode string (server-other.rules)
 * 1:12078 <-> DISABLED <-> SERVER-OTHER CA BrightStor ARCserve LGServer heap buffer overflow (server-other.rules)
 * 1:12079 <-> DISABLED <-> SERVER-OTHER CA BrightStor ARCserve LGServer stack buffer overflow attempt (server-other.rules)
 * 1:1208 <-> DISABLED <-> SERVER-WEBAPP responder.cgi access (server-webapp.rules)
 * 1:12080 <-> DISABLED <-> OS-SOLARIS Oracle Solaris printd arbitrary file deletion vulnerability (os-solaris.rules)
 * 1:12081 <-> DISABLED <-> SERVER-OTHER BakBone NetVault server heap overflow attempt (server-other.rules)
 * 1:12082 <-> DISABLED <-> SERVER-ORACLE Oracle 9i TNS denial of service attempt (server-oracle.rules)
 * 1:12083 <-> DISABLED <-> BROWSER-PLUGINS Data Dynamics ActiveBar Actbar3 ActiveX clsid access (browser-plugins.rules)
 * 1:12085 <-> DISABLED <-> BROWSER-PLUGINS Data Dynamics ActiveBar Actbar3 ActiveX function call access (browser-plugins.rules)
 * 1:12087 <-> DISABLED <-> BROWSER-PLUGINS McAfee NeoTrace ActiveX clsid access (browser-plugins.rules)
 * 1:12089 <-> DISABLED <-> BROWSER-PLUGINS McAfee NeoTrace ActiveX function call access (browser-plugins.rules)
 * 1:1209 <-> DISABLED <-> SERVER-WEBAPP .nsconfig access (server-webapp.rules)
 * 1:12091 <-> DISABLED <-> BROWSER-PLUGINS EldoS SecureBlackbox PGPBBox ActiveX clsid access (browser-plugins.rules)
 * 1:12093 <-> DISABLED <-> BROWSER-PLUGINS EldoS SecureBlackbox PGPBBox ActiveX function call access (browser-plugins.rules)
 * 1:12099 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel rtWindow1 record handling arbitrary code execution attempt (file-office.rules)
 * 1:121 <-> DISABLED <-> MALWARE-BACKDOOR Infector 1.6 Client to Server Connection Request (malware-backdoor.rules)
 * 1:12100 <-> DISABLED <-> NETBIOS DCERPC-NCACN-IP-TCP ca alert function 16/23 overflow attempt (netbios.rules)
 * 1:1211 <-> DISABLED <-> SERVER-WEBAPP web-map.cgi access (server-webapp.rules)
 * 1:12112 <-> DISABLED <-> PROTOCOL-VOIP Sivus scanner detected (protocol-voip.rules)
 * 1:12113 <-> DISABLED <-> PROTOCOL-VOIP SIP URI overflow attempt (protocol-voip.rules)
 * 1:12114 <-> DISABLED <-> SERVER-MAIL Ipswitch IMail search command buffer overflow attempt (server-mail.rules)
 * 1:12115 <-> DISABLED <-> SERVER-MAIL Ipswitch IMail search command buffer overflow attempt (server-mail.rules)
 * 1:12116 <-> DISABLED <-> BROWSER-PLUGINS Zenturi ProgramChecker SASATL ActiveX clsid access (browser-plugins.rules)
 * 1:12118 <-> DISABLED <-> BROWSER-PLUGINS Zenturi ProgramChecker SASATL ActiveX function call access (browser-plugins.rules)
 * 1:1212 <-> DISABLED <-> SERVER-WEBAPP Admin_files access (server-webapp.rules)
 * 1:12120 <-> DISABLED <-> PUA-ADWARE Adware pprich runtime detection - version check (pua-adware.rules)
 * 1:12121 <-> DISABLED <-> PUA-ADWARE Adware pprich runtime detection - udp info sent out (pua-adware.rules)
 * 1:12122 <-> DISABLED <-> PUA-TOOLBARS Trackware spynova runtime detection (pua-toolbars.rules)
 * 1:12123 <-> DISABLED <-> PUA-ADWARE Hijacker lookquick outbound connection - hijack ie (pua-adware.rules)
 * 1:12124 <-> DISABLED <-> PUA-ADWARE Hijacker lookquick outbound connection - monitor and collect user info (pua-adware.rules)
 * 1:12125 <-> DISABLED <-> PUA-TOOLBARS Trackware lookster toolbar runtime detection - hijack ie search assistant (pua-toolbars.rules)
 * 1:12126 <-> DISABLED <-> PUA-TOOLBARS Trackware lookster toolbar runtime detection - collect user information (pua-toolbars.rules)
 * 1:12127 <-> DISABLED <-> PUA-TOOLBARS Trackware lookster toolbar runtime detection - ads (pua-toolbars.rules)
 * 1:12128 <-> DISABLED <-> MALWARE-OTHER Keylogger remotekeylog.b runtime detection - init connection (malware-other.rules)
 * 1:12129 <-> ENABLED <-> MALWARE-OTHER Keylogger remotekeylog.b runtime detection - get sys info (malware-other.rules)
 * 1:1213 <-> DISABLED <-> SERVER-WEBAPP backup access (server-webapp.rules)
 * 1:12130 <-> DISABLED <-> MALWARE-OTHER Keylogger remotekeylog.b runtime detection - get sys info (malware-other.rules)
 * 1:12131 <-> ENABLED <-> MALWARE-OTHER Keylogger remotekeylog.b runtime detection - keylogging (malware-other.rules)
 * 1:12132 <-> DISABLED <-> MALWARE-OTHER Keylogger remotekeylog.b runtime detection - keylogging (malware-other.rules)
 * 1:12133 <-> ENABLED <-> MALWARE-OTHER Keylogger remotekeylog.b runtime detection - open url (malware-other.rules)
 * 1:12134 <-> DISABLED <-> MALWARE-OTHER Keylogger remotekeylog.b runtime detection - open url (malware-other.rules)
 * 1:12135 <-> ENABLED <-> MALWARE-OTHER Keylogger remotekeylog.b runtime detection - fun (malware-other.rules)
 * 1:12136 <-> DISABLED <-> MALWARE-OTHER Keylogger remotekeylog.b runtime detection - fun (malware-other.rules)
 * 1:12137 <-> DISABLED <-> MALWARE-OTHER Keylogger Keylogger king home 2.3 runtime detection (malware-other.rules)
 * 1:12138 <-> DISABLED <-> PUA-ADWARE Adware zamingo runtime detection (pua-adware.rules)
 * 1:12139 <-> DISABLED <-> MALWARE-OTHER Trackware stealth website logger 3.4 runtime detection (malware-other.rules)
 * 1:1214 <-> DISABLED <-> SERVER-WEBAPP intranet access (server-webapp.rules)
 * 1:12140 <-> DISABLED <-> PUA-ADWARE Hijacker cnnic update outbound connection (pua-adware.rules)
 * 1:12141 <-> DISABLED <-> MALWARE-OTHER Keylogger logit v1.0 runtime detection (malware-other.rules)
 * 1:12142 <-> ENABLED <-> MALWARE-BACKDOOR access remote pc runtime detection - init connection (malware-backdoor.rules)
 * 1:12143 <-> DISABLED <-> MALWARE-BACKDOOR access remote pc runtime detection - init connection (malware-backdoor.rules)
 * 1:12144 <-> ENABLED <-> MALWARE-BACKDOOR access remote pc runtime detection - rpc setup (malware-backdoor.rules)
 * 1:12145 <-> DISABLED <-> MALWARE-BACKDOOR access remote pc runtime detection - rpc setup (malware-backdoor.rules)
 * 1:12146 <-> ENABLED <-> MALWARE-BACKDOOR blue eye 1.0b runtime detection - init connection (malware-backdoor.rules)
 * 1:12147 <-> DISABLED <-> MALWARE-BACKDOOR blue eye 1.0b runtime detection - init connection (malware-backdoor.rules)
 * 1:12148 <-> ENABLED <-> MALWARE-BACKDOOR back orifice 2006 - v1.1.5 runtime detection - init connection (malware-backdoor.rules)
 * 1:12149 <-> DISABLED <-> MALWARE-BACKDOOR back orifice 2006 - v1.1.5 runtime detection - init connection (malware-backdoor.rules)
 * 1:1215 <-> DISABLED <-> SERVER-WEBAPP ministats admin access (server-webapp.rules)
 * 1:12150 <-> ENABLED <-> MALWARE-BACKDOOR cafeini 1.0 runtime detection - init connection (malware-backdoor.rules)
 * 1:12151 <-> DISABLED <-> MALWARE-BACKDOOR cafeini 1.0 runtime detection (malware-backdoor.rules)
 * 1:12152 <-> DISABLED <-> MALWARE-BACKDOOR optix pro v1.32 runtime detection - init connection (malware-backdoor.rules)
 * 1:12153 <-> ENABLED <-> MALWARE-BACKDOOR optix pro v1.32 runtime detection - download file (malware-backdoor.rules)
 * 1:12154 <-> ENABLED <-> MALWARE-BACKDOOR optix pro v1.32 runtime detection - download file (malware-backdoor.rules)
 * 1:12155 <-> DISABLED <-> MALWARE-BACKDOOR optix pro v1.32 runtime detection - download file (malware-backdoor.rules)
 * 1:12156 <-> ENABLED <-> MALWARE-BACKDOOR optix pro v1.32 runtime detection - upload file (malware-backdoor.rules)
 * 1:12157 <-> ENABLED <-> MALWARE-BACKDOOR optix pro v1.32 runtime detection - upload file (malware-backdoor.rules)
 * 1:12158 <-> DISABLED <-> MALWARE-BACKDOOR optix pro v1.32 runtime detection - upload file (malware-backdoor.rules)
 * 1:12159 <-> DISABLED <-> MALWARE-BACKDOOR optix pro v1.32 runtime detection - keylogging (malware-backdoor.rules)
 * 1:1216 <-> DISABLED <-> SERVER-WEBAPP filemail access (server-webapp.rules)
 * 1:12160 <-> ENABLED <-> MALWARE-BACKDOOR optix pro v1.32 runtime detection - screen capturing (malware-backdoor.rules)
 * 1:12161 <-> ENABLED <-> MALWARE-BACKDOOR optix pro v1.32 runtime detection - screen capturing (malware-backdoor.rules)
 * 1:12162 <-> DISABLED <-> MALWARE-BACKDOOR optix pro v1.32 runtime detection - screen capturing (malware-backdoor.rules)
 * 1:12650 <-> DISABLED <-> BROWSER-PLUGINS DB Software Laboratory VImpX ActiveX function call access (browser-plugins.rules)
 * 1:12652 <-> DISABLED <-> PUA-ADWARE Hijacker new.net domain 7.2.2 outbound connection - hijack browser (pua-adware.rules)
 * 1:12653 <-> DISABLED <-> PUA-ADWARE Hijacker new.net domain 7.2.2 outbound connection - download code (pua-adware.rules)
 * 1:12654 <-> DISABLED <-> PUA-ADWARE Hijacker rabio 4.2 outbound connection - hijack browser (pua-adware.rules)
 * 1:12655 <-> DISABLED <-> PUA-ADWARE Hijacker rabio 4.2 outbound connection - download updates (pua-adware.rules)
 * 1:12656 <-> DISABLED <-> PUA-ADWARE Adware icoo loader 2.5 runtime detection 1 (pua-adware.rules)
 * 1:12657 <-> DISABLED <-> PUA-ADWARE Adware icoo loader 2.5 runtime detection 2 (pua-adware.rules)
 * 1:12658 <-> DISABLED <-> PUA-ADWARE Adware winantivirus pro 2007 runtime detection (pua-adware.rules)
 * 1:12659 <-> DISABLED <-> PUA-ADWARE Trickler zlob media codec outbound connection - automatic updates (pua-adware.rules)
 * 1:12660 <-> DISABLED <-> PUA-ADWARE Trickler zlob media codec outbound connection - download redirect domains (pua-adware.rules)
 * 1:12661 <-> DISABLED <-> MALWARE-CNC troll.a variant outbound connection (malware-cnc.rules)
 * 1:12664 <-> DISABLED <-> BROWSER-IE Microsoft Windows ShellExecute and Internet Explorer 7 url handling code execution attempt (browser-ie.rules)
 * 1:12665 <-> DISABLED <-> SERVER-OTHER CA BrightStor LGSever username buffer overflow attempt (server-other.rules)
 * 1:12666 <-> DISABLED <-> SERVER-OTHER HP OpenView OVTrace buffer overflow attempt (server-other.rules)
 * 1:12667 <-> DISABLED <-> SERVER-OTHER CA BrightStor ARCServer malicious fileupload attempt (server-other.rules)
 * 1:1267 <-> DISABLED <-> PROTOCOL-RPC portmap nisd request TCP (protocol-rpc.rules)
 * 1:12672 <-> DISABLED <-> PUA-TOOLBARS Trackware searchmiracle elitebar runtime detection - get ads (pua-toolbars.rules)
 * 1:12674 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user agent - iebar (malware-cnc.rules)
 * 1:12675 <-> DISABLED <-> MALWARE-BACKDOOR Versi TheTheef Detection (malware-backdoor.rules)
 * 1:12676 <-> DISABLED <-> PUA-ADWARE Conspy Update Checking Detected (pua-adware.rules)
 * 1:12677 <-> DISABLED <-> PUA-ADWARE Adware ISTBar runtime detection - softwares (pua-adware.rules)
 * 1:12678 <-> DISABLED <-> PUA-ADWARE SpyTech Realtime Spy Detection (pua-adware.rules)
 * 1:12679 <-> DISABLED <-> PUA-TOOLBARS Trackware myway speedbar / mywebsearch toolbar user-agent detection (pua-toolbars.rules)
 * 1:1268 <-> DISABLED <-> PROTOCOL-RPC portmap pcnfsd request TCP (protocol-rpc.rules)
 * 1:12680 <-> DISABLED <-> PROTOCOL-VOIP Via header hostname buffer overflow attempt (protocol-voip.rules)
 * 1:12681 <-> DISABLED <-> PROTOCOL-VOIP SIP URI overflow attempt (protocol-voip.rules)
 * 1:12682 <-> DISABLED <-> PROTOCOL-VOIP From header field buffer overflow attempt (protocol-voip.rules)
 * 1:12683 <-> DISABLED <-> PROTOCOL-VOIP From header field buffer overflow attempt (protocol-voip.rules)
 * 1:12684 <-> DISABLED <-> MALWARE-BACKDOOR Sygate Remote Administration Engine (malware-backdoor.rules)
 * 1:12685 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager Express CAD Host buffer overflow (server-other.rules)
 * 1:12686 <-> DISABLED <-> POLICY-SOCIAL AIM Express usage (policy-social.rules)
 * 1:12687 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ShellExecute and IE7 url handling code execution attempt (os-windows.rules)
 * 1:12688 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ShellExecute and IE7 url handling code execution attempt (os-windows.rules)
 * 1:12689 <-> DISABLED <-> BROWSER-PLUGINS GlobalLink ConnectAndEnterRoom ActiveX clsid access (browser-plugins.rules)
 * 1:1269 <-> DISABLED <-> PROTOCOL-RPC portmap rexd request TCP (protocol-rpc.rules)
 * 1:12691 <-> DISABLED <-> PUA-P2P Outbound Joltid PeerEnabler traffic detected (pua-p2p.rules)
 * 1:12693 <-> DISABLED <-> PUA-ADWARE Hijacker personalweb outbound connection (pua-adware.rules)
 * 1:12694 <-> DISABLED <-> PUA-ADWARE Adware avsystemcare runtime detection (pua-adware.rules)
 * 1:12695 <-> DISABLED <-> PUA-ADWARE Adware coopen 3.6.1 runtime detection - initial connection (pua-adware.rules)
 * 1:12696 <-> DISABLED <-> PUA-ADWARE Adware coopen 3.6.1 runtime detection - automatic upgrade (pua-adware.rules)
 * 1:12697 <-> DISABLED <-> MALWARE-OTHER Trackware browser accelerator runtime detection - pass user information to server (malware-other.rules)
 * 1:12698 <-> DISABLED <-> MALWARE-OTHER Keylogger net vizo 5.2 runtime detection (malware-other.rules)
 * 1:12699 <-> ENABLED <-> MALWARE-BACKDOOR poison ivy 2.3.0 runtime detection - init connection (malware-backdoor.rules)
 * 1:1270 <-> DISABLED <-> PROTOCOL-RPC portmap rstatd request TCP (protocol-rpc.rules)
 * 1:12700 <-> DISABLED <-> MALWARE-BACKDOOR poison ivy 2.3.0 runtime detection - init connection (malware-backdoor.rules)
 * 1:12704 <-> DISABLED <-> SERVER-MAIL IBM Lotus Notes MIF viewer MIFFILE comment overflow (server-mail.rules)
 * 1:12705 <-> DISABLED <-> SERVER-MAIL IBM Lotus Notes MIF viewer statement overflow (server-mail.rules)
 * 1:12706 <-> DISABLED <-> SERVER-MAIL IBM Lotus Notes MIF viewer statement data overflow (server-mail.rules)
 * 1:12707 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer lyrics heap overflow attempt (file-multimedia.rules)
 * 1:12708 <-> DISABLED <-> PROTOCOL-RPC MIT Kerberos kadmind auth buffer overflow attempt (protocol-rpc.rules)
 * 1:1271 <-> DISABLED <-> PROTOCOL-RPC portmap rusers request TCP (protocol-rpc.rules)
 * 1:12710 <-> DISABLED <-> SERVER-OTHER ASN.1 constructed bit string (server-other.rules)
 * 1:12711 <-> DISABLED <-> SERVER-APACHE Apache Tomcat WebDAV system tag remote file disclosure attempt (server-apache.rules)
 * 1:12712 <-> DISABLED <-> PROTOCOL-SNMP oversized sysName set request (protocol-snmp.rules)
 * 1:12713 <-> DISABLED <-> SERVER-ORACLE Oracle Database Server pitrig_dropmetadata buffer overflow attempt (server-oracle.rules)
 * 1:12714 <-> DISABLED <-> BROWSER-PLUGINS WebEx GPCContainer ActiveX clsid access (browser-plugins.rules)
 * 1:12716 <-> DISABLED <-> BROWSER-PLUGINS WebEx GPCContainer ActiveX function call access (browser-plugins.rules)
 * 1:12718 <-> DISABLED <-> PUA-ADWARE Hijacker side find 1.0 outbound connection - initial connection (pua-adware.rules)
 * 1:12719 <-> DISABLED <-> PUA-ADWARE Hijacker side find 1.0 outbound connection - hijacks search engine (pua-adware.rules)
 * 1:1272 <-> DISABLED <-> PROTOCOL-RPC portmap sadmind request TCP (protocol-rpc.rules)
 * 1:12720 <-> DISABLED <-> PUA-ADWARE Adware pestbot runtime detection - update (pua-adware.rules)
 * 1:12721 <-> DISABLED <-> PUA-ADWARE Adware pestbot runtime detection - purchase (pua-adware.rules)
 * 1:12722 <-> DISABLED <-> PUA-ADWARE Hijacker sexyvideoscreensaver outbound connection (pua-adware.rules)
 * 1:12723 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user agent - WakeSpace (malware-cnc.rules)
 * 1:12724 <-> ENABLED <-> MALWARE-BACKDOOR dark moon 4.11 runtime detection (malware-backdoor.rules)
 * 1:12725 <-> DISABLED <-> MALWARE-BACKDOOR dark moon 4.11 runtime detection (malware-backdoor.rules)
 * 1:12726 <-> ENABLED <-> MALWARE-BACKDOOR bandook 1.35 runtime detection (malware-backdoor.rules)
 * 1:12727 <-> DISABLED <-> MALWARE-BACKDOOR bandook 1.35 runtime detection (malware-backdoor.rules)
 * 1:12728 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks SMIL wallclock stack overflow attempt (file-multimedia.rules)
 * 1:12729 <-> DISABLED <-> BROWSER-PLUGINS AOL Radio AmpX ActiveX clsid access (browser-plugins.rules)
 * 1:1273 <-> DISABLED <-> PROTOCOL-RPC portmap selection_svc request TCP (protocol-rpc.rules)
 * 1:12731 <-> DISABLED <-> BROWSER-PLUGINS AOL Radio AmpX ActiveX function call access (browser-plugins.rules)
 * 1:12733 <-> DISABLED <-> BROWSER-PLUGINS ComponentOne FlexGrid ActiveX clsid access (browser-plugins.rules)
 * 1:12735 <-> DISABLED <-> BROWSER-PLUGINS ComponentOne FlexGrid ActiveX function call access (browser-plugins.rules)
 * 1:12737 <-> DISABLED <-> BROWSER-PLUGINS Xunlei Thunder PPLAYER.DLL ActiveX clsid access (browser-plugins.rules)
 * 1:12739 <-> DISABLED <-> BROWSER-PLUGINS Xunlei Thunder PPLAYER.DLL ActiveX function call access (browser-plugins.rules)
 * 1:1274 <-> DISABLED <-> PROTOCOL-RPC portmap ttdbserv request TCP (protocol-rpc.rules)
 * 1:12741 <-> DISABLED <-> SERVER-OTHER Apple Quicktime TCP RTSP sdp type buffer overflow attempt (server-other.rules)
 * 1:12742 <-> DISABLED <-> SERVER-OTHER Apple Quicktime UDP RTSP sdp type buffer overflow attempt (server-other.rules)
 * 1:12743 <-> DISABLED <-> FILE-MULTIMEDIA FLAC libFLAC picture description metadata buffer overflow attempt (file-multimedia.rules)
 * 1:12744 <-> DISABLED <-> FILE-MULTIMEDIA FLAC libFLAC VORBIS string buffer overflow attempt (file-multimedia.rules)
 * 1:12745 <-> DISABLED <-> FILE-MULTIMEDIA FLAC libFLAC picture metadata buffer overflow attempt (file-multimedia.rules)
 * 1:12746 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime invalid stsd atom out of bounds read attempt (file-multimedia.rules)
 * 1:12747 <-> DISABLED <-> BROWSER-PLUGINS BitDefender Online Scanner ActiveX clsid access (browser-plugins.rules)
 * 1:12749 <-> DISABLED <-> BROWSER-PLUGINS BitDefender Online Scanner ActiveX function call access (browser-plugins.rules)
 * 1:1275 <-> DISABLED <-> PROTOCOL-RPC portmap yppasswd request TCP (protocol-rpc.rules)
 * 1:12751 <-> DISABLED <-> BROWSER-PLUGINS RichFX Basic Player ActiveX clsid access (browser-plugins.rules)
 * 1:12753 <-> DISABLED <-> BROWSER-PLUGINS RichFX Basic Player ActiveX function call access (browser-plugins.rules)
 * 1:12755 <-> DISABLED <-> BROWSER-PLUGINS PPStream PowerList ActiveX clsid access (browser-plugins.rules)
 * 1:12757 <-> DISABLED <-> FILE-IMAGE Apple QuickTime uncompressed PICT stack overflow attempt (file-image.rules)
 * 1:12758 <-> ENABLED <-> MALWARE-OTHER Keylogger/RAT digi watcher 2.32 runtime detection (malware-other.rules)
 * 1:12759 <-> DISABLED <-> MALWARE-OTHER Keylogger/RAT digi watcher 2.32 runtime detection (malware-other.rules)
 * 1:1276 <-> DISABLED <-> PROTOCOL-RPC portmap ypserv request TCP (protocol-rpc.rules)
 * 1:12760 <-> ENABLED <-> MALWARE-OTHER Keylogger powered Keylogger 2.2 runtime detection (malware-other.rules)
 * 1:12761 <-> DISABLED <-> MALWARE-OTHER Keylogger powered Keylogger 2.2 runtime detection (malware-other.rules)
 * 1:12762 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Toolbar Helper Class ActiveX clsid access (browser-plugins.rules)
 * 1:12764 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Toolbar Helper Class ActiveX function call access (browser-plugins.rules)
 * 1:12766 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RMOC3260.DLL ActiveX clsid access (browser-plugins.rules)
 * 1:12767 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RMOC3260.DLL ActiveX function call access (browser-plugins.rules)
 * 1:12768 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RMOC3260.DLL ActiveX function call access (browser-plugins.rules)
 * 1:1277 <-> DISABLED <-> PROTOCOL-RPC portmap ypupdated request UDP (protocol-rpc.rules)
 * 1:12770 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows obfuscated RDS.Dataspace ActiveX exploit attempt (browser-plugins.rules)
 * 1:12771 <-> DISABLED <-> BROWSER-PLUGINS obfuscated BaoFeng Storm MPS.dll ActiveX exploit attempt (browser-plugins.rules)
 * 1:12772 <-> DISABLED <-> BROWSER-PLUGINS obfuscated PPStream PowerPlayer ActiveX exploit attempt (browser-plugins.rules)
 * 1:12773 <-> DISABLED <-> BROWSER-PLUGINS obfuscated Xunlei Thunder PPLAYER.DLL ActiveX exploit attempt (browser-plugins.rules)
 * 1:12774 <-> DISABLED <-> BROWSER-PLUGINS obfuscated GlobalLink ConnectAndEnterRoom ActiveX exploit attempt (browser-plugins.rules)
 * 1:12775 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer obfuscated Ierpplug.dll ActiveX exploit attempt (browser-plugins.rules)
 * 1:12780 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 4 Vulnerable Methods ActiveX clsid access attempt (browser-plugins.rules)
 * 1:12782 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 4 Vulnerable Methods ActiveX function call access attempt (browser-plugins.rules)
 * 1:12784 <-> DISABLED <-> SERVER-OTHER CA ARCserve LGServer stack buffer overflow attempt (server-other.rules)
 * 1:12785 <-> DISABLED <-> SERVER-OTHER CA ARCserve LGServer stack buffer overflow attempt (server-other.rules)
 * 1:12786 <-> DISABLED <-> SERVER-OTHER CA ARCserve LGServer stack buffer overflow attempt (server-other.rules)
 * 1:12789 <-> DISABLED <-> PUA-ADWARE Adware sunshine spy 1.0 runtime detection - check update (pua-adware.rules)
 * 1:1279 <-> DISABLED <-> PROTOCOL-RPC portmap snmpXdmi request UDP (protocol-rpc.rules)
 * 1:12790 <-> DISABLED <-> MALWARE-OTHER Trackware partypoker runtime detection (malware-other.rules)
 * 1:12791 <-> DISABLED <-> PUA-TOOLBARS Adware gophoria toolbar runtime detection (pua-toolbars.rules)
 * 1:12792 <-> ENABLED <-> MALWARE-OTHER Keylogger spy lantern Keylogger pro 6.0 runtime detection (malware-other.rules)
 * 1:12793 <-> DISABLED <-> MALWARE-OTHER Keylogger spy lantern Keylogger pro 6.0 runtime detection (malware-other.rules)
 * 1:12794 <-> DISABLED <-> PUA-ADWARE Hijacker gralicwrap outbound connection - search frauddb process (pua-adware.rules)
 * 1:12795 <-> DISABLED <-> PUA-ADWARE Hijacker gralicwrap outbound connection - display frauddb information (pua-adware.rules)
 * 1:12796 <-> DISABLED <-> PUA-TOOLBARS Trackware happytofind toolbar runtime detection (pua-toolbars.rules)
 * 1:12797 <-> DISABLED <-> PUA-ADWARE Adware x-con spyware destroyer eh 3.2.8 runtime detection (pua-adware.rules)
 * 1:12798 <-> DISABLED <-> INDICATOR-SHELLCODE base64 x86 NOOP (indicator-shellcode.rules)
 * 1:12799 <-> DISABLED <-> INDICATOR-SHELLCODE base64 x86 NOOP (indicator-shellcode.rules)
 * 1:1280 <-> DISABLED <-> PROTOCOL-RPC portmap listing UDP 111 (protocol-rpc.rules)
 * 1:12800 <-> DISABLED <-> INDICATOR-SHELLCODE base64 x86 NOOP (indicator-shellcode.rules)
 * 1:12801 <-> DISABLED <-> INDICATOR-SHELLCODE base64 x86 NOOP (indicator-shellcode.rules)
 * 1:12802 <-> DISABLED <-> INDICATOR-SHELLCODE base64 x86 NOOP (indicator-shellcode.rules)
 * 1:12803 <-> DISABLED <-> BROWSER-PLUGINS VideoLAN VLC ActiveX clsid access (browser-plugins.rules)
 * 1:12805 <-> DISABLED <-> BROWSER-PLUGINS VideoLAN VLC ActiveX function call access (browser-plugins.rules)
 * 1:12807 <-> ENABLED <-> FILE-IDENTIFY Lotus 123 file attachment (file-identify.rules)
 * 1:12808 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP spoolss OpenPrinter overflow attempt (netbios.rules)
 * 1:1281 <-> DISABLED <-> PROTOCOL-RPC portmap listing UDP 32771 (protocol-rpc.rules)
 * 1:1283 <-> DISABLED <-> SERVER-IIS Microsoft Office Outlook web dos (server-iis.rules)
 * 1:1284 <-> DISABLED <-> SERVER-OTHER readme.eml download attempt (server-other.rules)
 * 1:1285 <-> DISABLED <-> SERVER-IIS msdac access (server-iis.rules)
 * 1:1286 <-> DISABLED <-> SERVER-IIS _mem_bin access (server-iis.rules)
 * 1:1288 <-> DISABLED <-> SERVER-OTHER Microsoft Frontpage /_vti_bin/ access (server-other.rules)
 * 1:1289 <-> DISABLED <-> PROTOCOL-TFTP GET Admin.dll (protocol-tftp.rules)
 * 1:1290 <-> DISABLED <-> FILE-OTHER readme.eml autoload attempt (file-other.rules)
 * 1:12904 <-> DISABLED <-> SERVER-OTHER Veritas NetBackup vmd shared library buffer overflow attempt (server-other.rules)
 * 1:1291 <-> DISABLED <-> SERVER-WEBAPP sml3com access (server-webapp.rules)
 * 1:12910 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP brightstor-arc3 CA opcode 4 attempt (netbios.rules)
 * 1:12916 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP brightstor-arc3 CA opcode 12 attempt (netbios.rules)
 * 1:1292 <-> DISABLED <-> INDICATOR-COMPROMISE directory listing (indicator-compromise.rules)
 * 1:12922 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP brightstor-arc3 CA opcode 16 attempt (netbios.rules)
 * 1:12928 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP brightstor-arc3 CA opcode 18 attempt (netbios.rules)
 * 1:12934 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP brightstor-arc3 CA opcode 19 attempt (netbios.rules)
 * 1:12940 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP brightstor-arc2 CA call 269 overflow attempt (netbios.rules)
 * 1:12946 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB-DS SMBv2 protocol negotiation attempt (os-windows.rules)
 * 1:12947 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB SMBv2 protocol negotiation attempt (os-windows.rules)
 * 1:12948 <-> DISABLED <-> BROWSER-PLUGINS Vantage Linguistics 1 ActiveX clsid access (browser-plugins.rules)
 * 1:1295 <-> DISABLED <-> INDICATOR-COMPROMISE nimda RICHED20.DLL (indicator-compromise.rules)
 * 1:12950 <-> DISABLED <-> BROWSER-PLUGINS Vantage Linguistics 2 ActiveX clsid access (browser-plugins.rules)
 * 1:12952 <-> DISABLED <-> BROWSER-PLUGINS Vantage Linguistics 3 ActiveX clsid access (browser-plugins.rules)
 * 1:12954 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DXLTPI.DLL ActiveX clsid access (browser-plugins.rules)
 * 1:12957 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSN Heartbeat 2 ActiveX clsid access (browser-plugins.rules)
 * 1:12959 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer MSN Heartbeat 3 ActiveX clsid access (browser-plugins.rules)
 * 1:12961 <-> DISABLED <-> BROWSER-PLUGINS Intuit QuickBooks Online Import 1 ActiveX clsid access (browser-plugins.rules)
 * 1:12963 <-> DISABLED <-> BROWSER-PLUGINS Intuit QuickBooks Online Import 2 ActiveX clsid access (browser-plugins.rules)
 * 1:12965 <-> DISABLED <-> BROWSER-PLUGINS Intuit QuickBooks Online Import 3 ActiveX clsid access (browser-plugins.rules)
 * 1:12967 <-> DISABLED <-> BROWSER-PLUGINS Intuit QuickBooks Online Import 4 ActiveX clsid access (browser-plugins.rules)
 * 1:12969 <-> DISABLED <-> BROWSER-PLUGINS Intuit QuickBooks Online Import 5 ActiveX clsid access (browser-plugins.rules)
 * 1:12971 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX directshow wav file overflow attempt (file-multimedia.rules)
 * 1:12972 <-> ENABLED <-> FILE-IDENTIFY Microsoft Media Player asf/wmv/wma file magic detected (file-identify.rules)
 * 1:12977 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP mqqm QMCreateObjectInternal overflow attempt (os-windows.rules)
 * 1:12978 <-> DISABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP mqqm QMCreateObjectInternal overflow attempt (os-windows.rules)
 * 1:12983 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX SAMI file CRawParser buffer overflow attempt (file-multimedia.rules)
 * 1:12984 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP srvsvc NetSetFileSecurity integer overflow attempt (netbios.rules)
 * 1:12985 <-> DISABLED <-> NETBIOS DCERPC NCADG-IP-UDP srvsvc NetSetFileSecurity integer overflow attempt (netbios.rules)
 * 1:1300 <-> DISABLED <-> SERVER-WEBAPP admin.php file upload attempt (server-webapp.rules)
 * 1:1301 <-> DISABLED <-> SERVER-WEBAPP admin.php access (server-webapp.rules)
 * 1:1302 <-> DISABLED <-> SERVER-WEBAPP console.exe access (server-webapp.rules)
 * 1:1303 <-> DISABLED <-> SERVER-WEBAPP cs.exe access (server-webapp.rules)
 * 1:1304 <-> DISABLED <-> SERVER-WEBAPP txt2html.cgi access (server-webapp.rules)
 * 1:1305 <-> DISABLED <-> SERVER-WEBAPP txt2html.cgi directory traversal attempt (server-webapp.rules)
 * 1:1307 <-> DISABLED <-> SERVER-WEBAPP store.cgi access (server-webapp.rules)
 * 1:1308 <-> DISABLED <-> SERVER-WEBAPP sendmessage.cgi access (server-webapp.rules)
 * 1:1309 <-> DISABLED <-> SERVER-WEBAPP zsh access (server-webapp.rules)
 * 1:13158 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Media Player asf streaming format interchange data integer overflow attempt (file-multimedia.rules)
 * 1:13159 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Media Player asf streaming format audio error masking integer overflow attempt (file-multimedia.rules)
 * 1:13160 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Media Player asf streaming audio spread error correction data length integer overflow attempt (file-multimedia.rules)
 * 1:13161 <-> DISABLED <-> SERVER-OTHER HP OpenView CGI parameter buffer overflow attempt (server-other.rules)
 * 1:13162 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP spoolss EnumPrinters overflow attempt (netbios.rules)
 * 1:13210 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP mqqm QMObjectPathToObjectFormat overflow attempt (os-windows.rules)
 * 1:13211 <-> DISABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP mqqm QMObjectPathToObjectFormat overflow attempt (os-windows.rules)
 * 1:13219 <-> DISABLED <-> BROWSER-PLUGINS HP Software Update RulesEngine.dll ActiveX clsid access (browser-plugins.rules)
 * 1:13221 <-> DISABLED <-> SERVER-OTHER Motorola Timbuktu crafted login request buffer overflow attempt (server-other.rules)
 * 1:13222 <-> DISABLED <-> SERVER-OTHER Motorola Timbuktu crafted login request buffer overflow attempt (server-other.rules)
 * 1:13223 <-> DISABLED <-> PROTOCOL-RPC MIT Kerberos kadmind rpc library uninitialized pointer arbitrary code execution attempt (protocol-rpc.rules)
 * 1:13224 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Toolbar YShortcut ActiveX clsid access (browser-plugins.rules)
 * 1:13226 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Toolbar YShortcut ActiveX function call access (browser-plugins.rules)
 * 1:13228 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 1 ActiveX clsid access (browser-plugins.rules)
 * 1:1323 <-> DISABLED <-> SERVER-OTHER rwhoisd format string attempt (server-other.rules)
 * 1:13230 <-> DISABLED <-> BROWSER-PLUGINS HP eSupportDiagnostics 2 ActiveX clsid access (browser-plugins.rules)
 * 1:13232 <-> DISABLED <-> BROWSER-PLUGINS Persits Software XUpload ActiveX clsid access (browser-plugins.rules)
 * 1:13234 <-> DISABLED <-> BROWSER-PLUGINS Persits Software XUpload ActiveX function call access (browser-plugins.rules)
 * 1:13236 <-> ENABLED <-> MALWARE-OTHER Keylogger active Keylogger 3.9.2 runtime detection (malware-other.rules)
 * 1:13237 <-> DISABLED <-> MALWARE-OTHER Keylogger active Keylogger 3.9.2 runtime detection (malware-other.rules)
 * 1:13238 <-> DISABLED <-> PUA-ADWARE Adware adult p2p 1.5 runtime detection (pua-adware.rules)
 * 1:13239 <-> DISABLED <-> PUA-TOOLBARS Hijacker blue wave adult links toolbar runtime detection (pua-toolbars.rules)
 * 1:1324 <-> DISABLED <-> INDICATOR-SHELLCODE ssh CRC32 overflow /bin/sh (indicator-shellcode.rules)
 * 1:13240 <-> DISABLED <-> PUA-ADWARE Adware live protection 2.1 runtime detection - redirects to purchase page (pua-adware.rules)
 * 1:13241 <-> DISABLED <-> PUA-ADWARE Adware live protection 2.1 runtime detection - application updates (pua-adware.rules)
 * 1:13242 <-> DISABLED <-> PUA-ADWARE Adware netpumper 1.26 runtime detection (pua-adware.rules)
 * 1:13243 <-> ENABLED <-> MALWARE-OTHER Keylogger computer monitor 1.1 by lastcomfort runtime detection (malware-other.rules)
 * 1:13244 <-> DISABLED <-> MALWARE-OTHER Keylogger computer monitor 1.1 by lastcomfort runtime detection (malware-other.rules)
 * 1:13246 <-> DISABLED <-> MALWARE-BACKDOOR troya 1.4 inbound connection (malware-backdoor.rules)
 * 1:13247 <-> ENABLED <-> MALWARE-BACKDOOR yuri 1.2 runtime detection - init connection (malware-backdoor.rules)
 * 1:13248 <-> DISABLED <-> MALWARE-CNC yuri 1.2 variant outbound connection (malware-cnc.rules)
 * 1:13249 <-> DISABLED <-> PROTOCOL-DNS dns response for rfc1918 10/8 address detected (protocol-dns.rules)
 * 1:1325 <-> DISABLED <-> INDICATOR-SHELLCODE ssh CRC32 overflow filler (indicator-shellcode.rules)
 * 1:13250 <-> DISABLED <-> PROTOCOL-RPC portmap 390113 tcp request (protocol-rpc.rules)
 * 1:13251 <-> DISABLED <-> PROTOCOL-RPC portmap 390113 udp request (protocol-rpc.rules)
 * 1:13252 <-> DISABLED <-> PROTOCOL-RPC portmap 390113 tcp procedure 4 attempt (protocol-rpc.rules)
 * 1:13253 <-> DISABLED <-> PROTOCOL-RPC portmap 390113 udp procedure 4 attempt (protocol-rpc.rules)
 * 1:13256 <-> DISABLED <-> PROTOCOL-RPC portmap 390113 tcp procedure 5 attempt (protocol-rpc.rules)
 * 1:13257 <-> DISABLED <-> PROTOCOL-RPC portmap 390113 udp procedure 5 attempt (protocol-rpc.rules)
 * 1:13258 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus Domino Web Access 6 ActiveX clsid access (browser-plugins.rules)
 * 1:1326 <-> DISABLED <-> INDICATOR-SHELLCODE ssh CRC32 overflow NOOP (indicator-shellcode.rules)
 * 1:13260 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus Domino Web Access 6 ActiveX function call access (browser-plugins.rules)
 * 1:13262 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus Domino Web Access 7 ActiveX clsid access (browser-plugins.rules)
 * 1:13264 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus Domino Web Access 7 ActiveX function call access (browser-plugins.rules)
 * 1:13266 <-> DISABLED <-> BROWSER-PLUGINS SkyFex Client ActiveX clsid access (browser-plugins.rules)
 * 1:13269 <-> DISABLED <-> OS-WINDOWS Multiple product nntp uri handling code execution attempt (os-windows.rules)
 * 1:1327 <-> DISABLED <-> INDICATOR-SHELLCODE ssh CRC32 overflow (indicator-shellcode.rules)
 * 1:13270 <-> DISABLED <-> OS-WINDOWS Multiple product news uri handling code execution attempt (os-windows.rules)
 * 1:13271 <-> DISABLED <-> OS-WINDOWS Multiple product telnet uri handling code execution attempt (os-windows.rules)
 * 1:13272 <-> DISABLED <-> OS-WINDOWS Multiple product mailto uri handling code execution attempt (os-windows.rules)
 * 1:13273 <-> DISABLED <-> BROWSER-PLUGINS DivX Web Player ActiveX clsid access (browser-plugins.rules)
 * 1:13275 <-> DISABLED <-> BROWSER-PLUGINS DivX Web Player ActiveX function call access (browser-plugins.rules)
 * 1:13277 <-> DISABLED <-> PUA-ADWARE Adware netword agent runtime detection (pua-adware.rules)
 * 1:13278 <-> ENABLED <-> MALWARE-OTHER Keylogger advanced spy 4.0 runtime detection (malware-other.rules)
 * 1:13279 <-> DISABLED <-> MALWARE-OTHER Keylogger advanced spy 4.0 runtime detection (malware-other.rules)
 * 1:13280 <-> ENABLED <-> MALWARE-OTHER Keylogger email spy monitor 6.9 runtime detection (malware-other.rules)
 * 1:13281 <-> DISABLED <-> MALWARE-OTHER Keylogger email spy monitor 6.9 runtime detection (malware-other.rules)
 * 1:13282 <-> DISABLED <-> PUA-TOOLBARS Adware jily ie toolbar runtime detection (pua-toolbars.rules)
 * 1:13283 <-> DISABLED <-> PUA-ADWARE Hijacker dreambar outbound connection (pua-adware.rules)
 * 1:13284 <-> DISABLED <-> PUA-ADWARE Adware netguarder web cleaner runtime detection (pua-adware.rules)
 * 1:13285 <-> DISABLED <-> PUA-ADWARE Hijacker phazebar outbound connection (pua-adware.rules)
 * 1:13286 <-> DISABLED <-> PUA-ADWARE Adware 3wplayer 1.7 runtime detection (pua-adware.rules)
 * 1:13287 <-> DISABLED <-> OS-WINDOWS Microsoft Windows remote kernel tcp/ip igmp vulnerability exploit attempt (os-windows.rules)
 * 1:13288 <-> DISABLED <-> OS-WINDOWS Microsoft Windows remote kernel tcp/ip icmp vulnerability exploit attempt (os-windows.rules)
 * 1:13289 <-> DISABLED <-> BROWSER-PLUGINS Gatway CWebLaunchCtl ActiveX clsid access (browser-plugins.rules)
 * 1:13291 <-> DISABLED <-> SERVER-SAMBA Samba send_mailslot buffer overflow attempt (server-samba.rules)
 * 1:13292 <-> DISABLED <-> PUA-OTHER Skype skype4com URI handler memory corruption attempt (pua-other.rules)
 * 1:13293 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime panorama atoms buffer overflow attempt (file-multimedia.rules)
 * 1:13294 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Rich TextBox ActiveX clsid access (browser-plugins.rules)
 * 1:13296 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Rich TextBox ActiveX clsid access (browser-plugins.rules)
 * 1:13298 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Rich TextBox ActiveX function call access (browser-plugins.rules)
 * 1:13300 <-> DISABLED <-> FILE-FLASH Adobe Flash Player embedded JPG image height overflow attempt (file-flash.rules)
 * 1:13302 <-> DISABLED <-> SERVER-APACHE Apache mod_imagemap cross site scripting attempt (server-apache.rules)
 * 1:13303 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual FoxPro 2 ActiveX clsid access (browser-plugins.rules)
 * 1:13305 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual FoxPro 2 ActiveX function call access (browser-plugins.rules)
 * 1:13312 <-> DISABLED <-> BROWSER-PLUGINS StreamAudio ProxyManager ActiveX clsid access (browser-plugins.rules)
 * 1:13314 <-> DISABLED <-> BROWSER-PLUGINS StreamAudio ProxyManager ActiveX function call access (browser-plugins.rules)
 * 1:13316 <-> DISABLED <-> FILE-MULTIMEDIA 3ivx MP4 file parsing ART buffer overflow attempt (file-multimedia.rules)
 * 1:13317 <-> DISABLED <-> FILE-MULTIMEDIA 3ivx MP4 file parsing nam buffer overflow attempt (file-multimedia.rules)
 * 1:13318 <-> DISABLED <-> FILE-MULTIMEDIA 3ivx MP4 file parsing cmt buffer overflow attempt (file-multimedia.rules)
 * 1:13319 <-> DISABLED <-> FILE-MULTIMEDIA 3ivx MP4 file parsing des buffer overflow attempt (file-multimedia.rules)
 * 1:13320 <-> DISABLED <-> FILE-MULTIMEDIA 3ivx MP4 file parsing cpy buffer overflow attempt (file-multimedia.rules)
 * 1:13321 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Package and Deployment Wizard ActiveX clsid access (browser-plugins.rules)
 * 1:13323 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Package and Deployment Wizard ActiveX function call access (browser-plugins.rules)
 * 1:13325 <-> DISABLED <-> BROWSER-PLUGINS Macrovision FLEXnet Connect ActiveX clsid access (browser-plugins.rules)
 * 1:13327 <-> DISABLED <-> BROWSER-PLUGINS Macrovision FLEXnet Connect ActiveX function call access (browser-plugins.rules)
 * 1:13329 <-> DISABLED <-> BROWSER-PLUGINS Toshiba Surveillance Surveillix DVR ActiveX clsid access (browser-plugins.rules)
 * 1:13331 <-> DISABLED <-> BROWSER-PLUGINS Toshiba Surveillance Surveillix DVR ActiveX function call access (browser-plugins.rules)
 * 1:13333 <-> DISABLED <-> BROWSER-PLUGINS HP Virtual Rooms ActiveX clsid access (browser-plugins.rules)
 * 1:13335 <-> DISABLED <-> BROWSER-PLUGINS Lycos File Upload Component ActiveX clsid access (browser-plugins.rules)
 * 1:13337 <-> DISABLED <-> BROWSER-PLUGINS Comodo AntiVirus ActiveX clsid access (browser-plugins.rules)
 * 1:13339 <-> DISABLED <-> PUA-TOOLBARS Hijacker direct toolbar runtime detection (pua-toolbars.rules)
 * 1:13340 <-> DISABLED <-> PUA-ADWARE Hijacker search4top outbound connection - hijack ie searches and error pages (pua-adware.rules)
 * 1:13341 <-> DISABLED <-> PUA-ADWARE Hijacker search4top outbound connection - popup ads (pua-adware.rules)
 * 1:13342 <-> DISABLED <-> PUA-TOOLBARS Hijacker ditto toolbar runtime detection (pua-toolbars.rules)
 * 1:13343 <-> DISABLED <-> PUA-ADWARE Adware 2005-search loader runtime detection (pua-adware.rules)
 * 1:13344 <-> DISABLED <-> PUA-ADWARE Adware yourprivacyguard runtime detection - presale request (pua-adware.rules)
 * 1:13345 <-> DISABLED <-> PUA-ADWARE Adware yourprivacyguard runtime detection - update (pua-adware.rules)
 * 1:13346 <-> ENABLED <-> PUA-ADWARE Snoopware remote desktop inspector outbound connection - init connection (pua-adware.rules)
 * 1:13347 <-> DISABLED <-> PUA-ADWARE Snoopware remote desktop inspector runtime detection - init connection (pua-adware.rules)
 * 1:13348 <-> DISABLED <-> BROWSER-PLUGINS Move Networks Media Player ActiveX clsid access (browser-plugins.rules)
 * 1:13350 <-> DISABLED <-> BROWSER-PLUGINS Move Networks Media Player ActiveX function call access (browser-plugins.rules)
 * 1:13352 <-> DISABLED <-> BROWSER-PLUGINS Lycos File Upload Component ActiveX function call access (browser-plugins.rules)
 * 1:13354 <-> DISABLED <-> BROWSER-PLUGINS HP Virtual Rooms ActiveX function call access (browser-plugins.rules)
 * 1:13356 <-> ENABLED <-> SQL SAP MaxDB shell command injection attempt (sql.rules)
 * 1:13357 <-> DISABLED <-> SERVER-MYSQL failed Oracle Mysql login attempt (server-mysql.rules)
 * 1:13358 <-> DISABLED <-> SERVER-MYSQL Oracle Mysql login attempt from unauthorized location (server-mysql.rules)
 * 1:13359 <-> DISABLED <-> APP-DETECT failed IMAP login attempt - invalid username/password (app-detect.rules)
 * 1:13360 <-> DISABLED <-> APP-DETECT FTP 530 Login failed response (app-detect.rules)
 * 1:13361 <-> DISABLED <-> FILE-OTHER ClamAV MEW PE file integer overflow attempt (file-other.rules)
 * 1:13363 <-> DISABLED <-> SERVER-OTHER Cisco Unified Communications Manager heap overflow attempt (server-other.rules)
 * 1:13364 <-> DISABLED <-> SERVER-MAIL Novell GroupWise client IMG SRC buffer overflow (server-mail.rules)
 * 1:13365 <-> DISABLED <-> SERVER-OTHER Trend Micro ServerProtect TMregChange buffer overflow attempt (server-other.rules)
 * 1:13366 <-> DISABLED <-> SERVER-ORACLE Oracle database SYS.LT.FINDRICSET SQL injection attempt (server-oracle.rules)
 * 1:13367 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP spoolss GetPrinterData attempt (netbios.rules)
 * 1:13415 <-> DISABLED <-> SERVER-OTHER CA BrightStor cheyenneds mailslot overflow (server-other.rules)
 * 1:13419 <-> DISABLED <-> BROWSER-PLUGINS Facebook Photo Uploader ActiveX clsid access (browser-plugins.rules)
 * 1:13421 <-> DISABLED <-> BROWSER-PLUGINS Facebook Photo Uploader ActiveX function call access (browser-plugins.rules)
 * 1:13423 <-> DISABLED <-> BROWSER-PLUGINS SwiftView ActiveX clsid access (browser-plugins.rules)
 * 1:13426 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Music JukeBox DataGrid ActiveX clsid access (browser-plugins.rules)
 * 1:13428 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Music JukeBox DataGrid ActiveX function call access (browser-plugins.rules)
 * 1:13430 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Music JukeBox MediaGrid ActiveX clsid access (browser-plugins.rules)
 * 1:13432 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Music JukeBox MediaGrid ActiveX function call access (browser-plugins.rules)
 * 1:13434 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 4 Property Overflows ActiveX clsid access (browser-plugins.rules)
 * 1:13436 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 4 Property Overflows ActiveX function call access (browser-plugins.rules)
 * 1:13438 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 5 Vulnerable Methods ActiveX clsid access (browser-plugins.rules)
 * 1:13440 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 5 Vulnerable Methods ActiveX function call access (browser-plugins.rules)
 * 1:13442 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 5 Property Overflows ActiveX clsid access (browser-plugins.rules)
 * 1:13444 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader 5 Property Overflows ActiveX function call access (browser-plugins.rules)
 * 1:13446 <-> DISABLED <-> BROWSER-PLUGINS GlobalLink HanGamePlugin ActiveX clsid access (browser-plugins.rules)
 * 1:13448 <-> DISABLED <-> OS-WINDOWS Microsoft Windows vbscript/jscript scripting engine begin buffer overflow attempt (os-windows.rules)
 * 1:13449 <-> DISABLED <-> OS-WINDOWS Microsoft Windows vbscript/jscript scripting engine end buffer overflow attempt (os-windows.rules)
 * 1:13451 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Visual FoxPro foxtlib ActiveX clsid access (browser-plugins.rules)
 * 1:13453 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DXLUTBuilder ActiveX clsid access (browser-ie.rules)
 * 1:13454 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DXLUTBuilder ActiveX clsid unicode access (browser-ie.rules)
 * 1:13455 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DXLUTBuilder ActiveX function call access (browser-ie.rules)
 * 1:13456 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DXLUTBuilder ActiveX function call unicode access (browser-ie.rules)
 * 1:13457 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Forms 2.0 ActiveX clsid access (browser-plugins.rules)
 * 1:13459 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Forms 2.0 ActiveX function call access (browser-plugins.rules)
 * 1:13465 <-> ENABLED <-> FILE-IDENTIFY Microsoft Works file download request (file-identify.rules)
 * 1:13466 <-> DISABLED <-> FILE-OFFICE Microsoft Works file converter file section length headers memory corruption attempt (file-office.rules)
 * 1:13470 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher memory corruption attempt (file-office.rules)
 * 1:13471 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher invalid pathname overwrite attempt (file-office.rules)
 * 1:13472 <-> DISABLED <-> FILE-OFFICE Microsoft Works file converter field length invalid chunk size buffer overflow attempt (file-office.rules)
 * 1:13473 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Publisher file download request (file-identify.rules)
 * 1:13474 <-> DISABLED <-> OS-WINDOWS Microsoft WebDAV MiniRedir remote code execution attempt (os-windows.rules)
 * 1:13476 <-> DISABLED <-> SERVER-IIS Microsoft IIS HTMLEncode Unicode string buffer overflow  (server-iis.rules)
 * 1:13477 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader collab.collectEmailInfo exploit attempt - compressed (file-pdf.rules)
 * 1:13478 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader collab.collectEmailInfo exploit attempt (file-pdf.rules)
 * 1:13479 <-> ENABLED <-> MALWARE-OTHER Keylogger findnot guarddog 4.0 runtime detection (malware-other.rules)
 * 1:13480 <-> DISABLED <-> MALWARE-OTHER Keylogger findnot guarddog 4.0 runtime detection (malware-other.rules)
 * 1:13481 <-> DISABLED <-> PUA-TOOLBARS Hijacker baidu toolbar runtime detection - hijacks search engine (pua-toolbars.rules)
 * 1:13482 <-> DISABLED <-> PUA-TOOLBARS Hijacker baidu toolbar runtime detection - discloses information (pua-toolbars.rules)
 * 1:13483 <-> ENABLED <-> PUA-TOOLBARS Hijacker baidu toolbar runtime detection - updates automatically (pua-toolbars.rules)
 * 1:13484 <-> DISABLED <-> PUA-TOOLBARS Hijacker baidu toolbar runtime detection - updates automatically (pua-toolbars.rules)
 * 1:13485 <-> DISABLED <-> PUA-TOOLBARS Hijacker sofa toolbar runtime detection - hijacks search engine (pua-toolbars.rules)
 * 1:13486 <-> DISABLED <-> PUA-TOOLBARS Hijacker sofa toolbar runtime detection - records search information (pua-toolbars.rules)
 * 1:13487 <-> DISABLED <-> PUA-ADWARE Adware elite protector runtime detection (pua-adware.rules)
 * 1:13488 <-> DISABLED <-> PUA-TOOLBARS Hijacker people pal toolbar runtime detection - automatic upgrade (pua-toolbars.rules)
 * 1:13489 <-> DISABLED <-> PUA-TOOLBARS Hijacker people pal toolbar runtime detection - traffic for searching (pua-toolbars.rules)
 * 1:13490 <-> DISABLED <-> PUA-ADWARE Adware spy shredder 2.1 runtime detection - presale request (pua-adware.rules)
 * 1:13491 <-> DISABLED <-> PUA-ADWARE Adware spy shredder 2.1 runtime detection - update (pua-adware.rules)
 * 1:13492 <-> DISABLED <-> PUA-TOOLBARS Hijacker deepdo toolbar runtime detection - redirects search engine (pua-toolbars.rules)
 * 1:13493 <-> DISABLED <-> PUA-TOOLBARS Hijacker deepdo toolbar runtime detection - automatic update (pua-toolbars.rules)
 * 1:13494 <-> DISABLED <-> MALWARE-OTHER Keylogger smart pc Keylogger runtime detection (malware-other.rules)
 * 1:13495 <-> DISABLED <-> PUA-TOOLBARS Hijacker ez-tracks toolbar runtime detection - initial traffic 1 (pua-toolbars.rules)
 * 1:13496 <-> DISABLED <-> PUA-TOOLBARS Hijacker ez-tracks toolbar runtime detection - initial traffic 2 (pua-toolbars.rules)
 * 1:13497 <-> DISABLED <-> PUA-TOOLBARS Hijacker ez-tracks toolbar runtime detection - tracking traffic (pua-toolbars.rules)
 * 1:13498 <-> DISABLED <-> PUA-ADWARE Hijacker hbtbar outbound connection - search traffic 1 (pua-adware.rules)
 * 1:13499 <-> DISABLED <-> PUA-ADWARE Hijacker hbtbar outbound connection - search traffic 2 (pua-adware.rules)
 * 1:13500 <-> DISABLED <-> PUA-ADWARE Hijacker hbtbar outbound connection - log information (pua-adware.rules)
 * 1:13501 <-> DISABLED <-> PUA-ADWARE Adware contravirus runtime detection - presale request (pua-adware.rules)
 * 1:13502 <-> DISABLED <-> PUA-ADWARE Adware contravirus runtime detection - update (pua-adware.rules)
 * 1:13503 <-> DISABLED <-> PUA-TOOLBARS Hijacker dealio toolbar runtime detection user-agent detected (pua-toolbars.rules)
 * 1:13504 <-> DISABLED <-> PUA-ADWARE Adware iedefender runtime detection - presale request (pua-adware.rules)
 * 1:13505 <-> DISABLED <-> PUA-ADWARE Adware iedefender runtime detection - update (pua-adware.rules)
 * 1:13506 <-> ENABLED <-> MALWARE-BACKDOOR evilotus 1.3.2 runtime detection - init connection (malware-backdoor.rules)
 * 1:13507 <-> DISABLED <-> MALWARE-CNC evilotus 1.3.2 variant outbound connection (malware-cnc.rules)
 * 1:13508 <-> DISABLED <-> MALWARE-CNC xploit 1.4.5 variant outbound connection (malware-cnc.rules)
 * 1:13509 <-> DISABLED <-> MALWARE-CNC xploit 1.4.5 pc variant outbound connection (malware-cnc.rules)
 * 1:13512 <-> DISABLED <-> SQL generic sql exec injection attempt - GET parameter (sql.rules)
 * 1:13513 <-> DISABLED <-> SQL generic sql insert injection attempt - GET parameter (sql.rules)
 * 1:13514 <-> DISABLED <-> SQL generic sql update injection attempt - GET parameter (sql.rules)
 * 1:13515 <-> ENABLED <-> FILE-MULTIMEDIA Apple QuickTime user agent (file-multimedia.rules)
 * 1:13516 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime HTTP error response buffer overflow (file-multimedia.rules)
 * 1:13517 <-> DISABLED <-> FILE-MULTIMEDIA Apple Quicktime malformed idsc atom (file-multimedia.rules)
 * 1:13519 <-> DISABLED <-> SERVER-OTHER Citrix MetaFrame IMA buffer overflow attempt (server-other.rules)
 * 1:13520 <-> DISABLED <-> SERVER-OTHER Nullsoft Winamp Ultravox streaming malicious metadata (server-other.rules)
 * 1:13521 <-> DISABLED <-> SERVER-OTHER Nullsoft Winamp Ultravox streaming malicious metadata (server-other.rules)
 * 1:13522 <-> DISABLED <-> SERVER-OTHER Firebird Database Server username handling buffer overflow (server-other.rules)
 * 1:13523 <-> DISABLED <-> BROWSER-PLUGINS Novell iPrint ActiveX clsid access (browser-plugins.rules)
 * 1:13525 <-> DISABLED <-> BROWSER-PLUGINS Novell iPrint ActiveX function call access (browser-plugins.rules)
 * 1:13527 <-> DISABLED <-> BROWSER-PLUGINS D-Link MPEG4 SHM Audio Control ActiveX clsid access (browser-plugins.rules)
 * 1:13529 <-> DISABLED <-> BROWSER-PLUGINS D-Link MPEG4 SHM Audio Control ActiveX function call access (browser-plugins.rules)
 * 1:13531 <-> DISABLED <-> BROWSER-PLUGINS 4xem VatCtrl ActiveX clsid access (browser-plugins.rules)
 * 1:13533 <-> DISABLED <-> BROWSER-PLUGINS 4xem VatCtrl ActiveX function call access (browser-plugins.rules)
 * 1:13535 <-> DISABLED <-> BROWSER-PLUGINS Vivotek RTSP MPEG4 SP Control ActiveX clsid access (browser-plugins.rules)
 * 1:13537 <-> DISABLED <-> BROWSER-PLUGINS Vivotek RTSP MPEG4 SP Control ActiveX function call access (browser-plugins.rules)
 * 1:13539 <-> DISABLED <-> BROWSER-PLUGINS Symantec Backup Exec ActiveX clsid access (browser-plugins.rules)
 * 1:13541 <-> DISABLED <-> BROWSER-PLUGINS Symantec Backup Exec ActiveX function call access (browser-plugins.rules)
 * 1:13543 <-> DISABLED <-> BROWSER-PLUGINS Learn2 STRunner ActiveX clsid access (browser-plugins.rules)
 * 1:13545 <-> DISABLED <-> BROWSER-PLUGINS Learn2 STRunner ActiveX function call access (browser-plugins.rules)
 * 1:12163 <-> ENABLED <-> MALWARE-BACKDOOR cobra uploader 1.0 runtime detection (malware-backdoor.rules)
 * 1:12164 <-> DISABLED <-> MALWARE-BACKDOOR cobra uploader 1.0 runtime detection (malware-backdoor.rules)
 * 1:12165 <-> DISABLED <-> MALWARE-CNC lithium 1.02 variant outbound connection (malware-cnc.rules)
 * 1:12166 <-> DISABLED <-> MALWARE-CNC lithium 1.02 variant outbound connection (malware-cnc.rules)
 * 1:12167 <-> DISABLED <-> PROTOCOL-VOIP SIP URI multiple at signs in message (protocol-voip.rules)
 * 1:12168 <-> DISABLED <-> BROWSER-PLUGINS Computer Associates ETrust Intrusion Detection Caller.DLL ActiveX clsid access (browser-plugins.rules)
 * 1:1217 <-> DISABLED <-> SERVER-WEBAPP plusmail access (server-webapp.rules)
 * 1:12170 <-> DISABLED <-> PROTOCOL-VOIP inbound 408 Request Timeout message (protocol-voip.rules)
 * 1:12171 <-> DISABLED <-> PROTOCOL-VOIP outbound 408 Request Timeout message (protocol-voip.rules)
 * 1:12172 <-> DISABLED <-> PROTOCOL-VOIP inbound 501 Not Implemented message (protocol-voip.rules)
 * 1:12173 <-> DISABLED <-> PROTOCOL-VOIP outbound 501 Not Implemented message (protocol-voip.rules)
 * 1:12174 <-> DISABLED <-> PROTOCOL-VOIP inbound 604 Does Not Exist Anywhere message (protocol-voip.rules)
 * 1:12175 <-> DISABLED <-> PROTOCOL-VOIP outbound 604 Does Not Exist Anywhere message (protocol-voip.rules)
 * 1:12176 <-> DISABLED <-> PROTOCOL-VOIP inbound 415 Unsupported Media Type message (protocol-voip.rules)
 * 1:12177 <-> DISABLED <-> PROTOCOL-VOIP outbound 415 Unsupported Media Type message (protocol-voip.rules)
 * 1:12178 <-> DISABLED <-> PROTOCOL-VOIP inbound 481 Call/Leg Transaction Does Not Exist (protocol-voip.rules)
 * 1:12179 <-> DISABLED <-> PROTOCOL-VOIP outbound 481 Call/Leg Transaction Does Not Exist (protocol-voip.rules)
 * 1:1218 <-> DISABLED <-> SERVER-WEBAPP adminlogin access (server-webapp.rules)
 * 1:12180 <-> DISABLED <-> PROTOCOL-VOIP inbound 404 Not Found (protocol-voip.rules)
 * 1:12181 <-> DISABLED <-> PROTOCOL-VOIP outbound 404 Not Found (protocol-voip.rules)
 * 1:12182 <-> ENABLED <-> FILE-IDENTIFY Adobe Flash Video file magic detected (file-identify.rules)
 * 1:12183 <-> DISABLED <-> FILE-FLASH Adobe FLV long string script data buffer overflow attempt (file-flash.rules)
 * 1:12184 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel workbook workspace designation handling arbitrary code execution attempt (file-office.rules)
 * 1:12185 <-> DISABLED <-> PROTOCOL-RPC portmap 2112 tcp request (protocol-rpc.rules)
 * 1:12186 <-> DISABLED <-> PROTOCOL-RPC portmap 2112 udp request (protocol-rpc.rules)
 * 1:12187 <-> DISABLED <-> PROTOCOL-RPC portmap 2112 tcp rename_principal attempt (protocol-rpc.rules)
 * 1:12188 <-> DISABLED <-> PROTOCOL-RPC portmap 2112 udp rename_principal attempt (protocol-rpc.rules)
 * 1:12189 <-> DISABLED <-> BROWSER-PLUGINS Clever Internet Suite ActiveX clsid access (browser-plugins.rules)
 * 1:1219 <-> DISABLED <-> SERVER-WEBAPP dfire.cgi access (server-webapp.rules)
 * 1:12191 <-> DISABLED <-> BROWSER-PLUGINS Clever Internet Suite ActiveX function call access (browser-plugins.rules)
 * 1:12193 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Widgets Engine ActiveX clsid access (browser-plugins.rules)
 * 1:12195 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Widgets Engine ActiveX function call access (browser-plugins.rules)
 * 1:12197 <-> DISABLED <-> SERVER-OTHER CA message queuing server buffer overflow attempt (server-other.rules)
 * 1:12198 <-> DISABLED <-> OS-WINDOWS Microsoft Windows getbulk request attempt (os-windows.rules)
 * 1:12199 <-> DISABLED <-> SERVER-OTHER RIM BlackBerry SRP negative string size (server-other.rules)
 * 1:1220 <-> DISABLED <-> SERVER-WEBAPP ultraboard access (server-webapp.rules)
 * 1:12200 <-> DISABLED <-> BROWSER-PLUGINS VMWare IntraProcessLogging ActiveX clsid access (browser-plugins.rules)
 * 1:12202 <-> DISABLED <-> SERVER-OTHER Ingres long message heap buffer overflow attempt (server-other.rules)
 * 1:12203 <-> DISABLED <-> BROWSER-PLUGINS VMWare Vielib.dll ActiveX clsid access (browser-plugins.rules)
 * 1:12205 <-> DISABLED <-> BROWSER-PLUGINS VMWare Vielib.dll ActiveX function call access (browser-plugins.rules)
 * 1:12207 <-> DISABLED <-> BROWSER-PLUGINS Computer Associates ETrust Intrusion Detection Caller.DLL ActiveX function call access (browser-plugins.rules)
 * 1:12209 <-> ENABLED <-> PUA-P2P P2PTv TVAnt udp traffic detected (pua-p2p.rules)
 * 1:1221 <-> DISABLED <-> SERVER-WEBAPP Muscat Empower cgi access (server-webapp.rules)
 * 1:12210 <-> ENABLED <-> PUA-P2P P2PTv TVAnts TCP tracker connect traffic detected (pua-p2p.rules)
 * 1:12211 <-> ENABLED <-> PUA-P2P P2PTv TVAnts TCP connection traffic detected (pua-p2p.rules)
 * 1:12212 <-> DISABLED <-> SERVER-MAIL Ipswitch IMail literal search date command buffer overflow attempt (server-mail.rules)
 * 1:12213 <-> DISABLED <-> SERVER-MAIL Ipswitch IMail search date command buffer overflow attempt (server-mail.rules)
 * 1:12216 <-> DISABLED <-> SERVER-OTHER Borland interbase Create Request opcode string length buffer overflow attempt (server-other.rules)
 * 1:12217 <-> DISABLED <-> SERVER-OTHER Borland interbase string length buffer overflow attempt (server-other.rules)
 * 1:12218 <-> DISABLED <-> SERVER-OTHER Borland interbase string length buffer overflow attempt (server-other.rules)
 * 1:12219 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer SMIL wallclock parsing buffer overflow (file-multimedia.rules)
 * 1:1222 <-> DISABLED <-> SERVER-WEBAPP pals-cgi arbitrary file access attempt (server-webapp.rules)
 * 1:12220 <-> DISABLED <-> SERVER-OTHER IBM Informix Dynamic Server long username buffer overflow attempt (server-other.rules)
 * 1:12221 <-> DISABLED <-> SERVER-WEBAPP file upload GLOBAL variable overwrite attempt (server-webapp.rules)
 * 1:12222 <-> DISABLED <-> SERVER-OTHER Squid proxy long WCCP packet (server-other.rules)
 * 1:12223 <-> DISABLED <-> SERVER-OTHER Novell WebAdmin long user name (server-other.rules)
 * 1:12224 <-> DISABLED <-> PUA-ADWARE Adware enbrowser snackman runtime detection (pua-adware.rules)
 * 1:12225 <-> DISABLED <-> PUA-TOOLBARS Adware zango2007 toolbar runtime detection (pua-toolbars.rules)
 * 1:12226 <-> DISABLED <-> MALWARE-OTHER Keylogger overspy runtime detection (malware-other.rules)
 * 1:12227 <-> DISABLED <-> PUA-TOOLBARS Trackware snap ultrasearch/desktop toolbar runtime detection - search (pua-toolbars.rules)
 * 1:12228 <-> DISABLED <-> PUA-TOOLBARS Trackware snap ultrasearch/desktop toolbar runtime detection - cookie (pua-toolbars.rules)
 * 1:12229 <-> DISABLED <-> PUA-ADWARE Adware vroomsearch runtime detection (pua-adware.rules)
 * 1:12230 <-> DISABLED <-> MALWARE-TOOLS Hacker-Tool hippynotify 2.0 runtime detection (malware-tools.rules)
 * 1:12231 <-> DISABLED <-> PUA-ADWARE Adware vroomsearch runtime detection (pua-adware.rules)
 * 1:12232 <-> DISABLED <-> PUA-ADWARE Adware errorsafe runtime detection (pua-adware.rules)
 * 1:12233 <-> ENABLED <-> MALWARE-BACKDOOR theef 2.10 runtime detection - connect with no password (malware-backdoor.rules)
 * 1:12234 <-> DISABLED <-> MALWARE-BACKDOOR theef 2.10 runtime detection - connect with no password (malware-backdoor.rules)
 * 1:12235 <-> ENABLED <-> MALWARE-BACKDOOR theef 2.10 runtime detection - connect with password (malware-backdoor.rules)
 * 1:12236 <-> DISABLED <-> MALWARE-BACKDOOR theef 2.10 runtime detection - connect with password (malware-backdoor.rules)
 * 1:12237 <-> ENABLED <-> MALWARE-BACKDOOR theef 2.10 runtime detection - ftp (malware-backdoor.rules)
 * 1:12238 <-> DISABLED <-> MALWARE-BACKDOOR theef 2.10 runtime detection - ftp (malware-backdoor.rules)
 * 1:12239 <-> DISABLED <-> MALWARE-BACKDOOR webcenter v1.0 Backdoor - init connection (malware-backdoor.rules)
 * 1:1224 <-> DISABLED <-> SERVER-WEBAPP ROADS search.pl attempt (server-webapp.rules)
 * 1:12240 <-> ENABLED <-> MALWARE-BACKDOOR genie 1.7 runtime detection - init connection (malware-backdoor.rules)
 * 1:12241 <-> DISABLED <-> MALWARE-BACKDOOR genie 1.7 runtime detection - init connection (malware-backdoor.rules)
 * 1:12242 <-> ENABLED <-> MALWARE-BACKDOOR hotmail hacker log edition 5.0 runtime detection - init connection (malware-backdoor.rules)
 * 1:12243 <-> DISABLED <-> MALWARE-BACKDOOR hotmail hacker log edition 5.0 runtime detection - init connection (malware-backdoor.rules)
 * 1:12244 <-> DISABLED <-> MALWARE-BACKDOOR itadem trojan 3.0 runtime detection (malware-backdoor.rules)
 * 1:12245 <-> DISABLED <-> MALWARE-BACKDOOR furax 1.0 b3 runtime detection (malware-backdoor.rules)
 * 1:12246 <-> DISABLED <-> BROWSER-PLUGINS Symantec NavComUI AxSysListView32 ActiveX clsid access attempt (browser-plugins.rules)
 * 1:12248 <-> DISABLED <-> BROWSER-PLUGINS Symantec NavComUI AxSysListView32 ActiveX function call access attempt (browser-plugins.rules)
 * 1:1225 <-> DISABLED <-> X11 MIT Magic Cookie detected (x11.rules)
 * 1:12250 <-> DISABLED <-> BROWSER-PLUGINS Symantec NavComUI AxSysListView32OAA ActiveX clsid access attempt (browser-plugins.rules)
 * 1:12252 <-> DISABLED <-> BROWSER-PLUGINS Symantec NavComUI AxSysListView32OAA ActiveX function call access attempt (browser-plugins.rules)
 * 1:14128 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 21 ActiveX clsid access (browser-plugins.rules)
 * 1:1413 <-> DISABLED <-> PROTOCOL-SNMP private access udp (protocol-snmp.rules)
 * 1:14130 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 22 ActiveX clsid access (browser-plugins.rules)
 * 1:14132 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 23 ActiveX clsid access (browser-plugins.rules)
 * 1:14134 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 24 ActiveX clsid access (browser-plugins.rules)
 * 1:14136 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 25 ActiveX clsid access (browser-plugins.rules)
 * 1:14138 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 26 ActiveX clsid access (browser-plugins.rules)
 * 1:1414 <-> DISABLED <-> PROTOCOL-SNMP private access tcp (protocol-snmp.rules)
 * 1:14140 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 27 ActiveX clsid access (browser-plugins.rules)
 * 1:14142 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 28 ActiveX clsid access (browser-plugins.rules)
 * 1:14144 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 29 ActiveX clsid access (browser-plugins.rules)
 * 1:14146 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 30 ActiveX clsid access (browser-plugins.rules)
 * 1:14148 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 31 ActiveX clsid access (browser-plugins.rules)
 * 1:1415 <-> DISABLED <-> PROTOCOL-SNMP Broadcast request (protocol-snmp.rules)
 * 1:14150 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 32 ActiveX clsid access (browser-plugins.rules)
 * 1:14152 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 33 ActiveX clsid access (browser-plugins.rules)
 * 1:14154 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 34 ActiveX clsid access (browser-plugins.rules)
 * 1:14156 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 35 ActiveX clsid access (browser-plugins.rules)
 * 1:14158 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 36 ActiveX clsid access (browser-plugins.rules)
 * 1:1416 <-> DISABLED <-> PROTOCOL-SNMP broadcast trap (protocol-snmp.rules)
 * 1:14160 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 37 ActiveX clsid access (browser-plugins.rules)
 * 1:14162 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 38 ActiveX clsid access (browser-plugins.rules)
 * 1:14164 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 39 ActiveX clsid access (browser-plugins.rules)
 * 1:14166 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 40 ActiveX clsid access (browser-plugins.rules)
 * 1:14168 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 41 ActiveX clsid access (browser-plugins.rules)
 * 1:1417 <-> DISABLED <-> PROTOCOL-SNMP request udp (protocol-snmp.rules)
 * 1:14170 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 42 ActiveX clsid access (browser-plugins.rules)
 * 1:14172 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 43 ActiveX clsid access (browser-plugins.rules)
 * 1:14174 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 44 ActiveX clsid access (browser-plugins.rules)
 * 1:14176 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 45 ActiveX clsid access (browser-plugins.rules)
 * 1:14178 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 46 ActiveX clsid access (browser-plugins.rules)
 * 1:1418 <-> DISABLED <-> PROTOCOL-SNMP request tcp (protocol-snmp.rules)
 * 1:14180 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 47 ActiveX clsid access (browser-plugins.rules)
 * 1:14182 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 48 ActiveX clsid access (browser-plugins.rules)
 * 1:14184 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 49 ActiveX clsid access (browser-plugins.rules)
 * 1:14186 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 50 ActiveX clsid access (browser-plugins.rules)
 * 1:14188 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 51 ActiveX clsid access (browser-plugins.rules)
 * 1:1419 <-> DISABLED <-> PROTOCOL-SNMP trap udp (protocol-snmp.rules)
 * 1:14190 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 52 ActiveX clsid access (browser-plugins.rules)
 * 1:14192 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 53 ActiveX clsid access (browser-plugins.rules)
 * 1:14194 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 54 ActiveX clsid access (browser-plugins.rules)
 * 1:14196 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 55 ActiveX clsid access (browser-plugins.rules)
 * 1:14198 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 56 ActiveX clsid access (browser-plugins.rules)
 * 1:1420 <-> DISABLED <-> PROTOCOL-SNMP trap tcp (protocol-snmp.rules)
 * 1:14200 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 57 ActiveX clsid access (browser-plugins.rules)
 * 1:14202 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 58 ActiveX clsid access (browser-plugins.rules)
 * 1:14204 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 59 ActiveX clsid access (browser-plugins.rules)
 * 1:14206 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 60 ActiveX clsid access (browser-plugins.rules)
 * 1:14208 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 61 ActiveX clsid access (browser-plugins.rules)
 * 1:1421 <-> DISABLED <-> PROTOCOL-SNMP AgentX/tcp request (protocol-snmp.rules)
 * 1:14210 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 62 ActiveX clsid access (browser-plugins.rules)
 * 1:14212 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 63 ActiveX clsid access (browser-plugins.rules)
 * 1:14214 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 64 ActiveX clsid access (browser-plugins.rules)
 * 1:14216 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 65 ActiveX clsid access (browser-plugins.rules)
 * 1:14218 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 66 ActiveX clsid access (browser-plugins.rules)
 * 1:1422 <-> DISABLED <-> PROTOCOL-SNMP community string buffer overflow attempt with evasion (protocol-snmp.rules)
 * 1:14220 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 67 ActiveX clsid access (browser-plugins.rules)
 * 1:14222 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 68 ActiveX clsid access (browser-plugins.rules)
 * 1:14224 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 69 ActiveX clsid access (browser-plugins.rules)
 * 1:14226 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 70 ActiveX clsid access (browser-plugins.rules)
 * 1:14228 <-> DISABLED <-> BROWSER-PLUGINS Aurigma Image Uploader unspecified 71 ActiveX clsid access (browser-plugins.rules)
 * 1:1423 <-> DISABLED <-> SERVER-WEBAPP content-disposition memchr overflow (server-webapp.rules)
 * 1:14230 <-> DISABLED <-> SERVER-WEBAPP SAP DB web server stack buffer overflow attempt (server-webapp.rules)
 * 1:14231 <-> DISABLED <-> BROWSER-PLUGINS SoftArtisans XFile FileManager ActiveX clsid access (browser-plugins.rules)
 * 1:14233 <-> DISABLED <-> BROWSER-PLUGINS SoftArtisans XFile FileManager ActiveX function call access (browser-plugins.rules)
 * 1:14235 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Media Services CallHTMLHelp ActiveX buffer overflow attempt (browser-plugins.rules)
 * 1:14237 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Media Services ActiveX function call access (browser-plugins.rules)
 * 1:14239 <-> DISABLED <-> BROWSER-PLUGINS Friendly Technologies fwRemoteConfig ActiveX clsid access (browser-plugins.rules)
 * 1:14241 <-> DISABLED <-> BROWSER-PLUGINS Friendly Technologies fwRemoteConfig ActiveX function call access (browser-plugins.rules)
 * 1:14243 <-> DISABLED <-> BROWSER-PLUGINS Najdi.si Toolbar ActiveX clsid access (browser-plugins.rules)
 * 1:14245 <-> DISABLED <-> BROWSER-PLUGINS Najdi.si Toolbar ActiveX function call access (browser-plugins.rules)
 * 1:14247 <-> DISABLED <-> BROWSER-PLUGINS Eyeball MessengerSDK ActiveX clsid access (browser-plugins.rules)
 * 1:14249 <-> DISABLED <-> BROWSER-PLUGINS Eyeball MessengerSDK ActiveX function call access (browser-plugins.rules)
 * 1:1425 <-> DISABLED <-> SERVER-WEBAPP content-disposition file upload attempt (server-webapp.rules)
 * 1:14255 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Media Encoder 9 ActiveX clsid access (browser-plugins.rules)
 * 1:14257 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Media Encoder 9 ActiveX function call access (browser-plugins.rules)
 * 1:1426 <-> DISABLED <-> PROTOCOL-SNMP PROTOS test-suite-req-app attempt (protocol-snmp.rules)
 * 1:14261 <-> DISABLED <-> OS-WINDOWS Microsoft Windows GDI VML gradient size heap overflow attempt (os-windows.rules)
 * 1:14262 <-> DISABLED <-> FILE-OFFICE Microsoft Office OneNote iframe caller exploit attempt (file-office.rules)
 * 1:14264 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media Player playlist download (file-identify.rules)
 * 1:14265 <-> DISABLED <-> PROTOCOL-SCADA Multiple Schneider Electric SCADA products buffer overflow attempt (protocol-scada.rules)
 * 1:14266 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Image Acquisition Logger ActiveX clsid access (browser-plugins.rules)
 * 1:14268 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Image Acquisition Logger ActiveX function call access (browser-plugins.rules)
 * 1:1427 <-> DISABLED <-> PROTOCOL-SNMP PROTOS test-suite-trap-app attempt (protocol-snmp.rules)
 * 1:14270 <-> DISABLED <-> BROWSER-PLUGINS VieLib2.Vie2Locator ActiveX clsid access (browser-plugins.rules)
 * 1:14272 <-> DISABLED <-> BROWSER-PLUGINS VieLib2.Vie2Locator ActiveX function call access (browser-plugins.rules)
 * 1:14274 <-> DISABLED <-> BROWSER-PLUGINS Vie2Lib.Vie2LinuxVolume ActiveX clsid access (browser-plugins.rules)
 * 1:14276 <-> DISABLED <-> BROWSER-PLUGINS Vie2Lib.Vie2LinuxVolume ActiveX function call access (browser-plugins.rules)
 * 1:14278 <-> DISABLED <-> BROWSER-PLUGINS VieLib2.Vie2Process ActiveX clsid access (browser-plugins.rules)
 * 1:1428 <-> DISABLED <-> POLICY-MULTIMEDIA audio galaxy keepalive (policy-multimedia.rules)
 * 1:14280 <-> DISABLED <-> BROWSER-PLUGINS VieLib2.Vie2Process ActiveX function call access (browser-plugins.rules)
 * 1:14282 <-> DISABLED <-> BROWSER-PLUGINS IntraProcessLogging.Logger ActiveX clsid access (browser-plugins.rules)
 * 1:14284 <-> DISABLED <-> BROWSER-PLUGINS IntraProcessLogging.Logger ActiveX function call access (browser-plugins.rules)
 * 1:14286 <-> DISABLED <-> BROWSER-PLUGINS VMClientHosts Class ActiveX clsid access (browser-plugins.rules)
 * 1:14288 <-> DISABLED <-> BROWSER-PLUGINS VMClientHosts Class ActiveX function call access (browser-plugins.rules)
 * 1:14290 <-> DISABLED <-> BROWSER-PLUGINS VhdCvtCom.DiskLibCreateParamObj ActiveX clsid access (browser-plugins.rules)
 * 1:14292 <-> DISABLED <-> BROWSER-PLUGINS VhdCvtCom.DiskLibCreateParamObj ActiveX function call access (browser-plugins.rules)
 * 1:14294 <-> DISABLED <-> BROWSER-PLUGINS RemoteDirDlg Class ActiveX clsid access (browser-plugins.rules)
 * 1:14296 <-> DISABLED <-> BROWSER-PLUGINS RemoteDirDlg Class ActiveX function call access (browser-plugins.rules)
 * 1:14298 <-> DISABLED <-> BROWSER-PLUGINS TeamListViewWnd Class ActiveX clsid access (browser-plugins.rules)
 * 1:14300 <-> DISABLED <-> BROWSER-PLUGINS TeamListViewWnd Class ActiveX function call access (browser-plugins.rules)
 * 1:14302 <-> DISABLED <-> BROWSER-PLUGINS VMStatusbarCtl Class ActiveX clsid access (browser-plugins.rules)
 * 1:14304 <-> DISABLED <-> BROWSER-PLUGINS VMStatusbarCtl Class ActiveX function call access (browser-plugins.rules)
 * 1:14306 <-> DISABLED <-> BROWSER-PLUGINS Vmc2vmx.CoVPCConfiguration ActiveX clsid access (browser-plugins.rules)
 * 1:14308 <-> DISABLED <-> BROWSER-PLUGINS Vmc2vmx.CoVPCConfiguration ActiveX function call access (browser-plugins.rules)
 * 1:14310 <-> DISABLED <-> BROWSER-PLUGINS VmdbUpdate Class ActiveX clsid access (browser-plugins.rules)
 * 1:14312 <-> DISABLED <-> BROWSER-PLUGINS VmdbUpdate Class ActiveX function call access (browser-plugins.rules)
 * 1:14314 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 1 ActiveX clsid access (browser-plugins.rules)
 * 1:14316 <-> DISABLED <-> BROWSER-PLUGINS VmdbExecuteError Class ActiveX clsid access (browser-plugins.rules)
 * 1:14318 <-> DISABLED <-> BROWSER-PLUGINS VmdbExecuteError Class ActiveX function call access (browser-plugins.rules)
 * 1:1432 <-> DISABLED <-> PUA-P2P GNUTella client request (pua-p2p.rules)
 * 1:14320 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 2 ActiveX clsid access (browser-plugins.rules)
 * 1:14322 <-> DISABLED <-> BROWSER-PLUGINS reconfig.SysImageUti ActiveX clsid access (browser-plugins.rules)
 * 1:14324 <-> DISABLED <-> BROWSER-PLUGINS reconfig.SysImageUti ActiveX function call access (browser-plugins.rules)
 * 1:14326 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Database Tools Query Designer V7.0 ActiveX clsid access (browser-plugins.rules)
 * 1:14328 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Database Tools Query Designer V7.0 ActiveX function call access (browser-plugins.rules)
 * 1:1433 <-> DISABLED <-> SERVER-WEBAPP .history access (server-webapp.rules)
 * 1:14330 <-> DISABLED <-> BROWSER-PLUGINS VmdbContext Class ActiveX clsid access (browser-plugins.rules)
 * 1:14332 <-> DISABLED <-> BROWSER-PLUGINS VmdbContext Class ActiveX function call access (browser-plugins.rules)
 * 1:14334 <-> DISABLED <-> BROWSER-PLUGINS VMClientVMs Class ActiveX clsid access (browser-plugins.rules)
 * 1:14336 <-> DISABLED <-> BROWSER-PLUGINS VMClientVMs Class ActiveX function call access (browser-plugins.rules)
 * 1:14338 <-> DISABLED <-> BROWSER-PLUGINS vmappPropObj Class ActiveX clsid access (browser-plugins.rules)
 * 1:1434 <-> DISABLED <-> SERVER-WEBAPP .bash_history access (server-webapp.rules)
 * 1:14340 <-> DISABLED <-> BROWSER-PLUGINS vmappPropObj Class ActiveX function call access (browser-plugins.rules)
 * 1:14342 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 3 ActiveX clsid access (browser-plugins.rules)
 * 1:14344 <-> DISABLED <-> BROWSER-PLUGINS VMMsg Class ActiveX clsid access (browser-plugins.rules)
 * 1:14346 <-> DISABLED <-> BROWSER-PLUGINS VMMsg Class ActiveX function call access (browser-plugins.rules)
 * 1:14348 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 4 ActiveX clsid access (browser-plugins.rules)
 * 1:1435 <-> DISABLED <-> PROTOCOL-DNS named authors attempt (protocol-dns.rules)
 * 1:14350 <-> DISABLED <-> BROWSER-PLUGINS reconfig.PopulatedDi ActiveX clsid access (browser-plugins.rules)
 * 1:14352 <-> DISABLED <-> BROWSER-PLUGINS reconfig.PopulatedDi ActiveX function call access (browser-plugins.rules)
 * 1:14354 <-> DISABLED <-> BROWSER-PLUGINS Elevated.ElevMgr ActiveX clsid access (browser-plugins.rules)
 * 1:14356 <-> DISABLED <-> BROWSER-PLUGINS Elevated.ElevMgr ActiveX function call access (browser-plugins.rules)
 * 1:14358 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 5 ActiveX clsid access (browser-plugins.rules)
 * 1:1436 <-> DISABLED <-> POLICY-MULTIMEDIA Apple Quicktime User Agent access (policy-multimedia.rules)
 * 1:14360 <-> DISABLED <-> BROWSER-PLUGINS HardwareCtl Class ActiveX clsid access (browser-plugins.rules)
 * 1:14362 <-> DISABLED <-> BROWSER-PLUGINS HardwareCtl Class ActiveX function call access (browser-plugins.rules)
 * 1:14364 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 6 ActiveX clsid access (browser-plugins.rules)
 * 1:14366 <-> DISABLED <-> BROWSER-PLUGINS VmdbQuery Class ActiveX clsid access (browser-plugins.rules)
 * 1:14368 <-> DISABLED <-> BROWSER-PLUGINS VmdbQuery Class ActiveX function call access (browser-plugins.rules)
 * 1:1437 <-> DISABLED <-> FILE-IDENTIFY Microsoft Windows Media download detected (file-identify.rules)
 * 1:14370 <-> DISABLED <-> BROWSER-PLUGINS vmappPropObj2 Class ActiveX clsid access (browser-plugins.rules)
 * 1:14372 <-> DISABLED <-> BROWSER-PLUGINS vmappPropObj2 Class ActiveX function call access (browser-plugins.rules)
 * 1:14374 <-> DISABLED <-> BROWSER-PLUGINS VmappPoll Class ActiveX clsid access (browser-plugins.rules)
 * 1:14376 <-> DISABLED <-> BROWSER-PLUGINS VmappPoll Class ActiveX function call access (browser-plugins.rules)
 * 1:14378 <-> DISABLED <-> BROWSER-PLUGINS VMClient Class ActiveX clsid access (browser-plugins.rules)
 * 1:14380 <-> DISABLED <-> BROWSER-PLUGINS VMClient Class ActiveX function call access (browser-plugins.rules)
 * 1:14382 <-> DISABLED <-> BROWSER-PLUGINS Pq2vcom.Pq2v ActiveX clsid access (browser-plugins.rules)
 * 1:14384 <-> DISABLED <-> BROWSER-PLUGINS Pq2vcom.Pq2v ActiveX function call access (browser-plugins.rules)
 * 1:14386 <-> DISABLED <-> BROWSER-PLUGINS VmdbSchema Class ActiveX clsid access (browser-plugins.rules)
 * 1:14388 <-> DISABLED <-> BROWSER-PLUGINS VmdbSchema Class ActiveX function call access (browser-plugins.rules)
 * 1:1439 <-> DISABLED <-> POLICY-MULTIMEDIA Shoutcast playlist redirection (policy-multimedia.rules)
 * 1:14394 <-> DISABLED <-> BROWSER-PLUGINS VixCOM.VixLib ActiveX clsid access (browser-plugins.rules)
 * 1:14396 <-> DISABLED <-> BROWSER-PLUGINS VixCOM.VixLib ActiveX function call access (browser-plugins.rules)
 * 1:14398 <-> DISABLED <-> BROWSER-PLUGINS vmappsdk.CuiObj ActiveX clsid access (browser-plugins.rules)
 * 1:144 <-> DISABLED <-> PROTOCOL-FTP ADMw0rm ftp login attempt (protocol-ftp.rules)
 * 1:1440 <-> DISABLED <-> POLICY-MULTIMEDIA Icecast playlist redirection (policy-multimedia.rules)
 * 1:14400 <-> DISABLED <-> BROWSER-PLUGINS vmappsdk.CuiObj ActiveX function call access (browser-plugins.rules)
 * 1:14402 <-> DISABLED <-> BROWSER-PLUGINS RemoteBrowseDlg Class ActiveX clsid access (browser-plugins.rules)
 * 1:14404 <-> DISABLED <-> BROWSER-PLUGINS RemoteBrowseDlg Class ActiveX function call access (browser-plugins.rules)
 * 1:14406 <-> DISABLED <-> BROWSER-PLUGINS RegVmsCtl Class ActiveX clsid access (browser-plugins.rules)
 * 1:14408 <-> DISABLED <-> BROWSER-PLUGINS RegVmsCtl Class ActiveX function call access (browser-plugins.rules)
 * 1:1441 <-> DISABLED <-> PROTOCOL-TFTP GET nc.exe (protocol-tftp.rules)
 * 1:14410 <-> DISABLED <-> BROWSER-PLUGINS VmdbEnumTags Class ActiveX clsid access (browser-plugins.rules)
 * 1:14412 <-> DISABLED <-> BROWSER-PLUGINS VmdbEnumTags Class ActiveX function call access (browser-plugins.rules)
 * 1:14414 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 7 ActiveX clsid access (browser-plugins.rules)
 * 1:1442 <-> DISABLED <-> PROTOCOL-TFTP GET shadow (protocol-tftp.rules)
 * 1:14420 <-> DISABLED <-> BROWSER-PLUGINS VmdbDatabase Class ActiveX clsid access (browser-plugins.rules)
 * 1:14422 <-> DISABLED <-> BROWSER-PLUGINS VmdbDatabase Class ActiveX function call access (browser-plugins.rules)
 * 1:14424 <-> DISABLED <-> BROWSER-PLUGINS VMAppSdkUtil Class ActiveX clsid access (browser-plugins.rules)
 * 1:14426 <-> DISABLED <-> BROWSER-PLUGINS VMAppSdkUtil Class ActiveX function call access (browser-plugins.rules)
 * 1:14428 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 8 ActiveX clsid access (browser-plugins.rules)
 * 1:1443 <-> DISABLED <-> PROTOCOL-TFTP GET passwd (protocol-tftp.rules)
 * 1:14430 <-> DISABLED <-> BROWSER-PLUGINS VMEnumStrings Class ActiveX clsid access (browser-plugins.rules)
 * 1:14432 <-> DISABLED <-> BROWSER-PLUGINS VMEnumStrings Class ActiveX function call access (browser-plugins.rules)
 * 1:14434 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 9 ActiveX clsid access (browser-plugins.rules)
 * 1:14436 <-> DISABLED <-> BROWSER-PLUGINS VMClientHost Class ActiveX clsid access (browser-plugins.rules)
 * 1:14438 <-> DISABLED <-> BROWSER-PLUGINS VMClientHost Class ActiveX function call access (browser-plugins.rules)
 * 1:1444 <-> DISABLED <-> PROTOCOL-TFTP Get (protocol-tftp.rules)
 * 1:14440 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 10 ActiveX clsid access (browser-plugins.rules)
 * 1:14442 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 11 ActiveX clsid access (browser-plugins.rules)
 * 1:14444 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 12 ActiveX clsid access (browser-plugins.rules)
 * 1:14446 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 13 ActiveX clsid access (browser-plugins.rules)
 * 1:14448 <-> DISABLED <-> BROWSER-PLUGINS reconfig.SystemReconfigur ActiveX clsid access (browser-plugins.rules)
 * 1:1445 <-> DISABLED <-> INDICATOR-COMPROMISE FTP file_id.diz access possible warez site (indicator-compromise.rules)
 * 1:14450 <-> DISABLED <-> BROWSER-PLUGINS reconfig.SystemReconfigur ActiveX function call access (browser-plugins.rules)
 * 1:14452 <-> DISABLED <-> BROWSER-PLUGINS vmhwcfg.NwzCompleted ActiveX clsid access (browser-plugins.rules)
 * 1:14454 <-> DISABLED <-> BROWSER-PLUGINS vmhwcfg.NwzCompleted ActiveX function call access (browser-plugins.rules)
 * 1:14456 <-> DISABLED <-> BROWSER-PLUGINS MksCompatCtl Class ActiveX clsid access (browser-plugins.rules)
 * 1:14458 <-> DISABLED <-> BROWSER-PLUGINS MksCompatCtl Class ActiveX function call access (browser-plugins.rules)
 * 1:1446 <-> DISABLED <-> SERVER-MAIL vrfy root (server-mail.rules)
 * 1:14460 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 14 ActiveX clsid access (browser-plugins.rules)
 * 1:14466 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 15 ActiveX clsid access (browser-plugins.rules)
 * 1:14468 <-> DISABLED <-> BROWSER-PLUGINS Elevated.HostDeviceInfos ActiveX clsid access (browser-plugins.rules)
 * 1:1447 <-> DISABLED <-> POLICY-OTHER Microsoft Windows Terminal server RDP attempt (policy-other.rules)
 * 1:14470 <-> DISABLED <-> BROWSER-PLUGINS Elevated.HostDeviceInfos ActiveX function call access (browser-plugins.rules)
 * 1:14472 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 16 ActiveX clsid access (browser-plugins.rules)
 * 1:14474 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 17 ActiveX clsid access (browser-plugins.rules)
 * 1:14476 <-> DISABLED <-> BROWSER-PLUGINS reconfig.GuestInfo ActiveX clsid access (browser-plugins.rules)
 * 1:14478 <-> DISABLED <-> BROWSER-PLUGINS reconfig.GuestInfo ActiveX function call access (browser-plugins.rules)
 * 1:1448 <-> DISABLED <-> POLICY-OTHER Microsoft Windows Terminal server request attempt (policy-other.rules)
 * 1:14480 <-> DISABLED <-> BROWSER-PLUGINS VmappPropFrame Class ActiveX clsid access (browser-plugins.rules)
 * 1:14482 <-> DISABLED <-> BROWSER-PLUGINS VmappPropFrame Class ActiveX function call access (browser-plugins.rules)
 * 1:14484 <-> DISABLED <-> BROWSER-PLUGINS VhdCvtCom.VhdConverter ActiveX clsid access (browser-plugins.rules)
 * 1:14486 <-> DISABLED <-> BROWSER-PLUGINS VhdCvtCom.VhdConverter ActiveX function call access (browser-plugins.rules)
 * 1:14488 <-> DISABLED <-> BROWSER-PLUGINS VMSwitchCtl Class ActiveX clsid access (browser-plugins.rules)
 * 1:14490 <-> DISABLED <-> BROWSER-PLUGINS VMSwitchCtl Class ActiveX function call access (browser-plugins.rules)
 * 1:14492 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 18 ActiveX clsid access (browser-plugins.rules)
 * 1:14494 <-> DISABLED <-> BROWSER-PLUGINS VmdbUtil Class ActiveX clsid access (browser-plugins.rules)
 * 1:14496 <-> DISABLED <-> BROWSER-PLUGINS VmdbUtil Class ActiveX function call access (browser-plugins.rules)
 * 1:14498 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 19 ActiveX clsid access (browser-plugins.rules)
 * 1:1450 <-> DISABLED <-> SERVER-MAIL Vintra Mailserver expn *@ (server-mail.rules)
 * 1:14500 <-> DISABLED <-> BROWSER-PLUGINS VMwareVpcCvt.VpcC ActiveX clsid access (browser-plugins.rules)
 * 1:14502 <-> DISABLED <-> BROWSER-PLUGINS VMwareVpcCvt.VpcC ActiveX function call access (browser-plugins.rules)
 * 1:14504 <-> DISABLED <-> BROWSER-PLUGINS VmdbCnxUtil Class ActiveX clsid access (browser-plugins.rules)
 * 1:14506 <-> DISABLED <-> BROWSER-PLUGINS VmdbCnxUtil Class ActiveX function call access (browser-plugins.rules)
 * 1:14508 <-> DISABLED <-> BROWSER-PLUGINS Vmc2vmx.CoVPCDrive ActiveX clsid access (browser-plugins.rules)
 * 1:1451 <-> DISABLED <-> SERVER-WEBAPP NPH-maillist access (server-webapp.rules)
 * 1:14510 <-> DISABLED <-> BROWSER-PLUGINS Vmc2vmx.CoVPCDrive ActiveX function call access (browser-plugins.rules)
 * 1:14512 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 20 ActiveX clsid access (browser-plugins.rules)
 * 1:14514 <-> DISABLED <-> BROWSER-PLUGINS VMClientVM Class ActiveX clsid access (browser-plugins.rules)
 * 1:14516 <-> DISABLED <-> BROWSER-PLUGINS VMClientVM Class ActiveX function call access (browser-plugins.rules)
 * 1:14518 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 21 ActiveX clsid access (browser-plugins.rules)
 * 1:1452 <-> DISABLED <-> SERVER-WEBAPP args.cmd access (server-webapp.rules)
 * 1:14520 <-> DISABLED <-> BROWSER-PLUGINS Elevated.VMXCreator ActiveX clsid access (browser-plugins.rules)
 * 1:14522 <-> DISABLED <-> BROWSER-PLUGINS Elevated.VMXCreator ActiveX function call access (browser-plugins.rules)
 * 1:14524 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 22 ActiveX clsid access (browser-plugins.rules)
 * 1:14526 <-> DISABLED <-> BROWSER-PLUGINS HotfixWz Class ActiveX clsid access (browser-plugins.rules)
 * 1:14528 <-> DISABLED <-> BROWSER-PLUGINS HotfixWz Class ActiveX function call access (browser-plugins.rules)
 * 1:1453 <-> DISABLED <-> SERVER-WEBAPP AT-generated.cgi access (server-webapp.rules)
 * 1:14530 <-> DISABLED <-> BROWSER-PLUGINS VmdbUpdates Class ActiveX clsid access (browser-plugins.rules)
 * 1:14532 <-> DISABLED <-> BROWSER-PLUGINS VmdbUpdates Class ActiveX function call access (browser-plugins.rules)
 * 1:14534 <-> DISABLED <-> BROWSER-PLUGINS VMListCtl Class ActiveX clsid access (browser-plugins.rules)
 * 1:14536 <-> DISABLED <-> BROWSER-PLUGINS VMListCtl Class ActiveX function call access (browser-plugins.rules)
 * 1:14538 <-> DISABLED <-> BROWSER-PLUGINS CheckedListViewWnd Class ActiveX clsid access (browser-plugins.rules)
 * 1:1454 <-> DISABLED <-> SERVER-WEBAPP wwwwais access (server-webapp.rules)
 * 1:14540 <-> DISABLED <-> BROWSER-PLUGINS CheckedListViewWnd Class ActiveX function call access (browser-plugins.rules)
 * 1:14542 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 23 ActiveX clsid access (browser-plugins.rules)
 * 1:14544 <-> DISABLED <-> BROWSER-PLUGINS VmdbTreeCtl Class ActiveX clsid access (browser-plugins.rules)
 * 1:14546 <-> DISABLED <-> BROWSER-PLUGINS VmdbTreeCtl Class ActiveX function call access (browser-plugins.rules)
 * 1:14548 <-> DISABLED <-> BROWSER-PLUGINS Nwz Class ActiveX clsid access (browser-plugins.rules)
 * 1:1455 <-> DISABLED <-> SERVER-WEBAPP calendar.pl access (server-webapp.rules)
 * 1:14550 <-> DISABLED <-> BROWSER-PLUGINS Nwz Class ActiveX function call access (browser-plugins.rules)
 * 1:14552 <-> DISABLED <-> BROWSER-PLUGINS Vmc2vmx.CoVPCDrives ActiveX clsid access (browser-plugins.rules)
 * 1:14554 <-> DISABLED <-> BROWSER-PLUGINS Vmc2vmx.CoVPCDrives ActiveX function call access (browser-plugins.rules)
 * 1:14556 <-> DISABLED <-> BROWSER-PLUGINS MksCtl Class ActiveX clsid access (browser-plugins.rules)
 * 1:14558 <-> DISABLED <-> BROWSER-PLUGINS MksCtl Class ActiveX function call access (browser-plugins.rules)
 * 1:1456 <-> DISABLED <-> SERVER-WEBAPP calender_admin.pl access (server-webapp.rules)
 * 1:14560 <-> DISABLED <-> BROWSER-PLUGINS VmappPropPath Class ActiveX clsid access (browser-plugins.rules)
 * 1:14562 <-> DISABLED <-> BROWSER-PLUGINS VmappPropPath Class ActiveX function call access (browser-plugins.rules)
 * 1:14564 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 24 ActiveX clsid access (browser-plugins.rules)
 * 1:14566 <-> DISABLED <-> BROWSER-PLUGINS PolicyCtl Class ActiveX clsid access (browser-plugins.rules)
 * 1:14568 <-> DISABLED <-> BROWSER-PLUGINS PolicyCtl Class ActiveX function call access (browser-plugins.rules)
 * 1:1457 <-> DISABLED <-> SERVER-WEBAPP user_update_admin.pl access (server-webapp.rules)
 * 1:14570 <-> DISABLED <-> BROWSER-PLUGINS VmdbParseError Class ActiveX clsid access (browser-plugins.rules)
 * 1:14572 <-> DISABLED <-> BROWSER-PLUGINS VmdbParseError Class ActiveX function call access (browser-plugins.rules)
 * 1:14574 <-> DISABLED <-> BROWSER-PLUGINS NavigationCtl Class ActiveX clsid access (browser-plugins.rules)
 * 1:14576 <-> DISABLED <-> BROWSER-PLUGINS NavigationCtl Class ActiveX function call access (browser-plugins.rules)
 * 1:14578 <-> DISABLED <-> BROWSER-PLUGINS VMList Class ActiveX clsid access (browser-plugins.rules)
 * 1:1458 <-> DISABLED <-> SERVER-WEBAPP user_update_passwd.pl access (server-webapp.rules)
 * 1:14580 <-> DISABLED <-> BROWSER-PLUGINS VMList Class ActiveX function call access (browser-plugins.rules)
 * 1:14582 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 25 ActiveX clsid access (browser-plugins.rules)
 * 1:14584 <-> DISABLED <-> BROWSER-PLUGINS VMWare unspecified 26 ActiveX clsid access (browser-plugins.rules)
 * 1:14586 <-> DISABLED <-> BROWSER-PLUGINS CurrentVMCtl Class ActiveX clsid access (browser-plugins.rules)
 * 1:14588 <-> DISABLED <-> BROWSER-PLUGINS CurrentVMCtl Class ActiveX function call access (browser-plugins.rules)
 * 1:1459 <-> DISABLED <-> SERVER-WEBAPP bb-histlog.sh access (server-webapp.rules)
 * 1:14590 <-> DISABLED <-> BROWSER-PLUGINS VhdCvtCom.DiskLibHelper ActiveX clsid access (browser-plugins.rules)
 * 1:14592 <-> DISABLED <-> BROWSER-PLUGINS VhdCvtCom.DiskLibHelper ActiveX function call access (browser-plugins.rules)
 * 1:14594 <-> DISABLED <-> BROWSER-PLUGINS Peachtree Accounting 2004 ActiveX clsid access (browser-plugins.rules)
 * 1:14596 <-> DISABLED <-> BROWSER-PLUGINS ComponentOne VSFlexGrid ActiveX clsid access (browser-plugins.rules)
 * 1:14598 <-> DISABLED <-> BROWSER-PLUGINS ComponentOne VSFlexGrid ActiveX function call access (browser-plugins.rules)
 * 1:146 <-> DISABLED <-> MALWARE-BACKDOOR NetSphere access (malware-backdoor.rules)
 * 1:1460 <-> DISABLED <-> SERVER-WEBAPP bb-histsvc.sh access (server-webapp.rules)
 * 1:14600 <-> DISABLED <-> SERVER-OTHER SAP Message Server Heap buffer overflow attempt (server-other.rules)
 * 1:14602 <-> DISABLED <-> SERVER-OTHER Borland Interbase open_marker_file overflow attempt (server-other.rules)
 * 1:14603 <-> DISABLED <-> BROWSER-PLUGINS Data Dynamics ActiveReport ARViewer2 ActiveX clsid access (browser-plugins.rules)
 * 1:14605 <-> DISABLED <-> BROWSER-PLUGINS Data Dynamics ActiveReport ARViewer2 ActiveX function call access (browser-plugins.rules)
 * 1:14607 <-> DISABLED <-> SERVER-OTHER CA Brightstor SUN RPC malformed string buffer overflow attempt (server-other.rules)
 * 1:14608 <-> DISABLED <-> PROTOCOL-VOIP T.38 fax rate management attribute buffer overflow attempt (protocol-voip.rules)
 * 1:14609 <-> DISABLED <-> PROTOCOL-VOIP T.38 fax EC attribute buffer overflow attempt (protocol-voip.rules)
 * 1:1461 <-> DISABLED <-> SERVER-WEBAPP bb-rep.sh access (server-webapp.rules)
 * 1:14610 <-> DISABLED <-> SERVER-WEBAPP Joomla invalid token administrative password reset attempt (server-webapp.rules)
 * 1:14611 <-> DISABLED <-> BROWSER-PLUGINS VMWare VMCtl Class ActiveX clsid access (browser-plugins.rules)
 * 1:14613 <-> DISABLED <-> BROWSER-PLUGINS VMWare VMCtl Class ActiveX function call access (browser-plugins.rules)
 * 1:14615 <-> DISABLED <-> SERVER-OTHER Oracle Java web console format string attempt (server-other.rules)
 * 1:1462 <-> DISABLED <-> SERVER-WEBAPP bb-replog.sh access (server-webapp.rules)
 * 1:1463 <-> DISABLED <-> POLICY-SOCIAL IRC message (policy-social.rules)
 * 1:14631 <-> DISABLED <-> BROWSER-PLUGINS Husdawg System Requirements Lab Control ActiveX clsid access (browser-plugins.rules)
 * 1:14633 <-> DISABLED <-> BROWSER-PLUGINS PhotoStockPlus ActiveX clsid access (browser-plugins.rules)
 * 1:14635 <-> DISABLED <-> BROWSER-PLUGINS Microsoft RSClientPrint ActiveX clsid access (browser-plugins.rules)
 * 1:14637 <-> DISABLED <-> BROWSER-PLUGINS Microsoft PicturePusher ActiveX clsid access (browser-plugins.rules)
 * 1:14639 <-> DISABLED <-> BROWSER-PLUGINS Microsoft PicturePusher ActiveX function call access (browser-plugins.rules)
 * 1:1464 <-> DISABLED <-> INDICATOR-COMPROMISE oracle one hour install (indicator-compromise.rules)
 * 1:14641 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid FRTWrapper record buffer overflow attempt (file-office.rules)
 * 1:14642 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel file with embedded ActiveX control (file-office.rules)
 * 1:14643 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer location and location.href cross domain security bypass vulnerability (browser-ie.rules)
 * 1:14644 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer createRange cross domain scripting (browser-ie.rules)
 * 1:14645 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer cross domain setExpression exploit attempt (browser-ie.rules)
 * 1:14647 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Search Search filename size integer underflow attempt (os-windows.rules)
 * 1:14648 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Search unicode Search filename size integer underflow attempt (os-windows.rules)
 * 1:14649 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Search Search filename size integer underflow attempt (os-windows.rules)
 * 1:1465 <-> DISABLED <-> SERVER-WEBAPP auktion.cgi access (server-webapp.rules)
 * 1:14650 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Search unicode Search filename size integer underflow attempt (os-windows.rules)
 * 1:14651 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Search andx Search filename size integer underflow attempt (os-windows.rules)
 * 1:14652 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Search unicode andx Search filename size integer underflow attempt (os-windows.rules)
 * 1:14653 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Search andx Search filename size integer underflow attempt (os-windows.rules)
 * 1:14654 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Search unicode andx Search filename size integer underflow attempt (os-windows.rules)
 * 1:14656 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer XSS mouseevent PII disclosure attempt (browser-ie.rules)
 * 1:14657 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer cross domain componentFromPoint memory corruption attempt (browser-ie.rules)
 * 1:1466 <-> DISABLED <-> SERVER-WEBAPP cgiforum.pl access (server-webapp.rules)
 * 1:1467 <-> DISABLED <-> SERVER-WEBAPP directorypro.cgi access (server-webapp.rules)
 * 1:1468 <-> DISABLED <-> SERVER-WEBAPP Web Shopper shopper.cgi attempt (server-webapp.rules)
 * 1:1469 <-> DISABLED <-> SERVER-WEBAPP Web Shopper shopper.cgi access (server-webapp.rules)
 * 1:147 <-> DISABLED <-> MALWARE-BACKDOOR GateCrasher (malware-backdoor.rules)
 * 1:1470 <-> DISABLED <-> SERVER-WEBAPP listrec.pl access (server-webapp.rules)
 * 1:1471 <-> DISABLED <-> SERVER-WEBAPP mailnews.cgi access (server-webapp.rules)
 * 1:14710 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP spoolss EnumJobs attempt (os-windows.rules)
 * 1:1472 <-> DISABLED <-> SERVER-WEBAPP book.cgi access (server-webapp.rules)
 * 1:14725 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP mqqm QMGetRemoteQueueName overflow attempt (os-windows.rules)
 * 1:14726 <-> DISABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP mqqm QMGetRemoteQueueName overflow attempt (os-windows.rules)
 * 1:1473 <-> DISABLED <-> SERVER-WEBAPP newsdesk.cgi access (server-webapp.rules)
 * 1:14737 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP host-integration bind attempt (os-windows.rules)
 * 1:1474 <-> DISABLED <-> SERVER-WEBAPP cal_make.pl access (server-webapp.rules)
 * 1:14741 <-> DISABLED <-> SERVER-OTHER Symantec Veritas Foundation Service NULL service authentication attempt (server-other.rules)
 * 1:14743 <-> DISABLED <-> PROTOCOL-FTP RNTO directory traversal attempt (protocol-ftp.rules)
 * 1:14744 <-> DISABLED <-> BROWSER-PLUGINS Hummingbird HostExplorer ActiveX clsid access (browser-plugins.rules)
 * 1:14746 <-> DISABLED <-> BROWSER-PLUGINS Autodesk DWF Viewer ActiveX clsid access (browser-plugins.rules)
 * 1:14748 <-> DISABLED <-> BROWSER-PLUGINS Autodesk LiveUpdate ActiveX clsid access (browser-plugins.rules)
 * 1:1475 <-> DISABLED <-> SERVER-WEBAPP mailit.pl access (server-webapp.rules)
 * 1:14750 <-> DISABLED <-> BROWSER-PLUGINS Autodesk LiveUpdate ActiveX function call access (browser-plugins.rules)
 * 1:14752 <-> DISABLED <-> BROWSER-PLUGINS Novell ZENworks Desktop Management ActiveX clsid access (browser-plugins.rules)
 * 1:14754 <-> DISABLED <-> BROWSER-PLUGINS Novell ZENworks Desktop Management ActiveX function call access (browser-plugins.rules)
 * 1:14756 <-> DISABLED <-> BROWSER-PLUGINS Microsoft SQL Server 2000 Client Components ActiveX clsid access (browser-plugins.rules)
 * 1:14758 <-> DISABLED <-> BROWSER-PLUGINS Microsoft SQL Server 2000 Client Components ActiveX function call access (browser-plugins.rules)
 * 1:1476 <-> DISABLED <-> SERVER-WEBAPP sdbsearch.cgi access (server-webapp.rules)
 * 1:14760 <-> DISABLED <-> BROWSER-PLUGINS iseemedia LPViewer ActiveX clsid access (browser-plugins.rules)
 * 1:14762 <-> DISABLED <-> BROWSER-PLUGINS iseemedia LPViewer ActiveX function call access (browser-plugins.rules)
 * 1:14764 <-> DISABLED <-> BROWSER-PLUGINS Macrovision InstallShield Update Service Agent ActiveX clsid access attempt (browser-plugins.rules)
 * 1:14765 <-> DISABLED <-> BROWSER-PLUGINS Macrovision InstallShield Update Service Agent ActiveX function call (browser-plugins.rules)
 * 1:14768 <-> DISABLED <-> SERVER-OTHER Symantec Veritas Storage Scheduler Service NULL Session auth bypass attempt (server-other.rules)
 * 1:14769 <-> DISABLED <-> SERVER-OTHER DATAC RealWin SCADA System buffer overflow attempt (server-other.rules)
 * 1:14770 <-> DISABLED <-> PROTOCOL-FTP Ipswitch WS_FTP client format string attempt (protocol-ftp.rules)
 * 1:14771 <-> DISABLED <-> SERVER-APACHE BEA WebLogic Apache Oracle connector Transfer-Encoding buffer overflow attempt (server-apache.rules)
 * 1:14773 <-> DISABLED <-> SERVER-OTHER CA ARCserve LGServer handshake buffer overflow attempt (server-other.rules)
 * 1:14777 <-> DISABLED <-> PROTOCOL-DNS single byte encoded name response (protocol-dns.rules)
 * 1:14778 <-> DISABLED <-> BROWSER-PLUGINS Dart Communications PowerTCP FTP ActiveX clsid access (browser-plugins.rules)
 * 1:1478 <-> DISABLED <-> SERVER-WEBAPP Simple Web Counter URI Parameter Buffer Overflow attempt (server-webapp.rules)
 * 1:14780 <-> DISABLED <-> BROWSER-PLUGINS Dart Communications PowerTCP FTP ActiveX function call access (browser-plugins.rules)
 * 1:14782 <-> ENABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP srvsvc NetrpPathCanonicalize path canonicalization stack overflow attempt (os-windows.rules)
 * 1:14783 <-> DISABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP srvsvc NetrpPathCanonicalize path canonicalization stack overflow attempt (os-windows.rules)
 * 1:1479 <-> DISABLED <-> SERVER-WEBAPP ttawebtop.cgi arbitrary file attempt (server-webapp.rules)
 * 1:1480 <-> DISABLED <-> SERVER-WEBAPP ttawebtop.cgi access (server-webapp.rules)
 * 1:1481 <-> DISABLED <-> SERVER-WEBAPP upload.cgi access (server-webapp.rules)
 * 1:1482 <-> DISABLED <-> SERVER-WEBAPP view_source access (server-webapp.rules)
 * 1:1483 <-> DISABLED <-> SERVER-WEBAPP ustorekeeper.pl access (server-webapp.rules)
 * 1:1485 <-> DISABLED <-> SERVER-IIS mkilog.exe access (server-iis.rules)
 * 1:1486 <-> DISABLED <-> SERVER-IIS ctss.idc access (server-iis.rules)
 * 1:1487 <-> DISABLED <-> SERVER-IIS /iisadmpwd/aexp2.htr access (server-iis.rules)
 * 1:1488 <-> DISABLED <-> SERVER-WEBAPP store.cgi directory traversal attempt (server-webapp.rules)
 * 1:1489 <-> DISABLED <-> SERVER-WEBAPP nobody access (server-webapp.rules)
 * 1:14896 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB v4 srvsvc NetrpPathCononicalize unicode path cononicalization stack overflow attempt (os-windows.rules)
 * 1:14897 <-> DISABLED <-> BROWSER-PLUGINS HP Software Update RulesEngine.dll ActiveX function call access (browser-plugins.rules)
 * 1:1490 <-> DISABLED <-> SERVER-WEBAPP Phorum /support/common.php attempt (server-webapp.rules)
 * 1:14900 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP netdfs NetrDfsEnum overflow attempt (netbios.rules)
 * 1:1491 <-> DISABLED <-> SERVER-WEBAPP Phorum /support/common.php access (server-webapp.rules)
 * 1:1492 <-> DISABLED <-> SERVER-WEBAPP RBS ISP /newuser  directory traversal attempt (server-webapp.rules)
 * 1:1493 <-> DISABLED <-> SERVER-WEBAPP RBS ISP /newuser access (server-webapp.rules)
 * 1:1494 <-> DISABLED <-> SERVER-WEBAPP SIX webboard generate.cgi attempt (server-webapp.rules)
 * 1:1495 <-> DISABLED <-> SERVER-WEBAPP SIX webboard generate.cgi access (server-webapp.rules)
 * 1:1496 <-> DISABLED <-> SERVER-WEBAPP spin_client.cgi access (server-webapp.rules)
 * 1:14986 <-> DISABLED <-> INDICATOR-SHELLCODE x86 fldz get eip shellcode (indicator-shellcode.rules)
 * 1:14988 <-> DISABLED <-> NETBIOS DCERPC NCADG-IP-UDP netdfs NetrDfsEnum overflow attempt (netbios.rules)
 * 1:14989 <-> DISABLED <-> SERVER-WEBAPP Novell eDirectory SOAP Accept Language header overflow attempt (server-webapp.rules)
 * 1:1499 <-> DISABLED <-> SERVER-WEBAPP SiteScope Service access (server-webapp.rules)
 * 1:14990 <-> DISABLED <-> SERVER-WEBAPP Novell eDirectory SOAP Accept Charset header overflow attempt (server-webapp.rules)
 * 1:14991 <-> ENABLED <-> SQL IBM DB2 Universal Database xmlquery buffer overflow attempt (sql.rules)
 * 1:14992 <-> DISABLED <-> SERVER-WEBAPP Openwsman HTTP basic authentication buffer overflow attempt (server-webapp.rules)
 * 1:14993 <-> DISABLED <-> BROWSER-PLUGINS Visagesoft eXPert PDF Viewer ActiveX clsid access (browser-plugins.rules)
 * 1:14995 <-> DISABLED <-> BROWSER-PLUGINS Visagesoft eXPert PDF Viewer ActiveX function call access (browser-plugins.rules)
 * 1:14997 <-> DISABLED <-> BROWSER-PLUGINS DjVu MSOffice Converter ActiveX clsid access (browser-plugins.rules)
 * 1:14999 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Debug Diagnostic Tool ActiveX clsid access (browser-plugins.rules)
 * 1:1500 <-> DISABLED <-> SERVER-WEBAPP ExAir access (server-webapp.rules)
 * 1:15001 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Debug Diagnostic Tool ActiveX function call access (browser-plugins.rules)
 * 1:15003 <-> DISABLED <-> BROWSER-PLUGINS Chilkat Crypt 2 ActiveX clsid access (browser-plugins.rules)
 * 1:15005 <-> DISABLED <-> BROWSER-PLUGINS Chilkat Crypt 2 ActiveX function call access (browser-plugins.rules)
 * 1:15007 <-> DISABLED <-> BROWSER-PLUGINS NOS Microsystems / Adobe getPlus Download Manager ActiveX clsid access (browser-plugins.rules)
 * 1:1501 <-> DISABLED <-> SERVER-WEBAPP a1stats a1disp3.cgi directory traversal attempt (server-webapp.rules)
 * 1:15012 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer MSXML DLL memory corruption attempt (browser-ie.rules)
 * 1:15013 <-> ENABLED <-> FILE-IDENTIFY PDF file download request (file-identify.rules)
 * 1:15014 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader util.printf buffer overflow attempt (file-pdf.rules)
 * 1:15015 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel overflow attempt (os-windows.rules)
 * 1:1502 <-> DISABLED <-> SERVER-WEBAPP a1stats a1disp3.cgi access (server-webapp.rules)
 * 1:1503 <-> DISABLED <-> SERVER-WEBAPP admentor admin.asp access (server-webapp.rules)
 * 1:1504 <-> DISABLED <-> POLICY-OTHER AFS access (policy-other.rules)
 * 1:1505 <-> DISABLED <-> SERVER-WEBAPP alchemy http server PRN arbitrary command execution attempt (server-webapp.rules)
 * 1:1506 <-> DISABLED <-> SERVER-WEBAPP alchemy http server NUL arbitrary command execution attempt (server-webapp.rules)
 * 1:15069 <-> DISABLED <-> BROWSER-PLUGINS SAP AG SAPgui mdrmsap ActiveX clsid access (browser-plugins.rules)
 * 1:1507 <-> DISABLED <-> SERVER-WEBAPP alibaba.pl arbitrary command execution attempt (server-webapp.rules)
 * 1:15071 <-> DISABLED <-> PROTOCOL-SCADA Modbus exception returned (protocol-scada.rules)
 * 1:15074 <-> DISABLED <-> PROTOCOL-SCADA Modbus user-defined function code - 65 to 72 (protocol-scada.rules)
 * 1:15075 <-> DISABLED <-> PROTOCOL-SCADA Modbus user-defined function code - 100 to 110 (protocol-scada.rules)
 * 1:15076 <-> DISABLED <-> PROTOCOL-SCADA Modbus write multiple coils - too many outputs (protocol-scada.rules)
 * 1:15077 <-> DISABLED <-> PROTOCOL-SCADA Modbus read multiple coils - too many inputs (protocol-scada.rules)
 * 1:15078 <-> DISABLED <-> SERVER-OTHER HP Openview Network Node Manager OValarmsrv buffer overflow attempt (server-other.rules)
 * 1:15079 <-> ENABLED <-> FILE-IDENTIFY WAV file download request (file-identify.rules)
 * 1:1508 <-> DISABLED <-> SERVER-WEBAPP alibaba.pl access (server-webapp.rules)
 * 1:15080 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player WAV processing integer overflow attempt (file-multimedia.rules)
 * 1:15081 <-> DISABLED <-> FILE-JAVA Oracle Java Web Start xml encoding buffer overflow attempt (file-java.rules)
 * 1:15082 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word rtf malformed dpcallout buffer overflow attempt (file-office.rules)
 * 1:15083 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word .rtf file double free attempt (file-office.rules)
 * 1:15084 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Common Controls Animation Object ActiveX clsid access (browser-plugins.rules)
 * 1:15086 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Common Controls Animation Object ActiveX function call access (browser-plugins.rules)
 * 1:15088 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Basic Charts ActiveX clsid access (browser-plugins.rules)
 * 1:1509 <-> DISABLED <-> SERVER-WEBAPP AltaVista Intranet Search directory traversal attempt (server-webapp.rules)
 * 1:15090 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Basic Charts ActiveX function call access (browser-plugins.rules)
 * 1:15092 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Basic DataGrid ActiveX clsid access (browser-plugins.rules)
 * 1:15094 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Basic DataGrid ActiveX function call access (browser-plugins.rules)
 * 1:15096 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Basic FlexGrid ActiveX clsid access (browser-plugins.rules)
 * 1:15098 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Basic FlexGrid ActiveX function call access (browser-plugins.rules)
 * 1:1510 <-> DISABLED <-> SERVER-WEBAPP test.bat arbitrary command execution attempt (server-webapp.rules)
 * 1:15100 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Basic Hierarchical FlexGrid ActiveX clsid access (browser-plugins.rules)
 * 1:15102 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Visual Basic Hierarchical FlexGrid ActiveX function call access (browser-plugins.rules)
 * 1:15104 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Visual Basic 6.0 malformed AVI buffer overflow attempt (file-multimedia.rules)
 * 1:15105 <-> DISABLED <-> FILE-IMAGE Microsoft GDI WMF file parsing integer overflow attempt (file-image.rules)
 * 1:15106 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word .rtf file integer overflow attempt (file-office.rules)
 * 1:15107 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word .rtf file stylesheet buffer overflow attempt (file-office.rules)
 * 1:15108 <-> DISABLED <-> SERVER-WEBAPP Microsoft Office SharePoint Server elevation of privilege exploit attempt (server-webapp.rules)
 * 1:15109 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Shell.Explorer 1 ActiveX clsid access (browser-plugins.rules)
 * 1:1511 <-> DISABLED <-> SERVER-WEBAPP test.bat access (server-webapp.rules)
 * 1:15112 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Shell.Explorer 2 ActiveX function call access (browser-plugins.rules)
 * 1:15114 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer embed src buffer overflow attempt (browser-ie.rules)
 * 1:15115 <-> DISABLED <-> OS-WINDOWS Microsoft Windows WebDAV pathname buffer overflow attempt (os-windows.rules)
 * 1:15116 <-> DISABLED <-> OS-WINDOWS Microsoft Windows search protocol remote command injection attempt (os-windows.rules)
 * 1:15118 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Basic Winsock ActiveX clsid access  (browser-plugins.rules)
 * 1:15119 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Basic Winsock ActiveX clsid unicode access  (browser-plugins.rules)
 * 1:1512 <-> DISABLED <-> SERVER-WEBAPP input.bat arbitrary command execution attempt (server-webapp.rules)
 * 1:15120 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Basic Winsock ActiveX function call access  (browser-plugins.rules)
 * 1:15121 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Visual Basic Winsock ActiveX function call unicode access  (browser-plugins.rules)
 * 1:15122 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Shell.Explorer 2 ActiveX clsid access (browser-plugins.rules)
 * 1:15126 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer nested tag memory corruption attempt (browser-ie.rules)
 * 1:15127 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB sp_replwritetovarbin vulnerable function WriteAndX andx attempt (os-windows.rules)
 * 1:15128 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB sp_replwritetovarbin vulnerable function WriteAndX attempt (os-windows.rules)
 * 1:15129 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB sp_replwritetovarbin vulnerable function WriteAndX unicode andx attempt (os-windows.rules)
 * 1:1513 <-> DISABLED <-> SERVER-WEBAPP input.bat access (server-webapp.rules)
 * 1:15130 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB sp_replwritetovarbin vulnerable function WriteAndX unicode attempt (os-windows.rules)
 * 1:15131 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB sp_replwritetovarbin vulnerable function andx attempt (os-windows.rules)
 * 1:15132 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB sp_replwritetovarbin vulnerable function attempt (os-windows.rules)
 * 1:15133 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB sp_replwritetovarbin vulnerable function unicode andx attempt (os-windows.rules)
 * 1:15134 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB sp_replwritetovarbin vulnerable function unicode attempt (os-windows.rules)
 * 1:15135 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB sp_replwritetovarbin vulnerable function WriteAndX andx attempt (os-windows.rules)
 * 1:15136 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB sp_replwritetovarbin vulnerable function WriteAndX attempt (os-windows.rules)
 * 1:15137 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB sp_replwritetovarbin vulnerable function WriteAndX unicode andx attempt (os-windows.rules)
 * 1:15138 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB sp_replwritetovarbin vulnerable function WriteAndX unicode attempt (os-windows.rules)
 * 1:15139 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB sp_replwritetovarbin vulnerable function andx attempt (os-windows.rules)
 * 1:1514 <-> DISABLED <-> SERVER-WEBAPP input2.bat arbitrary command execution attempt (server-webapp.rules)
 * 1:15140 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB sp_replwritetovarbin vulnerable function attempt (os-windows.rules)
 * 1:15141 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB sp_replwritetovarbin vulnerable function unicode andx attempt (os-windows.rules)
 * 1:15142 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB sp_replwritetovarbin vulnerable function unicode attempt (os-windows.rules)
 * 1:15143 <-> DISABLED <-> SERVER-MSSQL sp_replwritetovarbin unicode vulnerable function attempt (server-mssql.rules)
 * 1:15144 <-> DISABLED <-> SERVER-MSSQL sp_replwritetovarbin vulnerable function attempt (server-mssql.rules)
 * 1:15145 <-> DISABLED <-> SERVER-OTHER Apple CUPS TrueColor PNG filter overly large image height integer overflow attempt (server-other.rules)
 * 1:15146 <-> DISABLED <-> SERVER-OTHER Apple CUPS RGB+Alpha PNG filter overly large image height integer overflow attempt (server-other.rules)
 * 1:15147 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer malformed iframe buffer overflow attempt (browser-ie.rules)
 * 1:1515 <-> DISABLED <-> SERVER-WEBAPP input2.bat access (server-webapp.rules)
 * 1:15150 <-> DISABLED <-> PUA-OTHER Jive Software Openfire Jabber Server login Authentication bypass attempt (pua-other.rules)
 * 1:15151 <-> DISABLED <-> PUA-OTHER Jive Software Openfire Jabber Server logout Authentication bypass attempt (pua-other.rules)
 * 1:15152 <-> DISABLED <-> PUA-OTHER Jive Software Openfire Jabber Server setup-index Authentication bypass attempt (pua-other.rules)
 * 1:15153 <-> DISABLED <-> PUA-OTHER Jive Software Openfire Jabber Server setup Authentication bypass attempt (pua-other.rules)
 * 1:15154 <-> DISABLED <-> PUA-OTHER Jive Software Openfire Jabber Server gif Authentication bypass attempt (pua-other.rules)
 * 1:15155 <-> DISABLED <-> PUA-OTHER Jive Software Openfire Jabber Server png Authentication bypass attempt (pua-other.rules)
 * 1:15156 <-> DISABLED <-> PUA-OTHER Jive Software Openfire Jabber Server serverdown Authentication bypass attempt (pua-other.rules)
 * 1:15157 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player XSPF memory corruption attempt (file-multimedia.rules)
 * 1:15158 <-> ENABLED <-> FILE-IDENTIFY XML Shareable Playlist Format file download request (file-identify.rules)
 * 1:15159 <-> DISABLED <-> BROWSER-PLUGINS Evans FTP ActiveX clsid access (browser-plugins.rules)
 * 1:1516 <-> DISABLED <-> SERVER-WEBAPP envout.bat arbitrary command execution attempt (server-webapp.rules)
 * 1:15161 <-> DISABLED <-> BROWSER-PLUGINS Evans FTP ActiveX function call access (browser-plugins.rules)
 * 1:15163 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio Object Header Buffer Overflow attempt (file-office.rules)
 * 1:15164 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox SVG pathSegList memory corruption attempt (browser-firefox.rules)
 * 1:15165 <-> DISABLED <-> MALWARE-CNC Pushdo client communication (malware-cnc.rules)
 * 1:15166 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player RealText buffer overflow attempt (file-multimedia.rules)
 * 1:15167 <-> DISABLED <-> INDICATOR-COMPROMISE Suspicious .cn dns query (indicator-compromise.rules)
 * 1:15168 <-> DISABLED <-> INDICATOR-COMPROMISE Suspicious .ru dns query (indicator-compromise.rules)
 * 1:15169 <-> DISABLED <-> POLICY-SOCIAL XBOX Live Kerberos authentication request (policy-social.rules)
 * 1:1517 <-> DISABLED <-> SERVER-WEBAPP envout.bat access (server-webapp.rules)
 * 1:15170 <-> DISABLED <-> POLICY-SOCIAL XBOX Netflix client activity (policy-social.rules)
 * 1:15171 <-> DISABLED <-> POLICY-SOCIAL XBOX Marketplace http request (policy-social.rules)
 * 1:15172 <-> DISABLED <-> POLICY-SOCIAL XBOX avatar retrieval request (policy-social.rules)
 * 1:15173 <-> DISABLED <-> BROWSER-PLUGINS Phoenician Casino ActiveX clsid access (browser-plugins.rules)
 * 1:15175 <-> DISABLED <-> BROWSER-PLUGINS Phoenician Casino ActiveX function call access (browser-plugins.rules)
 * 1:15177 <-> DISABLED <-> BROWSER-PLUGINS Trend Micro HouseCall ActiveX clsid access (browser-plugins.rules)
 * 1:15179 <-> DISABLED <-> BROWSER-PLUGINS Trend Micro HouseCall ActiveX function call access (browser-plugins.rules)
 * 1:1518 <-> DISABLED <-> SERVER-WEBAPP nstelemetry.adp access (server-webapp.rules)
 * 1:15181 <-> DISABLED <-> BROWSER-PLUGINS SaschArt SasCam Webcam Server ActiveX clsid access (browser-plugins.rules)
 * 1:15183 <-> DISABLED <-> POLICY-SOCIAL Yahoo messenger http link transmission attempt (policy-social.rules)
 * 1:15184 <-> DISABLED <-> POLICY-SOCIAL Microsoft MSN messenger http link transmission attempt (policy-social.rules)
 * 1:15185 <-> DISABLED <-> APP-DETECT Nintendo Wii SSL Server Hello (app-detect.rules)
 * 1:15186 <-> DISABLED <-> SERVER-OTHER Multiple vendors CUPS HPGL filter remote code execution attempt (server-other.rules)
 * 1:15188 <-> DISABLED <-> SERVER-OTHER Multiple vendors CUPS HPGL filter remote code execution attempt (server-other.rules)
 * 1:1519 <-> DISABLED <-> SERVER-WEBAPP apache ?M=D directory list attempt (server-webapp.rules)
 * 1:15190 <-> DISABLED <-> SERVER-WEBAPP Youngzsoft CCProxy CONNECT Request buffer overflow attempt (server-webapp.rules)
 * 1:15191 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox animated PNG processing integer overflow (browser-firefox.rules)
 * 1:15192 <-> DISABLED <-> BROWSER-PLUGINS SizerOne ActiveX clsid access attempt (browser-plugins.rules)
 * 1:15194 <-> DISABLED <-> BROWSER-PLUGINS SizerOne ActiveX function call access (browser-plugins.rules)
 * 1:15196 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE unicode param_count underflow attempt (os-windows.rules)
 * 1:15197 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE param_count underflow attempt (os-windows.rules)
 * 1:15198 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE unicode param_count underflow attempt (os-windows.rules)
 * 1:15199 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE param_count underflow attempt (os-windows.rules)
 * 1:33171 <-> DISABLED <-> BROWSER-PLUGINS Attachmate Reflection FTP Client Memory Corruption ActiveX clsid access attempt (browser-plugins.rules)
 * 1:33172 <-> DISABLED <-> BROWSER-PLUGINS Attachmate Reflection FTP Client Memory Corruption ActiveX function call access attempt (browser-plugins.rules)
 * 1:33173 <-> DISABLED <-> BROWSER-PLUGINS Attachmate Reflection FTP Client Memory Corruption ActiveX clsid access attempt (browser-plugins.rules)
 * 1:33174 <-> DISABLED <-> BROWSER-PLUGINS Attachmate Reflection FTP Client Memory Corruption ActiveX function call access attempt (browser-plugins.rules)
 * 1:33175 <-> DISABLED <-> BROWSER-PLUGINS Attachmate Reflection FTP Client Memory Corruption ActiveX function call access attempt (browser-plugins.rules)
 * 1:33176 <-> DISABLED <-> FILE-FLASH Adobe Flash AWM2 out of bounds corruption attempt (file-flash.rules)
 * 1:33177 <-> DISABLED <-> FILE-FLASH Adobe Flash AWM2 out of bounds corruption attempt (file-flash.rules)
 * 1:33178 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript out-of-bounds read attempt (file-flash.rules)
 * 1:33179 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript out-of-bounds read attempt (file-flash.rules)
 * 1:33180 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript out-of-bounds read attempt (file-flash.rules)
 * 1:33181 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript out-of-bounds read attempt (file-flash.rules)
 * 1:33182 <-> ENABLED <-> EXPLOIT-KIT Angler exploit kit outbound Adobe Flash request (exploit-kit.rules)
 * 1:33183 <-> ENABLED <-> EXPLOIT-KIT Angler exploit kit landing page detected (exploit-kit.rules)
 * 1:33184 <-> ENABLED <-> EXPLOIT-KIT Angler exploit kit Adobe Flash download (exploit-kit.rules)
 * 1:33185 <-> ENABLED <-> EXPLOIT-KIT Angler exploit kit encrypted binary download (exploit-kit.rules)
 * 1:33186 <-> ENABLED <-> EXPLOIT-KIT Angler exploit kit Adobe Flash SWF exploit download (exploit-kit.rules)
 * 1:33187 <-> ENABLED <-> EXPLOIT-KIT Angler exploit kit Adobe Flash SWF exploit download (exploit-kit.rules)
 * 1:33189 <-> DISABLED <-> SERVER-WEBAPP Samsung AllShare Cast command injection attempt (server-webapp.rules)
 * 1:33190 <-> DISABLED <-> SERVER-WEBAPP Samsung AllShare Cast command injection attempt (server-webapp.rules)
 * 1:33191 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CQuotes use-after-free attempt (browser-ie.rules)
 * 1:33192 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CQuotes use-after-free attempt (browser-ie.rules)
 * 1:33193 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CQuotes use-after-free attempt (browser-ie.rules)
 * 1:33194 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CQuotes use-after-free attempt (browser-ie.rules)
 * 1:33195 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CQuotes use-after-free attempt (browser-ie.rules)
 * 1:33196 <-> ENABLED <-> BROWSER-IE Microsoft Internet Explorer CQuotes use-after-free attempt (browser-ie.rules)
 * 1:33197 <-> DISABLED <-> SERVER-OTHER BMC Track-It FileStorageService directory traversal attempt (server-other.rules)
 * 1:33198 <-> DISABLED <-> OS-WINDOWS Outlook Express WAB file parsing buffer overflow attempt (os-windows.rules)
 * 1:33199 <-> DISABLED <-> MALWARE-CNC Win.Trojan.MSIL.Sabeba outbound connection (malware-cnc.rules)
 * 1:332 <-> DISABLED <-> PROTOCOL-FINGER 0 query (protocol-finger.rules)
 * 1:33200 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Pisces variant outbound connection (malware-cnc.rules)
 * 1:33201 <-> DISABLED <-> FILE-FLASH Adobe Flash Player class confusion memory corruption compressed file attempt (file-flash.rules)
 * 1:33202 <-> ENABLED <-> FILE-FLASH Adobe Flash Player class confusion memory corruption compressed file attempt (file-flash.rules)
 * 1:33203 <-> ENABLED <-> FILE-FLASH Adobe Flash Player class confusion memory corruption compressed file attempt (file-flash.rules)
 * 1:33204 <-> ENABLED <-> FILE-FLASH Adobe Flash Player class confusion memory corruption compressed file attempt (file-flash.rules)
 * 1:33205 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC 2.1.5 Media Player libavcodex memory corruption attempt (file-multimedia.rules)
 * 1:33206 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC 2.1.5 Media Player libavcodex memory corruption attempt (file-multimedia.rules)
 * 1:33207 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string - Mazilla/5.0 - Win.Backdoor.Upatre (malware-cnc.rules)
 * 1:33208 <-> ENABLED <-> MALWARE-OTHER Win.Trojan.Bladbindi obfuscated with Yano Obfuscator download attempt (malware-other.rules)
 * 1:33211 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Upatre variant outbound connection (malware-cnc.rules)
 * 1:33212 <-> ENABLED <-> PUA-ADWARE SoftPulse variant HTTP response attempt (pua-adware.rules)
 * 1:33213 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader newfunction memory corruption attempt (file-pdf.rules)
 * 1:33214 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader newfunction memory corruption attempt (file-pdf.rules)
 * 1:33215 <-> DISABLED <-> INDICATOR-COMPROMISE DNS request for known malware domain icanhazip.com (indicator-compromise.rules)
 * 1:15678 <-> DISABLED <-> BROWSER-PLUGINS Microsoft DirectShow ActiveX exploit via JavaScript (browser-plugins.rules)
 * 1:15679 <-> DISABLED <-> BROWSER-PLUGINS Microsoft DirectShow ActiveX exploit via JavaScript - unicode encoding (browser-plugins.rules)
 * 1:1568 <-> DISABLED <-> SERVER-IIS /exchange/root.asp access (server-iis.rules)
 * 1:15680 <-> DISABLED <-> OS-WINDOWS Microsoft DirectShow QuickTime file atom size parsing heap corruption attempt (os-windows.rules)
 * 1:15681 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher 2007 file format arbitrary code execution attempt (file-office.rules)
 * 1:15682 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectShow QuickTime file stsc atom parsing heap corruption attempt (file-multimedia.rules)
 * 1:15683 <-> DISABLED <-> SERVER-OTHER ISA Server OTP-based Forms-authorization fallback policy bypass attempt  (server-other.rules)
 * 1:15684 <-> DISABLED <-> OS-WINDOWS Multiple product snews uri handling code execution attempt (os-windows.rules)
 * 1:15685 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Web Components 10 Spreadsheet ActiveX clsid access (browser-plugins.rules)
 * 1:15687 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Web Components 10 Spreadsheet ActiveX function call access (browser-plugins.rules)
 * 1:15689 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Web Components 11 Spreadsheet ActiveX clsid access (browser-plugins.rules)
 * 1:1569 <-> DISABLED <-> SERVER-WEBAPP loadpage.cgi directory traversal attempt (server-webapp.rules)
 * 1:15691 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Web Components 11 Spreadsheet ActiveX function call access (browser-plugins.rules)
 * 1:15693 <-> DISABLED <-> FILE-OTHER Microsoft Windows Embedded Open Type Font malformed name table overflow attempt (file-other.rules)
 * 1:15694 <-> DISABLED <-> FILE-OTHER Microsoft Windows Embedded Open Type Font malformed name table integer overflow attempt (file-other.rules)
 * 1:15695 <-> DISABLED <-> FILE-OTHER Microsoft Windows Embedded Open Type Font malformed name table platform type 3 integer overflow attempt (file-other.rules)
 * 1:15697 <-> DISABLED <-> INDICATOR-OBFUSCATION rename of javascript unescape function detected (indicator-obfuscation.rules)
 * 1:15698 <-> DISABLED <-> INDICATOR-SHELLCODE Possible generic javascript heap spray attempt (indicator-shellcode.rules)
 * 1:15699 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox 3.5 unicode stack overflow attempt (browser-firefox.rules)
 * 1:157 <-> DISABLED <-> MALWARE-BACKDOOR BackConstruction 2.1 Client FTP Open Request (malware-backdoor.rules)
 * 1:1570 <-> DISABLED <-> SERVER-WEBAPP loadpage.cgi access (server-webapp.rules)
 * 1:15701 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 2000 domain authentication bypass attempt (os-windows.rules)
 * 1:15702 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP brightstor opcode 0x13 overflow attempt (netbios.rules)
 * 1:15703 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes ITMS protocol handler stack buffer overflow attempt (file-multimedia.rules)
 * 1:15704 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes ITMSS protocol handler stack buffer overflow attempt (file-multimedia.rules)
 * 1:15705 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes PCAST protocol handler stack buffer overflow attempt (file-multimedia.rules)
 * 1:15706 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes DAAP protocol handler stack buffer overflow attempt (file-multimedia.rules)
 * 1:15707 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes ITPC protocol handler stack buffer overflow attempt (file-multimedia.rules)
 * 1:15708 <-> DISABLED <-> SERVER-OTHER Unisys Business Information Server stack buffer overflow attempt (server-other.rules)
 * 1:15709 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader FlateDecode integer overflow attempt (file-pdf.rules)
 * 1:1571 <-> DISABLED <-> SERVER-WEBAPP dcforum.cgi directory traversal attempt (server-webapp.rules)
 * 1:15710 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP brightstor opcode 0x3B null strings attempt (netbios.rules)
 * 1:15711 <-> DISABLED <-> PUA-OTHER mIRC PRIVMSG message processing overflow attempt (pua-other.rules)
 * 1:15713 <-> DISABLED <-> PROTOCOL-SCADA DNP3 device trouble (protocol-scada.rules)
 * 1:15714 <-> DISABLED <-> PROTOCOL-SCADA DNP3 corrupt configuration (protocol-scada.rules)
 * 1:15715 <-> DISABLED <-> PROTOCOL-SCADA DNP3 event buffer overflow error (protocol-scada.rules)
 * 1:15716 <-> DISABLED <-> PROTOCOL-SCADA DNP3 parameter error (protocol-scada.rules)
 * 1:15717 <-> DISABLED <-> PROTOCOL-SCADA DNP3 unknown object error (protocol-scada.rules)
 * 1:15718 <-> DISABLED <-> PROTOCOL-SCADA DNP3 unsupported function code error (protocol-scada.rules)
 * 1:15719 <-> DISABLED <-> PROTOCOL-SCADA DNP3 link service not supported (protocol-scada.rules)
 * 1:1572 <-> DISABLED <-> SERVER-WEBAPP commerce.cgi arbitrary file access attempt (server-webapp.rules)
 * 1:15722 <-> DISABLED <-> SERVER-ORACLE Oracle database server Workspace Manager multiple SQL injection attempt (server-oracle.rules)
 * 1:15723 <-> DISABLED <-> SERVER-ORACLE Oracle database server CompressWorkspaceTree SQL injection attempt (server-oracle.rules)
 * 1:15724 <-> DISABLED <-> SERVER-ORACLE Oracle database server MergeWorkspace SQL injection attempt (server-oracle.rules)
 * 1:15725 <-> DISABLED <-> SERVER-ORACLE Oracle database server RemoveWorkspace SQL injection attempt (server-oracle.rules)
 * 1:15726 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager URI rping stack buffer overflow attempt (server-webapp.rules)
 * 1:15727 <-> DISABLED <-> FILE-PDF attempted download of a PDF with embedded Flash (file-pdf.rules)
 * 1:15728 <-> DISABLED <-> FILE-PDF Possible Adobe Acrobat Reader ActionScript byte_array heap spray attempt (file-pdf.rules)
 * 1:15729 <-> DISABLED <-> FILE-FLASH Possible Adobe Flash Player ActionScript byte_array heap spray attempt (file-flash.rules)
 * 1:1573 <-> DISABLED <-> SERVER-WEBAPP cgiforum.pl attempt (server-webapp.rules)
 * 1:15730 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Delf variant outbound connection (malware-cnc.rules)
 * 1:15731 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer javascript deleted reference arbitrary code execution attempt (browser-ie.rules)
 * 1:15732 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS handling memory corruption attempt (browser-ie.rules)
 * 1:15733 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer empty table tag memory corruption attempt (browser-ie.rules)
 * 1:1574 <-> DISABLED <-> SERVER-WEBAPP directorypro.cgi attempt (server-webapp.rules)
 * 1:1575 <-> DISABLED <-> SERVER-WEBAPP Domino mab.nsf access (server-webapp.rules)
 * 1:1576 <-> DISABLED <-> SERVER-WEBAPP Domino cersvr.nsf access (server-webapp.rules)
 * 1:1577 <-> DISABLED <-> SERVER-WEBAPP Domino setup.nsf access (server-webapp.rules)
 * 1:1578 <-> DISABLED <-> SERVER-WEBAPP Domino statrep.nsf access (server-webapp.rules)
 * 1:1579 <-> DISABLED <-> SERVER-WEBAPP Domino webadmin.nsf access (server-webapp.rules)
 * 1:158 <-> DISABLED <-> MALWARE-BACKDOOR BackConstruction 2.1 Server FTP Open Reply (malware-backdoor.rules)
 * 1:1580 <-> DISABLED <-> SERVER-WEBAPP Domino events4.nsf access (server-webapp.rules)
 * 1:1581 <-> DISABLED <-> SERVER-WEBAPP Domino ntsync4.nsf access (server-webapp.rules)
 * 1:1582 <-> DISABLED <-> SERVER-WEBAPP Domino collect4.nsf access (server-webapp.rules)
 * 1:1583 <-> DISABLED <-> SERVER-WEBAPP Domino mailw46.nsf access (server-webapp.rules)
 * 1:1584 <-> DISABLED <-> SERVER-WEBAPP Domino bookmark.nsf access (server-webapp.rules)
 * 1:15849 <-> DISABLED <-> OS-WINDOWS Microsoft Windows WINS replication inform2 request memory corruption attempt (os-windows.rules)
 * 1:1585 <-> DISABLED <-> SERVER-WEBAPP Domino agentrunner.nsf access (server-webapp.rules)
 * 1:15850 <-> DISABLED <-> OS-WINDOWS Remote Desktop orderType remote code execution attempt (os-windows.rules)
 * 1:15851 <-> DISABLED <-> SERVER-IIS Microsoft ASP.NET bad request denial of service attempt  (server-iis.rules)
 * 1:15852 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Web Components Datasource ActiveX clsid access (browser-plugins.rules)
 * 1:15854 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows AVIFile media file processing memory corruption attempt (file-multimedia.rules)
 * 1:15855 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Spreadsheet 10.0 ActiveX function call access (browser-plugins.rules)
 * 1:15858 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Web Components Spreadsheet ActiveX clsid access (browser-plugins.rules)
 * 1:1586 <-> DISABLED <-> SERVER-WEBAPP Domino mail.box access (server-webapp.rules)
 * 1:15860 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP wkssvc NetrGetJoinInformation attempt (os-windows.rules)
 * 1:15861 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Remote Desktop Client ActiveX clsid access (browser-plugins.rules)
 * 1:15863 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Remote Desktop Client ActiveX function call access (browser-plugins.rules)
 * 1:15865 <-> ENABLED <-> FILE-IDENTIFY MP4 file download request (file-identify.rules)
 * 1:15866 <-> DISABLED <-> FILE-OTHER libxml2 file processing long entity overflow attempt (file-other.rules)
 * 1:15867 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader PDF font processing memory corruption attempt (file-pdf.rules)
 * 1:15868 <-> DISABLED <-> SQL Borland InterBase username buffer overflow (sql.rules)
 * 1:15869 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative command execution attempt (file-flash.rules)
 * 1:1587 <-> DISABLED <-> SERVER-WEBAPP cgitest.exe access (server-webapp.rules)
 * 1:15870 <-> ENABLED <-> FILE-IDENTIFY 4XM file download request (file-identify.rules)
 * 1:15871 <-> DISABLED <-> FILE-MULTIMEDIA FFmpeg 4xm processing memory corruption attempt (file-multimedia.rules)
 * 1:15872 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox defineSetter function pointer memory corruption attempt (browser-firefox.rules)
 * 1:15873 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox location spoofing attempt via invalid window.open characters (browser-firefox.rules)
 * 1:15874 <-> DISABLED <-> SQL union select - possible sql injection attempt - POST parameter (sql.rules)
 * 1:15875 <-> DISABLED <-> SQL generic sql insert injection attempt - POST parameter (sql.rules)
 * 1:15876 <-> DISABLED <-> SQL generic sql update injection attempt - POST parameter (sql.rules)
 * 1:15877 <-> DISABLED <-> SQL generic sql exec injection attempt - POST parameter (sql.rules)
 * 1:15878 <-> DISABLED <-> BROWSER-PLUGINS AcerCtrls.APlunch ActiveX clsid access (browser-plugins.rules)
 * 1:1588 <-> DISABLED <-> SERVER-WEBAPP SalesLogix Eviewer access (server-webapp.rules)
 * 1:15880 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer popup window object tag code execution attempt (browser-ie.rules)
 * 1:15881 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP spoolss EnumPrinters Name Field attempt (netbios.rules)
 * 1:15882 <-> DISABLED <-> SERVER-OTHER McAfee E-Business Server remote preauth code execution attempt (server-other.rules)
 * 1:15883 <-> DISABLED <-> SERVER-OTHER SAPLPD 0x01 command buffer overflow attempt (server-other.rules)
 * 1:15884 <-> DISABLED <-> SERVER-OTHER Multiple Products LPD 0x02 command buffer overflow attempt (server-other.rules)
 * 1:15885 <-> DISABLED <-> SERVER-OTHER SAPLPD 0x03 command buffer overflow attempt (server-other.rules)
 * 1:15886 <-> DISABLED <-> SERVER-OTHER SAPLPD 0x04 command buffer overflow attempt (server-other.rules)
 * 1:15887 <-> DISABLED <-> SERVER-OTHER SAPLPD 0x05 command buffer overflow attempt (server-other.rules)
 * 1:15888 <-> DISABLED <-> SERVER-OTHER SAPLPD 0x31 command buffer overflow attempt (server-other.rules)
 * 1:15889 <-> DISABLED <-> SERVER-OTHER SAPLPD 0x32 command buffer overflow attempt (server-other.rules)
 * 1:1589 <-> DISABLED <-> SERVER-WEBAPP musicat empower attempt (server-webapp.rules)
 * 1:15890 <-> DISABLED <-> SERVER-OTHER SAPLPD 0x33 command buffer overflow attempt (server-other.rules)
 * 1:15891 <-> DISABLED <-> SERVER-OTHER SAPLPD 0x34 command buffer overflow attempt (server-other.rules)
 * 1:15892 <-> DISABLED <-> SERVER-OTHER SAPLPD 0x53 command denial of service attempt (server-other.rules)
 * 1:15893 <-> DISABLED <-> FILE-OTHER fCreateShellLink function use - potential attack (file-other.rules)
 * 1:15894 <-> DISABLED <-> OS-WINDOWS Microsoft Color Management Module remote code execution attempt (os-windows.rules)
 * 1:15896 <-> DISABLED <-> SERVER-OTHER Firebird SQL op_connect_request denial of service attempt (server-other.rules)
 * 1:1590 <-> DISABLED <-> SERVER-WEBAPP faqmanager.cgi arbitrary file access attempt (server-webapp.rules)
 * 1:15900 <-> ENABLED <-> FILE-IDENTIFY Audio Interchange file download request (file-identify.rules)
 * 1:15901 <-> DISABLED <-> FILE-MULTIMEDIA Nullsoft Winamp AIFF parsing heap buffer overflow attempt (file-multimedia.rules)
 * 1:15902 <-> DISABLED <-> INDICATOR-SHELLCODE x86 win2k-2k3 decoder base shellcode (indicator-shellcode.rules)
 * 1:15903 <-> DISABLED <-> INDICATOR-SHELLCODE x86 PoC CVE-2003-0605 (indicator-shellcode.rules)
 * 1:15906 <-> DISABLED <-> OS-LINUX Linux Kernel DCCP Protocol Handler dccp_setsockopt_change integer overflow attempt (os-linux.rules)
 * 1:15907 <-> DISABLED <-> OS-LINUX Linux Kernel DCCP Protocol Handler dccp_setsockopt_change integer overflow attempt (os-linux.rules)
 * 1:15908 <-> DISABLED <-> SERVER-WEBAPP Trend Micro OfficeScan multiple CGI modules HTTP form processing buffer overflow attempt (server-webapp.rules)
 * 1:15909 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime VR Track Header Atom heap corruption attempt (file-multimedia.rules)
 * 1:1591 <-> DISABLED <-> SERVER-WEBAPP faqmanager.cgi access (server-webapp.rules)
 * 1:15910 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer getElementById object corruption attempt (browser-ie.rules)
 * 1:15911 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP spoolss RouteRefreshPrinterChangeNotification attempt (netbios.rules)
 * 1:15913 <-> DISABLED <-> OS-WINDOWS Microsoft Windows javascript arguments keyword override rce attempt (os-windows.rules)
 * 1:1592 <-> DISABLED <-> SERVER-WEBAPP /fcgi-bin/echo.exe access (server-webapp.rules)
 * 1:15921 <-> ENABLED <-> FILE-IDENTIFY Microsoft multimedia format file download request (file-identify.rules)
 * 1:15922 <-> ENABLED <-> FILE-IDENTIFY MP3 file download request (file-identify.rules)
 * 1:15924 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer DHTML Editing ActiveX clsid access (browser-plugins.rules)
 * 1:15926 <-> DISABLED <-> BROWSER-PLUGINS PPStream PPSMediaList ActiveX clsid access (browser-plugins.rules)
 * 1:15928 <-> DISABLED <-> BROWSER-PLUGINS PPStream PPSMediaList ActiveX function call access (browser-plugins.rules)
 * 1:1593 <-> DISABLED <-> SERVER-WEBAPP FormHandler.cgi external site redirection attempt (server-webapp.rules)
 * 1:15930 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB malformed process ID high field remote code execution attempt (os-windows.rules)
 * 1:15932 <-> DISABLED <-> PROTOCOL-FTP LIST globbing denial of service attack (protocol-ftp.rules)
 * 1:15933 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer URL canonicalization address bar spoofing attempt (browser-ie.rules)
 * 1:15934 <-> DISABLED <-> PROTOCOL-DNS dns response for rfc1918 172.16/12 address detected (protocol-dns.rules)
 * 1:15935 <-> DISABLED <-> PROTOCOL-DNS dns response for rfc1918 192.168/16 address detected (protocol-dns.rules)
 * 1:15936 <-> DISABLED <-> SERVER-MAIL Sendmail identd command parsing vulnerability (server-mail.rules)
 * 1:15937 <-> DISABLED <-> SERVER-OTHER protos h323 buffer overflow (server-other.rules)
 * 1:15938 <-> DISABLED <-> MALWARE-CNC SubSeven client connection to server (malware-cnc.rules)
 * 1:15939 <-> DISABLED <-> SERVER-OTHER MSN Messenger IRC bot calling home attempt (server-other.rules)
 * 1:1594 <-> DISABLED <-> SERVER-WEBAPP FormHandler.cgi access (server-webapp.rules)
 * 1:15940 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer Multiple Products RA file processing overflow attempt (file-multimedia.rules)
 * 1:15941 <-> DISABLED <-> SERVER-OTHER Squid Proxy TRACE request remote DoS attempt (server-other.rules)
 * 1:15942 <-> DISABLED <-> SERVER-OTHER CA Multiple Products Console Server login credentials handling overflow attempt (server-other.rules)
 * 1:15943 <-> DISABLED <-> SERVER-OTHER CA Multiple Products Console Server login credentials handling overflow attempt (server-other.rules)
 * 1:15944 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Active Directory crafted LDAP request denial of service attempt (os-windows.rules)
 * 1:15945 <-> ENABLED <-> FILE-IDENTIFY RSS file download request (file-identify.rules)
 * 1:15946 <-> DISABLED <-> FILE-OTHER Microsoft Windows Vista Feed Headlines Gagdet code execution attempt (file-other.rules)
 * 1:15947 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook Web Access Cross-Site Scripting attempt (file-office.rules)
 * 1:15948 <-> DISABLED <-> SERVER-OTHER CA License Software invalid command overflow attempt (server-other.rules)
 * 1:15949 <-> DISABLED <-> FILE-OTHER McAfee LHA file handling overflow attempt (file-other.rules)
 * 1:1595 <-> DISABLED <-> SERVER-IIS htimage.exe access (server-iis.rules)
 * 1:15950 <-> DISABLED <-> SERVER-OTHER McAfee LHA Type-2 file handling overflow attempt (server-other.rules)
 * 1:15951 <-> DISABLED <-> SERVER-MYSQL MaxDB Webtool GET command overflow attempt (server-mysql.rules)
 * 1:15952 <-> DISABLED <-> SERVER-MYSQL create function libc arbitrary code execution attempt (server-mysql.rules)
 * 1:15953 <-> DISABLED <-> SERVER-WEBAPP Ipswitch IMail Calendaring arbitrary file read attempt (server-webapp.rules)
 * 1:15954 <-> DISABLED <-> SERVER-MAIL SpamAssassin malformed email header DoS attempt (server-mail.rules)
 * 1:15955 <-> DISABLED <-> SERVER-ORACLE Application Server 9i Webcache file corruption attempt (server-oracle.rules)
 * 1:15956 <-> DISABLED <-> SERVER-ORACLE http Server mod_access restriction bypass attempt (server-oracle.rules)
 * 1:15957 <-> DISABLED <-> FILE-OTHER Sophos Anti-Virus zip file handling DoS attempt (file-other.rules)
 * 1:15958 <-> DISABLED <-> SERVER-OTHER Novell ZENworks Remote Management overflow attempt (server-other.rules)
 * 1:15960 <-> DISABLED <-> SERVER-OTHER Novell eDirectory MS-DOS device name DoS attempt (server-other.rules)
 * 1:15961 <-> DISABLED <-> SERVER-OTHER 3Com Network Supervisor directory traversal attempt (server-other.rules)
 * 1:15962 <-> DISABLED <-> SERVER-WEBAPP Sybase EAServer WebConsole overflow attempt (server-webapp.rules)
 * 1:15963 <-> DISABLED <-> OS-LINUX Red Hat Enterprise Linux DNS resolver buffer overflow attempt (os-linux.rules)
 * 1:15964 <-> DISABLED <-> SERVER-MAIL Microsoft Windows Exchange OWA XSS and spoofing attempt (server-mail.rules)
 * 1:15965 <-> DISABLED <-> OS-WINDOWS Microsoft Explorer long share name buffer overflow attempt (os-windows.rules)
 * 1:15966 <-> DISABLED <-> FILE-OTHER F-Secure Anti-Virus LHA processing buffer overflow attempt (file-other.rules)
 * 1:15967 <-> DISABLED <-> SERVER-OTHER ICQ SRV_MULTI/SRV_META_USER overflow attempt (server-other.rules)
 * 1:15969 <-> DISABLED <-> SERVER-OTHER Symantec Multiple Products ISAKMPd denial of service attempt (server-other.rules)
 * 1:1597 <-> DISABLED <-> SERVER-WEBAPP guestbook.cgi access (server-webapp.rules)
 * 1:15970 <-> DISABLED <-> SERVER-OTHER Subversion svn pProtocol string parsing heap overflow attempt (server-other.rules)
 * 1:15971 <-> DISABLED <-> SERVER-OTHER CVS Argumentx command double free attempt (server-other.rules)
 * 1:15972 <-> DISABLED <-> SERVER-OTHER single byte encoded name response (server-other.rules)
 * 1:15974 <-> DISABLED <-> SERVER-IIS Microsoft IIS ASP handling buffer overflow attempt  (server-iis.rules)
 * 1:15977 <-> DISABLED <-> SERVER-WEBAPP PHP strip_tags bypass vulnerability exploit attempt (server-webapp.rules)
 * 1:15978 <-> DISABLED <-> SERVER-WEBAPP Macromedia JRun 4 mod_jrun buffer overflow attempt (server-webapp.rules)
 * 1:15979 <-> DISABLED <-> SERVER-OTHER Check Point VPN-1 ASN.1 Decoding heap overflow attempt (server-other.rules)
 * 1:1598 <-> DISABLED <-> SERVER-WEBAPP Home Free search.cgi directory traversal attempt (server-webapp.rules)
 * 1:15980 <-> DISABLED <-> SERVER-APACHE Apache mod_ssl hook functions format string attempt (server-apache.rules)
 * 1:15981 <-> DISABLED <-> FILE-OTHER zlib Denial of Service (file-other.rules)
 * 1:15982 <-> DISABLED <-> SERVER-WEBAPP Ipswitch WhatsUp Gold DOS Device HTTP request denial of service attempt (server-webapp.rules)
 * 1:15983 <-> DISABLED <-> SERVER-SAMBA Samba arbitrary file access exploit attempt (server-samba.rules)
 * 1:15984 <-> DISABLED <-> SERVER-SAMBA Samba Printer Change Notification Request DoS attempt (server-samba.rules)
 * 1:15985 <-> DISABLED <-> OS-WINDOWS Microsoft ASP.NET canonicalization exploit attempt (os-windows.rules)
 * 1:15986 <-> DISABLED <-> SERVER-SAMBA Samba unicode filename buffer overflow attempt (server-samba.rules)
 * 1:15987 <-> ENABLED <-> FILE-IDENTIFY DXF file download request (file-identify.rules)
 * 1:15988 <-> DISABLED <-> OS-WINDOWS Microsoft ISA Server DNS spoofing attempt (os-windows.rules)
 * 1:15989 <-> DISABLED <-> SERVER-OTHER Squid ASN.1 header parsing denial of service attempt (server-other.rules)
 * 1:1599 <-> DISABLED <-> SERVER-WEBAPP search.cgi access (server-webapp.rules)
 * 1:15990 <-> DISABLED <-> SERVER-WEBAPP Multiple Vendor server file disclosure attempt (server-webapp.rules)
 * 1:15992 <-> DISABLED <-> FILE-OTHER Trend Micro Products Antivirus Library overflow attempt (file-other.rules)
 * 1:15993 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript intrf_count integer overflow attempt (file-flash.rules)
 * 1:15994 <-> DISABLED <-> SERVER-OTHER Squid strListGetItem denial of service attempt (server-other.rules)
 * 1:15995 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX malformed mjpeg arbitrary code execution attempt (file-multimedia.rules)
 * 1:15996 <-> DISABLED <-> OS-WINDOWS Microsoft Negotiate SSP buffer overflow attempt (os-windows.rules)
 * 1:15997 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox JIT escape function memory corruption attempt (browser-firefox.rules)
 * 1:15998 <-> DISABLED <-> SERVER-OTHER HP OpenView Client Configuration Manager Radia Notify Daemon code execution attempt (server-other.rules)
 * 1:15999 <-> DISABLED <-> BROWSER-FIREFOX Mozilla products frame comment objects manipulation memory corruption attempt (browser-firefox.rules)
 * 1:1600 <-> DISABLED <-> SERVER-WEBAPP htsearch arbitrary configuration file attempt (server-webapp.rules)
 * 1:16000 <-> DISABLED <-> FILE-IMAGE Sun Microsystems Java gif handling memory corruption attempt (file-image.rules)
 * 1:16001 <-> DISABLED <-> FILE-IMAGE Apple QuickDraw PICT images ARGB records handling memory corruption attempt (file-image.rules)
 * 1:16002 <-> DISABLED <-> FILE-OTHER Apple Mac OS X installer package filename format string vulnerability (file-other.rules)
 * 1:16003 <-> DISABLED <-> FILE-OTHER Apple Mac OS X installer package filename format string vulnerability (file-other.rules)
 * 1:16004 <-> DISABLED <-> FILE-OTHER Apple Mac OS X installer package filename format string vulnerability (file-other.rules)
 * 1:16005 <-> DISABLED <-> BROWSER-FIREFOX Mozilla browsers JavaScript argument passing code execution attempt (browser-firefox.rules)
 * 1:16006 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime color table id memory corruption attempt (file-multimedia.rules)
 * 1:16007 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer colgroup tag uninitialized memory exploit attempt (browser-ie.rules)
 * 1:16008 <-> DISABLED <-> OS-WINDOWS Multiple Products excessive HTTP 304 Not Modified responses exploit attempt (os-windows.rules)
 * 1:16009 <-> DISABLED <-> BROWSER-FIREFOX Mozilla products overflow event handling memory corruption attempt (browser-firefox.rules)
 * 1:1601 <-> DISABLED <-> SERVER-WEBAPP htsearch arbitrary file read attempt (server-webapp.rules)
 * 1:16010 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Javascript Page update race condition attempt (browser-ie.rules)
 * 1:16011 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS property method handling memory corruption attempt (browser-ie.rules)
 * 1:16013 <-> DISABLED <-> SERVER-OTHER IBM solidDB logging function format string exploit attempt (server-other.rules)
 * 1:16014 <-> DISABLED <-> SERVER-OTHER Novell eDirectory HTTP headers denial of service attempt (server-other.rules)
 * 1:16015 <-> DISABLED <-> SERVER-OTHER Norton Internet Security NBNS response processing stack overflow attempt (server-other.rules)
 * 1:16016 <-> DISABLED <-> OS-WINDOWS Microsoft client for netware overflow attempt (os-windows.rules)
 * 1:16017 <-> DISABLED <-> SERVER-OTHER IBM Lotus Domino LDAP server invalid DN message buffer overflow attempt (server-other.rules)
 * 1:16018 <-> DISABLED <-> SERVER-OTHER HP OpenView network node manager buffer overflow (server-other.rules)
 * 1:16019 <-> DISABLED <-> SERVER-OTHER Novell Distributed Print Services integer overflow attempt (server-other.rules)
 * 1:1602 <-> DISABLED <-> SERVER-WEBAPP htsearch access (server-webapp.rules)
 * 1:16020 <-> DISABLED <-> SERVER-MYSQL login handshake information disclosure attempt (server-mysql.rules)
 * 1:16021 <-> DISABLED <-> SERVER-APACHE Apache http Server mod_tcl format string attempt (server-apache.rules)
 * 1:16022 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows Vista Windows mail file execution attempt (file-executable.rules)
 * 1:16023 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows Vista Windows mail file execution attempt (file-executable.rules)
 * 1:16024 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Javascript Function focus overflow attempt (browser-firefox.rules)
 * 1:16025 <-> DISABLED <-> SERVER-MAIL MailEnable SMTP service SPF lookup buffer overflow attempt (server-mail.rules)
 * 1:16027 <-> DISABLED <-> FILE-MULTIMEDIA Nullsoft Winamp midi file header overflow attempt (file-multimedia.rules)
 * 1:16028 <-> DISABLED <-> SERVER-WEBAPP Novell Groupwise Messenger parameters invalid memory access attempt (server-webapp.rules)
 * 1:16029 <-> DISABLED <-> OS-WINDOWS Microsoft Windows DNS client ATMA buffer overrun attempt (os-windows.rules)
 * 1:1603 <-> DISABLED <-> SERVER-WEBAPP DELETE attempt (server-webapp.rules)
 * 1:16030 <-> DISABLED <-> OS-WINDOWS Microsoft Windows DNS client TXT buffer overrun attempt (os-windows.rules)
 * 1:16031 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer nested object tag memory corruption attempt (browser-ie.rules)
 * 1:16032 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML Decoding memory corruption attempt (browser-ie.rules)
 * 1:16033 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer compressed content attempt (browser-ie.rules)
 * 1:16034 <-> DISABLED <-> SERVER-SAMBA Samba spools RPC smb_io_notify_option_type_data request handling buffer overflow attempt (server-samba.rules)
 * 1:16035 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer createTextRange code execution attempt (browser-ie.rules)
 * 1:16036 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Products QueryInterface method memory corruption attempt (browser-firefox.rules)
 * 1:16037 <-> DISABLED <-> BROWSER-FIREFOX Mozilla products graphics and XML features integer overflows attempt (browser-firefox.rules)
 * 1:16038 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Thunderbird WYSIWYG engine filtering IFRAME JavaScript execution attempt (browser-firefox.rules)
 * 1:16039 <-> DISABLED <-> SERVER-OTHER EMC Dantz Retrospect Backup Agent denial of service attempt (server-other.rules)
 * 1:1604 <-> DISABLED <-> SERVER-WEBAPP iChat directory traversal attempt (server-webapp.rules)
 * 1:16040 <-> DISABLED <-> SERVER-OTHER SpamAssassin spamd vpopmail and paranoid options code execution attempt (server-other.rules)
 * 1:16041 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime FLIC animation file buffer overflow attempt (file-multimedia.rules)
 * 1:16042 <-> DISABLED <-> BROWSER-FIREFOX Mozilla browsers CSS moz-binding cross domain scripting attempt (browser-firefox.rules)
 * 1:16043 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer html tag memory corruption attempt (browser-ie.rules)
 * 1:16044 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox CSS Letter-Spacing overflow attempt (browser-firefox.rules)
 * 1:16045 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer cross domain information disclosure attempt (browser-ie.rules)
 * 1:16046 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer RealMedia file format processing heap corruption attempt (file-multimedia.rules)
 * 1:16047 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox layout frame constructor memory corruption attempt (browser-firefox.rules)
 * 1:16048 <-> DISABLED <-> SERVER-OTHER Microsoft ASP.NET application folder info disclosure attempt (server-other.rules)
 * 1:16049 <-> DISABLED <-> SERVER-OTHER GNU Radius SQL accounting format string exploit attempt (server-other.rules)
 * 1:1605 <-> DISABLED <-> SERVER-OTHER iParty DOS attempt (server-other.rules)
 * 1:16050 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox tag order memory corruption attempt (browser-firefox.rules)
 * 1:16051 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher 2007 conversion library code execution attempt (file-office.rules)
 * 1:16052 <-> DISABLED <-> SERVER-OTHER Novell iManager Tree parameter denial of service attempt (server-other.rules)
 * 1:16053 <-> DISABLED <-> FILE-OTHER GNU tar PAX extended headers handling overflow attempt (file-other.rules)
 * 1:16054 <-> DISABLED <-> FILE-IMAGE Apple QuickTime bitmap multiple header overflow (file-image.rules)
 * 1:16055 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes AAC file handling integer overflow attempt (file-multimedia.rules)
 * 1:16056 <-> DISABLED <-> SERVER-WEBAPP Symantec Scan Engine authentication bypass attempt (server-webapp.rules)
 * 1:16057 <-> DISABLED <-> SERVER-MAIL Sendmail smtp timeout buffer overflow attempt (server-mail.rules)
 * 1:16058 <-> DISABLED <-> SERVER-SAMBA Samba WINS Server Name Registration handling stack buffer overflow attempt (server-samba.rules)
 * 1:16059 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed file format parsing code execution attempt (file-office.rules)
 * 1:1606 <-> DISABLED <-> SERVER-WEBAPP icat access (server-webapp.rules)
 * 1:16060 <-> DISABLED <-> SERVER-OTHER IBM Lotus Domino LDAP server memory exception attempt (server-other.rules)
 * 1:16061 <-> ENABLED <-> FILE-IDENTIFY X PixMap file download request (file-identify.rules)
 * 1:16062 <-> DISABLED <-> FILE-OTHER ACD Systems ACDSee Products XPM values section buffer overflow attempt (file-other.rules)
 * 1:16063 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer isindex buffer overflow attempt (browser-ie.rules)
 * 1:16064 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer onBeforeUnload address bar spoofing attempt (browser-ie.rules)
 * 1:16065 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer location.replace memory corruption attempt (browser-ie.rules)
 * 1:16066 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Server driver crafted SMB data denial of service (os-windows.rules)
 * 1:16067 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM object cache management memory corruption attempt (browser-ie.rules)
 * 1:16068 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Music Jukebox ActiveX exploit (browser-plugins.rules)
 * 1:16069 <-> DISABLED <-> SERVER-OTHER IBM Informix server argument processing overflow attempt (server-other.rules)
 * 1:1607 <-> DISABLED <-> SERVER-WEBAPP HyperSeek hsx.cgi access (server-webapp.rules)
 * 1:16070 <-> DISABLED <-> FILE-OTHER X.org PCF parsing buffer overflow attempt (file-other.rules)
 * 1:16071 <-> DISABLED <-> SERVER-OTHER CA ARCServe Backup Discovery Service denial of service attempt (server-other.rules)
 * 1:16072 <-> DISABLED <-> SERVER-OTHER CUPS server query metacharacter buffer overflow attempt (server-other.rules)
 * 1:16073 <-> DISABLED <-> OS-WINDOWS MS-SQL convert function unicode overflow (os-windows.rules)
 * 1:16074 <-> DISABLED <-> SQL Suspicious SQL ansi_padding option (sql.rules)
 * 1:16075 <-> DISABLED <-> SQL Suspicious SQL ansi_padding option (sql.rules)
 * 1:16076 <-> DISABLED <-> SERVER-OTHER Tripwire format string vulnerability nfs exploit attempt (server-other.rules)
 * 1:16077 <-> DISABLED <-> SERVER-OTHER Tripwire format string vulnerability ftp exploit attempt (server-other.rules)
 * 1:16078 <-> DISABLED <-> SERVER-WEBAPP PHP memory_limit vulnerability exploit attempt (server-webapp.rules)
 * 1:16079 <-> DISABLED <-> SERVER-WEBAPP uselang code injection (server-webapp.rules)
 * 1:1608 <-> DISABLED <-> SERVER-WEBAPP htmlscript attempt (server-webapp.rules)
 * 1:16080 <-> DISABLED <-> SERVER-OTHER KAME racoon X509 certificate verification bypass attempt (server-other.rules)
 * 1:16081 <-> DISABLED <-> PROTOCOL-RPC portmap 395650 tcp XDR SString buffer overflow attempt (protocol-rpc.rules)
 * 1:16082 <-> DISABLED <-> PROTOCOL-RPC portmap 395650 udp XDR SString buffer overflow attempt (protocol-rpc.rules)
 * 1:16083 <-> DISABLED <-> PROTOCOL-RPC portmap 395650 tcp request (protocol-rpc.rules)
 * 1:16084 <-> DISABLED <-> PROTOCOL-RPC portmap 395650 udp request (protocol-rpc.rules)
 * 1:16085 <-> DISABLED <-> PROTOCOL-RPC portmap 395650 tcp xml buffer overflow attempt (protocol-rpc.rules)
 * 1:16086 <-> DISABLED <-> PROTOCOL-RPC portmap 395650 udp xml buffer overflow attempt (protocol-rpc.rules)
 * 1:16087 <-> DISABLED <-> FILE-OTHER Multiple vendor AV gateway virus detection bypass attempt (file-other.rules)
 * 1:16089 <-> DISABLED <-> OS-WINDOWS Microsoft Windows embedded web font handling buffer overflow attempt (os-windows.rules)
 * 1:16090 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Core XML core services XMLHTTP control open method code execution attempt (browser-plugins.rules)
 * 1:16091 <-> DISABLED <-> SERVER-OTHER Macromedia Flash Media Server administration service denial of service attempt (server-other.rules)
 * 1:16092 <-> DISABLED <-> MALWARE-BACKDOOR Win.Trojan.delf.jwh runtime detection (malware-backdoor.rules)
 * 1:16093 <-> ENABLED <-> MALWARE-CNC bugsprey variant inbound connection (malware-cnc.rules)
 * 1:16094 <-> DISABLED <-> MALWARE-CNC Win.Trojan.exchan.gen variant outbound connection (malware-cnc.rules)
 * 1:16095 <-> DISABLED <-> MALWARE-CNC td.exe variant outbound connection getfile (malware-cnc.rules)
 * 1:16096 <-> DISABLED <-> MALWARE-CNC td.exe variant outbound connection download (malware-cnc.rules)
 * 1:16097 <-> DISABLED <-> MALWARE-CNC Win.Trojan.agent.vvm variant outbound connection (malware-cnc.rules)
 * 1:16098 <-> DISABLED <-> MALWARE-CNC Win.Trojan.cekar variant outbound connection (malware-cnc.rules)
 * 1:16099 <-> DISABLED <-> MALWARE-CNC Win.Trojan.agent.wdv variant outbound connection (malware-cnc.rules)
 * 1:161 <-> DISABLED <-> MALWARE-BACKDOOR Matrix 2.0 Client connect (malware-backdoor.rules)
 * 1:1610 <-> DISABLED <-> SERVER-WEBAPP formmail arbitrary command execution attempt (server-webapp.rules)
 * 1:16100 <-> DISABLED <-> MALWARE-CNC Win.Trojan.delf.phh variant outbound connection file.exe (malware-cnc.rules)
 * 1:16101 <-> DISABLED <-> MALWARE-CNC Win.Trojan.delf.phh variant outbound connection 57329.exe (malware-cnc.rules)
 * 1:16102 <-> DISABLED <-> MALWARE-CNC Win.Trojan.delf.phh variant outbound connection sft_ver1.1454.0.exe (malware-cnc.rules)
 * 1:16103 <-> DISABLED <-> MALWARE-CNC lost door 3.0 variant outbound connection (malware-cnc.rules)
 * 1:16104 <-> DISABLED <-> MALWARE-CNC lost door 3.0 variant outbound connection (malware-cnc.rules)
 * 1:16105 <-> DISABLED <-> MALWARE-CNC Win.Trojan.zlob variant outbound connection topqualityads (malware-cnc.rules)
 * 1:16106 <-> DISABLED <-> MALWARE-CNC synrat 2.1 pro variant outbound connection (malware-cnc.rules)
 * 1:16107 <-> DISABLED <-> MALWARE-CNC synrat 2.1 pro variant outbound connection (malware-cnc.rules)
 * 1:16108 <-> DISABLED <-> MALWARE-CNC Win.Trojan.exchanger.gen2 variant outbound connection (malware-cnc.rules)
 * 1:16109 <-> DISABLED <-> MALWARE-CNC Win.Trojan.zlob.wwv variant outbound connection onestoponlineshop (malware-cnc.rules)
 * 1:1611 <-> DISABLED <-> SERVER-WEBAPP eXtropia webstore access (server-webapp.rules)
 * 1:16110 <-> DISABLED <-> MALWARE-CNC Win.Trojan.zlob.wwv variant outbound connection childhe (malware-cnc.rules)
 * 1:16111 <-> DISABLED <-> MALWARE-CNC Win.Trojan.zlob.wwv installtime detection (malware-cnc.rules)
 * 1:16112 <-> DISABLED <-> MALWARE-CNC Win.Trojan.agent.vhb variant outbound connection contact remote server (malware-cnc.rules)
 * 1:16113 <-> DISABLED <-> MALWARE-CNC Win.Trojan.agent.vhb variant outbound connection request login page (malware-cnc.rules)
 * 1:16114 <-> DISABLED <-> PUA-TOOLBARS Hijacker cramtoolbar runtime detection - hijack (pua-toolbars.rules)
 * 1:16115 <-> DISABLED <-> PUA-TOOLBARS Hijacker cramtoolbar runtime detection - search (pua-toolbars.rules)
 * 1:16116 <-> DISABLED <-> MALWARE-OTHER Trackware rightonadz.biz adrotator runtime detection - pass user info to remote server (malware-other.rules)
 * 1:16117 <-> DISABLED <-> MALWARE-OTHER Trackware rightonadz.biz adrotator runtime detection - ads (malware-other.rules)
 * 1:16118 <-> DISABLED <-> PUA-ADWARE Adware winreanimator runtime detection - register request (pua-adware.rules)
 * 1:16119 <-> DISABLED <-> PUA-ADWARE Adware winreanimator runtime detection - daily update (pua-adware.rules)
 * 1:1612 <-> DISABLED <-> SERVER-WEBAPP ftp.pl attempt (server-webapp.rules)
 * 1:16120 <-> DISABLED <-> PUA-TOOLBARS Trackware 6sq toolbar runtime detection (pua-toolbars.rules)
 * 1:16121 <-> DISABLED <-> PUA-ADWARE Hijacker weatherstudio outbound connection (pua-adware.rules)
 * 1:16122 <-> DISABLED <-> PUA-ADWARE rogue antivirus xp 2008 runtime detection - buy (pua-adware.rules)
 * 1:16123 <-> DISABLED <-> PUA-ADWARE rogue antivirus xp 2008 runtime detection - update (pua-adware.rules)
 * 1:16124 <-> DISABLED <-> MALWARE-CNC Win.Trojan.nsis.agent.s variant outbound connection (malware-cnc.rules)
 * 1:16125 <-> DISABLED <-> MALWARE-OTHER Keylogger spyyahoo v2.2 runtime detection (malware-other.rules)
 * 1:16126 <-> DISABLED <-> PUA-ADWARE Trickler virusremover 2008 outbound connection (pua-adware.rules)
 * 1:16127 <-> DISABLED <-> PUA-ADWARE Adware superiorads runtime detection (pua-adware.rules)
 * 1:16129 <-> DISABLED <-> MALWARE-OTHER Keylogger kamyab Keylogger v.3 runtime detection (malware-other.rules)
 * 1:1613 <-> DISABLED <-> SERVER-WEBAPP handler attempt (server-webapp.rules)
 * 1:16130 <-> DISABLED <-> MALWARE-OTHER Keylogger lord spy pro 1.4 runtime detection (malware-other.rules)
 * 1:16131 <-> DISABLED <-> MALWARE-OTHER Trackware adclicker trojan zlob.dnz runtime detection - ads (malware-other.rules)
 * 1:16132 <-> DISABLED <-> MALWARE-OTHER Trackware owlforce runtime detection - remote server #1 (malware-other.rules)
 * 1:16133 <-> DISABLED <-> MALWARE-OTHER Trackware owlforce runtime detection - remote server #2 (malware-other.rules)
 * 1:16134 <-> DISABLED <-> PUA-ADWARE Adware spyware guard 2008 runtime detection - contacts remote server (pua-adware.rules)
 * 1:16135 <-> DISABLED <-> PUA-ADWARE Adware spyware guard 2008 runtime detection - purchase page (pua-adware.rules)
 * 1:16136 <-> DISABLED <-> PUA-ADWARE Hijacker xp antispyware 2009 runtime detection - pre-sale webpage (pua-adware.rules)
 * 1:16137 <-> DISABLED <-> MALWARE-OTHER Keylogger cheat monitor runtime detection (malware-other.rules)
 * 1:16138 <-> DISABLED <-> MALWARE-TOOLS Hacker-Tool 0desa msn pass stealer 8.5 runtime detection (malware-tools.rules)
 * 1:16139 <-> DISABLED <-> MALWARE-CNC Win.Trojan.gen2 variant outbound connection scanner page (malware-cnc.rules)
 * 1:1614 <-> DISABLED <-> SERVER-WEBAPP Novell Groupwise gwweb.exe attempt (server-webapp.rules)
 * 1:16140 <-> DISABLED <-> MALWARE-CNC torpig-mebroot command and control checkin (malware-cnc.rules)
 * 1:16141 <-> DISABLED <-> SERVER-OTHER Kaspersky Online Scanner trojaned Dll download attempt (server-other.rules)
 * 1:16142 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox PKCS11 module installation code execution attempt (browser-firefox.rules)
 * 1:16143 <-> ENABLED <-> FILE-IDENTIFY Microsoft asf file magic detected (file-identify.rules)
 * 1:16144 <-> DISABLED <-> MALWARE-CNC Bredolab bot variant outbound connection (malware-cnc.rules)
 * 1:16145 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit floating point buffer overflow attempt (browser-webkit.rules)
 * 1:16147 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS malformed URL .dll denial of service attempt (server-iis.rules)
 * 1:16148 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime and iTunes heap memory corruption attempt (file-multimedia.rules)
 * 1:16149 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer data stream header remote code execution attempt (browser-ie.rules)
 * 1:1615 <-> DISABLED <-> SERVER-WEBAPP htgrep attempt (server-webapp.rules)
 * 1:16150 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer variant argument validation remote code execution attempt (browser-ie.rules)
 * 1:16151 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer uninitialized or deleted object access attempt (browser-ie.rules)
 * 1:16152 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer table layout unitialized or deleted object access attempt (browser-ie.rules)
 * 1:16153 <-> DISABLED <-> FILE-IMAGE Microsoft Windows malformed WMF meta escape record memory corruption attempt (file-image.rules)
 * 1:16154 <-> DISABLED <-> FILE-EXECUTABLE GDI+ .NET image property parsing memory corruption  (file-executable.rules)
 * 1:16155 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer indexing service malformed parameters (browser-ie.rules)
 * 1:16156 <-> DISABLED <-> FILE-MULTIMEDIA Windows Media Player ASF marker object memory corruption attempt  (file-multimedia.rules)
 * 1:16157 <-> DISABLED <-> OS-WINDOWS Microsoft Windows malformed ASF voice codec memory corruption attempt (os-windows.rules)
 * 1:16158 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Runtime malformed ASF codec memory corruption attempt (os-windows.rules)
 * 1:16159 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Excel Add-in for SQL Analysis Services 1 ActiveX clsid access (browser-plugins.rules)
 * 1:1616 <-> DISABLED <-> PROTOCOL-DNS named version attempt (protocol-dns.rules)
 * 1:16161 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Excel Add-in for SQL Analysis Services 2 ActiveX clsid access (browser-plugins.rules)
 * 1:16163 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Excel Add-in for SQL Analysis Services 3 ActiveX clsid access (browser-plugins.rules)
 * 1:16165 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Excel Add-in for SQL Analysis Services 4 ActiveX clsid access (browser-plugins.rules)
 * 1:16167 <-> DISABLED <-> OS-WINDOWS Microsoft Windows LSASS integer wrap denial of service attempt (os-windows.rules)
 * 1:16168 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMBv2 integer overflow denial of service attempt (os-windows.rules)
 * 1:16169 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer dynamic style update memory corruption attempt (browser-ie.rules)
 * 1:1617 <-> DISABLED <-> SERVER-WEBAPP Bugzilla doeditvotes.cgi access (server-webapp.rules)
 * 1:16172 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader U3D line set heap corruption attempt (file-pdf.rules)
 * 1:16173 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader U3D progressive mesh continuation pointer overwrite attempt (file-pdf.rules)
 * 1:16174 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader U3D progressive mesh continuation off by one index attempt (file-pdf.rules)
 * 1:16175 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader collab.removeStateModel denial of service attempt (file-pdf.rules)
 * 1:16176 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader collab.addStateModel remote corruption attempt (file-pdf.rules)
 * 1:16177 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word GDI+ Office Art Property Table remote code execution attempt (file-office.rules)
 * 1:16178 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel GDI+ Office Art Property Table remote code execution attempt (file-office.rules)
 * 1:16179 <-> DISABLED <-> FILE-EXECUTABLE Microsoft .NET MSIL CLR interface multiple instantiation attempt  (file-executable.rules)
 * 1:1618 <-> DISABLED <-> SERVER-IIS .asp chunked Transfer-Encoding (server-iis.rules)
 * 1:16181 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CryptoAPI ASN.1 integer overflow attempt (os-windows.rules)
 * 1:16182 <-> DISABLED <-> FILE-EXECUTABLE Microsoft .NET MSIL stack corruption attempt  (file-executable.rules)
 * 1:16183 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows .NET MSIL CombineImpl suspicious usage attempt (file-executable.rules)
 * 1:16184 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (file-image.rules)
 * 1:16185 <-> DISABLED <-> OS-WINDOWS Microsoft Windows GDI+ compressed TIFF file parsing remote code execution attempt (os-windows.rules)
 * 1:16186 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI+ interlaced PNG file parsing heap overflow attempt (file-image.rules)
 * 1:16187 <-> DISABLED <-> OS-WINDOWS Microsoft Windows DirectShow MJPEG arbitrary code execution attempt (os-windows.rules)
 * 1:16188 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint bad text header txttype attempt (file-office.rules)
 * 1:16189 <-> DISABLED <-> SERVER-ORACLE Database REPCAT_RPC.VALIDATE_REMOTE_RC SQL injection attempt (server-oracle.rules)
 * 1:16190 <-> DISABLED <-> SERVER-ORACLE Oracle Secure Backup Administration server property_box.php command injection attempt (server-oracle.rules)
 * 1:16191 <-> DISABLED <-> SERVER-ORACLE Oracle Secure Backup Administration server authentication bypass attempt - via GET (server-oracle.rules)
 * 1:16192 <-> DISABLED <-> SERVER-ORACLE Secure Backup Administration server authentication bypass attempt (server-oracle.rules)
 * 1:16193 <-> DISABLED <-> SERVER-MAIL Novell GroupWise Internet Agent SMTP AUTH LOGIN command buffer overflow attempt (server-mail.rules)
 * 1:16194 <-> DISABLED <-> SERVER-WEBAPP Novell eDirectory HTTP request content-length heap buffer overflow attempt (server-webapp.rules)
 * 1:16195 <-> DISABLED <-> SERVER-WEBAPP HTTP request with negative Content-Length attempt (server-webapp.rules)
 * 1:16196 <-> DISABLED <-> SERVER-OTHER Symantec Backup Exec System Recovery Manager unauthorized file upload attempt (server-other.rules)
 * 1:16197 <-> DISABLED <-> SERVER-OTHER OpenLDAP ber_get_next BER decoding denial of service attempt (server-other.rules)
 * 1:16198 <-> DISABLED <-> SERVER-APACHE Apache mod_auth_pgsql module logging facility format string exploit attempt (server-apache.rules)
 * 1:16199 <-> DISABLED <-> SERVER-MAIL SpamAssassin long message header denial of service attempt (server-mail.rules)
 * 1:162 <-> DISABLED <-> MALWARE-BACKDOOR Matrix 2.0 Server access (malware-backdoor.rules)
 * 1:16200 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox command line URL shell command injection attempt (browser-firefox.rules)
 * 1:16201 <-> DISABLED <-> SERVER-MAIL Ipswitch Collaboration Suite SMTP format string exploit attempt (server-mail.rules)
 * 1:16204 <-> DISABLED <-> SERVER-OTHER HP OpenView Network Node Manager ovlaunch host field overflow attempt (server-other.rules)
 * 1:16205 <-> ENABLED <-> FILE-IDENTIFY BMP file download request (file-identify.rules)
 * 1:16206 <-> DISABLED <-> OS-WINDOWS Microsoft Windows DNS server spoofing attempt (os-windows.rules)
 * 1:16207 <-> DISABLED <-> SERVER-WEBAPP MIT Kerberos V% KAdminD klog_vsyslog server overflow attempt (server-webapp.rules)
 * 1:16208 <-> DISABLED <-> SERVER-MSSQL Microsoft SQL Server Distributed Management Objects overflow attempt (server-mssql.rules)
 * 1:16209 <-> DISABLED <-> SERVER-OTHER FreeRADIUS RADIUS server rad_decode remote denial of service attempt (server-other.rules)
 * 1:1621 <-> DISABLED <-> PROTOCOL-FTP CMD overflow attempt (protocol-ftp.rules)
 * 1:16213 <-> DISABLED <-> SERVER-OTHER Red Hat Directory Server Accept-Language HTTP header parsing buffer overflow attempt (server-other.rules)
 * 1:16214 <-> DISABLED <-> SERVER-OTHER Squid Proxy invalid HTTP response code denial of service attempt (server-other.rules)
 * 1:16215 <-> DISABLED <-> SERVER-ORACLE Oracle Application Server Portal cross site scripting attempt (server-oracle.rules)
 * 1:16216 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Provisioning Manager long URI request buffer overflow attempt (server-other.rules)
 * 1:16217 <-> DISABLED <-> SERVER-OTHER OpenView Network Node Manager ovalarmsrv opcode 45 integer overflow attempt (server-other.rules)
 * 1:16218 <-> DISABLED <-> SERVER-WEBAPP Content-Length request offset smuggling attempt (server-webapp.rules)
 * 1:16219 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file download request (file-identify.rules)
 * 1:1622 <-> DISABLED <-> PROTOCOL-FTP RNFR ././ attempt (protocol-ftp.rules)
 * 1:16220 <-> DISABLED <-> FILE-OTHER Adobe Shockwave director file malformed lcsr block memory corruption attempt (file-other.rules)
 * 1:16221 <-> DISABLED <-> OS-WINDOWS Microsoft ISA and Forefront Threat Management Web Proxy TCP Listener denial of service attempt (os-windows.rules)
 * 1:16223 <-> DISABLED <-> FILE-OTHER Adobe Shockwave tSAC pointer overwrite attempt (file-other.rules)
 * 1:16224 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes invalid tref box exploit attempt (file-multimedia.rules)
 * 1:16225 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Flash arbitrary memory access attempt (file-other.rules)
 * 1:16226 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel integer field in row record improper validation remote code execution attempt (file-office.rules)
 * 1:16227 <-> DISABLED <-> SERVER-OTHER Web Service on Devices API WSDAPI URL processing buffer corruption attempt  (server-other.rules)
 * 1:16228 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed StartObject record arbitrary code execution attempt (file-office.rules)
 * 1:16229 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel oversized ib memory corruption attempt (file-office.rules)
 * 1:1623 <-> DISABLED <-> PROTOCOL-FTP invalid MODE (protocol-ftp.rules)
 * 1:16231 <-> DISABLED <-> FILE-PDF Microsoft Windows kernel-mode drivers core font parsing integer overflow attempt (file-pdf.rules)
 * 1:16233 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel oversized ptgFuncVar cparams value buffer overflow attempt (file-office.rules)
 * 1:16234 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Document remote code execution attempt (file-office.rules)
 * 1:16235 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel file SXDB record exploit attempt (file-office.rules)
 * 1:16236 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel file SxView record exploit attempt (file-office.rules)
 * 1:16237 <-> DISABLED <-> SERVER-OTHER Microsoft Active Directory NTDSA stack space exhaustion attempt  (server-other.rules)
 * 1:16238 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP llsrpc2 LlsrLicenseRequestW overflow attempt (os-windows.rules)
 * 1:16239 <-> DISABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP llsrpc2 LlsrLicenseRequestW overflow attempt (os-windows.rules)
 * 1:1624 <-> DISABLED <-> PROTOCOL-FTP PWD overflow attempt (protocol-ftp.rules)
 * 1:16240 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel file Window/Pane record exploit attempt (file-office.rules)
 * 1:16241 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel FeatHdr BIFF record remote code execution attempt (file-office.rules)
 * 1:16242 <-> DISABLED <-> MALWARE-CNC downloader-ash.gen.b variant outbound connection adload (malware-cnc.rules)
 * 1:16243 <-> DISABLED <-> MALWARE-CNC downloader-ash.gen.b variant outbound connection 3264.php (malware-cnc.rules)
 * 1:16244 <-> DISABLED <-> PUA-ADWARE rogue software xp police antivirus runtime detection - purchase (pua-adware.rules)
 * 1:16245 <-> DISABLED <-> PUA-ADWARE rogue software xp police antivirus install-timedetection (pua-adware.rules)
 * 1:16246 <-> DISABLED <-> PUA-ADWARE rogue software spyware protect 2009 outbound connection - purchase request (pua-adware.rules)
 * 1:16247 <-> DISABLED <-> PUA-ADWARE rogue software spyware protect 2009 outbound connection - block (pua-adware.rules)
 * 1:16248 <-> DISABLED <-> PUA-ADWARE rogue software ms antispyware 2009 runtime detection - start (pua-adware.rules)
 * 1:16249 <-> DISABLED <-> PUA-ADWARE rogue software ms antispyware 2009 runtime detection - pay (pua-adware.rules)
 * 1:1625 <-> DISABLED <-> PROTOCOL-FTP SYST overflow attempt (protocol-ftp.rules)
 * 1:16250 <-> DISABLED <-> PUA-ADWARE rogue software win pc defender outbound connection (pua-adware.rules)
 * 1:16251 <-> DISABLED <-> PUA-ADWARE rogue software win pc defender outbound connection (pua-adware.rules)
 * 1:16252 <-> DISABLED <-> PUA-ADWARE rogue software pro antispyware 2009 runtime detection - purchase (pua-adware.rules)
 * 1:16253 <-> DISABLED <-> PUA-ADWARE rogue software system security 2009 outbound connection (pua-adware.rules)
 * 1:16254 <-> ENABLED <-> PUA-ADWARE rogue software system security 2009 outbound connection (pua-adware.rules)
 * 1:16255 <-> DISABLED <-> PUA-ADWARE rogue software system security 2009 outbound connection (pua-adware.rules)
 * 1:16256 <-> DISABLED <-> PUA-ADWARE rogue software coreguard antivirus 2009 runtime detection (pua-adware.rules)
 * 1:16257 <-> DISABLED <-> PUA-ADWARE rogue software perfect defender 2009 outbound connection - update (pua-adware.rules)
 * 1:16258 <-> DISABLED <-> PUA-ADWARE rogue software perfect defender 2009 outbound connection - purchase (pua-adware.rules)
 * 1:16259 <-> DISABLED <-> PUA-ADWARE rogue software antivirusdoktor2009 runtime detection (pua-adware.rules)
 * 1:1626 <-> DISABLED <-> SERVER-IIS /StoreCSVS/InstantOrder.asmx request (server-iis.rules)
 * 1:16260 <-> DISABLED <-> PUA-ADWARE rogue software xp antivirus protection runtime detection - installation (pua-adware.rules)
 * 1:16261 <-> DISABLED <-> PUA-ADWARE rogue software xp antivirus protection runtime detection - runtime (pua-adware.rules)
 * 1:16262 <-> DISABLED <-> PUA-ADWARE rogue software xp-shield outbound connection (pua-adware.rules)
 * 1:16263 <-> DISABLED <-> PUA-ADWARE rogue software xp-shield outbound connection - installation (pua-adware.rules)
 * 1:16264 <-> DISABLED <-> PUA-ADWARE rogue software 007 anti-spyware runtime detection - update (pua-adware.rules)
 * 1:16265 <-> DISABLED <-> PUA-ADWARE rogue software 007 anti-spyware runtime detection - register (pua-adware.rules)
 * 1:16266 <-> DISABLED <-> PUA-ADWARE rogue software pc antispyware 2010 runtime detection - buy (pua-adware.rules)
 * 1:16267 <-> DISABLED <-> PUA-ADWARE rogue software pc antispyware 2010 runtime detection - files (pua-adware.rules)
 * 1:16268 <-> DISABLED <-> MALWARE-CNC Win.Trojan.tdss.1.gen install-time detection - yournewsblog.net (malware-cnc.rules)
 * 1:16269 <-> DISABLED <-> MALWARE-CNC Win.Trojan.tdss.1.gen install-time detection - findzproportal1.com (malware-cnc.rules)
 * 1:16271 <-> DISABLED <-> MALWARE-CNC Win.Trojan.TDSS.1.Gen keepalive detection (malware-cnc.rules)
 * 1:16272 <-> DISABLED <-> MALWARE-CNC Trojan-dropper.irc.tkb variant outbound connection lordhack (malware-cnc.rules)
 * 1:16273 <-> DISABLED <-> MALWARE-CNC Trojan-dropper.irc.tkb variant outbound connection dxcpm (malware-cnc.rules)
 * 1:16274 <-> DISABLED <-> MALWARE-CNC Trickler trojan-spy.win32.pophot variant outbound connection connect to server (malware-cnc.rules)
 * 1:16275 <-> DISABLED <-> MALWARE-CNC Trickler trojan-spy.win32.pophot variant outbound connection download files (malware-cnc.rules)
 * 1:16276 <-> DISABLED <-> PUA-ADWARE Trickler win32-fakealert.kl outbound connection (pua-adware.rules)
 * 1:16277 <-> DISABLED <-> PUA-ADWARE Trickler win32-fakealert.kl outbound connection - downloads malicious files (pua-adware.rules)
 * 1:16278 <-> DISABLED <-> PUA-ADWARE Trickler win32-fakealert.kl installime detection - updates remote server (pua-adware.rules)
 * 1:16279 <-> DISABLED <-> PUA-ADWARE rogue-software windows antivirus 2008 runtime detection - pre-sale page (pua-adware.rules)
 * 1:1628 <-> DISABLED <-> SERVER-WEBAPP FormHandler.cgi directory traversal attempt attempt (server-webapp.rules)
 * 1:16280 <-> DISABLED <-> PUA-ADWARE rogue-software windows antivirus 2008 runtime detection - registration and payment page (pua-adware.rules)
 * 1:16281 <-> DISABLED <-> PUA-P2P BitTorrent scrape request (pua-p2p.rules)
 * 1:16282 <-> DISABLED <-> PUA-P2P Bittorrent uTP peer request (pua-p2p.rules)
 * 1:16283 <-> DISABLED <-> SERVER-WEBAPP Borland StarTeam Multicast Service buffer overflow attempt (server-webapp.rules)
 * 1:16284 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox ClearTextRun exploit attempt (browser-firefox.rules)
 * 1:16285 <-> DISABLED <-> PROTOCOL-RPC AIX ttdbserv function 15 buffer overflow attempt (protocol-rpc.rules)
 * 1:16286 <-> ENABLED <-> FILE-IDENTIFY TrueType font file download request (file-identify.rules)
 * 1:16287 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Negotiate Protocol response DoS attempt (os-windows.rules)
 * 1:16288 <-> DISABLED <-> FILE-JAVA Oracle Java Runtime AWT setDiffICM stack buffer overflow attempt (file-java.rules)
 * 1:16289 <-> DISABLED <-> MALWARE-CNC Clob bot traffic (malware-cnc.rules)
 * 1:16290 <-> DISABLED <-> SERVER-ORACLE Oracle database server CREATE_TABLES SQL injection attempt (server-oracle.rules)
 * 1:16291 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Network Security Services regexp heap overflow attempt (browser-firefox.rules)
 * 1:16292 <-> DISABLED <-> BROWSER-FIREFOX Mozilla CSS value counter overflow attempt (browser-firefox.rules)
 * 1:16293 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Flash memory corruption attempt (file-other.rules)
 * 1:16294 <-> DISABLED <-> OS-WINDOWS Microsoft Windows TCP stack zero window size exploit attempt (os-windows.rules)
 * 1:16295 <-> DISABLED <-> FILE-OTHER Kaspersky antivirus library heap buffer overflow - without optional fields (file-other.rules)
 * 1:16296 <-> DISABLED <-> FILE-OTHER Kaspersky antivirus library heap buffer overflow - with optional fields (file-other.rules)
 * 1:163 <-> DISABLED <-> MALWARE-BACKDOOR WinCrash 1.0 Server Active (malware-backdoor.rules)
 * 1:16300 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML comment creation attempt (browser-ie.rules)
 * 1:16301 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML textnode creation attempt (browser-ie.rules)
 * 1:16305 <-> DISABLED <-> BROWSER-PLUGINS Symantec Altiris Deployment Solution ActiveX clsid access attempt (browser-plugins.rules)
 * 1:16307 <-> DISABLED <-> BROWSER-PLUGINS Symantec Altiris Deployment Solution ActiveX clsid access attempt (browser-plugins.rules)
 * 1:16309 <-> DISABLED <-> SERVER-ORACLE auth_sesskey buffer overflow attempt (server-oracle.rules)
 * 1:16310 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 6/7 single line outerHTML invalid reference arbitrary code execution attempt (browser-ie.rules)
 * 1:16311 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 6/7 single line outerHTML invalid reference arbitrary code execution attempt (browser-ie.rules)
 * 1:16312 <-> DISABLED <-> SERVER-IIS ADFS custom header arbitrary code execution attempt  (server-iis.rules)
 * 1:16313 <-> DISABLED <-> FILE-EXECUTABLE download of executable content (file-executable.rules)
 * 1:16314 <-> DISABLED <-> FILE-OFFICE Microsoft Windows WordPad and Office text converter integer overflow attempt (file-office.rules)
 * 1:16315 <-> DISABLED <-> FILE-FLASH Adobe Flash PlugIn check if file exists attempt (file-flash.rules)
 * 1:16316 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed getPropertyLate actioncode attempt (file-flash.rules)
 * 1:16317 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer mouse move during refresh memory corruption attempt (browser-ie.rules)
 * 1:16318 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio invalid ho tag attempt (file-office.rules)
 * 1:16319 <-> DISABLED <-> BROWSER-IE Apple Safari-Internet Explorer SearchPath blended threat attempt (browser-ie.rules)
 * 1:16320 <-> DISABLED <-> FILE-IMAGE Adobe PNG empty sPLT exploit attempt  (file-image.rules)
 * 1:16321 <-> DISABLED <-> FILE-IMAGE Adobe tiff oversized image length attempt (file-image.rules)
 * 1:16322 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader oversized object width attempt (file-pdf.rules)
 * 1:16323 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JPEG2k uninitialized QCC memory corruption attempt (file-pdf.rules)
 * 1:16324 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader doc.export arbitrary file write attempt (file-pdf.rules)
 * 1:16325 <-> DISABLED <-> FILE-PDF Adobe JPEG2k uninitialized QCC memory corruption attempt (file-pdf.rules)
 * 1:16326 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 DOM memory corruption attempt (browser-ie.rules)
 * 1:16327 <-> DISABLED <-> OS-WINDOWS Microsoft Windows GDI+ TIFF RLE compressed data buffer overflow attempt (os-windows.rules)
 * 1:16328 <-> DISABLED <-> FILE-OFFICE Microsoft Office Project file parsing arbitrary memory access attempt (file-office.rules)
 * 1:16329 <-> DISABLED <-> SERVER-OTHER Microsoft Internet Authentication Service EAP-MSCHAPv2 authentication bypass attempt  (server-other.rules)
 * 1:16330 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer orphan DOM objects memory corruption attempt (browser-ie.rules)
 * 1:16331 <-> DISABLED <-> FILE-FLASH Adobe Flash Player JPEG parsing heap overflow attempt (file-flash.rules)
 * 1:16332 <-> DISABLED <-> SERVER-OTHER Symantec System Center Alert Management System untrusted command execution attempt (server-other.rules)
 * 1:16333 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader media.newPlayer memory corruption attempt (file-pdf.rules)
 * 1:16334 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader compressed media.newPlayer memory corruption attempt (file-pdf.rules)
 * 1:16335 <-> DISABLED <-> FILE-PDF XPDF ObjectStream integer overflow (file-pdf.rules)
 * 1:16336 <-> DISABLED <-> FILE-PDF Blackberry Server PDF JBIG2 numnewsyms remote code execution attempt (file-pdf.rules)
 * 1:16337 <-> DISABLED <-> FILE-FLASH Adobe Flash Player directory traversal attempt (file-flash.rules)
 * 1:16339 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer object clone deletion memory corruption attempt - obfuscated (browser-ie.rules)
 * 1:1634 <-> DISABLED <-> PROTOCOL-POP PASS overflow attempt (protocol-pop.rules)
 * 1:16340 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Media Player DHTML Editing ActiveX clsid access (browser-plugins.rules)
 * 1:16341 <-> DISABLED <-> SERVER-OTHER IBM DB2 Database Server invalid data stream denial of service attempt (server-other.rules)
 * 1:16342 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows AVIFile truncated media file processing memory corruption attempt (file-multimedia.rules)
 * 1:16344 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox top-level script object offset calculation memory corruption attempt (browser-firefox.rules)
 * 1:16345 <-> DISABLED <-> FILE-OTHER IBM Informix Client SDK NFX file HostList processing stack buffer overflow attempt (file-other.rules)
 * 1:16346 <-> DISABLED <-> FILE-OTHER IBM Informix Client SDK NFX file InformixServerList processing stack buffer overflow attempt (file-other.rules)
 * 1:16347 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox browser engine memory corruption attempt (browser-firefox.rules)
 * 1:16348 <-> DISABLED <-> SERVER-MYSQL database PROCEDURE ANALYSE denial of service attempt - 1 (server-mysql.rules)
 * 1:16349 <-> DISABLED <-> SERVER-MYSQL database Procedure Analyse denial of service attempt - 2 (server-mysql.rules)
 * 1:1635 <-> DISABLED <-> PROTOCOL-POP APOP overflow attempt (protocol-pop.rules)
 * 1:16350 <-> DISABLED <-> SERVER-OTHER ntp mode 7 denial of service attempt (server-other.rules)
 * 1:16351 <-> DISABLED <-> PROTOCOL-VOIP CSeq buffer overflow attempt (protocol-voip.rules)
 * 1:16352 <-> DISABLED <-> OS-LINUX Linux Kernel NFSD Subsystem overflow attempt (os-linux.rules)
 * 1:16353 <-> DISABLED <-> FILE-MULTIMEDIA FFmpeg OGV file format memory corruption attempt (file-multimedia.rules)
 * 1:16354 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader start-of-file alternate header obfuscation (file-pdf.rules)
 * 1:16355 <-> DISABLED <-> FILE-PDF Xpdf Splash DrawImage integer overflow attempt (file-pdf.rules)
 * 1:16356 <-> DISABLED <-> SERVER-IIS multiple extension code execution attempt (server-iis.rules)
 * 1:16357 <-> DISABLED <-> PROTOCOL-FTP multiple extension code execution attempt (protocol-ftp.rules)
 * 1:16358 <-> DISABLED <-> MALWARE-CNC bugsprey variant outbound connection (malware-cnc.rules)
 * 1:16359 <-> DISABLED <-> FILE-OTHER Adobe Illustrator DSC comment overflow attempt (file-other.rules)
 * 1:1636 <-> DISABLED <-> SERVER-OTHER Xtramail Username overflow attempt (server-other.rules)
 * 1:16360 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime Image Description Atom sign extension memory corruption attempt (file-multimedia.rules)
 * 1:16361 <-> DISABLED <-> FILE-OFFICE Microsoft Office BMP header biClrUsed integer overflow attempt (file-office.rules)
 * 1:16362 <-> DISABLED <-> MALWARE-CNC SpyForms malware call home (malware-cnc.rules)
 * 1:16363 <-> DISABLED <-> FILE-EXECUTABLE potentially executable file upload via FTP (file-executable.rules)
 * 1:16364 <-> DISABLED <-> SERVER-OTHER IBM DB2 database server SQLSTT denial of service attempt (server-other.rules)
 * 1:16365 <-> DISABLED <-> PUA-ADWARE OnlineGames download attempt (pua-adware.rules)
 * 1:16366 <-> DISABLED <-> OS-WINDOWS Microsoft Windows embedded OpenType font engine LZX decompression buffer overflow attempt (os-windows.rules)
 * 1:16367 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer invalid object access memory corruption attempt (browser-ie.rules)
 * 1:16368 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Hydraq variant outbound connection (malware-cnc.rules)
 * 1:16369 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer deleted object access memory corruption attempt (browser-ie.rules)
 * 1:1637 <-> DISABLED <-> SERVER-WEBAPP yabb access (server-webapp.rules)
 * 1:16371 <-> DISABLED <-> BROWSER-PLUGINS NOS Microsystems Adobe atl_getcom ActiveX clsid access (browser-plugins.rules)
 * 1:16373 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader U3D CLODMeshContinuation code execution attempt (file-pdf.rules)
 * 1:16374 <-> DISABLED <-> SERVER-OTHER Oracle Internet Directory heap corruption attempt (server-other.rules)
 * 1:16376 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CTableLayout memory corruption attempt (browser-ie.rules)
 * 1:16377 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM mergeAttributes memory corruption attempt (browser-ie.rules)
 * 1:16378 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer deleted object cells reference memory corruption vulnerability (browser-ie.rules)
 * 1:16379 <-> DISABLED <-> BROWSER-PLUGINS SAP AG SAPgui sapirrfc ActiveX clsid access (browser-plugins.rules)
 * 1:1638 <-> DISABLED <-> INDICATOR-SCAN SSH Version map attempt (indicator-scan.rules)
 * 1:16381 <-> ENABLED <-> NETBIOS SMB session negotiation request (netbios.rules)
 * 1:16382 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML+TIME animatemotion property memory corruption attempt (browser-ie.rules)
 * 1:16383 <-> DISABLED <-> SERVER-ORACLE MDSYS drop table trigger injection attempt (server-oracle.rules)
 * 1:16384 <-> DISABLED <-> SERVER-OTHER VMware Server ISAPI Extension remote denial of service attempt (server-other.rules)
 * 1:16385 <-> DISABLED <-> SERVER-MYSQL yaSSL library cert parsing stack overflow attempt (server-mysql.rules)
 * 1:16386 <-> DISABLED <-> BROWSER-PLUGINS AcroPDF.PDF ActiveX clsid access (browser-plugins.rules)
 * 1:16388 <-> DISABLED <-> BROWSER-PLUGINS AcroPDF.PDF ActiveX function call access (browser-plugins.rules)
 * 1:1639 <-> DISABLED <-> POLICY-SOCIAL IRC DCC file transfer request (policy-social.rules)
 * 1:16390 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader alternate file magic obfuscation (file-pdf.rules)
 * 1:16391 <-> DISABLED <-> MALWARE-CNC Gozi Win.Trojan.connection to C&C (malware-cnc.rules)
 * 1:16392 <-> DISABLED <-> SERVER-WEBAPP Oracle Java System Web Server 7.0u7 authorization digest heap overflow (server-webapp.rules)
 * 1:16393 <-> DISABLED <-> SERVER-OTHER PostgreSQL bit substring buffer overflow attempt (server-other.rules)
 * 1:16395 <-> ENABLED <-> OS-WINDOWS Microsoft Windows SMB COPY command oversized pathname attempt (os-windows.rules)
 * 1:16397 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB andx invalid server name share access (os-windows.rules)
 * 1:16398 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB invalid server name share access (os-windows.rules)
 * 1:16399 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB unicode andx invalid server name share access (os-windows.rules)
 * 1:1640 <-> DISABLED <-> POLICY-SOCIAL IRC DCC chat request (policy-social.rules)
 * 1:16400 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB unicode invalid server name share access (os-windows.rules)
 * 1:16401 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB andx invalid server name share access (os-windows.rules)
 * 1:16402 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB invalid server name share access (os-windows.rules)
 * 1:16403 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB unicode andx invalid server name share access (os-windows.rules)
 * 1:16404 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB unicode invalid server name share access (os-windows.rules)
 * 1:16405 <-> DISABLED <-> PROTOCOL-ICMP Microsoft Windows Ipv6pHandleRouterAdvertisement Prefix Information stack buffer overflow attempt  (protocol-icmp.rules)
 * 1:16406 <-> ENABLED <-> FILE-IDENTIFY JPEG file download request (file-identify.rules)
 * 1:16407 <-> ENABLED <-> FILE-IDENTIFY JPEG file download request (file-identify.rules)
 * 1:16409 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint improper filename remote code execution attempt (file-office.rules)
 * 1:1641 <-> DISABLED <-> SERVER-OTHER DB2 dos attempt (server-other.rules)
 * 1:16410 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint file LinkedSlide10Atom record parsing heap corruption attempt (file-office.rules)
 * 1:16411 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint out of bounds value remote code execution attempt (file-office.rules)
 * 1:16412 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint invalid TextByteAtom remote code execution attempt (file-office.rules)
 * 1:16414 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Shell Handler remote code execution attempt (os-windows.rules)
 * 1:16416 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Malformed MSODrawing Record attempt (file-office.rules)
 * 1:16417 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Negotiate Protocol Response overflow attempt (os-windows.rules)
 * 1:16418 <-> DISABLED <-> NETBIOS SMB client NULL deref race condition attempt  (netbios.rules)
 * 1:16419 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Data Analyzer 3.5 ActiveX clsid access (browser-plugins.rules)
 * 1:1642 <-> DISABLED <-> SERVER-WEBAPP document.d2w access (server-webapp.rules)
 * 1:16421 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint out of bounds value remote code execution attempt (file-office.rules)
 * 1:16422 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Paint JPEG with malformed SOFx field integer overflow attempt (file-image.rules)
 * 1:16423 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 7/8 execute local file in Internet zone redirect attempt (browser-ie.rules)
 * 1:16424 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Script Host Shell Object ActiveX clsid access (browser-plugins.rules)
 * 1:16425 <-> ENABLED <-> FILE-IDENTIFY Portable Executable binary file download request (file-identify.rules)
 * 1:16426 <-> DISABLED <-> SERVER-WEBAPP Oracle Java System Web Server 7.0 WebDAV format string exploit attempt - PROPFIND method (server-webapp.rules)
 * 1:16427 <-> DISABLED <-> SERVER-WEBAPP Oracle Java System Web Server 7.0 WebDAV format string exploit attempt - LOCK method (server-webapp.rules)
 * 1:16428 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook Express and Windows Mail NNTP handling buffer overflow attempt (file-office.rules)
 * 1:16429 <-> DISABLED <-> SERVER-WEBAPP Novell iManager eDirectory plugin schema buffer overflow attempt - GET request (server-webapp.rules)
 * 1:1643 <-> DISABLED <-> SERVER-WEBAPP db2www access (server-webapp.rules)
 * 1:16430 <-> DISABLED <-> SERVER-WEBAPP Novell iManager eDirectory plugin schema buffer overflow attempt - POST request (server-webapp.rules)
 * 1:16431 <-> ENABLED <-> SQL generic sql with comments injection attempt - GET parameter (sql.rules)
 * 1:16432 <-> DISABLED <-> BROWSER-PLUGINS Trend Micro Web Deployment ActiveX clsid access (browser-plugins.rules)
 * 1:16434 <-> DISABLED <-> FILE-IDENTIFY Ultimate Packer for Executables/UPX v0.51-v0.61 packed file magic detected (file-identify.rules)
 * 1:16435 <-> DISABLED <-> FILE-IDENTIFY Ultimate Packer for Executables/UPX v0.62-v1.22 packed file magic detected (file-identify.rules)
 * 1:16436 <-> DISABLED <-> FILE-IDENTIFY Ultimate Packer for Executables/UPX v2.90 v2.93-v3.00 packed file magic detected (file-identify.rules)
 * 1:16437 <-> DISABLED <-> SERVER-OTHER CVS Entry line flag remote heap overflow attempt (server-other.rules)
 * 1:16438 <-> DISABLED <-> SERVER-ORACLE WebLogic Server Node Manager arbitrary command execution attempt (server-oracle.rules)
 * 1:16439 <-> DISABLED <-> MALWARE-CNC Possible Zeus User-Agent - _TEST_ (malware-cnc.rules)
 * 1:1644 <-> DISABLED <-> SERVER-WEBAPP test-cgi attempt (server-webapp.rules)
 * 1:16440 <-> DISABLED <-> MALWARE-CNC Possible Zeus User-Agent - ie (malware-cnc.rules)
 * 1:16441 <-> DISABLED <-> MALWARE-CNC Possible Zeus User-Agent - Download (malware-cnc.rules)
 * 1:16442 <-> DISABLED <-> MALWARE-CNC Possible Zeus User-Agent - Mozilla (malware-cnc.rules)
 * 1:16443 <-> DISABLED <-> POLICY-SOCIAL deny Gmail chat DNS request (policy-social.rules)
 * 1:16444 <-> DISABLED <-> SERVER-OTHER HP StorageWorks storage mirroring double take service code execution attempt (server-other.rules)
 * 1:16445 <-> DISABLED <-> PROTOCOL-VOIP Digium Asterisk IAX2 ack response denial of service attempt (protocol-voip.rules)
 * 1:16446 <-> DISABLED <-> PROTOCOL-RPC portmap Solaris sadmin tcp request (protocol-rpc.rules)
 * 1:16447 <-> DISABLED <-> PROTOCOL-RPC Solaris UDP portmap sadmin request attempt (protocol-rpc.rules)
 * 1:16448 <-> DISABLED <-> PROTOCOL-RPC portmap Solaris sadmin tcp adm_build_path overflow attempt (protocol-rpc.rules)
 * 1:16449 <-> DISABLED <-> PROTOCOL-RPC portmap Solaris sadmin udp adm_build_path overflow attempt (protocol-rpc.rules)
 * 1:1645 <-> DISABLED <-> SERVER-WEBAPP testcgi access (server-webapp.rules)
 * 1:16452 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer .hlp samba share download attempt (browser-ie.rules)
 * 1:16454 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Negotiate Protocol response DoS attempt - empty SMB 2 (os-windows.rules)
 * 1:16455 <-> DISABLED <-> MALWARE-OTHER Keylogger egyspy keylogger 1.13 runtime detection (malware-other.rules)
 * 1:16456 <-> DISABLED <-> PUA-ADWARE Rogue-Software ang antivirus 09 runtime detection (pua-adware.rules)
 * 1:16457 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Cutwail.AI variant outbound connection (malware-cnc.rules)
 * 1:16459 <-> DISABLED <-> MALWARE-CNC Win.Trojan.command and control communication (malware-cnc.rules)
 * 1:1646 <-> DISABLED <-> SERVER-WEBAPP test.cgi access (server-webapp.rules)
 * 1:16461 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel EntExU2 write access violation attempt (file-office.rules)
 * 1:16462 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel BIFF8 formulas from records parsing code execution attempt (file-office.rules)
 * 1:16463 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel BIFF5 formulas from records parsing code execution attempt (file-office.rules)
 * 1:16464 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ContinueFRT12 heap overflow attempt (file-office.rules)
 * 1:16465 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ContinueFRT12 and MDXSet heap overflow attempt (file-office.rules)
 * 1:16466 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel uninitialized stack variable code execution attempt (file-office.rules)
 * 1:16467 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel 2007 invalid comments.xml uninitialized pointer access attempt (file-office.rules)
 * 1:16468 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel 2007 invalid comments.xml uninitialized pointer access attempt (file-office.rules)
 * 1:16469 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel DbOrParamQry.fOdbcConn parsing remote code execution attempt (file-office.rules)
 * 1:16470 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel DbOrParamQry.fWeb parsing remote code execution attempt (file-office.rules)
 * 1:16471 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel DbOrParamQry.fWeb parsing remote code execution attempt (file-office.rules)
 * 1:16473 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Movie Maker project file download request (file-identify.rules)
 * 1:16474 <-> ENABLED <-> FILE-IDENTIFY Microsoft Compound File Binary v3 file magic detected (file-identify.rules)
 * 1:16475 <-> ENABLED <-> FILE-IDENTIFY Microsoft Compound File Binary v4 file magic detected (file-identify.rules)
 * 1:16476 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office PowerPoint .MSProducer file download request (file-identify.rules)
 * 1:16477 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office PowerPoint .MSProducerZ file download request (file-identify.rules)
 * 1:16478 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office PowerPoint .MSProducerBF file download request (file-identify.rules)
 * 1:16479 <-> DISABLED <-> SERVER-APACHE Apache mod_isapi dangling pointer exploit attempt - public shell code (server-apache.rules)
 * 1:1648 <-> DISABLED <-> SERVER-WEBAPP perl.exe command attempt (server-webapp.rules)
 * 1:16480 <-> DISABLED <-> SERVER-APACHE Apache mod_isapi dangling pointer exploit attempt (server-apache.rules)
 * 1:16481 <-> DISABLED <-> BROWSER-OTHER Opera Content-Length header integer overflow attempt (browser-other.rules)
 * 1:16482 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer userdata behavior memory corruption attempt (browser-ie.rules)
 * 1:16483 <-> DISABLED <-> MALWARE-CNC Koobface worm submission of collected data to C&C server (malware-cnc.rules)
 * 1:16484 <-> DISABLED <-> MALWARE-CNC Koobface variant outbound connection (malware-cnc.rules)
 * 1:16485 <-> DISABLED <-> MALWARE-CNC Koobface request for captcha (malware-cnc.rules)
 * 1:16486 <-> ENABLED <-> MALWARE-BACKDOOR Arucer backdoor traffic - command execution attempt (malware-backdoor.rules)
 * 1:16487 <-> ENABLED <-> MALWARE-BACKDOOR Arucer backdoor traffic - yes command attempt (malware-backdoor.rules)
 * 1:16488 <-> ENABLED <-> MALWARE-BACKDOOR Arucer backdoor traffic - write file attempt (malware-backdoor.rules)
 * 1:16489 <-> DISABLED <-> MALWARE-CNC Bobax botnet variant outbound connection (malware-cnc.rules)
 * 1:1649 <-> DISABLED <-> SERVER-WEBAPP perl command attempt (server-webapp.rules)
 * 1:16490 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed TIFF remote code execution attempt (file-pdf.rules)
 * 1:16492 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari inline text box use after free attempt (browser-webkit.rules)
 * 1:16493 <-> DISABLED <-> MALWARE-CNC TT-bot botnet variant outbound connection (malware-cnc.rules)
 * 1:16494 <-> DISABLED <-> PUA-ADWARE Cutwail spambot server communication attempt (pua-adware.rules)
 * 1:16495 <-> DISABLED <-> MALWARE-CNC Rustock botnet variant outbound connection (malware-cnc.rules)
 * 1:16496 <-> DISABLED <-> MALWARE-CNC Win.Trojan.hacktool variant outbound connection (malware-cnc.rules)
 * 1:16497 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user agent - Tear Application (malware-cnc.rules)
 * 1:16498 <-> DISABLED <-> PUA-ADWARE PC Antispyware 2010 FakeAV download/update attempt (pua-adware.rules)
 * 1:1650 <-> DISABLED <-> SERVER-WEBAPP tst.bat access (server-webapp.rules)
 * 1:16501 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox WOFF font processing integer overflow attempt (browser-firefox.rules)
 * 1:16502 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox WOFF font processing integer overflow attempt - CFF-based (browser-firefox.rules)
 * 1:16503 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer event handling remote code execution attempt (browser-ie.rules)
 * 1:16504 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 7 encoded content handling exploit attempt (browser-ie.rules)
 * 1:16505 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML parsing memory corruption attempt (browser-ie.rules)
 * 1:16506 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer innerHTML against incomplete element heap corruption attempt (browser-ie.rules)
 * 1:16507 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer onreadystatechange memory corruption attempt (browser-ie.rules)
 * 1:16508 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 non-IE8 compatibility mode htmltime remote code execution attempt (browser-ie.rules)
 * 1:16509 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer designMode-enabled information disclosure attempt (browser-ie.rules)
 * 1:1651 <-> DISABLED <-> SERVER-WEBAPP environ.pl access (server-webapp.rules)
 * 1:16510 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Tabular Control ActiveX overflow by CLSID (browser-plugins.rules)
 * 1:16511 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Tabular Control ActiveX overflow by ProgID (browser-plugins.rules)
 * 1:16512 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer malformed span/div html document heap corruption attempt (browser-ie.rules)
 * 1:16513 <-> DISABLED <-> SQL Jive Software Openfire Jabber Server SQL injection attempt (sql.rules)
 * 1:16514 <-> DISABLED <-> SERVER-OTHER Trillian AIM XML tag handling heap buffer overflow attempt (server-other.rules)
 * 1:16515 <-> DISABLED <-> SERVER-MAIL Novell Groupwise Internet Agent RCPT command overflow attempt (server-mail.rules)
 * 1:16516 <-> DISABLED <-> SERVER-ORACLE Database sys.olapimpl_t package odcitablestart overflow attempt (server-oracle.rules)
 * 1:16517 <-> DISABLED <-> FILE-OTHER Free Download Manager .torrent parsing comment overflow attempt (file-other.rules)
 * 1:16518 <-> DISABLED <-> FILE-OTHER Free Download Manager .torrent parsing announce overflow attempt (file-other.rules)
 * 1:16519 <-> DISABLED <-> FILE-OTHER Free Download Manager .torrent parsing name overflow attempt (file-other.rules)
 * 1:1652 <-> DISABLED <-> SERVER-WEBAPP campas attempt (server-webapp.rules)
 * 1:16520 <-> DISABLED <-> FILE-OTHER Free Download Manager .torrent parsing path overflow attempt (file-other.rules)
 * 1:16521 <-> DISABLED <-> SERVER-OTHER Squid Proxy http version number overflow attempt (server-other.rules)
 * 1:16522 <-> DISABLED <-> SERVER-OTHER Novell QuickFinder server cross-site-scripting attempt (server-other.rules)
 * 1:16523 <-> DISABLED <-> FILE-PDF PDF with click-to-launch executable (file-pdf.rules)
 * 1:16524 <-> DISABLED <-> PROTOCOL-FTP ProFTPD username sql injection attempt (protocol-ftp.rules)
 * 1:16525 <-> DISABLED <-> POLICY-SOCIAL Microsoft MSN Messenger web login attempt (policy-social.rules)
 * 1:16526 <-> DISABLED <-> MALWARE-CNC VanBot IRC communication (malware-cnc.rules)
 * 1:16527 <-> DISABLED <-> MALWARE-CNC Zbot malware config file download request (malware-cnc.rules)
 * 1:16528 <-> DISABLED <-> MALWARE-CNC Zbot malware config file download request (malware-cnc.rules)
 * 1:16529 <-> ENABLED <-> FILE-IDENTIFY JPEG file download request (file-identify.rules)
 * 1:16534 <-> DISABLED <-> SERVER-OTHER Windows Server2000/2003/2008 SMTP service DNS MX lookup denial of service attempt  (server-other.rules)
 * 1:16535 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio improper attribute code execution attempt (file-office.rules)
 * 1:16536 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio off-by-one in array index code execution attempt (file-office.rules)
 * 1:16537 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Media Player ActiveX unknown compression algorithm use after free attempt (browser-plugins.rules)
 * 1:16538 <-> ENABLED <-> NETBIOS NT QUERY SECURITY DESC flowbit (netbios.rules)
 * 1:16539 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMBv1 BytesNeeded ring0 buffer overflow attempt (os-windows.rules)
 * 1:1654 <-> DISABLED <-> SERVER-WEBAPP cart32.exe access (server-webapp.rules)
 * 1:16540 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB2 client NetBufferList NULL entry remote code execution attempt (os-windows.rules)
 * 1:16541 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Service stack overflow attempt (os-windows.rules)
 * 1:16542 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher 2007 and earlier stack buffer overflow attempt (file-office.rules)
 * 1:16543 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media Player codec code execution attempt (file-multimedia.rules)
 * 1:16545 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed Richmedia annotation exploit attempt (file-pdf.rules)
 * 1:16546 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader/Acrobat Pro CFF font parsing heap overflow attempt (file-pdf.rules)
 * 1:16549 <-> DISABLED <-> FILE-OTHER Oracle JRE Java Platform SE and Java Deployment Toolkit plugins code execution attempt - npruntime-scriptable-plugin (file-other.rules)
 * 1:1655 <-> DISABLED <-> SERVER-WEBAPP pfdispaly.cgi arbitrary command execution attempt (server-webapp.rules)
 * 1:16550 <-> DISABLED <-> FILE-OTHER Oracle JRE Java Platform SE and Java Deployment Toolkit plugins code execution attempt - java-deployment-toolkit (file-other.rules)
 * 1:16551 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user agent - malware (malware-cnc.rules)
 * 1:16552 <-> DISABLED <-> FILE-IDENTIFY Adobe .pfb file download request (file-identify.rules)
 * 1:16553 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ptg index parsing code execution attempt (file-office.rules)
 * 1:16554 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader javascript getIcon method buffer overflow attempt (file-pdf.rules)
 * 1:16555 <-> DISABLED <-> SERVER-WEBAPP HP Openview Network Node Manager OvAcceptLang overflow attempt (server-webapp.rules)
 * 1:16556 <-> ENABLED <-> FILE-OTHER 2imaegshack/lmageshack IM worm get request attempt (file-other.rules)
 * 1:16557 <-> DISABLED <-> FILE-OTHER 2imaegshack/lmageshack IM worm inbound communication attempt (file-other.rules)
 * 1:16558 <-> DISABLED <-> MALWARE-CNC SdBot IRC Win.Trojan.server to client communication (malware-cnc.rules)
 * 1:1656 <-> DISABLED <-> SERVER-WEBAPP pfdispaly.cgi access (server-webapp.rules)
 * 1:16560 <-> DISABLED <-> SERVER-WEBAPP Microsoft Office SharePoint XSS attempt (server-webapp.rules)
 * 1:16561 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 TIFF file exploit attempt - 1  (file-image.rules)
 * 1:16562 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 TIFF file exploit attempt - 2  (file-image.rules)
 * 1:16563 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 TIFF file exploit attempt - 3  (file-image.rules)
 * 1:16564 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 TIFF file exploit attempt - 4  (file-image.rules)
 * 1:16565 <-> DISABLED <-> BROWSER-PLUGINS Ultra Shareware Office Control ActiveX clsid access (browser-plugins.rules)
 * 1:16566 <-> DISABLED <-> BROWSER-PLUGINS Tumbleweed SecureTransport ActiveX clsid access (browser-plugins.rules)
 * 1:16568 <-> DISABLED <-> BROWSER-PLUGINS Altnet Download Manager ADM4 ActiveX clsid access (browser-plugins.rules)
 * 1:16569 <-> DISABLED <-> BROWSER-PLUGINS EnjoySAP kweditcontrol ActiveX clsid access (browser-plugins.rules)
 * 1:1657 <-> DISABLED <-> SERVER-WEBAPP pagelog.cgi directory traversal attempt (server-webapp.rules)
 * 1:16571 <-> DISABLED <-> BROWSER-PLUGINS EnjoySAP kweditcontrol ActiveX function call access (browser-plugins.rules)
 * 1:16573 <-> DISABLED <-> BROWSER-PLUGINS obfuscated ActiveX object instantiation via unescape (browser-plugins.rules)
 * 1:16574 <-> DISABLED <-> BROWSER-PLUGINS obfuscated ActiveX object instantiation via fromCharCode (browser-plugins.rules)
 * 1:16575 <-> DISABLED <-> BROWSER-PLUGINS RKD Software BarCode ActiveX buffer overflow attempt (browser-plugins.rules)
 * 1:16576 <-> DISABLED <-> SERVER-OTHER RealNetworks Helix AgentX receive_agentx stack buffer overflow attempt (server-other.rules)
 * 1:16577 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMBv2 compound request DoS attempt (os-windows.rules)
 * 1:16578 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder 9 ActiveX buffer overflow attempt (os-windows.rules)
 * 1:16579 <-> DISABLED <-> PUA-OTHER mIRC IRC URL buffer overflow attempt (pua-other.rules)
 * 1:1658 <-> DISABLED <-> SERVER-WEBAPP pagelog.cgi access (server-webapp.rules)
 * 1:16580 <-> DISABLED <-> BROWSER-PLUGINS NCTAudioFile2 ActiveX clsid access via object tag (browser-plugins.rules)
 * 1:16581 <-> DISABLED <-> BROWSER-PLUGINS Persits Software XUpload ActiveX clsid unsafe function access attempt (browser-plugins.rules)
 * 1:16582 <-> DISABLED <-> FILE-OTHER Un4seen Developments XMPlay crafted ASX file buffer overflow attempt (file-other.rules)
 * 1:16584 <-> DISABLED <-> BROWSER-IE Oracle Java Web Start arbitrary command execution attempt - Internet Explorer (browser-ie.rules)
 * 1:16586 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Document remote code execution attempt (file-office.rules)
 * 1:16587 <-> DISABLED <-> BROWSER-PLUGINS Symantec Altiris Deployment Solution ActiveX clsid access attempt (browser-plugins.rules)
 * 1:16588 <-> DISABLED <-> BROWSER-PLUGINS iseemedia LPViewer ActiveX clsid access (browser-plugins.rules)
 * 1:16589 <-> DISABLED <-> BROWSER-PLUGINS iseemedia LPViewer ActiveX function call access (browser-plugins.rules)
 * 1:1659 <-> DISABLED <-> SERVER-OTHER Adobe Coldfusion sendmail.cfm access (server-other.rules)
 * 1:16590 <-> DISABLED <-> BROWSER-PLUGINS Oracle EasyMail Objects ActiveX exploit attempt (browser-plugins.rules)
 * 1:16592 <-> DISABLED <-> BROWSER-OTHER Opera asynchronous document modifications attempted memory corruption (browser-other.rules)
 * 1:16593 <-> DISABLED <-> FILE-OFFICE Microsoft VBE6.dll stack corruption attempt (file-office.rules)
 * 1:16594 <-> ENABLED <-> PROTOCOL-POP STAT command (protocol-pop.rules)
 * 1:16595 <-> DISABLED <-> SERVER-MAIL Microsoft Windows Mail remote code execution attempt (server-mail.rules)
 * 1:16596 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari information disclosure and remote code execution attempt (browser-webkit.rules)
 * 1:16597 <-> DISABLED <-> SERVER-MAIL Novell GroupWise Internet Agent Email address processing buffer overflow attempt (server-mail.rules)
 * 1:16598 <-> DISABLED <-> SERVER-OTHER Green Dam URL handling overflow attempt (server-other.rules)
 * 1:16599 <-> DISABLED <-> BROWSER-PLUGINS AtHocGov IWSAlerts ActiveX control buffer overflow attempt (browser-plugins.rules)
 * 1:1660 <-> DISABLED <-> SERVER-IIS trace.axd access (server-iis.rules)
 * 1:16600 <-> DISABLED <-> MALWARE-CNC Otlard Win.Trojan.activity (malware-cnc.rules)
 * 1:16601 <-> DISABLED <-> FILE-OTHER Amaya web editor XML and HTML Parser Buffer overflow attempt (file-other.rules)
 * 1:16602 <-> DISABLED <-> BROWSER-PLUGINS Microsoft DirectShow 3 ActiveX exploit via JavaScript (browser-plugins.rules)
 * 1:16603 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader Linux malformed U3D mesh deceleration block exploit attempt (file-pdf.rules)
 * 1:16604 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager ovalarm.exe Accept-Language buffer overflow attempt (server-webapp.rules)
 * 1:16605 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer nested SPAN tag memory corruption attempt (browser-ie.rules)
 * 1:16606 <-> DISABLED <-> SERVER-ORACLE BEA WebLogic Server Plug-ins Certificate overflow attempt (server-oracle.rules)
 * 1:16607 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RAM Download Handler ActiveX control access attempt (browser-plugins.rules)
 * 1:16608 <-> DISABLED <-> BROWSER-PLUGINS HP Mercury Quality Center SPIDERLib ActiveX control access attempt (browser-plugins.rules)
 * 1:16609 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer Import ActiveX clsid access attempt (browser-plugins.rules)
 * 1:1661 <-> DISABLED <-> SERVER-IIS cmd32.exe access (server-iis.rules)
 * 1:16610 <-> DISABLED <-> BROWSER-PLUGINS IBM Access Support ActiveX GetXMLValue method buffer overflow attempt (browser-plugins.rules)
 * 1:16611 <-> DISABLED <-> SERVER-APACHE Apache 413 error HTTP request method cross-site scripting attack (server-apache.rules)
 * 1:16612 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox oversized SOCKS5 DNS reply memory corruption attempt (browser-firefox.rules)
 * 1:16613 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - cmd (indicator-compromise.rules)
 * 1:16614 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - search (indicator-compromise.rules)
 * 1:16615 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - upload (indicator-compromise.rules)
 * 1:16616 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - about (indicator-compromise.rules)
 * 1:16617 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - encoder (indicator-compromise.rules)
 * 1:16618 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - bind (indicator-compromise.rules)
 * 1:16619 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - ps_aux (indicator-compromise.rules)
 * 1:1662 <-> DISABLED <-> SERVER-WEBAPP /~ftp access (server-webapp.rules)
 * 1:16620 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - ftpquickbrute (indicator-compromise.rules)
 * 1:16621 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - security (indicator-compromise.rules)
 * 1:16622 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - sql (indicator-compromise.rules)
 * 1:16623 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - eval (indicator-compromise.rules)
 * 1:16624 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - feedback (indicator-compromise.rules)
 * 1:16625 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - selfremove (indicator-compromise.rules)
 * 1:16626 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - fsbuff (indicator-compromise.rules)
 * 1:16627 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - ls (indicator-compromise.rules)
 * 1:16628 <-> DISABLED <-> INDICATOR-COMPROMISE c99shell.php command request - phpinfo (indicator-compromise.rules)
 * 1:1663 <-> DISABLED <-> SERVER-WEBAPP *%20.pl access (server-webapp.rules)
 * 1:16630 <-> ENABLED <-> FILE-IDENTIFY DAT file download request (file-identify.rules)
 * 1:16631 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari image use after remove attempt (browser-webkit.rules)
 * 1:16632 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari image use after reparent attempt (browser-webkit.rules)
 * 1:16633 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader File containing Flash use-after-free attack attempt (file-pdf.rules)
 * 1:16634 <-> DISABLED <-> FILE-FLASH Adobe Flash use-after-free attack attempt (file-flash.rules)
 * 1:16635 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer 8 Developer Tool ActiveX clsid access (browser-plugins.rules)
 * 1:16636 <-> DISABLED <-> OS-WINDOWS Microsoft Windows .NET framework XMLDsig data tampering attempt (os-windows.rules)
 * 1:16637 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer security zone restriction bypass attempt (browser-ie.rules)
 * 1:16638 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt (file-office.rules)
 * 1:16639 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt - with macro (file-office.rules)
 * 1:1664 <-> DISABLED <-> SERVER-WEBAPP mkplog.exe access (server-webapp.rules)
 * 1:16640 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt - with linkFmla (file-office.rules)
 * 1:16641 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt - with macro and linkFmla (file-office.rules)
 * 1:16642 <-> DISABLED <-> POLICY-OTHER file URI scheme attempt (policy-other.rules)
 * 1:16643 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Chart Sheet Substream memory corruption attempt (file-office.rules)
 * 1:16644 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel WOpt record memory corruption attempt (file-office.rules)
 * 1:16645 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SxView record memory pointer corruption attempt (file-office.rules)
 * 1:16646 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RTD buffer overflow attempt  (file-office.rules)
 * 1:16647 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RealTimeData record heap memory corruption attempt - 2 (file-office.rules)
 * 1:16648 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RealTimeData record heap memory corruption attempt - 1 (file-office.rules)
 * 1:16650 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ExternName record stack buffer overflow attempt - 1 (file-office.rules)
 * 1:16651 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ExternName record stack buffer overflow attempt - 2 (file-office.rules)
 * 1:16652 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ExternName record stack buffer overflow attempt - 3 (file-office.rules)
 * 1:16653 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ExternName record stack buffer overflow attempt - 4 (file-office.rules)
 * 1:16654 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Publisher record heap buffer overflow attempt (file-office.rules)
 * 1:16655 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Lbl record stack overflow attempt (file-office.rules)
 * 1:16656 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel BIFF5 ExternSheet record stack overflow attempt (file-office.rules)
 * 1:16657 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel DBQueryExt record memory corruption attempt (file-office.rules)
 * 1:16658 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 cross-site scripting attempt (browser-ie.rules)
 * 1:16659 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer style sheet array memory corruption attempt (browser-ie.rules)
 * 1:1666 <-> DISABLED <-> INDICATOR-COMPROMISE index of /cgi-bin/ response (indicator-compromise.rules)
 * 1:16660 <-> DISABLED <-> SERVER-WEBAPP Microsoft Office SharePoint Server 2007 help.aspx denial of service attempt (server-webapp.rules)
 * 1:16661 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX quartz.dll MJPEG content processing memory corruption attempt (file-multimedia.rules)
 * 1:16664 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader authplay.dll vulnerability exploit attempt (file-pdf.rules)
 * 1:16665 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Help Centre escape sequence XSS attempt (os-windows.rules)
 * 1:16666 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari window.parent.close unspecified remote code execution vulnerability (browser-webkit.rules)
 * 1:16667 <-> DISABLED <-> BROWSER-CHROME Google Chrome GURL cross origin bypass attempt (browser-chrome.rules)
 * 1:16668 <-> DISABLED <-> BROWSER-CHROME Google Chrome GURL cross origin bypass attempt (browser-chrome.rules)
 * 1:16669 <-> DISABLED <-> MALWARE-CNC Spyeye bot variant outbound connection (malware-cnc.rules)
 * 1:1667 <-> DISABLED <-> SERVER-WEBAPP cross site scripting HTML Image tag set to javascript attempt (server-webapp.rules)
 * 1:16670 <-> DISABLED <-> MALWARE-CNC Koobface worm executable download (malware-cnc.rules)
 * 1:16671 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus Domino Web Access ActiveX exploit attempt (browser-plugins.rules)
 * 1:16672 <-> DISABLED <-> BROWSER-PLUGINS Symantec Backup Exec ActiveX control buffer overflow attempt (browser-plugins.rules)
 * 1:16673 <-> DISABLED <-> FILE-OTHER Adobe Shockwave DIR file PAMI chunk code execution attempt (file-other.rules)
 * 1:16674 <-> DISABLED <-> SERVER-WEBAPP HP OpenView CGI parameter buffer overflow attempt (server-webapp.rules)
 * 1:16675 <-> DISABLED <-> BROWSER-PLUGINS CA BrightStor ListCtrl ActiveX control access (browser-plugins.rules)
 * 1:16676 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed FlateDecode colors declaration (file-pdf.rules)
 * 1:16677 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed FlateDecode colors declaration (file-pdf.rules)
 * 1:16678 <-> DISABLED <-> SERVER-WEBAPP Tandberg VCS local file disclosure attempt (server-webapp.rules)
 * 1:16679 <-> DISABLED <-> OS-WINDOWS Microsoft Windows GDIplus integer overflow attempt (os-windows.rules)
 * 1:1668 <-> DISABLED <-> SERVER-WEBAPP /cgi-bin/ access (server-webapp.rules)
 * 1:16680 <-> DISABLED <-> APP-DETECT Tandberg VCS SSH default key (app-detect.rules)
 * 1:16681 <-> DISABLED <-> SERVER-WEBAPP Basic Authorization string overflow attempt (server-webapp.rules)
 * 1:16682 <-> DISABLED <-> SERVER-WEBAPP Oracle ONE Web Server JSP source code disclosure attempt (server-webapp.rules)
 * 1:16683 <-> DISABLED <-> FILE-MULTIMEDIA Nullsoft Winamp CAF file processing integer overflow attempt (file-multimedia.rules)
 * 1:16684 <-> DISABLED <-> SERVER-SAMBA Samba smbd Session Setup AndX security blob length dos attempt (server-samba.rules)
 * 1:16685 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager Client dsmagent.exe NodeName length buffer overflow attempt (server-other.rules)
 * 1:16686 <-> DISABLED <-> SERVER-OTHER IBM WebSphere application server cross site scripting attempt (server-other.rules)
 * 1:16687 <-> DISABLED <-> BROWSER-PLUGINS Juniper Networks SSL-VPN Client JuniperSetup ActiveX control buffer overflow attempt (browser-plugins.rules)
 * 1:16688 <-> DISABLED <-> SERVER-OTHER iscsi target format string code execution attempt (server-other.rules)
 * 1:16689 <-> DISABLED <-> SERVER-OTHER Palo Alto Networks Firewall editUser.esp XSS attempt (server-other.rules)
 * 1:1669 <-> DISABLED <-> SERVER-WEBAPP /cgi-dos/ access (server-webapp.rules)
 * 1:16690 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer createTextRange code execution attempt (browser-ie.rules)
 * 1:16691 <-> ENABLED <-> FILE-IDENTIFY PLF playlist file download request (file-identify.rules)
 * 1:16692 <-> DISABLED <-> FILE-MULTIMEDIA PLF playlist name buffer overflow attempt (file-multimedia.rules)
 * 1:16693 <-> ENABLED <-> MALWARE-CNC Torpig bot sinkhole server DNS lookup (malware-cnc.rules)
 * 1:16694 <-> DISABLED <-> SERVER-OTHER RealNetworks Helix Server RTSP SETUP request denial of service attempt (server-other.rules)
 * 1:16695 <-> DISABLED <-> MALWARE-CNC Rogue AV download/update (malware-cnc.rules)
 * 1:16696 <-> DISABLED <-> FILE-OTHER Astonsoft Deepburner db file path buffer overflow attempt (file-other.rules)
 * 1:16697 <-> DISABLED <-> PROTOCOL-FTP httpdx USER null byte denial of service (protocol-ftp.rules)
 * 1:16698 <-> DISABLED <-> PROTOCOL-FTP httpdx PASS null byte denial of service (protocol-ftp.rules)
 * 1:16699 <-> DISABLED <-> PROTOCOL-RPC Linux Kernel nfsd v2 udp CAP_MKNOD security bypass attempt (protocol-rpc.rules)
 * 1:1670 <-> DISABLED <-> SERVER-WEBAPP /home/ftp access (server-webapp.rules)
 * 1:16700 <-> DISABLED <-> PROTOCOL-RPC Linux Kernel nfsd v2 tcp CAP_MKNOD security bypass attempt (protocol-rpc.rules)
 * 1:16701 <-> DISABLED <-> PROTOCOL-RPC Linux Kernel nfsd v3 udp CAP_MKNOD security bypass attempt (protocol-rpc.rules)
 * 1:16702 <-> DISABLED <-> PROTOCOL-RPC Linux Kernel nfsd v3 tcp CAP_MKNOD security bypass attempt (protocol-rpc.rules)
 * 1:16703 <-> DISABLED <-> SERVER-MYSQL Database COM_FIELD_LIST Buffer Overflow attempt (server-mysql.rules)
 * 1:16704 <-> DISABLED <-> BROWSER-PLUGINS CA eTrust PestPatrol ActiveX Initialize method overflow attempt (browser-plugins.rules)
 * 1:16705 <-> DISABLED <-> PROTOCOL-RPC Oracle Solaris sadmind UDP array size buffer overflow attempt (protocol-rpc.rules)
 * 1:16706 <-> DISABLED <-> PROTOCOL-RPC Oracle Solaris sadmind TCP array size buffer overflow attempt (protocol-rpc.rules)
 * 1:16707 <-> DISABLED <-> SERVER-MYSQL mysql_log COM_CREATE_DB format string vulnerability exploit attempt (server-mysql.rules)
 * 1:16708 <-> DISABLED <-> SERVER-MYSQL mysql_log COM_DROP_DB format string vulnerability exploit attempt (server-mysql.rules)
 * 1:16709 <-> DISABLED <-> SERVER-OTHER RealNetworks Helix Server RTSP SET_PARAMETERS empty DataConvertBuffer header denial of service attempt (server-other.rules)
 * 1:1671 <-> DISABLED <-> SERVER-WEBAPP /home/www access (server-webapp.rules)
 * 1:16710 <-> DISABLED <-> SERVER-OTHER Oracle BEA Weblogic server console-help.portal cross-site scripting attempt (server-other.rules)
 * 1:16711 <-> DISABLED <-> BROWSER-PLUGINS E-Book Systems FlipViewer FlipViewerX.dll activex clsid access ActiveX clsid access (browser-plugins.rules)
 * 1:16712 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager ovwebsnmpsrv.exe OVwSelection buffer overflow attempt - GET (server-webapp.rules)
 * 1:16713 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager ovwebsnmpsrv.exe OVwSelection buffer overflow attempt - POST (server-webapp.rules)
 * 1:16714 <-> DISABLED <-> BROWSER-PLUGINS SoftArtisans XFile FileManager ActiveX Control access attempt (browser-plugins.rules)
 * 1:16715 <-> DISABLED <-> BROWSER-PLUGINS SaschArt SasCam Webcam Server ActiveX control exploit attempt (browser-plugins.rules)
 * 1:16716 <-> DISABLED <-> FILE-IMAGE multiple products PNG processing buffer overflow attempt (file-image.rules)
 * 1:16717 <-> DISABLED <-> SERVER-ORACLE Oracle Secure Enterprise Search search_p_groups cross-site scripting attempt (server-oracle.rules)
 * 1:16718 <-> DISABLED <-> PUA-OTHER Skype URI handler input validation exploit attempt (pua-other.rules)
 * 1:16719 <-> DISABLED <-> FILE-OTHER CA multiple product AV engine CAB header parsing stack overflow attempt (file-other.rules)
 * 1:1672 <-> DISABLED <-> PROTOCOL-FTP CWD ~ attempt (protocol-ftp.rules)
 * 1:16720 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player TY processing buffer overflow attempt (file-multimedia.rules)
 * 1:16721 <-> DISABLED <-> FILE-OTHER Orbital Viewer .orb stack buffer overflow attempt (file-other.rules)
 * 1:16722 <-> DISABLED <-> SERVER-ORACLE Oracle Database Server DBMS_CDC_PUBLISH.DROP_CHANGE_SOURCE procedure SQL injection attempt (server-oracle.rules)
 * 1:16723 <-> DISABLED <-> SERVER-ORACLE Oracle Database Server DBMS_CDC_PUBLISH.ALTER_CHANGE_SOURCE procedure SQL injection attempt (server-oracle.rules)
 * 1:16724 <-> DISABLED <-> OS-LINUX Linux kernel sctp_process_unk_param SCTPChunkInit buffer overflow attempt (os-linux.rules)
 * 1:16725 <-> DISABLED <-> BROWSER-PLUGINS ActivePDF WebGrabber APWebGrb.ocx GetStatus method overflow attempt (browser-plugins.rules)
 * 1:16726 <-> DISABLED <-> FILE-OTHER gAlan malformed file stack overflow attempt (file-other.rules)
 * 1:16727 <-> DISABLED <-> FILE-OTHER IDEAL Administration IPJ file handling stack overflow attempt (file-other.rules)
 * 1:16729 <-> DISABLED <-> BROWSER-PLUGINS McAfee Remediation client ActiveX control access attempt (browser-plugins.rules)
 * 1:1673 <-> DISABLED <-> SERVER-ORACLE EXECUTE_SYSTEM attempt (server-oracle.rules)
 * 1:16730 <-> DISABLED <-> FILE-OTHER ProShow Gold PSH file handling overflow attempt (file-other.rules)
 * 1:16731 <-> DISABLED <-> FILE-OTHER ProShow Gold PSH file handling overflow attempt (file-other.rules)
 * 1:16732 <-> DISABLED <-> FILE-OTHER SafeNet SoftRemote multiple policy file local overflow attempt (file-other.rules)
 * 1:16733 <-> DISABLED <-> FILE-OTHER UltraISO CCD file handling overflow attempt (file-other.rules)
 * 1:16734 <-> DISABLED <-> FILE-OTHER multiple products malformed CUE file buffer overflow attempt (file-other.rules)
 * 1:16735 <-> DISABLED <-> FILE-OTHER URSoft W32Dasm Import/Export function buffer overflow attempt (file-other.rules)
 * 1:16736 <-> DISABLED <-> FILE-OTHER VariCAD multiple products DWB file handling overflow attempt (file-other.rules)
 * 1:16737 <-> DISABLED <-> FILE-MULTIMEDIA Xenorate Media Player XPL file handling overflow attempt - 1 (file-multimedia.rules)
 * 1:16738 <-> DISABLED <-> FILE-MULTIMEDIA Xenorate Media Player XPL file handling overflow attempt - 2 (file-multimedia.rules)
 * 1:16739 <-> DISABLED <-> FILE-MULTIMEDIA Multiple audio players playlist file handling heap overflow attempt (file-multimedia.rules)
 * 1:1674 <-> DISABLED <-> SERVER-ORACLE connect_data remote version detection attempt (server-oracle.rules)
 * 1:16740 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Works WkImgSrv.dll ActiveX control code execution attempt (browser-plugins.rules)
 * 1:16741 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Works WkImgSrv.dll ActiveX clsid access attempt (browser-plugins.rules)
 * 1:16742 <-> ENABLED <-> FILE-IDENTIFY remote desktop configuration file download request (file-identify.rules)
 * 1:16743 <-> DISABLED <-> FILE-OTHER Cain & Abel Remote Desktop Protocol file handling buffer overflow attempt (file-other.rules)
 * 1:16744 <-> DISABLED <-> FILE-MULTIMEDIA Worldweaver DX Studio Player plug-in command injection attempt (file-multimedia.rules)
 * 1:16745 <-> DISABLED <-> BROWSER-PLUGINS DjVu ActiveX control access attempt (browser-plugins.rules)
 * 1:16746 <-> DISABLED <-> BROWSER-PLUGINS IBM Access Support ActiveX clsid access (browser-plugins.rules)
 * 1:16748 <-> DISABLED <-> BROWSER-PLUGINS IBM Access Support ActiveX function call access (browser-plugins.rules)
 * 1:1675 <-> DISABLED <-> SERVER-ORACLE misparsed login response (server-oracle.rules)
 * 1:16751 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player SMB module Win32AddConnection buffer overflow attempt (file-multimedia.rules)
 * 1:16752 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player SMB module Win32AddConnection buffer overflow attempt (file-multimedia.rules)
 * 1:16753 <-> DISABLED <-> SERVER-WEBAPP VideoLAN VLC Media Player SMB module Win32AddConnection buffer overflow attempt (server-webapp.rules)
 * 1:16754 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand andx create tree attempt (netbios.rules)
 * 1:16755 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand create tree attempt (netbios.rules)
 * 1:16756 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand unicode andx create tree attempt (netbios.rules)
 * 1:16757 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand unicode create tree attempt (netbios.rules)
 * 1:16758 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand andx create tree attempt (netbios.rules)
 * 1:16759 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand create tree attempt (netbios.rules)
 * 1:1676 <-> DISABLED <-> SERVER-ORACLE select union attempt (server-oracle.rules)
 * 1:16760 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand unicode andx create tree attempt (netbios.rules)
 * 1:16761 <-> ENABLED <-> NETBIOS SMB /PlughNTCommand unicode create tree attempt (netbios.rules)
 * 1:16762 <-> DISABLED <-> NETBIOS SMB Timbuktu Pro overflow WriteAndX andx attempt (netbios.rules)
 * 1:16763 <-> DISABLED <-> NETBIOS SMB Timbuktu Pro overflow WriteAndX attempt (netbios.rules)
 * 1:16764 <-> DISABLED <-> NETBIOS SMB Timbuktu Pro overflow WriteAndX unicode andx attempt (netbios.rules)
 * 1:16765 <-> DISABLED <-> NETBIOS SMB Timbuktu Pro overflow WriteAndX unicode attempt (netbios.rules)
 * 1:16766 <-> DISABLED <-> NETBIOS SMB Timbuktu Pro overflow andx attempt (netbios.rules)
 * 1:16767 <-> DISABLED <-> BROWSER-PLUGINS AwingSoft Web3D Player SceneURL ActiveX clsid access (browser-plugins.rules)
 * 1:16769 <-> DISABLED <-> BROWSER-PLUGINS AwingSoft Web3D Player ActiveX function call access (browser-plugins.rules)
 * 1:1677 <-> DISABLED <-> SERVER-ORACLE select like '%' attempt (server-oracle.rules)
 * 1:16771 <-> DISABLED <-> BROWSER-PLUGINS AwingSoft Web3D Player WindsPlayerIE.View.1 ActiveX SceneURL method overflow attempt (browser-plugins.rules)
 * 1:16772 <-> DISABLED <-> BROWSER-PLUGINS EMC Captiva QuickScan Pro ActiveX clsid access (browser-plugins.rules)
 * 1:16774 <-> DISABLED <-> BROWSER-PLUGINS EMC Captiva QuickScan Pro ActiveX function call access (browser-plugins.rules)
 * 1:16776 <-> DISABLED <-> BROWSER-PLUGINS KeyWorks KeyHelp ActiveX control JumpURL method access attempt (browser-plugins.rules)
 * 1:16777 <-> DISABLED <-> SERVER-ORACLE Secure Backup NDMP packet handling DoS attempt (server-oracle.rules)
 * 1:16778 <-> DISABLED <-> SERVER-ORACLE Secure Backup NDMP packet handling DoS attempt (server-oracle.rules)
 * 1:16779 <-> DISABLED <-> BROWSER-PLUGINS EasyMail IMAP4 ActiveX clsid access (browser-plugins.rules)
 * 1:1678 <-> DISABLED <-> SERVER-ORACLE select like '%' attempt backslash escaped (server-oracle.rules)
 * 1:16781 <-> DISABLED <-> BROWSER-PLUGINS EasyMail IMAP4 ActiveX function call access (browser-plugins.rules)
 * 1:16783 <-> DISABLED <-> BROWSER-PLUGINS Autodesk iDrop ActiveX clsid access (browser-plugins.rules)
 * 1:16784 <-> DISABLED <-> BROWSER-PLUGINS Autodesk iDrop ActiveX function call access (browser-plugins.rules)
 * 1:16785 <-> DISABLED <-> BROWSER-PLUGINS AwingSoft Winds3D Player SceneURL method command execution attempt (browser-plugins.rules)
 * 1:16786 <-> DISABLED <-> FILE-OFFICE Microsoft Office Web Components Spreadsheet ActiveX buffer overflow attempt (file-office.rules)
 * 1:16787 <-> DISABLED <-> FILE-OTHER Symantec multiple products AeXNSConsoleUtilities RunCMD buffer overflow attempt (file-other.rules)
 * 1:16788 <-> DISABLED <-> SERVER-OTHER RealVNC VNC Server ClientCutText message memory corruption attempt (server-other.rules)
 * 1:16789 <-> DISABLED <-> BROWSER-PLUGINS Chilkat Crypt 2 ActiveX object access attempt (browser-plugins.rules)
 * 1:1679 <-> DISABLED <-> SERVER-ORACLE describe attempt (server-oracle.rules)
 * 1:16790 <-> DISABLED <-> BROWSER-PLUGINS Chilkat Crypt 2 ActiveX clsid access attempt (browser-plugins.rules)
 * 1:16791 <-> DISABLED <-> BROWSER-PLUGINS SAP AG SAPgui EAI WebViewer3D ActiveX clsid access (browser-plugins.rules)
 * 1:16793 <-> DISABLED <-> BROWSER-PLUGINS SAP AG SAPgui EAI WebViewer3D ActiveX function call access (browser-plugins.rules)
 * 1:16795 <-> DISABLED <-> BROWSER-CHROME Google Chrome FTP handling out-of-bounds array index denial of service attempt (browser-chrome.rules)
 * 1:16796 <-> DISABLED <-> PROTOCOL-RPC Oracle Solaris sadmind UDP data length integer overflow attempt (protocol-rpc.rules)
 * 1:16797 <-> DISABLED <-> PROTOCOL-RPC Oracle Solaris sadmind TCP data length integer overflow attempt (protocol-rpc.rules)
 * 1:16798 <-> DISABLED <-> FILE-OTHER Orbit Downloader long URL buffer overflow attempt (file-other.rules)
 * 1:16799 <-> DISABLED <-> SERVER-MAIL Eureka Mail 2.2q server error response overflow attempt (server-mail.rules)
 * 1:1680 <-> DISABLED <-> SERVER-ORACLE all_constraints access (server-oracle.rules)
 * 1:16800 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel FRTWrapper record buffer overflow attempt (file-office.rules)
 * 1:16801 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader CoolType.dll remote memory corruption denial of service attempt (file-pdf.rules)
 * 1:16802 <-> DISABLED <-> BROWSER-PLUGINS WinDVD IASystemInfo.dll ActiveX clsid access (browser-plugins.rules)
 * 1:16804 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Qakbot.E - initial load (malware-cnc.rules)
 * 1:16805 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Qakbot.E config check (malware-cnc.rules)
 * 1:16806 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Qakbot.E - FTP upload seclog (malware-cnc.rules)
 * 1:16807 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Qakbot.E - FTP Upload ps_dump (malware-cnc.rules)
 * 1:16808 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Qakbot.E - register client (malware-cnc.rules)
 * 1:16809 <-> DISABLED <-> MALWARE-CNC Win.Trojan.FraudPack variant outbound connection (malware-cnc.rules)
 * 1:1681 <-> DISABLED <-> SERVER-ORACLE all_views access (server-oracle.rules)
 * 1:16810 <-> DISABLED <-> MALWARE-CNC known command and control channel traffic (malware-cnc.rules)
 * 1:16811 <-> DISABLED <-> MALWARE-CNC known command and control channel traffic (malware-cnc.rules)
 * 1:16812 <-> DISABLED <-> MALWARE-CNC known command and control channel traffic (malware-cnc.rules)
 * 1:16813 <-> DISABLED <-> MALWARE-CNC known command and control channel traffic (malware-cnc.rules)
 * 1:16814 <-> DISABLED <-> MALWARE-CNC known command and control channel traffic (malware-cnc.rules)
 * 1:16815 <-> DISABLED <-> MALWARE-CNC known command and control channel traffic (malware-cnc.rules)
 * 1:16816 <-> DISABLED <-> MALWARE-CNC known command and control channel traffic (malware-cnc.rules)
 * 1:16817 <-> DISABLED <-> MALWARE-CNC known command and control channel traffic (malware-cnc.rules)
 * 1:16818 <-> DISABLED <-> MALWARE-CNC known command and control channel traffic (malware-cnc.rules)
 * 1:16819 <-> DISABLED <-> MALWARE-CNC known command and control channel traffic (malware-cnc.rules)
 * 1:1682 <-> DISABLED <-> SERVER-ORACLE all_source access (server-oracle.rules)
 * 1:16820 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Kryptik variant outbound connection (malware-cnc.rules)
 * 1:16821 <-> DISABLED <-> MALWARE-CNC known command and control channel traffic (malware-cnc.rules)
 * 1:16822 <-> DISABLED <-> MALWARE-CNC known command and control channel traffic (malware-cnc.rules)
 * 1:16823 <-> DISABLED <-> MALWARE-CNC Win.Trojan.FlyStudio known command and control channel traffic (malware-cnc.rules)
 * 1:16824 <-> DISABLED <-> MALWARE-CNC known command and control channel traffic (malware-cnc.rules)
 * 1:16825 <-> DISABLED <-> MALWARE-CNC known command and control channel traffic (malware-cnc.rules)
 * 1:16826 <-> DISABLED <-> MALWARE-CNC known command and control channel traffic (malware-cnc.rules)
 * 1:16827 <-> DISABLED <-> MALWARE-CNC known command and control channel traffic (malware-cnc.rules)
 * 1:16828 <-> DISABLED <-> MALWARE-CNC known command and control channel traffic (malware-cnc.rules)
 * 1:16829 <-> DISABLED <-> MALWARE-CNC known command and control channel traffic (malware-cnc.rules)
 * 1:1683 <-> DISABLED <-> SERVER-ORACLE all_tables access (server-oracle.rules)
 * 1:16830 <-> DISABLED <-> MALWARE-CNC known command and control channel traffic (malware-cnc.rules)
 * 1:16831 <-> DISABLED <-> MALWARE-CNC known command and control channel traffic (malware-cnc.rules)
 * 1:16832 <-> DISABLED <-> MALWARE-CNC known command and control channel traffic (malware-cnc.rules)
 * 1:16833 <-> DISABLED <-> MALWARE-CNC known command and control channel traffic (malware-cnc.rules)
 * 1:1684 <-> DISABLED <-> SERVER-ORACLE all_tab_columns access (server-oracle.rules)
 * 1:1685 <-> DISABLED <-> SERVER-ORACLE all_tab_privs access (server-oracle.rules)
 * 1:1686 <-> DISABLED <-> SERVER-ORACLE dba_tablespace access (server-oracle.rules)
 * 1:1687 <-> DISABLED <-> SERVER-ORACLE dba_tables access (server-oracle.rules)
 * 1:1688 <-> DISABLED <-> SERVER-ORACLE user_tablespace access (server-oracle.rules)
 * 1:1689 <-> DISABLED <-> SERVER-ORACLE sys.all_users access (server-oracle.rules)
 * 1:1690 <-> DISABLED <-> SERVER-ORACLE grant attempt (server-oracle.rules)
 * 1:1691 <-> DISABLED <-> SERVER-ORACLE ALTER USER attempt (server-oracle.rules)
 * 1:16911 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - ucsp0416.exe?t= (malware-cnc.rules)
 * 1:16912 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - net/cfg2.bin (malware-cnc.rules)
 * 1:16913 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - count_log/log/boot.php?p= (malware-cnc.rules)
 * 1:16914 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - .bin?ucsp (malware-cnc.rules)
 * 1:16915 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - /MNG/Download/?File=AZF (malware-cnc.rules)
 * 1:16916 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - /jarun/jezerce (malware-cnc.rules)
 * 1:16917 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - /ekaterina/velika (malware-cnc.rules)
 * 1:16918 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - /ultimate/fight (malware-cnc.rules)
 * 1:16919 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - /tmp/pm.exe?t= (malware-cnc.rules)
 * 1:1692 <-> DISABLED <-> SERVER-ORACLE drop table attempt (server-oracle.rules)
 * 1:16920 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - /DownLoadFile/BaePo/ver (malware-cnc.rules)
 * 1:16921 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - /s1/launcher/update/Update/data/ (malware-cnc.rules)
 * 1:16922 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - /cgi-bin/rd.cgi?f=/vercfg.dat?AgentID= (malware-cnc.rules)
 * 1:16923 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - /search.php?username=coolweb07&keywords= (malware-cnc.rules)
 * 1:16924 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - /inst.php?fff= (malware-cnc.rules)
 * 1:16925 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - /message.php?subid= (malware-cnc.rules)
 * 1:16926 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - strMode=setup&strID=pcvaccine&strPC= (malware-cnc.rules)
 * 1:16927 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - MGWEB.php?c=TestUrl (malware-cnc.rules)
 * 1:16928 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - /stat.html?0dPg0uXTraCSqrOdlrKpmpyorePbz (malware-cnc.rules)
 * 1:16929 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - gate.php?guid= (malware-cnc.rules)
 * 1:1693 <-> DISABLED <-> SERVER-ORACLE create table attempt (server-oracle.rules)
 * 1:16930 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - count.asp?mac= (malware-cnc.rules)
 * 1:16931 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - feedbigfoot.php?m= (malware-cnc.rules)
 * 1:16932 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - /qqnongchang/qqkj. (malware-cnc.rules)
 * 1:16933 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - /root/9 frt.rar (malware-cnc.rules)
 * 1:16934 <-> DISABLED <-> POLICY-SPAM pku-edp.cn known spam email attempt (policy-spam.rules)
 * 1:16935 <-> DISABLED <-> POLICY-SPAM sjtu-edp.cn known spam email attempt (policy-spam.rules)
 * 1:16936 <-> DISABLED <-> POLICY-SPAM xoposuhop.cn xoposuhop.cn known spam email attempt (policy-spam.rules)
 * 1:16937 <-> DISABLED <-> POLICY-SPAM bestdrug-store.com known spam email attempt (policy-spam.rules)
 * 1:16938 <-> DISABLED <-> POLICY-SPAM pharmrik66y.ru known spam email attempt (policy-spam.rules)
 * 1:16939 <-> DISABLED <-> POLICY-SPAM refillleonardo59y.ru known spam email attempt (policy-spam.rules)
 * 1:1694 <-> DISABLED <-> SERVER-ORACLE alter table attempt (server-oracle.rules)
 * 1:16940 <-> DISABLED <-> POLICY-SPAM medfreddie55a.ru known spam email attempt (policy-spam.rules)
 * 1:16941 <-> DISABLED <-> POLICY-SPAM drugshershel38w.ru known spam email attempt (policy-spam.rules)
 * 1:16942 <-> DISABLED <-> POLICY-SPAM drugshayyim77n.ru known spam email attempt (policy-spam.rules)
 * 1:16943 <-> DISABLED <-> POLICY-SPAM erectguthry99c.ru known spam email attempt (policy-spam.rules)
 * 1:16944 <-> DISABLED <-> POLICY-SPAM pilldory92n.ru known spam email attempt (policy-spam.rules)
 * 1:16945 <-> DISABLED <-> POLICY-SPAM tabwinn77t.ru known spam email attempt (policy-spam.rules)
 * 1:16946 <-> DISABLED <-> POLICY-SPAM pillrenault15j.ru known spam email attempt (policy-spam.rules)
 * 1:16947 <-> DISABLED <-> POLICY-SPAM pharmrolland95h.ru known spam email attempt (policy-spam.rules)
 * 1:16948 <-> DISABLED <-> POLICY-SPAM onlineheindrick60i.ru known spam email attempt (policy-spam.rules)
 * 1:16949 <-> DISABLED <-> POLICY-SPAM erectnormie71a.ru known spam email attempt (policy-spam.rules)
 * 1:1695 <-> DISABLED <-> SERVER-ORACLE truncate table attempt (server-oracle.rules)
 * 1:16950 <-> DISABLED <-> POLICY-SPAM tabscotti71i.ru known spam email attempt (policy-spam.rules)
 * 1:16951 <-> DISABLED <-> POLICY-SPAM drugsjudd45f.ru known spam email attempt (policy-spam.rules)
 * 1:16952 <-> DISABLED <-> POLICY-SPAM pharmharman55y.ru known spam email attempt (policy-spam.rules)
 * 1:16953 <-> DISABLED <-> POLICY-SPAM medgaultiero11e.ru known spam email attempt (policy-spam.rules)
 * 1:16954 <-> DISABLED <-> POLICY-SPAM pillgaylor21n.ru known spam email attempt (policy-spam.rules)
 * 1:16955 <-> DISABLED <-> POLICY-SPAM drugspenn84f.ru known spam email attempt (policy-spam.rules)
 * 1:16956 <-> DISABLED <-> POLICY-SPAM medebeneser68c.ru known spam email attempt (policy-spam.rules)
 * 1:16957 <-> DISABLED <-> POLICY-SPAM tabmario94r.ru known spam email attempt (policy-spam.rules)
 * 1:16958 <-> DISABLED <-> POLICY-SPAM tablennard88q.ru known spam email attempt (policy-spam.rules)
 * 1:16959 <-> DISABLED <-> POLICY-SPAM medforster79j.ru known spam email attempt (policy-spam.rules)
 * 1:1696 <-> DISABLED <-> SERVER-ORACLE create database attempt (server-oracle.rules)
 * 1:16960 <-> DISABLED <-> POLICY-SPAM erectvincent21v.ru known spam email attempt (policy-spam.rules)
 * 1:16961 <-> DISABLED <-> POLICY-SPAM drugsdemott21o.ru known spam email attempt (policy-spam.rules)
 * 1:16962 <-> DISABLED <-> POLICY-SPAM onlinelovell30p.ru known spam email attempt (policy-spam.rules)
 * 1:16963 <-> DISABLED <-> POLICY-SPAM erecttaylor49i.ru known spam email attempt (policy-spam.rules)
 * 1:16964 <-> DISABLED <-> POLICY-SPAM smellexact.ru known spam email attempt (policy-spam.rules)
 * 1:16965 <-> DISABLED <-> POLICY-SPAM givehome.ru known spam email attempt (policy-spam.rules)
 * 1:16966 <-> DISABLED <-> POLICY-SPAM thingpath.ru known spam email attempt (policy-spam.rules)
 * 1:16967 <-> DISABLED <-> POLICY-SPAM wereif.ru known spam email attempt (policy-spam.rules)
 * 1:16968 <-> DISABLED <-> POLICY-SPAM bassmax.ru known spam email attempt (policy-spam.rules)
 * 1:16969 <-> DISABLED <-> POLICY-SPAM steadfig.ru known spam email attempt (policy-spam.rules)
 * 1:1697 <-> DISABLED <-> SERVER-ORACLE alter database attempt (server-oracle.rules)
 * 1:16970 <-> DISABLED <-> POLICY-SPAM drugsmayne5a.ru known spam email attempt (policy-spam.rules)
 * 1:16971 <-> DISABLED <-> POLICY-SPAM mystick.ru known spam email attempt (policy-spam.rules)
 * 1:16972 <-> DISABLED <-> POLICY-SPAM drugsrey95a.ru known spam email attempt (policy-spam.rules)
 * 1:16973 <-> DISABLED <-> POLICY-SPAM milklowly.ru known spam email attempt (policy-spam.rules)
 * 1:16974 <-> DISABLED <-> POLICY-SPAM numberenough.ru known spam email attempt (policy-spam.rules)
 * 1:16975 <-> DISABLED <-> POLICY-SPAM oldsheer.ru known spam email attempt (policy-spam.rules)
 * 1:16976 <-> DISABLED <-> POLICY-SPAM logzest.ru known spam email attempt (policy-spam.rules)
 * 1:16977 <-> DISABLED <-> POLICY-SPAM energypotent.ru known spam email attempt (policy-spam.rules)
 * 1:16978 <-> DISABLED <-> POLICY-SPAM outhave.ru known spam email attempt (policy-spam.rules)
 * 1:16979 <-> DISABLED <-> POLICY-SPAM solvecalm.ru known spam email attempt (policy-spam.rules)
 * 1:16980 <-> DISABLED <-> POLICY-SPAM stillvisit.ru known spam email attempt (policy-spam.rules)
 * 1:16981 <-> DISABLED <-> POLICY-SPAM livelycall.ru known spam email attempt (policy-spam.rules)
 * 1:16982 <-> DISABLED <-> POLICY-SPAM 64.com1.ru known spam email attempt (policy-spam.rules)
 * 1:16983 <-> DISABLED <-> POLICY-SPAM heatsettle.ru known spam email attempt (policy-spam.rules)
 * 1:16984 <-> DISABLED <-> POLICY-SPAM freshmuch.ru known spam email attempt (policy-spam.rules)
 * 1:16985 <-> DISABLED <-> POLICY-SPAM extoleye.ru known spam email attempt (policy-spam.rules)
 * 1:16987 <-> DISABLED <-> POLICY-SPAM tabemmerich86b.ru known spam email attempt (policy-spam.rules)
 * 1:16988 <-> DISABLED <-> POLICY-SPAM moderneight.ru known spam email attempt (policy-spam.rules)
 * 1:16989 <-> DISABLED <-> POLICY-SPAM tabferd49a.ru known spam email attempt (policy-spam.rules)
 * 1:16990 <-> DISABLED <-> POLICY-SPAM nextmail.ru known spam email attempt (policy-spam.rules)
 * 1:16991 <-> DISABLED <-> POLICY-SPAM fruitone.ru known spam email attempt (policy-spam.rules)
 * 1:16992 <-> DISABLED <-> POLICY-SPAM liquideat.ru known spam email attempt (policy-spam.rules)
 * 1:16993 <-> DISABLED <-> POLICY-SPAM tabwinn2a.ru known spam email attempt (policy-spam.rules)
 * 1:16994 <-> DISABLED <-> POLICY-SPAM abletool.ru known spam email attempt (policy-spam.rules)
 * 1:16995 <-> DISABLED <-> POLICY-SPAM miltyrefil.ru known spam email attempt (policy-spam.rules)
 * 1:16996 <-> DISABLED <-> POLICY-SPAM quincytab.ru known spam email attempt (policy-spam.rules)
 * 1:16997 <-> DISABLED <-> POLICY-SPAM giacoporx.ru known spam email attempt (policy-spam.rules)
 * 1:16998 <-> DISABLED <-> POLICY-SPAM drugsnevile.ru known spam email attempt (policy-spam.rules)
 * 1:16999 <-> DISABLED <-> POLICY-SPAM jasemed.ru known spam email attempt (policy-spam.rules)
 * 1:1700 <-> DISABLED <-> SERVER-WEBAPP imagemap.exe access (server-webapp.rules)
 * 1:17000 <-> DISABLED <-> POLICY-SPAM ximenezdrug.ru known spam email attempt (policy-spam.rules)
 * 1:17001 <-> DISABLED <-> POLICY-SPAM dillonline.ru known spam email attempt (policy-spam.rules)
 * 1:17002 <-> DISABLED <-> POLICY-SPAM swellliquid.ru known spam email attempt (policy-spam.rules)
 * 1:17003 <-> DISABLED <-> POLICY-SPAM younglaugh.ru known spam email attempt (policy-spam.rules)
 * 1:17004 <-> DISABLED <-> POLICY-SPAM 2047757.kaskad-travel.ru known spam email attempt (policy-spam.rules)
 * 1:17005 <-> DISABLED <-> POLICY-SPAM paintwater.ru known spam email attempt (policy-spam.rules)
 * 1:17006 <-> DISABLED <-> POLICY-SPAM lovingover.ru known spam email attempt (policy-spam.rules)
 * 1:17007 <-> DISABLED <-> POLICY-SPAM pharmerastus.ru known spam email attempt (policy-spam.rules)
 * 1:17008 <-> DISABLED <-> POLICY-SPAM hisoffer.ru known spam email attempt (policy-spam.rules)
 * 1:17009 <-> DISABLED <-> POLICY-SPAM butleft.ru known spam email attempt (policy-spam.rules)
 * 1:1701 <-> DISABLED <-> SERVER-WEBAPP calendar-admin.pl access (server-webapp.rules)
 * 1:17010 <-> DISABLED <-> POLICY-SPAM starknow.ru known spam email attempt (policy-spam.rules)
 * 1:17011 <-> DISABLED <-> POLICY-SPAM beginwisdom.ru known spam email attempt (policy-spam.rules)
 * 1:17012 <-> DISABLED <-> POLICY-SPAM oneus.ru known spam email attempt (policy-spam.rules)
 * 1:17013 <-> DISABLED <-> POLICY-SPAM reapcomfy.ru known spam email attempt (policy-spam.rules)
 * 1:17014 <-> DISABLED <-> POLICY-SPAM rowsay.ru known spam email attempt (policy-spam.rules)
 * 1:17015 <-> DISABLED <-> POLICY-SPAM pamperletter.ru known spam email attempt (policy-spam.rules)
 * 1:17016 <-> DISABLED <-> POLICY-SPAM boxdouble.ru known spam email attempt (policy-spam.rules)
 * 1:17017 <-> DISABLED <-> POLICY-SPAM beatmoon.ru known spam email attempt (policy-spam.rules)
 * 1:17018 <-> DISABLED <-> POLICY-SPAM ensureequate.ru known spam email attempt (policy-spam.rules)
 * 1:1702 <-> DISABLED <-> SERVER-WEBAPP Amaya templates sendtemp.pl access (server-webapp.rules)
 * 1:17020 <-> DISABLED <-> POLICY-SPAM sheerwheel.ru known spam email attempt (policy-spam.rules)
 * 1:17021 <-> DISABLED <-> POLICY-SPAM nearpass.ru known spam email attempt (policy-spam.rules)
 * 1:17022 <-> DISABLED <-> POLICY-SPAM thatmile.ru known spam email attempt (policy-spam.rules)
 * 1:17023 <-> DISABLED <-> POLICY-SPAM hillfoot.ru known spam email attempt (policy-spam.rules)
 * 1:17024 <-> DISABLED <-> POLICY-SPAM writeobject.ru known spam email attempt (policy-spam.rules)
 * 1:17025 <-> DISABLED <-> POLICY-SPAM thoughthese.ru known spam email attempt (policy-spam.rules)
 * 1:17026 <-> DISABLED <-> POLICY-SPAM redlead.ru known spam email attempt (policy-spam.rules)
 * 1:17027 <-> DISABLED <-> POLICY-SPAM scoreenjoy.ru known spam email attempt (policy-spam.rules)
 * 1:17029 <-> DISABLED <-> POLICY-SPAM tenderpower.ru known spam email attempt (policy-spam.rules)
 * 1:1703 <-> DISABLED <-> SERVER-WEBAPP auktion.cgi directory traversal attempt (server-webapp.rules)
 * 1:17030 <-> DISABLED <-> POLICY-SPAM fewvalley.ru known spam email attempt (policy-spam.rules)
 * 1:17031 <-> DISABLED <-> POLICY-SPAM burnshy.ru known spam email attempt (policy-spam.rules)
 * 1:17032 <-> DISABLED <-> POLICY-SPAM centtry.ru known spam email attempt (policy-spam.rules)
 * 1:17033 <-> DISABLED <-> POLICY-SPAM signpearl.ru known spam email attempt (policy-spam.rules)
 * 1:17035 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook AttachMethods local file execution attempt (file-office.rules)
 * 1:17037 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Office Access multiple control instantiation memory corruption attempt (browser-plugins.rules)
 * 1:17038 <-> DISABLED <-> FILE-OFFICE Microsoft Office Access ACCWIZ library release after free attempt - 1 (file-office.rules)
 * 1:17039 <-> DISABLED <-> FILE-OFFICE Microsoft Office Access ACCWIZ library release after free attempt - 2 (file-office.rules)
 * 1:1704 <-> DISABLED <-> SERVER-WEBAPP cal_make.pl directory traversal attempt (server-webapp.rules)
 * 1:17041 <-> DISABLED <-> SERVER-OTHER ISA Server OTP-based Forms-authorization fallback policy bypass attempt  (server-other.rules)
 * 1:17042 <-> DISABLED <-> FILE-OTHER Microsoft LNK shortcut arbitrary dll load attempt (file-other.rules)
 * 1:17044 <-> ENABLED <-> SQL WinCC DB default password security bypass attempt (sql.rules)
 * 1:17045 <-> DISABLED <-> SERVER-OTHER CA ARCserve Backup for Laptops and Desktops LGServer handshake buffer overflow attempt (server-other.rules)
 * 1:17046 <-> DISABLED <-> SERVER-OTHER CA ARCserve Backup for Laptops and Desktops LGServer handshake buffer overflow attempt (server-other.rules)
 * 1:1705 <-> DISABLED <-> SERVER-WEBAPP echo.bat arbitrary command execution attempt (server-webapp.rules)
 * 1:17050 <-> DISABLED <-> SERVER-WEBAPP Oracle Secure Backup Administration Server authentication bypass attempt (server-webapp.rules)
 * 1:17051 <-> DISABLED <-> BROWSER-PLUGINS Symantec AppStream Client LaunchObj ActiveX clsid access attempt (browser-plugins.rules)
 * 1:17052 <-> DISABLED <-> BROWSER-PLUGINS Symantec AppStream Client LaunchObj ActiveX clsid access attempt (browser-plugins.rules)
 * 1:17053 <-> DISABLED <-> BROWSER-PLUGINS Symantec AppStream Client LaunchObj ActiveX clsid access attempt (browser-plugins.rules)
 * 1:17054 <-> DISABLED <-> BROWSER-PLUGINS Symantec AppStream Client LaunchObj ActiveX clsid access attempt (browser-plugins.rules)
 * 1:17055 <-> DISABLED <-> SERVER-ORACLE Oracle Database DBMS TNS Listener denial of service attempt (server-oracle.rules)
 * 1:17056 <-> DISABLED <-> SERVER-OTHER Novell NetIdentity Agent XTIERRPCPIPE remote code execution attempt (server-other.rules)
 * 1:17057 <-> DISABLED <-> SERVER-OTHER Novell Client NetIdentity Agent remote arbitrary pointer dereference code execution attempt (server-other.rules)
 * 1:17058 <-> DISABLED <-> MALWARE-CNC Trojan-Downloader.JS.Agent.ewh Javascript download (malware-cnc.rules)
 * 1:17059 <-> DISABLED <-> PROTOCOL-FTP Vermillion 1.31 vftpd port command memory corruption (protocol-ftp.rules)
 * 1:1706 <-> DISABLED <-> SERVER-WEBAPP echo.bat access (server-webapp.rules)
 * 1:17060 <-> DISABLED <-> BROWSER-PLUGINS Roxio CinePlayer SonicDVDDashVRNav.dll ActiveX control buffer overflow attempt (browser-plugins.rules)
 * 1:17061 <-> DISABLED <-> BROWSER-PLUGINS Symantec Norton Personal Firewall 2004 ActiveX clsid access (browser-plugins.rules)
 * 1:17063 <-> DISABLED <-> BROWSER-PLUGINS Logitech Video Call 1 ActiveX clsid access (browser-plugins.rules)
 * 1:17065 <-> DISABLED <-> BROWSER-PLUGINS Logitech Video Call 2 ActiveX clsid access (browser-plugins.rules)
 * 1:17067 <-> DISABLED <-> BROWSER-PLUGINS Logitech Video Call 3 ActiveX clsid access (browser-plugins.rules)
 * 1:17069 <-> DISABLED <-> BROWSER-PLUGINS Logitech Video Call 4 ActiveX clsid access (browser-plugins.rules)
 * 1:1707 <-> DISABLED <-> SERVER-WEBAPP hello.bat arbitrary command execution attempt (server-webapp.rules)
 * 1:17071 <-> DISABLED <-> BROWSER-PLUGINS Logitech Video Call 5 ActiveX clsid access (browser-plugins.rules)
 * 1:17073 <-> DISABLED <-> BROWSER-PLUGINS Ask Toolbar AskJeevesToolBar.SettingsPlugin ActiveX clsid access (browser-plugins.rules)
 * 1:17075 <-> DISABLED <-> BROWSER-PLUGINS Ask Toolbar AskJeevesToolBar.SettingsPlugin ActiveX function call access (browser-plugins.rules)
 * 1:17077 <-> DISABLED <-> BROWSER-PLUGINS Ask Toolbar AskJeevesToolBar.SettingsPlugin.1 ActiveX control buffer overflow attempt (browser-plugins.rules)
 * 1:17078 <-> DISABLED <-> BROWSER-PLUGINS GOM Player GomWeb ActiveX clsid access (browser-plugins.rules)
 * 1:1708 <-> DISABLED <-> SERVER-WEBAPP hello.bat access (server-webapp.rules)
 * 1:17080 <-> DISABLED <-> BROWSER-PLUGINS GOM Player GomWeb ActiveX function call access (browser-plugins.rules)
 * 1:17082 <-> DISABLED <-> BROWSER-PLUGINS SonicWALL SSL-VPN NeLaunchCtrl ActiveX clsid access (browser-plugins.rules)
 * 1:17084 <-> DISABLED <-> BROWSER-PLUGINS Creative Software AutoUpdate Engine ActiveX clsid access (browser-plugins.rules)
 * 1:17086 <-> DISABLED <-> BROWSER-PLUGINS Creative Software AutoUpdate Engine CTSUEng.ocx ActiveX control access attempt (browser-plugins.rules)
 * 1:17087 <-> DISABLED <-> BROWSER-PLUGINS VeryDOC PDF Viewer ActiveX clsid access (browser-plugins.rules)
 * 1:17089 <-> DISABLED <-> BROWSER-PLUGINS VeryDOC PDF Viewer ActiveX function call access (browser-plugins.rules)
 * 1:1709 <-> DISABLED <-> SERVER-WEBAPP ad.cgi access (server-webapp.rules)
 * 1:17091 <-> DISABLED <-> BROWSER-PLUGINS VeryDOC PDF Viewer ActiveX control OpenPDF buffer overflow attempt (browser-plugins.rules)
 * 1:17092 <-> DISABLED <-> BROWSER-PLUGINS Symantec Altirix Deployment Solution AeXNSPkgDLLib.dll ActiveX clsid access (browser-plugins.rules)
 * 1:17094 <-> DISABLED <-> BROWSER-PLUGINS Symantec Altirix Deployment Solution AeXNSPkgDLLib.dll ActiveX function call access (browser-plugins.rules)
 * 1:17096 <-> DISABLED <-> BROWSER-PLUGINS AOL WinAmpX ActiveX clsid access (browser-plugins.rules)
 * 1:17098 <-> DISABLED <-> BROWSER-PLUGINS AOL IWinAmpActiveX class ConvertFile buffer overflow attempt (browser-plugins.rules)
 * 1:17099 <-> DISABLED <-> BROWSER-PLUGINS CommuniCrypt Mail ANSMTP.dll/AOSMTP.dll ActiveX clsid access (browser-plugins.rules)
 * 1:1710 <-> DISABLED <-> SERVER-WEBAPP bbs_forum.cgi access (server-webapp.rules)
 * 1:17101 <-> DISABLED <-> BROWSER-PLUGINS CommuniCrypt Mail ANSMTP.dll/AOSMTP.dll ActiveX function call access (browser-plugins.rules)
 * 1:17103 <-> DISABLED <-> SERVER-IIS IIS 5.1 alternate data stream authentication bypass attempt (server-iis.rules)
 * 1:17104 <-> DISABLED <-> FILE-OTHER FeedDemon OPML file handling buffer overflow attempt (file-other.rules)
 * 1:17105 <-> DISABLED <-> FILE-OTHER FeedDemon unicode OPML file handling buffer overflow attempt (file-other.rules)
 * 1:17106 <-> ENABLED <-> FILE-IDENTIFY download of RMF file - potentially malicious (file-identify.rules)
 * 1:17107 <-> DISABLED <-> SERVER-APACHE Apache Tomcat JK Web Server Connector long URL stack overflow attempt - 1 (server-apache.rules)
 * 1:17109 <-> DISABLED <-> SERVER-ORACLE Oracle Java Web Console logging functionality format string exploit attempt (server-oracle.rules)
 * 1:1711 <-> DISABLED <-> SERVER-WEBAPP bsguest.cgi access (server-webapp.rules)
 * 1:17110 <-> DISABLED <-> APP-DETECT VxWorks remote debugging agent login attempt (app-detect.rules)
 * 1:17111 <-> DISABLED <-> INDICATOR-OBFUSCATION known JavaScript obfuscation routine (indicator-obfuscation.rules)
 * 1:17112 <-> DISABLED <-> OS-WINDOWS DCERPC rpcss2 _RemoteGetClassObject attempt (os-windows.rules)
 * 1:17113 <-> ENABLED <-> OS-WINDOWS Microsoft SilverLight ImageSource redefine flowbit (os-windows.rules)
 * 1:17114 <-> DISABLED <-> OS-WINDOWS Microsoft SilverLight ImageSource remote code execution attempt (os-windows.rules)
 * 1:17115 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer cross domain information disclosure attempt (browser-ie.rules)
 * 1:17116 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media ASX file download request (file-identify.rules)
 * 1:17117 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows MPEG Layer-3 audio heap corruption attempt (file-multimedia.rules)
 * 1:17118 <-> DISABLED <-> FILE-EXECUTABLE Microsoft .NET CreateDelegate method arbitrary code execution attempt  (file-executable.rules)
 * 1:17119 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word sprmCMajority SPRM overflow attempt (file-office.rules)
 * 1:1712 <-> DISABLED <-> SERVER-WEBAPP bslist.cgi access (server-webapp.rules)
 * 1:17120 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word rich text format unexpected field type memory corruption attempt 1 (file-office.rules)
 * 1:17121 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word rich text format unexpected field type memory corruption attempt 2 (file-office.rules)
 * 1:17122 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word rich text format unexpected field type memory corruption attempt 3 (file-office.rules)
 * 1:17123 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word rich text format invalid field size memory corruption attempt (file-office.rules)
 * 1:17124 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word HTML linked objects memory corruption attempt (file-office.rules)
 * 1:17125 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Trans2 MaxDataCount overflow attempt (os-windows.rules)
 * 1:17126 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB large session length with small packet  (os-windows.rules)
 * 1:17128 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows AVI cinepak codec decompression remote code execution attempt (file-multimedia.rules)
 * 1:17129 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer use-after-free memory corruption attempt (browser-ie.rules)
 * 1:1713 <-> DISABLED <-> SERVER-WEBAPP cgforum.cgi access (server-webapp.rules)
 * 1:17130 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer boundElements arbitrary code execution attempt (browser-ie.rules)
 * 1:17131 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 parent style rendering arbitrary code execution (browser-ie.rules)
 * 1:17132 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer invalid object access attempt (browser-ie.rules)
 * 1:17133 <-> DISABLED <-> OS-WINDOWS Microsoft Windows MSXML2 ActiveX malformed HTTP response (os-windows.rules)
 * 1:17134 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel pivot item index boundary corruption attempt (file-office.rules)
 * 1:17135 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Movie Maker string size overflow attempt (file-multimedia.rules)
 * 1:17136 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 6 race condition exploit attempt (browser-ie.rules)
 * 1:17137 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center information disclosure attempt (server-webapp.rules)
 * 1:17138 <-> DISABLED <-> SERVER-OTHER iSCSI target multiple implementations iSNS stack buffer overflow attempt (server-other.rules)
 * 1:17139 <-> DISABLED <-> SERVER-OTHER Symantec Alert Management System HNDLRSVC arbitrary command execution attempt (server-other.rules)
 * 1:1714 <-> DISABLED <-> SERVER-WEBAPP newdesk access (server-webapp.rules)
 * 1:17140 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:17141 <-> DISABLED <-> FILE-FLASH Adobe Flash invalid data precision arbitrary code execution exploit attempt (file-flash.rules)
 * 1:17142 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SWF ActionScript exploit attempt (file-flash.rules)
 * 1:17143 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 ABR file processing buffer overflow attempt - 1 (file-image.rules)
 * 1:17144 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 ABR file processing buffer overflow attempt - 2 (file-image.rules)
 * 1:17145 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 ASL file processing buffer overflow attempt (file-image.rules)
 * 1:17146 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 GRD file processing buffer overflow attempt (file-image.rules)
 * 1:17147 <-> DISABLED <-> FILE-IMAGE Adobe Photoshop CS4 ABR file processing buffer overflow attempt (file-image.rules)
 * 1:17148 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC renamed zip file handling code execution attempt - 1 (file-multimedia.rules)
 * 1:17149 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC renamed zip file handling code execution attempt - 2 (file-multimedia.rules)
 * 1:1715 <-> DISABLED <-> SERVER-WEBAPP register.cgi access (server-webapp.rules)
 * 1:17150 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC renamed zip file handling code execution attempt - 3 (file-multimedia.rules)
 * 1:17151 <-> ENABLED <-> NETBIOS SMB negotiate protocol request - ascii strings (netbios.rules)
 * 1:17152 <-> DISABLED <-> SERVER-SAMBA Samba smbd flags2 header parsing denial of service attempt (server-samba.rules)
 * 1:17153 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox plugin parameter array dangling pointer exploit attempt - 1 (browser-firefox.rules)
 * 1:17154 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox plugin parameter array dangling pointer exploit attempt - 2 (browser-firefox.rules)
 * 1:17155 <-> DISABLED <-> SERVER-OTHER Multiple vendors OPIE off-by-one stack buffer overflow attempt (server-other.rules)
 * 1:17156 <-> DISABLED <-> SERVER-APACHE HP Performance Manager Apache Tomcat policy bypass attempt (server-apache.rules)
 * 1:17157 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center database credentials information disclosure attempt - 1 (server-webapp.rules)
 * 1:17158 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center database credentials information disclosure attempt - 2 (server-webapp.rules)
 * 1:17159 <-> DISABLED <-> SERVER-WEBAPP HP Intelligent Management Center database credentials information disclosure attempt - 3 (server-webapp.rules)
 * 1:1716 <-> DISABLED <-> SERVER-WEBAPP gbook.cgi access (server-webapp.rules)
 * 1:17160 <-> DISABLED <-> BROWSER-PLUGINS Liquid XML Studio LtXmlComHelp8.dll ActiveX control access (browser-plugins.rules)
 * 1:17161 <-> DISABLED <-> BROWSER-PLUGINS Liquid XML Studio ActiveX clsid access (browser-plugins.rules)
 * 1:17163 <-> DISABLED <-> BROWSER-PLUGINS Liquid XML Studio ActiveX function call access (browser-plugins.rules)
 * 1:17165 <-> DISABLED <-> BROWSER-OTHER Opera browser document writing uninitialized memory access attempt (browser-other.rules)
 * 1:17166 <-> DISABLED <-> BROWSER-FIREFOX Mozilla multiple products JavaScript string replace buffer overflow attempt (browser-firefox.rules)
 * 1:17167 <-> DISABLED <-> BROWSER-PLUGINS Oracle Siebel Option Pack 1 ActiveX clsid access (browser-plugins.rules)
 * 1:17169 <-> DISABLED <-> BROWSER-PLUGINS Oracle Siebel Option Pack 2 ActiveX clsid access (browser-plugins.rules)
 * 1:1717 <-> DISABLED <-> SERVER-WEBAPP simplestguest.cgi access (server-webapp.rules)
 * 1:17171 <-> DISABLED <-> BROWSER-PLUGINS Oracle Siebel Option Pack 3 ActiveX clsid access (browser-plugins.rules)
 * 1:17173 <-> DISABLED <-> BROWSER-PLUGINS Oracle Siebel Option Pack 4 ActiveX clsid access (browser-plugins.rules)
 * 1:17175 <-> DISABLED <-> BROWSER-PLUGINS Oracle Siebel Option Pack 5 ActiveX clsid access (browser-plugins.rules)
 * 1:17177 <-> DISABLED <-> BROWSER-PLUGINS Oracle Siebel Option Pack 6 ActiveX clsid access (browser-plugins.rules)
 * 1:17179 <-> DISABLED <-> FILE-OTHER Adobe Director file pamm record exploit attempt (file-other.rules)
 * 1:1718 <-> DISABLED <-> SERVER-WEBAPP statsconfig.pl access (server-webapp.rules)
 * 1:17180 <-> DISABLED <-> FILE-OTHER Adobe Director file LsCM record exploit attempt (file-other.rules)
 * 1:17181 <-> DISABLED <-> FILE-OTHER Adobe Director file LsCM record exploit attempt (file-other.rules)
 * 1:17182 <-> DISABLED <-> FILE-OTHER Adobe Director file tSAC record exploit attempt (file-other.rules)
 * 1:17183 <-> DISABLED <-> FILE-OTHER Adobe Director file tSAC record exploit attempt (file-other.rules)
 * 1:17184 <-> DISABLED <-> FILE-OTHER Adobe Director file tSAC record exploit attempt (file-other.rules)
 * 1:17185 <-> DISABLED <-> FILE-OTHER Adobe Director file rcsL record exploit attempt (file-other.rules)
 * 1:17186 <-> DISABLED <-> FILE-OTHER Adobe Director file rcsL record exploit attempt (file-other.rules)
 * 1:17187 <-> DISABLED <-> FILE-OTHER Adobe Director file rcsL record exploit attempt (file-other.rules)
 * 1:17188 <-> DISABLED <-> FILE-OTHER Adobe Director file rcsL record exploit attempt (file-other.rules)
 * 1:17189 <-> DISABLED <-> FILE-OTHER Adobe Director file rcsL record exploit attempt (file-other.rules)
 * 1:1719 <-> DISABLED <-> SERVER-WEBAPP talkback.cgi directory traversal attempt (server-webapp.rules)
 * 1:17190 <-> DISABLED <-> FILE-OTHER Adobe Director remote code execution attempt (file-other.rules)
 * 1:17191 <-> DISABLED <-> FILE-OTHER Adobe Director remote code execution attempt (file-other.rules)
 * 1:17192 <-> DISABLED <-> FILE-OTHER Adobe Director remote code execution attempt (file-other.rules)
 * 1:17193 <-> DISABLED <-> FILE-OTHER Adobe Director remote code execution attempt (file-other.rules)
 * 1:17194 <-> DISABLED <-> FILE-OTHER Adobe Director file tSAC tag exploit attempt (file-other.rules)
 * 1:17196 <-> DISABLED <-> FILE-OTHER Adobe Director file exploit attempt (file-other.rules)
 * 1:17197 <-> DISABLED <-> FILE-OTHER Adobe Director file exploit attempt (file-other.rules)
 * 1:17198 <-> DISABLED <-> FILE-OTHER Adobe Director file exploit attempt (file-other.rules)
 * 1:17199 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director file lRTX overflow attempt (file-other.rules)
 * 1:1720 <-> DISABLED <-> SERVER-WEBAPP talkback.cgi access (server-webapp.rules)
 * 1:17200 <-> DISABLED <-> FILE-OTHER Adobe Director file LsCM overflow attempt (file-other.rules)
 * 1:17201 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director file LsCM overflow attempt (file-other.rules)
 * 1:17202 <-> DISABLED <-> FILE-OTHER Adobe Director file file Shockwave 3D overflow attempt (file-other.rules)
 * 1:17203 <-> DISABLED <-> FILE-OTHER Adobe Director file file rcsL overflow attempt (file-other.rules)
 * 1:17204 <-> DISABLED <-> FILE-OTHER Adobe Director file mmap overflow attempt (file-other.rules)
 * 1:17205 <-> DISABLED <-> PROTOCOL-RPC Multiple vendors librpc.dll stack buffer overflow attempt - udp (protocol-rpc.rules)
 * 1:17206 <-> DISABLED <-> PROTOCOL-RPC Multiple vendors librpc.dll stack buffer overflow attempt - tcp (protocol-rpc.rules)
 * 1:17207 <-> DISABLED <-> SERVER-OTHER IBM Cognos Server backdoor account remote code execution attempt (server-other.rules)
 * 1:17208 <-> DISABLED <-> SERVER-OTHER Squid Proxy HTCP packet processing denial of service attempt (server-other.rules)
 * 1:17209 <-> ENABLED <-> SQL IBM DB2 DATABASE SERVER SQL REPEAT Buffer Overflow (sql.rules)
 * 1:1721 <-> DISABLED <-> SERVER-WEBAPP adcycle access (server-webapp.rules)
 * 1:17210 <-> DISABLED <-> FILE-EXECUTABLE Microsoft Windows executable file load from SMB share attempt (file-executable.rules)
 * 1:17211 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime marshaled punk remote code execution (file-multimedia.rules)
 * 1:17212 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox JavaScript eval arbitrary code execution attempt (browser-firefox.rules)
 * 1:17213 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Chrome Page Loading Restriction Bypass attempt (browser-firefox.rules)
 * 1:17214 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader libtiff TIFFFetchShortPair stack buffer overflow attempt (file-pdf.rules)
 * 1:17215 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader libtiff TIFFFetchShortPair stack buffer overflow attempt (file-pdf.rules)
 * 1:17216 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari TABLE tag with large CELLSPACING attribute exploit attempt (browser-webkit.rules)
 * 1:17217 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari invalid FRAME tag remote code execution attempt (browser-webkit.rules)
 * 1:17218 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari LI tag with large VALUE attribute exploit attempt (browser-webkit.rules)
 * 1:17219 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox domain name handling buffer overflow attempt (browser-firefox.rules)
 * 1:1722 <-> DISABLED <-> SERVER-WEBAPP MachineInfo access (server-webapp.rules)
 * 1:17220 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox domain name handling buffer overflow attempt (browser-firefox.rules)
 * 1:17221 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox domain name handling buffer overflow attempt (browser-firefox.rules)
 * 1:17222 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox domain name handling buffer overflow attempt (browser-firefox.rules)
 * 1:17223 <-> DISABLED <-> FILE-FLASH Adobe Flash Player navigateToURL cross-site scripting attempt (file-flash.rules)
 * 1:17224 <-> DISABLED <-> SERVER-MAIL McAfee WebShield SMTP bounce message format string attempt (server-mail.rules)
 * 1:17225 <-> DISABLED <-> SERVER-OTHER Alt-N MDaemon WorldClient invalid user attempt (server-other.rules)
 * 1:17226 <-> DISABLED <-> BROWSER-PLUGINS AXIS Camera ActiveX initialization via script (browser-plugins.rules)
 * 1:17227 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel sheet name memory corruption attempt (file-office.rules)
 * 1:17228 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Player skin decompression code execution attempt (os-windows.rules)
 * 1:17229 <-> ENABLED <-> FILE-IDENTIFY Tiff little endian file magic detected (file-identify.rules)
 * 1:1723 <-> DISABLED <-> SERVER-WEBAPP emumail.cgi NULL attempt (server-webapp.rules)
 * 1:17230 <-> ENABLED <-> FILE-IDENTIFY Tiff big endian file magic detected (file-identify.rules)
 * 1:17231 <-> DISABLED <-> FILE-IMAGE Microsoft Kodak Imaging small offset malformed tiff - little-endian (file-image.rules)
 * 1:17232 <-> DISABLED <-> FILE-IMAGE Microsoft Kodak Imaging large offset malformed tiff - big-endian (file-image.rules)
 * 1:17233 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader TTF SING table parsing remote code execution attempt (file-pdf.rules)
 * 1:17234 <-> DISABLED <-> MALWARE-CNC VBMania mass mailing worm activity (malware-cnc.rules)
 * 1:17235 <-> DISABLED <-> MALWARE-CNC VBMania mass mailing worm download (malware-cnc.rules)
 * 1:17236 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox nsPropertyTable PropertyList memory corruption attempt (browser-firefox.rules)
 * 1:17238 <-> DISABLED <-> FILE-OTHER ACD Systems ACDSee Products XBM file handling buffer overflow attempt (file-other.rules)
 * 1:17239 <-> DISABLED <-> SERVER-MAIL Multiple IMAP servers CREATE command buffer overflow attempt (server-mail.rules)
 * 1:1724 <-> DISABLED <-> SERVER-WEBAPP emumail.cgi access (server-webapp.rules)
 * 1:17240 <-> DISABLED <-> SERVER-MAIL Multiple IMAP server literal CREATE command buffer overflow attempt (server-mail.rules)
 * 1:17241 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Media wmv file download request (file-identify.rules)
 * 1:17243 <-> DISABLED <-> SERVER-OTHER MIT Kerberos V5 krb5_recvauth double free attempt (server-other.rules)
 * 1:17244 <-> DISABLED <-> FILE-OTHER Antivirus ACE file handling buffer overflow attempt (file-other.rules)
 * 1:17245 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox image dragging exploit attempt (browser-firefox.rules)
 * 1:17249 <-> DISABLED <-> OS-WINDOWS Microsoft Windows LSASS integer overflow attempt (os-windows.rules)
 * 1:1725 <-> DISABLED <-> SERVER-IIS +.htr code fragment attempt (server-iis.rules)
 * 1:17250 <-> DISABLED <-> FILE-OFFICE Microsoft Windows WordPad sprmTSetBrc SPRM overflow attempt (file-office.rules)
 * 1:17252 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Print Spooler arbitrary file write attempt (os-windows.rules)
 * 1:17254 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS stack exhaustion DoS attempt (server-iis.rules)
 * 1:17256 <-> DISABLED <-> OS-WINDOWS Microsoft Windows uniscribe fonts parsing memory corruption attempt (os-windows.rules)
 * 1:17257 <-> DISABLED <-> FILE-FLASH Adobe Flash Player and Reader remote code execution attempt (file-flash.rules)
 * 1:17258 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox XUL tree element code execution attempt (browser-firefox.rules)
 * 1:17259 <-> ENABLED <-> FILE-IDENTIFY MOV file download request (file-identify.rules)
 * 1:1726 <-> DISABLED <-> SERVER-IIS doctodep.btr access (server-iis.rules)
 * 1:17260 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Javascript contentWindow in an iframe exploit attempt (browser-firefox.rules)
 * 1:17261 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer createTextRange code execution attempt (browser-ie.rules)
 * 1:17262 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer createTextRange code execution attempt (browser-ie.rules)
 * 1:17263 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer createTextRange code execution attempt (browser-ie.rules)
 * 1:17264 <-> DISABLED <-> SERVER-ORACLE Permission declaration exploit attempt (server-oracle.rules)
 * 1:17265 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox plugin access control bypass attempt (browser-firefox.rules)
 * 1:17266 <-> DISABLED <-> FILE-OTHER Multiple vendor malformed ZIP archive Antivirus detection bypass attempt (file-other.rules)
 * 1:17267 <-> DISABLED <-> FILE-OTHER Multiple vendor malformed ZIP archive Antivirus detection bypass attempt (file-other.rules)
 * 1:17268 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox sidebar panel arbitrary code execution attempt (browser-firefox.rules)
 * 1:17269 <-> DISABLED <-> PROTOCOL-TELNET Client env_opt_add Buffer Overflow attempt (protocol-telnet.rules)
 * 1:1727 <-> DISABLED <-> SERVER-WEBAPP SGI InfoSearch fname access (server-webapp.rules)
 * 1:17270 <-> DISABLED <-> SERVER-ORACLE DBMS_METADATA Package SQL Injection attempt (server-oracle.rules)
 * 1:17271 <-> DISABLED <-> FILE-OFFICE Microsoft Windows Web View script injection attempt (file-office.rules)
 * 1:17272 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer AVI parsing buffer overflow attempt (file-multimedia.rules)
 * 1:17273 <-> DISABLED <-> SERVER-OTHER MIT Kerberos V5 KDC krb5_unparse_name overflow attempt (server-other.rules)
 * 1:17274 <-> DISABLED <-> SERVER-OTHER MIT Kerberos V5 KDC krb5_unparse_name overflow attempt (server-other.rules)
 * 1:17275 <-> DISABLED <-> SERVER-MAIL Symantec Brightmail AntiSpam nested Zip handling denial of service attempt (server-mail.rules)
 * 1:17276 <-> DISABLED <-> FILE-OTHER Multiple vendor Antivirus magic byte detection evasion attempt (file-other.rules)
 * 1:17277 <-> DISABLED <-> FILE-OTHER Multiple vendor Antivirus magic byte detection evasion attempt (file-other.rules)
 * 1:17278 <-> DISABLED <-> FILE-OTHER Multiple vendor Antivirus magic byte detection evasion attempt (file-other.rules)
 * 1:17279 <-> DISABLED <-> SERVER-WEBAPP Ipswitch WhatsUp Small Business directory traversal attempt (server-webapp.rules)
 * 1:17280 <-> DISABLED <-> SERVER-WEBAPP Ipswitch WhatsUp Small Business directory traversal attempt (server-webapp.rules)
 * 1:17281 <-> DISABLED <-> FILE-OTHER Panda Antivirus ZOO archive decompression buffer overflow attempt (file-other.rules)
 * 1:17282 <-> DISABLED <-> SERVER-OTHER Multiple products RAR archive decompression buffer overflow attempt (server-other.rules)
 * 1:17283 <-> DISABLED <-> SERVER-MAIL Mercury Mail Transport System buffer overflow attempt (server-mail.rules)
 * 1:17284 <-> DISABLED <-> FILE-OFFICE Microsoft Office malformed routing slip code execution attempt (file-office.rules)
 * 1:17285 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint PPT file parsing memory corruption attempt (file-office.rules)
 * 1:17286 <-> DISABLED <-> FILE-OTHER Microsoft Visual Basic for Applications document properties overflow attempt (file-other.rules)
 * 1:17287 <-> DISABLED <-> SERVER-WEBAPP Cisco IOS HTTP service HTML injection attempt (server-webapp.rules)
 * 1:17289 <-> DISABLED <-> FILE-OTHER GNU gzip LZH decompression make_table overflow attempt (file-other.rules)
 * 1:1729 <-> DISABLED <-> POLICY-SOCIAL IRC channel join (policy-social.rules)
 * 1:17291 <-> DISABLED <-> INDICATOR-OBFUSCATION base64-encoded uri data object found (indicator-obfuscation.rules)
 * 1:17292 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed data record code execution attempt (file-office.rules)
 * 1:17293 <-> DISABLED <-> SERVER-ORACLE sdo_lrs.convert_to_lrs_layer buffer overflow attempt (server-oracle.rules)
 * 1:17294 <-> DISABLED <-> OS-WINDOWS Microsoft Windows NAT Helper DNS query denial of service attempt (os-windows.rules)
 * 1:17295 <-> DISABLED <-> SERVER-WEBAPP Trend Micro OfficeScan Console authentication buffer overflow attempt (server-webapp.rules)
 * 1:17296 <-> DISABLED <-> SERVER-WEBAPP Microsoft Office Outlook Web Access XSRF attempt (server-webapp.rules)
 * 1:17297 <-> DISABLED <-> SERVER-OTHER McAfee VirusScan on-access scanner long unicode filename handling buffer overflow attempt (server-other.rules)
 * 1:17298 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Monitoring Express Universal Agent Buffer Overflow (server-other.rules)
 * 1:17299 <-> DISABLED <-> SERVER-OTHER ISC BIND RRSIG query denial of service attempt (server-other.rules)
 * 1:1730 <-> DISABLED <-> SERVER-WEBAPP ustorekeeper.pl directory traversal attempt (server-webapp.rules)
 * 1:17301 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word TextBox sub-document memory corruption attempt (file-office.rules)
 * 1:17302 <-> DISABLED <-> OS-LINUX Linux kernel SCTP Unknown Chunk Types denial of service attempt (os-linux.rules)
 * 1:17303 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer clone object memory corruption attempt (browser-ie.rules)
 * 1:17304 <-> DISABLED <-> FILE-OFFICE Microsoft Works file converter file section header index table stack overflow attempt (file-office.rules)
 * 1:17305 <-> DISABLED <-> FILE-OTHER ClamAV libclamav PE file handling integer overflow attempt (file-other.rules)
 * 1:17306 <-> DISABLED <-> OS-WINDOWS Microsoft Malware Protection Engine file processing denial of service attempt (os-windows.rules)
 * 1:17307 <-> DISABLED <-> SERVER-MSSQL Microsoft SQL Server INSERT Statement Buffer Overflow attempt (server-mssql.rules)
 * 1:17308 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word SmartTag record code execution attempt (file-office.rules)
 * 1:17309 <-> DISABLED <-> FILE-OTHER CoolPlayer Playlist File Handling Buffer Overflow (file-other.rules)
 * 1:1731 <-> DISABLED <-> SERVER-WEBAPP a1stats access (server-webapp.rules)
 * 1:17310 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint Viewer memory allocation code execution attempt (file-office.rules)
 * 1:17311 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS import cross-domain restriction bypass attempt (browser-ie.rules)
 * 1:17312 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS import cross-domain restriction bypass attempt (browser-ie.rules)
 * 1:17313 <-> DISABLED <-> SERVER-ORACLE database server crafted view privelege escalation attempt (server-oracle.rules)
 * 1:17314 <-> ENABLED <-> FILE-IDENTIFY OLE document file magic detected (file-identify.rules)
 * 1:17315 <-> DISABLED <-> FILE-OFFICE OpenOffice OLE file stream buffer overflow attempt (file-office.rules)
 * 1:17316 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Folder GUID Code Execution attempt (os-windows.rules)
 * 1:17317 <-> DISABLED <-> SERVER-OTHER OpenSSH sshd identical blocks DoS attempt (server-other.rules)
 * 1:17318 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint MCAtom remote code execution attempt (file-office.rules)
 * 1:17319 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint MCAtom remote code execution attempt (file-office.rules)
 * 1:1732 <-> DISABLED <-> PROTOCOL-RPC portmap rwalld request UDP (protocol-rpc.rules)
 * 1:17320 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint MCAtom remote code execution attempt (file-office.rules)
 * 1:17321 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP spoolss EnumPrinters name overflow attempt (netbios.rules)
 * 1:17322 <-> DISABLED <-> INDICATOR-SHELLCODE x86 OS agnostic fnstenv geteip dword xor decoder (indicator-shellcode.rules)
 * 1:17323 <-> DISABLED <-> INDICATOR-SHELLCODE x86 OS agnostic fnstenv geteip dword xor decoder unescaped (indicator-shellcode.rules)
 * 1:17324 <-> DISABLED <-> INDICATOR-SHELLCODE x86 Linux reverse connect shellcode (indicator-shellcode.rules)
 * 1:17325 <-> DISABLED <-> INDICATOR-SHELLCODE x86 OS agnostic alpha numeric upper case decoder variant (indicator-shellcode.rules)
 * 1:17326 <-> DISABLED <-> SERVER-OTHER Citrix Program Neighborhood Client buffer overflow attempt (server-other.rules)
 * 1:17327 <-> ENABLED <-> SERVER-MAIL Qualcomm WorldMail Server Response (server-mail.rules)
 * 1:17328 <-> DISABLED <-> SERVER-MAIL Qualcomm WorldMail IMAP Literal Token Parsing Buffer Overflow (server-mail.rules)
 * 1:17329 <-> DISABLED <-> PROTOCOL-FTP EPRT overflow attempt (protocol-ftp.rules)
 * 1:1733 <-> DISABLED <-> PROTOCOL-RPC portmap rwalld request TCP (protocol-rpc.rules)
 * 1:17330 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GRE WMF Handling Memory Read Exception attempt (file-image.rules)
 * 1:17331 <-> DISABLED <-> SERVER-MAIL IBM Lotus Notes HTML Speed Reader Long URL buffer overflow attempt (server-mail.rules)
 * 1:17332 <-> ENABLED <-> SERVER-MAIL Content-Disposition attachment (server-mail.rules)
 * 1:17333 <-> DISABLED <-> SERVER-MAIL Lotus Notes Attachment Viewer UUE file buffer overflow attempt (server-mail.rules)
 * 1:17334 <-> DISABLED <-> FILE-FLASH RealNetworks RealPlayer SWF flash file buffer overflow attempt (file-flash.rules)
 * 1:17335 <-> DISABLED <-> INDICATOR-SHELLCODE x86 OS agnostic fnstenv geteip byte xor decoder (indicator-shellcode.rules)
 * 1:17336 <-> DISABLED <-> INDICATOR-SHELLCODE x86 OS agnostic call geteip byte xor decoder (indicator-shellcode.rules)
 * 1:17337 <-> DISABLED <-> INDICATOR-SHELLCODE x86 Microsoft Win32 export table enumeration variant (indicator-shellcode.rules)
 * 1:17338 <-> DISABLED <-> INDICATOR-SHELLCODE x86 Microsoft Windows 32-bit SEH get EIP technique (indicator-shellcode.rules)
 * 1:17339 <-> DISABLED <-> INDICATOR-SHELLCODE x86 generic OS alpha numeric mixed case decoder (indicator-shellcode.rules)
 * 1:1734 <-> DISABLED <-> PROTOCOL-FTP USER overflow attempt (protocol-ftp.rules)
 * 1:17340 <-> DISABLED <-> INDICATOR-SHELLCODE x86 OS agnostic alpha numeric upper case decoder (indicator-shellcode.rules)
 * 1:17341 <-> DISABLED <-> INDICATOR-SHELLCODE x86 OS agnostic alpha UTF8 tolower avoidance decoder (indicator-shellcode.rules)
 * 1:17342 <-> DISABLED <-> INDICATOR-SHELLCODE x86 OS agnostic unicode mixed case decoder (indicator-shellcode.rules)
 * 1:17343 <-> DISABLED <-> INDICATOR-SHELLCODE x86 OS agnostic unicode upper case decoder (indicator-shellcode.rules)
 * 1:17344 <-> DISABLED <-> INDICATOR-SHELLCODE x86 OS agnostic xor dword decoder (indicator-shellcode.rules)
 * 1:17345 <-> DISABLED <-> INDICATOR-SHELLCODE x86 OS agnostic dword additive feedback decoder (indicator-shellcode.rules)
 * 1:17346 <-> DISABLED <-> SERVER-OTHER IBM Lotus Notes Cross Site Scripting attempt (server-other.rules)
 * 1:17347 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Color Management Module buffer overflow attempt (os-windows.rules)
 * 1:17348 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Color Management Module buffer overflow attempt (os-windows.rules)
 * 1:17349 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Color Management Module buffer overflow attempt (os-windows.rules)
 * 1:1735 <-> DISABLED <-> BROWSER-OTHER Mozilla Netscape XMLHttpRequest local file read attempt (browser-other.rules)
 * 1:17350 <-> DISABLED <-> SERVER-ORACLE Oracle Application Server forms arbitrary system command execution attempt (server-oracle.rules)
 * 1:17351 <-> DISABLED <-> FILE-OTHER Nullsoft Winamp ID3v2 Tag Handling Buffer Overflow attempt (file-other.rules)
 * 1:17352 <-> DISABLED <-> FILE-OTHER ClamAV CHM File Handling Integer Overflow attempt (file-other.rules)
 * 1:17353 <-> DISABLED <-> OS-SOLARIS Oracle Solaris printd Daemon Arbitrary File Deletion attempt (os-solaris.rules)
 * 1:17354 <-> DISABLED <-> SERVER-APACHE Apache Byte-Range Filter denial of service attempt (server-apache.rules)
 * 1:17356 <-> DISABLED <-> FILE-OTHER NOD32 Anti-Virus ARJ Archive Handling Buffer Overflow attempt (file-other.rules)
 * 1:17357 <-> DISABLED <-> PUA-OTHER AOL GAIM AIM-ICQ Protocol Handling buffer overflow attempt (pua-other.rules)
 * 1:17358 <-> DISABLED <-> FILE-EXECUTABLE ClamAV UPX File Handling Buffer Overflow attempt (file-executable.rules)
 * 1:17359 <-> ENABLED <-> FILE-IDENTIFY XBM image file download request (file-identify.rules)
 * 1:1736 <-> DISABLED <-> SERVER-WEBAPP squirrel mail spell-check arbitrary command attempt (server-webapp.rules)
 * 1:17360 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox XBM image processing buffer overflow attempt (browser-firefox.rules)
 * 1:17361 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader PDF Catalog Handling denial of service attempt (file-pdf.rules)
 * 1:17362 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel IMDATA buffer overflow attempt (file-office.rules)
 * 1:17363 <-> DISABLED <-> FILE-OTHER Apple OSX Finder DMG volume name memory corruption attempt (file-other.rules)
 * 1:17364 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Help Workshop CNT Help file download request (file-identify.rules)
 * 1:17365 <-> DISABLED <-> FILE-OTHER Microsoft Windows Help Workshop CNT Help contents buffer overflow attempt (file-other.rules)
 * 1:17366 <-> DISABLED <-> FILE-OTHER Microsoft Help Workshop HPJ OPTIONS section buffer overflow attempt (file-other.rules)
 * 1:17367 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer FTP Response Parsing Memory Corruption (browser-ie.rules)
 * 1:17368 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word document stream handling code execution attempt (file-office.rules)
 * 1:17369 <-> DISABLED <-> SERVER-MAIL MailEnable service APPEND command handling buffer overflow attempt (server-mail.rules)
 * 1:1737 <-> DISABLED <-> SERVER-WEBAPP squirrel mail theme arbitrary command attempt (server-webapp.rules)
 * 1:17370 <-> ENABLED <-> SERVER-WEBAPP Squid authentication headers handling denial of service attempt (server-webapp.rules)
 * 1:17371 <-> DISABLED <-> SERVER-WEBAPP Squid authentication headers handling denial of service attempt (server-webapp.rules)
 * 1:17372 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime udta atom parsing heap overflow vulnerability (file-multimedia.rules)
 * 1:17373 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime panorama atoms buffer overflow attempt (file-multimedia.rules)
 * 1:17374 <-> DISABLED <-> FILE-OTHER Microsoft Windows HLP File Handling heap overflow attempt (file-other.rules)
 * 1:17376 <-> DISABLED <-> SERVER-WEBAPP IBM Lotus Expeditor cai URI handler command execution attempt (server-webapp.rules)
 * 1:17377 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Malformed Filter Records Handling Code Execution attempt (file-office.rules)
 * 1:17378 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Animated PNG Processing integer overflow attempt (browser-firefox.rules)
 * 1:17379 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Animated PNG Processing integer overflow attempt (browser-firefox.rules)
 * 1:1738 <-> DISABLED <-> SERVER-WEBAPP global.inc access (server-webapp.rules)
 * 1:17380 <-> ENABLED <-> FILE-IDENTIFY PNG file download request (file-identify.rules)
 * 1:17381 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime PDAT Atom parsing buffer overflow attempt (file-multimedia.rules)
 * 1:17382 <-> DISABLED <-> FILE-OTHER Microsoft Project Invalid Memory Pointer Code Execution attempt (file-other.rules)
 * 1:17383 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher Object Handler Validation Code Execution attempted (file-office.rules)
 * 1:17384 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer setRequestHeader overflow attempt (browser-ie.rules)
 * 1:17385 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer setRequestHeader overflow attempt (browser-ie.rules)
 * 1:17386 <-> DISABLED <-> SERVER-WEBAPP Lighttpd mod_fastcgi Extension CGI Variable Overwriting Vulnerability attempt (server-webapp.rules)
 * 1:17387 <-> DISABLED <-> SERVER-APACHE Apache Tomcat allowLinking URIencoding directory traversal attempt (server-apache.rules)
 * 1:17388 <-> DISABLED <-> FILE-IMAGE OpenOffice EMF file EMR record parsing integer overflow attempt (file-image.rules)
 * 1:17389 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox DOMNodeRemoved attack attempt (browser-firefox.rules)
 * 1:1739 <-> DISABLED <-> SERVER-WEBAPP DNSTools administrator authentication bypass attempt (server-webapp.rules)
 * 1:17390 <-> DISABLED <-> FILE-IMAGE ClamAV Antivirus Function Denial of Service attempt (file-image.rules)
 * 1:17391 <-> DISABLED <-> SERVER-OTHER Multiple products UNIX platform backslash directory traversal attempt (server-other.rules)
 * 1:17392 <-> DISABLED <-> INDICATOR-SHELLCODE JavaScript var shellcode (indicator-shellcode.rules)
 * 1:17393 <-> DISABLED <-> INDICATOR-SHELLCODE JavaScript var heapspray (indicator-shellcode.rules)
 * 1:17394 <-> ENABLED <-> FILE-IDENTIFY GIF file download request (file-identify.rules)
 * 1:17395 <-> DISABLED <-> FILE-IMAGE Oracle Java Web Start Splashscreen GIF decoding buffer overflow attempt (file-image.rules)
 * 1:17396 <-> ENABLED <-> SERVER-OTHER VNC client authentication response (server-other.rules)
 * 1:17397 <-> DISABLED <-> SERVER-OTHER VNCViewer Authenticate buffer overflow attempt (server-other.rules)
 * 1:17398 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Javascript array.splice memory corruption attempt (browser-firefox.rules)
 * 1:17399 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Javascript array.splice memory corruption attempt (browser-firefox.rules)
 * 1:1740 <-> DISABLED <-> SERVER-WEBAPP DNSTools authentication bypass attempt (server-webapp.rules)
 * 1:17400 <-> DISABLED <-> INDICATOR-OBFUSCATION rename of javascript unescape function detected (indicator-obfuscation.rules)
 * 1:17401 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer nested tag memory corruption attempt - unescaped (browser-ie.rules)
 * 1:17402 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer nested tag memory corruption attempt (browser-ie.rules)
 * 1:17403 <-> DISABLED <-> FILE-OFFICE OpenOffice RTF File parsing heap buffer overflow attempt (file-office.rules)
 * 1:17404 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Converter XST structure buffer overflow attempt (file-office.rules)
 * 1:17405 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Converter XST structure buffer overflow attempt (file-office.rules)
 * 1:17406 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Converter XST structure buffer overflow attempt (file-office.rules)
 * 1:17407 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows help file download request (file-identify.rules)
 * 1:17408 <-> DISABLED <-> OS-WINDOWS Microsoft Windows DirectX Targa image file heap overflow attempt (os-windows.rules)
 * 1:17409 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Products IDN Spoofing Vulnerability Attempt (browser-firefox.rules)
 * 1:1741 <-> DISABLED <-> SERVER-WEBAPP DNSTools access (server-webapp.rules)
 * 1:17410 <-> DISABLED <-> OS-WINDOWS Generic HyperLink buffer overflow attempt (os-windows.rules)
 * 1:17411 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CDF cross-domain scripting attempt (browser-ie.rules)
 * 1:17412 <-> DISABLED <-> SERVER-MYSQL create function mysql.func arbitrary library injection attempt (server-mysql.rules)
 * 1:17413 <-> DISABLED <-> OS-WINDOWS Microsoft Jet DB Engine Buffer Overflow attempt (os-windows.rules)
 * 1:17414 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Javascript Engine Information Disclosure attempt (browser-firefox.rules)
 * 1:17415 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Javascript Engine Information Disclosure attempt (browser-firefox.rules)
 * 1:17416 <-> DISABLED <-> SERVER-ORACLE Database Intermedia Denial of Service Attempt (server-oracle.rules)
 * 1:17417 <-> DISABLED <-> SERVER-ORACLE Database Intermedia Denial of Service Attempt (server-oracle.rules)
 * 1:17418 <-> ENABLED <-> SERVER-ORACLE Oracle connection established (server-oracle.rules)
 * 1:17419 <-> DISABLED <-> SERVER-ORACLE Oracle database SQL compiler read-only join auth bypass attempt (server-oracle.rules)
 * 1:1742 <-> DISABLED <-> SERVER-WEBAPP Blahz-DNS dostuff.php modify user attempt (server-webapp.rules)
 * 1:17420 <-> DISABLED <-> SERVER-WEBAPP Citrix Program Neighborhood Agent Arbitrary Shortcut Creation attempt (server-webapp.rules)
 * 1:17421 <-> DISABLED <-> FILE-OFFICE Microsoft OLE automation string manipulation overflow attempt (file-office.rules)
 * 1:17422 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox defineSetter function pointer memory corruption attempt (browser-firefox.rules)
 * 1:17423 <-> DISABLED <-> SERVER-WEBAPP Citrix Program Neighborhood Agent Buffer Overflow attempt (server-webapp.rules)
 * 1:17424 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox IconURL Arbitrary Javascript Execution attempt (browser-firefox.rules)
 * 1:17425 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer Import ActiveX clsid access attempt (browser-plugins.rules)
 * 1:17426 <-> ENABLED <-> FILE-IDENTIFY RAT file download request (file-identify.rules)
 * 1:17427 <-> DISABLED <-> SERVER-ORACLE Oracle database DBMS_Scheduler privilege escalation attempt (server-oracle.rules)
 * 1:17428 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ASP.NET information disclosure attempt (os-windows.rules)
 * 1:17429 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ASP.NET information disclosure attempt (os-windows.rules)
 * 1:1743 <-> DISABLED <-> SERVER-WEBAPP Blahz-DNS dostuff.php access (server-webapp.rules)
 * 1:17430 <-> DISABLED <-> FILE-PDF BitDefender Antivirus PDF processing memory corruption attempt (file-pdf.rules)
 * 1:17431 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS SChannel improper certificate verification (server-iis.rules)
 * 1:17432 <-> DISABLED <-> SERVER-WEBAPP Squid Gopher protocol handling buffer overflow attempt (server-webapp.rules)
 * 1:17433 <-> DISABLED <-> OS-SOLARIS Oracle Solaris DHCP Client Arbitrary Code Execution attempt (os-solaris.rules)
 * 1:17434 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Unicode sequence handling stack corruption attempt (browser-firefox.rules)
 * 1:17435 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP umpnpmgr PNP_GetDeviceList attempt (os-windows.rules)
 * 1:17436 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP umpnpmgr PNP_GetDeviceListSize attempt (os-windows.rules)
 * 1:17437 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP umpnpmgr PNP_GetDeviceList attempt (os-windows.rules)
 * 1:17438 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP umpnpmgr PNP_GetDeviceListSize attempt (os-windows.rules)
 * 1:17439 <-> DISABLED <-> OS-WINDOWS Microsoft Distributed Transaction Controller TIP DoS attempt (os-windows.rules)
 * 1:1744 <-> DISABLED <-> SERVER-WEBAPP SecureSite authentication bypass attempt (server-webapp.rules)
 * 1:17440 <-> DISABLED <-> SERVER-IIS RSA Authentication Agent chunked HTTP request buffer overflow attempt (server-iis.rules)
 * 1:17441 <-> ENABLED <-> FILE-IDENTIFY LNK file download request (file-identify.rules)
 * 1:17442 <-> DISABLED <-> FILE-OTHER Microsoft Windows download of .lnk file that executes cmd.exe detected (file-other.rules)
 * 1:17443 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft DirectShow AVI decoder buffer overflow attempt (file-multimedia.rules)
 * 1:17444 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox 3 xsl parsing heap overflow attempt (browser-firefox.rules)
 * 1:17445 <-> DISABLED <-> SERVER-OTHER Symantec Backup Exec System Recovery Manager unauthorized file upload attempt (server-other.rules)
 * 1:17446 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer FTP client directory traversal attempt (browser-ie.rules)
 * 1:17447 <-> ENABLED <-> SERVER-WEBAPP 407 Proxy Authentication Required (server-webapp.rules)
 * 1:17448 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTTPS proxy information disclosure vulnerability (browser-ie.rules)
 * 1:17449 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks patch management SQL injection attempt (server-webapp.rules)
 * 1:1745 <-> DISABLED <-> SERVER-WEBAPP Messagerie supp_membre.php access (server-webapp.rules)
 * 1:17450 <-> DISABLED <-> SERVER-WEBAPP CommuniGate Systems CommuniGate Pro LDAP Server buffer overflow attempt (server-webapp.rules)
 * 1:17457 <-> DISABLED <-> FILE-FLASH Adobe Flash ActionDefineFunction memory access exploit attempt (file-flash.rules)
 * 1:17458 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:17459 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:1746 <-> DISABLED <-> PROTOCOL-RPC portmap cachefsd request UDP (protocol-rpc.rules)
 * 1:17460 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:17461 <-> DISABLED <-> FILE-OTHER RealNetworks RealPlayer zipped skin file buffer overflow attempt (file-other.rules)
 * 1:17462 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer marquee object handling memory corruption attempt (browser-ie.rules)
 * 1:17463 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer File Download Dialog Box Manipulation (browser-ie.rules)
 * 1:17464 <-> DISABLED <-> BROWSER-PLUGINS AOL Radio AmpX ActiveX clsid access (browser-plugins.rules)
 * 1:17466 <-> DISABLED <-> BROWSER-PLUGINS IBM Lotus Domino Web Access 7 ActiveX exploit attempt (browser-plugins.rules)
 * 1:17467 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ShellExecute and IE7 snews url handling code execution attempt (os-windows.rules)
 * 1:17468 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ShellExecute and IE7 snews url handling code execution attempt (os-windows.rules)
 * 1:17469 <-> DISABLED <-> FILE-MULTIMEDIA Mplayer Real Demuxer stream_read heap overflow attempt (file-multimedia.rules)
 * 1:1747 <-> DISABLED <-> PROTOCOL-RPC portmap cachefsd request TCP (protocol-rpc.rules)
 * 1:17470 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime STSD JPEG atom heap corruption attempt (file-multimedia.rules)
 * 1:17471 <-> DISABLED <-> FILE-PDF Adobe Acrobat JavaScript getIcon method buffer overflow attempt (file-pdf.rules)
 * 1:17472 <-> DISABLED <-> FILE-PDF Adobe Acrobat JavaScript getIcon method buffer overflow attempt (file-pdf.rules)
 * 1:17473 <-> DISABLED <-> SERVER-ORACLE DBMS_CDC_SUBSCRIBE.EXTEND_WINDOW arbitrary command execution attempt (server-oracle.rules)
 * 1:17474 <-> DISABLED <-> SERVER-ORACLE DBMS_CDC_SUBSCRIBE.CREATE_SUBSCRIPTION arbitrary command execution attempt (server-oracle.rules)
 * 1:17475 <-> DISABLED <-> SERVER-ORACLE DBMS_CDC_SUBSCRIBE.ACTIVATE_SUBSCRIPTION arbitrary command execution attempt (server-oracle.rules)
 * 1:17476 <-> DISABLED <-> SERVER-ORACLE DBMS_CDC_SUBSCRIBE.PURGE_WINDOW arbitrary command execution attempt (server-oracle.rules)
 * 1:17477 <-> DISABLED <-> SERVER-ORACLE DBMS_CDC_SUBSCRIBE.DROP_SUBSCRIPTION arbitrary command execution attempt (server-oracle.rules)
 * 1:17478 <-> DISABLED <-> SERVER-ORACLE DBMS_CDC_SUBSCRIBE.SUBSCRIBE arbitrary command execution attempt (server-oracle.rules)
 * 1:17479 <-> DISABLED <-> SERVER-ORACLE DBMS_CDC_ISUBSCRIBE.SUBSCRIBE arbitrary command execution attempt (server-oracle.rules)
 * 1:17480 <-> DISABLED <-> SERVER-ORACLE DBMS_CDC_ISUBSCRIBE.CREATE_SUBSCRIPTION arbitrary command execution attempt (server-oracle.rules)
 * 1:17481 <-> DISABLED <-> SERVER-MAIL Microsoft Windows Exchange and Outlook TNEF Decoding Integer Overflow attempt (server-mail.rules)
 * 1:17482 <-> DISABLED <-> BROWSER-FIREFOX Mozilla NNTP URL Handling Buffer Overflow attempt (browser-firefox.rules)
 * 1:17483 <-> DISABLED <-> PROTOCOL-DNS squid proxy dns A record response denial of service attempt (protocol-dns.rules)
 * 1:17484 <-> DISABLED <-> PROTOCOL-DNS squid proxy dns PTR record response denial of service attempt (protocol-dns.rules)
 * 1:17485 <-> DISABLED <-> PROTOCOL-DNS Symantec Gateway products DNS cache poisoning attempt (protocol-dns.rules)
 * 1:17486 <-> DISABLED <-> SERVER-WEBAPP Trend Micro Control Manager Chunked overflow attempt (server-webapp.rules)
 * 1:17487 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Script Engine Stack Exhaustion Denial of Service attempt (browser-ie.rules)
 * 1:17488 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Malformed Range Code Execution attempt (file-office.rules)
 * 1:17489 <-> DISABLED <-> FILE-OTHER Microsoft Windows Help File Heap Buffer Overflow attempt (file-other.rules)
 * 1:17490 <-> DISABLED <-> FILE-OTHER Microsoft Windows itss.dll CHM File Handling Heap Corruption attempt (file-other.rules)
 * 1:17491 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word mso.dll LsCreateLine memory corruption attempt (file-office.rules)
 * 1:17492 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Malformed SELECTION Record Code Execution attempt (file-office.rules)
 * 1:17493 <-> DISABLED <-> FILE-OTHER ClamAV UPX FileHandling Heap overflow attempt (file-other.rules)
 * 1:17494 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer long URL buffer overflow attempt (browser-ie.rules)
 * 1:17495 <-> DISABLED <-> SERVER-OTHER Squid proxy DNS response spoofing attempt (server-other.rules)
 * 1:17496 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed NamedShows record code execution attempt (file-office.rules)
 * 1:17497 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed NamedShows record code execution attempt (file-office.rules)
 * 1:17498 <-> DISABLED <-> SERVER-APACHE Apache Tomcat UNIX platform directory traversal (server-apache.rules)
 * 1:17499 <-> DISABLED <-> SERVER-APACHE Apache Tomcat UNIX platform directory traversal (server-apache.rules)
 * 1:1750 <-> DISABLED <-> SERVER-IIS users.xml access (server-iis.rules)
 * 1:17500 <-> DISABLED <-> SERVER-APACHE Apache Tomcat UNIX platform directory traversal (server-apache.rules)
 * 1:17501 <-> DISABLED <-> SERVER-APACHE Apache Tomcat UNIX platform directory traversal (server-apache.rules)
 * 1:17502 <-> DISABLED <-> SERVER-APACHE Apache Tomcat UNIX platform directory traversal (server-apache.rules)
 * 1:17503 <-> DISABLED <-> SERVER-MAIL MailEnable IMAP Service Invalid Command Buffer Overlow LOGIN (server-mail.rules)
 * 1:17504 <-> DISABLED <-> SERVER-OTHER Novell ZENworks Asset Management buffer overflow attempt (server-other.rules)
 * 1:17505 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word formatted disk pages table memory corruption attempt (file-office.rules)
 * 1:17506 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word formatted disk pages table memory corruption attempt (file-office.rules)
 * 1:17507 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word formatted disk pages table memory corruption attempt (file-office.rules)
 * 1:17508 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows .NET Application file download request (file-identify.rules)
 * 1:17509 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows .NET Manifest file download request (file-identify.rules)
 * 1:1751 <-> DISABLED <-> SERVER-OTHER cachefsd buffer overflow attempt (server-other.rules)
 * 1:17510 <-> DISABLED <-> FILE-IDENTIFY Microsoft Windows .NET Deploy file download request (file-identify.rules)
 * 1:17511 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed Graphic Code Execution (file-office.rules)
 * 1:17512 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Script Action Handler buffer overflow attempt (browser-ie.rules)
 * 1:17517 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Malformed Record Code Execution attempt (file-office.rules)
 * 1:17518 <-> DISABLED <-> PROTOCOL-FTP FlashGet PWD command stack buffer overflow attempt (protocol-ftp.rules)
 * 1:17519 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox UTF-8 URL Handling Stack Buffer Overflow (browser-firefox.rules)
 * 1:17520 <-> DISABLED <-> SERVER-OTHER CA ARCserve Backup DB Engine Denial of Service (server-other.rules)
 * 1:17521 <-> DISABLED <-> SERVER-OTHER GoodTech SSH Server SFTP processing buffer overflow attempt (server-other.rules)
 * 1:17522 <-> DISABLED <-> FILE-JAVA Oracle Java Runtime Environment Pack200 Decompression Integer Overflow (file-java.rules)
 * 1:17523 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime H.264 Movie File Buffer Overflow (file-multimedia.rules)
 * 1:17524 <-> DISABLED <-> SERVER-OTHER Fujitsu SystemcastWizard Lite PXEService UDP Handling Buffer Overflow (server-other.rules)
 * 1:17525 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS 5.0 WebDav Request Directory Security Bypass (server-iis.rules)
 * 1:17526 <-> DISABLED <-> FILE-PDF Adobe Acrobat and Adobe Acrobat Reader U3D RHAdobeMeta buffer overflow attempt (file-pdf.rules)
 * 1:17527 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player MP4_BoxDumpStructure Buffer Overflow (file-multimedia.rules)
 * 1:17528 <-> DISABLED <-> SERVER-WEBAPP nginx URI parsing buffer overflow attempt (server-webapp.rules)
 * 1:17529 <-> DISABLED <-> SERVER-WEBAPP Adobe RoboHelp Server Arbitrary File Upload and Execute (server-webapp.rules)
 * 1:1753 <-> DISABLED <-> SERVER-IIS as_web.exe access (server-iis.rules)
 * 1:17530 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector Stack Buffer Overflow (server-other.rules)
 * 1:17531 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime MOV file JVTCompEncodeFrame heap overflow attempt (file-multimedia.rules)
 * 1:17532 <-> DISABLED <-> FILE-OFFICE Micrsoft Office Excel TXO and OBJ Records Parsing Stack Memory Corruption (file-office.rules)
 * 1:17533 <-> DISABLED <-> SERVER-APACHE Apache Struts Information Disclosure Attempt (server-apache.rules)
 * 1:17534 <-> ENABLED <-> SERVER-OTHER IPP Application Content (server-other.rules)
 * 1:17535 <-> DISABLED <-> SERVER-OTHER Apple CUPS Text to PostScript Filter Integer Overflow attempt (server-other.rules)
 * 1:17536 <-> DISABLED <-> SERVER-WEBAPP generic server HTTP Auth Header buffer overflow attempt (server-webapp.rules)
 * 1:17537 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel unspecified memory corruption attempt (file-office.rules)
 * 1:17538 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel unspecified memory corruption attempt (file-office.rules)
 * 1:17539 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel unspecified memory corruption attempt (file-office.rules)
 * 1:1754 <-> DISABLED <-> SERVER-IIS as_web4.exe access (server-iis.rules)
 * 1:17540 <-> ENABLED <-> FILE-IDENTIFY LZH file download request (file-identify.rules)
 * 1:17541 <-> DISABLED <-> FILE-OTHER Avast Antivirus Engine Remote LHA buffer overflow attempt (file-other.rules)
 * 1:17542 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel MalformedPalete Record Memory Corruption attempt (file-office.rules)
 * 1:17543 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Column record handling memory corruption attempt (file-office.rules)
 * 1:17544 <-> DISABLED <-> SERVER-OTHER Wireshark LWRES Dissector getaddrsbyname buffer overflow attempt (server-other.rules)
 * 1:17545 <-> DISABLED <-> BROWSER-PLUGINS Lotus Domino Web Access ActiveX Controls buffer overflow attempt (browser-plugins.rules)
 * 1:17546 <-> DISABLED <-> FILE-IDENTIFY Microsoft Media Player compressed skin download request (file-identify.rules)
 * 1:17547 <-> ENABLED <-> FILE-IDENTIFY SMIL file download request (file-identify.rules)
 * 1:17548 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime SMIL File Handling Integer Overflow attempt (file-multimedia.rules)
 * 1:17549 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Error Handling Code Execution (browser-ie.rules)
 * 1:1755 <-> DISABLED <-> PROTOCOL-IMAP partial body buffer overflow attempt (protocol-imap.rules)
 * 1:17550 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Font Parsing Buffer Overflow attempt (file-office.rules)
 * 1:17551 <-> DISABLED <-> PUA-OTHER Microsoft MSN Messenger and Windows Live Messenger Code Execution attempt (pua-other.rules)
 * 1:17552 <-> ENABLED <-> FILE-IDENTIFY Adobe Pagemaker file download request (file-identify.rules)
 * 1:17553 <-> DISABLED <-> FILE-OTHER Adobe Pagemaker Font Name Buffer Overflow attempt (file-other.rules)
 * 1:17554 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer DOM object cache management memory corruption attempt (browser-ie.rules)
 * 1:17555 <-> DISABLED <-> BROWSER-PLUGINS Macrovision InstallShield Update Service ActiveX exploit attempt (browser-plugins.rules)
 * 1:17556 <-> DISABLED <-> SERVER-OTHER Firebird database invalid state integer overflow attempt (server-other.rules)
 * 1:17557 <-> DISABLED <-> BROWSER-PLUGINS Novell iPrint ActiveX operation parameter overflow (browser-plugins.rules)
 * 1:17558 <-> DISABLED <-> FILE-IMAGE CUPS Gif Decoding Routine Buffer Overflow attempt (file-image.rules)
 * 1:17559 <-> DISABLED <-> FILE-OTHER IBM Lotus Notes Applix Graphics Parsing Buffer Overflow (file-other.rules)
 * 1:1756 <-> DISABLED <-> SERVER-IIS NewsPro administration authentication attempt (server-iis.rules)
 * 1:17560 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word global array index heap overflow attempt (file-office.rules)
 * 1:17561 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer IVR Overly Long Filename Code Execution attempt (file-multimedia.rules)
 * 1:17562 <-> DISABLED <-> FILE-JAVA Oracle Java Runtime Environment Pack200 Decompression Integer Overflow attempt (file-java.rules)
 * 1:17563 <-> DISABLED <-> FILE-JAVA Oracle Java Runtime Environment JAR File Processing Stack Buffer Overflow (file-java.rules)
 * 1:17564 <-> DISABLED <-> SERVER-IIS WebDAV Request Directory Security Bypass attempt (server-iis.rules)
 * 1:17565 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint PP7 File Handling Memory Corruption attempt (file-office.rules)
 * 1:17566 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer event handler memory corruption attempt (browser-ie.rules)
 * 1:17567 <-> DISABLED <-> SERVER-OTHER LANDesk Management Suite Alerting Service buffer overflow attempt (server-other.rules)
 * 1:17568 <-> DISABLED <-> FILE-OFFICE Microsoft Office XP URL Handling Buffer Overflow attempt (file-office.rules)
 * 1:17569 <-> DISABLED <-> SERVER-OTHER BEA Weblogic Admin Console Cross Site Scripting Vulnerability attempt (server-other.rules)
 * 1:1757 <-> DISABLED <-> SERVER-WEBAPP b2 arbitrary command execution attempt (server-webapp.rules)
 * 1:17570 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox IFRAME style change handling code execution (browser-firefox.rules)
 * 1:17571 <-> DISABLED <-> BROWSER-PLUGINS obfuscated instantiation of ActiveX object - likely malicious (browser-plugins.rules)
 * 1:17572 <-> DISABLED <-> OS-WINDOWS Microsoft XML Core Services cross-site information disclosure attempt (os-windows.rules)
 * 1:17573 <-> DISABLED <-> FILE-MULTIMEDIA ffdshow codec URL parsing buffer overflow attempt (file-multimedia.rules)
 * 1:17574 <-> DISABLED <-> FILE-OFFICE Sophos Anti-Virus Visio File Parsing Buffer Overflow attempt (file-office.rules)
 * 1:17575 <-> DISABLED <-> BROWSER-PLUGINS IBM SizerOne ActiveX clsid access attempt (browser-plugins.rules)
 * 1:17577 <-> DISABLED <-> SERVER-OTHER CA BightStor ARCserver Backup possible insecure method access (server-other.rules)
 * 1:17578 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Section Table Array Buffer Overflow attempt (file-office.rules)
 * 1:17579 <-> DISABLED <-> FILE-OFFICE Microsoft Office Drawing Record msofbtOPT Code Execution attempt (file-office.rules)
 * 1:17580 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer span tag memory corruption attempt (browser-ie.rules)
 * 1:17581 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox tag order memory corruption attempt (browser-firefox.rules)
 * 1:17582 <-> DISABLED <-> BROWSER-PLUGINS Symantec Norton AntiVirus CcErrDisp ActiveX function call access (browser-plugins.rules)
 * 1:17584 <-> DISABLED <-> SERVER-ORACLE UTL_FILE directory traversal attempt (server-oracle.rules)
 * 1:17585 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer possible javascript onunload event memory corruption (browser-ie.rules)
 * 1:17586 <-> DISABLED <-> FILE-JAVA Oracle Java Web Start malicious parameter value (file-java.rules)
 * 1:17587 <-> DISABLED <-> BROWSER-PLUGINS Adobe Multiple Product AcroPDF.PDF ActiveX exploit attempt (browser-plugins.rules)
 * 1:17588 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Install Engine ActiveX clsid access (browser-plugins.rules)
 * 1:1759 <-> DISABLED <-> SQL xp_cmdshell program execution 445 (sql.rules)
 * 1:17590 <-> DISABLED <-> SERVER-ORACLE DBMS_ASSERT.simple_sql_name double quote SQL injection attempt (server-oracle.rules)
 * 1:17591 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word invalid sprmTDefTable length stack buffer overflow attempt (file-office.rules)
 * 1:17592 <-> DISABLED <-> BROWSER-PLUGINS Microsoft MyInfo.dll ActiveX clsid access (browser-plugins.rules)
 * 1:17593 <-> DISABLED <-> BROWSER-PLUGINS Microsoft msdxm.ocx ActiveX clsid access (browser-plugins.rules)
 * 1:17594 <-> DISABLED <-> BROWSER-PLUGINS Microsoft creator.dll 1 ActiveX clsid access (browser-plugins.rules)
 * 1:17595 <-> DISABLED <-> BROWSER-PLUGINS Microsoft creator.dll 2 ActiveX clsid access (browser-plugins.rules)
 * 1:17596 <-> DISABLED <-> BROWSER-PLUGINS Microsoft ciodm.dll ActiveX clsid access (browser-plugins.rules)
 * 1:17597 <-> DISABLED <-> SERVER-WEBAPP TikiWiki jhot.php script file upload attempt (server-webapp.rules)
 * 1:17598 <-> ENABLED <-> SERVER-OTHER IBM DB2 Universal Database accsec command without rdbnam (server-other.rules)
 * 1:17599 <-> DISABLED <-> SERVER-OTHER IBM DB2 Universal Database rdbname denial of service attempt (server-other.rules)
 * 1:17600 <-> ENABLED <-> FILE-IDENTIFY XUL file download request (file-identify.rules)
 * 1:17601 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox file type memory corruption attempt (browser-firefox.rules)
 * 1:17602 <-> DISABLED <-> FILE-OTHER ClamAV antivirus CHM file handling DOS (file-other.rules)
 * 1:17603 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox file type memory corruption attempt (browser-firefox.rules)
 * 1:17604 <-> DISABLED <-> SERVER-OTHER Oracle Java AWT ConvolveOp memory corruption attempt (server-other.rules)
 * 1:17605 <-> DISABLED <-> SERVER-WEBAPP Trend Micro OfficeScan CGI password decryption buffer overflow attempt (server-webapp.rules)
 * 1:17606 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative command execution attempt (file-flash.rules)
 * 1:17607 <-> DISABLED <-> SERVER-OTHER Xi Software Net Transport eDonkey Protocol Buffer Overflow attempt (server-other.rules)
 * 1:17609 <-> DISABLED <-> SERVER-WEBAPP Oracle Java Web Server WebDAV Stack Buffer Overflow attempt (server-webapp.rules)
 * 1:17610 <-> DISABLED <-> FILE-MULTIMEDIA GStreamer QuickTime file parsing multiple heap overflow attempt (file-multimedia.rules)
 * 1:17611 <-> DISABLED <-> FILE-MULTIMEDIA GStreamer QuickTime file parsing multiple heap overflow attempt (file-multimedia.rules)
 * 1:17612 <-> DISABLED <-> FILE-MULTIMEDIA GStreamer QuickTime file parsing multiple heap overflow attempt (file-multimedia.rules)
 * 1:17613 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox browser engine memory corruption attempt (browser-firefox.rules)
 * 1:17614 <-> DISABLED <-> BROWSER-PLUGINS SAP GUI SAPBExCommonResources ActiveX clsid access (browser-plugins.rules)
 * 1:17616 <-> DISABLED <-> BROWSER-PLUGINS SAP GUI SAPBExCommonResources ActiveX function call access (browser-plugins.rules)
 * 1:17618 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Graphics engine EMF rendering vulnerability (os-windows.rules)
 * 1:17619 <-> DISABLED <-> SERVER-ORACLE database server crafted view privelege escalation attempt (server-oracle.rules)
 * 1:1762 <-> DISABLED <-> SERVER-WEBAPP phf arbitrary command execution attempt (server-webapp.rules)
 * 1:17620 <-> ENABLED <-> SERVER-OTHER Products Discovery Service Buffer Overflow (server-other.rules)
 * 1:17621 <-> ENABLED <-> SERVER-OTHER Products Discovery Service Buffer Overflow (server-other.rules)
 * 1:17622 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer object reference memory corruption attempt (browser-ie.rules)
 * 1:17623 <-> DISABLED <-> FILE-JAVA Oracle Java Runtime Environment Type1 Font parsing integer overflow attempt (file-java.rules)
 * 1:17624 <-> DISABLED <-> FILE-JAVA Oracle Java Runtime Environment Type1 Font parsing integer overflow attempt (file-java.rules)
 * 1:17625 <-> DISABLED <-> SERVER-ORACLE Database Core RDBMS component denial of service attempt (server-oracle.rules)
 * 1:17626 <-> DISABLED <-> OS-WINDOWS Microsoft Windows embedded web font handling buffer overflow attempt (os-windows.rules)
 * 1:17628 <-> DISABLED <-> FILE-IMAGE Sun Microsystems Java gif handling memory corruption attempt (file-image.rules)
 * 1:17629 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Chrome Page Loading Restriction Bypass attempt (browser-firefox.rules)
 * 1:1763 <-> DISABLED <-> SERVER-WEBAPP Nortel Contivity cgiproc DOS attempt (server-webapp.rules)
 * 1:17630 <-> DISABLED <-> BROWSER-FIREFOX Mozilla multiple products CSSValue array memory corruption attempt (browser-firefox.rules)
 * 1:17631 <-> DISABLED <-> FILE-JAVA Oracle Java Web Start JNLP j2se key value buffer overflow attempt (file-java.rules)
 * 1:17633 <-> DISABLED <-> FILE-OTHER RealNetworks RealPlayer SWF frame handling buffer overflow attempt (file-other.rules)
 * 1:17634 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP brightstor-arc function 0 little endian object call overflow attempt (netbios.rules)
 * 1:17635 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP brightstor-arc function 0 little endian overflow attempt (netbios.rules)
 * 1:17636 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP brightstor-arc function 0 object call overflow attempt (netbios.rules)
 * 1:17637 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP brightstor-arc function 0 overflow attempt (netbios.rules)
 * 1:17638 <-> DISABLED <-> SERVER-ORACLE Secure Backup administration server login.php cookies command injection attempt (server-oracle.rules)
 * 1:17639 <-> DISABLED <-> SERVER-SAMBA Samba Root File System access bypass attempt (server-samba.rules)
 * 1:1764 <-> DISABLED <-> SERVER-WEBAPP Nortel Contivity cgiproc DOS attempt (server-webapp.rules)
 * 1:17640 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP brightstor opnum 43 overflow attempt (netbios.rules)
 * 1:17641 <-> DISABLED <-> FILE-PDF CUPS and Xpdf JBIG2 symbol dictionary buffer overflow attempt (file-pdf.rules)
 * 1:17642 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox ConstructFrame with floating first-letter memory corruption attempt (browser-firefox.rules)
 * 1:17643 <-> DISABLED <-> SERVER-OTHER CA BrightStor ARCServe logger servie null-pointer dereference attempt (server-other.rules)
 * 1:17644 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer object clone deletion memory corruption attempt (browser-ie.rules)
 * 1:17645 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS strings parsing memory corruption attempt (browser-ie.rules)
 * 1:17646 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint Legacy file format picture object code execution attempt (file-office.rules)
 * 1:17648 <-> DISABLED <-> SERVER-IIS source code disclosure attempt (server-iis.rules)
 * 1:17649 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word array data handling buffer overflow attempt (file-office.rules)
 * 1:1765 <-> DISABLED <-> SERVER-WEBAPP Nortel Contivity cgiproc access (server-webapp.rules)
 * 1:17650 <-> DISABLED <-> FILE-OTHER Adobe Pagemaker Key Strings Stack Buffer Overflow attempt (file-other.rules)
 * 1:17651 <-> DISABLED <-> FILE-OTHER Multiple AV vendor invalid archive checksum bypass attempt (file-other.rules)
 * 1:17652 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS source code disclosure attempt (server-iis.rules)
 * 1:17653 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS source code disclosure attempt (server-iis.rules)
 * 1:17654 <-> DISABLED <-> BROWSER-PLUGINS Facebook Photo Uploader ActiveX exploit attempt (browser-plugins.rules)
 * 1:17655 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed formula parsing code execution attempt (file-office.rules)
 * 1:17656 <-> DISABLED <-> SERVER-APACHE Apache HTTP server mod_rewrite module LDAP scheme handling buffer overflow attempt (server-apache.rules)
 * 1:17657 <-> DISABLED <-> SERVER-OTHER Symantec NetBackup BPCD Daemon exploit attempt (server-other.rules)
 * 1:17658 <-> DISABLED <-> FILE-FLASH Adobe Flash frame type identifier memory corruption attempt (file-flash.rules)
 * 1:17659 <-> DISABLED <-> SERVER-ORACLE xdb.dbms_xmlschema buffer overflow attempt (server-oracle.rules)
 * 1:1766 <-> DISABLED <-> SERVER-WEBAPP search.dll directory listing attempt (server-webapp.rules)
 * 1:17660 <-> DISABLED <-> SERVER-OTHER Oracle Java Web Start arbitrary command execution attempt (server-other.rules)
 * 1:17661 <-> DISABLED <-> SERVER-SAMBA Samba send_mailslot buffer overflow attempt (server-samba.rules)
 * 1:17662 <-> DISABLED <-> SERVER-OTHER VMware Workstation DHCP service integer overflow attempt (server-other.rules)
 * 1:17663 <-> DISABLED <-> SERVER-OTHER Apple CUPS SGI image decoding buffer overflow attempt (server-other.rules)
 * 1:17664 <-> DISABLED <-> FILE-OFFICE Microsoft Office GIF image descriptor memory corruption attempt (file-office.rules)
 * 1:17666 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer invalid chunk size heap overflow attempt (file-multimedia.rules)
 * 1:17667 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Pragmatic General Multicast Protocol memory consumption denial of service attempt (os-windows.rules)
 * 1:17668 <-> DISABLED <-> FILE-PDF download of a PDF with embedded JavaScript - JS string attempt (file-pdf.rules)
 * 1:17669 <-> DISABLED <-> SERVER-ORACLE Oracle Application Server 10g OPMN service format string vulnerability exploit attempt (server-oracle.rules)
 * 1:1767 <-> DISABLED <-> SERVER-WEBAPP search.dll access (server-webapp.rules)
 * 1:17670 <-> DISABLED <-> BROWSER-PLUGINS BigAnt Office Manager ActiveX clsid access (browser-plugins.rules)
 * 1:17672 <-> DISABLED <-> BROWSER-PLUGINS BigAnt Office Manager ActiveX function call access (browser-plugins.rules)
 * 1:17674 <-> DISABLED <-> BROWSER-PLUGINS Skype Extras Manager ActiveX clsid access (browser-plugins.rules)
 * 1:17676 <-> DISABLED <-> BROWSER-PLUGINS Skype Extras Manager ActiveX function call access (browser-plugins.rules)
 * 1:17678 <-> DISABLED <-> FILE-IMAGE Adobe BMP image handler buffer overflow attempt (file-image.rules)
 * 1:17679 <-> ENABLED <-> FILE-IDENTIFY Apple disk image file download request (file-identify.rules)
 * 1:17680 <-> DISABLED <-> SERVER-OTHER ISC BIND DNSSEC Validation Multiple RRsets DoS (server-other.rules)
 * 1:17685 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer invalid pointer memory corruption attempt (browser-ie.rules)
 * 1:17686 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer invalid pointer memory corruption attempt (browser-ie.rules)
 * 1:17687 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer invalid pointer memory corruption attempt (browser-ie.rules)
 * 1:17688 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer userdata behavior memory corruption attempt (browser-ie.rules)
 * 1:17689 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer userdata behavior memory corruption attempt (browser-ie.rules)
 * 1:1769 <-> DISABLED <-> SERVER-WEBAPP .DS_Store access (server-webapp.rules)
 * 1:17690 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:17691 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:17692 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer ExecWB security zone bypass attempt (browser-ie.rules)
 * 1:17695 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint paragraph format array inner header overflow attempt (file-office.rules)
 * 1:17696 <-> DISABLED <-> PROTOCOL-DNS Microsoft Windows DNS Server ANY query cache weakness (protocol-dns.rules)
 * 1:17698 <-> DISABLED <-> SERVER-MAIL RealNetworks RealPlayer wav chunk string overflow attempt in email (server-mail.rules)
 * 1:1770 <-> DISABLED <-> SERVER-WEBAPP .FBCIndex access (server-webapp.rules)
 * 1:17701 <-> DISABLED <-> BROWSER-PLUGINS Office Viewer ActiveX arbitrary command execution attempt (browser-plugins.rules)
 * 1:17702 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP srvsvc NetrDfsCreateExitPoint dos attempt (os-windows.rules)
 * 1:17703 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer popup title bar spoofing attempt (browser-ie.rules)
 * 1:17704 <-> DISABLED <-> FILE-OTHER McAfee LHA file parsing buffer overflow attempt (file-other.rules)
 * 1:17705 <-> DISABLED <-> SERVER-IIS RSA Authentication Agent chunked HTTP request buffer overflow attempt (server-iis.rules)
 * 1:17706 <-> DISABLED <-> SERVER-OTHER Veritas NetBackup java user interface service format string attack attempt (server-other.rules)
 * 1:17707 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP trend-serverprotect trend_req_num buffer overflow attempt (netbios.rules)
 * 1:17708 <-> DISABLED <-> SERVER-OTHER VNC password request URL buffer overflow attempt (server-other.rules)
 * 1:17709 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer EMBED element memory corruption attempt (browser-ie.rules)
 * 1:1771 <-> DISABLED <-> POLICY-OTHER IPSec PGPNet connection attempt (policy-other.rules)
 * 1:17710 <-> DISABLED <-> SERVER-OTHER Veritas NetBackup vmd shared library buffer overflow attempt (server-other.rules)
 * 1:17711 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ASF parsing memory corruption attempt (os-windows.rules)
 * 1:17712 <-> DISABLED <-> OS-WINDOWS TFTP PUT Microsoft RIS filename overwrite attempt (os-windows.rules)
 * 1:17713 <-> DISABLED <-> SERVER-OTHER Novell NetMail NMAP STOR buffer overflow attempt (server-other.rules)
 * 1:17714 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP trend-serverprotect CMON_ActiveUpdate attempt (netbios.rules)
 * 1:17715 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP trend-serverprotect CMON_ActiveUpdate attempt (netbios.rules)
 * 1:17716 <-> DISABLED <-> SERVER-MAIL IBM Lotus Notes DOC attachment viewer buffer overflow (server-mail.rules)
 * 1:17717 <-> DISABLED <-> SERVER-MAIL IBM Lotus Notes HTML input tag buffer overflow attempt (server-mail.rules)
 * 1:17718 <-> DISABLED <-> SERVER-ORACLE Oracle MDSYS drop table trigger injection attempt (server-oracle.rules)
 * 1:17719 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox ClearTextRun exploit attempt (browser-firefox.rules)
 * 1:1772 <-> DISABLED <-> SERVER-IIS pbserver access (server-iis.rules)
 * 1:17720 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer static text range overflow attempt (browser-ie.rules)
 * 1:17721 <-> DISABLED <-> OS-WINDOWS Microsoft Windows WINS replication inform2 request memory corruption attempt (os-windows.rules)
 * 1:17722 <-> DISABLED <-> SERVER-ORACLE XDB.XDB_PITRIG_PKG buffer overflow attempt (server-oracle.rules)
 * 1:17723 <-> DISABLED <-> OS-WINDOWS possible SMB replay attempt - overlapping encryption keys detected (os-windows.rules)
 * 1:17724 <-> DISABLED <-> OS-WINDOWS Microsoft IIS malicious ASP file upload attempt (os-windows.rules)
 * 1:17725 <-> DISABLED <-> BROWSER-OTHER Opera file URI handling buffer overflow (browser-other.rules)
 * 1:17726 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer address bar spoofing attempt (browser-ie.rules)
 * 1:17727 <-> DISABLED <-> FILE-OTHER Oracle JDK image parsing library ICC buffer overflow attempt (file-other.rules)
 * 1:17729 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer EMBED element memory corruption attempt (browser-ie.rules)
 * 1:1773 <-> DISABLED <-> SERVER-WEBAPP php.exe access (server-webapp.rules)
 * 1:17730 <-> DISABLED <-> OS-WINDOWS Microsoft XML Core Services MIME Viewer memory corruption attempt (os-windows.rules)
 * 1:17731 <-> DISABLED <-> OS-WINDOWS Microsoft Windows wpad dynamic update request  (os-windows.rules)
 * 1:17732 <-> ENABLED <-> FILE-IDENTIFY TIFF file download request (file-identify.rules)
 * 1:17733 <-> ENABLED <-> FILE-IDENTIFY XML file download request (file-identify.rules)
 * 1:17734 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel REPT integer underflow attempt (file-office.rules)
 * 1:17735 <-> DISABLED <-> FILE-OTHER Adobe Pagemaker Font Name Buffer Overflow attempt (file-other.rules)
 * 1:17736 <-> DISABLED <-> SERVER-OTHER McAfee LHA Type-2 file handling overflow attempt (server-other.rules)
 * 1:17737 <-> DISABLED <-> SERVER-MAIL Microsoft collaboration data objects buffer overflow attempt (server-mail.rules)
 * 1:17738 <-> DISABLED <-> SERVER-OTHER Linux Kernel SNMP Netfilter Memory Corruption attempt (server-other.rules)
 * 1:17739 <-> ENABLED <-> FILE-IDENTIFY FlashPix file download request (file-identify.rules)
 * 1:1774 <-> DISABLED <-> SERVER-WEBAPP bb_smilies.php access (server-webapp.rules)
 * 1:17740 <-> DISABLED <-> FILE-IMAGE Apple Quicktime FlashPix processing overflow attempt (file-image.rules)
 * 1:17742 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word remote code execution attempt (file-office.rules)
 * 1:17743 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word RTF parsing memory corruption attempt (file-office.rules)
 * 1:17745 <-> ENABLED <-> NETBIOS SMB TRANS2 Find_First2 request attempt (netbios.rules)
 * 1:17746 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB client TRANS response Find_First2 filename overflow attempt (os-windows.rules)
 * 1:17747 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer compressed HDMX font processing integer overflow attempt (browser-ie.rules)
 * 1:17749 <-> DISABLED <-> PROTOCOL-RPC Linux Kernel nfsd v4 CAP_MKNOD security bypass attempt (protocol-rpc.rules)
 * 1:1775 <-> DISABLED <-> SERVER-MYSQL root login attempt (server-mysql.rules)
 * 1:17750 <-> DISABLED <-> SERVER-IIS Microsoft IIS 7.5 client verify null pointer attempt (server-iis.rules)
 * 1:17751 <-> ENABLED <-> FILE-IDENTIFY OpenType Font file download request (file-identify.rules)
 * 1:17753 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media Player network sharing service RTSP code execution attempt (file-multimedia.rules)
 * 1:17754 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word bookmark bound check remote code execution attempt (file-office.rules)
 * 1:17755 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word unchecked index value remote code execution attempt (file-office.rules)
 * 1:17756 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word XP PLFLSInTableStream heap overflow attempt (file-office.rules)
 * 1:17757 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel CrErr record integer overflow attempt (file-office.rules)
 * 1:17758 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel PtgExtraArray data parsing vulnerability exploit attempt (file-office.rules)
 * 1:17759 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel invalid SerAr object exploit attempt (file-office.rules)
 * 1:1776 <-> DISABLED <-> SERVER-MYSQL show databases attempt (server-mysql.rules)
 * 1:17760 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RealTimeData record exploit attempt (file-office.rules)
 * 1:17763 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel GhostRw record exploit attempt (file-office.rules)
 * 1:17764 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel PtgName invalid index exploit attempt (file-office.rules)
 * 1:17766 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 XSS in toStaticHTML API attempt (browser-ie.rules)
 * 1:17767 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 tostaticHTML CSS import vulnerability (browser-ie.rules)
 * 1:17768 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 object event handler use after free exploit attempt (browser-ie.rules)
 * 1:17769 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 CSS invalid mapping exploit attempt (browser-ie.rules)
 * 1:1777 <-> DISABLED <-> PROTOCOL-FTP EXPLOIT STAT asterisk dos attempt (protocol-ftp.rules)
 * 1:17770 <-> DISABLED <-> FILE-OFFICE Microsoft HtmlDlgHelper ActiveX clsid access (file-office.rules)
 * 1:17771 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer cross-domain information disclosure attempt (browser-ie.rules)
 * 1:17772 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer Scriptlet Component ActiveX clsid access (browser-plugins.rules)
 * 1:17773 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media Player Firefox plugin memory corruption attempt (file-multimedia.rules)
 * 1:17774 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 CSS XSRF exploit attempt (browser-ie.rules)
 * 1:17776 <-> DISABLED <-> FILE-JAVA Oracle Java HsbParser.getSoundBank stack buffer overflow attempt (file-java.rules)
 * 1:17777 <-> DISABLED <-> SERVER-MAIL IBM Lotus Notes WPD attachment handling buffer overflow attempt (server-mail.rules)
 * 1:17778 <-> DISABLED <-> FILE-OTHER BitDefender Internet Security script code execution attempt (file-other.rules)
 * 1:1778 <-> DISABLED <-> PROTOCOL-FTP EXPLOIT STAT ? dos attempt (protocol-ftp.rules)
 * 1:17782 <-> DISABLED <-> PROTOCOL-SCADA Modbus write multiple registers from external source (protocol-scada.rules)
 * 1:17783 <-> DISABLED <-> PROTOCOL-SCADA Modbus write single register from external source (protocol-scada.rules)
 * 1:17784 <-> DISABLED <-> PROTOCOL-SCADA Modbus write single coil from external source (protocol-scada.rules)
 * 1:17785 <-> DISABLED <-> PROTOCOL-SCADA Modbus write multiple coils from external source (protocol-scada.rules)
 * 1:17786 <-> DISABLED <-> PROTOCOL-SCADA Modbus write file record from external source (protocol-scada.rules)
 * 1:17787 <-> DISABLED <-> PROTOCOL-SCADA Modbus read discrete inputs from external source (protocol-scada.rules)
 * 1:17788 <-> DISABLED <-> PROTOCOL-SCADA Modbus read coils from external source (protocol-scada.rules)
 * 1:17789 <-> DISABLED <-> PROTOCOL-SCADA Modbus read input register from external source (protocol-scada.rules)
 * 1:17790 <-> DISABLED <-> PROTOCOL-SCADA Modbus read holding registers from external source (protocol-scada.rules)
 * 1:17791 <-> DISABLED <-> PROTOCOL-SCADA Modbus read/write multiple registers from external source (protocol-scada.rules)
 * 1:17792 <-> DISABLED <-> PROTOCOL-SCADA Modbus read fifo queue from external source (protocol-scada.rules)
 * 1:17793 <-> DISABLED <-> PROTOCOL-SCADA Modbus read file record from external source (protocol-scada.rules)
 * 1:17794 <-> DISABLED <-> PROTOCOL-SCADA Modbus read exception status from external source (protocol-scada.rules)
 * 1:17795 <-> DISABLED <-> PROTOCOL-SCADA Modbus initiate diagnostic from external source (protocol-scada.rules)
 * 1:17796 <-> DISABLED <-> PROTOCOL-SCADA Modbus get com event counter from external source (protocol-scada.rules)
 * 1:17797 <-> DISABLED <-> PROTOCOL-SCADA Modbus get com event log from external source (protocol-scada.rules)
 * 1:17798 <-> DISABLED <-> PROTOCOL-SCADA Modbus report slave id from external source (protocol-scada.rules)
 * 1:17799 <-> DISABLED <-> PROTOCOL-SCADA Modbus read device identification from external source (protocol-scada.rules)
 * 1:17800 <-> DISABLED <-> PROTOCOL-SCADA Modbus mask write register from external source (protocol-scada.rules)
 * 1:17801 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file magic detected (file-identify.rules)
 * 1:17802 <-> ENABLED <-> FILE-IDENTIFY Adobe Director Movie file download request (file-identify.rules)
 * 1:17803 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk memory corruption attempt (file-other.rules)
 * 1:17804 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox html tag attributes memory corruption (browser-firefox.rules)
 * 1:17805 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Neeris.BF variant outbound connection (malware-cnc.rules)
 * 1:17806 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk remote code execution attempt (file-other.rules)
 * 1:17807 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director rcsL chunk remote code execution attempt (file-other.rules)
 * 1:17808 <-> DISABLED <-> FILE-FLASH Adobe Flash authplay.dll memory corruption attempt (file-flash.rules)
 * 1:17809 <-> ENABLED <-> FILE-IDENTIFY Apple Quicktime qt file download request (file-identify.rules)
 * 1:17810 <-> DISABLED <-> INDICATOR-COMPROMISE potential malware - download of server32.exe (indicator-compromise.rules)
 * 1:17811 <-> DISABLED <-> INDICATOR-COMPROMISE potential malware - download of svchost.exe (indicator-compromise.rules)
 * 1:17812 <-> DISABLED <-> INDICATOR-COMPROMISE potential malware - download of iexplore.exe (indicator-compromise.rules)
 * 1:17813 <-> DISABLED <-> INDICATOR-COMPROMISE potential malware - download of iprinp.dll (indicator-compromise.rules)
 * 1:17814 <-> DISABLED <-> INDICATOR-COMPROMISE potential malware - download of winzf32.dll (indicator-compromise.rules)
 * 1:17815 <-> DISABLED <-> MALWARE-CNC Thinkpoint fake antivirus - user display (malware-cnc.rules)
 * 1:17816 <-> DISABLED <-> MALWARE-CNC Thinkpoint fake antivirus - credit card submission (malware-cnc.rules)
 * 1:17817 <-> DISABLED <-> SERVER-OTHER Thinkpoint fake antivirus binary download (server-other.rules)
 * 1:1787 <-> DISABLED <-> SERVER-WEBAPP csPassword.cgi access (server-webapp.rules)
 * 1:1788 <-> DISABLED <-> SERVER-WEBAPP csPassword password.cgi.tmp access (server-webapp.rules)
 * 1:1789 <-> DISABLED <-> POLICY-SOCIAL IRC dns request (policy-social.rules)
 * 1:17898 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - /get2.php?c=VTOXUGUI&d= (malware-cnc.rules)
 * 1:17899 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - /reques0.asp?kind=006&mac= (malware-cnc.rules)
 * 1:1790 <-> DISABLED <-> POLICY-SOCIAL IRC dns response (policy-social.rules)
 * 1:17900 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - /basic/cn3c2/c.*dll (malware-cnc.rules)
 * 1:17901 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - /mybackup21.rar (malware-cnc.rules)
 * 1:17902 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - /?getexe=loader.exe (malware-cnc.rules)
 * 1:17903 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - stid= (malware-cnc.rules)
 * 1:17905 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - 1de49069b6044785e9dfcd4c035cfd0c.php (malware-cnc.rules)
 * 1:17906 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - 2x/.*php (malware-cnc.rules)
 * 1:17907 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - /MNG/Download/?File=AZF DATADIR Download (malware-cnc.rules)
 * 1:17908 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - /images/crypt_22.exe (malware-cnc.rules)
 * 1:17909 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - /images/css/1.exe (malware-cnc.rules)
 * 1:17910 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - /7xdown.exe (malware-cnc.rules)
 * 1:17911 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - /winhelper.exe (malware-cnc.rules)
 * 1:17912 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - /upopwin/count.asp?mac= (malware-cnc.rules)
 * 1:17913 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - /ok.exe (malware-cnc.rules)
 * 1:17914 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - /LjBin/Bin.Dll (malware-cnc.rules)
 * 1:17915 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - /1001ns/cfg3n.bin (malware-cnc.rules)
 * 1:17916 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - /dh/stats.bin (malware-cnc.rules)
 * 1:17917 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - /zeus/config.bin (malware-cnc.rules)
 * 1:17918 <-> DISABLED <-> POLICY-SPAM aaof.onlinelewiss22r.ru known spam email attempt (policy-spam.rules)
 * 1:17919 <-> DISABLED <-> POLICY-SPAM akiq.onlinetommie54y.ru known spam email attempt (policy-spam.rules)
 * 1:1792 <-> DISABLED <-> PROTOCOL-NNTP return code buffer overflow attempt (protocol-nntp.rules)
 * 1:17920 <-> DISABLED <-> POLICY-SPAM aobuii.onlinelewiss22r.ru known spam email attempt (policy-spam.rules)
 * 1:17921 <-> DISABLED <-> POLICY-SPAM argue.medrayner44c.ru known spam email attempt (policy-spam.rules)
 * 1:17922 <-> DISABLED <-> POLICY-SPAM ava.refilleldredge89r.ru known spam email attempt (policy-spam.rules)
 * 1:17923 <-> DISABLED <-> POLICY-SPAM axoseb.medicdrugsxck.ru known spam email attempt (policy-spam.rules)
 * 1:17924 <-> DISABLED <-> POLICY-SPAM azo.onlinetommie54y.ru known spam email attempt (policy-spam.rules)
 * 1:17925 <-> DISABLED <-> POLICY-SPAM back.pharmroyce83b.ru known spam email attempt (policy-spam.rules)
 * 1:17926 <-> DISABLED <-> POLICY-SPAM by.pharmroyce83b.ru known spam email attempt (policy-spam.rules)
 * 1:17927 <-> DISABLED <-> POLICY-SPAM cardinals.refilldud86o.ru known spam email attempt (policy-spam.rules)
 * 1:17928 <-> DISABLED <-> POLICY-SPAM chemist.onlineruggiero33q.ru known spam email attempt (policy-spam.rules)
 * 1:17929 <-> DISABLED <-> POLICY-SPAM chula.pharmroyce83b.ru known spam email attempt (policy-spam.rules)
 * 1:17930 <-> DISABLED <-> POLICY-SPAM classification.refillreade47j.ru known spam email attempt (policy-spam.rules)
 * 1:17931 <-> DISABLED <-> POLICY-SPAM compensate.refilldud86o.ru known spam email attempt (policy-spam.rules)
 * 1:17932 <-> DISABLED <-> POLICY-SPAM cswjlxey.ru known spam email attempt (policy-spam.rules)
 * 1:17933 <-> DISABLED <-> POLICY-SPAM current.refillreade47j.ru known spam email attempt (policy-spam.rules)
 * 1:17934 <-> DISABLED <-> POLICY-SPAM cyacaz.pilltodd73p.ru known spam email attempt (policy-spam.rules)
 * 1:17935 <-> DISABLED <-> POLICY-SPAM deepcenter.ru known spam email attempt (policy-spam.rules)
 * 1:17936 <-> DISABLED <-> POLICY-SPAM delegate.refillreade47j.ru known spam email attempt (policy-spam.rules)
 * 1:17937 <-> DISABLED <-> POLICY-SPAM diet.medrayner44c.ru known spam email attempt (policy-spam.rules)
 * 1:17938 <-> DISABLED <-> POLICY-SPAM direct.refillreade47j.ru known spam email attempt (policy-spam.rules)
 * 1:17939 <-> DISABLED <-> POLICY-SPAM divyo.pillking74s.ru known spam email attempt (policy-spam.rules)
 * 1:17940 <-> DISABLED <-> POLICY-SPAM drugsgeorge65g.ru known spam email attempt (policy-spam.rules)
 * 1:17941 <-> DISABLED <-> POLICY-SPAM dux.erectnoll24k.ru known spam email attempt (policy-spam.rules)
 * 1:17942 <-> DISABLED <-> POLICY-SPAM dypoh.erectjefferey85n.ru known spam email attempt (policy-spam.rules)
 * 1:17943 <-> DISABLED <-> POLICY-SPAM eaihar.refilleldredge89r.ru known spam email attempt (policy-spam.rules)
 * 1:17944 <-> DISABLED <-> POLICY-SPAM eeez.onlinehamel83i.ru known spam email attempt (policy-spam.rules)
 * 1:17945 <-> DISABLED <-> POLICY-SPAM egi.refilleldredge89r.ru known spam email attempt (policy-spam.rules)
 * 1:17946 <-> DISABLED <-> POLICY-SPAM ehyw.cumedicdrugsx.ru known spam email attempt (policy-spam.rules)
 * 1:17947 <-> DISABLED <-> POLICY-SPAM eka.onlinehamel83i.ru known spam email attempt (policy-spam.rules)
 * 1:17948 <-> DISABLED <-> POLICY-SPAM election.refillreade47j.ru known spam email attempt (policy-spam.rules)
 * 1:17949 <-> DISABLED <-> POLICY-SPAM elik.drugslevy46b.ru known spam email attempt (policy-spam.rules)
 * 1:17950 <-> DISABLED <-> POLICY-SPAM epeno.onlinelewiss22r.ru known spam email attempt (policy-spam.rules)
 * 1:17951 <-> DISABLED <-> POLICY-SPAM erectgodart30s.ru known spam email attempt (policy-spam.rules)
 * 1:17952 <-> DISABLED <-> POLICY-SPAM erol.camedicdrugsx.ru known spam email attempt (policy-spam.rules)
 * 1:17953 <-> DISABLED <-> POLICY-SPAM exa.drugslevy46b.ru known spam email attempt (policy-spam.rules)
 * 1:17954 <-> DISABLED <-> POLICY-SPAM eyu.onlinehamel83i.ru known spam email attempt (policy-spam.rules)
 * 1:17955 <-> DISABLED <-> POLICY-SPAM fashionchannel.ru known spam email attempt (policy-spam.rules)
 * 1:17956 <-> DISABLED <-> POLICY-SPAM fauxy.pillking74s.ru known spam email attempt (policy-spam.rules)
 * 1:17957 <-> DISABLED <-> POLICY-SPAM food.refillreade47j.ru known spam email attempt (policy-spam.rules)
 * 1:17958 <-> DISABLED <-> POLICY-SPAM generality.onlinehill21q.ru known spam email attempt (policy-spam.rules)
 * 1:17959 <-> DISABLED <-> POLICY-SPAM goyry.ramedicdrugsx.ru known spam email attempt (policy-spam.rules)
 * 1:17960 <-> DISABLED <-> POLICY-SPAM gueepa.erectnoll24k.ru known spam email attempt (policy-spam.rules)
 * 1:17961 <-> DISABLED <-> POLICY-SPAM has.refillreade47j.ru known spam email attempt (policy-spam.rules)
 * 1:17962 <-> DISABLED <-> POLICY-SPAM have.medrayner44c.ru known spam email attempt (policy-spam.rules)
 * 1:17963 <-> DISABLED <-> POLICY-SPAM headtest.ru known spam email attempt (policy-spam.rules)
 * 1:17964 <-> DISABLED <-> POLICY-SPAM huhuh.pilltodd73p.ru known spam email attempt (policy-spam.rules)
 * 1:17965 <-> DISABLED <-> POLICY-SPAM hyem.pilltodd73p.ru known spam email attempt (policy-spam.rules)
 * 1:17966 <-> DISABLED <-> POLICY-SPAM icysa.refilleldredge89r.ru known spam email attempt (policy-spam.rules)
 * 1:17967 <-> DISABLED <-> POLICY-SPAM iiy.refilleldredge89r.ru known spam email attempt (policy-spam.rules)
 * 1:17968 <-> DISABLED <-> POLICY-SPAM iki.onlinetommie54y.ru known spam email attempt (policy-spam.rules)
 * 1:17969 <-> DISABLED <-> POLICY-SPAM iner.medicdrugsxdl.ru known spam email attempt (policy-spam.rules)
 * 1:17970 <-> DISABLED <-> POLICY-SPAM in.onlinehill21q.ru known spam email attempt (policy-spam.rules)
 * 1:17971 <-> DISABLED <-> POLICY-SPAM intelpost.ru known spam email attempt (policy-spam.rules)
 * 1:17972 <-> DISABLED <-> POLICY-SPAM inunuw.medicdrugsxpo.ru known spam email attempt (policy-spam.rules)
 * 1:17973 <-> DISABLED <-> POLICY-SPAM ipiig.drugslevy46b.ru known spam email attempt (policy-spam.rules)
 * 1:17974 <-> DISABLED <-> POLICY-SPAM iqor.pilltodd73p.ru known spam email attempt (policy-spam.rules)
 * 1:17975 <-> DISABLED <-> POLICY-SPAM is.medrayner44c.ru known spam email attempt (policy-spam.rules)
 * 1:17976 <-> DISABLED <-> POLICY-SPAM itaca.erectnoll24k.ru known spam email attempt (policy-spam.rules)
 * 1:17977 <-> DISABLED <-> POLICY-SPAM ive.pilltodd73p.ru known spam email attempt (policy-spam.rules)
 * 1:17978 <-> DISABLED <-> POLICY-SPAM iweqyz.erectjefferey85n.ru known spam email attempt (policy-spam.rules)
 * 1:17979 <-> DISABLED <-> POLICY-SPAM iycyde.medicdrugsxco.ru known spam email attempt (policy-spam.rules)
 * 1:17980 <-> DISABLED <-> POLICY-SPAM iyw.refilleldredge89r.ru known spam email attempt (policy-spam.rules)
 * 1:17981 <-> DISABLED <-> POLICY-SPAM jaecoh.erectnoll24k.ru known spam email attempt (policy-spam.rules)
 * 1:17982 <-> DISABLED <-> POLICY-SPAM jael.pillking74s.ru known spam email attempt (policy-spam.rules)
 * 1:17983 <-> DISABLED <-> POLICY-SPAM jex.remedicdrugsx.ru known spam email attempt (policy-spam.rules)
 * 1:17984 <-> DISABLED <-> POLICY-SPAM john.onlinehill21q.ru known spam email attempt (policy-spam.rules)
 * 1:17985 <-> DISABLED <-> POLICY-SPAM joseph.refillreade47j.ru known spam email attempt (policy-spam.rules)
 * 1:17986 <-> DISABLED <-> POLICY-SPAM jyn.medicdrugsxdl.ru known spam email attempt (policy-spam.rules)
 * 1:17987 <-> DISABLED <-> POLICY-SPAM jyzyv.refilleldredge89r.ru known spam email attempt (policy-spam.rules)
 * 1:17988 <-> DISABLED <-> POLICY-SPAM koosaf.erectnoll24k.ru known spam email attempt (policy-spam.rules)
 * 1:17989 <-> DISABLED <-> POLICY-SPAM lybah.pilltodd73p.ru known spam email attempt (policy-spam.rules)
 * 1:17990 <-> DISABLED <-> POLICY-SPAM manila.onlinephilbert42f.ru known spam email attempt (policy-spam.rules)
 * 1:17991 <-> DISABLED <-> POLICY-SPAM masa.erectjefferey85n.ru known spam email attempt (policy-spam.rules)
 * 1:17992 <-> DISABLED <-> POLICY-SPAM medpenny17j.ru known spam email attempt (policy-spam.rules)
 * 1:17993 <-> DISABLED <-> POLICY-SPAM minionspre.ru known spam email attempt (policy-spam.rules)
 * 1:17994 <-> DISABLED <-> POLICY-SPAM nazuwu.onlinelewiss22r.ru known spam email attempt (policy-spam.rules)
 * 1:17995 <-> DISABLED <-> POLICY-SPAM negotiations.refilldud86o.ru known spam email attempt (policy-spam.rules)
 * 1:17996 <-> DISABLED <-> POLICY-SPAM niqiv.erectjefferey85n.ru known spam email attempt (policy-spam.rules)
 * 1:17997 <-> DISABLED <-> POLICY-SPAM odimys.medicdrugsxlb.ru known spam email attempt (policy-spam.rules)
 * 1:17998 <-> DISABLED <-> POLICY-SPAM odoog.onlinelewiss22r.ru known spam email attempt (policy-spam.rules)
 * 1:17999 <-> DISABLED <-> POLICY-SPAM oekaka.aimedicdrugsx.ru known spam email attempt (policy-spam.rules)
 * 1:18000 <-> DISABLED <-> POLICY-SPAM oeqio.erectnoll24k.ru known spam email attempt (policy-spam.rules)
 * 1:18001 <-> DISABLED <-> POLICY-SPAM of.onlinephilbert42f.ru known spam email attempt (policy-spam.rules)
 * 1:18002 <-> DISABLED <-> POLICY-SPAM of.refilldud86o.ru known spam email attempt (policy-spam.rules)
 * 1:18003 <-> DISABLED <-> POLICY-SPAM of.refillreade47j.ru known spam email attempt (policy-spam.rules)
 * 1:18004 <-> DISABLED <-> POLICY-SPAM oipek.onlinehamel83i.ru known spam email attempt (policy-spam.rules)
 * 1:18005 <-> DISABLED <-> POLICY-SPAM oji.medicdrugsxto.ru known spam email attempt (policy-spam.rules)
 * 1:18006 <-> DISABLED <-> POLICY-SPAM onotye.onlinelewiss22r.ru known spam email attempt (policy-spam.rules)
 * 1:18007 <-> DISABLED <-> POLICY-SPAM opy.erectjefferey85n.ru known spam email attempt (policy-spam.rules)
 * 1:18008 <-> DISABLED <-> POLICY-SPAM orderbuzz.ru known spam email attempt (policy-spam.rules)
 * 1:18009 <-> DISABLED <-> POLICY-SPAM ouu.almedicdrugsx.ru known spam email attempt (policy-spam.rules)
 * 1:18010 <-> DISABLED <-> POLICY-SPAM oxuc.pillking74s.ru known spam email attempt (policy-spam.rules)
 * 1:18011 <-> DISABLED <-> POLICY-SPAM pillrolfe64l.ru known spam email attempt (policy-spam.rules)
 * 1:18012 <-> DISABLED <-> POLICY-SPAM recently.refilldud86o.ru known spam email attempt (policy-spam.rules)
 * 1:18013 <-> DISABLED <-> POLICY-SPAM records.onlinephilbert42f.ru known spam email attempt (policy-spam.rules)
 * 1:18014 <-> DISABLED <-> POLICY-SPAM reobaj.onlinehamel83i.ru known spam email attempt (policy-spam.rules)
 * 1:18015 <-> DISABLED <-> POLICY-SPAM research.onlinehill21q.ru known spam email attempt (policy-spam.rules)
 * 1:18016 <-> DISABLED <-> POLICY-SPAM returning.refillreade47j.ru known spam email attempt (policy-spam.rules)
 * 1:18017 <-> DISABLED <-> POLICY-SPAM right.refillreade47j.ru known spam email attempt (policy-spam.rules)
 * 1:18018 <-> DISABLED <-> POLICY-SPAM riwaro.erectjefferey85n.ru known spam email attempt (policy-spam.rules)
 * 1:18019 <-> DISABLED <-> POLICY-SPAM ruuav.erectnoll24k.ru known spam email attempt (policy-spam.rules)
 * 1:1802 <-> DISABLED <-> SERVER-IIS .asa HTTP header buffer overflow attempt (server-iis.rules)
 * 1:18020 <-> DISABLED <-> POLICY-SPAM ryhux.medicdrugsxpa.ru known spam email attempt (policy-spam.rules)
 * 1:18021 <-> DISABLED <-> POLICY-SPAM software-buyshop-7.ru known spam email attempt (policy-spam.rules)
 * 1:18022 <-> DISABLED <-> POLICY-SPAM specialyou.ru known spam email attempt (policy-spam.rules)
 * 1:18023 <-> DISABLED <-> POLICY-SPAM starring.pharmroyce83b.ru known spam email attempt (policy-spam.rules)
 * 1:18024 <-> DISABLED <-> POLICY-SPAM store-softwarebuy-7.ru known spam email attempt (policy-spam.rules)
 * 1:18025 <-> DISABLED <-> POLICY-SPAM sya.onlinehamel83i.ru known spam email attempt (policy-spam.rules)
 * 1:18026 <-> DISABLED <-> POLICY-SPAM tabdarin80s.ru known spam email attempt (policy-spam.rules)
 * 1:18027 <-> DISABLED <-> POLICY-SPAM tabgordan13n.ru known spam email attempt (policy-spam.rules)
 * 1:18028 <-> DISABLED <-> POLICY-SPAM tablangston19a.ru known spam email attempt (policy-spam.rules)
 * 1:18029 <-> DISABLED <-> POLICY-SPAM tabwebster77c.ru known spam email attempt (policy-spam.rules)
 * 1:1803 <-> DISABLED <-> SERVER-IIS .cer HTTP header buffer overflow attempt (server-iis.rules)
 * 1:18030 <-> DISABLED <-> POLICY-SPAM tanuen.dimedicdrugsx.ru known spam email attempt (policy-spam.rules)
 * 1:18031 <-> DISABLED <-> POLICY-SPAM the.onlinehill21q.ru known spam email attempt (policy-spam.rules)
 * 1:18032 <-> DISABLED <-> POLICY-SPAM the.onlineruggiero33q.ru known spam email attempt (policy-spam.rules)
 * 1:18033 <-> DISABLED <-> POLICY-SPAM to.medrayner44c.ru known spam email attempt (policy-spam.rules)
 * 1:18034 <-> DISABLED <-> POLICY-SPAM trails.pharmroyce83b.ru known spam email attempt (policy-spam.rules)
 * 1:18035 <-> DISABLED <-> POLICY-SPAM trusting-me.ru known spam email attempt (policy-spam.rules)
 * 1:18036 <-> DISABLED <-> POLICY-SPAM twodays.ru known spam email attempt (policy-spam.rules)
 * 1:18037 <-> DISABLED <-> POLICY-SPAM tyqaja.pilltodd73p.ru known spam email attempt (policy-spam.rules)
 * 1:18038 <-> DISABLED <-> POLICY-SPAM uboi.onlinehamel83i.ru known spam email attempt (policy-spam.rules)
 * 1:18039 <-> DISABLED <-> POLICY-SPAM uf.drugslevy46b.ru known spam email attempt (policy-spam.rules)
 * 1:1804 <-> DISABLED <-> SERVER-IIS .cdx HTTP header buffer overflow attempt (server-iis.rules)
 * 1:18040 <-> DISABLED <-> POLICY-SPAM uielij.pillking74s.ru known spam email attempt (policy-spam.rules)
 * 1:18041 <-> DISABLED <-> POLICY-SPAM unasu.medicdrugsxto.ru known spam email attempt (policy-spam.rules)
 * 1:18042 <-> DISABLED <-> POLICY-SPAM upazo.pilltodd73p.ru known spam email attempt (policy-spam.rules)
 * 1:18043 <-> DISABLED <-> POLICY-SPAM utuqaj.pillking74s.ru known spam email attempt (policy-spam.rules)
 * 1:18044 <-> DISABLED <-> POLICY-SPAM uuji.refilleldredge89r.ru known spam email attempt (policy-spam.rules)
 * 1:18045 <-> DISABLED <-> POLICY-SPAM variation.refilldud86o.ru known spam email attempt (policy-spam.rules)
 * 1:18046 <-> DISABLED <-> POLICY-SPAM via.refillreade47j.ru known spam email attempt (policy-spam.rules)
 * 1:18047 <-> DISABLED <-> POLICY-SPAM voiceless.pharmroyce83b.ru known spam email attempt (policy-spam.rules)
 * 1:18048 <-> DISABLED <-> POLICY-SPAM was.medrayner44c.ru known spam email attempt (policy-spam.rules)
 * 1:18049 <-> DISABLED <-> POLICY-SPAM word.onlinephilbert42f.ru known spam email attempt (policy-spam.rules)
 * 1:1805 <-> DISABLED <-> SERVER-WEBAPP Oracle Reports CGI access (server-webapp.rules)
 * 1:18050 <-> DISABLED <-> POLICY-SPAM world.onlinehill21q.ru known spam email attempt (policy-spam.rules)
 * 1:18051 <-> DISABLED <-> POLICY-SPAM www.buhni.ru known spam email attempt (policy-spam.rules)
 * 1:18052 <-> DISABLED <-> POLICY-SPAM www.visitcover.ru known spam email attempt (policy-spam.rules)
 * 1:18053 <-> DISABLED <-> POLICY-SPAM xob.erectnoll24k.ru known spam email attempt (policy-spam.rules)
 * 1:18054 <-> DISABLED <-> POLICY-SPAM ygy.onlinetommie54y.ru known spam email attempt (policy-spam.rules)
 * 1:18055 <-> DISABLED <-> POLICY-SPAM yit.medicdrugsxor.ru known spam email attempt (policy-spam.rules)
 * 1:18056 <-> DISABLED <-> POLICY-SPAM ylum.onlinelewiss22r.ru known spam email attempt (policy-spam.rules)
 * 1:18057 <-> DISABLED <-> POLICY-SPAM ymyuto.onlinelewiss22r.ru known spam email attempt (policy-spam.rules)
 * 1:18058 <-> DISABLED <-> POLICY-SPAM yomy.pillking74s.ru known spam email attempt (policy-spam.rules)
 * 1:18059 <-> DISABLED <-> POLICY-SPAM yzugez.pillking74s.ru known spam email attempt (policy-spam.rules)
 * 1:1806 <-> DISABLED <-> SERVER-IIS .htr chunked Transfer-Encoding (server-iis.rules)
 * 1:18060 <-> DISABLED <-> POLICY-SPAM zeroprices.ru known spam email attempt (policy-spam.rules)
 * 1:18061 <-> DISABLED <-> POLICY-SPAM zueuz.onlinehamel83i.ru known spam email attempt (policy-spam.rules)
 * 1:18064 <-> DISABLED <-> BROWSER-PLUGINS Microsoft .NET framework EntityObject execution attempt  (browser-plugins.rules)
 * 1:18065 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint converter bad indirection remote code execution attempt (file-office.rules)
 * 1:18066 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint integer underflow heap corruption attempt (file-office.rules)
 * 1:18067 <-> DISABLED <-> FILE-OFFICE Microsoft Office RTF parsing remote code execution attempt (file-office.rules)
 * 1:18068 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed MsoDrawingObject record attempt (file-office.rules)
 * 1:18069 <-> DISABLED <-> FILE-OFFICE Microsoft Office Art drawing invalid shape identifier attempt (file-office.rules)
 * 1:1807 <-> DISABLED <-> POLICY-OTHER Chunked-Encoding transfer with no data attempt (policy-other.rules)
 * 1:18070 <-> DISABLED <-> FILE-OFFICE Microsoft Office pptimpconv.dll dll-load exploit attempt (file-office.rules)
 * 1:18071 <-> DISABLED <-> FILE-OFFICE Microsoft Office pptimpconv.dll dll-load exploit attempt (file-office.rules)
 * 1:18072 <-> DISABLED <-> OS-WINDOWS Microsoft Forefront UAG external redirect attempt (os-windows.rules)
 * 1:18073 <-> DISABLED <-> OS-WINDOWS Microsoft Forefront UAG arbitrary embedded scripting attempt (os-windows.rules)
 * 1:18074 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Forefront UAG URL XSS attempt (os-windows.rules)
 * 1:18076 <-> DISABLED <-> OS-WINDOWS Microsoft Forefront UAG URL XSS alternate attempt (os-windows.rules)
 * 1:18077 <-> DISABLED <-> BROWSER-FIREFOX Mozilla products CSS rendering out-of-bounds array write attempt (browser-firefox.rules)
 * 1:18078 <-> DISABLED <-> BROWSER-FIREFOX Mozilla products CSS rendering out-of-bounds array write attempt (browser-firefox.rules)
 * 1:1808 <-> DISABLED <-> SERVER-WEBAPP apache chunked encoding memory corruption exploit attempt (server-webapp.rules)
 * 1:1809 <-> DISABLED <-> SERVER-APACHE Apache Chunked-Encoding worm attempt (server-apache.rules)
 * 1:18096 <-> DISABLED <-> SERVER-APACHE Apache Tomcat username enumeration attempt (server-apache.rules)
 * 1:18097 <-> DISABLED <-> BROWSER-PLUGINS VMWare Remote Console format string code execution attempt (browser-plugins.rules)
 * 1:18098 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - Carberp (malware-cnc.rules)
 * 1:18099 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - Carberp (malware-cnc.rules)
 * 1:1810 <-> DISABLED <-> SERVER-OTHER successful gobbles ssh exploit GOBBLE (server-other.rules)
 * 1:18100 <-> DISABLED <-> MALWARE-CNC Tidserv malware command and control channel traffic (malware-cnc.rules)
 * 1:18102 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader invalid PDF JavaScript printSeps extension call attempt (file-pdf.rules)
 * 1:1811 <-> DISABLED <-> SERVER-OTHER successful gobbles ssh exploit uname (server-other.rules)
 * 1:1812 <-> DISABLED <-> SERVER-OTHER gobbles SSH exploit attempt (server-other.rules)
 * 1:1813 <-> DISABLED <-> PROTOCOL-ICMP digital island bandwidth query (protocol-icmp.rules)
 * 1:18132 <-> DISABLED <-> INDICATOR-OBFUSCATION malware-associated JavaScript obfuscation function (indicator-obfuscation.rules)
 * 1:1814 <-> DISABLED <-> SERVER-WEBAPP CISCO VoIP DOS ATTEMPT (server-webapp.rules)
 * 1:1815 <-> DISABLED <-> SERVER-WEBAPP directory.php arbitrary command attempt (server-webapp.rules)
 * 1:1816 <-> DISABLED <-> SERVER-WEBAPP directory.php access (server-webapp.rules)
 * 1:18167 <-> DISABLED <-> INDICATOR-SHELLCODE Possible generic javascript heap spray attempt (indicator-shellcode.rules)
 * 1:18168 <-> DISABLED <-> INDICATOR-SHELLCODE Possible generic javascript heap spray attempt (indicator-shellcode.rules)
 * 1:1817 <-> DISABLED <-> SERVER-IIS MS Site Server default login attempt (server-iis.rules)
 * 1:18170 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox and SeaMonkey onUnload event handler memory corruption attempt (browser-firefox.rules)
 * 1:18171 <-> DISABLED <-> OS-WINDOWS Multiple product mailto uri handling code execution attempt (os-windows.rules)
 * 1:18172 <-> DISABLED <-> OS-WINDOWS Multiple product mailto uri handling code execution attempt (os-windows.rules)
 * 1:18173 <-> DISABLED <-> OS-WINDOWS Multiple product mailto uri handling code execution attempt (os-windows.rules)
 * 1:18174 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS memory corruption attempt (browser-ie.rules)
 * 1:18175 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS memory corruption attempt (browser-ie.rules)
 * 1:18176 <-> DISABLED <-> BROWSER-FIREFOX Mozilla browsers memory corruption simultaneous XPCOM events code execution attempt (browser-firefox.rules)
 * 1:18177 <-> DISABLED <-> BROWSER-FIREFOX Mozilla browsers memory corruption simultaneous XPCOM events code execution attempt (browser-firefox.rules)
 * 1:18178 <-> DISABLED <-> BROWSER-FIREFOX Mozilla browsers memory corruption simultaneous XPCOM events code execution attempt (browser-firefox.rules)
 * 1:18179 <-> DISABLED <-> INDICATOR-SCAN Proxyfire.net anonymous proxy scan (indicator-scan.rules)
 * 1:1818 <-> DISABLED <-> SERVER-IIS MS Site Server admin attempt (server-iis.rules)
 * 1:18180 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript remote code execution attempt (file-flash.rules)
 * 1:18181 <-> DISABLED <-> PROTOCOL-FTP ProFTPd 1.3.3c backdoor activity (protocol-ftp.rules)
 * 1:18182 <-> DISABLED <-> PROTOCOL-FTP ProFTPd 1.3.3c backdoor help access attempt (protocol-ftp.rules)
 * 1:18186 <-> DISABLED <-> BROWSER-FIREFOX Mozilla products -moz-grid and -moz-grid-group display styles code execution attempt (browser-firefox.rules)
 * 1:18187 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox InstallTrigger.install memory corruption attempt (browser-firefox.rules)
 * 1:18188 <-> DISABLED <-> BROWSER-FIREFOX Multiple browser marquee tag denial of service attempt (browser-firefox.rules)
 * 1:18189 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP netdfs NetrDfsEnum attempt (netbios.rules)
 * 1:1819 <-> DISABLED <-> SERVER-OTHER Alcatel PABX 4400 connection attempt (server-other.rules)
 * 1:18190 <-> DISABLED <-> NETBIOS DCERPC NCADG-IP-UDP netdfs NetrDfsEnum attempt (netbios.rules)
 * 1:18191 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP netdfs NetrDfsEnum attempt (netbios.rules)
 * 1:18192 <-> DISABLED <-> NETBIOS DCERPC NCADG-IP-UDP netdfs NetrDfsEnum attempt (netbios.rules)
 * 1:18193 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer cross domain information disclosure attempt (browser-ie.rules)
 * 1:18194 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer cross domain information disclosure attempt (browser-ie.rules)
 * 1:18195 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB Negotiate Protocol response DoS attempt (os-windows.rules)
 * 1:18196 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS importer use-after-free attempt (browser-ie.rules)
 * 1:18197 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer COleSite ActiveX memory corruption attempt (browser-plugins.rules)
 * 1:18198 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer COleSite ActiveX memory corruption attempt (browser-plugins.rules)
 * 1:18199 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Internet Explorer COleSite ActiveX memory corruption attempt (browser-plugins.rules)
 * 1:1820 <-> DISABLED <-> SERVER-WEBAPP IBM Net.Commerce orderdspc.d2w access (server-webapp.rules)
 * 1:18200 <-> DISABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules)
 * 1:18202 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Address Book smmscrpt.dll malicious DLL load (os-windows.rules)
 * 1:18203 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Address Book smmscrpt.dll malicious DLL load (os-windows.rules)
 * 1:18204 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Address Book wab32res.dll dll-load exploit attempt (os-windows.rules)
 * 1:18205 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Address Book msoeres32.dll dll-load exploit attempt (os-windows.rules)
 * 1:18206 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Address Book request for wab32res.dll over SMB attempt (os-windows.rules)
 * 1:18207 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Address Book request for msoeres32.dll over SMB attempt (os-windows.rules)
 * 1:18208 <-> DISABLED <-> OS-WINDOWS Microsoft Windows wininet peerdist.dll dll-load exploit attempt (os-windows.rules)
 * 1:18209 <-> DISABLED <-> OS-WINDOWS Microsoft Windows wininet peerdist.dll dll-load exploit attempt (os-windows.rules)
 * 1:1821 <-> DISABLED <-> SERVER-OTHER LPD dvips remote command execution attempt (server-other.rules)
 * 1:18210 <-> DISABLED <-> OS-WINDOWS Microsoft Movie Maker hhctrl.ocx dll-load attempt (os-windows.rules)
 * 1:18211 <-> DISABLED <-> OS-WINDOWS Microsoft Movie Maker hhctrl.ocx dll-load attempt (os-windows.rules)
 * 1:18212 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher tyo.oty field heap overflow attempt (file-office.rules)
 * 1:18213 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher column and row remote code execution attempt (file-office.rules)
 * 1:18214 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher 97 conversion remote code execution attempt (file-office.rules)
 * 1:18215 <-> DISABLED <-> OS-WINDOWS NETAPI RPC interface reboot attempt (os-windows.rules)
 * 1:18216 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 6 #default#anim attempt (browser-ie.rules)
 * 1:18217 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer select element memory corruption attempt (browser-ie.rules)
 * 1:18218 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer time element memory corruption attempt (browser-ie.rules)
 * 1:18219 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver remote code execution attempt (file-other.rules)
 * 1:1822 <-> DISABLED <-> SERVER-WEBAPP AlienForm alienform.cgi directory traversal attempt (server-webapp.rules)
 * 1:18220 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ATMFD font driver malformed character glyph remote code execution attempt (os-windows.rules)
 * 1:18221 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer malformed table remote code execution attempt (browser-ie.rules)
 * 1:18222 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder wmerrorenu.dll dll-load exploit attempt (os-windows.rules)
 * 1:18223 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder winietenu.dll dll-load exploit attempt (os-windows.rules)
 * 1:18224 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder asferrorenu.dll dll-load exploit attempt (os-windows.rules)
 * 1:18225 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder wmerrorenu.dll dll-load exploit attempt (os-windows.rules)
 * 1:18226 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder winietenu.dll dll-load exploit attempt (os-windows.rules)
 * 1:18227 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Encoder asferrorenu.dll dll-load exploit attempt (os-windows.rules)
 * 1:18229 <-> DISABLED <-> FILE-IMAGE Microsoft FlashPix tile length overflow attempt (file-image.rules)
 * 1:1823 <-> DISABLED <-> SERVER-WEBAPP AlienForm af.cgi directory traversal attempt (server-webapp.rules)
 * 1:18230 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher memory corruption attempt (file-office.rules)
 * 1:18231 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher oversized oti length attempt (file-office.rules)
 * 1:18233 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher Adobe Font Driver code execution attempt (file-office.rules)
 * 1:18234 <-> ENABLED <-> FILE-IDENTIFY QuickDraw/PICT file download request (file-identify.rules)
 * 1:18235 <-> DISABLED <-> FILE-OFFICE Microsoft Office PICT graphics converter memory corruption attempt (file-office.rules)
 * 1:18236 <-> DISABLED <-> FILE-OFFICE Microsoft Office TIFFIM32.FLT filter memory corruption attempt (file-office.rules)
 * 1:18237 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Flashpix graphics filter fpx32.flt remote code execution attempt (file-image.rules)
 * 1:18238 <-> DISABLED <-> SERVER-WEBAPP Microsoft Office SharePoint document conversion remote code excution attempt (server-webapp.rules)
 * 1:18239 <-> DISABLED <-> INDICATOR-OBFUSCATION known malicious JavaScript decryption routine (indicator-obfuscation.rules)
 * 1:1824 <-> DISABLED <-> SERVER-WEBAPP AlienForm alienform.cgi access (server-webapp.rules)
 * 1:18240 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS importer use-after-free attempt (browser-ie.rules)
 * 1:18241 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows WMI administrator tools object viewer ActiveX clsid access (browser-plugins.rules)
 * 1:18242 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows WMI Administrator Tools Object Viewer ActiveX function call access (browser-plugins.rules)
 * 1:18243 <-> DISABLED <-> SERVER-IIS Microsoft Windows 7 IIS7.5 FTPSVC buffer overflow attempt (server-iis.rules)
 * 1:18244 <-> DISABLED <-> FILE-JAVA Oracle Java browser plugin docbase overflow attempt (file-java.rules)
 * 1:18245 <-> DISABLED <-> BROWSER-PLUGINS Oracle Java browser plugin docbase overflow attempt (browser-plugins.rules)
 * 1:18246 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Fax Services Cover Page Editor overflow attempt (os-windows.rules)
 * 1:18247 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious User-Agent ErrCode - W32/Fujacks.htm (malware-cnc.rules)
 * 1:18248 <-> DISABLED <-> SERVER-OTHER Unisys Business Information Server stack buffer overflow attempt (server-other.rules)
 * 1:18249 <-> DISABLED <-> PROTOCOL-ICMP Microsoft Windows Ipv6pHandleRouterAdvertisement Route Information stack buffer overflow attempt  (protocol-icmp.rules)
 * 1:1825 <-> DISABLED <-> SERVER-WEBAPP AlienForm af.cgi access (server-webapp.rules)
 * 1:18250 <-> DISABLED <-> BROWSER-FIREFOX Mozilla products EscapeAttributeValue integer overflow attempt (browser-firefox.rules)
 * 1:1826 <-> DISABLED <-> SERVER-WEBAPP WEB-INF access (server-webapp.rules)
 * 1:18261 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Javascript engine String.toSource memory corruption attempt (browser-firefox.rules)
 * 1:18262 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Javascript engine function arguments memory corruption attempt (browser-firefox.rules)
 * 1:18263 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Javascript deleted frame or window reference attempt (browser-firefox.rules)
 * 1:18264 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Javascript deleted frame or window reference attempt (browser-firefox.rules)
 * 1:18265 <-> DISABLED <-> FILE-OFFICE Microsoft Office thumbnail bitmap invalid biClrUsed attempt (file-office.rules)
 * 1:18266 <-> DISABLED <-> OS-WINDOWS DCERPC NCADG-IP-UDP rpcss2_RemoteGetClassObject attempt (os-windows.rules)
 * 1:18267 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP rpcss2_RemoteGetClassObject attempt (os-windows.rules)
 * 1:1827 <-> DISABLED <-> SERVER-APACHE Apache Tomcat servlet mapping cross site scripting attempt (server-apache.rules)
 * 1:18273 <-> ENABLED <-> FILE-IDENTIFY BAT file download request (file-identify.rules)
 * 1:18274 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Mail file download request (file-identify.rules)
 * 1:18276 <-> DISABLED <-> FILE-OTHER Microsoft Data Access Components library attempt (file-other.rules)
 * 1:18277 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Vista Backup Tool fveapi.dll dll-load exploit attempt (os-windows.rules)
 * 1:18278 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Vista Backup Tool request for fveapi.dll over SMB attempt (os-windows.rules)
 * 1:18279 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Karagany.A variant outbound connection (malware-cnc.rules)
 * 1:1828 <-> DISABLED <-> SERVER-WEBAPP iPlanet Search directory traversal attempt (server-webapp.rules)
 * 1:18280 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer oversize recordset object cache size exploit attempt (browser-ie.rules)
 * 1:18281 <-> DISABLED <-> MALWARE-CNC Win.Trojan.VB.njz variant outbound connection (malware-cnc.rules)
 * 1:18282 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer drag-and-drop vulnerability (browser-ie.rules)
 * 1:18283 <-> DISABLED <-> SERVER-APACHE Oracle WebLogic Apache Connector buffer overflow attempt (server-apache.rules)
 * 1:18284 <-> DISABLED <-> FILE-OFFICE Microsoft Office XP URL Handling Buffer Overflow attempt (file-office.rules)
 * 1:18285 <-> DISABLED <-> SERVER-OTHER BrightStor ARCserve backup tape engine buffer overflow attempt (server-other.rules)
 * 1:18286 <-> DISABLED <-> BROWSER-FIREFOX Mozilla products element style change memory corruption code execution attempt (browser-firefox.rules)
 * 1:1829 <-> DISABLED <-> SERVER-APACHE Apache Tomcat TroubleShooter servlet access (server-apache.rules)
 * 1:18291 <-> DISABLED <-> SERVER-OTHER Arkeia Network Backup Client Buffer Overflow Type 77 Attempt (server-other.rules)
 * 1:18292 <-> DISABLED <-> SERVER-OTHER Arkeia Network Backup Client Buffer Overflow Type 84 Attempt (server-other.rules)
 * 1:18293 <-> DISABLED <-> SERVER-WEBAPP Secure Backup login.php uname variable based command injection attempt (server-webapp.rules)
 * 1:18294 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit floating point buffer overflow attempt (browser-webkit.rules)
 * 1:18295 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit floating point buffer overflow attempt (browser-webkit.rules)
 * 1:18296 <-> DISABLED <-> BROWSER-FIREFOX Mozilla products frame comment objects manipulation memory corruption attempt (browser-firefox.rules)
 * 1:18297 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Comctl32.dll third-party SVG viewer heap overflow attempt (os-windows.rules)
 * 1:18298 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox Javascript large regex memory corruption attempt (browser-firefox.rules)
 * 1:18299 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer implicit drag and drop file installation attempt (browser-ie.rules)
 * 1:1830 <-> DISABLED <-> SERVER-APACHE Apache Tomcat SnoopServlet servlet access (server-apache.rules)
 * 1:18300 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer FTP command injection attempt (browser-ie.rules)
 * 1:18301 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox GeckoActiveXObject memory corruption attempt (browser-firefox.rules)
 * 1:18302 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox new function garbage collection remote code execution attempt (browser-firefox.rules)
 * 1:18303 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer script action handler overflow attempt (browser-ie.rules)
 * 1:18304 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer span tag memory corruption attempt (browser-ie.rules)
 * 1:18305 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer span tag memory corruption attempt (browser-ie.rules)
 * 1:18306 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer span tag memory corruption attempt (browser-ie.rules)
 * 1:18307 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer frameset memory corruption attempt (browser-ie.rules)
 * 1:18308 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader ICC mluc integer overflow attempt (file-pdf.rules)
 * 1:18309 <-> DISABLED <-> OS-WINDOWS Microsoft Vector Markup Language fill method overflow attempt (os-windows.rules)
 * 1:1831 <-> DISABLED <-> SERVER-WEBAPP jigsaw dos attempt (server-webapp.rules)
 * 1:18310 <-> DISABLED <-> FILE-OFFICE Microsoft Office RTF parsing remote code execution attempt (file-office.rules)
 * 1:18311 <-> DISABLED <-> SERVER-WEBAPP Novell iManager getMultiPartParameters arbitrary file upload attempt (server-webapp.rules)
 * 1:18312 <-> DISABLED <-> SERVER-OTHER Subversion 1.0.2 get-dated-rev buffer overflow attempt (server-other.rules)
 * 1:18313 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer createTextRange code execution attempt (browser-ie.rules)
 * 1:18315 <-> DISABLED <-> OS-WINDOWS DCERPC NCACN-IP-TCP wkssvc NetrValidateName2 overflow attempt (os-windows.rules)
 * 1:18317 <-> DISABLED <-> SERVER-MAIL Ipswitch IMail RCPT TO proxy overflow attempt (server-mail.rules)
 * 1:18319 <-> DISABLED <-> SERVER-SAMBA Samba DCERPC NCACN-IP-TCP lsarpc LsarLookupSids lsa_io_trans_name heap overflow attempt (server-samba.rules)
 * 1:1832 <-> DISABLED <-> POLICY-SOCIAL ICQ forced user addition (policy-social.rules)
 * 1:18320 <-> DISABLED <-> OS-WINDOWS Microsoft Windows WINS association context validation overflow attempt (os-windows.rules)
 * 1:18321 <-> DISABLED <-> BROWSER-PLUGINS SonicWall Aventail EPInterrogator ActiveX clsid access (browser-plugins.rules)
 * 1:18322 <-> DISABLED <-> BROWSER-PLUGINS SonicWall Aventail EPInterrogator ActiveX function call access (browser-plugins.rules)
 * 1:18323 <-> DISABLED <-> BROWSER-PLUGINS SonicWall Aventail EPInstaller ActiveX clsid access (browser-plugins.rules)
 * 1:18324 <-> DISABLED <-> BROWSER-PLUGINS SonicWall Aventail EPInstaller ActiveX function call access (browser-plugins.rules)
 * 1:18325 <-> DISABLED <-> BROWSER-PLUGINS Image Viewer CP Gold 6 ActiveX clsid access (browser-plugins.rules)
 * 1:18326 <-> DISABLED <-> PROTOCOL-FTP ProFTPD mod_site_misc module directory traversal attempt (protocol-ftp.rules)
 * 1:18327 <-> DISABLED <-> PROTOCOL-SCADA Kingview HMI heap overflow attempt (protocol-scada.rules)
 * 1:18329 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows WMI Administrator Tools Object Viewer ActiveX function call access (browser-plugins.rules)
 * 1:18331 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio DXF variable name overflow attempt (file-office.rules)
 * 1:18332 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox JS Web Worker arbitrary code execution attempt (browser-firefox.rules)
 * 1:18333 <-> DISABLED <-> SERVER-WEBAPP phpBook date command execution attempt (server-webapp.rules)
 * 1:18334 <-> DISABLED <-> SERVER-WEBAPP phpBook mail command execution attempt (server-webapp.rules)
 * 1:18335 <-> DISABLED <-> OS-WINDOWS Microsoft Windows MHTML XSS attempt (os-windows.rules)
 * 1:18336 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string gbot/2.3 (malware-cnc.rules)
 * 1:18337 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string iamx/3.11 (malware-cnc.rules)
 * 1:18338 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string NSISDL/1.2 (malware-cnc.rules)
 * 1:1834 <-> DISABLED <-> SERVER-WEBAPP PHP-Wiki cross site scripting attempt (server-webapp.rules)
 * 1:18340 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string ClickAdsByIE 0.7.5 (malware-cnc.rules)
 * 1:18341 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string UtilMind HTTPGet (malware-cnc.rules)
 * 1:18342 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string NSIS_DOWNLOAD (malware-cnc.rules)
 * 1:18343 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string WSEnrichment (malware-cnc.rules)
 * 1:18345 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string Macrovision_DM_2.4.15 (malware-cnc.rules)
 * 1:18346 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string GPRecover (malware-cnc.rules)
 * 1:18347 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string AutoIt (malware-cnc.rules)
 * 1:18348 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string Opera/9.80 Pesto/2.2.15 (malware-cnc.rules)
 * 1:18349 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string Flipopia (malware-cnc.rules)
 * 1:1835 <-> DISABLED <-> SERVER-WEBAPP Macromedia SiteSpring cross site scripting attempt (server-webapp.rules)
 * 1:18350 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string GabPath (malware-cnc.rules)
 * 1:18351 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string GPUpdater (malware-cnc.rules)
 * 1:18352 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string PinballCorp-BSAI/VER_STR_COMMA (malware-cnc.rules)
 * 1:18353 <-> DISABLED <-> MALWARE-CNC User-Agent request for known PUA user agent - SelectRebates (malware-cnc.rules)
 * 1:18354 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string opera/8.11 (malware-cnc.rules)
 * 1:18355 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string Se2011 (malware-cnc.rules)
 * 1:18356 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string random (malware-cnc.rules)
 * 1:18357 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string Setup Factory (malware-cnc.rules)
 * 1:18358 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string NSIS_INETLOAD (malware-cnc.rules)
 * 1:18359 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string Shareaza (malware-cnc.rules)
 * 1:18360 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string Oncues (malware-cnc.rules)
 * 1:18361 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string Downloader1.1 (malware-cnc.rules)
 * 1:18362 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string Search Toolbar 1.1 (malware-cnc.rules)
 * 1:18363 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string GPRecover (malware-cnc.rules)
 * 1:18364 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string msndown (malware-cnc.rules)
 * 1:18365 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string Agentcc (malware-cnc.rules)
 * 1:18366 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string OCInstaller (malware-cnc.rules)
 * 1:18367 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string FPRecover (malware-cnc.rules)
 * 1:18368 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string Our_Agent (malware-cnc.rules)
 * 1:18369 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string iexp-get (malware-cnc.rules)
 * 1:18370 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string Mozilla Windows MSIE (malware-cnc.rules)
 * 1:18371 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string QvodDown (malware-cnc.rules)
 * 1:18373 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string Installer (malware-cnc.rules)
 * 1:18374 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string SurfBear (malware-cnc.rules)
 * 1:18375 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string HTTP Wininet (malware-cnc.rules)
 * 1:18376 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string Trololo (malware-cnc.rules)
 * 1:18377 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string malware (malware-cnc.rules)
 * 1:18378 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string AutoHotkey (malware-cnc.rules)
 * 1:18379 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string AskInstallChecker (malware-cnc.rules)
 * 1:1838 <-> DISABLED <-> SERVER-OTHER SSH server banner overflow (server-other.rules)
 * 1:18380 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string FPUpdater (malware-cnc.rules)
 * 1:18381 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string Travel Update (malware-cnc.rules)
 * 1:18382 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string WMUpdate (malware-cnc.rules)
 * 1:18383 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string GPInstaller (malware-cnc.rules)
 * 1:18385 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string HTTPCSDCENTER (malware-cnc.rules)
 * 1:18386 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string AHTTPConnection (malware-cnc.rules)
 * 1:18387 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string dwplayer (malware-cnc.rules)
 * 1:18388 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string RookIE/1.0 (malware-cnc.rules)
 * 1:18389 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string 3653Client (malware-cnc.rules)
 * 1:1839 <-> DISABLED <-> SERVER-WEBAPP mailman cross site scripting attempt (server-webapp.rules)
 * 1:18390 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string Delphi 5.x (malware-cnc.rules)
 * 1:18391 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string MyLove (malware-cnc.rules)
 * 1:18392 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string qixi (malware-cnc.rules)
 * 1:18393 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string vyre32 (malware-cnc.rules)
 * 1:18394 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string OCRecover (malware-cnc.rules)
 * 1:18395 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string Duckling/1.0 (malware-cnc.rules)
 * 1:18396 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Hypervisor OS-WINDOWS vfd download attempt (os-windows.rules)
 * 1:18397 <-> DISABLED <-> SERVER-OTHER HP DDMI Agent spoofing - command execution (server-other.rules)
 * 1:18398 <-> DISABLED <-> FILE-OFFICE Microsoft Office thumbnail bitmap invalid biClrUsed attempt (file-office.rules)
 * 1:18399 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel BRAI record remote code execution attempt (file-office.rules)
 * 1:1840 <-> DISABLED <-> FILE-JAVA Oracle Javascript document.domain attempt (file-java.rules)
 * 1:18400 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CRSS local process allowed to persist through logon or logoff attempt (os-windows.rules)
 * 1:18401 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Base64 encoded script overflow attempt (browser-ie.rules)
 * 1:18402 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD Adobe font driver remote code execution attempt (file-other.rules)
 * 1:18403 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Data Source Object memory corruption attempt (browser-ie.rules)
 * 1:18404 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer document.insertBefore memory corruption attempt (browser-ie.rules)
 * 1:18405 <-> ENABLED <-> OS-WINDOWS Microsoft Windows LSASS domain name buffer overflow attempt (os-windows.rules)
 * 1:18406 <-> DISABLED <-> FILE-OTHER Microsoft Windows Server 2003 update service principal name spn dos executable attempt (file-other.rules)
 * 1:18407 <-> DISABLED <-> FILE-OTHER Microsoft Windows Server 2003 update service principal name spn dos attempt (file-other.rules)
 * 1:18408 <-> DISABLED <-> OS-WINDOWS Microsoft Windows WMI tracing api integer truncation attempt (os-windows.rules)
 * 1:18409 <-> DISABLED <-> OS-WINDOWS Microsoft Windows win32k.sys write message to dead thread code execution attempt (os-windows.rules)
 * 1:1841 <-> DISABLED <-> BROWSER-FIREFOX Mozilla 1.0 Javascript arbitrary cookie access attempt (browser-firefox.rules)
 * 1:18410 <-> DISABLED <-> OS-WINDOWS Microsoft Windows win32k.sys write message to dead thread code execution attempt (os-windows.rules)
 * 1:18411 <-> DISABLED <-> OS-WINDOWS Microsoft Windows win32k!xxxTrackPopupMenuEx privilege escalation attempt (os-windows.rules)
 * 1:18412 <-> DISABLED <-> OS-WINDOWS Microsoft Windows win32k!xxxTrackPopupMenuEx privilege escalation attempt (os-windows.rules)
 * 1:18413 <-> DISABLED <-> OS-WINDOWS Microsoft Windows WMI tracing api integer truncation attempt (os-windows.rules)
 * 1:18414 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Kerberos auth downgrade to DES MITM attempt (os-windows.rules)
 * 1:18415 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio deserialization double free attempt (file-office.rules)
 * 1:18416 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio ORMinfo classes length overflow attempt (file-office.rules)
 * 1:18417 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio ORMinfo classes length overflow attempt (file-office.rules)
 * 1:18418 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript apply function memory corruption attempt (file-flash.rules)
 * 1:18419 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader field flags exploit attempt (file-pdf.rules)
 * 1:1842 <-> DISABLED <-> PROTOCOL-IMAP login buffer overflow attempt (protocol-imap.rules)
 * 1:18420 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript ASnative function remote code execution attempt (file-flash.rules)
 * 1:18421 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript beginGradientFill memory corruption attempt (file-flash.rules)
 * 1:18426 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Reader plugin sqlite.dll dll-load exploit attempt (file-other.rules)
 * 1:1843 <-> DISABLED <-> MALWARE-BACKDOOR trinity connection attempt (malware-backdoor.rules)
 * 1:18431 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader plugin sqlite.dll dll-load exploit attempt (file-pdf.rules)
 * 1:18432 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader d3dref9.dll dll-load exploit attempt (file-pdf.rules)
 * 1:18433 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Reader d3dref9.dll dll-load exploit attempt (file-other.rules)
 * 1:18434 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Reader plugin ace.dll dll-load exploit attempt (file-other.rules)
 * 1:18435 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Reader plugin agm.dll dll-load exploit attempt (file-other.rules)
 * 1:18436 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Reader plugin bibutils.dll dll-load exploit attempt (file-other.rules)
 * 1:18437 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Reader plugin cooltype.dll dll-load exploit attempt (file-other.rules)
 * 1:18438 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Reader plugin cryptocme2.dll dll-load exploit attempt (file-other.rules)
 * 1:18439 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader plugin ace.dll dll-load exploit attempt (file-pdf.rules)
 * 1:1844 <-> DISABLED <-> PROTOCOL-IMAP authenticate overflow attempt (protocol-imap.rules)
 * 1:18440 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader plugin agm.dll dll-load exploit attempt (file-pdf.rules)
 * 1:18441 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader plugin bibutils.dll dll-load exploit attempt (file-pdf.rules)
 * 1:18442 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader plugin cooltype.dll dll-load exploit attempt (file-pdf.rules)
 * 1:18443 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader plugin cryptocme2.dll dll-load exploit attempt (file-pdf.rules)
 * 1:18444 <-> DISABLED <-> FILE-FLASH Adobe Flash Player forged atom type attempt (file-flash.rules)
 * 1:18445 <-> DISABLED <-> FILE-FLASH Adobe Acrobat Flash Player nvapi.dll dll-load exploit attempt (file-flash.rules)
 * 1:18446 <-> DISABLED <-> FILE-FLASH Adobe Acrobat Flash Player nvapi.dll dll-load exploit attempt (file-flash.rules)
 * 1:18447 <-> DISABLED <-> FILE-FLASH Adobe OpenAction crafted URI action thru Firefox attempt (file-flash.rules)
 * 1:18448 <-> DISABLED <-> FILE-PDF Adobe Acrobat Universal 3D stream memory corruption attempt (file-pdf.rules)
 * 1:18449 <-> DISABLED <-> FILE-OTHER Adobe Acrobat font definition memory corruption attempt (file-other.rules)
 * 1:1845 <-> DISABLED <-> PROTOCOL-IMAP list literal overflow attempt (protocol-imap.rules)
 * 1:18450 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed BMP RGBQUAD attempt (file-pdf.rules)
 * 1:18451 <-> DISABLED <-> FILE-PDF Adobe Acrobat ICC color integer overflow attempt (file-pdf.rules)
 * 1:18452 <-> DISABLED <-> FILE-OTHER Adobe malicious IFF memory corruption attempt (file-other.rules)
 * 1:18453 <-> DISABLED <-> FILE-PDF Adobe Acrobat universal 3D format memory corruption attempt (file-pdf.rules)
 * 1:18454 <-> DISABLED <-> FILE-PDF Adobe Acrobat universal 3D format memory corruption attempt (file-pdf.rules)
 * 1:18455 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed jpeg2000 superbox attempt (file-pdf.rules)
 * 1:18456 <-> DISABLED <-> FILE-PDF Adobe Acrobat XML entity escape attempt (file-pdf.rules)
 * 1:18457 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader U3D rgba parsing overflow attempt (file-pdf.rules)
 * 1:18458 <-> DISABLED <-> MALWARE-CNC Night Dragon initial beacon (malware-cnc.rules)
 * 1:18459 <-> DISABLED <-> MALWARE-CNC Night Dragon keepalive message (malware-cnc.rules)
 * 1:1846 <-> DISABLED <-> POLICY-MULTIMEDIA vncviewer Java applet download attempt (policy-multimedia.rules)
 * 1:18460 <-> DISABLED <-> SERVER-WEBAPP Symantec Alert Management System pin number buffer overflow attempt (server-webapp.rules)
 * 1:18461 <-> DISABLED <-> SERVER-MAIL IBM Lotus Domino nrouter.exe iCalendar MAILTO stack buffer overflow attempt (server-mail.rules)
 * 1:18462 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 2003 browser election remote heap overflow attempt (os-windows.rules)
 * 1:18463 <-> DISABLED <-> FILE-OTHER Microsoft Windows MPEG Layer-3 audio heap corruption attempt (file-other.rules)
 * 1:18464 <-> DISABLED <-> SERVER-WEBAPP Adobe ColdFusion locale directory traversal attempt (server-webapp.rules)
 * 1:18465 <-> DISABLED <-> SERVER-WEBAPP FreePBX recording interface file upload code execution attempt (server-webapp.rules)
 * 1:18466 <-> DISABLED <-> SERVER-WEBAPP raSMP User-Agent XSS injection attempt (server-webapp.rules)
 * 1:18467 <-> DISABLED <-> SERVER-WEBAPP raSMP User-Agent XSS injection attempt (server-webapp.rules)
 * 1:18469 <-> DISABLED <-> CONTENT-REPLACE Microsoft Windows Encrypted DCERPC request attempt (content-replace.rules)
 * 1:1847 <-> DISABLED <-> SERVER-WEBAPP webalizer access (server-webapp.rules)
 * 1:18470 <-> DISABLED <-> SERVER-WEBAPP Java floating point number denial of service - via URI (server-webapp.rules)
 * 1:18471 <-> DISABLED <-> SERVER-WEBAPP Java floating point number denial of service - via POST (server-webapp.rules)
 * 1:18472 <-> DISABLED <-> NETBIOS DCERPC NCACN-IP-TCP lsarpc LsarLookupSids lsa_io_trans_name heap overflow attempt (netbios.rules)
 * 1:18473 <-> DISABLED <-> PROTOCOL-ICMP ICMPv6 Echo Reply (protocol-icmp.rules)
 * 1:18474 <-> DISABLED <-> PROTOCOL-ICMP ICMPv6 Echo Request (protocol-icmp.rules)
 * 1:18475 <-> DISABLED <-> SERVER-WEBAPP HP Openview OvWebHelp.exe buffer overflow (server-webapp.rules)
 * 1:18476 <-> DISABLED <-> SERVER-MAIL IBM Lotus Notes DOC attachment viewer buffer overflow (server-mail.rules)
 * 1:18477 <-> DISABLED <-> SERVER-MAIL Lotus Notes MIF viewer statement data overflow 2 (server-mail.rules)
 * 1:18478 <-> DISABLED <-> SERVER-WEBAPP miniBB rss.php premodDir remote file include attempt (server-webapp.rules)
 * 1:18479 <-> DISABLED <-> SERVER-WEBAPP miniBB rss.php pathToFiles remote file include attempt (server-webapp.rules)
 * 1:1848 <-> DISABLED <-> SERVER-WEBAPP webcart-lite access (server-webapp.rules)
 * 1:18480 <-> DISABLED <-> SERVER-WEBAPP HP openview network node manager ovlogin.exe buffer overflow - userid parameter (server-webapp.rules)
 * 1:18481 <-> DISABLED <-> SERVER-WEBAPP HP openview network node manager ovlogin.exe buffer overflow - password parameter (server-webapp.rules)
 * 1:18482 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer History.go method double free corruption attempt (browser-ie.rules)
 * 1:18484 <-> DISABLED <-> FILE-MULTIMEDIA Apple iTunes Playlist Overflow Attempt (file-multimedia.rules)
 * 1:18485 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox JavaScript handler race condition memory corruption attempt (browser-firefox.rules)
 * 1:18486 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox JavaScript handler race condition memory corruption attempt (browser-firefox.rules)
 * 1:18487 <-> DISABLED <-> SERVER-OTHER Ingres Database iidbms heap overflow attempt (server-other.rules)
 * 1:18488 <-> DISABLED <-> FILE-OTHER Adobe Photoshop wintab32.dll dll-load exploit attempt (file-other.rules)
 * 1:18489 <-> DISABLED <-> FILE-OTHER Adobe Photoshop request for wintab32.dll over SMB attempt (file-other.rules)
 * 1:1849 <-> DISABLED <-> SERVER-WEBAPP webfind.exe access (server-webapp.rules)
 * 1:18490 <-> DISABLED <-> BROWSER-PLUGINS Whale Client Components ActiveX clsid access (browser-plugins.rules)
 * 1:18491 <-> DISABLED <-> BROWSER-PLUGINS Whale Client Components ActiveX ProgID access (browser-plugins.rules)
 * 1:18493 <-> DISABLED <-> INDICATOR-OBFUSCATION generic PHP code obfuscation attempt (indicator-obfuscation.rules)
 * 1:18494 <-> DISABLED <-> OS-WINDOWS Microsoft product .dll dll-load exploit attempt (os-windows.rules)
 * 1:18495 <-> DISABLED <-> OS-WINDOWS Microsoft product .dll dll-load exploit attempt (os-windows.rules)
 * 1:18496 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Player and shell extension ehtrace.dll dll-load exploit attempt (os-windows.rules)
 * 1:18497 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Media Player and shell extension request for ehtrace.dll over SMB attempt (os-windows.rules)
 * 1:18498 <-> DISABLED <-> FILE-OTHER Microsoft Media Player dvr-ms file parsing remote code execution attempt (file-other.rules)
 * 1:18499 <-> DISABLED <-> OS-WINDOWS Microsoft Groove mso.dll dll-load exploit attempt (os-windows.rules)
 * 1:185 <-> DISABLED <-> MALWARE-BACKDOOR CDK (malware-backdoor.rules)
 * 1:1850 <-> DISABLED <-> SERVER-WEBAPP way-board.cgi access (server-webapp.rules)
 * 1:18500 <-> DISABLED <-> OS-WINDOWS Microsoft Groove mso.dll dll-load exploit attempt (os-windows.rules)
 * 1:18501 <-> DISABLED <-> OS-WINDOWS Microsoft Malware Protection Engine elevation of privilege attempt (os-windows.rules)
 * 1:18502 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript Actionlf out of range negative offset attempt (file-flash.rules)
 * 1:18503 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript flash.geom.Point constructor memory corruption attempt (file-flash.rules)
 * 1:18504 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionConstantPool overflow attempt (file-flash.rules)
 * 1:18505 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionPush overflow attempt (file-flash.rules)
 * 1:18506 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader CCITT stream compression filter invalid image size heap overflow attempt (file-pdf.rules)
 * 1:18507 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader CCITT stream compression filter invalid image size heap overflow attempt (file-pdf.rules)
 * 1:18508 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari WebKit ParentStyleSheet exploit attempt (browser-webkit.rules)
 * 1:18509 <-> DISABLED <-> SERVER-OTHER PeerCast format string exploit attempt (server-other.rules)
 * 1:1851 <-> DISABLED <-> SERVER-WEBAPP active.log access (server-webapp.rules)
 * 1:18510 <-> DISABLED <-> FILE-IMAGE Apple QuickTime FlashPix Movie file integer overflow attempt (file-image.rules)
 * 1:18511 <-> DISABLED <-> SERVER-OTHER Sourcefire Snort packet fragmentation reassembly denial of service attempt (server-other.rules)
 * 1:18512 <-> DISABLED <-> SERVER-OTHER Novell ZENworks Remote Management overflow attempt (server-other.rules)
 * 1:18513 <-> DISABLED <-> SERVER-MYSQL yaSSL SSL Hello Message Buffer Overflow attempt (server-mysql.rules)
 * 1:18514 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed shapeid arbitrary code execution attempt (file-office.rules)
 * 1:18515 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio VSD file icon memory corruption attempt (file-office.rules)
 * 1:18516 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Word file download request (file-identify.rules)
 * 1:18517 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer long URL buffer overflow attempt (browser-ie.rules)
 * 1:18518 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML comment creation attempt (browser-ie.rules)
 * 1:18519 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML element creation attempt (browser-ie.rules)
 * 1:1852 <-> DISABLED <-> SERVER-WEBAPP robots.txt access (server-webapp.rules)
 * 1:18520 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML exploit attempt (browser-ie.rules)
 * 1:18521 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML element creation attempt (browser-ie.rules)
 * 1:18522 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML element creation attempt (browser-ie.rules)
 * 1:18523 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML exploit attempt (browser-ie.rules)
 * 1:18524 <-> DISABLED <-> SERVER-OTHER Multiple vendor anti-virus extended ASCII filename scan bypass attempt (server-other.rules)
 * 1:18525 <-> DISABLED <-> SERVER-OTHER Lotus Domino LDAP Heap Buffer Overflow Attempt (server-other.rules)
 * 1:18526 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader shell metacharacter code execution attempt (file-pdf.rules)
 * 1:18527 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader shell metacharacter code execution attempt (file-pdf.rules)
 * 1:18528 <-> DISABLED <-> SERVER-ORACLE Oracle TimesTen In-Memory Database HTTP request denial of service attempt (server-oracle.rules)
 * 1:18529 <-> DISABLED <-> FILE-OTHER Adobe Premiere Pro ibfs32.dll dll-load exploit attempt (file-other.rules)
 * 1:1853 <-> DISABLED <-> MALWARE-BACKDOOR win-trin00 connection attempt (malware-backdoor.rules)
 * 1:18530 <-> DISABLED <-> FILE-OTHER Adobe Premier Pro ibfs32.dll dll-load exploit attempt (file-other.rules)
 * 1:18531 <-> DISABLED <-> SERVER-OTHER Multiple Vendors iacenc.dll dll-load exploit attempt (server-other.rules)
 * 1:18532 <-> DISABLED <-> OS-WINDOWS Multiple Vendors request for iacenc.dll over SMB attempt (os-windows.rules)
 * 1:18533 <-> DISABLED <-> SERVER-OTHER MIT Kerberos KDC authentication denial of service attempt (server-other.rules)
 * 1:18534 <-> DISABLED <-> SERVER-OTHER MIT Kerberos KDC authentication denial of service attempt (server-other.rules)
 * 1:18535 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word file sprmTSetBrc processing buffer overflow attempt (file-office.rules)
 * 1:18536 <-> DISABLED <-> FILE-OFFICE OpenOffice.org Microsoft Office Word file processing integer underflow attempt (file-office.rules)
 * 1:18537 <-> DISABLED <-> FILE-OTHER OpenOffice.org XPM file processing integer overflow attempt (file-other.rules)
 * 1:18538 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel PtgName invalid index exploit attempt (file-office.rules)
 * 1:18539 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer event handling remote code execution attempt (browser-ie.rules)
 * 1:1854 <-> DISABLED <-> PROTOCOL-ICMP Stacheldraht handler->agent niggahbitch (protocol-icmp.rules)
 * 1:18541 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel 2007 invalid comments.xml uninitialized pointer access attempt (file-office.rules)
 * 1:18542 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Media Player ActiveX unknown compression algorithm use after free attempt (browser-plugins.rules)
 * 1:18543 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules)
 * 1:18544 <-> DISABLED <-> FILE-FLASH embedded Shockwave dropper in email attachment (file-flash.rules)
 * 1:18545 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel with embedded Flash file transfer (file-office.rules)
 * 1:18546 <-> ENABLED <-> FILE-OFFICE Microsoft Office Word with embedded Flash file transfer (file-office.rules)
 * 1:18547 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint with embedded Flash file transfer (file-office.rules)
 * 1:18548 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel with embedded Flash file attachment (file-office.rules)
 * 1:18549 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word with embedded Flash file attachment (file-office.rules)
 * 1:1855 <-> DISABLED <-> PROTOCOL-ICMP Stacheldraht agent->handler skillz (protocol-icmp.rules)
 * 1:18550 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint with embedded Flash file attachment (file-office.rules)
 * 1:18555 <-> DISABLED <-> SERVER-OTHER VERITAS NetBackup java authentication service format string exploit attempt (server-other.rules)
 * 1:18556 <-> DISABLED <-> SERVER-WEBAPP Symantec IM manager IMAdminReportTrendFormRun.asp sql injection attempt (server-webapp.rules)
 * 1:18557 <-> DISABLED <-> PROTOCOL-RPC IBM Informix Dynamic Server librpc.dll buffer overflow attempt (protocol-rpc.rules)
 * 1:18558 <-> DISABLED <-> PROTOCOL-RPC IBM Informix Dynamic Server librpc.dll buffer overflow attempt (protocol-rpc.rules)
 * 1:18559 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Performance Insight Server backdoor account code execution attempt (server-webapp.rules)
 * 1:1856 <-> DISABLED <-> PROTOCOL-ICMP Stacheldraht handler->agent ficken (protocol-icmp.rules)
 * 1:18560 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Performance Insight Server backdoor account code execution attempt (server-webapp.rules)
 * 1:18561 <-> DISABLED <-> FILE-IMAGE Apple QuickTime PICT file overread buffer overflow attempt (file-image.rules)
 * 1:18562 <-> DISABLED <-> MALWARE-CNC RogueSoftware.Win32.LivePcCare variant outbound connection (malware-cnc.rules)
 * 1:18563 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Gaboc variant outbound connection (malware-cnc.rules)
 * 1:18564 <-> DISABLED <-> MALWARE-CNC RussKill botnet variant outbound connection (malware-cnc.rules)
 * 1:18565 <-> DISABLED <-> INDICATOR-COMPROMISE fraudulent digital certificate for mail.google.com detected (indicator-compromise.rules)
 * 1:18566 <-> DISABLED <-> INDICATOR-COMPROMISE fraudulent digital certificate for www.google.com detected (indicator-compromise.rules)
 * 1:18567 <-> DISABLED <-> INDICATOR-COMPROMISE fraudulent digital certificate for login.yahoo.com detected (indicator-compromise.rules)
 * 1:18568 <-> DISABLED <-> INDICATOR-COMPROMISE fraudulent digital certificate for login.yahoo.com detected (indicator-compromise.rules)
 * 1:18569 <-> DISABLED <-> INDICATOR-COMPROMISE fraudulent digital certificate for login.yahoo.com detected (indicator-compromise.rules)
 * 1:1857 <-> DISABLED <-> SERVER-WEBAPP robot.txt access (server-webapp.rules)
 * 1:18570 <-> DISABLED <-> INDICATOR-COMPROMISE fraudulent digital certificate for login.skype.com detected (indicator-compromise.rules)
 * 1:18571 <-> DISABLED <-> INDICATOR-COMPROMISE fraudulent digital certificate for addons.mozilla.org detected (indicator-compromise.rules)
 * 1:18572 <-> DISABLED <-> INDICATOR-COMPROMISE fraudulent digital certificate for login.live.com detected (indicator-compromise.rules)
 * 1:18573 <-> DISABLED <-> INDICATOR-COMPROMISE fraudulent digital certificate for global trustee detected (indicator-compromise.rules)
 * 1:18574 <-> DISABLED <-> SERVER-MAIL RCPT TO overflow (server-mail.rules)
 * 1:18575 <-> DISABLED <-> PROTOCOL-FTP Computer Associates eTrust Secure Content Manager LIST stack overflow attempt (protocol-ftp.rules)
 * 1:18576 <-> DISABLED <-> INDICATOR-COMPROMISE fraudulent digital certificate from usertrust.com detected (indicator-compromise.rules)
 * 1:18577 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.agum variant outbound connection (malware-cnc.rules)
 * 1:18578 <-> DISABLED <-> BROWSER-PLUGINS RealNetworks RealPlayer RMOC3260.DLL cdda URI overflow attempt (browser-plugins.rules)
 * 1:18579 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager OpenView5 CGI buffer overflow attempt (server-webapp.rules)
 * 1:1858 <-> DISABLED <-> SERVER-WEBAPP CISCO PIX Firewall Manager directory traversal attempt (server-webapp.rules)
 * 1:18580 <-> DISABLED <-> PROTOCOL-FTP ACCT overflow attempt (protocol-ftp.rules)
 * 1:18581 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Provisioning Manager long URI request buffer overflow attempt (server-other.rules)
 * 1:18582 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Provisioning Manager long URI request buffer overflow attempt (server-other.rules)
 * 1:18583 <-> DISABLED <-> FILE-IMAGE Microsoft Windows wmf integer overflow attempt (file-image.rules)
 * 1:18585 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed TIFF remote code execution attempt (file-pdf.rules)
 * 1:18586 <-> DISABLED <-> SERVER-WEBAPP Visuplay CMS news_article.php unspecified SQL injection attempt  (server-webapp.rules)
 * 1:18587 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 267 buffer overflow attempt (server-other.rules)
 * 1:18588 <-> DISABLED <-> PROTOCOL-FTP Ipswitch Ws_ftp XCRC overflow attempt (protocol-ftp.rules)
 * 1:18589 <-> DISABLED <-> SERVER-OTHER Novell Client NetIdentity Agent remote arbitrary pointer dereference code execution attempt (server-other.rules)
 * 1:1859 <-> DISABLED <-> SERVER-WEBAPP Oracle JavaServer default password login attempt (server-webapp.rules)
 * 1:18590 <-> DISABLED <-> OS-WINDOWS Outlook Express WAB file parsing buffer overflow attempt (os-windows.rules)
 * 1:18591 <-> DISABLED <-> FILE-OTHER CoolPlayer Playlist File Handling Buffer Overflow (file-other.rules)
 * 1:18592 <-> DISABLED <-> BROWSER-PLUGINS Yahoo Music Jukebox ActiveX exploit (browser-plugins.rules)
 * 1:18593 <-> ENABLED <-> FILE-IDENTIFY BitTorrent torrent file download request (file-identify.rules)
 * 1:18594 <-> DISABLED <-> BROWSER-PLUGINS Trend Micro Web Deployment ActiveX clsid access (browser-plugins.rules)
 * 1:18595 <-> DISABLED <-> BROWSER-PLUGINS Trend Micro Web Deployment ActiveX clsid access (browser-plugins.rules)
 * 1:18596 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader util.printf buffer overflow attempt (file-pdf.rules)
 * 1:18597 <-> DISABLED <-> BROWSER-OTHER Opera file URI handling buffer overflow (browser-other.rules)
 * 1:18598 <-> DISABLED <-> SERVER-OTHER GoodTech SSH Server SFTP Processing Buffer Overflow (server-other.rules)
 * 1:18599 <-> DISABLED <-> FILE-IMAGE Apple QuickTime PictureViewer buffer overflow attempt (file-image.rules)
 * 1:1860 <-> DISABLED <-> SERVER-WEBAPP Linksys router default password login attempt (server-webapp.rules)
 * 1:18600 <-> DISABLED <-> FILE-IMAGE Apple QuickTime PictureViewer buffer overflow attempt (file-image.rules)
 * 1:18601 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Common Controls Animation Object ActiveX clsid access (browser-plugins.rules)
 * 1:18603 <-> DISABLED <-> SERVER-MAIL IBM Lotus Notes Applix Graphics Parsing Buffer Overflow (server-mail.rules)
 * 1:18604 <-> DISABLED <-> MALWARE-OTHER lizamoon script injection (malware-other.rules)
 * 1:18605 <-> DISABLED <-> PROTOCOL-SCADA Tecnomatix FactoryLink CSService path overflow attempt (protocol-scada.rules)
 * 1:18606 <-> DISABLED <-> PROTOCOL-SCADA Tecnomatix FactoryLink CSService file access attempt (protocol-scada.rules)
 * 1:18607 <-> DISABLED <-> PROTOCOL-SCADA Tecnomatix FactoryLink CSService file information access attempt (protocol-scada.rules)
 * 1:18608 <-> DISABLED <-> APP-DETECT Dropbox desktop software in use (app-detect.rules)
 * 1:18609 <-> DISABLED <-> APP-DETECT Dropbox desktop software in use (app-detect.rules)
 * 1:1861 <-> DISABLED <-> SERVER-WEBAPP Linksys router default username and password login attempt (server-webapp.rules)
 * 1:18610 <-> DISABLED <-> PROTOCOL-SCADA Tecnomatix FactoryLink vrn.exe opcode 9 or 10 string parsing overflow attempt (protocol-scada.rules)
 * 1:18611 <-> DISABLED <-> SERVER-WEBAPP Oracle Java Web Server WebDAV Stack Buffer Overflow attempt (server-webapp.rules)
 * 1:18612 <-> DISABLED <-> SERVER-WEBAPP Oracle Java Web Server WebDAV Stack Buffer Overflow attempt (server-webapp.rules)
 * 1:18613 <-> DISABLED <-> SERVER-WEBAPP Oracle Java Web Server WebDAV Stack Buffer Overflow attempt (server-webapp.rules)
 * 1:18614 <-> DISABLED <-> PROTOCOL-SCADA Tecnomatix FactoryLink vrn.exe file access attempt (protocol-scada.rules)
 * 1:18615 <-> DISABLED <-> FILE-OFFICE Microsoft Works 4.x converter font name buffer overflow attempt (file-office.rules)
 * 1:18616 <-> DISABLED <-> FILE-OFFICE Microsoft Works 4.x converter font name buffer overflow attempt (file-office.rules)
 * 1:18617 <-> DISABLED <-> SERVER-OTHER Tecnomatix FactoryLink CSService null pointer attempt (server-other.rules)
 * 1:18618 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Scar.dpvy/Parkchicers.A/Delf checkin (malware-cnc.rules)
 * 1:18619 <-> DISABLED <-> OS-WINDOWS Microsoft Visual Studio MFC applications mfc40.dll dll-load exploit attempt (os-windows.rules)
 * 1:1862 <-> DISABLED <-> SERVER-WEBAPP mrtg.cgi directory traversal attempt (server-webapp.rules)
 * 1:18620 <-> DISABLED <-> OS-WINDOWS Microsoft Visual Studio MFC applications mfc42.dll dll-load exploit attempt (os-windows.rules)
 * 1:18621 <-> DISABLED <-> OS-WINDOWS Microsoft Visual Studio MFC applications mfc80.dll dll-load exploit attempt (os-windows.rules)
 * 1:18622 <-> DISABLED <-> OS-WINDOWS Microsoft Visual Studio MFC applications mfc90.dll dll-load exploit attempt (os-windows.rules)
 * 1:18623 <-> DISABLED <-> OS-WINDOWS Microsoft Visual Studio MFC applications mfc100.dll dll-load exploit attempt (os-windows.rules)
 * 1:18624 <-> DISABLED <-> OS-WINDOWS Microsoft Windows .NET framework optimizer escalation attempt (os-windows.rules)
 * 1:18625 <-> DISABLED <-> OS-WINDOWS Microsoft Foundation Class applications mfc40.dll dll-load exploit attempt (os-windows.rules)
 * 1:18626 <-> DISABLED <-> OS-WINDOWS Microsoft Foundation Class applications mfc42.dll dll-load exploit attempt (os-windows.rules)
 * 1:18627 <-> DISABLED <-> OS-WINDOWS Microsoft Foundation Class applications mfc80.dll dll-load exploit attempt (os-windows.rules)
 * 1:18628 <-> DISABLED <-> OS-WINDOWS Microsoft Foundation Class applications mfc90.dll dll-load exploit attempt (os-windows.rules)
 * 1:18629 <-> DISABLED <-> OS-WINDOWS Microsoft Foundation Class applications mfc100.dll dll-load exploit attempt (os-windows.rules)
 * 1:18630 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel rtToolbarDef record integer overflow attempt (file-office.rules)
 * 1:18631 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel rtToolbarDef record integer overflow attempt (file-office.rules)
 * 1:18632 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed Label record exploit attempt (file-office.rules)
 * 1:18633 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RealTimeData record memory corruption attempt (file-office.rules)
 * 1:18634 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Workspace file FontCount record memory corruption attempt (file-office.rules)
 * 1:18635 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (file-office.rules)
 * 1:18636 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint SlideAtom record exploit attempt (file-office.rules)
 * 1:18637 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint OfficeArt atom memory corruption attempt (file-office.rules)
 * 1:18638 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel drawing layer use after free attempt (file-office.rules)
 * 1:1864 <-> DISABLED <-> PROTOCOL-FTP SITE NEWER attempt (protocol-ftp.rules)
 * 1:18640 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed SupBook record attempt (file-office.rules)
 * 1:18641 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel OBJ record invalid cmo.ot exploit attempt (file-office.rules)
 * 1:18642 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Converter sprmTSplit overflow attempt (file-office.rules)
 * 1:18643 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word Converter sprmTTextFflow overflow attempt (file-office.rules)
 * 1:18644 <-> DISABLED <-> FILE-OTHER Microsoft Windows OpenType Fonts CompactFontFormat FontMatrix tranform memory corruption attempt (file-other.rules)
 * 1:18645 <-> DISABLED <-> FILE-IMAGE Microsoft Windows GDI+ arbitrary code execution attempt (file-image.rules)
 * 1:18648 <-> DISABLED <-> PROTOCOL-SCADA IGSS IGSSDataServer.exe file upload/download attempt (protocol-scada.rules)
 * 1:18649 <-> DISABLED <-> PROTOCOL-SCADA IGSS IGSSDataServer.exe file operation overflow attempt (protocol-scada.rules)
 * 1:1865 <-> DISABLED <-> SERVER-WEBAPP webdist.cgi arbitrary command attempt (server-webapp.rules)
 * 1:18651 <-> DISABLED <-> PROTOCOL-SCADA IGSS IGSSDataServer.exe report template overflow attempt (protocol-scada.rules)
 * 1:18652 <-> DISABLED <-> PROTOCOL-SCADA IGSS IGSSDataServer.exe report template operation overflow attempt (protocol-scada.rules)
 * 1:18654 <-> DISABLED <-> PROTOCOL-SCADA IGSS IGSSDataServer.exe format string attempt (protocol-scada.rules)
 * 1:18655 <-> DISABLED <-> OS-WINDOWS Microsoft Windows LLMNR invalid reverse name lookup stack corruption attempt (os-windows.rules)
 * 1:18656 <-> DISABLED <-> PROTOCOL-SCADA IGSS IGSSDataServer.exe strep overflow attempt (protocol-scada.rules)
 * 1:18657 <-> DISABLED <-> PROTOCOL-SCADA IGSS dc.exe file execution directory traversal attempt (protocol-scada.rules)
 * 1:18658 <-> DISABLED <-> PROTOCOL-SCADA RealWin 2.1 FC_CONNECT_FCS_LOGIN overflow attempt (protocol-scada.rules)
 * 1:18659 <-> DISABLED <-> PROTOCOL-SCADA RealWin 2.1 SCPC_INITIALIZE overflow attempt (protocol-scada.rules)
 * 1:1866 <-> DISABLED <-> PROTOCOL-POP USER overflow attempt (protocol-pop.rules)
 * 1:18660 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB2 write packet buffer overflow attempt (os-windows.rules)
 * 1:18661 <-> DISABLED <-> OS-WINDOWS Microsoft Windows win32k.sys escalation of privilege attempt (os-windows.rules)
 * 1:18662 <-> DISABLED <-> OS-WINDOWS Microsoft Windows win32k.sys escalation of privilege attempt (os-windows.rules)
 * 1:18663 <-> DISABLED <-> OS-WINDOWS Microsoft Windows win32k.sys escalation of privilege attempt (os-windows.rules)
 * 1:18664 <-> DISABLED <-> OS-WINDOWS Microsoft Windows win32k.sys escalation of privilege attempt (os-windows.rules)
 * 1:18665 <-> DISABLED <-> OS-WINDOWS Microsoft Windows win32k.sys escalation of privilege attempt (os-windows.rules)
 * 1:18666 <-> DISABLED <-> OS-WINDOWS Microsoft Windows win32k.sys escalation of privilege attempt (os-windows.rules)
 * 1:18667 <-> DISABLED <-> OS-WINDOWS Microsoft Windows win32k.sys escalation of privilege attempt (os-windows.rules)
 * 1:18668 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows Messenger ActiveX clsid access (browser-plugins.rules)
 * 1:18669 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer cross-domain object manipulation attempt (browser-ie.rules)
 * 1:1867 <-> DISABLED <-> X11 xdmcp info query (x11.rules)
 * 1:18670 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer object management memory corruption attempt (browser-ie.rules)
 * 1:18671 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer object management memory corruption attempt (browser-ie.rules)
 * 1:18672 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 Developer Tool ActiveX clsid access (browser-ie.rules)
 * 1:18675 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Fax Cover page document file download request (file-identify.rules)
 * 1:18678 <-> DISABLED <-> SERVER-WEBAPP osCommerce categories.php Arbitrary File Upload And Code Execution (server-webapp.rules)
 * 1:18679 <-> DISABLED <-> SERVER-OTHER Oracle Java Applet2ClassLoader Remote Code Execution (server-other.rules)
 * 1:1868 <-> DISABLED <-> SERVER-WEBAPP Interactive Story story.pl arbitrary file read attempt (server-webapp.rules)
 * 1:18680 <-> DISABLED <-> FILE-OFFICE Microsoft Office RTF malformed pfragments field (file-office.rules)
 * 1:18681 <-> DISABLED <-> FILE-PDF transfer of a PDF with embedded JavaScript - JavaScript object detected (file-pdf.rules)
 * 1:18682 <-> DISABLED <-> FILE-PDF transfer of a PDF with OpenAction object attempt (file-pdf.rules)
 * 1:18683 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel file with embedded PDF object (file-office.rules)
 * 1:18684 <-> DISABLED <-> FILE-PDF PDF file with embedded PDF object (file-pdf.rules)
 * 1:18685 <-> DISABLED <-> FILE-OFFICE RTF file with embedded OLE object (file-office.rules)
 * 1:1869 <-> DISABLED <-> SERVER-WEBAPP Interactive Story story.pl access (server-webapp.rules)
 * 1:18691 <-> DISABLED <-> OS-WINDOWS Microsoft Windows AFD.SYS null write attempt (os-windows.rules)
 * 1:1870 <-> DISABLED <-> SERVER-WEBAPP siteUserMod.cgi access (server-webapp.rules)
 * 1:18700 <-> DISABLED <-> MALWARE-CNC Win.Trojan.BHO.argt checkin (malware-cnc.rules)
 * 1:18702 <-> DISABLED <-> FILE-OFFICE Microsoft Office RTF malformed pfragments field (file-office.rules)
 * 1:18703 <-> DISABLED <-> FILE-OFFICE Microsoft Office RTF malformed pfragments field (file-office.rules)
 * 1:18704 <-> DISABLED <-> FILE-OFFICE Microsoft Office RTF malformed second pfragments field (file-office.rules)
 * 1:18705 <-> DISABLED <-> FILE-OFFICE Microsoft Office RTF malformed second pfragments field (file-office.rules)
 * 1:18706 <-> DISABLED <-> FILE-OFFICE Microsoft Office RTF malformed second pfragments field (file-office.rules)
 * 1:18707 <-> DISABLED <-> MALWARE-CNC RogueSoftware.Win32.ControlCenter variant outbound connection (malware-cnc.rules)
 * 1:18708 <-> DISABLED <-> MALWARE-CNC RogueSoftware.Win32.AntivirusSoft variant outbound connection (malware-cnc.rules)
 * 1:18709 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.aufm variant outbound connection (malware-cnc.rules)
 * 1:1871 <-> DISABLED <-> SERVER-WEBAPP Oracle XSQLConfig.xml access (server-webapp.rules)
 * 1:18711 <-> DISABLED <-> MALWARE-CNC RogueSoftware.Win32.SecurityCentral variant outbound connection (malware-cnc.rules)
 * 1:18712 <-> DISABLED <-> MALWARE-CNC RogueSoftware.Win32.XJRAntivirus variant outbound connection (malware-cnc.rules)
 * 1:18713 <-> DISABLED <-> SERVER-OTHER OpenSSL TLS connection record handling denial of service attempt (server-other.rules)
 * 1:18714 <-> DISABLED <-> SERVER-OTHER OpenSSL TLS connection record handling denial of service attempt (server-other.rules)
 * 1:18715 <-> DISABLED <-> MALWARE-CNC Ozdok botnet communication with C&C server (malware-cnc.rules)
 * 1:18716 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.H variant outbound connection (malware-cnc.rules)
 * 1:18717 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.QO variant outbound connection (malware-cnc.rules)
 * 1:18718 <-> DISABLED <-> MALWARE-CNC RogueSoftware.Win32.AdvancedDefender variant outbound connection (malware-cnc.rules)
 * 1:18719 <-> DISABLED <-> MALWARE-CNC Win.Trojan.IRCBot.CBY variant outbound connection (malware-cnc.rules)
 * 1:1872 <-> DISABLED <-> SERVER-WEBAPP Oracle Dynamic Monitoring Services dms access (server-webapp.rules)
 * 1:18720 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Terzib.A variant outbound connection (malware-cnc.rules)
 * 1:18721 <-> DISABLED <-> PROTOCOL-SCADA Iconics Genesis 32/64 GenBroker opcode 0x1C84 integer overflow attempt (protocol-scada.rules)
 * 1:18722 <-> DISABLED <-> PROTOCOL-SCADA Iconics Genesis 32/64 GenBroker opcode 0x1C84 integer overflow attempt (protocol-scada.rules)
 * 1:18723 <-> DISABLED <-> MALWARE-CNC RogueSoftware.Win32.CleanV variant outbound connection (malware-cnc.rules)
 * 1:18724 <-> DISABLED <-> MALWARE-CNC RogueSoftware.Win32.ZeroClean variant outbound connection (malware-cnc.rules)
 * 1:18725 <-> DISABLED <-> PROTOCOL-SCADA Iconics Genesis 32/64 GenBroker opcode 0x04B0 heap overflow attempt (protocol-scada.rules)
 * 1:18726 <-> DISABLED <-> PROTOCOL-SCADA Iconics Genesis 32/64 GenBroker opcode 0x04B2 heap overflow attempt (protocol-scada.rules)
 * 1:18727 <-> DISABLED <-> PROTOCOL-SCADA Iconics Genesis 32/64 GenBroker opcode 0x04B5 heap overflow attempt (protocol-scada.rules)
 * 1:18728 <-> DISABLED <-> PROTOCOL-SCADA Iconics Genesis 32/64 GenBroker opcode 0x0DAE heap overflow attempt (protocol-scada.rules)
 * 1:18729 <-> DISABLED <-> PROTOCOL-SCADA Iconics Genesis 32/64 GenBroker opcode 0x1BBC heap overflow attempt (protocol-scada.rules)
 * 1:1873 <-> DISABLED <-> SERVER-WEBAPP globals.jsa access (server-webapp.rules)
 * 1:18730 <-> DISABLED <-> PROTOCOL-SCADA Iconics Genesis 32/64 GenBroker opcode 0x089A integer overflow attempt (protocol-scada.rules)
 * 1:18731 <-> DISABLED <-> PROTOCOL-SCADA Iconics Genesis 32/64 GenBroker opcode 0x0453 integer overflow attempt (protocol-scada.rules)
 * 1:18732 <-> DISABLED <-> PROTOCOL-SCADA Iconics Genesis 32/64 GenBroker opcode 0x04B0 integer overflow attempt (protocol-scada.rules)
 * 1:18733 <-> DISABLED <-> PROTOCOL-SCADA Iconics Genesis 32/64 GenBroker opcode 0x04B0 integer overflow attempt (protocol-scada.rules)
 * 1:18734 <-> DISABLED <-> PROTOCOL-SCADA Iconics Genesis 32/64 GenBroker opcode 0x04B0 integer overflow attempt (protocol-scada.rules)
 * 1:18735 <-> DISABLED <-> PROTOCOL-SCADA Iconics Genesis 32/64 GenBroker opcode 0x04B0 integer overflow attempt (protocol-scada.rules)
 * 1:18736 <-> DISABLED <-> PROTOCOL-SCADA Iconics Genesis 32/64 GenBroker opcode 0x04B0 integer overflow attempt (protocol-scada.rules)
 * 1:18737 <-> DISABLED <-> PROTOCOL-SCADA Iconics Genesis 32/64 GenBroker opcode 0x04B0 integer overflow attempt (protocol-scada.rules)
 * 1:18738 <-> DISABLED <-> PROTOCOL-SCADA Iconics Genesis 32/64 GenBroker opcode 0x04B2 integer overflow attempt (protocol-scada.rules)
 * 1:18739 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Koobface.D variant outbound connection (malware-cnc.rules)
 * 1:1874 <-> DISABLED <-> SERVER-WEBAPP Oracle Java Process Manager access (server-webapp.rules)
 * 1:18740 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel sheet object type confusion exploit attempt (file-office.rules)
 * 1:18741 <-> DISABLED <-> BROWSER-PLUGINS CrystalReports EnterpriseControls ActiveX clsid access (browser-plugins.rules)
 * 1:18742 <-> DISABLED <-> SERVER-WEBAPP IBM WebSphere Expect header cross-site scripting (server-webapp.rules)
 * 1:18743 <-> DISABLED <-> SERVER-WEBAPP VLC player web interface format string attack (server-webapp.rules)
 * 1:18744 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN vlc player subtitle buffer overflow attempt (file-multimedia.rules)
 * 1:18745 <-> DISABLED <-> SERVER-WEBAPP HP Power Manager formExportDataLogs buffer overflow attempt (server-webapp.rules)
 * 1:18746 <-> DISABLED <-> PROTOCOL-SCADA RealWin 2.1 FC_CTAGLIST_FCS_XTAG overflow attempt (protocol-scada.rules)
 * 1:18747 <-> DISABLED <-> PROTOCOL-SCADA RealWin 2.1 FC_BINFILE_FCS_xFILE overflow attempt (protocol-scada.rules)
 * 1:18748 <-> DISABLED <-> PROTOCOL-SCADA RealWin 2.1 FC_MISC_FCS_MSGx overflow attempt (protocol-scada.rules)
 * 1:18749 <-> DISABLED <-> PROTOCOL-SCADA RealWin 2.1 FC_CTAGLIST_FCS_XTAG overflow attempt (protocol-scada.rules)
 * 1:1875 <-> DISABLED <-> SERVER-WEBAPP cgicso access (server-webapp.rules)
 * 1:18750 <-> DISABLED <-> PROTOCOL-SCADA RealWin 2.1 FC_SCRIPT_FCS_STARTPROG overflow attempt (protocol-scada.rules)
 * 1:18751 <-> DISABLED <-> SERVER-WEBAPP Samba SWAT HTTP Authentication overflow attempt (server-webapp.rules)
 * 1:18752 <-> DISABLED <-> PROTOCOL-SCADA RealWin 2.1 FC_INFOTAG_SET_CONTROL overflow attempt (protocol-scada.rules)
 * 1:18753 <-> DISABLED <-> SERVER-OTHER Zend Server Java Bridge remote code execution attempt (server-other.rules)
 * 1:18754 <-> DISABLED <-> SERVER-OTHER HP Data Protector Backup Client Service code execution attempt (server-other.rules)
 * 1:18755 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio Data Type Memory Corruption (file-office.rules)
 * 1:18756 <-> DISABLED <-> INDICATOR-COMPROMISE Microsoft cmd.exe banner Windows 7/Server 2008R2 (indicator-compromise.rules)
 * 1:18757 <-> DISABLED <-> INDICATOR-COMPROMISE Microsoft cmd.exe banner Windows Vista (indicator-compromise.rules)
 * 1:18758 <-> DISABLED <-> FILE-IDENTIFY Microsoft Windows Visual Basic script file download request (file-identify.rules)
 * 1:18759 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager ovwebsnmpsrv.exe displayWidth buffer overflow attempt - POST (server-webapp.rules)
 * 1:1876 <-> DISABLED <-> SERVER-WEBAPP nph-publish.cgi access (server-webapp.rules)
 * 1:18760 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager ovwebsnmpsrv.exe displayWidth buffer overflow attempt - GET (server-webapp.rules)
 * 1:18761 <-> DISABLED <-> SERVER-WEBAPP Majordomo2 http directory traversal attempt (server-webapp.rules)
 * 1:18762 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI /blog.updata?v= - Win32-Agent-GRW (malware-cnc.rules)
 * 1:18763 <-> DISABLED <-> SERVER-OTHER ActFax Server LPD/LPR Remote Buffer Overflow (server-other.rules)
 * 1:18764 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager nnmRptConfig.exe multiple parameters buffer overflow attempt (server-webapp.rules)
 * 1:18765 <-> DISABLED <-> SERVER-MAIL Majordomo2 smtp directory traversal attempt (server-mail.rules)
 * 1:18766 <-> DISABLED <-> SERVER-OTHER OpenSSL CMS structure OriginatorInfo memory corruption attempt (server-other.rules)
 * 1:18767 <-> DISABLED <-> PROTOCOL-TFTP Multiple TFTP product buffer overflow attempt (protocol-tftp.rules)
 * 1:18768 <-> DISABLED <-> SERVER-MAIL Novell GroupWise Internet Agent RRULE parsing buffer overflow attempt (server-mail.rules)
 * 1:18769 <-> DISABLED <-> SERVER-OTHER LDAP Novell eDirectory evtFilteredMonitorEventsRequest function heap overflow attempt (server-other.rules)
 * 1:1877 <-> DISABLED <-> SERVER-WEBAPP printenv access (server-webapp.rules)
 * 1:18770 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari WebKit range object remote code execution attempt (browser-webkit.rules)
 * 1:18771 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ADO Object Parsing Code Execution (file-office.rules)
 * 1:18772 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ADO Object Parsing Code Execution (file-office.rules)
 * 1:18774 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI (malware-cnc.rules)
 * 1:18775 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - /gpdcount (malware-cnc.rules)
 * 1:18776 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Director pamm chunk memory corruption attempt (file-other.rules)
 * 1:18777 <-> DISABLED <-> SERVER-OTHER HP data protector OmniInet service NULL dereference denial of service attempt (server-other.rules)
 * 1:18778 <-> DISABLED <-> PROTOCOL-SCADA Iconics Genesis 32/64 GenBroker opcode 0x04B5 integer overflow attempt (protocol-scada.rules)
 * 1:18779 <-> DISABLED <-> PROTOCOL-SCADA Iconics Genesis 32/64 GenBroker opcode 0x04B5 integer overflow attempt (protocol-scada.rules)
 * 1:1878 <-> DISABLED <-> SERVER-WEBAPP sdbsearch.cgi access (server-webapp.rules)
 * 1:18780 <-> DISABLED <-> PROTOCOL-SCADA Iconics Genesis 32/64 GenBroker opcode 0x07D0 integer overflow attempt (protocol-scada.rules)
 * 1:18781 <-> DISABLED <-> PROTOCOL-SCADA Iconics Genesis 32/64 GenBroker opcode 0x07D0 integer overflow attempt (protocol-scada.rules)
 * 1:18782 <-> DISABLED <-> MALWARE-CNC URI Request for known malicious URI - Chinese Rootkit.Win32.Fisp.a (malware-cnc.rules)
 * 1:18783 <-> DISABLED <-> PROTOCOL-SCADA Iconics Genesis 32/64 GenBroker opcode 0x0DAE integer overflow attempt (protocol-scada.rules)
 * 1:18784 <-> DISABLED <-> PROTOCOL-SCADA Iconics Genesis 32/64 GenBroker opcode 0x0DB0 integer overflow attempt (protocol-scada.rules)
 * 1:18785 <-> DISABLED <-> PROTOCOL-SCADA Iconics Genesis 32/64 GenBroker opcode 0x0FA4 integer overflow attempt (protocol-scada.rules)
 * 1:18786 <-> DISABLED <-> PROTOCOL-SCADA Iconics Genesis 32/64 GenBroker opcode 0x0FA7 integer overflow attempt (protocol-scada.rules)
 * 1:18787 <-> DISABLED <-> PROTOCOL-SCADA Iconics Genesis 32/64 GenBroker opcode 0x1BBC integer overflow attempt (protocol-scada.rules)
 * 1:18788 <-> DISABLED <-> PROTOCOL-SCADA Iconics Genesis 32/64 GenBroker opcode 0x1BBD integer overflow attempt (protocol-scada.rules)
 * 1:18789 <-> DISABLED <-> PROTOCOL-SCADA Iconics Genesis 32/64 GenBroker opcode 0x26AC integer overflow attempt (protocol-scada.rules)
 * 1:1879 <-> DISABLED <-> SERVER-WEBAPP book.cgi arbitrary command execution attempt (server-webapp.rules)
 * 1:18790 <-> DISABLED <-> SERVER-OTHER Novell ZENworks Handheld Management ZfHIPCND.exe overflow attempt (server-other.rules)
 * 1:18791 <-> DISABLED <-> SERVER-OTHER Novell ZENworks Configuration Management Preboot service code overflow attempt (server-other.rules)
 * 1:18792 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management UploadServlet code execution attempt (server-webapp.rules)
 * 1:18793 <-> DISABLED <-> SERVER-WEBAPP Novell ZENworks Configuration Management fileupload code execution attempt (server-webapp.rules)
 * 1:18795 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager ovet_demandpoll.exe format string execution attempt (server-webapp.rules)
 * 1:18796 <-> DISABLED <-> SERVER-WEBAPP Novell iManager ClassName handling overflow attempt (server-webapp.rules)
 * 1:18797 <-> DISABLED <-> SERVER-WEBAPP Oracle Secure Backup Administration property_box.php other variable command execution attempt (server-webapp.rules)
 * 1:18798 <-> DISABLED <-> SERVER-OTHER HP Data Protector Media Operations denial of service attempt (server-other.rules)
 * 1:18799 <-> DISABLED <-> SERVER-OTHER HP Data Protector Media Operations denial of service attempt (server-other.rules)
 * 1:1880 <-> DISABLED <-> SERVER-WEBAPP oracle web application server access (server-webapp.rules)
 * 1:18800 <-> DISABLED <-> FILE-OTHER Adobe RoboHelp Server Arbitrary File Upload (file-other.rules)
 * 1:18801 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JpxDecode invalid crgn memory corruption attempt (file-pdf.rules)
 * 1:18802 <-> DISABLED <-> SERVER-WEBAPP HP Power Manager formExportDataLogs directory traversal attempt (server-webapp.rules)
 * 1:18803 <-> DISABLED <-> SERVER-WEBAPP Oracle Java Runtime CMM readMabCurveData buffer overflow attempt (server-webapp.rules)
 * 1:18804 <-> DISABLED <-> SERVER-WEBAPP OpenLDAP Modrdn utf-8 string code execution attempt (server-webapp.rules)
 * 1:18805 <-> DISABLED <-> FILE-FLASH Adobe Flash Player undefined tag exploit attempt (file-flash.rules)
 * 1:18806 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RealTimeData record exploit attempt (file-office.rules)
 * 1:18807 <-> DISABLED <-> SERVER-OTHER OpenLDAP Modrdn RDN NULL string denial of service attempt (server-other.rules)
 * 1:18808 <-> DISABLED <-> SERVER-MAIL Ipswitch IMail Server List Mailer Reply-To address buffer overflow attempt (server-mail.rules)
 * 1:18809 <-> DISABLED <-> BROWSER-FIREFOX Mozilla EnsureCachedAttrParamArrays integer overflow attempt (browser-firefox.rules)
 * 1:1881 <-> DISABLED <-> SERVER-WEBAPP bad HTTP 1.1 request - potential worm attack (server-webapp.rules)
 * 1:18811 <-> DISABLED <-> FILE-IDENTIFY .ade attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18812 <-> DISABLED <-> FILE-IDENTIFY .adp attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18813 <-> DISABLED <-> FILE-IDENTIFY .app attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18814 <-> DISABLED <-> FILE-IDENTIFY .asp attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18815 <-> DISABLED <-> FILE-IDENTIFY .bas attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18816 <-> DISABLED <-> FILE-IDENTIFY .bat attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18817 <-> DISABLED <-> FILE-IDENTIFY .cer attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18818 <-> DISABLED <-> FILE-IDENTIFY .chm attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18819 <-> DISABLED <-> FILE-IDENTIFY .cmd attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:1882 <-> DISABLED <-> INDICATOR-COMPROMISE id check returned userid (indicator-compromise.rules)
 * 1:18820 <-> DISABLED <-> FILE-IDENTIFY .cnt attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18821 <-> DISABLED <-> FILE-IDENTIFY .com attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18822 <-> DISABLED <-> FILE-IDENTIFY .cpl attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18823 <-> DISABLED <-> FILE-IDENTIFY .crt attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18824 <-> DISABLED <-> FILE-IDENTIFY .csh attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18825 <-> DISABLED <-> FILE-IDENTIFY .der attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18826 <-> DISABLED <-> FILE-IDENTIFY .exe attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18827 <-> DISABLED <-> FILE-IDENTIFY .fxp attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18828 <-> DISABLED <-> FILE-IDENTIFY .gadget attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18829 <-> DISABLED <-> FILE-IDENTIFY .hlp attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18830 <-> DISABLED <-> FILE-IDENTIFY .hpj attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18831 <-> DISABLED <-> FILE-IDENTIFY .hta attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18832 <-> DISABLED <-> FILE-IDENTIFY .inf attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18833 <-> DISABLED <-> FILE-IDENTIFY .ins attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18834 <-> DISABLED <-> FILE-IDENTIFY .isp attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18835 <-> DISABLED <-> FILE-IDENTIFY .its attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18836 <-> DISABLED <-> FILE-IDENTIFY .js attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18837 <-> DISABLED <-> FILE-IDENTIFY .jse attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18838 <-> DISABLED <-> FILE-IDENTIFY .ksh attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18839 <-> DISABLED <-> FILE-IDENTIFY .lnk attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18840 <-> DISABLED <-> FILE-IDENTIFY .mad attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18841 <-> DISABLED <-> FILE-IDENTIFY .maf attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18842 <-> DISABLED <-> FILE-IDENTIFY .mag attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18843 <-> DISABLED <-> FILE-IDENTIFY .mam attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18844 <-> DISABLED <-> FILE-IDENTIFY .maq attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18845 <-> DISABLED <-> FILE-IDENTIFY .mar attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18846 <-> DISABLED <-> FILE-IDENTIFY .mas attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18847 <-> DISABLED <-> FILE-IDENTIFY .mat attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18848 <-> DISABLED <-> FILE-IDENTIFY .mau attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18849 <-> DISABLED <-> FILE-IDENTIFY .mav attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18850 <-> DISABLED <-> FILE-IDENTIFY .maw attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18851 <-> DISABLED <-> FILE-IDENTIFY .mda attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18852 <-> DISABLED <-> FILE-IDENTIFY .mdb attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18853 <-> DISABLED <-> FILE-IDENTIFY .mde attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18854 <-> DISABLED <-> FILE-IDENTIFY .mdt attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18855 <-> DISABLED <-> FILE-IDENTIFY .mdw attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18856 <-> DISABLED <-> FILE-IDENTIFY .mdz attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18857 <-> DISABLED <-> FILE-IDENTIFY .msc attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18858 <-> DISABLED <-> FILE-IDENTIFY .msh attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18859 <-> DISABLED <-> FILE-IDENTIFY .msh1 attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18860 <-> DISABLED <-> FILE-IDENTIFY .msh2 attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18861 <-> DISABLED <-> FILE-IDENTIFY .mshxml attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18862 <-> DISABLED <-> FILE-IDENTIFY .msh1xml attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18863 <-> DISABLED <-> FILE-IDENTIFY .msh2xml attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18864 <-> DISABLED <-> FILE-IDENTIFY .msi attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18865 <-> DISABLED <-> FILE-IDENTIFY .msp attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18866 <-> DISABLED <-> FILE-IDENTIFY .mst attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18867 <-> DISABLED <-> FILE-IDENTIFY .ops attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18868 <-> DISABLED <-> FILE-IDENTIFY .osd attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18869 <-> DISABLED <-> FILE-IDENTIFY .pcd attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:1887 <-> DISABLED <-> SERVER-OTHER OpenSSL Worm traffic (server-other.rules)
 * 1:18870 <-> DISABLED <-> FILE-IDENTIFY .pif attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18871 <-> DISABLED <-> FILE-IDENTIFY .plg attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18872 <-> DISABLED <-> FILE-IDENTIFY .prf attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18873 <-> DISABLED <-> FILE-IDENTIFY .prg attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18874 <-> DISABLED <-> FILE-IDENTIFY .pst attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18875 <-> DISABLED <-> FILE-IDENTIFY .reg attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18876 <-> DISABLED <-> FILE-IDENTIFY .scf attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18877 <-> DISABLED <-> FILE-IDENTIFY .scr attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18878 <-> DISABLED <-> FILE-IDENTIFY .sct attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18879 <-> DISABLED <-> FILE-IDENTIFY .shb attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:1888 <-> DISABLED <-> PROTOCOL-FTP SITE CPWD overflow attempt (protocol-ftp.rules)
 * 1:18880 <-> DISABLED <-> FILE-IDENTIFY .shs attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18881 <-> DISABLED <-> FILE-IDENTIFY .ps1 attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18882 <-> DISABLED <-> FILE-IDENTIFY .ps1xml attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18883 <-> DISABLED <-> FILE-IDENTIFY .ps2 attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18884 <-> DISABLED <-> FILE-IDENTIFY .ps2xml attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18885 <-> DISABLED <-> FILE-IDENTIFY .psc1 attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18886 <-> DISABLED <-> FILE-IDENTIFY .psc2 attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18887 <-> DISABLED <-> FILE-IDENTIFY .tmp attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18888 <-> DISABLED <-> FILE-IDENTIFY .url attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18889 <-> DISABLED <-> FILE-IDENTIFY .vb attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:1889 <-> DISABLED <-> MALWARE-CNC slapper worm admin traffic (malware-cnc.rules)
 * 1:18890 <-> DISABLED <-> FILE-IDENTIFY .vbe attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18891 <-> DISABLED <-> FILE-IDENTIFY .vbp attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18892 <-> DISABLED <-> FILE-IDENTIFY .vbs attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18893 <-> DISABLED <-> FILE-IDENTIFY .vsmacros attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18894 <-> DISABLED <-> FILE-IDENTIFY .vsw attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18895 <-> DISABLED <-> FILE-IDENTIFY .ws attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18896 <-> DISABLED <-> FILE-IDENTIFY .wsc attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18897 <-> DISABLED <-> FILE-IDENTIFY .wsf attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18898 <-> DISABLED <-> FILE-IDENTIFY .wsh attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:18899 <-> DISABLED <-> FILE-IDENTIFY .xnk attachment file type blocked by Outlook detected (file-identify.rules)
 * 1:1890 <-> DISABLED <-> PROTOCOL-RPC status GHBN format string attack (protocol-rpc.rules)
 * 1:18900 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI (W32.Swizzor -- malware-cnc.rules)
 * 1:18901 <-> DISABLED <-> SERVER-OTHER MIT Kerberos KDC Ticket validation double free memory corruption attempt (server-other.rules)
 * 1:18902 <-> DISABLED <-> SERVER-WEBAPP Novell Teaming ajaxUploadImageFile remote code execution attempt (server-webapp.rules)
 * 1:18903 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari WebKit Rendering Counter Code Execution (browser-webkit.rules)
 * 1:18904 <-> DISABLED <-> BROWSER-PLUGINS KingView ActiveX clsid access (browser-plugins.rules)
 * 1:18905 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18906 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18907 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18908 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18909 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:1891 <-> DISABLED <-> PROTOCOL-RPC status GHBN format string attack (protocol-rpc.rules)
 * 1:18910 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18911 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18912 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18913 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18914 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18915 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18916 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18917 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18918 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18919 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:1892 <-> DISABLED <-> PROTOCOL-SNMP null community string attempt (protocol-snmp.rules)
 * 1:18920 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18921 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18922 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18923 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18924 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18925 <-> DISABLED <-> SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (server-webapp.rules)
 * 1:18926 <-> DISABLED <-> PROTOCOL-SNMP Multiple vendors AgentX receive_agentx integer overflow attempt (protocol-snmp.rules)
 * 1:18928 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime streaming debug error logging buffer overflow attempt (file-multimedia.rules)
 * 1:18929 <-> DISABLED <-> SERVER-ORACLE Oracle Secure Backup Administration objectname variable command injection attempt (server-oracle.rules)
 * 1:1893 <-> DISABLED <-> PROTOCOL-SNMP missing community string attempt (protocol-snmp.rules)
 * 1:18930 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager nnmRptConfig.exe Template format string code execution attempt (server-webapp.rules)
 * 1:18931 <-> DISABLED <-> SERVER-APACHE Apache Struts OGNL parameter interception bypass command execution attempt (server-apache.rules)
 * 1:18932 <-> DISABLED <-> SERVER-WEBAPP Jboss default configuration unauthorized application add attempt (server-webapp.rules)
 * 1:18933 <-> DISABLED <-> SERVER-OTHER SolarWinds TFTP Server Read request denial of service attempt (server-other.rules)
 * 1:18934 <-> DISABLED <-> MALWARE-CNC known command and control channel traffic (Coreflood -- malware-cnc.rules)
 * 1:18935 <-> DISABLED <-> SERVER-OTHER ISC DHCP server zero length client ID denial of service attempt (server-other.rules)
 * 1:18936 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - Win.Trojan.FakeAV (malware-cnc.rules)
 * 1:18937 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - Win.Trojan.Krap (malware-cnc.rules)
 * 1:18939 <-> DISABLED <-> MALWARE-CNC known command and control channel traffic (malware-cnc.rules)
 * 1:1894 <-> DISABLED <-> INDICATOR-SHELLCODE kadmind buffer overflow attempt (indicator-shellcode.rules)
 * 1:18940 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - Sality (malware-cnc.rules)
 * 1:18941 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - FakeAV (malware-cnc.rules)
 * 1:18942 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - MacProtector (malware-cnc.rules)
 * 1:18943 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - MacDefender (malware-cnc.rules)
 * 1:18945 <-> DISABLED <-> MALWARE-CNC Virus.Win32.Feberr variant outbound connection (malware-cnc.rules)
 * 1:18946 <-> ENABLED <-> MALWARE-CNC Win.Trojan.IRCBot.FC variant outbound connection (malware-cnc.rules)
 * 1:18947 <-> DISABLED <-> MALWARE-CNC Win.Trojan.IRCBot.FC variant outbound connection (malware-cnc.rules)
 * 1:18948 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint converter bad indirection remote code execution attempt (file-office.rules)
 * 1:1895 <-> DISABLED <-> INDICATOR-SHELLCODE kadmind buffer overflow attempt (indicator-shellcode.rules)
 * 1:18950 <-> DISABLED <-> OS-WINDOWS Microsoft WINS service oversize payload exploit attempt (os-windows.rules)
 * 1:18951 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CTableLayout memory corruption attempt (browser-ie.rules)
 * 1:18952 <-> DISABLED <-> FILE-OTHER Microsoft Windows uniscribe fonts parsing memory corruption attempt (file-other.rules)
 * 1:18953 <-> DISABLED <-> FILE-OTHER rich text format unexpected field type memory corruption attempt (file-other.rules)
 * 1:18954 <-> DISABLED <-> FILE-OTHER rich text format unexpected field type memory corruption attempt (file-other.rules)
 * 1:18955 <-> DISABLED <-> SERVER-WEBAPP Symantec IM Manager LoggedInUsers.lgx definition file multiple SQL injections attempt (server-webapp.rules)
 * 1:18956 <-> DISABLED <-> SERVER-WEBAPP Symantec IM Manager LoggedInUsers.lgx definition file multiple SQL injections attempt (server-webapp.rules)
 * 1:18957 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit attribute child removal code execution attempt (browser-webkit.rules)
 * 1:18958 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit attribute child removal code execution attempt (browser-webkit.rules)
 * 1:18959 <-> DISABLED <-> SERVER-WEBAPP VMware SpringSource Spring Framework class.classloader remote code execution attempt (server-webapp.rules)
 * 1:1896 <-> DISABLED <-> INDICATOR-SHELLCODE kadmind buffer overflow attempt (indicator-shellcode.rules)
 * 1:18960 <-> DISABLED <-> SERVER-WEBAPP Novell GroupWise agents HTTP request remote code execution attempt (server-webapp.rules)
 * 1:18961 <-> DISABLED <-> OS-WINDOWS Microsoft Windows MSXML2 ActiveX malformed HTTP response (os-windows.rules)
 * 1:18962 <-> DISABLED <-> OS-WINDOWS Microsoft Windows MSXML2 ActiveX malformed HTTP response (os-windows.rules)
 * 1:18963 <-> DISABLED <-> FILE-FLASH Adobe ActionScript 3 addEventListener exploit attempt (file-flash.rules)
 * 1:18964 <-> DISABLED <-> FILE-FLASH Adobe Flash file DefineFont4 remote code execution attempt (file-flash.rules)
 * 1:18965 <-> DISABLED <-> FILE-FLASH Adobe Flash file ActionScript 2 ActionJump remote code execution attempt (file-flash.rules)
 * 1:18966 <-> DISABLED <-> FILE-FLASH Adobe Flash file DefineFont4 remote code execution attempt (file-flash.rules)
 * 1:18967 <-> DISABLED <-> FILE-FLASH Adobe ActionScript argumentCount download attempt (file-flash.rules)
 * 1:18968 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript3 stack integer overflow attempt (file-flash.rules)
 * 1:18969 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript ActionIf integer overflow attempt (file-flash.rules)
 * 1:1897 <-> DISABLED <-> INDICATOR-SHELLCODE kadmind buffer overflow attempt (indicator-shellcode.rules)
 * 1:18970 <-> DISABLED <-> FILE-FLASH Adobe Flash Player null pointer dereference attempt (file-flash.rules)
 * 1:18971 <-> DISABLED <-> FILE-FLASH Adobe Flash beginGradientfill improper color validation attempt (file-flash.rules)
 * 1:18972 <-> DISABLED <-> SERVER-ORACLE Oracle Secure Backup Administration selector variable command injection attempt (server-oracle.rules)
 * 1:18973 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit button first-letter style rendering code execution attempt (browser-webkit.rules)
 * 1:18974 <-> DISABLED <-> BROWSER-PLUGINS SAP Crystal Reports PrintControl.dll ActiveX function call attempt (browser-plugins.rules)
 * 1:18975 <-> DISABLED <-> BROWSER-PLUGINS SAP Crystal Reports PrintControl.dll ActiveX function call access (browser-plugins.rules)
 * 1:18976 <-> DISABLED <-> MALWARE-CNC Rogue-Software.AVCare variant outbound connection (malware-cnc.rules)
 * 1:18977 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Proxy variant outbound connection (malware-cnc.rules)
 * 1:18978 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Pasta.aoq variant outbound connection (malware-cnc.rules)
 * 1:18979 <-> DISABLED <-> MALWARE-CNC Worm.Win32.AutoRun.fmo variant outbound connection (malware-cnc.rules)
 * 1:1898 <-> DISABLED <-> INDICATOR-SHELLCODE kadmind buffer overflow attempt (indicator-shellcode.rules)
 * 1:18980 <-> DISABLED <-> MALWARE-CNC WinSpywareProtect variant outbound connection (malware-cnc.rules)
 * 1:18981 <-> DISABLED <-> MALWARE-CNC WinSpywareProtect variant outbound connection (malware-cnc.rules)
 * 1:18982 <-> DISABLED <-> MALWARE-CNC WinSpywareProtect variant outbound connection (malware-cnc.rules)
 * 1:18984 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - Win32/Trojanclicker (malware-cnc.rules)
 * 1:18985 <-> DISABLED <-> POLICY-OTHER CA ARCserve Axis2 default credential login attempt (policy-other.rules)
 * 1:18986 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader and Acrobat TTF SING table parsing remote code execution attempt (file-pdf.rules)
 * 1:18987 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader and Acrobat TTF SING table parsing remote code execution attempt (file-pdf.rules)
 * 1:18988 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader TTF SING table parsing remote code execution attempt (file-pdf.rules)
 * 1:18989 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader TTF SING table parsing remote code execution attempt (file-pdf.rules)
 * 1:1899 <-> DISABLED <-> INDICATOR-SHELLCODE kadmind buffer overflow attempt (indicator-shellcode.rules)
 * 1:18990 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader TTF SING table parsing remote code execution attempt (file-pdf.rules)
 * 1:18991 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader TTF SING table parsing remote code execution attempt (file-pdf.rules)
 * 1:18992 <-> DISABLED <-> FILE-FLASH Adobe Flash Player content parsing execution attempt (file-flash.rules)
 * 1:18993 <-> DISABLED <-> SERVER-WEBAPP HP OpenView Network Node Manager server name exploit attempt (server-webapp.rules)
 * 1:18994 <-> DISABLED <-> OS-WINDOWS Microsoft Windows 2003 browser election remote heap overflow attempt (os-windows.rules)
 * 1:18995 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit removeAllRanges use-after-free attempt (browser-webkit.rules)
 * 1:18996 <-> DISABLED <-> SERVER-ORACLE DBMS_JAVA.SET_OUTPUT_TO_JAVA privilege escalation attempt (server-oracle.rules)
 * 1:18997 <-> DISABLED <-> OS-LINUX Linux kernel sctp_rcv_ootb invalid chunk length DoS attempt (os-linux.rules)
 * 1:18998 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM ovwebsnmpsrv.exe command line argument buffer overflow attempt (server-webapp.rules)
 * 1:18999 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM webappmon.exe buffer overflow attempt (server-webapp.rules)
 * 1:1900 <-> DISABLED <-> SERVER-OTHER successful kadmind buffer overflow attempt (server-other.rules)
 * 1:19000 <-> DISABLED <-> SERVER-MYSQL Database CASE NULL argument denial of service attempt (server-mysql.rules)
 * 1:19001 <-> DISABLED <-> SERVER-MYSQL IN NULL argument denial of service attempt (server-mysql.rules)
 * 1:19002 <-> DISABLED <-> FILE-FLASH RealNetworks RealPlayer FLV integer overflow attempt (file-flash.rules)
 * 1:19003 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit run-in use-after-free attempt (browser-webkit.rules)
 * 1:19004 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit run-in use-after-free attempt (browser-webkit.rules)
 * 1:19005 <-> DISABLED <-> BROWSER-CHROME Apple Safari/Google Chrome Webkit memory corruption attempt (browser-chrome.rules)
 * 1:19006 <-> DISABLED <-> SERVER-OTHER HP Data Protector Express DtbClsLogin buffer overflow attempt (server-other.rules)
 * 1:19007 <-> DISABLED <-> SERVER-SAMBA Samba SID parsing overflow attempt (server-samba.rules)
 * 1:19008 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit floating point conversion memory corruption attempt (browser-webkit.rules)
 * 1:19009 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari WebKit menu onchange memory corruption attempt (browser-webkit.rules)
 * 1:1901 <-> DISABLED <-> SERVER-OTHER successful kadmind buffer overflow attempt (server-other.rules)
 * 1:19010 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari WebKit menu onchange memory corruption attempt (browser-webkit.rules)
 * 1:19011 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Player Lnam chunk processing buffer overflow attempt (file-other.rules)
 * 1:19012 <-> DISABLED <-> FILE-OTHER Adobe Shockwave Player Lnam chunk processing buffer overflow attempt (file-other.rules)
 * 1:19013 <-> DISABLED <-> PROTOCOL-TFTP HP Intelligent Management Center TFTP server MODE remote code execution attempt - WRQ (protocol-tftp.rules)
 * 1:19014 <-> DISABLED <-> PROTOCOL-TFTP HP Intelligent Management Center TFTP server MODE remote code execution attempt - RRQ (protocol-tftp.rules)
 * 1:19015 <-> DISABLED <-> POLICY-SPAM visiopharm-3d.eu known spam email attempt (policy-spam.rules)
 * 1:19016 <-> DISABLED <-> MALWARE-CNC MacBack Win.Trojan.variant outbound connection (malware-cnc.rules)
 * 1:19017 <-> DISABLED <-> MALWARE-CNC MacBack Win.Trojan.variant outbound connection (malware-cnc.rules)
 * 1:19018 <-> DISABLED <-> MALWARE-CNC MacBack Win.Trojan.variant outbound connection (malware-cnc.rules)
 * 1:19019 <-> DISABLED <-> MALWARE-CNC MacBack Win.Trojan.variant outbound connection (malware-cnc.rules)
 * 1:1902 <-> DISABLED <-> PROTOCOL-IMAP lsub literal overflow attempt (protocol-imap.rules)
 * 1:19020 <-> DISABLED <-> INDICATOR-COMPROMISE Suspicious .cc dns query (indicator-compromise.rules)
 * 1:19021 <-> ENABLED <-> MALWARE-CNC Win.Trojan-Downloader.Win32.FraudLoad.dzm variant outbound connection (malware-cnc.rules)
 * 1:19022 <-> DISABLED <-> MALWARE-CNC Win.Trojan-Downloader.Win32.FraudLoad.dzm variant outbound connection (malware-cnc.rules)
 * 1:19023 <-> DISABLED <-> MALWARE-CNC IRC.Zapchast.zwrc variant outbound connection (malware-cnc.rules)
 * 1:19024 <-> DISABLED <-> MALWARE-CNC Win.Trojan.StartPage variant outbound connection (malware-cnc.rules)
 * 1:19025 <-> DISABLED <-> MALWARE-CNC Win.Trojan-Banker.Win32.Bancos.etf variant outbound connection (malware-cnc.rules)
 * 1:19026 <-> DISABLED <-> PUA-ADWARE Smart Protector outbound connection (pua-adware.rules)
 * 1:19027 <-> DISABLED <-> MALWARE-CNC BrowserModifier.Win32.Kerlofost variant outbound connection (malware-cnc.rules)
 * 1:19028 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Mailbot variant outbound connection (malware-cnc.rules)
 * 1:19029 <-> DISABLED <-> MALWARE-CNC Win.Trojan.PcClient.AI variant outbound connection (malware-cnc.rules)
 * 1:1903 <-> DISABLED <-> PROTOCOL-IMAP rename overflow attempt (protocol-imap.rules)
 * 1:19030 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Uloadis variant outbound connection (malware-cnc.rules)
 * 1:19031 <-> DISABLED <-> MALWARE-CNC iPRIVACY variant outbound connection (malware-cnc.rules)
 * 1:19032 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Cornfemo variant outbound connection (malware-cnc.rules)
 * 1:19033 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Cornfemo variant outbound connection (malware-cnc.rules)
 * 1:19034 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Kbot.qd variant outbound connection (malware-cnc.rules)
 * 1:19035 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Vilsel.baqb variant outbound connection (malware-cnc.rules)
 * 1:19036 <-> ENABLED <-> MALWARE-CNC Win.Trojan.IRCBrute.I variant outbound connection (malware-cnc.rules)
 * 1:19037 <-> DISABLED <-> MALWARE-CNC Win.Trojan.IRCBrute.I variant outbound connection (malware-cnc.rules)
 * 1:19038 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Jzzer.A variant outbound connection (malware-cnc.rules)
 * 1:19039 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Linkbot.alr variant outbound connection (malware-cnc.rules)
 * 1:1904 <-> DISABLED <-> PROTOCOL-IMAP find overflow attempt (protocol-imap.rules)
 * 1:19040 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Linkbot.alr variant outbound connection (malware-cnc.rules)
 * 1:19041 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Carberp.C variant outbound connection (malware-cnc.rules)
 * 1:19042 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.ACQE variant outbound connection (malware-cnc.rules)
 * 1:19043 <-> DISABLED <-> PUA-ADWARE RogueSoftware.Win32.BestBoan outbound connection (pua-adware.rules)
 * 1:19044 <-> DISABLED <-> PUA-ADWARE RogueSoftware.Win32.ThinkPoint outbound connection (pua-adware.rules)
 * 1:19045 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Bancos.XQ variant outbound connection (malware-cnc.rules)
 * 1:19046 <-> DISABLED <-> PUA-ADWARE RogueSoftware.Win32.Winwebsec outbound connection (pua-adware.rules)
 * 1:19047 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user agent - RCleanT (malware-cnc.rules)
 * 1:19048 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Darkness variant outbound connection (malware-cnc.rules)
 * 1:19049 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Gigade variant outbound connection (malware-cnc.rules)
 * 1:1905 <-> DISABLED <-> PROTOCOL-RPC AMD UDP amqproc_mount plog overflow attempt (protocol-rpc.rules)
 * 1:19050 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banbra.fxe variant outbound connection (malware-cnc.rules)
 * 1:19052 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Httpbot.qdc variant outbound connection (malware-cnc.rules)
 * 1:19053 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Nusump.A variant outbound connection (malware-cnc.rules)
 * 1:19054 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Sisron.nelo variant outbound connection (malware-cnc.rules)
 * 1:19055 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Gosik.A registration (malware-cnc.rules)
 * 1:19056 <-> DISABLED <-> MALWARE-CNC Win.Trojan.QQFish variant outbound connection (malware-cnc.rules)
 * 1:19057 <-> DISABLED <-> MALWARE-CNC Win.Trojan.QQFish variant outbound connection (malware-cnc.rules)
 * 1:19058 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Faketube update request (malware-cnc.rules)
 * 1:19059 <-> DISABLED <-> PUA-ADWARE RogueSoftware.Win32.SystemDefragmenter outbound connection (pua-adware.rules)
 * 1:1906 <-> DISABLED <-> PROTOCOL-RPC AMD TCP amqproc_mount plog overflow attempt (protocol-rpc.rules)
 * 1:19060 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ponmocup.A variant outbound connection (malware-cnc.rules)
 * 1:19061 <-> DISABLED <-> PUA-ADWARE Adware.Win32.Cashtitan contact to server attempt (pua-adware.rules)
 * 1:19062 <-> DISABLED <-> MALWARE-CNC Win.Trojan.FakePlus variant outbound connection (malware-cnc.rules)
 * 1:19063 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Movie Maker string size overflow attempt (file-multimedia.rules)
 * 1:19064 <-> DISABLED <-> FILE-OTHER Microsoft OpenType font index remote code execution attempt (file-other.rules)
 * 1:19065 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel with embedded Flash file attachment attempt (file-office.rules)
 * 1:19066 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel with embedded Flash file attachment attempt (file-office.rules)
 * 1:19067 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel with embedded Flash file attachment attempt (file-office.rules)
 * 1:19068 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel with embedded Flash file attachment attempt (file-office.rules)
 * 1:19069 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel with embedded Flash file attachment attempt (file-office.rules)
 * 1:1907 <-> DISABLED <-> PROTOCOL-RPC CMSD UDP CMSD_CREATE buffer overflow attempt (protocol-rpc.rules)
 * 1:19070 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel with embedded Flash file attachment attempt (file-office.rules)
 * 1:19071 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules)
 * 1:19072 <-> DISABLED <-> SERVER-OTHER RealNetworks Helix Server NTLM authentication heap overflow attempt (server-other.rules)
 * 1:19073 <-> DISABLED <-> SERVER-OTHER Squid Proxy Expect header null pointer denial of service attempt (server-other.rules)
 * 1:19074 <-> DISABLED <-> INDICATOR-OBFUSCATION javascript uuencoded noop sled attempt (indicator-obfuscation.rules)
 * 1:19075 <-> DISABLED <-> INDICATOR-OBFUSCATION javascript uuencoded eval statement (indicator-obfuscation.rules)
 * 1:19076 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox appendChild use-after-free attempt (browser-firefox.rules)
 * 1:19077 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox appendChild use-after-free attempt (browser-firefox.rules)
 * 1:19078 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox html tag attributes memory corruption (browser-firefox.rules)
 * 1:19079 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer getElementById object corruption (browser-ie.rules)
 * 1:1908 <-> DISABLED <-> PROTOCOL-RPC CMSD TCP CMSD_CREATE buffer overflow attempt (protocol-rpc.rules)
 * 1:19080 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules)
 * 1:19081 <-> DISABLED <-> INDICATOR-OBFUSCATION known suspicious decryption routine (indicator-obfuscation.rules)
 * 1:19082 <-> DISABLED <-> FILE-PDF Adobe Flash Player memory corruption attempt (file-pdf.rules)
 * 1:19083 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules)
 * 1:19084 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS style memory corruption attempt (browser-ie.rules)
 * 1:19085 <-> DISABLED <-> BROWSER-PLUGINS LEADTOOLS Raster Twain LtocxTwainu.dll ActiveX clsid access (browser-plugins.rules)
 * 1:19086 <-> DISABLED <-> BROWSER-PLUGINS LEADTOOLS Raster Twain LtocxTwainu.dll ActiveX function call (browser-plugins.rules)
 * 1:19087 <-> DISABLED <-> SERVER-OTHER CA Discovery Service Overflow Attempt (server-other.rules)
 * 1:19088 <-> DISABLED <-> SERVER-OTHER CA Discovery Service Overflow Attempt (server-other.rules)
 * 1:19089 <-> DISABLED <-> SERVER-OTHER CA Discovery Service Overflow Attempt (server-other.rules)
 * 1:1909 <-> DISABLED <-> PROTOCOL-RPC CMSD TCP CMSD_INSERT buffer overflow attempt (protocol-rpc.rules)
 * 1:19090 <-> DISABLED <-> SERVER-OTHER CA Discovery Serice Overflow Attempt (server-other.rules)
 * 1:19091 <-> DISABLED <-> SERVER-OTHER OpenSSL ssl3_get_key_exchange use-after-free attempt (server-other.rules)
 * 1:19092 <-> DISABLED <-> SERVER-OTHER OpenSSL ssl3_get_key_exchange use-after-free attempt (server-other.rules)
 * 1:19093 <-> DISABLED <-> SERVER-MYSQL Database unique set column denial of service attempt (server-mysql.rules)
 * 1:19094 <-> DISABLED <-> SERVER-MYSQL Database unique set column denial of service attempt (server-mysql.rules)
 * 1:19095 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit CSS Charset Text transformation code execution attempt (browser-webkit.rules)
 * 1:19096 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit CSS Charset Text transformation code execution attempt (browser-webkit.rules)
 * 1:19097 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit ContentEditable code execution attempt (browser-webkit.rules)
 * 1:19098 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari Webkit ContentEditable code exeuction attempt (browser-webkit.rules)
 * 1:19099 <-> DISABLED <-> BROWSER-WEBKIT Apple Safari CSS font format corruption attempt (browser-webkit.rules)
 * 1:1910 <-> DISABLED <-> PROTOCOL-RPC CMSD udp CMSD_INSERT buffer overflow attempt (protocol-rpc.rules)
 * 1:19100 <-> DISABLED <-> FILE-JAVA Oracle Java Soundbank resource name overflow attempt (file-java.rules)
 * 1:19101 <-> DISABLED <-> SERVER-ORACLE Oracle Java Web Server Admin Server denial of service attempt (server-oracle.rules)
 * 1:19102 <-> DISABLED <-> BROWSER-PLUGINS Symantec CLIProxy.dll ActiveX clsid access (browser-plugins.rules)
 * 1:19103 <-> DISABLED <-> BROWSER-PLUGINS Symantec CLIProxy.dll ActiveX function call access (browser-plugins.rules)
 * 1:19104 <-> DISABLED <-> SERVER-OTHER HP OpenView Storage Data Protector Cell Manager heap overflow attempt (server-other.rules)
 * 1:19105 <-> DISABLED <-> SERVER-OTHER HP Data Protector Manager MMD service buffer overflow attempt (server-other.rules)
 * 1:19106 <-> DISABLED <-> MALWARE-OTHER Keylogger Ardamax keylogger runtime detection - http (malware-other.rules)
 * 1:19107 <-> DISABLED <-> SERVER-APACHE Apache mod_isapi dangling pointer code execution attempt (server-apache.rules)
 * 1:19108 <-> DISABLED <-> BROWSER-PLUGINS SonicWall Aventail EPInstaller ActiveX clsid access (browser-plugins.rules)
 * 1:19109 <-> DISABLED <-> BROWSER-PLUGINS SonicWall Aventail EPInstaller ActiveX function call access (browser-plugins.rules)
 * 1:1911 <-> DISABLED <-> PROTOCOL-RPC sadmind UDP NETMGT_PROC_SERVICE CLIENT_DOMAIN overflow attempt (protocol-rpc.rules)
 * 1:19110 <-> DISABLED <-> SERVER-WEBAPP IBM Rational Quality Manager and Test Lab Manager policy bypass attempt (server-webapp.rules)
 * 1:19111 <-> DISABLED <-> FILE-FLASH Adobe Flash Media Server memory exhaustion (file-flash.rules)
 * 1:19112 <-> DISABLED <-> FILE-OTHER Adobe Shockwave 3D stucture heap overflow (file-other.rules)
 * 1:19113 <-> DISABLED <-> FILE-OTHER Adobe Shockwave 3D structure opcode 81 overflow attempt (file-other.rules)
 * 1:19114 <-> DISABLED <-> FILE-OTHER Adobe Shockwave 3D structure opcode 45 overflow attempt (file-other.rules)
 * 1:19115 <-> DISABLED <-> FILE-OTHER Adobe Shockwave 3D structure opcode 89 overflow attempt (file-other.rules)
 * 1:19116 <-> DISABLED <-> SERVER-OTHER IBM Tivoli Storage Manager FastBack mount service code execution attempt (server-other.rules)
 * 1:19117 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed U3D integer overflow (file-pdf.rules)
 * 1:19118 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader script injection vulnerability (file-pdf.rules)
 * 1:19119 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ATMFD font driver remote code execution attempt (os-windows.rules)
 * 1:1912 <-> DISABLED <-> PROTOCOL-RPC sadmind TCP NETMGT_PROC_SERVICE CLIENT_DOMAIN overflow attempt (protocol-rpc.rules)
 * 1:19120 <-> DISABLED <-> SERVER-OTHER IBM Informix DBINFO stack buffer overflow (server-other.rules)
 * 1:19121 <-> DISABLED <-> SERVER-OTHER IBM Informix EXPLAIN stack buffer overflow attempt (server-other.rules)
 * 1:19122 <-> DISABLED <-> POLICY-SPAM appledownload.com known spam email attempt (policy-spam.rules)
 * 1:19123 <-> DISABLED <-> MALWARE-CNC Dropper Win.Trojan.Cefyns.A variant outbound connection (malware-cnc.rules)
 * 1:19124 <-> DISABLED <-> SERVER-APACHE Apache mod_isapi dangling pointer exploit attempt (server-apache.rules)
 * 1:19125 <-> DISABLED <-> PROTOCOL-DNS ISC BIND DNSSEC authority response record overflow attempt (protocol-dns.rules)
 * 1:19126 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer IVR handling heap buffer overflow attempt (file-multimedia.rules)
 * 1:19127 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer IVR handling heap buffer overflow attempt (file-multimedia.rules)
 * 1:19128 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer REC file magic detected (file-identify.rules)
 * 1:19129 <-> ENABLED <-> FILE-IDENTIFY RealNetworks Realplayer .r1m file magic detected (file-identify.rules)
 * 1:1913 <-> DISABLED <-> PROTOCOL-RPC STATD UDP stat mon_name format string exploit attempt (protocol-rpc.rules)
 * 1:19130 <-> DISABLED <-> FILE-IMAGE Microsoft Windows Paint jpeg with malformed SOFx field integer overflow attempt (file-image.rules)
 * 1:19131 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RTD buffer overflow attempt (file-office.rules)
 * 1:19132 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RTD buffer overflow attempt (file-office.rules)
 * 1:19133 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel EntExU2 write access violation attempt (file-office.rules)
 * 1:19134 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel PtgExtraArray data parsing vulnerability exploit attempt (file-office.rules)
 * 1:19135 <-> DISABLED <-> MALWARE-BACKDOOR Win.Trojan.Buterat Checkin (malware-backdoor.rules)
 * 1:19136 <-> DISABLED <-> SERVER-WEBAPP CA XOsoft Multiple Products entry_point.aspx buffer overflow attempt (server-webapp.rules)
 * 1:19137 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM getnnmdata.exe CGI ICount parameter buffer overflow attempt (server-webapp.rules)
 * 1:19138 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM getnnmdata.exe CGI hostname parameter buffer overflow attempt (server-webapp.rules)
 * 1:19139 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM getnnmdata.exe CGI MaxAge parameter buffer overflow attempt (server-webapp.rules)
 * 1:1914 <-> DISABLED <-> PROTOCOL-RPC STATD TCP stat mon_name format string exploit attempt (protocol-rpc.rules)
 * 1:19140 <-> DISABLED <-> SERVER-WEBAPP HP OpenView NNM snmpviewer.exe CGI parameter buffer overflow attempt (server-webapp.rules)
 * 1:19141 <-> DISABLED <-> FILE-OFFICE Microsoft Access Wizard control memory corruption ActiveX clsid access (file-office.rules)
 * 1:19142 <-> DISABLED <-> SERVER-WEBAPP Symantec IM Manager IMAdminScheduleReport.asp SQL injection attempt (server-webapp.rules)
 * 1:19143 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media Player JPG header record mismatch memory corruption attempt (file-multimedia.rules)
 * 1:19144 <-> DISABLED <-> FILE-OTHER Microsoft Windows MPEG Layer-3 audio heap corruption attempt (file-other.rules)
 * 1:19145 <-> DISABLED <-> FILE-FLASH Adobe Flash Player newfunction memory corruption attempt (file-flash.rules)
 * 1:19146 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows DirectX quartz.dll MJPEG content processing memory corruption attempt (file-multimedia.rules)
 * 1:19147 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer outerHTML against incomplete element heap corruption attempt (browser-ie.rules)
 * 1:19148 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash Player SWF file MP4 data parsing memory corruption attempt (file-multimedia.rules)
 * 1:19149 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer malformed table tag memory corruption attempt (browser-ie.rules)
 * 1:1915 <-> DISABLED <-> PROTOCOL-RPC STATD UDP monitor mon_name format string exploit attempt (protocol-rpc.rules)
 * 1:19150 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer malformed table tag memory corruption attempt (browser-ie.rules)
 * 1:19151 <-> DISABLED <-> BROWSER-PLUGINS Trend Micro HouseCall ActiveX clsid access (browser-plugins.rules)
 * 1:19152 <-> DISABLED <-> BROWSER-PLUGINS Trend Micro HouseCall ActiveX function call access (browser-plugins.rules)
 * 1:19153 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word malformed index code execution attempt (file-office.rules)
 * 1:19154 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel PtgExtraArray parsing attempt (file-office.rules)
 * 1:19155 <-> DISABLED <-> SERVER-WEBAPP HP Data Protector Media Operations SignInName Parameter overflow attempt (server-webapp.rules)
 * 1:19156 <-> DISABLED <-> FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (file-office.rules)
 * 1:19158 <-> DISABLED <-> POLICY-OTHER HP Universal CMDB server axis2 service upload attempt (policy-other.rules)
 * 1:19159 <-> DISABLED <-> SERVER-OTHER HP Data Protector Manager RDS attempt (server-other.rules)
 * 1:1916 <-> DISABLED <-> PROTOCOL-RPC STATD TCP monitor mon_name format string exploit attempt (protocol-rpc.rules)
 * 1:19160 <-> DISABLED <-> SERVER-OTHER NetSupport Manager client buffer overflow attempt (server-other.rules)
 * 1:19161 <-> DISABLED <-> SERVER-OTHER NetSupport Manager client buffer overflow attempt (server-other.rules)
 * 1:19162 <-> DISABLED <-> SERVER-ORACLE get_domain_index_metadata privilege escalation attempt (server-oracle.rules)
 * 1:19163 <-> DISABLED <-> SERVER-ORACLE get_v2_domain_index_tables privilege escalation attempt (server-oracle.rules)
 * 1:19164 <-> DISABLED <-> MALWARE-CNC Win.Trojan.SpyEye variant outbound connection (malware-cnc.rules)
 * 1:19165 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string Microsoft Internet Explorer (malware-cnc.rules)
 * 1:19166 <-> ENABLED <-> FILE-IDENTIFY Microsoft Office Excel file magic detected (file-identify.rules)
 * 1:19167 <-> DISABLED <-> PROTOCOL-VOIP Digium Asterisk UDPTL processing overflow attempt (protocol-voip.rules)
 * 1:19168 <-> DISABLED <-> SERVER-WEBAPP Oracle GoldenGate Veridata Server soap request overflow attempt (server-webapp.rules)
 * 1:19169 <-> DISABLED <-> FILE-MULTIMEDIA RealNetworks RealPlayer vidplin.dll avi header parsing execution attempt (file-multimedia.rules)
 * 1:1917 <-> DISABLED <-> INDICATOR-SCAN UPnP service discover attempt (indicator-scan.rules)
 * 1:19170 <-> DISABLED <-> FILE-OTHER Microsoft Windows .NET Framework XAML browser applications stack corruption (file-other.rules)
 * 1:19171 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 ieshims.dll dll-load exploit attempt (browser-ie.rules)
 * 1:19172 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 ieshims.dll dll-load exploit attempt (browser-ie.rules)
 * 1:19173 <-> DISABLED <-> PROTOCOL-RPC CDE Calendar Manager service memory corruption attempt (protocol-rpc.rules)
 * 1:19174 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Vista feed headlines cross-site scripting attack attempt (os-windows.rules)
 * 1:19175 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious User-Agent wget 3.0 (malware-cnc.rules)
 * 1:19176 <-> DISABLED <-> SERVER-WEBAPP cookiejacking attempt (server-webapp.rules)
 * 1:19177 <-> DISABLED <-> SERVER-WEBAPP cookiejacking attempt (server-webapp.rules)
 * 1:19178 <-> DISABLED <-> FILE-FLASH Adobe Flash Player cross-site request forgery attempt (file-flash.rules)
 * 1:19179 <-> DISABLED <-> FILE-FLASH Adobe Flash Player cross-site request forgery attempt (file-flash.rules)
 * 1:1918 <-> DISABLED <-> PROTOCOL-ICMP SolarWinds IP scan attempt (protocol-icmp.rules)
 * 1:19180 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel pivot item index boundary corruption attempt (file-office.rules)
 * 1:19181 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer iframe uninitialized memory corruption attempt (browser-ie.rules)
 * 1:19182 <-> DISABLED <-> SERVER-OTHER strongSwan Certificate and Identification payload overflow attempt (server-other.rules)
 * 1:19183 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS FastCGI request header buffer overflow attempt (server-iis.rules)
 * 1:19184 <-> DISABLED <-> OS-WINDOWS Microsoft Windows OLEAUT32.DLL malicious WMF file remote code execution attempt (os-windows.rules)
 * 1:19185 <-> DISABLED <-> OS-WINDOWS Microsoft Windows .NET ArraySegment escape exploit attempt (os-windows.rules)
 * 1:19186 <-> DISABLED <-> OS-WINDOWS Microsoft Certification service XSS attempt (os-windows.rules)
 * 1:19188 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (os-windows.rules)
 * 1:19189 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB-DS Trans2 Distributed File System response PathConsumed integer overflow attempt (os-windows.rules)
 * 1:1919 <-> DISABLED <-> PROTOCOL-FTP CWD overflow attempt (protocol-ftp.rules)
 * 1:19190 <-> ENABLED <-> NETBIOS SMB-DS Trans2 Distributed File System GET_DFS_REFERRAL request (netbios.rules)
 * 1:19191 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB2 zero length write attempt (os-windows.rules)
 * 1:19192 <-> DISABLED <-> SERVER-IIS Microsoft Windows IIS stack exhaustion DoS attempt (server-iis.rules)
 * 1:19193 <-> DISABLED <-> BROWSER-PLUGINS Oracle Document Capture ActiveX clsid access (browser-plugins.rules)
 * 1:19194 <-> DISABLED <-> BROWSER-PLUGINS Oracle Document Capture ActiveX function call access (browser-plugins.rules)
 * 1:19195 <-> DISABLED <-> BROWSER-PLUGINS Oracle Document Capture ActiveX function call access (browser-plugins.rules)
 * 1:19196 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ATMFD Adobe font driver remote code execution attempt (os-windows.rules)
 * 1:19197 <-> DISABLED <-> BROWSER-PLUGINS CA Internet Security Suite XMLSecDB ActiveX clsid access (browser-plugins.rules)
 * 1:19198 <-> DISABLED <-> BROWSER-PLUGINS CA Internet Security Suite XMLSecDB ActiveX function call access (browser-plugins.rules)
 * 1:19199 <-> DISABLED <-> OS-WINDOWS Smb2Create_Finalize malformed EndOfFile field exploit attempt (os-windows.rules)
 * 1:1920 <-> DISABLED <-> PROTOCOL-FTP SITE NEWER overflow attempt (protocol-ftp.rules)
 * 1:19200 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ObjBiff exploit attempt (file-office.rules)
 * 1:19201 <-> DISABLED <-> SQL waitfor delay function - possible SQL injection attempt (sql.rules)
 * 1:19202 <-> DISABLED <-> SQL declare varchar - possible SQL injection attempt (sql.rules)
 * 1:19203 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer MsgBox arbitrary code execution attempt (browser-ie.rules)
 * 1:19204 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer MsgBox arbitrary code execution attempt (browser-ie.rules)
 * 1:19205 <-> DISABLED <-> SERVER-OTHER Novell iManager Tree parameter denial of service attempt (server-other.rules)
 * 1:19206 <-> DISABLED <-> SERVER-OTHER IBM DB2 Universal Database receiveDASMessage buffer overflow attempt (server-other.rules)
 * 1:19207 <-> DISABLED <-> SERVER-OTHER Symantec Alert Management System AMSSendAlertAck stack buffer overflow attempt (server-other.rules)
 * 1:19208 <-> DISABLED <-> SERVER-OTHER Citrix Provisioning Services streamprocess.exe buffer overflow attempt (server-other.rules)
 * 1:19209 <-> DISABLED <-> SERVER-WEBAPP Symantec Alert Management System modem string buffer overflow attempt (server-webapp.rules)
 * 1:1921 <-> DISABLED <-> PROTOCOL-FTP SITE ZIPCHK overflow attempt (protocol-ftp.rules)
 * 1:19210 <-> DISABLED <-> SERVER-OTHER IBM Informix Dynamic Server set environment buffer overflow attempt (server-other.rules)
 * 1:19211 <-> ENABLED <-> FILE-IDENTIFY ZIP archive file download request (file-identify.rules)
 * 1:19213 <-> DISABLED <-> SERVER-MAIL Ipswitch IMail Server Mailing List Message Subject buffer overflow (server-mail.rules)
 * 1:19215 <-> ENABLED <-> FILE-IDENTIFY Google Chrome extension file download request (file-identify.rules)
 * 1:19216 <-> DISABLED <-> BROWSER-CHROME Google Chrome Uninitialized bug_report Pointer Code Execution (browser-chrome.rules)
 * 1:19217 <-> DISABLED <-> BROWSER-CHROME Google Chrome Uninitialized bug_report Pointer Code Execution (browser-chrome.rules)
 * 1:19218 <-> ENABLED <-> FILE-IDENTIFY Microsoft Windows Fax Cover page document file download request (file-identify.rules)
 * 1:19219 <-> DISABLED <-> FILE-OTHER Microsoft Windows Fax Services Cover Page Editor Double Free Memory Corruption (file-other.rules)
 * 1:1922 <-> DISABLED <-> PROTOCOL-RPC portmap proxy attempt TCP (protocol-rpc.rules)
 * 1:19220 <-> DISABLED <-> FILE-OTHER Microsoft Windows Fax Services Cover Page Editor Double Free Memory Corruption (file-other.rules)
 * 1:19221 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB-DS Trans2 Distributed File System response PathConsumed integer overflow attempt (os-windows.rules)
 * 1:19222 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ObjBiff validation exploit attempt (file-office.rules)
 * 1:19223 <-> DISABLED <-> SERVER-OTHER SAP Crystal Reports 2008 directory traversal attempt (server-other.rules)
 * 1:19224 <-> ENABLED <-> FILE-IDENTIFY Cisco Webex wrf file download request (file-identify.rules)
 * 1:19225 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SerAuxTrend biff record corruption attempt (file-office.rules)
 * 1:19226 <-> DISABLED <-> FILE-OTHER Cisco Webex Player .wrf stack buffer overflow (file-other.rules)
 * 1:19227 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Scenario heap memory overflow (file-office.rules)
 * 1:19228 <-> DISABLED <-> SERVER-WEBAPP Oracle Secure Backup Administration preauth variable command injection attempt (server-webapp.rules)
 * 1:19229 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SLK file excessive Picture records exploit attempt (file-office.rules)
 * 1:1923 <-> DISABLED <-> PROTOCOL-RPC portmap proxy attempt UDP (protocol-rpc.rules)
 * 1:19230 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Selection exploit attempt (file-office.rules)
 * 1:19231 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Series record exploit attempt (file-office.rules)
 * 1:19232 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel XF record exploit attempt (file-office.rules)
 * 1:19233 <-> DISABLED <-> FILE-IDENTIFY Microsoft Windows Visual Studio DISCO file download request (file-identify.rules)
 * 1:19234 <-> DISABLED <-> OS-WINDOWS Microsoft Visual Studio information disclosure attempt (os-windows.rules)
 * 1:19235 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer copy/paste memory corruption attempt (browser-ie.rules)
 * 1:19236 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer drag event memory corruption attempt (browser-ie.rules)
 * 1:19237 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (browser-ie.rules)
 * 1:19238 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 self remove from markup vulnerability (browser-ie.rules)
 * 1:19239 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 8 toStaticHTML XSS attempt (browser-ie.rules)
 * 1:1924 <-> DISABLED <-> PROTOCOL-RPC mountd UDP export request (protocol-rpc.rules)
 * 1:19240 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 6/7/8 reload stylesheet attempt (browser-ie.rules)
 * 1:19241 <-> DISABLED <-> BROWSER-IE Microsoft Windows Vector Markup Language imagedata page deconstruction attempt (browser-ie.rules)
 * 1:19242 <-> DISABLED <-> BROWSER-IE Microsoft Windows Vector Markup Language imagedata page deconstruction attempt (browser-ie.rules)
 * 1:19243 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (browser-ie.rules)
 * 1:19245 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer redirect to cdl protocol attempt (browser-ie.rules)
 * 1:19246 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CSS expression defined to empty selection attempt (browser-ie.rules)
 * 1:19247 <-> DISABLED <-> FILE-IMAGE Adobe jpeg 2000 image exploit attempt (file-image.rules)
 * 1:19248 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed U3D texture continuation integer overflow attempt (file-pdf.rules)
 * 1:19249 <-> DISABLED <-> FILE-FLASH Adobe Universal3D meshes.removeItem exploit attempt (file-flash.rules)
 * 1:1925 <-> DISABLED <-> PROTOCOL-RPC mountd TCP exportall request (protocol-rpc.rules)
 * 1:19250 <-> DISABLED <-> FILE-PDF Adobe Acrobat and Adobe Acrobat Reader U3D file include overflow attempt (file-pdf.rules)
 * 1:19251 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader CIDFont dictionary glyph width corruption attempt (file-pdf.rules)
 * 1:19252 <-> ENABLED <-> FILE-IDENTIFY language.engtesselate.ln file download request (file-identify.rules)
 * 1:19253 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malicious language.engtesselate.ln file download attempt (file-pdf.rules)
 * 1:19254 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader javascript in PDF go-to actions exploit attempt (file-pdf.rules)
 * 1:19255 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader ICC ProfileDescriptionTag overflow attempt (file-pdf.rules)
 * 1:19256 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - greenherbalteagirlholdingcup (malware-cnc.rules)
 * 1:19257 <-> DISABLED <-> FILE-FLASH Adobe ActionScript float index memory corruption attempt (file-flash.rules)
 * 1:19258 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel SxView record memory pointer corruption attempt (file-office.rules)
 * 1:19259 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel WOpt record memory corruption attempt (file-office.rules)
 * 1:1926 <-> DISABLED <-> PROTOCOL-RPC mountd UDP exportall request (protocol-rpc.rules)
 * 1:19260 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel malformed MsoDrawingObject record attempt (file-office.rules)
 * 1:19261 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel BIFF8 invalid Selection.cref exploit attempt (file-office.rules)
 * 1:19262 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript float index array memory corruption (file-flash.rules)
 * 1:19263 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript float index array memory corruption (file-flash.rules)
 * 1:19264 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript float index array memory corruption (file-flash.rules)
 * 1:19265 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (browser-ie.rules)
 * 1:19266 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (browser-ie.rules)
 * 1:19268 <-> DISABLED <-> FILE-PDF attempted download of a PDF with embedded Flash (file-pdf.rules)
 * 1:19269 <-> DISABLED <-> FILE-PDF attempted download of a PDF with embedded Flash (file-pdf.rules)
 * 1:1927 <-> DISABLED <-> PROTOCOL-FTP authorized_keys (protocol-ftp.rules)
 * 1:1928 <-> DISABLED <-> PROTOCOL-FTP shadow retrieval attempt (protocol-ftp.rules)
 * 1:19281 <-> DISABLED <-> INDICATOR-SHELLCODE x86 OS agnostic single-byte xor countodwn encoder (indicator-shellcode.rules)
 * 1:19282 <-> DISABLED <-> INDICATOR-SHELLCODE x86 OS agnostic cpuid-based context keyed encoder (indicator-shellcode.rules)
 * 1:19283 <-> DISABLED <-> INDICATOR-SHELLCODE x86 OS agnostic stat-based context keyed encoder (indicator-shellcode.rules)
 * 1:19284 <-> DISABLED <-> INDICATOR-SHELLCODE x86 OS agnostic time-based context keyed encoder (indicator-shellcode.rules)
 * 1:19285 <-> DISABLED <-> INDICATOR-SHELLCODE x86 OS agnostic non-alpha/non-upper encoder (indicator-shellcode.rules)
 * 1:19286 <-> DISABLED <-> INDICATOR-SHELLCODE x86 OS agnostic unicode uppercase encoder (indicator-shellcode.rules)
 * 1:19287 <-> DISABLED <-> INDICATOR-SHELLCODE x86 OS agnostic unicode mixed encoder (indicator-shellcode.rules)
 * 1:19288 <-> DISABLED <-> INDICATOR-SHELLCODE x86 OS agnostic unicode tolower encoder (indicator-shellcode.rules)
 * 1:19289 <-> ENABLED <-> FILE-IDENTIFY MHTML file download request (file-identify.rules)
 * 1:19290 <-> DISABLED <-> FILE-OTHER Microsoft LNK shortcut arbitary dll load attempt (file-other.rules)
 * 1:19292 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Firefox appendChild use-after-free attempt (browser-firefox.rules)
 * 1:19293 <-> DISABLED <-> FILE-FLASH Adobe Flash Player memory corruption attempt (file-flash.rules)
 * 1:19294 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel Chart Sheet Substream memory corruption attempt (file-office.rules)
 * 1:19295 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word HTML linked objects memory corruption attempt (file-office.rules)
 * 1:19296 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint improper filename remote code execution attempt (file-office.rules)
 * 1:19297 <-> ENABLED <-> SERVER-OTHER sidename.js script injection (server-other.rules)
 * 1:19298 <-> ENABLED <-> SERVER-OTHER cssminibar.js script injection (server-other.rules)
 * 1:19299 <-> ENABLED <-> SERVER-OTHER banner.txt access - possible compromised multi-mesh injection server (server-other.rules)
 * 1:1930 <-> DISABLED <-> PROTOCOL-IMAP auth literal overflow attempt (protocol-imap.rules)
 * 1:19300 <-> DISABLED <-> FILE-OTHER probable multi-mesh injection attack (file-other.rules)
 * 1:19301 <-> DISABLED <-> PROTOCOL-VOIP Expires header invalid characters detected (protocol-voip.rules)
 * 1:19302 <-> DISABLED <-> PROTOCOL-VOIP Max-Forwards header invalid characters detected (protocol-voip.rules)
 * 1:19303 <-> DISABLED <-> FILE-OFFICE Microsoft Office PowerPoint out of bounds value remote code execution attempt (file-office.rules)
 * 1:19304 <-> DISABLED <-> BROWSER-PLUGINS Oracle EasyMail ActiveX clsid access (browser-plugins.rules)
 * 1:19305 <-> DISABLED <-> BROWSER-PLUGINS Oracle EasyMail ActiveX function call access (browser-plugins.rules)
 * 1:19306 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher pubconv.dll corruption attempt (file-office.rules)
 * 1:19308 <-> DISABLED <-> FILE-OTHER Microsoft Windows embedded OpenType EOT font integer overflow attempt (file-other.rules)
 * 1:19309 <-> DISABLED <-> PUA-ADWARE hijacker starware videos outbound connection (pua-adware.rules)
 * 1:1931 <-> DISABLED <-> SERVER-WEBAPP rpc-nlog.pl access (server-webapp.rules)
 * 1:19310 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Gen3 variant outbound connection (malware-cnc.rules)
 * 1:19311 <-> DISABLED <-> PUA-ADWARE Keylogger aspy v2.12 runtime detection (pua-adware.rules)
 * 1:19312 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.aah variant outbound connection (malware-cnc.rules)
 * 1:19313 <-> DISABLED <-> SERVER-OTHER Symantec Antivirus Intel Service DoS Attempt (server-other.rules)
 * 1:19314 <-> DISABLED <-> OS-WINDOWS Groove GroovePerfmon.dll dll-load exploit attempt (os-windows.rules)
 * 1:19315 <-> DISABLED <-> OS-WINDOWS Microsoft Groove GroovePerfmon.dll dll-load exploit attempt (os-windows.rules)
 * 1:19317 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word sprmTDiagLine80 record parsing stack buffer overflow attempt (file-office.rules)
 * 1:19318 <-> DISABLED <-> MALWARE-OTHER Dos.Tool.LOIC UDP default U dun goofed attack (malware-other.rules)
 * 1:19319 <-> DISABLED <-> MALWARE-OTHER Dos.Tool.LOIC TCP default U dun goofed attack (malware-other.rules)
 * 1:1932 <-> DISABLED <-> SERVER-WEBAPP rpc-smb.pl access (server-webapp.rules)
 * 1:19320 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows AVI Header insufficient data corruption attempt (file-multimedia.rules)
 * 1:19321 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Products nsCSSValue Array Index Integer Overflow (browser-firefox.rules)
 * 1:19322 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer and SharePoint toStaticHTML information disclosure attempt (browser-ie.rules)
 * 1:19323 <-> ENABLED <-> SERVER-OTHER Novell ZENworks Handheld Management ZfHIPCND.exe buffer overflow attempt (server-other.rules)
 * 1:19324 <-> ENABLED <-> MALWARE-OTHER Keylogger WL-Keylogger inbound connection (malware-other.rules)
 * 1:19325 <-> DISABLED <-> MALWARE-OTHER Keylogger WL-Keylogger outbound connection (malware-other.rules)
 * 1:19326 <-> ENABLED <-> PUA-ADWARE Classroom Spy Professional outbound connection - initial connection (pua-adware.rules)
 * 1:19327 <-> DISABLED <-> PUA-ADWARE Classroom Spy Professional outbound connection - initial connection (pua-adware.rules)
 * 1:19328 <-> DISABLED <-> MALWARE-CNC PointGuide variant outbound connection (malware-cnc.rules)
 * 1:19329 <-> DISABLED <-> MALWARE-CNC Faceback.exe variant outbound connection (malware-cnc.rules)
 * 1:1933 <-> DISABLED <-> SERVER-WEBAPP cart.cgi access (server-webapp.rules)
 * 1:19330 <-> DISABLED <-> MALWARE-CNC Adclicker Win.Trojan.Zlob.dnz variant outbound connection (malware-cnc.rules)
 * 1:19331 <-> DISABLED <-> MALWARE-CNC Adclicker Win.Trojan.Zlob.dnz variant outbound connection (malware-cnc.rules)
 * 1:19332 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Clampi variant outbound connection (malware-cnc.rules)
 * 1:19333 <-> DISABLED <-> PROTOCOL-VOIP Content-Type header invalid format too many slashes (protocol-voip.rules)
 * 1:19334 <-> DISABLED <-> PROTOCOL-VOIP Content-Type header invalid format too many slashes (protocol-voip.rules)
 * 1:19335 <-> DISABLED <-> PROTOCOL-VOIP Content-Type header invalid format missing slash (protocol-voip.rules)
 * 1:19336 <-> DISABLED <-> PROTOCOL-VOIP Content-Type header invalid format missing slash (protocol-voip.rules)
 * 1:19337 <-> DISABLED <-> PROTOCOL-VOIP invalid SIP-Version field (protocol-voip.rules)
 * 1:19338 <-> DISABLED <-> PROTOCOL-VOIP invalid SIP-Version field (protocol-voip.rules)
 * 1:19339 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dropper Win.Trojan.Agent.alda variant outbound connection (malware-cnc.rules)
 * 1:19340 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Fakeav TREAntivirus variant outbound connection (malware-cnc.rules)
 * 1:19341 <-> DISABLED <-> MALWARE-CNC Worm MSIL.AiO.a variant outbound connection (malware-cnc.rules)
 * 1:19342 <-> DISABLED <-> MALWARE-CNC Adware Professional variant outbound connection (malware-cnc.rules)
 * 1:19343 <-> DISABLED <-> MALWARE-CNC Adware Pro variant outbound connection (malware-cnc.rules)
 * 1:19344 <-> DISABLED <-> MALWARE-CNC AntiMalware Pro variant outbound connection (malware-cnc.rules)
 * 1:19345 <-> DISABLED <-> MALWARE-CNC REAnti variant outbound connection (malware-cnc.rules)
 * 1:19346 <-> DISABLED <-> MALWARE-CNC Additional Guard variant outbound connection (malware-cnc.rules)
 * 1:19347 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Poison.banr variant outbound connection (malware-cnc.rules)
 * 1:19348 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader Win.Trojan.FraudLoad.emq variant outbound connection (malware-cnc.rules)
 * 1:19349 <-> DISABLED <-> MALWARE-CNC Fakeav Vaccineclear variant outbound connection (malware-cnc.rules)
 * 1:19351 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Clicker Win.Trojan.Hatigh.C variant outbound connection (malware-cnc.rules)
 * 1:19352 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Small.D variant outbound connection (malware-cnc.rules)
 * 1:19353 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.bkhu variant outbound connection (malware-cnc.rules)
 * 1:19354 <-> DISABLED <-> MALWARE-BACKDOOR Win.Trojan.Agent.bhxn variant outbound connection (malware-backdoor.rules)
 * 1:19356 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Fibbit.ax variant outbound connection (malware-cnc.rules)
 * 1:19357 <-> DISABLED <-> MALWARE-CNC Win.Worm.Sohanad.ila variant outbound connection (malware-cnc.rules)
 * 1:19358 <-> DISABLED <-> MALWARE-CNC Win.Trojan.XYTvn.A variant outbound connection (malware-cnc.rules)
 * 1:19359 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dcbavict.A variant outbound connection (malware-cnc.rules)
 * 1:1936 <-> DISABLED <-> PROTOCOL-POP AUTH overflow attempt (protocol-pop.rules)
 * 1:19360 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dcbavict.A variant outbound connection (malware-cnc.rules)
 * 1:19361 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dcbavict.A variant outbound connection (malware-cnc.rules)
 * 1:19362 <-> DISABLED <-> MALWARE-OTHER generic IRC botnet connection (malware-other.rules)
 * 1:19363 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dorkbot.B variant outbound connection (malware-cnc.rules)
 * 1:19364 <-> DISABLED <-> PROTOCOL-VOIP Time Stop header invalid value (protocol-voip.rules)
 * 1:19365 <-> DISABLED <-> PROTOCOL-VOIP Time Stop Header invalid value (protocol-voip.rules)
 * 1:19366 <-> DISABLED <-> MALWARE-CNC Win.Trojan.HXWAN.A variant outbound connection (malware-cnc.rules)
 * 1:19367 <-> DISABLED <-> MALWARE-CNC Win.Worm.Vaubeg.A variant outbound connection (malware-cnc.rules)
 * 1:19368 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Carberp.D variant outbound connection (malware-cnc.rules)
 * 1:19369 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Carberp.D variant outbound connection (malware-cnc.rules)
 * 1:1937 <-> DISABLED <-> PROTOCOL-POP LIST overflow attempt (protocol-pop.rules)
 * 1:19370 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Carberp.D variant outbound connection (malware-cnc.rules)
 * 1:19371 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.IC variant outbound connection (malware-cnc.rules)
 * 1:19372 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string javasw - Trojan.Banload (malware-cnc.rules)
 * 1:19373 <-> DISABLED <-> PROTOCOL-VOIP Origin header overflow attempt (protocol-voip.rules)
 * 1:19374 <-> DISABLED <-> PROTOCOL-VOIP Origin header overflow attempt (protocol-voip.rules)
 * 1:19375 <-> DISABLED <-> PROTOCOL-VOIP Origin header format string attempt (protocol-voip.rules)
 * 1:19376 <-> DISABLED <-> PROTOCOL-VOIP Origin header format string attempt (protocol-voip.rules)
 * 1:19377 <-> DISABLED <-> PROTOCOL-VOIP Origin invalid header (protocol-voip.rules)
 * 1:19378 <-> DISABLED <-> PROTOCOL-VOIP Origin invalid header (protocol-voip.rules)
 * 1:19379 <-> DISABLED <-> PROTOCOL-VOIP Session Name header overflow attempt (protocol-voip.rules)
 * 1:1938 <-> DISABLED <-> PROTOCOL-POP XTND overflow attempt (protocol-pop.rules)
 * 1:19380 <-> DISABLED <-> PROTOCOL-VOIP Session Name header overflow attempt (protocol-voip.rules)
 * 1:19381 <-> DISABLED <-> PROTOCOL-VOIP Session Name header format string attempt (protocol-voip.rules)
 * 1:19382 <-> DISABLED <-> PROTOCOL-VOIP Session Name header format string attempt (protocol-voip.rules)
 * 1:19383 <-> DISABLED <-> PROTOCOL-VOIP Session Name invalid header attempt (protocol-voip.rules)
 * 1:19384 <-> DISABLED <-> PROTOCOL-VOIP Session Name invalid header attempt (protocol-voip.rules)
 * 1:19385 <-> DISABLED <-> PROTOCOL-VOIP Media header description field overflow attempt (protocol-voip.rules)
 * 1:19386 <-> DISABLED <-> PROTOCOL-VOIP Media header description field overflow attempt (protocol-voip.rules)
 * 1:19387 <-> DISABLED <-> PROTOCOL-VOIP Media header description field format string attempt (protocol-voip.rules)
 * 1:19388 <-> DISABLED <-> PROTOCOL-VOIP Media header description field format string attempt (protocol-voip.rules)
 * 1:19389 <-> DISABLED <-> PROTOCOL-VOIP SIP REGISTER flood attempt (protocol-voip.rules)
 * 1:1939 <-> DISABLED <-> SERVER-OTHER bootp hardware address length overflow (server-other.rules)
 * 1:19391 <-> DISABLED <-> PUA-ADWARE Lost Door v3.0 (pua-adware.rules)
 * 1:19392 <-> ENABLED <-> MALWARE-OTHER Keylogger Monitor.win32.perflogger (malware-other.rules)
 * 1:19393 <-> DISABLED <-> MALWARE-OTHER Keylogger Monitor.win32.perflogger (malware-other.rules)
 * 1:19394 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Tidserv variant outbound connection (malware-cnc.rules)
 * 1:19395 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader Win.Trojan.Monkif.J inbound connection - dest ip infected (malware-cnc.rules)
 * 1:19396 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Beastdoor.b variant outbound connection (malware-cnc.rules)
 * 1:19397 <-> DISABLED <-> MALWARE-CNC Win.Trojan.UltimateDefender.xv variant outbound connection (malware-cnc.rules)
 * 1:19398 <-> DISABLED <-> MALWARE-CNC Win.Trojan.BAT.Shutdown.ef variant outbound connection (malware-cnc.rules)
 * 1:19399 <-> DISABLED <-> MALWARE-CNC Email Worm Win32.Zhelatin.ch variant outbound connection (malware-cnc.rules)
 * 1:1940 <-> DISABLED <-> SERVER-OTHER bootp invalid hardware type (server-other.rules)
 * 1:19400 <-> DISABLED <-> MALWARE-CNC Win.Worm.Sddrop.D variant outbound connection (malware-cnc.rules)
 * 1:19401 <-> DISABLED <-> MALWARE-CNC Win.Worm.Sddrop.D variant outbound connection (malware-cnc.rules)
 * 1:19402 <-> DISABLED <-> MALWARE-CNC P2P Worm.Win32.Malas.r variant outbound connection (malware-cnc.rules)
 * 1:19403 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows AVI cinepak codec decompression remote code execution attempt (file-multimedia.rules)
 * 1:19404 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ozdok variant outbound connection (malware-cnc.rules)
 * 1:19405 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook SMB attach by reference code execution attempt (file-office.rules)
 * 1:19408 <-> DISABLED <-> FILE-FLASH Adobe Flash Player newfunction memory corruption exploit attempt (file-flash.rules)
 * 1:19409 <-> DISABLED <-> PROTOCOL-VOIP INVITE message URI contains global broadcast address (protocol-voip.rules)
 * 1:1941 <-> DISABLED <-> PROTOCOL-TFTP GET filename overflow attempt (protocol-tftp.rules)
 * 1:19410 <-> DISABLED <-> PROTOCOL-VOIP INVITE message URI contains global broadcast address (protocol-voip.rules)
 * 1:19411 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Cross-Domain information disclosure attempt (browser-ie.rules)
 * 1:19412 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel RealTimeData record parsing memory corruption (file-office.rules)
 * 1:19413 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher 2007 and earlier stack buffer overflow attempt (file-office.rules)
 * 1:19414 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher 2007 and earlier stack buffer overflow attempt (file-office.rules)
 * 1:19415 <-> DISABLED <-> MALWARE-CNC vsFTPd 2.3.4 backdoor connection (malware-cnc.rules)
 * 1:19416 <-> DISABLED <-> OS-MOBILE Apple iOS 4.3.3 jailbreak for iPad download attempt (os-mobile.rules)
 * 1:19417 <-> DISABLED <-> OS-MOBILE Apple iOS 4.3.3 jailbreak for iPad download attempt (os-mobile.rules)
 * 1:19418 <-> DISABLED <-> OS-MOBILE Apple iOS 4.3.3 jailbreak for iPhone download attempt (os-mobile.rules)
 * 1:19419 <-> DISABLED <-> OS-MOBILE Apple iOS 4.3.3 jailbreak for iPod download attempt (os-mobile.rules)
 * 1:1942 <-> DISABLED <-> PROTOCOL-FTP RMDIR overflow attempt (protocol-ftp.rules)
 * 1:19420 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player Subtitle StripTags Heap Buffer Overflow (file-multimedia.rules)
 * 1:19421 <-> DISABLED <-> FILE-MULTIMEDIA VideoLAN VLC Media Player Subtitle StripTags Heap Buffer Overflow (file-multimedia.rules)
 * 1:19422 <-> ENABLED <-> FILE-IDENTIFY matroska file magic detected (file-identify.rules)
 * 1:19423 <-> ENABLED <-> FILE-IDENTIFY MKV file download request (file-identify.rules)
 * 1:19424 <-> ENABLED <-> FILE-IDENTIFY MKA file download request (file-identify.rules)
 * 1:19425 <-> ENABLED <-> FILE-IDENTIFY MKS file download request (file-identify.rules)
 * 1:19426 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader Win.Trojan.Crypter.i variant outbound connection (malware-cnc.rules)
 * 1:19427 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.amjz variant outbound connection (malware-cnc.rules)
 * 1:19428 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader Win.Trojan.Adload.BG variant outbound connection (malware-cnc.rules)
 * 1:19429 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Proxy Win.Trojan.Dosenjo.C variant outbound connection (malware-cnc.rules)
 * 1:1943 <-> DISABLED <-> SERVER-WEBAPP /Carello/add.exe access (server-webapp.rules)
 * 1:19430 <-> ENABLED <-> FILE-IDENTIFY MIDI file download request (file-identify.rules)
 * 1:19431 <-> DISABLED <-> FILE-MULTIMEDIA Nullsoft Winamp MIDI Timestamp buffer overflow attempt (file-multimedia.rules)
 * 1:19432 <-> DISABLED <-> FILE-MULTIMEDIA Nullsoft Winamp MIDI Timestamp buffer overflow attempt (file-multimedia.rules)
 * 1:19433 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Fujacks.aw variant outbound connection (malware-cnc.rules)
 * 1:19434 <-> DISABLED <-> MALWARE-CNC User-Agent known malicious user-agent string ErrCode (malware-cnc.rules)
 * 1:19435 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Litmus.203 variant outbound connection (malware-cnc.rules)
 * 1:19436 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CStyleSheetRule array memory corruption attempt (browser-ie.rules)
 * 1:19437 <-> DISABLED <-> INDICATOR-OBFUSCATION select concat statement - possible sql injection (indicator-obfuscation.rules)
 * 1:19438 <-> ENABLED <-> SQL url ending in comment characters - possible sql injection attempt (sql.rules)
 * 1:19439 <-> ENABLED <-> SQL 1 = 1 - possible sql injection attempt (sql.rules)
 * 1:1944 <-> DISABLED <-> SERVER-WEBAPP /ecscripts/ecware.exe access (server-webapp.rules)
 * 1:19440 <-> ENABLED <-> SQL 1 = 0 - possible sql injection attempt (sql.rules)
 * 1:19441 <-> DISABLED <-> SERVER-WEBAPP Oracle Virtual Server Agent command injection attempt (server-webapp.rules)
 * 1:19442 <-> DISABLED <-> FILE-OFFICE Microsoft Office embedded Office Art drawings execution attempt (file-office.rules)
 * 1:19444 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media sample duration header RCE attempt (file-multimedia.rules)
 * 1:19445 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media Timecode header RCE attempt (file-multimedia.rules)
 * 1:19446 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media file name header RCE attempt (file-multimedia.rules)
 * 1:19447 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media content type header RCE attempt (file-multimedia.rules)
 * 1:19448 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media pixel aspect ratio header RCE attempt (file-multimedia.rules)
 * 1:19449 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media encryption sample ID header RCE attempt (file-multimedia.rules)
 * 1:19450 <-> DISABLED <-> FILE-MULTIMEDIA Microsoft Windows Media encryption sample ID header RCE attempt (file-multimedia.rules)
 * 1:19451 <-> DISABLED <-> SERVER-OTHER Oracle VM server agent command injection (server-other.rules)
 * 1:19452 <-> DISABLED <-> SERVER-OTHER Oracle VM server agent command injection (server-other.rules)
 * 1:19453 <-> DISABLED <-> PUA-ADWARE Sus.BancDI-B trojan outbound connection (pua-adware.rules)
 * 1:19454 <-> DISABLED <-> MALWARE-CNC Win.Trojan.PWS.Win32.QQPass.IK variant outbound connection (malware-cnc.rules)
 * 1:19455 <-> DISABLED <-> MALWARE-CNC Worm.Win32.AutoRun.aw variant outbound connection (malware-cnc.rules)
 * 1:19456 <-> DISABLED <-> MALWARE-CNC Packed.Win32.Klone.bj variant outbound connection (malware-cnc.rules)
 * 1:19457 <-> DISABLED <-> MALWARE-CNC Trojan-Clicker.Win32.Vesloruki.ajb variant outbound connection (malware-cnc.rules)
 * 1:19458 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word sprmCMajority record buffer overflow attempt (file-office.rules)
 * 1:19459 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word sprmCMajority record buffer overflow attempt (file-office.rules)
 * 1:1946 <-> DISABLED <-> SERVER-WEBAPP answerbook2 admin attempt (server-webapp.rules)
 * 1:19460 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CSRSS multiple consoles on a single process attempt (os-windows.rules)
 * 1:19461 <-> DISABLED <-> OS-WINDOWS Microsoft CSRSS NULL Fontface pointer attempt (os-windows.rules)
 * 1:19462 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CSRSS negative array index code execution attempt (os-windows.rules)
 * 1:19463 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CSRSS double free attempt (os-windows.rules)
 * 1:19464 <-> DISABLED <-> OS-WINDOWS Microsoft CSRSS integer overflow attempt (os-windows.rules)
 * 1:19465 <-> DISABLED <-> OS-WINDOWS Visio mfc71 dll-load attempt (os-windows.rules)
 * 1:19466 <-> DISABLED <-> FILE-OFFICE Microsoft Office Visio mfc71 dll-load exploit attempt (file-office.rules)
 * 1:19467 <-> DISABLED <-> OS-WINDOWS Microsoft CSRSS NULL Fontface pointer attempt (os-windows.rules)
 * 1:19468 <-> DISABLED <-> OS-WINDOWS Microsoft stale data code execution attempt (os-windows.rules)
 * 1:19469 <-> DISABLED <-> OS-WINDOWS Microsoft invalid message kernel-mode memory disclosure attempt (os-windows.rules)
 * 1:1947 <-> DISABLED <-> SERVER-WEBAPP answerbook2 arbitrary command execution attempt (server-webapp.rules)
 * 1:19471 <-> DISABLED <-> POLICY-OTHER dnstunnel v0.5 outbound traffic detected (policy-other.rules)
 * 1:19472 <-> DISABLED <-> POLICY-OTHER proxytunnel proxy connection detected (policy-other.rules)
 * 1:19473 <-> DISABLED <-> POLICY-OTHER stunnel proxy connection detected (policy-other.rules)
 * 1:19474 <-> DISABLED <-> POLICY-OTHER hamachi VPN outbound traffic detected (policy-other.rules)
 * 1:19475 <-> DISABLED <-> POLICY-OTHER proxycgi proxy connection detected (policy-other.rules)
 * 1:19476 <-> DISABLED <-> MALWARE-CNC Exploit.Win32.SqlShell.r variant outbound connection (malware-cnc.rules)
 * 1:19477 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Krap.af variant outbound connection (malware-cnc.rules)
 * 1:19478 <-> DISABLED <-> MALWARE-CNC Worm.Win32.Taterf.B variant outbound connection (malware-cnc.rules)
 * 1:19479 <-> DISABLED <-> MALWARE-CNC Net-Worm.Win32.Piloyd.m variant